The Latest Sophos News
Product and Solution Information, Press Releases, Announcements

The techniques feature a multi-stage process where a .NET downloader grabs chunks of malware from legitimate third-party websites such as pastebin and hastebin – where they are hosted in plain sight – and then joining, decoding and decrypting the chunks to form the loader that carries the malicious payload.

By Chris McCormack

By Tom Walsh

MrbMiner is a recently discovered cryptominer that targets internet-facing database servers (SQL servers) and downloads and installs a cryptominer. Database servers are an attractive target for cryptojackers because they are used for resource intensive activity and therefore have powerful processing capability.

Many pupils are starting their new school term from home rather than the classroom.

This status authorizes us to assign CVE identification to unique vulnerabilities within the scope of our products. Security researchers can now work directly with Sophos to open CVEs for our products, making the process of reporting issues and assigning CVEs more straightforward.

In an effort that has been attributed by many to actors working for or on behalf of a national government, an unknown adversary compromised the software supply chain of the enterprise IT management firm SolarWinds in order to distribute malicious code.

SolarWinds, an IT monitoring specialist, reported last Sunday that it had fallen victim to a “highly-sophisticated, manual supply chain attack … likely by a nation state.”

OXFORD, U.K. – Dec. 16, 2020 – Sophos, a global leader in next-generation cybersecurity, today published new research into the SystemBC malware, “Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor.” The research shows how SystemBC has developed into a fully-fledged remote access tool that acts as a Tor proxy and is being used in ransomware-as-a-service attacks for communications, data exfiltration and the download and execution of malicious modules.