Service providers need higher level of encryption support

“If you look at one of our typical deployments, yes, they want security, they want SSL, but the numbers they support are in the thousands,” he said. “It’s nothing compared to a business model that is supporting millions of users. When we are talking to these SaaS providers, it’s a whole new level of value proposition” and a market segment that Array wants to target. 

With the new encryption standard requiring almost five times the computational power as 1,024-bit encryption, more robust ADCs are a necessity, he said. SaaS provider YourMembership.com is using Array’s 5600 platform to beef up its capacity and throughput, said Chief Technology Officer Hutch Craig. The St. Petersburg, Fla.-based SaaS provider serves more than 2,300 associations with its menu of back-office services, reaching more than 20 million users. A lot of the provider’s traffic requires secure processing, Craig said; everything from e-commerce to dues information and other sensitive data. 

YourMembership.com deployed a pair of ADCs for failover protection at a data center in Orlando, Fla. They replaced two older Array ADCs that were running at more than 50% utilization each because of the volume of transactions they had to process. “Things were getting really tough on them; the 5600s are unbelievable,” Craig said. “Everything is funneled through the ADC, from the API to the actual front-end offering. We have millions of [end users] and tens of thousands of administrators that go into the box.”

• Craig said the 5600’s SSL acceleration capabilities were a key attribute. In YourMembership.com’s case, the processor-intensive steps needed to handle public-key encryption algorithms are handed off to a hardware accelerator, although the ADC has the ability to process SSL transactions without the use of separate servers.

• More traffic headed in 2014

• YourMembership.com will increase the amount of traffic routed through the Array ADCs next year as part of a plan to consolidate all of its data center operations in Orlando, Craig said. Right now, the provider has a data center in Austin, Texas, that serves clients YourMembership.com inherited as part of its 2012 acquisition of rival Affiniscape.  

• Craig said YourMembership.com will phase out the Austin data center and route all traffic to Orlando and the 5600s by next spring. Andersen said SaaS providers are a logical target for his company’s ADCs, which are priced from 30% to 40% below competitors’ similarly equipped models. 

• “They have to support a lot more customers and they also have to be on a higher standard of SSL. At the same time, they can’t afford to pay through the nose for ADC hardware,” Andersen said.
  The 5600 is priced beginning at $28,995; models that support hardware SSL acceleration begin at $37,995.

• In addition to the 5600, Array beefed up two other models to handle the new encryption standards. The 2600 can process up to 5,000 SSL transactions per second, while the high-end 10650 can handle up to 70,000 transactions per second. All of the devices are engineered with 10 Gigabit Ethernet connectivity and multicore processing with throughput ranging from 10 Gbps to 120 Gbps, depending on the model.

You can read the original article here.

Quantum computing hinges, very broadly, on allowing individual bits (called qubits) to contain superimposed values of zero and one, vastly increasing computing power. Its implications for cryptography, medicine, and research have made it a major goal for public services and private industry alike: DARPA has devoted years of funding to quantum computing research, and Google launched its own “Quantum Artificial Intelligence Lab” last year.

But while qubits have been stored for a limited period of time under certain conditions, and specialized machines have been built using quantum technology, that’s not enough for practical code-breaking applications. Last year, for example,The Economist all but ruled out the possibility that the NSA had a crypto-ready quantum computer.

The NSA’s program, part of the larger intelligence community “Black Budget,” doesn’t actually task anybody with building a quantum computer. According to the memo, it asks researchers to “conduct basic research in quantum physics and architecture/engineering studies to determine if, and how, a cryptographically useful quantum computer can be built.” So while the grant fits with the NSA’s general mission — and quantum computing could one day pose a real threat to present-day encryption methods — it’s a lot more theoretical than the agency’s ability to, say, seed malware to computers from miles away.

You can read the original article here.

What’s a CSR?

If you have ordered an SSL Certificate before, you were most likely asked to provide a CSR. The CSR is used to deliver the public key that your server will use to identify itself. Generating a CSR can be a hurdle for non-technical staff that aren’t always familiar with the command lines that need to be created and today still remains a time-consuming process even for more experienced users.

CSR Creation Made Easy

Our new CSR creation tool makes it easy to generate the CSR for your server by simply inputting your certificate information (e.g. domain name, organization details, etc.) in the fields provided. The tool will automatically generate the command lines required to create the CSR on your webserver, so you don’t need to write them yourself.

The CSR tool provides command lines for most popular webservers, including OpenSSL, Exchange 2007, IIS and F5 Big-IP.

Bonus Features: Advice on Best Practices

To ensure your SSL Certificates are compliant with the latest security best practices, the CSR tool automatically defaults to the most secure algorithm (RSA) and only offers key length options in line with the latest CA/B Forum guidelines (2048 bit minimum).
Use The Tool

The CSR tool is available in multiple languages at https://csrhelp.globalsign.com and includes support information and FAQs for additional help with the CSR generation process. Secure you website today with SSL the easy way.

You can read the original article here.

The infected ads were served to visitors of the Yahoo homepage over a four-day period last week. Some of the malware that was served up could turn the infected computers into Bitcoin miners.  The malware that Yahoo unknowingly served up attacked flaws in Java on the victim machines. Yahoo says that the malware was served up from December 31 to January 3 on its European sites. 

Yahoo is being criticized for not doing anything to help the owners of computers infected with malware served from its site.

The web company has promised to monitor and block any ads being used for serving malware. Estimates are that around 27000 infections resulted every hour the ads containing the malware were served. Some malware installed by the rogue ads also installed ZeuS, which tries to steal banking information.

You can read the original article at SlashGear.

Syrian Eagle told Mashable that Microsoft deserves what it got because it’s hawking data to US snoops and multiple governments. The SEA will publish proof of the allegations, Syrian Eagle said: “Microsoft is monitoring emails accounts and selling the data for the American intelligence and other governments. And we will publish more details and documents that prove it. Microsoft is not our enemy but what they are doing affected the SEA.”

On Saturday, the pro-Assad group took over the @MSFTnews and @XboxSupport Twitter accounts and posted various messages hashtagged “SEA”, according to Mashable. One read: “Don’t use Microsoft emails (Hotmail, outlook), They are monitoring your accounts and selling the data to the governments.” The takeovers appear to have been brief: the messages are no longer live, and a Microsoft spokesperson sent this statement to The Register: “Microsoft is aware of targeted cyberattacks that temporarily affected the Xbox Support and Microsoft News Twitter accounts. The accounts were quickly reset and we can confirm that no customer information was compromised.”

The attackers also Tweeted a screenshot of what appears to be a takeover of The Official Microsoft Blog at blogs.technet.com. Microsoft didn’t put out a statement about the alleged attack, but Mashable says its reporters saw it in action and confirmed that it lasted about an hour. Mashable also posted a screenshot showing multiple “Syrian Army Was Here” messages on the defaced site.

Others reported that the blog was either forcing a redirect to the SEA’s site or displaying the defaced blog. At any rate, the blog is now under the company’s control. Microsoft responded to the SEA charges about monitoring email by sending this statement to Mashable: “We’re actively investigating issues and are focused on protecting our employees and corporate network. Microsoft is sometimes obligated to comply with legal orders from governments around the world and provides customer data only in response to specific, targeted, legal demands”.

You can read the original article here.

James Lyne, Global Head of Security Research, Sophos, said: “Sophos has partnered with Government to support Cyber Streetwise because we believe it’s imperative for both consumers and small businesses to take action to protect themselves online.”

“Consumers and SMEs alike are finding new ways to interact online, including via a greater range of devices, but with this enhanced technology comes risk. SophosLabs finds over 30,000 new infected websites distributing malware every day and, contrary to popular belief, the majority – around 80% – are legitimate small business websites that have been hacked. It’s therefore vital that small businesses in particular get the basics of security right – from installing antivirus to regularly updating and patching software, using complex passwords and protecting data.”

The Cyber Streetwise website – www.cyberstreetwise.com – offers a range of interactive resources for SMEs and consumers to gain impartial advice on how to protect themselves online. Sophos, which has provided security expertise and content for the Cyberstreetwise site, is also pushing visitors from its own dedicated web page – www.sophos.com/cyber-street – to the Cyber Streetwise website.

James Lyne continued: “Those who don’t put basic security measures in place are leaving themselves exposed to attackers capable of silently installing malicious code on their systems without permission. We are proud to have been asked to support and to provide content for Cyber Streetwise, which will play a vital role in encouraging businesses and consumers to adopt safer behaviours online and to take the fight to cyber criminals by improving their online security.”

Cyber Streetwise is urging people to take five actions in order to protect themselves and others from cyber crime:

1. use strong, memorable passwords
2. install anti-virus software on new devices
3. check privacy settings on social media
4. shop safely online – always ensuring to check online retail sites are secure
5. download software and application patches when prompted

You can read the original article at here.

Sophos President and CEO Kris Hagerman said, “Sophos is thrilled to join the many other technology leaders that call Silicon Valley home. A meaningful presence in Silicon Valley gives us a golden opportunity to capitalize on the technology trends and partnership opportunities that are so abundant in this area. Silicon Valley is a renowned global center for the disruptive innovation, top talent and strategic relationships that will help propel Sophos to the next level.”

Mike Valentine, senior vice president of worldwide sales and channel, said, “Sophos is a global company with global reach. Given our ‘Channel First’ sales strategy, it’s important that we have a strong physical presence in the areas that will drive the greatest opportunities. This is why we’ve expanded to the Bay Area, adding it to the other 40 offices we maintain around the world. Sophos is building a market-leading channel program, constantly recruiting and enabling top-notch partners to join our team. This new office provides more evidence of our growing investment in the North America IT security market.”

Meanwhile, the Sophos product development engine continues to hum. The company recently announced Sophos Cloud, an easy to deploy and simple to manage cloud-based service for endpoint protection. The latest version of Sophos Mobile Control delivers best-in-class mobile device management (MDM), enabling organizations of all sizes to use mobile devices such as iPhone, iPad, Android and Windows Phones, to get work done – simply, securely and reliably.

The company also continues to attract top industry talent, including John Keenan as vice president of North America Sales, Mary Winfield as senior vice president of Support, and Dan Schiappa as senior vice president and general manager of the Sophos End User Security Group.

You can read the original article here.

iMeter can monitor up to 496 of the following sensors from a single IP address:

• Current (Amps) using our unique intelliAmp® current sensor (pictured above)
• Voltage
• Temperature
• Humidity
• Airflow
• Water Leak
• Security (door contact or motion)
• Smoke

The unique combination of the sensors on offer means that IT and Facilities personnel can analyse the relationships between power usage, airflow and temperature to help assist data centre management decisions relating to cost control and reduction. The design of the Jacarta Go-Probe sensors enables the complete system to be implemented with zero downtime. The intelliAmp® current sensor can be clipped to the outside of 16 and 32 Amp power cables to monitor the True RMS current draw of single phase racks without any need to disrupt the power flowing into those racks.

interSeptor iMeter® can either be integrated into SNMP network management systems or, alternatively, Jacarta’s powerful iMS software can be used to monitor, log and report on iMeter sensor activity. The overall iMeter package offers a no-fuss, non-disruptive way of implementing an effective power monitoring solution that can influence and assist data centre efficiency decisions for years to come.

interSeptor iMeter Key Benefits:

• Modular system for easy implementation and budget-matching
• Zero downtime required for installation
• Quickly and easily compare power usage between data centre racks
• Track power efficiency improvements over time
• Use iMeter on-board logs or iMS software to identify where power savings can be made
• Monitor and assess the relationships between temperature, airflow and power usage to improve data centre efficiency
• Solution ensures that, in the unlikely event of sensor failure, there is no disruption to the power supply into your racks
• Integrated environmental and power monitoring ensures alerts can be received quickly to help prevent data centre catastrophe
• An array of additional features such as virtual sensor integration, modbus, SMS and voice alerts (with optional modem), etc. help to ensure that the iMeter can accommodate a broad variety of power and environmental monitoring requirements

You can read the original article here.

Embedded 4G model supporting 4G LTE for EU and worldwide GSM carriers and providing automatic fallback to 3G as needed. Technologies and frequency bands supported: 4G LTE (Band 1/3/7/8/20); WCDMA/HSDPA/HSUPA/HSPA+/DC-HSPA+ (900/2100 MHz).

 You can read the original article here.

Once Microsoft officially ends support for XP on Patch Tuesday in April (the last security update for XP), there will be no new security updates, non-security fixes, assisted support options, or online technical content updates from Microsoft.

That means that XP users, even those with anti-malware protection from Microsoft or security vendors, will face significantly higher security risks after the end of support. As Microsoft said in its announcement, “Our research shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited.”

To ease the burden of upgrading, Sophos will officially support Windows XP Service Packs 2 and 3 until at least September 30, 2015; and Windows Server 2003 until at least January 31, 2017. See our support knowledgebase for a complete platform support list.

Upgrading to newer Windows operating systems is causing plenty of problems for specialized systems, including for point-of-sale (POS) registers, medical devices, and even ATMs. For those using “embedded” versions of XP on specialized equipment, we recommend isolating these machines and restricting access to non-essential functions using application control available in next-gen firewalls.

In most cases, however, it’s time to upgrade. As Naked Security expert Paul Ducklin writes, Microsoft’s extended anti-malware support doesn’t really change much. “Windows XP will still officially fall off the edge of the world in April 2014 when Microsoft ends support,” Paul writes.

You can read the original article here.

As we explain below, next-generation firewalls are typically defined as firewalls enhanced with intrusion prevention and application intelligence. On the other hand, UTM systems include those features—plus additional technologies such as email security, URL filtering, wireless security, web application firewalls and virtual private networks (VPNs). In this view, UTM systems include NGFWs as components.

Manager’s guide to UTM and next-gen firewalls

UTM systems are among the most widely used tools in the information security arsenal. The concept of unified threat management is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor.
IT managers evaluating UTMs need clearly defined criteria to choose the right protection.

You may wonder: Is a UTM solution right for my organization? What security features are most important? What other issues need to be considered, such as ease of management and support for remote users?

Download our free guide to get the answers to these questions: A Manager’s Guide to Unified Threat Management and Next-Gen Firewalls. (Registration required).

You can read the original article here.

One of our SophosLabs researchers, Anna Szalay, made an interesting discovery recently: a new type of Android malware that slips in through a security hole in the USB debugging feature that allows developers to modify their Android devices. Naked Security expert Paul “Duck” Ducklin reports that this malware can intercept your SMS text messages to steal bank transaction details.

Duck explains in his post that intercepting SMSes from your Android phone allows the attackers to steal information they can use to access, for example, your email accounts or bank accounts:

The crooks want to infect you with malware that knows how to intercept incoming SMSes and redirect their content elsewhere. You can see where this is going: mobile malware that reads your SMSes before you do can steal important data such as the two-factor authentication (2FA) codes sent by your email provider or your bank, giving cybercriminals a way into your account despite the extra layer of protection in place.

SophosLabs detects this SMS-stealing malware as Andr/FakeKRB-H. As Duck explains, this malware gets onto your Android in a multi-step process that starts with your device getting infected by a crafty piece of Windows malware that sneaks in through the USB connection between your Android and a PC. This “helper” malware is a downloader detected by SophosLabs as Troj/DwnlAPK-A.

If you connect your Android to a PC infected by Troj/DwnlAPK-A, the malware sneaks in under the guise of files that “appear to be regular, clean files that enable full USB-to-phone connectivity on Samsung and LG devices,” Duck writes.

Then, once the downloader is installed, it loads the Android malware onto your device in what appears to be an app disguised as a Google-imitating “Google App Store” (the real Google store is simply called “Play Store”).

This is a good reminder that the bad guys continue to develop inventive ways of compromising our security to get at our most valuable data. Read the article at Naked Security to learn more about this malware and how to block it with security settings on your Android.

You can read the original article here and here.

With version 6.1 we’re addressing the two biggest issues in encryption – performance and usability – by leveraging native operating system (OS) encryption for better performance; and delivering multi-platform management across all devices and cloud environments.

SafeGuard Enterprise also solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff are now able to share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent.

Managing multiple devices no longer means managing multiple consoles, so IT can fully embrace encryption to support their users. The Sophos encryption approach enables users to safely work the way they need to – sharing files between users, partners and customers via the cloud and the devices they use.

Sophos is the only vendor to offer native device encryption, cloud, mobile, removable and file share encryption in one centrally managed solution, providing unmatched security, performance, and an intuitive user experience.

What’s New in SafeGuard Enterprise 6.1

• With SafeGuard Enterprise you can manage Microsoft BitLocker for Windows or Mac FileVault 2.
• Now with support for Windows 8, and file and disk encryption on Macs, SafeGuard covers more operating systems and platforms.
• Simplified keyring creation grants you seamless, centralized management. With this newest release, you can save time with our keyring creation that requires no repeat login.
• Use a single console to manage full-disk, removable media, file-share, and cloud storage encryption
• Get up-to-date security status for all your devices with reporting and auditing that lets you monitor and enforce compliance with internal policies and external regulations.

You can sign-up for a free 30-day trial here.

You can read the original article here and here.

The current total of 650,000+ pieces of Android malware is up by approximately 600% from last January. Check out our mobile malware timeline below for our picks for the most important developments of the past decade, from the birth of mobile malware to today.

Mobile Security Threat Report

It’s been 10 years since the first mobile malware appeared. To mark this dubious anniversary, we’ve produced our first Mobile Security Threat Report. Download the report at sophos.com/mobilethreatreport to see how mobile threats have evolved, and to learn how best to protect yourself and your organization.

Get the free app: Sophos Mobile Security for Android

Sophos Mobile Security is a robust yet lightweight app that protects your Android devices without compromising performance or battery life. Using up-to-the-minute intelligence from SophosLabs, it automatically scans apps as you install them. Other features include a privacy advisor, encryption, and per-app password protection that you can set up for sensitive apps like your email. We’ve received several awards and many great reviews for Sophos Mobile Security, which has been downloaded more than 100,000 times from Google Play.

You can read the original article here.

One area that is becoming increasingly popular with many users is Security. The equipment in Data Centres and Server Rooms is extremely valuable, and that information stored within those environments is often priceless. Jacarta’s solutions can monitor security in a number of ways using various sensors and products:

Security Sensor – The standard Security Sensor is a magnetic reed type sensor that can be used to send an alarm in the event of a door or window being opened.

Vibration Sensor – The Vibration Sensor is often fitted to glass panels and doors where forced entry is possible. As soon as vibration is detected – the sensor will trigger an alert.

PIR Sensor – Using Infra-Red technology, the PIR sensor will alert users to movement within the monitored environment.

The security sensor, vibration sensor and PIR sensor are all part of Jacarta’s Go-Probe sensor range and are therefore compatible with all of the company’s monitoring devices. To view the Go-Probe Sensor literature click here.

JCAM IR IP Camera – Installing a surveillance system can be beneficial in a number of ways. As well as providing a visual deterrent Jacarta’s IP Camera can also be used to monitor staff activity and provide evidence in the case of criminal activity. JCAM IR has a range of key features including night vision and motion sensing. View the product literature here.

The survey was organised by the University of Kent’s Interdisciplinary Research Centre in Cyber Security, by a team composed of both computer scientists and psychologists, and conducted using Google’s Consumer Surveys platform. As the authors of the report caution their readers, the survey covered a relatively small number of people – just over 1,500 UK adults. That leaves it open to inaccuracies for all sorts of reasons, including sampling bias due to the kinds of people drawn to responding to online surveys, but the results seem dramatic enough to be more than just an anomaly. Other data picked up by the survey seems fairly predictable. Around two-thirds of us feel at risk from cybercrime, just over 1 in 4 have been the victim of some sort of “cyber-dependent crime” in the last year, with malware (11.9%) and phishing (7.3%) the main culprits. 1 in 10 has been exposed to online bullying, harassment or stalking.

If the rate of malware infections seems a little higher than we normally see in surveys of this nature, that could well be down to the high levels of CryptoLocker and other ransomware included in those figures. 9.7% of people claimed they had been infected by ransomware of some kind, with CryptoLocker specifically named in the survey question and making up around a third of all reported infections.

Survey data always has a problem in that it’s only as accurate as the knowledge (and honesty) of the people being surveyed. Malware, for the most part, aims to avoid revealing its presence to its victims, sometimes going to great lengths to do so. So when you ask someone if they have ever been hit by malware, and their response is a strong and definite “no”, that answer should always be viewed sceptically. How can they possibly know? Proving a negative is not easy in the best of circumstances, and being certain something hasn’t happened simply because you haven’t noticed it happen is particularly difficult when the thing you haven’t noticed is specifically designed to be secretive and stealthy. Have you ever been spied on from a distant rooftop? No? Can you really be sure of that?

Unlike most malware though, CryptoLocker and other ransomware attacks make no secret of their presence, indeed their main intention is to make it very plain to their victims that they have been infected. So it could be that what we’re seeing here is not a change in the total level of malware going around, simply a change in the visibility of it to the general public.

Only a third have firewalls, and perhaps that is no bad thing. Other details emerging from this same survey include less than half of respondents using up-to-date anti-malware, just over a third implementing firewalls, and a little less than that exercising sensible password hygiene. Maybe a little more visibility will finally make the general public start sitting up and paying more attention to the risks of malware and other online threats. At the moment, it seems like we’re still mostly either ignorant or in denial, right up until something nasty infects our machine and nabs our data, or encrypts it and demands a ransom. That so many people pay up is not much of a surprise either. Like other security basics, it looks like proper backing up of sensitive or precious files is a rare thing.

Victims forced to pay up include police departments and law firms, with ransomware threats clearly targeting small businesses where proper security practices such as backups are more likely to be lacking. These shortcomings may have been hidden in the past, but now they are being forced into the spotlight, and the shock may just jolt people into giving the right priority to their security needs.

Here are five “top tips” for keeping safe against malware in general, and cyberblackmailers in particular:

• Keep regular backups of your important files.
• Use an anti-virus, and keep it up to date.
• Keep your operating system and software up to date with patches.
• Review the access control settings on any network shares you have.
• Don’t give administrative privileges to your user accounts.

You can read the original article here. More information about CryptoLocker here.