Skip to Content
Get started
Open search
Focus Scroll Background

active adversary

RSS
It takes two: The 2025 Sophos Active Adversary Report

Security Operations

Threat Research

active adversary

Active Adversary Report

Compromised Credentials

detection

dwell time

Featured

impact

incident response

LOLBIN

MFA

Monitoring

RDP

Remote Ransomware

root cause

It takes two: The 2025 Sophos Active Adversary Report

April 2, 2025

Active Adversary Report

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

IR

LoLBINs

MDR

RDP

The Bite from Inside: The Sophos Active Adversary Report

December 12, 2024

lightbulbs in combat

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

RDP

Sophos X-Ops

RD Web Access abuse: Fighting back

June 12, 2024

hourglass on laptop

Threat Research

active adversary

Active Adversary Report

Case Study

featured

incident response

RDP

Sophos X-Ops

It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024

April 3, 2024

Remote Desktop Protocol: The Series

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: The Series

March 20, 2024

The song remains the same: The 2023 Active Adversary Report for Security Practitioners

Threat Research

active adversary

Active Adversary Report

dwell time

featured

incident response

LoLBINs

MDR

practitioners

tools

The song remains the same: The 2023 Active Adversary Report for Security Practitioners

November 14, 2023

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

Threat Research

active adversary

Active Adversary Report

Active Directory

attribution

detection

dwell time

featured

incident response

MFA

MTR

RDP

Sophos X-Ops

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

August 23, 2023

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

Threat Research

active adversary

Active Adversary Report

CoinMiner

Conti

data breach

exfiltration

extortion

featured

incident response

loader

Lockbit

Ransomware

Sophos X-Ops

Web shells

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

April 25, 2023

lanternfish-with-spikes-facing-right

Threat Research

act

active adversary

anti-EDR

AuKill

backstab

EDR

EDR killer

featured

malware

Process Explorer

procexp

Sophos X-Ops

targeted attacks

‘AuKill’ EDR killer malware abuses Process Explorer driver

April 19, 2023