iMeter can monitor up to 496 of the following sensors from a single IP address:

• Current (Amps) using our unique intelliAmp® current sensor (pictured above)
• Voltage
• Temperature
• Humidity
• Airflow
• Water Leak
• Security (door contact or motion)
• Smoke

The unique combination of the sensors on offer means that IT and Facilities personnel can analyse the relationships between power usage, airflow and temperature to help assist data centre management decisions relating to cost control and reduction. The design of the Jacarta Go-Probe sensors enables the complete system to be implemented with zero downtime. The intelliAmp® current sensor can be clipped to the outside of 16 and 32 Amp power cables to monitor the True RMS current draw of single phase racks without any need to disrupt the power flowing into those racks.

interSeptor iMeter® can either be integrated into SNMP network management systems or, alternatively, Jacarta’s powerful iMS software can be used to monitor, log and report on iMeter sensor activity. The overall iMeter package offers a no-fuss, non-disruptive way of implementing an effective power monitoring solution that can influence and assist data centre efficiency decisions for years to come.

interSeptor iMeter Key Benefits:

• Modular system for easy implementation and budget-matching
• Zero downtime required for installation
• Quickly and easily compare power usage between data centre racks
• Track power efficiency improvements over time
• Use iMeter on-board logs or iMS software to identify where power savings can be made
• Monitor and assess the relationships between temperature, airflow and power usage to improve data centre efficiency
• Solution ensures that, in the unlikely event of sensor failure, there is no disruption to the power supply into your racks
• Integrated environmental and power monitoring ensures alerts can be received quickly to help prevent data centre catastrophe
• An array of additional features such as virtual sensor integration, modbus, SMS and voice alerts (with optional modem), etc. help to ensure that the iMeter can accommodate a broad variety of power and environmental monitoring requirements

You can read the original article here.

Embedded 4G model supporting 4G LTE for EU and worldwide GSM carriers and providing automatic fallback to 3G as needed. Technologies and frequency bands supported: 4G LTE (Band 1/3/7/8/20); WCDMA/HSDPA/HSUPA/HSPA+/DC-HSPA+ (900/2100 MHz).

 You can read the original article here.

Once Microsoft officially ends support for XP on Patch Tuesday in April (the last security update for XP), there will be no new security updates, non-security fixes, assisted support options, or online technical content updates from Microsoft.

That means that XP users, even those with anti-malware protection from Microsoft or security vendors, will face significantly higher security risks after the end of support. As Microsoft said in its announcement, “Our research shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited.”

To ease the burden of upgrading, Sophos will officially support Windows XP Service Packs 2 and 3 until at least September 30, 2015; and Windows Server 2003 until at least January 31, 2017. See our support knowledgebase for a complete platform support list.

Upgrading to newer Windows operating systems is causing plenty of problems for specialized systems, including for point-of-sale (POS) registers, medical devices, and even ATMs. For those using “embedded” versions of XP on specialized equipment, we recommend isolating these machines and restricting access to non-essential functions using application control available in next-gen firewalls.

In most cases, however, it’s time to upgrade. As Naked Security expert Paul Ducklin writes, Microsoft’s extended anti-malware support doesn’t really change much. “Windows XP will still officially fall off the edge of the world in April 2014 when Microsoft ends support,” Paul writes.

You can read the original article here.

As we explain below, next-generation firewalls are typically defined as firewalls enhanced with intrusion prevention and application intelligence. On the other hand, UTM systems include those features—plus additional technologies such as email security, URL filtering, wireless security, web application firewalls and virtual private networks (VPNs). In this view, UTM systems include NGFWs as components.

Manager’s guide to UTM and next-gen firewalls

UTM systems are among the most widely used tools in the information security arsenal. The concept of unified threat management is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor.
IT managers evaluating UTMs need clearly defined criteria to choose the right protection.

You may wonder: Is a UTM solution right for my organization? What security features are most important? What other issues need to be considered, such as ease of management and support for remote users?

Download our free guide to get the answers to these questions: A Manager’s Guide to Unified Threat Management and Next-Gen Firewalls. (Registration required).

You can read the original article here.

One of our SophosLabs researchers, Anna Szalay, made an interesting discovery recently: a new type of Android malware that slips in through a security hole in the USB debugging feature that allows developers to modify their Android devices. Naked Security expert Paul “Duck” Ducklin reports that this malware can intercept your SMS text messages to steal bank transaction details.

Duck explains in his post that intercepting SMSes from your Android phone allows the attackers to steal information they can use to access, for example, your email accounts or bank accounts:

The crooks want to infect you with malware that knows how to intercept incoming SMSes and redirect their content elsewhere. You can see where this is going: mobile malware that reads your SMSes before you do can steal important data such as the two-factor authentication (2FA) codes sent by your email provider or your bank, giving cybercriminals a way into your account despite the extra layer of protection in place.

SophosLabs detects this SMS-stealing malware as Andr/FakeKRB-H. As Duck explains, this malware gets onto your Android in a multi-step process that starts with your device getting infected by a crafty piece of Windows malware that sneaks in through the USB connection between your Android and a PC. This “helper” malware is a downloader detected by SophosLabs as Troj/DwnlAPK-A.

If you connect your Android to a PC infected by Troj/DwnlAPK-A, the malware sneaks in under the guise of files that “appear to be regular, clean files that enable full USB-to-phone connectivity on Samsung and LG devices,” Duck writes.

Then, once the downloader is installed, it loads the Android malware onto your device in what appears to be an app disguised as a Google-imitating “Google App Store” (the real Google store is simply called “Play Store”).

This is a good reminder that the bad guys continue to develop inventive ways of compromising our security to get at our most valuable data. Read the article at Naked Security to learn more about this malware and how to block it with security settings on your Android.

You can read the original article here and here.

With version 6.1 we’re addressing the two biggest issues in encryption – performance and usability – by leveraging native operating system (OS) encryption for better performance; and delivering multi-platform management across all devices and cloud environments.

SafeGuard Enterprise also solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff are now able to share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent.

Managing multiple devices no longer means managing multiple consoles, so IT can fully embrace encryption to support their users. The Sophos encryption approach enables users to safely work the way they need to – sharing files between users, partners and customers via the cloud and the devices they use.

Sophos is the only vendor to offer native device encryption, cloud, mobile, removable and file share encryption in one centrally managed solution, providing unmatched security, performance, and an intuitive user experience.

What’s New in SafeGuard Enterprise 6.1

• With SafeGuard Enterprise you can manage Microsoft BitLocker for Windows or Mac FileVault 2.
• Now with support for Windows 8, and file and disk encryption on Macs, SafeGuard covers more operating systems and platforms.
• Simplified keyring creation grants you seamless, centralized management. With this newest release, you can save time with our keyring creation that requires no repeat login.
• Use a single console to manage full-disk, removable media, file-share, and cloud storage encryption
• Get up-to-date security status for all your devices with reporting and auditing that lets you monitor and enforce compliance with internal policies and external regulations.

You can sign-up for a free 30-day trial here.

You can read the original article here and here.

The current total of 650,000+ pieces of Android malware is up by approximately 600% from last January. Check out our mobile malware timeline below for our picks for the most important developments of the past decade, from the birth of mobile malware to today.

Mobile Security Threat Report

It’s been 10 years since the first mobile malware appeared. To mark this dubious anniversary, we’ve produced our first Mobile Security Threat Report. Download the report at sophos.com/mobilethreatreport to see how mobile threats have evolved, and to learn how best to protect yourself and your organization.

Get the free app: Sophos Mobile Security for Android

Sophos Mobile Security is a robust yet lightweight app that protects your Android devices without compromising performance or battery life. Using up-to-the-minute intelligence from SophosLabs, it automatically scans apps as you install them. Other features include a privacy advisor, encryption, and per-app password protection that you can set up for sensitive apps like your email. We’ve received several awards and many great reviews for Sophos Mobile Security, which has been downloaded more than 100,000 times from Google Play.

You can read the original article here.

One area that is becoming increasingly popular with many users is Security. The equipment in Data Centres and Server Rooms is extremely valuable, and that information stored within those environments is often priceless. Jacarta’s solutions can monitor security in a number of ways using various sensors and products:

Security Sensor – The standard Security Sensor is a magnetic reed type sensor that can be used to send an alarm in the event of a door or window being opened.

Vibration Sensor – The Vibration Sensor is often fitted to glass panels and doors where forced entry is possible. As soon as vibration is detected – the sensor will trigger an alert.

PIR Sensor – Using Infra-Red technology, the PIR sensor will alert users to movement within the monitored environment.

The security sensor, vibration sensor and PIR sensor are all part of Jacarta’s Go-Probe sensor range and are therefore compatible with all of the company’s monitoring devices. To view the Go-Probe Sensor literature click here.

JCAM IR IP Camera – Installing a surveillance system can be beneficial in a number of ways. As well as providing a visual deterrent Jacarta’s IP Camera can also be used to monitor staff activity and provide evidence in the case of criminal activity. JCAM IR has a range of key features including night vision and motion sensing. View the product literature here.

The survey was organised by the University of Kent’s Interdisciplinary Research Centre in Cyber Security, by a team composed of both computer scientists and psychologists, and conducted using Google’s Consumer Surveys platform. As the authors of the report caution their readers, the survey covered a relatively small number of people – just over 1,500 UK adults. That leaves it open to inaccuracies for all sorts of reasons, including sampling bias due to the kinds of people drawn to responding to online surveys, but the results seem dramatic enough to be more than just an anomaly. Other data picked up by the survey seems fairly predictable. Around two-thirds of us feel at risk from cybercrime, just over 1 in 4 have been the victim of some sort of “cyber-dependent crime” in the last year, with malware (11.9%) and phishing (7.3%) the main culprits. 1 in 10 has been exposed to online bullying, harassment or stalking.

If the rate of malware infections seems a little higher than we normally see in surveys of this nature, that could well be down to the high levels of CryptoLocker and other ransomware included in those figures. 9.7% of people claimed they had been infected by ransomware of some kind, with CryptoLocker specifically named in the survey question and making up around a third of all reported infections.

Survey data always has a problem in that it’s only as accurate as the knowledge (and honesty) of the people being surveyed. Malware, for the most part, aims to avoid revealing its presence to its victims, sometimes going to great lengths to do so. So when you ask someone if they have ever been hit by malware, and their response is a strong and definite “no”, that answer should always be viewed sceptically. How can they possibly know? Proving a negative is not easy in the best of circumstances, and being certain something hasn’t happened simply because you haven’t noticed it happen is particularly difficult when the thing you haven’t noticed is specifically designed to be secretive and stealthy. Have you ever been spied on from a distant rooftop? No? Can you really be sure of that?

Unlike most malware though, CryptoLocker and other ransomware attacks make no secret of their presence, indeed their main intention is to make it very plain to their victims that they have been infected. So it could be that what we’re seeing here is not a change in the total level of malware going around, simply a change in the visibility of it to the general public.

Only a third have firewalls, and perhaps that is no bad thing. Other details emerging from this same survey include less than half of respondents using up-to-date anti-malware, just over a third implementing firewalls, and a little less than that exercising sensible password hygiene. Maybe a little more visibility will finally make the general public start sitting up and paying more attention to the risks of malware and other online threats. At the moment, it seems like we’re still mostly either ignorant or in denial, right up until something nasty infects our machine and nabs our data, or encrypts it and demands a ransom. That so many people pay up is not much of a surprise either. Like other security basics, it looks like proper backing up of sensitive or precious files is a rare thing.

Victims forced to pay up include police departments and law firms, with ransomware threats clearly targeting small businesses where proper security practices such as backups are more likely to be lacking. These shortcomings may have been hidden in the past, but now they are being forced into the spotlight, and the shock may just jolt people into giving the right priority to their security needs.

Here are five “top tips” for keeping safe against malware in general, and cyberblackmailers in particular:

• Keep regular backups of your important files.
• Use an anti-virus, and keep it up to date.
• Keep your operating system and software up to date with patches.
• Review the access control settings on any network shares you have.
• Don’t give administrative privileges to your user accounts.

You can read the original article here. More information about CryptoLocker here.

In the spirit of sharing our knowledge, we’d like to show you a pretty great infographic that explains in visual format how a web attack works. As you can see in the infographic below, a web attack happens in five stages, and this whole process takes less than a second. The web is the number one source of malware (a term that combines “malicious” and “software”), and the majority of these malware threats come from what is called a drive-by download.

5 Stages of a Web Attack

The term drive-by download describes how malware can infect your computer simply by visiting a website that is running malicious code (Stage 1: entry point).

Most of the time, these are legitimate websites that have been compromised to redirect you to another site controlled by the hackers (Stage 2: distribution).

Today’s cybercriminals use sophisticated malware packaged in an “exploit kit” that can find a vulnerability in your software among thousands of possibilities.

When your browser is redirected to the site hosting an exploit kit, it probes your operating system, web browser and other software (such as your PDF reader or video player) to find a security vulnerability that it can attack (Stage 3: exploit).

Remember — if you are not applying security updates to your operating system and software, you are unprotected against these exploits.

Once the exploit kit has identified a vulnerability, that is where Stage 4: infection begins. In the infection phase of an attack, the exploit kit downloads what is known as a “payload,” which is the malware that installs itself on your computer.

Finally, in Stage 5: execution, the malware does what it was designed to do, which is mainly to make money for its masters.

The malware known as Zbot can access your email or bank accounts. Another type of payload called ransomware can hold your files hostage until you pay to have them released.

This kind of attack happens all the time. But you don’t have to be a victim. Download our checklist of technology, tools and tactics for effective web protection to find out how you can protect your organization from malware attacks at every step of the way. You should also check out our free whitepaper explaining how malware works and offering tips to help you stop it: Five Stages of a Web Malware Attack. (Registration required). 

You can read the original article here.

• Πως μοιάζει το νέο Κέντρο Διαχείρισης;
• Ποια λειτουργικά συστήματα υποστηρίζονται και ποιοι clients είναι διαθέσιμοι;
• Ποια είναι η διαφορά μεταξύ των UEFI και BIOS και γιατί χρειάζεται να το ξέρετε αυτό όταν πουλάτε ή εγκαθιστάτε το SGN;
• Μπορούμε να υποθέσουμε ότι η Native (Γηγενή) Κρυπτογράφηση είναι ίδια με το SafeGuard Enterprise Device Encryption;
• Μπορούν οι υπολογιστές Mac της Apple να διαχειρίζονται κεντρικά;
• Τι είναι και γιατί το FileVault 2 ενδέχεται να είναι απαραίτητο;
• Τι περιλαμβάνει η άδεια χρήσης SGN;

Σήμερα, ευαίσθητα δεδομένα βρίσκονται παντού, στο cloud, σε φορητές συσκευές και προσωπικούς υπολογιστές. Ο στόχος είναι η προστασία τους, χωρίς θυσίες στην απόδοση και η Sophos έχει τη λύση με το SafeGuard Enterprise 6.1, το οποίο προσφέρει κρυπτογράφηση, οπουδήποτε και αν βρίσκονται τα δεδομένα –σε υπολογιστές Windows, Mac, σε αφαιρούμενα μέσα αποθήκευσης, σε δίσκους στο δίκτυο, σε φορητές συσκευές ή στο cloud, χωρίς καμία επίπτωση στην απόδοση.

Με το SafeGuard Enterprise 6.1, η Sophos διευθετεί τα δύο μεγαλύτερα ζητήματα στην κρυπτογράφηση -την απόδοση και τη χρηστικότητα- εκμεταλλευόμενη την ενσωματωμένη κρυπτογράφηση του λειτουργικού συστήματος (Bitlocker στα Windows, FileVault 2 για Mac) για καλύτερη απόδοση και προσφέροντας multi-platform διαχείριση για όλες τις συσκευές και τα περιβάλλοντα cloud.

Θέλετε να μάθετε περισσότερα;
Σας περιμένουμε στο 4o Infocom Security όπου απαντάμε στις προκλήσεις του μέλλοντος.
Ώρα 12:30 – 14:15 στην 2η ενότητα «Ευφυείς Λύσεις για την Προστασία των Πληροφοριών»

We also found out that the Heartbleed bug is in a version of the OpenSSL software that’s two years old — so this vulnerability could have been attacked for a very long time by someone with the resources to exploit it. 

Sophos security experts helped us to understand Heartbleed and what it means, how to protect yourself, and why we should all be thankful for open source software, even if it’s not perfect.

Chester Wisniewski, Sophos senior security advisor, let us in on what Heartbleed is and why it’s so important for security on the Internet. Chet explained that OpenSSL sends a small packet of data back and forth between web servers to make sure the connection is still working, what’s called a TLS Heartbeat.

Only now it turns out that web servers could be tricked into sending huge amounts of system-stored data in response to a Heartbeat ping — data which could include passwords and encryption keys. In an opinion column published on CNN.com, Chet described how two-thirds of all websites were vulnerable to Heartbleed. Fortunately, most major Web services have already applied fixes to the affected Web servers and services. The bad news is that smaller websites as well as many companies’ products that rely on OpenSSL may linger for many more years without a fix.

Chet told BuzzFeed that an even bigger concern is who might have known about the Heartbleed bug before the rest of us caught on — and the most likely organization to know would be the U.S. National Security Agency (NSA), which has the means and an interest in finding such vulnerabilities.

“That’s exactly what the leaked NSA programs are supposed to do: Find the flaws, exploit them and never tell anyone,” Chet said. According to Chet, the “open” part of OpenSSL means this vital security software is maintained by volunteer researchers, not commercial interests. And that means we should be focusing our attention on supporting the open parts of the Internet that we rely on for freedom of communication.

All of us have come to rely on the Internet socially, politically and economically. The billions of dollars a year being made by the tech giants would not be possible without the millions of donated hours that maintain free and open software like OpenSSL, Linux, Apache Web server, and Postfix mail server.

You can read the original article here.