What is Shellshock? This infographic explains how a Shellshock attack works and how to stay safe

Bash-Shellshock-150Shellshock, a serious vulnerability affecting Linux, UNIX and OS X computers, is making life difficult for IT admins, as vendors rush out patches to stay ahead of the cybercriminals trying to exploit this bug.

Like the Heartbleed bug in OpenSSL, Shellshock has a nasty-sounding name, far-reaching impact, and major consequences for security. Yet Shellshock is worse than Heartbleed in one important way — it could allow an attacker to take complete control of vulnerable machines.

If you’re looking for a little tutorial on Shellshock, we’ve created a simple infographic to explain the bug, how an attacker might exploit it, and what you can do to stay safe.

Continue reading

What you need to know about the Bash “Shellshock” vulnerability

nsgIn the light of the recent Bash vulnerability known as “Shellshock” (CVE-2014-6271 and CVE-2014-7169), here’s the reality instead of the hype.

Shellshock is a newly-discovered vulnerability in Bash (the Bourne Again Shell), one of the most commonly used shells on Linux, UNIX and OS X.

Although it can be exploited in some cases, the good news is that not all implementations can be exploited, and only certain services and applications allow a hacker to exploit this issue.

Continue reading

What’s the deal with the Home Depot data breach?

TheHomeDepotThe massive data breach of payment card numbers and other customer details at Target last December raised serious doubts about security of point-of-sale (POS) systems. And the recent breach of the Home Depot has amplified those concerns, as more and more retailers are owning up to breaches involving POS compromises.

In the Home Depot’s case, the company hasn’t fully disclosed what data was lost or at how many of its more than 2,000 stores — leading to speculation about the size of the breach and whether the same type of malware that hit Target was involved. [UPDATE: Home Depot confirms 56 million payment card numbers were exposed.]

What can consumers and retailers do to stay safe?

Continue reading

Microsoft’s takedown of No-IP – there’s a better way to battle DNS abuse

no-ip-150Microsoft’s takedown of the No-IP dynamic DNS service generated a lot of controversy when legitimate customers were impacted by the disruption of 18,000 subdomains abused by cybercriminals.

Microsoft has done its fair share of good, frequently working with law enforcement to take out servers that control malware spewing bots, such as the ZeroAccess botnet. But in this case, Microsoft misfired and caused a lot of collateral damage, according to Sophos security adviser Maxim Weinstein.

In a new post at Dark Reading Maxim writes that the Microsoft vs. No-IP case highlights the need for “clear standards of abuse handling, and transparency on which service providers measure up.”

Continue reading

The Sophos World Cup ‘dream team': See which players made our roster

world-cupWhether you call it football or soccer, the FIFA World Cup is the ultimate sporting event. Thirty-two nations and the world’s top players, on the biggest stage, all vying for the chance to be called the world’s best.

To celebrate the World Cup, we picked some of the best players in the world and put them on our dream roster. And because we think many of the same qualities that make a great footballer also make great security products, we matched our top players with their counterparts from our product line-up.

Check out our roster — and let us know what you think. Who would you want on your team?

Continue reading

New release of Sophos Antivirus for NetApp

Version 3.0 of our high-performance malware scanner for NetApp filers, Sophos Antivirus (SAV) for NetApp, is now available.

The new version of SAV for NetApp, a component of Sophos for Network Storage, supports Data ONTAP C-mode and clustering, along with legacy 7-mode scanning. In either C-mode or 7-mode, SAV for NetApp provides the ability to protect multiple filers with a single scanning server.

The new release also brings reliability improvements and support for Windows Server 2012 and Windows Server 2012 R2.

Continue reading