In the spirit of sharing our knowledge, we’d like to show you a pretty great infographic that explains in visual format how a web attack works. As you can see in the infographic below, a web attack happens in five stages, and this whole process takes less than a second. The web is the number one source of malware (a term that combines “malicious” and “software”), and the majority of these malware threats come from what is called a drive-by download.

5 Stages of a Web Attack

The term drive-by download describes how malware can infect your computer simply by visiting a website that is running malicious code (Stage 1: entry point).

Most of the time, these are legitimate websites that have been compromised to redirect you to another site controlled by the hackers (Stage 2: distribution).

Today’s cybercriminals use sophisticated malware packaged in an “exploit kit” that can find a vulnerability in your software among thousands of possibilities.

When your browser is redirected to the site hosting an exploit kit, it probes your operating system, web browser and other software (such as your PDF reader or video player) to find a security vulnerability that it can attack (Stage 3: exploit).

Remember — if you are not applying security updates to your operating system and software, you are unprotected against these exploits.

Once the exploit kit has identified a vulnerability, that is where Stage 4: infection begins. In the infection phase of an attack, the exploit kit downloads what is known as a “payload,” which is the malware that installs itself on your computer.

Finally, in Stage 5: execution, the malware does what it was designed to do, which is mainly to make money for its masters.

The malware known as Zbot can access your email or bank accounts. Another type of payload called ransomware can hold your files hostage until you pay to have them released.

This kind of attack happens all the time. But you don’t have to be a victim. Download our checklist of technology, tools and tactics for effective web protection to find out how you can protect your organization from malware attacks at every step of the way. You should also check out our free whitepaper explaining how malware works and offering tips to help you stop it: Five Stages of a Web Malware Attack. (Registration required). 

You can read the original article here.

• Πως μοιάζει το νέο Κέντρο Διαχείρισης;
• Ποια λειτουργικά συστήματα υποστηρίζονται και ποιοι clients είναι διαθέσιμοι;
• Ποια είναι η διαφορά μεταξύ των UEFI και BIOS και γιατί χρειάζεται να το ξέρετε αυτό όταν πουλάτε ή εγκαθιστάτε το SGN;
• Μπορούμε να υποθέσουμε ότι η Native (Γηγενή) Κρυπτογράφηση είναι ίδια με το SafeGuard Enterprise Device Encryption;
• Μπορούν οι υπολογιστές Mac της Apple να διαχειρίζονται κεντρικά;
• Τι είναι και γιατί το FileVault 2 ενδέχεται να είναι απαραίτητο;
• Τι περιλαμβάνει η άδεια χρήσης SGN;

Σήμερα, ευαίσθητα δεδομένα βρίσκονται παντού, στο cloud, σε φορητές συσκευές και προσωπικούς υπολογιστές. Ο στόχος είναι η προστασία τους, χωρίς θυσίες στην απόδοση και η Sophos έχει τη λύση με το SafeGuard Enterprise 6.1, το οποίο προσφέρει κρυπτογράφηση, οπουδήποτε και αν βρίσκονται τα δεδομένα –σε υπολογιστές Windows, Mac, σε αφαιρούμενα μέσα αποθήκευσης, σε δίσκους στο δίκτυο, σε φορητές συσκευές ή στο cloud, χωρίς καμία επίπτωση στην απόδοση.

Με το SafeGuard Enterprise 6.1, η Sophos διευθετεί τα δύο μεγαλύτερα ζητήματα στην κρυπτογράφηση -την απόδοση και τη χρηστικότητα- εκμεταλλευόμενη την ενσωματωμένη κρυπτογράφηση του λειτουργικού συστήματος (Bitlocker στα Windows, FileVault 2 για Mac) για καλύτερη απόδοση και προσφέροντας multi-platform διαχείριση για όλες τις συσκευές και τα περιβάλλοντα cloud.

Θέλετε να μάθετε περισσότερα;
Σας περιμένουμε στο 4o Infocom Security όπου απαντάμε στις προκλήσεις του μέλλοντος.
Ώρα 12:30 – 14:15 στην 2η ενότητα «Ευφυείς Λύσεις για την Προστασία των Πληροφοριών»

We also found out that the Heartbleed bug is in a version of the OpenSSL software that’s two years old — so this vulnerability could have been attacked for a very long time by someone with the resources to exploit it. 

Sophos security experts helped us to understand Heartbleed and what it means, how to protect yourself, and why we should all be thankful for open source software, even if it’s not perfect.

Chester Wisniewski, Sophos senior security advisor, let us in on what Heartbleed is and why it’s so important for security on the Internet. Chet explained that OpenSSL sends a small packet of data back and forth between web servers to make sure the connection is still working, what’s called a TLS Heartbeat.

Only now it turns out that web servers could be tricked into sending huge amounts of system-stored data in response to a Heartbeat ping — data which could include passwords and encryption keys. In an opinion column published on CNN.com, Chet described how two-thirds of all websites were vulnerable to Heartbleed. Fortunately, most major Web services have already applied fixes to the affected Web servers and services. The bad news is that smaller websites as well as many companies’ products that rely on OpenSSL may linger for many more years without a fix.

Chet told BuzzFeed that an even bigger concern is who might have known about the Heartbleed bug before the rest of us caught on — and the most likely organization to know would be the U.S. National Security Agency (NSA), which has the means and an interest in finding such vulnerabilities.

“That’s exactly what the leaked NSA programs are supposed to do: Find the flaws, exploit them and never tell anyone,” Chet said. According to Chet, the “open” part of OpenSSL means this vital security software is maintained by volunteer researchers, not commercial interests. And that means we should be focusing our attention on supporting the open parts of the Internet that we rely on for freedom of communication.

All of us have come to rely on the Internet socially, politically and economically. The billions of dollars a year being made by the tech giants would not be possible without the millions of donated hours that maintain free and open software like OpenSSL, Linux, Apache Web server, and Postfix mail server.

You can read the original article here.

“The new Sophos SG Series appliances are the fastest UTM and Next-Gen Firewall devices we’ve ever produced,” said Guenter Junk, Senior Vice President and General Manager, Network Security Group, Sophos. “They run our latest operating system, version 9.2, and are optimized to get the most out of latest performance innovations from Intel to ensure our customers and partners get an unrivalled performance and protection combination.”

The new SG Series includes models to meet the requirements of small offices to large, distributed enterprises. These 1U appliances are available today in the mid-range 200, 300 and 400 models.  They all deliver over 10 Gbit/sec firewall throughput to easily handle the demands of multi-layered protection. The SG Series is the 6th generation of Sophos security gateways built on an Intel® architecture, to enable Sophos customers to quickly benefit from the frequent performance and protection enhancements. They utilize Intel® technologies including high-speed LAN interfaces, high volume Solid State Drives and AES-NI acceleration.

“By using Intel® Architecture, Sophos has been able to use the performance gains we’ve been able to deliver with the 4th Generation Intel Core processors which delivers improved software processing architecture,” said Bob Ghaffari, Director, Communications and Storage Infrastructure Division, Intel. “Sophos has been able to see dramatic performance improvements by unlocking Intel’s core processor capabilities to make fast, intelligent decisions.”

The SG Series run the latest Sophos UTM 9.2 operating system which features over 150 enhancements including new Advanced Threat Protection and SPX Email Encryption functionality. Designed to run on an Intel architecture, version 9.2 can also be deployed on Intel compatible servers as virtual appliances and in the cloud using Amazon Web Services.

Bruce Kneece, Chief Technology Officer at Convergent Information Security Solutions, said, “Our team was heavily involved in the UTM 9.2 beta program.  From the outset we liked what we saw – added performance and simplicity across the board.  Version 9.2 running on the SG Series hardware is a true winner.  It’s easy for us to recommend it to our customers.”

Additional information on all of the features in Sophos SG Series appliances and Sophos network security solutions is available at: www.sophos.com/accelerated.  

In our recent UTM 9.2 release we accelerated our Intrusion Prevention System (IPS) – to do so we made changes to the underlying engine and worked at making our IPS smarter with new optimized default rule sets. We’ve been getting great reports from customers and partners about the speed boost they’re seeing.

But it’s not just software that can boost performance — it’s pretty obvious the hardware it runs on plays a critical role too. That’s why we’re releasing some new security gateway appliances that we’re calling our SG Series appliances.

These are the fastest appliances we’ve ever built. When we started the refresh project we would have been pleased with a 50% speed increase, and we were hoping we’d be able to double the speed. When our engineering team ran our benchmark tests the results were impressive — the new SG Series is up to four times faster than its predecessors. Now it’s all very well beating your own personal best but for us the real question was how would they fare in a race – just how do they stack up to the competition?

So we asked Miercom Labs, a respected testing house, to run tests. And the results were proof that we’ve built some appliances that will provide Sophos customers and partners with the best price/performance ratio anywhere in the market.

This first chart shows a comparison on firewall throughput. Now it’s important to note these results aren’t from some special, high end box targeted for thousands of users. These are from the SG 210; a mid-range model which is offered at a great price point that any business can afford.

And this performance advantage is seen not just on raw Firewall speed. The chart below shows results with Application Control enabled, a key component in next generation firewalls. As you see, our hard work paid off here as well.

And as you know Sophos has a great heritage in virus scanning and here our expertise really shows. Just look at the AV scanning numbers in the chart below.

This test compares AV proxy scanning which is widely known to be the most effective form of scanning because it looks at the entire file rather than taking shortcuts. But not everybody can do it “at speed,” and as you can see some don’t offer it at all.

The complete report from Miercom Labs will be published soon but as we announce the availability of the new SG Series appliances I just wanted to share some of the great results we are seeing. And as we extend the SG Series and continue to optimize our software here’s to even faster, even better protection!

You can read the original article here.

Download the Sophos Mobile Encryption app from Google Play for Android, or from iTunes for iOS devices (iPhones, iPod Touches and iPads).

New features available in this version

• Protect access to your Sophos Mobile Encryption application with an optional password.
• Fully transparent key management, so you don’t need to enter the passphrase each time you open a file.
• Store your encrypted files in the local storage area within the app. Local storage is also accessible via USB from your PC or Mac.
• Encrypt and upload files handed over by applications from cloud storage providers.
• Supported cloud storage solutions: Dropbox, Google Drive, Microsoft One Drive (former SkyDrive), Egnyte, Telekom Media Center, WebDAV (e.g., Windows Server, ownCloud or Strato HiDrive)

Sophos Mobile Encryption for Android

Download the Sophos Mobile Encryption app from Google Play for Android devices. Requires Android 2.3.3 and up.

Sophos Mobile Encryption for iOS

Download the Sophos Mobile Encryption app from iTunes for iOS devices. Requires iOS 5.0 or later. Compatible with iPhone, iPad, and iPod Touch. This app is optimized for iPhone 5.

For business users: You can get Sophos Mobile Encryption together with the optional SafeGuard Enterprise Encryption for Cloud Storage module. The app extends access to encrypted files to mobile devices –for persistent encryption wherever your users are working.

You can read the original article here.

UTM Series appliances will remain an important part of our hardware appliance portfolio and continue to enjoy all the great new features and enhancements that come with every software update. Our UTM Series delivers unmatched value with a great balance of price, performance and protection.

As you know, at Sophos, every feature is available on every appliance — and our UTM Series appliances are no different. And because they are based on an Intel architecture, you can benefit from all future software enhancements and performance optimizations — past, present, and future.

Features you get with Sophos UTM Series

• Intel architecture provides a future-proof upgrade path unlike ASICs
• Same protection on every appliance, from our smallest to our largest
• Cluster up to 10 appliances dynamically without external load balancers
• A range of models at performance and price points to fit diverse environments
• Sophos UTM Series — Eight (8) models suitable for organizations of all sizes

Small:  The UTM 100, 110, and 120 are ideal for small organizations or branch offices that have less demanding traffic capacity requirements, but still want the best network protection

Medium:  The UTM 220, 320 and 425 provide the optimal balance between performance and protection for a variety of different environments.

Large:  The UTM 525 and 625 are designed to protect even the most demanding enterprise networks. They are purpose built for scalability, reliability, and high availability.

UTM Series Tech Specs

Datasheets:  UTM 1xx | UTM 220 | UTM 320 | UTM 425 | UTM 525 | UTM 625  

You can read the original article here.

The new Sophos solution helps IT professionals confidently implement BYOD policies and provides users the flexibility they demand to stay productive and safe. It supports iOS, Android and Windows Phone 8 devices.

To learn more about SMC 4.0, check out this video.

SMC 4.0: Mobile Encryption, Integrated Security and User-Centricity

SMC 4.0 provides a simple, hassle-free and comprehensive approach to protecting mobile devices. With Mobile Content Management for iOS devices, SMC is the only EMM solution to offer file-level encryption, which gates access to each file, to protect the data in the office and on the go. SMC also delivers integrated security against malware and malicious web sites for Android devices, which account for 80 percent of smartphone operating systems* worldwide as well as the majority of mobile malware threats. The number of unique pieces of mobile malware seen by SophosLabs has now reached almost 900,000 and is growing rapidly.

With web protection for Android, IT administrators can select web site categories to control access and block data-stealing or inappropriate web pages. SMC 4.0 also provides unique integration with Sophos UTM, Checkpoint and Cisco to provide network access control. Compromised devices are isolated from the network, protecting the organization’s assets from malware on mobile devices. SMC’s user-centric deployment, management and pricing greatly simplifies administration. With an intuitive web-based management console, IT administrators can provide their users with a self-service portal to change passwords, register devices and report lost or stolen devices. 

You can read the original article here.

Authorities have apparently taken control of the Gameover bots and seized its command servers over the weekend, effectively freeing 300,000 of the 500,000 to 1 million infected Windows computers. Even better, they’ve found the crime ring behind the botnet and have charged alleged Russian mastermind Evgeniy Mikhailovich Bogachev with hacking, different types of fraud, money laundering and conspiracy.

Gameover Zeus, for those who’ve never heard of it in the past, is a P2P malware that pilfers banking information and initiates wire transfers to overseas bank accounts. It’s typically propagated through spam emails disguised as bills or invoices embedded with malicious links — the kind you tell your grandparents to never click. Once Gameover worms its way into a system, that computer becomes part of the extortion ring’s global network of infected machines, which funnel ill-gotten info back to the criminals. The perpetrators would sometimes also install compromised PCs with Cryptolocker, a “ransomware” that takes users’ files hostage until they pay up. According to the FBI’s estimates, the criminals have stolen over $100 million using both Gameover and Cryptolocker. But whether that’s enough for Bogachev to stand trial in the US (home to 25 percent of the affected machines) remains to be seen, as Russia does not extradite accused criminals. For now, all the authorities can do is spread word about the botnet and help people remove it from their computers.

The next stage – the part of the operation that is the duty of all of us – is to dismantle the rest of the botnet, by progressively disinfecting all the zombie-infected computers that made the Gameover and Cryptolocker “business empires” possible in the first place. US-CERT has come up with a whole list of free tools so you can do just that, and (if you are the go-to person for IT problems amongst your friends and family) so that you can help others, too. The Sophos Virus Removal Tool is amongst the recommended cleanup utilties. It’s a free download; you don’t have to uninstall your existing anti-virus first; and it detects and cleans the same malware, including rootkits, that Sophos Anti-Virus knows about, not just CryptoLocker.

You can read the original article here and here.

The Balance 50 features our advanced load balancing and failover. It supports PepVPN, so it can act as a SpeedFusion endpoint for branch VPN networking. Plus, it offers everything else customers love about the Balance 20/30. And the Balance 50 delivers speed and reliability to spare, even when individual connections slow down or drop out.

Download the datasheet for more information on the Peplink Balance 50 multi-WAN router. For pricing details and to stock up today, visit the online cart.

It features user-based management, reporting and licensing; built-in web security to prevent user access to malicious and infected websites, and new policy-based Web Control features to enforce safe and productive web usage. Sophos Cloud is effortless to deploy and easy to use and manage for IT managers and channel partners, given its simple, intuitive user experience.

A recent Sophos survey of IT managers highlighted the growing challenge of device diversity across their organizations, with a need to support Windows PCs, Macs and mobile devices: 78 percent support or plan to support Macs on their corporate networks, and 41 percent see the number of Macs increasing in their corporate environments. A recent IDC study showed that a quarter of SMBs are using mobile device management (MDM) and Sophos is the number one solution. However, 75 percent still have not adopted MDM and with this new release Sophos has made it simpler than ever for those customers to get control of their mobile devices to secure their future. Clearly organizations need an integrated security strategy to support users’ demands to choose their own device (BYOD), while providing IT managers real-time visibility and access to information to keep organizations safe from advanced threats. Sophos Cloud delivers a simple and effective approach for IT organizations to confidently embrace BYOD and to support and protect the wide range of user devices in their environments.

Based on the same proven technology that protects over 100 million devices worldwide, Sophos Cloud is a smart choice for global organizations. It delivers effective mobile device management to keep users productive and corporate information secure. The new web features enable IT managers to easily set and enforce policies for enhanced security and compliance; user-based policies can be created once and rapidly deployed across multiple groups and platforms, and follow the users and their devices even when they are off the network. Sophos Cloud also adds Active Directory synchronization to simplify deployment and management for users and groups.

“IDC predicts that the continuing SMB productivity push will drive cloud and mobility adoption, in a big way; in the U.S., 1/3 of small businesses and almost 3/4 of mid-sized firms are using the cloud, and the share will continue to grow,” reports Raymond Boggs, research vice president at IDC.  “Sophos Cloud can help manage security across Windows, Mac, and mobile devices, which is especially important given the diversity – some might say chaos – of an SMB environment. Its user-based management is well suited to SMBs looking to secure users of corporate devices or their own BYOD equipment. Sophos Cloud will be a useful resource for channel partners to leverage in helping support the resource-limited IT teams of their SMB customers.”

“We’re pleased to deliver this new release of Sophos Cloud, as it’s another positive step in our strategy to use the cloud to create new, innovative solutions to the ever-increasing security challenges faced by small and mid-market businesses today,” said Bill Lucchini, vice president and general manager of Sophos Cloud. “Sophos Cloud is a differentiated offering that enables IT professionals to simplify security management without compromising users’ demands for usability and performance.  We continue to address the market’s desire for powerful simple-to-use solutions to combat the evolving threat landscape. Sophos security delivered with cloud simplicity is clearly resonating with our customers and partners.”
Sophos Cloud: Ideal for IT Solutions Providers

Consistent with Sophos’ commitment to its channel partners, Sophos Cloud enables IT solution providers and outsourcers to deliver value to customers. A unified web-based management console, hosted in the cloud by Sophos, enables complete protection for users and devices, and a new partner dashboard gives partners visibility into, and control over, their customers’ subscriptions, devices and policies.

Sophos Cloud is currently available. For more information or for a 30-day trial, visit: www.sophos.com/cloud