News
information security to the status of the most crucial factor that should be taken into account in the adoption of new technologies in the IT environment. The conference aims to present IT professionals with the landscape of new threats and how those threats will be addressed effectively through the implementation of specific policies and the use of modern technology.
Click here to register for the Infocom Security 2013 event
Click here to navigate to Infocom Security 2013 Official Website
Once these are exceeded interSeptor will provide an alert. For other sensors (security, water, power, smoke and dry contact), interSeptor will provide an alert as soon as the sensor switches to an alarm condition.
There are currently five different optional sensors : smoke, water leak, power, security and dry contact sensors.
The interSeptor water detector uses a specially designed cable to detect the presence of moisture at any point along the length of the cable. The water detection unit will sound an audible alarm upon detection and also sends a signal to the interSeptor to start the alarm process. Want an example? You arrive at work on Monday to discover an inch of water across a critical floor space. Of course you are able to quickly install a leak detection system to protect against future instances of this, but what if a system had been in place already? Could you have saved time and money? Could critical equipment be saved? Could staff have spent more time on more important matters?
The answer to these questions is, of course, YES! There is an easy-to -install, leak detection system with:
- Up to 30m leak detection cable
- Hassle-free installation
- Remote Web Access
- Free technical assistance via phone and email
- 60-day money-back guarantee
- 2-year swap out warranty
Jan
Info-Tech examined ADC vendors that are solving the problems of server downtime due to increased web traffic and preventing malicious attacks against corporate systems. Array Networks’ APV line of application delivery controllers deliver a seamless end-user experience while simultaneously preventing attacks and data leakage.
Array’s feature-rich ADC products, industry-leading price and performance and unmatched reputation for customer service and support make them an unbeatable value to businesses.
Array Networks helps enterprises meet the challenges of delivering applications in the dynamic network environments of modern enterprises. Array has over 5,000 worldwide customers including enterprises, service providers, government and vertical organizations in healthcare, finance, insurance and education. Organizations look to Array to cost-effectively scale the performance, availability and security of applications and data in dynamic network, cloud and mobile environments.
“It’s an honor to be recognized as an Innovator in the ADC market,” said Michael Zhao, President and CEO of Array Networks. “Array is improving enterprise security and traffic management and we will continue to develop application delivery networking solutions that meet customer requirements.
You can read the original article here.
We want to share a little tip – did you know that we offer an amazing alternative to cheap consumer grade Internet routers?
The difference is, our software is enterprise class, fully maintained and free. Here’s how you can try our Sophos UTM Home Edition and our free Sophos UTM Essential Firewall for businesses.
If you think you need to be truly “unlucky” to be targeted – try putting an unshielded Windows computer or a web server on the Internet and watch it being probed within seconds. This is not a matter of misfortune; it’s a matter of seconds.
Being such a critical piece of equipment you might think firewalls all come as cast iron, industrial strength appliances. But, as has been apparent, this is not the case.
Many times the software is not maintained on these devices. Some are not made to update automatically, or are difficult to upgrade. Or the vendor has simply stopped maintaining the software.
Let us give you some examples security weaknesses we’ve seen recently.
- Admin access: this is the holy grail. Anyone can go in a reconfigure your router.
- UPnP – an autoconfiguring standard to allow devices on your network to open up ports in your firewall
The good news is that the Sophos UTM Essential Firewall (for businesses) and Sophos UTM Home Edition address all the issues I’ve mentioned above.
- We continuously maintain and update the software for it. This means we can make continuous improvements and quickly address any issues.
- We don’t support UPnP so it will never be an issue
- You get remote access so you can access you home network wherever you are without having to open any ports on the firewall
Try our Sophos UTM Home Edition, and our free Sophos UTM Essential Firewall for businesses.
You can choose how you deploy it:
- Use an existing standard PC with at least two network cards
- Install it as a VM in your virtual environment
- Buy a hardware appliance from us
- Or you can geek out completely and even run it in the Amazon EC2 cloud … the possibilities are endless
You can read the original article, here.
Jan
An equally alarming industry statistic, users not running the most recent version of Android (comprising more than 90 percent of active users) are vulnerable to known exploits, resulting in a more than 600 percent increase in Android malware infections.
In order to keep up with and prevent these risks, Sophos has introduced the latest version of its free Android security app, Sophos Mobile Security 3.0, its full-featured mobile securityand anti-virus application.
What’s New in Sophos Mobile Security 3.0
- Application protection: Protects the start of selected applications with a password, meaning you can let others use your phone without risking your corporate data security. You can protect your settings or Google Play app and any other mobile application.
- Faster Scanning: Significantly improves scan speed by leveraging the power of multi- core phones
- Web Protection (now included in free version): Blocks access to malicious or phishing websites, so you can access the Internet worry-free
“If Android malware risks weren’t enough, Android device loss and theft are an enormous issue, especially considering that more than 100 cell phones are lost or stolen every minute just in the US alone,” said Thomas Lippert, senior product manager, mobile, Sophos. “Mobile malware leads to data loss and unexpected cost issues, while actual device loss and theft leads to potentially much worse. Either way, it’s imperative for users to ensure their devices are protected. And we’re providing this protection—for free.”
Sophos Mobile Security is offered for free in Google Play: https://play.google.com/store/apps/details?id=com.sophos.smsec. Optionally, Sophos Mobile Security can integrate into the company’s flagship mobile device management and security solution, Sophos Mobile Control, providing full central management and integration into the compliance enforcement engine. For more information about Sophos’ mobile offerings, please visit:http://www.sophos.com/en-us/products/mobile.aspx.
Jan
“This certification is a critical step toward the future development of LogPoint. It will enable us to pursue significant opportunities with government authorities, in the security and intelligence sector as well as with major corporations globally,” says Jesper Zerlang, CEO of LogPoint. “We are extremely excited about the partnership with Boeing that will elevate the LogPoint platform to the Tier 1 in the market and place us among the best enterprise SIEM security solutions”
Boeing will assist LogPoint prepare the SIEM platform for the Common Criteria for Information Technology Security Evaluation, with the goal of obtaining Evaluation Assurance Level 3 certification before mid-2014. This certification is often a requirement for cybersecurity contracts in NATO countries and throughout the world. Obtaining it will make LogPoint the only Danish cybersecurity company to meet the standard – and one of few globally.
“We are experiencing a dramatically increasing demand for improved network security as the number of successful network attacks globally are sadly rising. An effective SIEM-solution is one of the cornerstones of efficient enterprise network security, not only to improve security monitoring and early breach detection, but also to answer an increasing demand for regulatory compliance in many countries around the world”, says Jesper Zerlang.
The LogPoint SIEM-platform are currently deployed with more than 250 organizations in Europe, including large- and midsized enterprises in all industry sectors as well as public authorities ranging from municipalities to government authorities. LogPoint is present with offices in the Scandinavian countries as well as Germany and the UK and are currently expanding to a number of other European markets. LogPoint is partner centric and deploy its solution through a network of certified partners, ISP’s and system integrators throughout Europe.
LogPoint is a European, Copenhagen-based IT security company that delivers IT security SIEM solutions for enterprise networks. The LogPoint technology is an advanced Security Information and Event Management (SIEM) platform that provides real-time monitoring and incident management for security-related events from network, security devices, systems and applications as well as log management, analytics and compliance reporting.
You can read the original article here.
Jan
The new version includes the following improvements.
- New wizards for step-by-step installation and uninstallation of one or multiple centralized scanners. The install wizard also supports assigning static IP addresses to the scanners.
- The ability for the centralized scanners to receive product upgrades automatically from Sophos, eliminating the need to manually install new product versions.
- More selective email alerts, so administrators can focus on the most critical information.
- A new command-line tool to generate compliance reports showing which virtual guests are protected by which centralized scanners.
If you are currently using Sophos Antivirus for vShield, you may download the new version from the MySophos download page. If you haven’t yet experienced the speed and convenience of agentless scanning for your VMware environment, download the free 30 day trial today.
You can read the original article here.
McAfee may be big, but that doesn’t mean better. When you look at independent tests and evaluations, Sophos comes out on top. Get our Endpoint Buyers Guide to see all the research that will help you evaluate the top endpoint protection products.
This buyers guide shows you how we match up against McAfee and other vendors in performance, protection, ease of management and customer support.
Better performance
Your endpoint protection can’t come at the expense of user productivity.
In a recent AV-Comparatives performance test, Sophos Endpoint Protection had the best (lowest) system impact score, meaning our software had the least amount of impact on a computer’s speed in performing tasks like launching programs and files.
As you can see in the chart below, we have the industry’s lowest impact on performance, while McAfee scored at the bottom of the scale. In this comparison, a lower score means better performance.
Sophos gives you protection that won’t slow you down.
Better protection
When you choose Sophos, you’re choosing better protection from malware.
As you can see in Info-Tech’s latest Vendor Landscape: Endpoint Anti-Malware report, Info-Tech placed us far higher and to the right of McAfee, meaning we continue to beat McAfee with better protection against malware. This also proves how our strategy of complete security, our strong market presence, and our reputation as trendsetters in the industry leaves McAfee far behind.
Info-Tech Research Group has ranked us Champions for the last three years, recognizing our superior products based on features, affordability, usability, and architecture. In addition, Info-Tech evaluates vendors for viability, strategy, reach and channel.
Fast on Macs
Here’s what a user from LowEndMac.com has to say about Sophos Endpoint Antivirus:
“With some antivirus suites for Windows you can really feel a difference in computer performance, sucking system resources and some even bring them down to a crawl. How does Sophos compare? I have been running Sophos on my 2009 MacBook running Mavericks for just over a week, and I haven’t noticed any performance drop since it has been installed.”
Read more about this review on our Sophos Blog.
Take a look at how we rank against other security vendors. Click the button below to download the Endpoint Buyers Guide.
Give Sophos a try
The best way to see how we perform is to give us a try. It’s easy to take a free trial of our Endpoint Antivirus. You can choose either on-premise or cloud deployment, and start your trial today.
You can read the original article, here.
Jan
Through the partnership, both parties aim to meet the increasing demand for SSL and other digital certificates requirements in the region through a range of dedicated enterprise solutions.
With over 55 percent growth in the SSL market during the last year (source: www.netcraft.com), the requirement for security in the Scandinavian region is at an all-time high. GlobalSign has been working with TrustZone for several years to encourage best practices for website security throughout this territory, issuing over 11,000 SSL Certificates through TrustZone, resulting in a significant acceleration in market growth of over 100 percent (source: www.netcraft.com). The partnership demonstrates both companies’ commitment in working together to enable customers to benefit from industry-leading SSL security solutions and in providing high levels of customer support, delivered directly by TrustZone at the local level.
The two organizations have joined forces to better serve the enterprise market in particular and are introducing GlobalSign’s leading Managed SSL and Enterprise PKI (ePKI) solutions to TrustZone’s customer base, enabling advanced on-demand management of a range of digital certificates. The scalability of both solutions gives large enterprises the ability to streamline workflows, whilst reducing the cost and time resources typically associated with digital certificate management and PKI deployments.
You can read the original article, here.
This isn’t entirely surprising as the FBI had issued a warning on Christmas Eve to media organizations about a new wave of phishing attacks associated with the infamous SEA. Skype has more than three million followers on Twitter, which indicates that, had the attackers wanted to send out malicious links or other dangerous content, this could have been a whole lot worse.
What I would like to know is why on earth a company social media profile with over three million followers would not be using two-factor authentication. Earlier this year Twitter rolled out an improved two-factor solution seemingly in response to previous attacks by the SEA. WordPress offers two-factor authentication and Facebook has supported two-factor authentication for a couple of years now, all in an attempt to prevent this exact type of attack.
Microsoft, would you care to explain why you apparently are not using it? We believe it is the responsibility of organizations with a large number of followers to do whatever they can to secure their profiles. We suppose this can be a lesson to the rest of us. Take advantage of the safety net of two-factor authentication whenever possible. While it may be less than perfect, so are you.
You can read the original article here.
“The new Sophos SG Series appliances are the fastest UTM and Next-Gen Firewall devices we’ve ever produced,” said Guenter Junk, Senior Vice President and General Manager, Network Security Group, Sophos. “They run our latest operating system, version 9.2, and are optimized to get the most out of latest performance innovations from Intel to ensure our customers and partners get an unrivalled performance and protection combination.”
The new SG Series includes models to meet the requirements of small offices to large, distributed enterprises. These 1U appliances are available today in the mid-range 200, 300 and 400 models. They all deliver over 10 Gbit/sec firewall throughput to easily handle the demands of multi-layered protection. The SG Series is the 6th generation of Sophos security gateways built on an Intel® architecture, to enable Sophos customers to quickly benefit from the frequent performance and protection enhancements. They utilize Intel® technologies including high-speed LAN interfaces, high volume Solid State Drives and AES-NI acceleration.
“By using Intel® Architecture, Sophos has been able to use the performance gains we’ve been able to deliver with the 4th Generation Intel Core processors which delivers improved software processing architecture,” said Bob Ghaffari, Director, Communications and Storage Infrastructure Division, Intel. “Sophos has been able to see dramatic performance improvements by unlocking Intel’s core processor capabilities to make fast, intelligent decisions.”
The SG Series run the latest Sophos UTM 9.2 operating system which features over 150 enhancements including new Advanced Threat Protection and SPX Email Encryption functionality. Designed to run on an Intel architecture, version 9.2 can also be deployed on Intel compatible servers as virtual appliances and in the cloud using Amazon Web Services.
Bruce Kneece, Chief Technology Officer at Convergent Information Security Solutions, said, “Our team was heavily involved in the UTM 9.2 beta program. From the outset we liked what we saw – added performance and simplicity across the board. Version 9.2 running on the SG Series hardware is a true winner. It’s easy for us to recommend it to our customers.”
Additional information on all of the features in Sophos SG Series appliances and Sophos network security solutions is available at: www.sophos.com/accelerated.
Jan
According to Gartner, Leaders are at the forefront of making and selling mobile data protection products that are built for enterprise business environments. The requirements necessary for leadership include a long-term road map that follows and/or influence Gartner, Inc’s vision of the developing needs of buyers in the market. Vendors in this quadrant lead the market by making their competitors’ sales staffs nervous and force competitors’ technical staffs to follow their lead. Their MDP products are well-known to clients and are frequently found on RFP shortlists.
“To be positioned as a leader for the past nine years is a testament to our product teams who continue to deliver innovative encryption and data protection products,” said John Shaw, Vice President for enduser security products at Sophos. “An aggressive roadmap, coupled with our plans to make it even simpler for small and medium sized businesses to protect their data by encrypting drives, files, cloud storage and mobile files invisibly, positions us for even more success in the months and years ahead.“
Sophos delivers leading solutions to help organizations protect critical assets. Sophos SafeGuard Enterprise protects data on desktops, laptops, removable media, file shares and to the cloud with proven, standards-based encryption—fully managed from one central console. Sophos also recently announced Sophos Mobile Control 3.5, the latest version of its award-winning mobile device management (MDM) solution, which now also supports iOS 7. Available both on-premise and as-a-service, Sophos Mobile Control 3.5 makes it simple for small and mid-market organizations to secure, monitor and control mobile devices.
Sophos was also positioned as a “Leader” in Gartner, Inc’s “2013 Magic Quadrant for Unified Threat Management.“
Embedded 4G model supporting 4G LTE for EU and worldwide GSM carriers and providing automatic fallback to 3G as needed. Technologies and frequency bands supported: 4G LTE (Band 1/3/7/8/20); WCDMA/HSDPA/HSUPA/HSPA+/DC-HSPA+ (900/2100 MHz).
You can read the original article here.
Saving your data and increasing your bottom line just got easier. Purchase a WD Arkeia backup appliance at a reduced price and get all licenses for popular software agents at no additional cost. The WD Arkeia bundle comes standard with software, hardware and one year of maintenance at up to 50% less than the competition.
Here’s what’s included:
- Software, hardware and one year of maintenance
- Virtualization agents: VMware and MS Hyper-V
- Microsoft hot-backup agents: MS SQL, Exchange, Active Directory & SharePoint
- Agents for MySQL, PostgreSQL and Oracle
- Agents for Novell GroupWise and eDirectory / NetIQ
- Hybrid-cloud backup replication
- End-to-End
- Encryption
- Bare metal restore for Linux and Windows
- Remote Storage Option and Shared Storage Option
WD Arkeia offers six backup appliance models including both desktop and rackmount options. See our full backup appliance range here.
This limited time offer ends September 21, 2014. Find more at http://info.arkeia.com/emea/bundle
Jan
Sophos currently offers an optimized AMI that is compatible with AWS cloud services. With this new hourly-based model, customers are able to take advantage of the many scaling, redundancy and elasticity features offered by AWS. Put simply, this approach lets customers access and securely defend their cloud resources with a solution optimized for the AWS environment.
“With AWS Marketplace, businesses can find, buy and deploy software that is optimized for Amazon EC2, allowing them to focus on delivering business results faster and at a lower cost,” said Sajai Krishnan, GM, AWS Marketplace. “We’re excited to add the Sophos UTM to AWS Marketplace, as we believe its new on-demand hourly pricing allows customers to utilize this advanced network security solution with the elasticity and ease-of-use they want in the cloud.“
“As a long-standing security provider, we know about the many benefits that Amazon Web Services provides, especially to SMBs that have adopted the cloud,” said Angelo Comazzetto, Senior Product Manager, Sophos. “We pride ourselves on developing complete security offerings that are simple to use, and with this offering, companies can better defend their cloud security resources with layers of security provided by Sophos UTM. We are excited to enable this unique offering in the AWS Marketplace.”
For additional information on Sophos’ UTM offerings, please click here.
Jan
Of 2,000 respondents surveyed globally, 58 percent confirmed that management does not see cyber attacks as a significant risk to their business. Despite this, IT infrastructure and asset security incidences, as well as wider security related disruptions, were found to have cost these SMBs a combined average of $1,608,111 over the past 12 months.
The research, sponsored by Sophos, also identified that the more senior the position of the decision maker in the business, the more uncertainty there was surrounding the seriousness of the potential threat.
“The scale of cyber attack threats is growing every single day,“ said Gerhard Eschelbeck, Chief Technology Officer for Sophos, “yet this research shows that many SMBs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture.”
According to the research, there are three main challenges preventing the adoption of a strong security posture: failure to prioritize security (44 percent); insufficient budget (42 percent); and a lack of in-house expertise (33 percent). In many SMBs there is also no clear owner responsible for cyber security, which often means it falls into the purview of the CIO.
“Today in SMBs, the CIO is often the “only information officer”, managing multiple and increasingly complex responsibilities within the business,” said Eschelbeck. “However, these “OIOs” can’t do everything on their own and as employees are demanding access to critical apps, systems and documents from a diverse range of mobile devices, it would appear security is often taking a back seat.”
The study also reveals uncertainty around whether ‘Bring Your Own Device’ policies (BYOD) and the use of the cloud are likely to contribute to the possibility of cyber attacks. Seventy-seven percent of respondents said the use of cloud applications and IT infrastructure services will increase or stay the same over the next year, yet a quarter of those surveyed indicated they did not know if this was likely to impact security.
Similarly, 69 percent said that mobile access to business critical applications would increase in the next year, despite the fact that half believe this will diminish security postures.
“Small and midsize organizations simply cannot afford to disregard security,” said Larry Ponemon, president of the Ponemon Institute. “Without it there’s more chance that new technology will face cyber attacks, which is likely to cost the business substantial amounts. CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. The industry needs to recognize the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures.”
The study targeted SMBs in the United States, United Kingdom, Germany and Asia-Pacific (Australia, India, China and Singapore) to better understand how such organizations are managing security risks and threats. Key findings of the study include:
- Fifty-eight percent of respondents say management does not see cyber attacks as a significant risk.
- One-third of respondents admit they are not certain if a cyber attack has occurred in the past 12 months. Forty-two percent of respondents said their organization had experienced a cyber attack in the past 12 months
- Respondents in more senior positions have the most uncertainty about the threats to their organizations, indicating that the more removed the individual is from dealing on a daily basis with security threats, the less informed they are about the seriousness of the situation and the need to make it a priority.
- CISOs and senior management are rarely involved in decisions regarding IT security priorities. While 32 percent say the CIO is responsible for setting priorities, 31 percent say no one function is responsible.
- Forty-four percent of respondents report IT security is not a priority. As evidence, 42 percent say their budget is not adequate for achieving an effective security posture. Compounding the problem, only 26 percent of respondents say their IT staff has sufficient expertise.
- Respondents estimate that the cost of disruption to normal operations is much higher than the cost of damages or theft of IT assets and infrastructure.
- Mobile devices and BYOD are much more of a security concern than the use of cloud applications and IT infrastructure services. However, these concerns are not preventing extensive use and adoption of mobile devices, especially personal devices.
Uncertainty about their organization’s security strategy and the threats they face varies by industry:
- Respondents in financial services have more confidence, which can probably be attributed to the numerous data protection regulations.
- The technology sector is also more security aware, which is probably due to the IT expertise that exists in these organizations.
- Retailing; education and research; and entertainment and media have the highest level of uncertainty about their organization’s security strategy and the threats they face.
Recommendations:
- Organizations need to concentrate resources on monitoring their security situation in order to make intelligent decisions. While assessing where they stand on the security continuum, organizations need to focus on monitoring, reporting and proactively detecting threats.
- Establish mobile and BYOD security best practices. Carefully plan and implement a mobile strategy so that it doesn’t have an impact on the overall security posture.
- Organizations should look for ways to bridge the gap created by a shortage of information security professionals. Consider ways to free-up time for in-house resources, including a move to cloud technologies, security consulting and easy-to-manage solutions.
- Measure the cost of cyber attacks, including lost productivity caused by downtime. Work with senior management to make cyber security a priority and invest in solutions that restore normal business activity more quickly for a high return on investment.
- Organizations in all sectors are regularly breached and regulations are often simply the beginning of properly securing a network. Consider consolidated security management to gain a more accurate picture of threats that will help focus on problem areas.
A full copy of the Ponemon Institute study: The Risk of an Uncertain Security Strategy, is available here.
Jan
Unfortunately, these companies don’t provide complete end-to-end encryption, and there are many loopholes the NSA, or cybercriminals, can slip through.
That’s why an encryption solution that protects data everywhere — in emails, on disk, or in the cloud — is essential. In this short video, we explain how you can get security and performance; plus how you can manage native encryption on Macs and Windows PCs, while also protecting data everywhere it resides.
James Lyne, global head of security research at Sophos, explains that many companies aren’t using encryption for fear of slowing users down. With Sophos, you don’t have to worry about encryption impacting performance, James says.
The new SafeGuard Enterprise solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff can easily share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent.
For more information about how to manage native encryption on Windows PCs with SafeGuard Enterprise, you can download our free whitepaper – Managing BitLocker With SafeGuard Enterprise (registration required).
What’s New in SafeGuard Enterprise 6.1
- With SafeGuard Enterprise you can manage Microsoft BitLocker for Windows or Apple FileVault 2 for Mac from a single console.
- Now with support for Windows 8, and file and disk encryption on Macs, SafeGuard covers more operating systems and platforms.
- Simplified keyring creation grants you seamless, centralized management. With this newest release, you can save time with our key ring creation that requires no repeat login.
- Centrally manage full-disk encryption and file encryption, wherever data is stored: removable media, network file shares and even in the cloud.
- Get up-to-date security status for all your devices with reporting and auditing that lets you monitor and enforce compliance with internal policies and external regulations.
You can read the original article here.
Jan
Sophos is the only IT security company to be positioned as a Leader across three critical security areas: Unified Threat Management (UTM), Mobile Data Protection and Endpoint Protection Platforms. “We believe it is a privilege to receive recognition from Gartner. The momentum in our UTM business is truly exciting,” said Bryan Barney, General Manager, Network Security Group, Sophos.
“Most notably, in the past year we’ve released our SG Series appliances, the fastest UTM devices we’ve ever produced and expanded the UTM protection we offer with our new cloud-based sandboxing, integrated mobile device management and really simple to use email encryption. Smaller businesses need effective security that is easy to use and that’s exactly what we provide. And it’s why we’re seeing more and more partners and customers switching to Sophos for their UTM and Next-Gen Firewall needs.”
In the most recent quarter of trading, April to June 2014, Sophos recorded a 27 percent increase in UTM sales, and a 33 percent increase in new customer business for UTM. This demonstrates the significant share gains the company is making; Sophos’ network security business now accounts for billings in excess of $150 million — with tremendous growth across North America, Asia Pacific and EMEA, among other regions. Additionally, the company’s “channel first” focus continues to deliver success with the signing of several new strategic channels to market such as the recently agreed distribution deal with Ingram Micro in North America. Sophos now has over 25,000 UTM channel partners worldwide, with the number of partners growing at over 20 percent a year.
According to Gartner, “the Leaders quadrant contains vendors at the forefront of making and selling UTM products that are built for midsize-business requirements. The requirements necessary for leadership include a wide range of models to cover midsize-business use cases, support for multiple features, and a management and reporting capability that’s designed for ease of use.
Vendors in this quadrant lead the market in offering new safeguarding features, and in enabling customers to deploy them inexpensively without significantly affecting the end-user experience or increasing staffing burdens. These vendors also have a good track record of avoiding vulnerabilities in their security products. Common characteristics include reliability, consistent throughput, and products that are intuitive to manage and administer.”
To download a complimentary copy of this report, click here.
You can read the original article, here.
Jan
“On June 19th we uncovered, halted and contained a targeted attack on our internal network infrastructure. Our systems have been cleaned and there is no evidence of any user data being compromised. We are working with the relevant authorities to investigate its source and any potential further extent. We will let you know if there are any developments. The current evidence suggests a limited impact. The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser. It is possible that a few thousand Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19th, may automatically have received and installed the malicious software. To be on the safe side, we will roll out a new version of Opera which will use a new code signing certificate“.
The conclusions we reached, based on the announcement above, were:
- The network was breached.
- A code-signing key was stolen.
- Malware has been signed with it and circulated.
- At least one infected file was posted on an Opera server.
- That file may have been downloaded and installed by Opera itself.
- Cleanup and remediation has now been done at Opera.
- That sounds a bit more like Security breach not stopped.
- How else could a signed-and-infected file have been automatically downloaded by an already-installed instance of Opera? Anyway, wouldn’t Opera’s auto-update have failed or produced a warning due to the expired certificate? Until Opera has worked out the answer to these questions, Opera users probably want to assume the worst.
The good news is that the malware involved is widely detected by anti-virus tools, and the period of possible exposure via Opera itself was at most 36 minutes.
→ According to Opera, Sophos products block the offending file as Mal/Zbot-FG.
So, if you are an Opera for Windows user:
- Download a fresh copy of the latest version (since the buggy download appears to be a thing of the past).
- Make sure your anti-virus is up to date.
- If you can spare the time, do an on-demand (“scan now”) check of your computer.
- If we find out more detail about whether malware was distributed by existing Opera installations or not, we’ll let you know.
You can read the original article, here.
The Federal Communications Commission reports that mobile phone theft constitutes 30-40% of all robberies across the United States, a crime that cost US citizens $30 billion in 2012. In the Senator’s own state of California such thefts are even more prevalent, accounting for over 50% of street robberies, Los Angeles alone has seen a 12% increase in smartphone thefts over the last year. If the kill switch legislation is passed, carriers will be able to remotely send a message to any device that has been reported as either lost or stolen. That message would trigger the device to ‘brick’ itself, effectively making it useless, and a far less appealing option for would-be thieves. With a few exceptions, most phones do not offer any form of remote deactivation at this time which makes them especially appealing to thieves who can snatch and sell them on in a very short period of time.
One manufacturer that does offer deactivation is Apple, though Gascón would like to see such a feature become the default rather than an option: “Apple should be commended for leading the way and making efforts to safeguard their customers, but it is still too early to tell how effective their solution will be. Until Activation Lock is fully opt-out, it appears many iPhone owners will not have the solution enabled. This leaves iPhone users at risk as thieves cannot distinguish between those devices that have the feature enabled and those that do not”.
Gascón, along with New York Attorney General Eric Schneiderman, have asked mobile phone manufacturers to propose methods of curtailing the theft of smartphones. Having presented the tech companies with a June 2014 deadline, Gascón said: “I appreciate the efforts that many of the manufacturers are making, but the deadline we agreed upon is rapidly approaching and most do not have a technological solution in place. Californians continue to be victimized at an alarming rate, and this legislation will compel the industry to make the safety of their customers a priority”.
The bill will be formally introduced in January 2014.
The readers who wish to protect their Android devices in case of loss or theft can install Sophos’s free Antivirus and Security app which includes the following features:
- Supports remote commands for Wipe, Lock, Alarm, Locate, Reset passcode and Message to finder
- Reporting of the device location before the battery runs out
- Notification if the SIM card is replaced
You can read the original article here.