Active Adversary Playbook Archives

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

by unitedimaging on April 25, 2023

A deep dive into over 150 incident-response cases reveals both attackers and defenders picking up the pace Contact us today for more information about SOPHOS cyber security solutions

‘AuKill’ EDR killer malware abuses Process Explorer driver

by unitedimaging on April 19, 2023

Driver-based attacks against security products are on the rise Contact us today for more information about SOPHOS cyber security solutions

Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack

by unitedimaging on August 10, 2022

After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point. Contact […]

Multiple attackers increase pressure on victims, complicate incident response

by unitedimaging on August 9, 2022

Sophos’ latest Active Adversary report explores the issue of organizations being hit multiple times by attackers Contact us today for more information about SOPHOS cyber security solutions

Active Adversary Playbook 2022 Insights: Web Shells

by unitedimaging on June 22, 2022

Public proofs-of-concept of web shell exploits coincide with major spikes in attacks. Contact us today for more information about SOPHOS cyber security solutions

Move fast, unbreak things: About the Sophos Active Adversary Playbook 2022

by unitedimaging on June 7, 2022

Our latest report shows that the most pleasant way to learn from Rapid Response mayhem is to read about how it worked out for someone else Contact us today for […]