The Hackers Who Left Their Entire Playbook Online
A ransomware group called Warlock tore through more than 60 organisations in six months, targeting the nuclear energy, aerospace, and government sectors. They chain zero-days and neutralise antivirus software using signed Chinese drivers. This is how they operate and how the Sophos CTU tracked them across eleven incidents to expose their full playbook
Read more:
https://www.sophos.com/en-us/blog/gold-salems-warlock-operation-joins-busy-ransomware-landscape
If you want to know more here's the original report or you can explore all our recent research via the X-Ops NotebookLM (google account required) https://notebooklm.google.com/notebook/de529ec9-f4fb-432f-bb92-90d1430cb9e9