Experimenting with Stealer Logs in Have I Been Pwned
TL;DR — Email addresses in stealer logs can now be queried in HIBP...
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS – Sophos News
Back in August 2022, Sophos X-Ops published a white paper on multiple attackers – that is, adversaries targeting the same organizations multiple times. One...
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
î ‚Jan 13, 2025î „Ravie LakshmananVulnerability / Cloud Security
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation...
The Sophos Active Adversary Report – Sophos News
It’s not news that 2024 has been a tumultuous year on many fronts. For our second Active Adversary Report of 2024, we’re looking specifically...
The EAGERBEE backdoor may be related to the CoughingDown actor
Introduction
In our recent investigation into the EAGERBEE backdoor, we found that it was being deployed at ISPs and governmental entities in the Middle East....
Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics [Guest Diary]
Introduction
From August to November 2024, my honeypot has captured a wide array of malicious content. In this analysis, I will focus on a specific...
