Sophos published new research into the SystemBC malware that acts as a Tor proxy and is being used in ransomware-as-a-service attacks for communications and data exfiltration.

A group of researchers analyzed 13 messaging apps and revealed standard security features and practices embraced by each while they capture and store user data.

Unfortunately, fraudsters have taken advantage of the pandemic to rob and steal. And just as beating the virus, beating COVID-19-related fraud will also require a multiparty approach.

The Scottish Environment Protection Agency (Sepa) has been targeted in a significant cyberattack in the early hours of Christmas Eve, it’s executive director, David Pirie, confirmed.

Companies have to make sure SaaS vendors keep their company’s data secure, and that their employees’ use of these SaaS solutions is secure also when end users are not connected to the office network.

Microsoft warned CrowdStrike earlier this month of a failed attempt by unidentified attackers to access and read the company’s emails, according to a blog post published by the security firm.

An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as a zero-day to deploy the SUPERNOVA malware in target environments.

In this technique, malicious Office documents containing VBA code are saved within streams of CFBF files, with VBA macros saving data in a hierarchy including various types of streams.

In a recent attack, the group has been observed actively using a newly developed Internet Relay Chat (IRC) bot dubbed TNTbotinger, which can be used to perform DDoS attacks.

The recent attacks use payloads hosted on a new GitHub repository, which includes a Linux-based cryptominer, a list of passwords for brute-force attacks, and a statically linked Python 3.9 interpreter.