The Latest Sophos News
Product and Solution Information, Press Releases, Announcements
Sophos Uncovers New Delivery And Evasion Techniques Used By Agent Tesla To Bypass Security
The techniques feature a multi-stage process where a .NET downloader grabs chunks of malware from legitimate third-party websites such as pastebin and hastebin – where they are hosted in plain sight – and then joining, decoding and decrypting the chunks to form the loader that carries the malicious payload.
Nefilim Ransomware Attack Uses "Ghost" Credentials
Keeping close tabs on the account credentials in your organization should always be a top priority, as a Sophos Rapid Response customer recently learned. Sophos Rapid Response is a 24/7 service that helps organizations to quickly identify and neutralize active threats.
Sophos Identifies Source Of “MrbMiner” Attacks Targeting Database Servers
MrbMiner is a recently discovered cryptominer that targets internet-facing database servers (SQL servers) and downloads and installs a cryptominer. Database servers are an attractive target for cryptojackers because they are used for resource intensive activity and therefore have powerful processing capability.
Home schooling – how to stay secure
Many pupils are starting their new school term from home rather than the classroom.
Sophos is a CVE numbering authority
This status authorizes us to assign CVE identification to unique vulnerabilities within the scope of our products. Security researchers can now work directly with Sophos to open CVEs for our products, making the process of reporting issues and assigning CVEs more straightforward.
How SunBurst malware does defense evasion
In an effort that has been attributed by many to actors working for or on behalf of a national government, an unknown adversary compromised the software supply chain of the enterprise IT management firm SolarWinds in order to distribute malicious code.
SolarWinds breach: how to identify if you have been affected
SolarWinds, an IT monitoring specialist, reported last Sunday that it had fallen victim to a “highly-sophisticated, manual supply chain attack … likely by a nation state.”
Sophos Reports On How SystemBC Has Developed Into An Off-The-Shelf Tor Backdoor Used By Ransomware Operators
OXFORD, U.K. – Dec. 16, 2020 – Sophos, a global leader in next-generation cybersecurity, today published new research into the SystemBC malware, “Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor.” The research shows how SystemBC has developed into a fully-fledged remote access tool that acts as a Tor proxy and is being used in ransomware-as-a-service attacks for communications, data exfiltration and the download and execution of malicious modules.