PRODUCTS

Cyber Security Elements by NSS

News

15

Jan

As well as providing excellent daylight surveillance coverage, JCAM-IR also has infra-red capability to enable a comprehensive 24-hour surveillance operation to be implemented. 

JCAM-IR Image Quality

Crucial to the successful implementation of any security surveillance strategy is the image quality of the cameras being used. JCAM-IR is an HD 2MP fixed lens camera that can stream video with a resolution of up to HD1080p at up to 30fps. Facial recognition can be achieved in normal light conditions up to a distance of 10m. JCAM-IR has a darkness/low light range of 10m.

JCAM-IR Alerts

When motion is detected by JCAM-IR, videos can be recorded and snapshots (of before and during the event) sent by email. Videos can be saved to the camera’s on-board Micro SD card (user supplied) or, alternatively, to a networked PC. Camera recording and snapshots can also be activated manually or by an event triggered by an optional attached Jacarta Go-Probe sensor (water leak, door open, smoke, etc.).

JCAM-IR 2

JCAM-IR 3

You can download the brochure here.

15

Jan

Bolstered Channel Team
Sophos has recently strengthened its channel team with the appointments of Kendra Krause, Americas channel chief and Karen Delaney, Australia & New Zealand channel chief.

Prior to Sophos, Krause served most recently as Fortinet’s Channel Sales and Operations vice president. She previously served in channel sales and marketing roles at SonicWall, WatchGuard and CDW. Delaney spearheaded channel strategies at IBM, Acer and Dell/SonicWALL. Since joining the company, she has played an integral part in bringing Distribution Central and Connector Systems onboard as Sophos’ first distribution partners in Australia and New Zealand.

Channel Honors
Sophos has received considerable recognition for both its channel team and channel program. Included among this year’s honors:

  • CRN UK’s Channel Sales & Marketing Award—The Sophos Partner Program was declared “best in the UK”. This award recognizes and rewards the achievements of those individuals and teams responsible for making the UK IT channel so successful.
  • CRN’s 2013 Top Women of the Channel—Several Sophos’ channel leaders were among the honorees: Kendra Krause, vice president of Americas channel sales, Amy Gelpey, senior channel marketing manager, and Regina Vignone, director of sales.
  • CRN’s Power 100 Most Powerful Women of the Channel—Kendra Krause was among the elite list of executives recognized for their channel achievements.
  • CRN’s 2013 5-Star Partner Rating—The 5-Star Partner Program rating recognizes an elite subset of Partner Program Guide vendors that give solution providers the best partnering elements in their channel programs.
  • CDW—Sophos was named Sapphire Partner of the Year for 2012; Sophos was one of CDW’s fastest-growing partners of the year.

Key Channel Recognition for Sophos UTM
The company was also highlighted in the 2013 CRN Annual Report Card (ARC). This prestigious study is considered the definitive benchmark for measuring excellence in the IT Channel community and recognizes the top-rated vendor partners in the industry. Sophos was given the highest honors for product innovation in the Network Security Appliances category for its unified threat management (UTM) solution, Sophos UTM. Winners were announced live at an awards reception on Tuesday, August 20, 2013, at the XChange 2013 event in Washington, D.C.

“At Sophos, every year is the year of the partner, but this year in particular has truly demonstrated our ‘channel-first’ commitment—from hosting the largest partner conferences in our history to a game-changing new MSP program, our focus is our channel,” said Mike Valentine, senior vice president, worldwide sales, Sophos. “We offer partners the most complete IT security value proposition—proven and award-winning security solutions that are simple to use, combined with the industry’s most powerful channel program. And with an aggressive roadmap that features an impressive array of offerings, we’re very excited about delivering partners even more value in the coming months to help them grow.”

To learn more about the Sophos Partner Program, please click here or visit http://www.sophos.com/en-us/partners.aspx.

15

Jan

Sign up for our beta program today and we’ll notify you by email when the beta is available. And here’s the best part — if you sign up for the beta before 30th September, you’ll be automatically entered to win a $25 Google Play gift card!

Here’s how to sign up for the beta:

1. Join the Sophos Mobile Beta Google group: http://soph.so/yUzZg
2. Opt in to receive the beta software, triggered by an email from the Google group

Sign up before 30th September — we’ll draw 20 lucky winners for the $25 gift card.

Sophos Mobile Security for Android

Sophos Mobile Security for Android is a free app available on Google Play.

Sophos Mobile Security

Sophos Mobile Security is a robust yet lightweight app that protects your Android devices without compromising performance or battery life. Using up-to-the-minute intelligence from SophosLabs, it automatically scans apps as you install them. Other features include a privacy advisor, data and device encryption, and per-app password protection that you can set up for sensitive apps like your email.

We’ve received several awards and many great reviews for Sophos Mobile Security, which has been downloaded more than 100,000 times from Google Play. Sophos Mobile Security is also available as an enterprise version you can manage through Mobile Control, our enterprise mobility management and security product.

You can read the original article, here.

15

Jan

One area that is becoming increasingly popular with many users is Security. The equipment in Data Centres and Server Rooms is extremely valuable, and that information stored within those environments is often priceless. Jacarta’s solutions can monitor security in a number of ways using various sensors and products:

Security Sensor – The standard Security Sensor is a magnetic reed type sensor that can be used to send an alarm in the event of a door or window being opened.

Vibration Sensor – The Vibration Sensor is often fitted to glass panels and doors where forced entry is possible. As soon as vibration is detected – the sensor will trigger an alert.

PIR Sensor – Using Infra-Red technology, the PIR sensor will alert users to movement within the monitored environment.

The security sensor, vibration sensor and PIR sensor are all part of Jacarta’s Go-Probe sensor range and are therefore compatible with all of the company’s monitoring devices. To view the Go-Probe Sensor literature click here.

JCAM IR IP Camera – Installing a surveillance system can be beneficial in a number of ways. As well as providing a visual deterrent Jacarta’s IP Camera can also be used to monitor staff activity and provide evidence in the case of criminal activity. JCAM IR has a range of key features including night vision and motion sensing. View the product literature here.

 

15

Jan

The new release delivers the first in the industry “IP Centrex for VPS providers“. With this technology, Web Hosting companies can deliver IP PBX services to any size business, all within the Virtualized cPanel management system.

IP Centrex has traditionally been a system for carriers and SIP Trunk solution providers due to the complexity and telecom requirements for setup and delivery of services. “IP Centrex Services” has become a vital part of the evolution to move complex IT services out of the IT closet, to a “centralized” location in the Cloud. VPS hosting providers can now provide valuable services with IP Centrex, in a simple to manage and easy to understand package that runs right inside the Virtualized environment, not requiring any dedicated servers or disruption.

The cPanel Adapter is a totally open source project, managed, maintained, and developed by a community of VPS hosting providers around the globe. The project is hosted at the Google Code site and VPS Hosting companies are encouraged to join and contribute to advance the technology for their own requirements and customer demands.

IPCentrex 2

Features for the IP Centrex system included in the 3.0 release include:

  • Setup of phone extensions
  • Creation and management of Queues i.e. “support department” or “sales team”
  • Certified for SNOM IP Phones with HD Voice
  • Encryption for secure calls
  • IPv6 support
  • Pronto! HTML5 Webmail with WebRTC support for HD Voice calls
  • Secure Instant Messaging and Chat rooms
  • Email and Calendar services with Encryption features including Certificate Authority
  • Pronto! “Native” Mobile Clients available in the Apple App store and Android Store

 

You can read the original article, here.

15

Jan

The Balance 50 features our advanced load balancing and failover. It supports PepVPN, so it can act as a SpeedFusion endpoint for branch VPN networking. Plus, it offers everything else customers love about the Balance 20/30. And the Balance 50 delivers speed and reliability to spare, even when individual connections slow down or drop out.

Download the datasheet for more information on the Peplink Balance 50 multi-WAN router. For pricing details and to stock up today, visit the online cart.

15

Jan

Sophos President and CEO Kris Hagerman said, “Sophos is thrilled to join the many other technology leaders that call Silicon Valley home. A meaningful presence in Silicon Valley gives us a golden opportunity to capitalize on the technology trends and partnership opportunities that are so abundant in this area. Silicon Valley is a renowned global center for the disruptive innovation, top talent and strategic relationships that will help propel Sophos to the next level.”

Mike Valentine, senior vice president of worldwide sales and channel, said, “Sophos is a global company with global reach. Given our ‘Channel First’ sales strategy, it’s important that we have a strong physical presence in the areas that will drive the greatest opportunities. This is why we’ve expanded to the Bay Area, adding it to the other 40 offices we maintain around the world. Sophos is building a market-leading channel program, constantly recruiting and enabling top-notch partners to join our team. This new office provides more evidence of our growing investment in the North America IT security market.”

Meanwhile, the Sophos product development engine continues to hum. The company recently announced Sophos Cloud, an easy to deploy and simple to manage cloud-based service for endpoint protection. The latest version of Sophos Mobile Control delivers best-in-class mobile device management (MDM), enabling organizations of all sizes to use mobile devices such as iPhone, iPad, Android and Windows Phones, to get work done – simply, securely and reliably.

The company also continues to attract top industry talent, including John Keenan as vice president of North America Sales, Mary Winfield as senior vice president of Support, and Dan Schiappa as senior vice president and general manager of the Sophos End User Security Group.

You can read the original article here.

15

Jan

We began producing antivirus and encryption products nearly 30 years ago. Today our products help secure the networks used by 100 million people in 150 countries and 100,000 businesses. Our products allow you to secure every end point of your network, from laptops to virtual desktops and servers, to web and email traffic and mobile devices.

All devices —managed easily through the cloud. What’s more, securing these devices is made possible through products that fit your precise needs. We ensure your network’s security by providing the one thing no one else can: Simplicity – arching the following three important IT security sections:

Network Protection

Who Needs This
Sophos UTM helps you consolidate your security without compromising its effectiveness. It’s security made simple, protecting your users everywhere while making security easier to deploy and manage.

What’s Protected

  • All computers, mobile devices and servers on a network
  • Branch offices and remote users connected with VPN
  • Email and web servers and even Wi-Fi users

Products

Enduser Protection

Who Needs This
Our endpoint protection will keep data in and malware out—all within your antivirus budget. And we protect your mobile devices and servers.

What’s Protected

  • All computers, mobile devices, and servers on a network.
  • Encryption for devices and file shares.
  • Mobile devices and laptops on the go.

Products

Server Protection

Who Needs This
Our antivirus protection delivers more effective, faster protection across your network of physical or virtual servers.

What’s Protected

  • Broad platform support for Windows, UNIX and Linux servers.
  • Small memory footprint won’t slow you down. Our antivirus agent has low performance impact, and is optimized for virtualization.
  • HIPS protection for Windows is easy to deploy and manage.

Products

15

Jan

a bogus message supposedly sent from Facebook Security.

According to Hoax-Slayer, the scam claims that Facebook is rolling out a new security feature to protect Page owners.

This supposed new security feature is dubbed the “Fan Page Verification Program”.

It does a nice job of flattering suck-up to entice victims into coughing up their Facebook login details, telling targets that they’ve had ever so many stolen Pages lately, and they simply can’t think of what to do about it except just, well, throw up their hands and Delete them all – yes, Delete those bad, bad Pages, with a capital “D”.

All the stolen Pages, that is, except yours, which, gosh, is so popular with its “High Quality Content”.

The message tells victims that they have to click a link and choose a 10-digit security code to complete the process.

Those who don’t comply will see their Page suspended permanently if the process isn’t completed by May 30, 2013, they go on to say.

Here’s an example of this scammy letter that Hoax Slayer posted on Friday: 

Dear Facebook User,

You are receiving this message to notify you about the new security feature from Facebook called “Fan Page Verification Program”.

After many Fan Pages have been stolen lately leaving us no choice but Deleting them forever, we had to come up with an original solution about the Fan Page’s Security.

Luckily, your Fan Page, has a lot of likes and provides High Quality Content, which qualify it for this program.
To complete this process you must choose a 10-digit number (it can be any number) and that number will be assigned as your Security code”. This code will be the new passphrase for changing anything important for your Fan Page, like the Admin roles or other important settings.

Please be aware that this process it’s open only until 30.05.2013 and it’s mandatory to complete it. If you don’t, your Fan Page will be suspended permanently since it is not considered safe for the wide audience.
Please visit the link below to complete the process:

[Malicius Link]

Facebook Security

Anybody who falls for it and clicks on the link will be whisked away to a spot where they’re told to submit Facebook login details and the so-called 10-digit “Transferring Code”.

Click here to see the original article.

15

Jan

Important: This article may continue to be updated with further advice. We therefore recommend you check back here regularly for new information.

Applies to the following Sophos product(s) and version(s)

  • Sophos UTM
  • Sophos Anti-Virus for VMware vShield

For information relating the vulnerability to other Sophos products see:

Is SafeGuard Enterprise affected by the recently identified OpenSSL leak in versions 1.0.1 to 1.0.1f (cve-2014-160)?
Is Sophos Mobile Control affected by the recently identified OpenSSL leak in versions 1.0.1 to 1.0.1f (cve-2014-160)?

What is the vulnerability?

The official CVE is tracked here and mentions versions of Open SSL used in some Sophos products (see below).

The vulnerability described uses a TLS heartbeat read overrun which could be used to reveal chunks of sensitive data from system memory of any system worldwide running the affected versions of OpenSSL – but only exposed services are immediately affected, as the bug allows to be read from the processes own memory.

For more information read our naked security blog article on the issue: Anatomy of a data leakage bug – the OpenSSL “heartbleed” buffer overflow

What versions of Open SSL are affected?

1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1.

What products are affected and how is the vulnerability fixed?

The table below lists all the affected Sophos products. Important: Though other products may use SSL these are not affected and no action is required.

If you use one or more of the products mentioned below use the table to guide you on what is required. 

Sophos Product Steps to fix                                                 

UTM 9.1

 

 

 

UTM 9.2

A patch is available for the vulnerability in UTM 9.1. The overview steps are:

Install the patch
Print your configuration
Reboot the UTM
Regenerate certificates
Change your passwords

For detailed instructions see article 120851.

UTM LiveConnect Servers           Patched April 9, 2014
UTM Manager 4.105             

Patched in 4.106, available now.

See: http://blogs.sophos.com/2014/04/10/sophos-utm-manager-up2date-4-106-released/

SAV for vShield  

A patch for version 1.1 will be made available early next week.
Customers running version 1.0 will need to upgrade to 1.1 as 1.0 cannot be patched. See the Sophos Anti-Virus for VMware vShield upgrade guide on how to do this.
Further information will be provided with the patch.

 

Important: There are three primary requirements to patch the OpenSSL vulnerability, protect yourself from any future exploit attempts and to mitigate any security vulnerabilities if your certs have already been compromised

  • Apply the OpenSSL Patch
  • Regenerate all SSL certs
  • Change all passwords

Where do I get the Patch and instructions to Renegerate all SSL Certs?

The currently available patches for UTM are listed in article Heartbleed: Recommended steps for UTM. We will add details on other patches as soon as possible. Check back HERE for updates.

15

Jan

“While many security experts are aware of the high level trends, few have recognized their significance,” said James Lyne, global head of security research at Sophos. “If 2013 has taught us anything, it is that traditional security controls are struggling. These new behaviors are forcing the industry to adapt and change, and widely held best practices must be reconsidered.”

The threat report highlights new security concerns ranging from stealthy malware tools that offer dynamic camouflage and provide attackers with long-term persistent access to users’ data, to the proliferation of connected devices that represent new and often ill-protected targets. Many new “Internet of Things” devices are becoming commonplace in our homes and everyday infrastructure, offering shadier cybercriminals the potential to impact our daily lives, rather than just the traditional theft of financial information.

“These trends are set to continue in 2014 as threats become even smarter, shadier and stealthier,” said Lyne.

In 2014 Sophos predicts greater focus from cybercriminals on high quality and convincing phishing and social engineering to compensate for harder-to-exploit operating systems like Windows 8.1; embedded devices (such as POS systems, medical systems and new “smart” infrastructure) will open old wounds as security mistakes eliminated in the modern PC environment are carelessly re-implemented; attacks on corporate and personal data in the cloud will continue to grow as providers struggle to refine the security strategy in this new computing platform; and malware for mobile is set to become as sophisticated as its PC relatives.

“It is clear in 2014 we need to be watching not just the evolution of existing attacks, but be prepared for dangerous new threats emerging that we haven’t previously dealt with,” said Gerhard Eschelbeck, CTO at Sophos. “As the industry adapts and enhances protection mechanisms to cover new devices and threats, this is increasingly becoming an issue for every member of society, not just for government and business.”

A full copy of the Security Threat Report 2014 containing more information and statistics on cybercrime in 2013, as well as top tips and predictions on emerging trends, can be downloaded here.

You can read the original article here.

15

Jan

Increased migration to virtual servers and the ever-growing threat of attack on critical data are presenting new challenges to IT professionals, as they look to maintain high performance and density of servers, without compromising on security. Sophos Server Protection addresses these challenges by integrating agentless antivirus for vShield and full antivirus clients for Windows, Linux, Mac and UNIX into one centrally managed product.

Servers need the best protection against malware, but managing that protection while maintaining server performance across a diverse environment has inevitably increased complexity and demands on time,” said John Shaw, vice president of product management, Sophos. “We’ve delivered on what matters – server performance and security. Sophos Server Protection provides a single, easy to use management console to assign policies, view alerts and generate reports across platforms. Even licensing, often the bane of IT professionals, is straightforward: one server, one license, any platform.

Standalone and virtual systems use fewer resources with Sophos Server Protection than with conventional antivirus products. Agentless scanning via vShield Endpoint prevents scan and update storms, automatically protecting every Windows virtual machine on the host through a centralized virtual security appliance. Systems without vShield benefit from a full featured client optimized for performance. Advanced features, including HIPS, application control, and device control, are also included for select platforms.

Sophos Server Protection supports a broad range of server and virtualization platforms, including Windows, Linux, UNIX, Mac, Hyper-V, vSphere/ESX/ESXi and XenServer. It provides proven protection against known and unknown threats, supported by real-time communication with SophosLabs. The Windows client offers additional layers of security, including HIPS, application control and patch assessment.

Sophos Server Protection is server security made simple, because at Sophos we believe good security shouldn’t have to require the undivided attention of the IT team to make it work. Sophos Server Protection secures your business’s critical assets, without sacrificing performance or adding unnecessary complexity,” concluded Shaw.

Sophos Server Protection will be showcased at VMworld, which takes place in San Francisco between August 25 and 29. Sophos is a VMware Elite Technology Alliance Partner.

Υou can read the original article here.

15

Jan

The mobile workforce are the super productive bunch. They are the ones pushing the envelop of BYOD. For the mobile workforce, balancing work and life can mean that they check corporate email on a personal device, and browse the Internet using a corporate laptop while traveling.

Many IT professionals would agree that empowering these mobile workers with the tools they need while ensuring security can be a tough balancing act. Here are a few tips to help you secure your mobile workforces without overworking the IT folks.

1. Choose a cloud-based security subscription service that offers secu­rity software and policy updates anywhere without slowing down users.
Let’s face it, when your users are on the road, how often do they use a VPN to connect? If you rely on VPN connection to send security updates or refresh policies, you’ll be constantly behind.

2. Take advantage of security software web filtering capabilities that block malicious and web-borne threats before they reach the computer, as well as enforce proper usage policy.
When your mobile workers are on the road, it is expected that they would connect to the hotel’s Wi-Fi to browse the Internet to check the sports page on their work iPad.

The key is to keep them protected from web-borne threats. Take advantage of endpoint enforced web protection capabilities built-in to the local security agent. This way, you avoid latency and eliminate the need to backhaul traffic using a VPN connection. (We already know that people don’t always connect to the VPN before they browse the Internet!)

3. Select a solution that will protect Windows and Mac com­puters equally with a single policy.
Take a look at an airline lounge and count how many Macbooks are being used. According to our recent survey, 10% of laptop computers on the corporate network are Macs.

Get a security solution that will protect Windows and Mac equally. To reduce IT’s workload, it is also important to ensure that you can manage both with a single policy engine. This way, you will only have to configure policy once and it works automatically on both Windows and Mac OS X.

4. To protect data and ensure compliance, be sure to encrypt data on both Windows and Mac.
We all know encryption is essential for mobile workers, yet 80% of corporate computers are un-encrypted. Many mobile workers refuse to get encryption on their laptops out of concerns of slow speeds and longer boot time.

Select an encryption solution that works on both Windows and Mac, and with high performance that won’t slow down your users.

5. Select a single solution that gives you visibility into all the devices your remote users are using, including Windows or Mac laptops and mo­bile devices.
Mobile users today use an average of three devices to get their work done. Ideally, use a solution with a user-centric view, so when you are trouble shooting for a mobile worker, you can easily see the events, devices used and policy applied to the specific individual.

About Sophos Cloud

Businesses and IT managers have a simple choice – Sophos Cloud. There’s no server to install and the management console is hosted in the cloud. So, you’ll be up and running in just 60 seconds.

1) Windows, Mac and mobile device security in a single, integrated console
2) User-centric pricing, policy and reporting
3) Comprehensive protection without complexity

Try Sophos Cloud for free.

You can read the original article, here.

15

Jan

Sophos Mobile Control

Protecting millions of mobile devices across tens of thousands of customer accounts, the latest release of Sophos Mobile Control (SMC) features an easy-to-use web-based console—deployed either on-premise or as a Service—to manage, protect and secure data. It delivers effective mobile device management to control the devices that access corporate systems. Using Sophos Mobile Control, IT teams can equally enforce regulatory compliance as well as corporate-mandated policies for complete data and device security without complexity. SMC supports Windows Phone 8, Android, and iOS 7, Apple’s latest mobile operating system.

In a recent research note by IDC, 24% of SMB organizations currently utilize an MDM solution to govern and manage their mobile devices. The study identified Sophos Mobile Control as the most-deployed MDM product among all survey respondents at 25%. In addition, last month, Sophos was named a leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, and recently received a positive review from the 451 Group.

“We’re thrilled by the continued adoption of our MDM solutions. As the IDC report confirms, the market opportunity is huge, and Sophos Mobile Control is already at the head of the pack,” said Dan Schiappa, Senior Vice President and General Manager, Enduser Protection Group, Sophos. “As organizations look to define and refine BYOD policies and comply with regulations and compliance issues, Sophos continues to be a trusted provider for endpoint, network and server protection solutions.”

You can read the original article here.

15

Jan

At RSA, Schiappa managed a business unit with annual revenue over $500M, and he had responsibility for engineering, product management, product marketing, an anti-fraud command center, and data center operations. At Sophos he will have full product responsibility for the company’s broad portfolio of end user security offerings, including endpoint, mobile, server protection, and encryption and data protection products.

Kris Hagerman, chief executive officer for Sophos, said, “I’m pleased to welcome Dan to Sophos. He has deep experience in the IT security landscape, and his background, drive and passion make him the perfect fit to accelerate our end user security strategy of delivering world-class on-premise and cloud-managed security solutions to protect our customers across their broad diversity of endpoints. We continue to add some of the brightest minds to Sophos as we look to become the world leader in delivering complete security without complexity for organizations around the world.

Prior to EMC, Schiappa was at Microsoft, where he held several GM positions, including Windows security, Microsoft Passport/Live ID, and the company’s online display advertising platform. He also led strategy and corporate development for the Entertainment and Devices division.  As head of Microsoft’s security division, Dan led a 400-person product team responsible for developing the security infrastructure for Windows Vista/7 and Windows Server operating systems.  Also during his tenure, he was the key business leader for Microsoft’s BitLocker and Rights Management services.  Prior to Microsoft, Dan was the CEO of Vingage Corporation, a video server startup acquired by L3 Mobilevision, and was an executive at PictureVision, an online digital imaging startup acquired by Kodak.  Dan also held key technical roles at Informix Software and Oracle Corporation.

Schiappa said, “Sophos is poised to lead the charge for a more effective and simpler approach to securing users and data. The cloud will enable IT professionals and our partners to accelerate security deployment and simplify management in an ever changing landscape of malware, targeted attacks, and other security threats. And the continued innovations in end user and data protection will better safeguard enterprises of all sizes, whether they choose cloud or more traditional on-premise management.  It’s an exciting time to be at Sophos, and I’m thrilled to be part of the team.

15

Jan

Sophos Complete MSP Security is the first MSP-focused solution to offer complete protection for networks, endpoints, and mobile devices from a single vendor.

Sophos Complete MSP Security makes offering IT security as a service easier and more profitable. MSPs can offer a full range of IT security services that provide instant credibility and proven protection, including centralized management that allows them to easily manage all of their customers’ locations at no extra charge.

With Sophos’ new self-provisioning MSP licensing, this program offers compelling usage-based pricing and pay-as-you-go monthly billing, and it requires no up-front commitments – a business model demanded by today’s MSPs that had gone unmet – until now.

You can read the original article, here.

15

Jan

Authorities have apparently taken control of the Gameover bots and seized its command servers over the weekend, effectively freeing 300,000 of the 500,000 to 1 million infected Windows computers. Even better, they’ve found the crime ring behind the botnet and have charged alleged Russian mastermind Evgeniy Mikhailovich Bogachev with hacking, different types of fraud, money laundering and conspiracy.

Gameover Zeus, for those who’ve never heard of it in the past, is a P2P malware that pilfers banking information and initiates wire transfers to overseas bank accounts. It’s typically propagated through spam emails disguised as bills or invoices embedded with malicious links — the kind you tell your grandparents to never click. Once Gameover worms its way into a system, that computer becomes part of the extortion ring’s global network of infected machines, which funnel ill-gotten info back to the criminals. The perpetrators would sometimes also install compromised PCs with Cryptolocker, a “ransomware” that takes users’ files hostage until they pay up. According to the FBI’s estimates, the criminals have stolen over $100 million using both Gameover and Cryptolocker. But whether that’s enough for Bogachev to stand trial in the US (home to 25 percent of the affected machines) remains to be seen, as Russia does not extradite accused criminals. For now, all the authorities can do is spread word about the botnet and help people remove it from their computers.

The next stage – the part of the operation that is the duty of all of us – is to dismantle the rest of the botnet, by progressively disinfecting all the zombie-infected computers that made the Gameover and Cryptolocker “business empires” possible in the first place. US-CERT has come up with a whole list of free tools so you can do just that, and (if you are the go-to person for IT problems amongst your friends and family) so that you can help others, too. The Sophos Virus Removal Tool is amongst the recommended cleanup utilties. It’s a free download; you don’t have to uninstall your existing anti-virus first; and it detects and cleans the same malware, including rootkits, that Sophos Anti-Virus knows about, not just CryptoLocker.

You can read the original article here and here.

15

Jan

James Lyne, Global Head of Security Research, Sophos, said: “Sophos has partnered with Government to support Cyber Streetwise because we believe it’s imperative for both consumers and small businesses to take action to protect themselves online.”

“Consumers and SMEs alike are finding new ways to interact online, including via a greater range of devices, but with this enhanced technology comes risk. SophosLabs finds over 30,000 new infected websites distributing malware every day and, contrary to popular belief, the majority – around 80% – are legitimate small business websites that have been hacked. It’s therefore vital that small businesses in particular get the basics of security right – from installing antivirus to regularly updating and patching software, using complex passwords and protecting data.”

The Cyber Streetwise website – www.cyberstreetwise.com – offers a range of interactive resources for SMEs and consumers to gain impartial advice on how to protect themselves online. Sophos, which has provided security expertise and content for the Cyberstreetwise site, is also pushing visitors from its own dedicated web page – www.sophos.com/cyber-street – to the Cyber Streetwise website.

Cyberstreetwise 2

James Lyne continued: “Those who don’t put basic security measures in place are leaving themselves exposed to attackers capable of silently installing malicious code on their systems without permission. We are proud to have been asked to support and to provide content for Cyber Streetwise, which will play a vital role in encouraging businesses and consumers to adopt safer behaviours online and to take the fight to cyber criminals by improving their online security.”

Cyber Streetwise is urging people to take five actions in order to protect themselves and others from cyber crime:

1. use strong, memorable passwords
2. install anti-virus software on new devices
3. check privacy settings on social media
4. shop safely online – always ensuring to check online retail sites are secure
5. download software and application patches when prompted

You can read the original article at here.

15

Jan

Recent headlines and mounting evidence suggest that cyberattacks on Critical Infrastructure (CI) systems are increasing as cybercriminals have identified electric utility grids as prime targets for disruption activities. As a result, CI cybersecurity has become a prime concern for governments and citizens alike. The paper focuses on the history of the electric industry, how cybersecurity standards have emerged, what those standards are and how they can be used by other CI sectors to strengthen security and reduce the risk of harmful cyberattacks.

PKI is a robust technology that provides a secure, scalable and cost-effective method to securely authenticate digital identities on large and complex networks such as those that manage business processes for the wholesale electric market. However, due to the many implementation details involved, if the technology is not executed correctly it can also produce a vulnerable system,” said Kee. “NAESB members have worked together to produce a standard for the Wholesale Energy Sector that is based on best practices, proven management techniques and advanced digital certificate technologies.

In the wake of increasing attacks, U.S. CIs are stepping up efforts to amplify their cybersecurity and strengthen their defenses. In fact, the white paper notes that in President Obama’s recent Executive Order, the National Institute of Standards and Technology (NIST) was directed to lead the effort to develop a cybersecurity framework that would consist of adopting industry best-practices wherever possible. “As part of NIST’s draft cybersecurity framework of best practices, guidelines and standards, the NAESB standard on PKI stands a good chance of being applied to other CI sectors,” says Lila Kee.

All CIs are managed, controlled and accessible via Internet-connected systems, making them vulnerable to cyberattacks. This white paper details how ISOs in the energy sector have recognized the value of cybersecurity frameworks, have adopted standards developed by NAESB and have demonstrated that standards can be developed using shared expertise from both the public and private sectors – setting a framework for all CI sectors.

“It has become increasingly clear that cybercriminals are targeting the critical infrastructure in an attempt to disrupt our way of life. For this reason, NAESB made it a priority to establish PKI standards in order to fortify our cybersecurity framework,” said Rae McQuade, President of NAESB. “In establishing these standards we hope to provide a strong cybersecurity strategy so that we may best protect the business practices related to the electricity market that are a critical part of the everyday lives of our citizens.”

To read GlobalSign’s white paper visit the page here