PRODUCTS

News

15

Jan

In our recent UTM 9.2 release we accelerated our Intrusion Prevention System (IPS) – to do so we made changes to the underlying engine and worked at making our IPS smarter with new optimized default rule sets. We’ve been getting great reports from customers and partners about the speed boost they’re seeing.

But it’s not just software that can boost performance — it’s pretty obvious the hardware it runs on plays a critical role too. That’s why we’re releasing some new security gateway appliances that we’re calling our SG Series appliances.

These are the fastest appliances we’ve ever built. When we started the refresh project we would have been pleased with a 50% speed increase, and we were hoping we’d be able to double the speed. When our engineering team ran our benchmark tests the results were impressive — the new SG Series is up to four times faster than its predecessors. Now it’s all very well beating your own personal best but for us the real question was how would they fare in a race – just how do they stack up to the competition?

So we asked Miercom Labs, a respected testing house, to run tests. And the results were proof that we’ve built some appliances that will provide Sophos customers and partners with the best price/performance ratio anywhere in the market.

This first chart shows a comparison on firewall throughput. Now it’s important to note these results aren’t from some special, high end box targeted for thousands of users. These are from the SG 210; a mid-range model which is offered at a great price point that any business can afford.

And this performance advantage is seen not just on raw Firewall speed. The chart below shows results with Application Control enabled, a key component in next generation firewalls. As you see, our hard work paid off here as well.

miercom-app-control

And as you know Sophos has a great heritage in virus scanning and here our expertise really shows. Just look at the AV scanning numbers in the chart below.

miercom-av-proxy

This test compares AV proxy scanning which is widely known to be the most effective form of scanning because it looks at the entire file rather than taking shortcuts. But not everybody can do it “at speed,” and as you can see some don’t offer it at all.

The complete report from Miercom Labs will be published soon but as we announce the availability of the new SG Series appliances I just wanted to share some of the great results we are seeing. And as we extend the SG Series and continue to optimize our software here’s to even faster, even better protection!

You can read the original article here.

15

Jan

On June 19th we uncovered, halted and contained a targeted attack on our internal network infrastructure. Our systems have been cleaned and there is no evidence of any user data being compromised. We are working with the relevant authorities to investigate its source and any potential further extent. We will let you know if there are any developments. The current evidence suggests a limited impact. The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser. It is possible that a few thousand Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19th, may automatically have received and installed the malicious software. To be on the safe side, we will roll out a new version of Opera which will use a new code signing certificate“.

The conclusions we reached, based on the announcement above, were:

  • The network was breached.
  • A code-signing key was stolen.
  • Malware has been signed with it and circulated.
  • At least one infected file was posted on an Opera server.
  • That file may have been downloaded and installed by Opera itself.
  • Cleanup and remediation has now been done at Opera.
  • That sounds a bit more like Security breach not stopped.
  • How else could a signed-and-infected file have been automatically downloaded by an already-installed instance of Opera? Anyway, wouldn’t Opera’s auto-update have failed or produced a warning due to the expired certificate? Until Opera has worked out the answer to these questions, Opera users probably want to assume the worst.

The good news is that the malware involved is widely detected by anti-virus tools, and the period of possible exposure via Opera itself was at most 36 minutes.

→ According to Opera, Sophos products block the offending file as Mal/Zbot-FG.

So, if you are an Opera for Windows user:

  • Download a fresh copy of the latest version (since the buggy download appears to be a thing of the past).
  • Make sure your anti-virus is up to date.
  • If you can spare the time, do an on-demand (“scan now”) check of your computer.
  • If we find out more detail about whether malware was distributed by existing Opera installations or not, we’ll let you know.

You can read the original article, here.

15

Jan

Spammers versus spam senders

There’s a big difference, because spammers generally don’t send their own spam in bulk any more. That hasn’t worked for a decade or so, because if you send 10,000,000 unwanted emails as fast as you can from the same server, or even the same data centre, you make an easily-identified target. So 1,000,000 of the messages might get loose before either the data centre (if it cares, and reputable ones most definitely do) or the majority of your recipients, or both, say, “No more!” Not only are you blocked from sending the remaining 9,000,000 emails from your truncated campaign, you probably can’t use those same servers again for days, weeks, months, perhaps ever.

How spam is delivered

Enter the botnet, or robot network. That’s an unwitting collection of surreptitously co-operating zombie computers – in homes, at offices, in coffee shops, at the mall, by the beach – that regularly call home for instructions to servers that the criminals control. The crooks can send each bot in the network a list of email addresses, and then command the entire botnet to start a giant spam campaign. Using bots, those 10,000,000 spams can be sent, say, in 10,000 batches of 1000 emails at a time, presenting a much less obvious pattern to those who defend against spam. (And sticking those 10,000 bot-infected users with the cost of the bandwidth, if you don’t mind.)

Why spam matters

I used the words “unwitting” and “surreptitious” above because, although some users may knowingly participate, the majority of botnet spam senders don’t even realise they’re doing it. That’s why we publish the SPAMPIONSHIP tables: not to lay wholesale accusations of cybercriminality against entire countries, but to raise awareness of something we’ve said a number of times recently, since it’s Cyber Security Awareness Month:

If you don’t make an effort to clean up malware from your own computer, you aren’t part of the solution, you’re part of the problem.

We’re not pointing fingers here at anyone who ever made a mistake and ended up infected by malware, but we do want you to be mindful of the consequences of inaction. For as long as you fail to do anything about spambot malware on your computer, you’re actually helping the crooks to make money, and putting the rest of us, no matter how modestly, in harm’s way.

The SPAMPIONSHIP tables

And with those firm-but-fair words behind us, here are the latest figures showing spam by volume on a country-by-country basis:

As you can see, the top of the table is surprisingly consistent, with the countries in the first five places having all been in the Dirty Dozen throughout the year. Of course, you probably expected to see India and China in the list: they each have populations exceeding 1 billion people, so it would be surprising not to see them near the top. Nor is is surprising that the USA is in the Number One spot yet again, this time sending nearly three times as much spam as second-placed Belarus. After all, the US has 30 times the population of Belarus, and internet access is much more strongly established, so you would expect a higher proportion of Americans to have their own computers and to use the internet regularly. It’s when we turn the SPAMPIONSHIP into a per capita comparison that things get interesting:

DD 2

Here, the numbers next to each country denotes the average spamminess per person compared to the USA. In other words, we divided each country’s spam total by its population, then divided every country’s spam-per-person value by the figure for America. Obviously, that makes US = 1.00, and tells us that the average computer in Belarus was eleven times more likely to send spam than if it were in the USA. Israelis, whose propensity for sending spam sneaks the Middle Eastern country into twelfth place on chart for the first time this year, were 1.8 times as likely as Americans to be spam senders. The per capita chart doesn’t do any favours to small countries, which tend to hide near the bottom of volume-only lists, even if their computers are awash with zombie malware. US neighbour The Bahamas, for example, made it to eighth spot, with double the likelihood of its computers spamming compared to the US. Luxembourg got up to fourth spot, with a spammishness 2.7 times than of the US, up from sixth in Q2 and seventh in Q3.

You can read the original article, here.

15

Jan

Once Microsoft officially ends support for XP on Patch Tuesday in April (the last security update for XP), there will be no new security updates, non-security fixes, assisted support options, or online technical content updates from Microsoft.

That means that XP users, even those with anti-malware protection from Microsoft or security vendors, will face significantly higher security risks after the end of support. As Microsoft said in its announcement, “Our research shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited.”

To ease the burden of upgrading, Sophos will officially support Windows XP Service Packs 2 and 3 until at least September 30, 2015; and Windows Server 2003 until at least January 31, 2017. See our support knowledgebase for a complete platform support list.

 

Upgrading to newer Windows operating systems is causing plenty of problems for specialized systems, including for point-of-sale (POS) registers, medical devices, and even ATMs. For those using “embedded” versions of XP on specialized equipment, we recommend isolating these machines and restricting access to non-essential functions using application control available in next-gen firewalls.

In most cases, however, it’s time to upgrade. As Naked Security expert Paul Ducklin writes, Microsoft’s extended anti-malware support doesn’t really change much. “Windows XP will still officially fall off the edge of the world in April 2014 when Microsoft ends support,” Paul writes.

You can read the original article here.

15

Jan

Independent test vendor Miercom has done rigorous testing of the Sophos SG Series alongside comparative appliances from other vendors. We shared some data points from Miercom earlier this year which looked very good indeed. Now Miercom has made available more results – and I don’t think you will be disappointed.

The report includes measurement of throughput for Firewall, Firewall + Application Control and Firewall + IPS (Intrusion Prevention System). Miercom also looked at how many new TCP connections can be established per second by each device.

In the firewall test, the SG appliances were so fast they didn’t come anywhere near their limits and allowed traffic to flow freely at the 3Gbps maximum.

Miercom had to install an extra port module with more ports and run traffic in both directions in order to reach the limit.

 miercom-performance-report

You can read the original article, here.

15

Jan

In an increasingly complex security environment Sophos works with partners to make security simple to deliver, implement and manage. Over the last 12 months Sophos has created a more flexible and generous partner programme, providing partners with protection for deal registrations, attractive margins and joint lead generation initiatives. The programme also provides up-to-date certification, to ensure partner sales and technical teams are fully trained across Sophos’s latest solutions to help drive partner businesses forward. Delivered by dedicated channel relationship managers, Sophos gets to know partner businesses to ensure they feel supported every step of the way.

James Vyvyan, Regional Vice President, UKI, Sophos said: “We’re delighted to have won ‘Security Vendor of the Year’. Sophos is committed to a ‘channel first’ strategy and we believe that by taking the time to understand our partners’ business model, we can work together to provide the solutions that best suit their customers’ IT security needs.”

Sophos also won two awards in CRN’s DACH awards on 13 November: Security Vendor of the Year and Channel Champion of the Year 2013.
Commentary from the Sophos Channel

“Many of the innovations Sophos has introduced are unique to the market. These unique solutions make it possible for us to differentiate ourselves from other security consultants and better meet our clients’ needs,” said Mark Robinson, Director, Globelink Infrastructure & Network Security.

“The Sophos Partner Programme empowers proactive and enthusiastic partners like ourselves to achieve the levels of technical and sales accreditation required to represent Sophos at the highest level,” said Paul Cox, Managing Director, Quadsys.

“We’ve worked closely with Sophos for more than 12 years and feel the relationship is stronger now than it has ever been. The sales, technical, financial and management teams at Sophos and Foursys are all working really closely together, which means we get it right and we both put customer service at the top of the agenda,” said Paul Prior, Managing Director, Foursys.

15

Jan

Developed by SophosLabs, this new Sophos UTM approach brings together multiple technologies to rapidly identify and isolate infected clients and prevent communication with malicious command and control hosts. This latest version introduces botnet protection and cloud-based sandboxing to expand on the Sophos UTM’s existing multi-layer Firewall, Web, Email and Endpoint protection. This extends the Sophos commitment to small and mid-market companies, delivering access to advanced protection without the complexity and cost normally associated with such functionality. 

“The initial stages of targeted attacks can often go unnoticed by security systems that don’t control incoming and outgoing traffic. For organizations with limited IT resources, investing time and money in a dedicated ATP solution to detect these early signs is simply not realistic, given how tricky, complex and fast moving this type of traffic is,” says Chris Kraft, vice president, product management, Sophos. “That’s what we wanted to change. Today, with a few simple clicks, users get advanced protection without needing to be full-time security experts themselves.” 

This new release also significantly enhances the speed of security scanning, with initial data showing the new performance optimized IPS doubling throughput speed in test environments. The Email, Web, and Network Protection modules all experience significant enhancements, including:

  • Simplified Email Encryption and DLPSophos SPX technology eliminates need for a separate Public Key Infrastructure and policy-based DLP can trigger automatic encryption
  • Smarter Web Control – streamlined policy setup enables granular user control and transparent web filtering of https traffic provides seamless protection
  • Mobile Access Control – enhances Wi-Fi and VPN security by combining Sophos UTM with Mobile Device Management functionality in Sophos Mobile Control
  • Performance Optimized IPS – intelligent processes and pattern management deliver enhanced scanning speeds to rapidly block network attacks and prevent breaches
  • Botnet/Command and Control Protection – Sophos Advanced Threat Protection identifies and blocks infected machines communicating with malware command and control servers

“The UTM market is one of the most competitive in security. Numerous features and applications have been added over the past few years, and we’re increasingly seeing solutions are providing more effective security and better performance,” said John Grady, Research Manager, Security Products and Services, IDC. “This latest release from Sophos continues to simplify complex technologies. SPX email encryption is an example of that and is a differentiated approach among other UTM vendors.”

“Students are smart and always find ways to circumvent security, so schools are always in need of better ways to manage their web access and block inappropriate content,” says Bart Wilson, systems support manager, from Twotrees Technologies LLC, a Sophos partner. “UTM 9.2 is a huge step forward in solving this problem. By adding https traffic to web filtering in transparent mode, Sophos will help our customers to take back control – especially with so many students browsing on mobile devices.”

For additional information on all of the features in Sophos UTM 9.2 and extra information on Sophos’ network security solutions, please visit our Network Security area, watch the UTM videos, or check out the dedicated Sophos UTM blogs.

You can read the original article here.

15

Jan

The partnership means users of Sophos Mobile Control 4.0 and Check Point Mobile VPN can link the two solutions to provide network access control for any mobile devices attempting to use the corporate network. Non-compliant devices are isolated from the network, protecting the organization from unauthorized mobile devices. This ensures that only managed devices that meet an organization’s security policy may connect and use business resources.

Mobile devices continue to multiply rapidly in the workplace and today’s flexible working styles mean that, increasingly, employees are requiring and gaining access to the corporate network wherever they are. As a result of this surge in mobility, effectively securing both corporate data and networks has become an enormous challenge for IT and security managers. Much of an IT administrator’s day can be spent provisioning, securing, locating, managing and updating these mobile devices.

Sophos Mobile Control continually assesses the compliance status of each mobile device – detecting jailbreaks, blacklisted apps or insecure settings. Via a simple out-of-the-box interface with Check Point’s Mobile VPN, it blocks any non-compliant device from accessing the corporate network via VPN, proactively reducing the risk of data breaches.

“By integrating Check Point Mobile VPN with the mobile device management features of Sophos Mobile Control, IT departments can easily manage how mobile users access centrally-stored corporate resources, allowing them to regain control of their networks all through a simple interface,” says Alon Kantor, vice president of business development at Check Point Software Technologies. “Check Point’s partnership with Sophos provides our joint customers with a simple solution for the increasingly common problem of mobile network access control.”

“The rapid growth of mobile devices in the workplace combined with today’s range of threats means that mobile security is an increasing priority for many organizations,” says Ari Buchler, senior vice president corporate development at Sophos. ”We’re delighted to be partnering with Check Point to provide a simple solution to this complex problem, and to enable users of Sophos Mobile Control and Check Point Mobile VPN to keep compromised mobile devices off their networks. This integration demonstrates both companies’ commitment to meeting the needs of customers in the face of a continuously evolving threat landscape.”

Sophos Mobile Control 4.0

Sophos released Sophos Mobile Control 4.0 in May 2014. In addition to managing mobile devices, applications and email, it is the only EMM solution to offer file-level encryption, ensuring that each document connected to the server remains secure and that users can collaborate safely. Sophos Mobile Control also delivers robust, integrated security against malware and malicious web sites to protect against the rapidly-growing, nearly 1 million unique pieces of mobile malware seen by SophosLabs. In addition, Sophos is the only EMM vendor to offer categorical web filtering so organizations can control network performance and security by managing which websites their users can access. Available on premise or as-a-service, Sophos Mobile Control provides a simple and differentiated approach for organizations to manage and secure mobile devices, content and applications. Learn more about Sophos Mobile Control 4.0.

According to IDC, Sophos Mobile Control is the market leader among small and medium businesses in North America, with 25% market share. Sophos is also the only IT security company to be positioned as a Leader in all three of the following Gartner Magic Quadrants: Unified Threat Management (UTM), Mobile Data Protection and Endpoint Protection Platforms.

Integration with Check Point Mobile VPN

Check Point Mobile VPN application establishes a secure VPN (Virtual Private Network) tunnel to the corporate network infrastructure via a Check Point Security Gateway. By unifying Sophos Mobile Control and Check Point VPN gateways, IT departments can ensure that only compliant devices are allowed access to the corporate network. Compliance policies for corporate owned mobile devices reside on the Mobile Device Management Servers.

When a device attempts to connect to the corporate network, compliance is checked. This can prevent users from installing a VPN client on unmanaged devices and trying to access the organization. The Security Gateway can also block the unknown devices of valid users.

You can read the original article, here.

15

Jan

But those signals were not authentic, and the ship was not on course. The signals were in fact being sent from the White Rose’s upper deck by University of Texas/Cockrell School of Engineering graduate students Jahshan Bhatti and Ken Pesyna. A team from the school had been invited aboard while the White Rose sailed from Monaco to Rhodes, Greece, on the Mediterranean Sea. Using a blue box about the size of a briefcase, the duo spoofed the ship’s GPS signals, sending counterfeit signals that slowly, subtly overpowered the authentic GPS signals until the ship ultimately came under their control.

If this sounds familiar, it’s because students from this engineering school did the same thing to a drone last year. In May 2012, the engineering students tried out their $1,000 spoofer, which they had cobbled together in response to a dare from the US Department of Homeland Security (DHS). Under the direction of Assistant Professor Todd Humphreys, who is now working for the Department of Aerospace Engineering and Engineering Mechanics, the students last spring managed to hack and hijack a drone with what Humphreys at the time said was the most advanced spoofing device ever.

SPOOFING GPS 2

Both the drone and yacht hijackings were designed to shed light on the perils of navigation attacks, serving as evidence that spoofing is a serious threat to marine vessels and other forms of transportation. In plain English, that means that hackers can send drones smashing, say, into our skulls.

After the students had gained control of the ship’s navigation system, the team planned to coerce the ship onto a new course with subtle maneuvers that positioned the yacht a few degrees off its original course. When the ship’s navigation system detected the location discrepancy, the crew corrected the course – at least, they thought they did. In reality, their course corrections were setting the ship slightly off its course line. Watch a video about the attack here.

You can read the original article, here.

15

Jan

 But what are the implications of biometric technology as far as enterprise security is concerned? Ryan Hurst, CTO of enterprise SaaS Certificate Authority GlobalSign, has told Softpedia that biometric technology could turn out to be highly beneficial to organizations looking to protect their data, but it depends a great deal on how it’s implemented.

The recent confirmation of the integration of biometrics in the new iPhone has many asking what the implications are for enterprises. It is too early to tell for sure as the answer will depend on how they have implemented this feature,” said Hurst told us in an emailed statement.

That said, as mentioned during the Apple keynote, only about half of smartphone users apply a passcode today making mobile devices carrying sensitive corporate data a huge vulnerability for enterprises. If the biometric technology used on the device is applied correctly this could mean more secure enterprise data,” he added.

More importantly this will force many enterprises to take another look at their own authentication strategy and ask if biometrics is a viable form of authentication for them in comparison to other stronger forms, such as one time passwords and smart cards, and weighing the security benefits and risks of each.

Hurst highlights the fact that the use of biometric technology could be beneficial in case mobile devices containing enterprise data are stolen or lost. “The first rule of security is if the attacker has physical access to your device then the device is no longer yours. However, the use of biometrics has the potential to make it more difficult for the attacker which can significantly reduce the impact of lost or stolen phones containing enterprise data,” he explained.

You can read the original article, here.

15

Jan

Service providers need higher level of encryption support

“If you look at one of our typical deployments, yes, they want security, they want SSL, but the numbers they support are in the thousands,” he said. “It’s nothing compared to a business model that is supporting millions of users. When we are talking to these SaaS providers, it’s a whole new level of value proposition” and a market segment that Array wants to target. 

With the new encryption standard requiring almost five times the computational power as 1,024-bit encryption, more robust ADCs are a necessity, he said. SaaS provider YourMembership.com is using Array’s 5600 platform to beef up its capacity and throughput, said Chief Technology Officer Hutch Craig. The St. Petersburg, Fla.-based SaaS provider serves more than 2,300 associations with its menu of back-office services, reaching more than 20 million users. A lot of the provider’s traffic requires secure processing, Craig said; everything from e-commerce to dues information and other sensitive data. 

YourMembership.com deployed a pair of ADCs for failover protection at a data center in Orlando, Fla. They replaced two older Array ADCs that were running at more than 50% utilization each because of the volume of transactions they had to process. “Things were getting really tough on them; the 5600s are unbelievable,” Craig said. “Everything is funneled through the ADC, from the API to the actual front-end offering. We have millions of [end users] and tens of thousands of administrators that go into the box.”

  • Craig said the 5600’s SSL acceleration capabilities were a key attribute. In YourMembership.com’s case, the processor-intensive steps needed to handle public-key encryption algorithms are handed off to a hardware accelerator, although the ADC has the ability to process SSL transactions without the use of separate servers.

  • More traffic headed in 2014
  • YourMembership.com will increase the amount of traffic routed through the Array ADCs next year as part of a plan to consolidate all of its data center operations in Orlando, Craig said. Right now, the provider has a data center in Austin, Texas, that serves clients YourMembership.com inherited as part of its 2012 acquisition of rival Affiniscape.  

  • Craig said YourMembership.com will phase out the Austin data center and route all traffic to Orlando and the 5600s by next spring. Andersen said SaaS providers are a logical target for his company’s ADCs, which are priced from 30% to 40% below competitors’ similarly equipped models. 

  • “They have to support a lot more customers and they also have to be on a higher standard of SSL. At the same time, they can’t afford to pay through the nose for ADC hardware,” Andersen said.
    The 5600 is priced beginning at $28,995; models that support hardware SSL acceleration begin at $37,995.

  • In addition to the 5600, Array beefed up two other models to handle the new encryption standards. The 2600 can process up to 5,000 SSL transactions per second, while the high-end 10650 can handle up to 70,000 transactions per second. All of the devices are engineered with 10 Gigabit Ethernet connectivity and multicore processing with throughput ranging from 10 Gbps to 120 Gbps, depending on the model.

You can read the original article here.

15

Jan

Download the Sophos Mobile Encryption app from Google Play for Android, or from iTunes for iOS devices (iPhones, iPod Touches and iPads).

New features available in this version

  • Protect access to your Sophos Mobile Encryption application with an optional password.
  • Fully transparent key management, so you don’t need to enter the passphrase each time you open a file.
  • Store your encrypted files in the local storage area within the app. Local storage is also accessible via USB from your PC or Mac.
  • Encrypt and upload files handed over by applications from cloud storage providers.
  • Supported cloud storage solutions: Dropbox, Google Drive, Microsoft One Drive (former SkyDrive), Egnyte, Telekom Media Center, WebDAV (e.g., Windows Server, ownCloud or Strato HiDrive)

Sophos Mobile Encryption for Android

Download the Sophos Mobile Encryption app from Google Play for Android devices. Requires Android 2.3.3 and up.

Sophos Mobile Encryption for iOS

Download the Sophos Mobile Encryption app from iTunes for iOS devices. Requires iOS 5.0 or later. Compatible with iPhone, iPad, and iPod Touch. This app is optimized for iPhone 5.

sophos-mobile-encryption2

For business users: You can get Sophos Mobile Encryption together with the optional SafeGuard Enterprise Encryption for Cloud Storage module. The app extends access to encrypted files to mobile devices –for persistent encryption wherever your users are working.

You can read the original article here.

15

Jan

This is according to the abstract of a briefing to be given at the upcoming Black Hat USA conference. The attack, dubbed “Mactans“, succeeded in compromising latest generation devices with the latest version of iOS. It led to a persistent infection with software of the attacker’s choice, invisible to the phone’s user thanks to built-in concealment techniques used to hide some of Apple’s own apps.

The researchers, from the Georgia Institute of Technology, say they built their malicious charger in minimal time with little budget, using a credit card-sized BeagleBoard-embedded computer. I’ve always been a little worried when I’ve seen those free charging stations at airports, shopping malls and other public places. OK, so sometimes you just have to get at some power, but the whole idea of plugging my phone into something I have so little reason to trust just seems a little dirty, not to mention unsafe. Now, assuming this is more than the usual pre-conference hype, those fears look more than justified.

Worse, the small scale of this particular device means you wouldn’t even need a big pedestal-sized charging station. While not quite small enough to disguise as a normal Apple USB power converter as it stands, there are still ample opportunities to trick people into trusting a reasonably compact charging device.

With a little more effort and investment, it should be trivial to build a trojanized charger that is almost identical to standard kit. Then we’d really be in trouble. Imagine an eBay shop selling super cheap USB plugs, which could happily take over your phone and make it call premium-rate numbers or harvest passwords from your email or even bank accounts. Not such a bargain all of a sudden. It might be a good time to buy up all the USB chargers you’re going to need – I suspect prices for proven trustworthy hardware might well be going up fairly shortly.

You can read the original article, here.

15

Jan

The October 2013 CPU covers fixes for: Oracle Database Server, Oracle Enterprise Manager Grid Control, Oracle Supply Chain Products Suite, Oracle Siebel CRM, Oracle Industry Applications, Oracle Primavera Products Suite, Oracle and Sun Systems Products Suite, Oracle MySQL, Oracle Fusion Middleware, Oracle E-Business Suite, Oracle PeopleSoft Products, Oracle iLearning, Oracle Financial Services Software, Oracle Java SE and Oracle Virtualization. All of these updates are important, but arguably Java is the most important of all of them.

51 security vulnerabilities are addressed in Java this quarter, and 50 of them affect Java Applets or Java WebStart, the plugin that runs Java in your web browser. Worse yet, all but one are remotely exploitable without authentication. Some versions of Java update themselves, some rely on the operating system vendor and others are too old to support an auto-update mechanism. This does not make things easy.

Our advice?

1) Determine whether you have Java installed and enabled in your web browser. Visit java.com/en/download/installed.jsp and click “Verify Java version“. If your browser prompts you to install Java, close the tab; you’re Java-free. If it loads the applet, check your version. Be sure you are running Java 7 update 45 (1.7.0_45), Java 6 update 65 (1.6.0_65) or Java 1.5.0_55.
If you must have Java installed you ought to be running Java 7 (1.7). All previous versions are not officially supported and present a greater security risk.

2) If Java is installed and out of date, be sure to update it. Windows users can open the Java Control Panel, select the Update tab and choose Update now. Mac users can check for updates using the integrated Apple updater. Linux users should follow normal procedures for system updates provided by their distribution.

Java2

3) Most importantly, if you don’t need Java, get rid of it. Java can be useful for applications (Minecraft, payroll, mortgage calculators) and server-side applications (JBoss and more), but it doesn’t belong in your browser. If you’re not sure, I recommend disabling it. If you run across things that require Java, your browser will alert you with instructions.

You can read the original article, here.

15

Jan

As we explain below, next-generation firewalls are typically defined as firewalls enhanced with intrusion prevention and application intelligence. On the other hand, UTM systems include those features—plus additional technologies such as email security, URL filtering, wireless security, web application firewalls and virtual private networks (VPNs). In this view, UTM systems include NGFWs as components.

Manager’s guide to UTM and next-gen firewalls

UTM systems are among the most widely used tools in the information security arsenal. The concept of unified threat management is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor.
IT managers evaluating UTMs need clearly defined criteria to choose the right protection.

You may wonder: Is a UTM solution right for my organization? What security features are most important? What other issues need to be considered, such as ease of management and support for remote users?

Download our free guide to get the answers to these questions: A Manager’s Guide to Unified Threat Management and Next-Gen Firewalls. (Registration required).

You can read the original article here.

15

Jan

When you consider the country’s huge online population, it’s not surprising that the U.S. sends so much spam. Spam comes from “bots” — computers infected with malware and under the control of a criminal. “Bot masters” can use servers anywhere in the world to give the bots instructions. So spam-bots in the countries on our list aren’t the authors of the spam, they are more like the messengers.

While it’s interesting to call out the 12 “dirty dozen” countries that send the most spam by volume, we also like to look at the amount of spam by population. It’s a diverse list of nations, and even small countries have a big spam problem.

The Dirty Dozen Spampionship

We’ve been measuring spam in our quarterly “Spampionship” going back a few years, and the U.S. consistently tops our charts. As you can see in the graphic below, bots in the U.S. send by far the most spam of any country, with second-place France (responsible for 6.7% of spam) well behind.

Other countries in our top 12 include China (third at 6.2% of spam) and Russia (fifth at 5.1% of spam), both consistently at the top of our charts quarter after quarter.

Spam per person – a fairer measure

We also look at spam “per person.” We do this because we think it’s a fairer measure of how spammy a country is. By setting the U.S. as the baseline, we can see how likely it is that a computer in a given country is a spam-sending bot compared to the U.S.

This past quarter, Bulgaria was the top country for spam per person, coming in at 2.1 times the U.S. Belarus, which had been the tops of the spam per-person chart for the past year, dropped to second place, at 1.9 times the U.S. spam level.

spam-bot-invaders-infographic-pop

Fight back against spam and cybercrime – kill a spam-bot

Spam is truly a global problem — spam-bots can be anywhere in the world. Remember, if your computer is infected with spam-sending bot malware, you are part of the problem. Do your part to fight back against spam — download our free Virus Removal Tool to scan your computer and automatically clean up malware.

You can learn more about our “Spampionship” series by visiting our award-winning Naked Security blog. If you’re a business looking to keep your email secure, Sophos blocks spam and email-borne threats. Learn more about email security from Sophos

You can read the original article, here.

15

Jan

UTM Buyers Guide gives you everything you need to find the best protection that’s also the easiest to manage.

This guide will allow you to:

  • Understand what a modern UTM can do for you
  • Compare product features, and know what you need to keep your network secure.
  • Ask the right questions of vendors as you consider your options

Click here to download the Buyers Guide.

15

Jan

“WD is using enterprise-class components to build a new family of network appliances for small businesses,” said Bill Evans, general manager of WD’s business storage solutions group. “The WD Sentinel S-series network appliances are engineered with Intel Xeon processors, pre-populated with WD Se datacenter 3.5-inch hard drives for rapid deployment, and feature dedicated 2.5-inch boot drives for maximum reliability. No other vendor offers a comparable network storage plus server in an equally small form factor. With a small footprint and quiet fan, an S-series appliance can be deployed anywhere.”  

Proven Components from Intel, Microsoft, and WD
Built by WD, powered by an Intel Xeon processor and running Windows Server 2012 R2 Essentials, the WD Sentinel S-series is based on proven technologies from industry leaders. Unlike competitors’ proprietary operating systems, the S-series is a fully configured native Windows Server on which customers can deploy thousands of Windows applications.

“Windows Server 2012 R2 Essentials gives customers the benefit of built-in, groundbreaking, low-cost storage technologies, and WD’s Sentinel S-series hardware helps small businesses take advantage of these technologies,” said Jamie Hamilton, Director of Marketing, OEM Division at Microsoft Corp. “We are pleased to work with WD to tackle the small business, first-server opportunity. WD’s hardware engineering expertise, previous success with network storage products based on Windows Storage Server, and leadership in offering an R2 version of Windows Server 2012 Essentials puts WD in a good position to serve this industry.”

Reliable Enterprise Grade Components    
The WD Sentinel S-series include WD 3.5-inch datacenter-class hard drives for enhanced data security.  Businesses gain enterprise-class reliability with dual dedicated boot drives (optional on WD Sentinel DS5100), dual gigabit Ethernet ports, and dual external DC-in power adapter ports. This engineered redundancy, along with a bezel lock for physical security, all add to the reliability of this ultra-compact network storage plus server that can be deployed virtually anywhere.

Affordable First Server for Any Small Business
The WD Sentinel S-series is a complete, fully-configured solution with automatic backup and restore software for up to 25 users and 50 computers, all at a very affordable price that starts at $2,560 U.S. MSRP.  By combining a single solution for both storage and server requirements, the S-series appliances are a great solution for any small business looking for their first server.

“Finally, a network storage vendor has delivered a low-cost, turn-key solution that meets my customers’ requirements—with no assembly required,” said Kevin Royalty, Microsoft MVP and Managing Partner of Total Care Computer Consulting in Centerville, Ohio. “Small business customers want a packaged solution with balanced disk, processor, memory, and operating system that is engineered and tested as a unit. The DS5100 and DS6100 appliances are ideal as a ‘first server’ due to the high-performance Intel Xeon processor, Windows Server, high-capacity enterprise-class disk storage, and tiny footprint.”

Availability
WD Sentinel S-series appliances are available today at CDW, PC Connection, and Insight, and through select VARs, resellers, and distributors worldwide. The WD Sentinel DS5100 is pre-populated in capacities of 4 or 8 TB. The WD Sentinel DS6100 is available with capacities of 8, 12, or 16 TB.

WD Sentinel

15

Jan

A ‘channel-first, channel-focused’ company, Sophos continues to receive impressive recognition from CRN/The Channel Company, mostly recently with Michael Valentine, senior vice president, worldwide sales, and Kendra Krause, vice president of channel sales, North America, being named Channel Chiefs just last month. Late last year, Michael Valentine was also named a top IT executive for the mid-market.

Sophos enables partners to sell, market, distribute and implement its award-winning cloud, network, server and enduser protection solutions to organizations of all sizes. The company recently announced a new partner program for North America which includes a simplified deal registration and discount structure, full access to the Sophos product and solution portfolio, sales and marketing tools, training and technical enablement, and significant investments in local channel sales and SE resources.

To determine the 2014 5-Star recipients, The Channel Company’s Research team assessed each vendor’s application based on investments in program offerings, partner profitability, partner training, education and support, marketing programs and resources, sales support and communication.

“Solution providers have a lot of choices when it comes to selecting vendor partners. Identifying the right vendor, with the right technologies, and the right approach can make all the difference,” said Robert Faletra, CEO, The Channel Company. “Our annual Partner Program Guide and 5-Star rating recognizes the very best channel programs available in the market today to help solution providers determine which vendor delivers the best partner elements for their individual business goals.”

John Keenan, vice president of sales for North America, Sophos, said, “Receiving 5-Star recognition from CRN is validation that our strategy is working. From the highest levels, the Sophos team works hard to demonstrate our commitment to the channel in everything we do. We believe investing in those partners who commit to growing their business with us is a smart, simple approach to building lasting relationships and growing revenue. We’re honored to receive positive accolades that come as a result of that approach.”

For more information on the Sophos Partner Program, visit the Sophos website or to learn more about becoming a Sophos partner. The 2014 Partner Program Guide will be featured on CRN.com and the 5-Star Partners listing will be highlighted in the April issue of CRN.

You can read the original article here.

15

Jan

For the first time, AV-Test has released test results comparing malware protection for Macs among 18 major security vendors. The results show a wide disparity in protection against Mac OS X malware. Sophos came out near the top with a 96.6% detection rate. Our Mac protection was better than Kaspersky, Trend Micro, Symantec and McAfee. You can see the full results at the AV-Test website. AV-Comparatives tests also show Sophos protects Macs better — and we won’t slow Macs down either. According to the Register, the AV-Comparatives tests showed that Sophos “aced the test.”

 Protect your Macs

Malware targeting Mac OS X isn’t as widespread as malware for Windows and Android, but the threat is real and growing. And with more businesses expecting to add Macs in the future, protecting them will need to be a top priority. You need security that works not just for Windows malware, but for Macs and mobile devices too.

Visit sophos.com/best-endpoint to see how Sophos beats the other security vendors, from protection to performance, compatibility, and price.

You can read the original article, here.