I’m pleased to announce the release of this year’s Security Threat Report, in which our accomplished SophosLabs researchers explore and explain the threat landscape of the past 12 months and look ahead to what 2014 may bring.
Reflecting on the security and threat landscape of 2013, I think the most important trend in this year’s report is the growing ability of malware authors to camouflage their attacks to evade detection.
As we acknowledge in the Security Threat Report’s subtitle, “Smarter, Shadier, Stealthier Malware,” cybercriminals have made strides to hide their work in response to recent successes of the IT security industry.
Linux servers come in many flavors, from Red Hat to SUSE to Ubuntu. All share a common reputation as being largely immune from the malware problems that plague Windows. It’s no surprise, then, that many IT professionals wonder whether it’s really worth installing antivirus software on their Linux servers. As it turns out, the answer, more often than not, is yes.
One reason to consider installing Linux antivirus is that malware for Linux does, in fact, exist. It’s far less common “in the wild” than Windows malware, but rootkits like the one that targeted the SSHD daemon earlier this year demonstrate that it is a real threat. Do you want to explain to the boss that a mission-critical server got trashed because you didn’t think it was likely to get infected?
In a few short months, Microsoft will end support for Windows XP, Windows Server 2003 and Office 2003. We’ve all known this for some time, but the security implications of these product retirements are still the subject of debate, and concern, among IT security professionals.
Among the issues raised by Microsoft’s planned XP end-of-life in April of 2014: What will it mean for IT security at-large when, inevitably, some number of XP users don’t upgrade and remain on unpatched systems? What will happen to devices like point-of-sale (POS) and medical equipment that rely on XP? And what can IT professionals do to prepare?
Our threat experts at SophosLabs have analyzed a new Trojan in the PlugX family seeking to exploit a vulnerability in Ichitaro, a word processing software popular in Japan, that allows a hacker to take control of your computer.
Although it’s not yet clear why the PlugX malware writers are targeting a relatively small number of Ichitaro users, our researchers have been tracking PlugX and its related variants for some time. And we can draw some important lessons from this recent attack.
This new release adds Windows 8.1 and IPv6 support as well as other smaller features.
If you’re one of the 800 million people using an Android device, you’ve likely had at least one encounter with a “potentially unwanted app” (PUA). You know the type: annoying apps that run ads and pop-ups until you finally uninstall them.
What you might not know is that Android malware has become a real problem, and some malicious apps can be more than just annoying: they can compromise your security and your privacy. Preventing a malware infection on your Android device and avoiding PUAs begins with educating yourself. Here are seven tips to help you substantially reduce your risk.
Companies and IT departments used to be able to get away with requiring employees to use corporate mobile devices. Now, users are saying “not anymore.” They want to use their own devices—iPhones, Androids, Windows Phones—making mobile security an even bigger challenge.
Join our free webcast for the security tips you need to make your BYOD (bring your own device) policy a win-win for your users and your data security and compliance. John Shier, Sophos security expert, will show you the latest mobile threats, and give you practical tips for securing your mobile workforce.