Sophos products and the GHOST vulnerability affecting Linux

nsgIn the last couple of days, a widespread Linux vulnerability known as GHOST has been receiving a lot of attention in the security community. In theory, this vulnerability can allow an attacker to remotely execute code on a Linux computer. There is already proof of concept code that puts this theory into practice, and it is expected that real world attacks are just around the corner.

The Sophos product teams have been thoroughly investigating to determine which of our products are affected and what is necessary to address those that are.

Continue reading

SophosLabs research spotlights rising threat of Vawtrak financial malware

SophosLabsA type of data-stealing malware called Vawtrak is spreading in countries around the world, controlling thousands of computers while silently draining the bank accounts of its victims.

Analysis of the malware by James Wyke, Senior Threat Researcher with SophosLabs UK, indicates that the people behind Vawtrak are targeting banks and other companies in a very methodical way in a number of countries, including some that aren’t commonly targeted by banking malware.

In his fascinating new research paper on the subject, Vawtrak – International Crimeware-as-a-Service, James enlightens us about the mechanics of this cybercriminal enterprise, and the steps taken by this crafty and deceptive malware as it steals account details and transaction tokens directly from victims when they visit the websites of their financial institutions.

Continue reading

Sophos Cloud is making it easier to protect servers, and everything else, in one place

cloud-150With the release of Sophos Cloud Server Protection, we’re expanding Sophos Cloud to protect desktops, laptops, mobile phones, tablets – and now servers – with the most effective and simple-to-manage business security offering available.

If compromising desktops is like stealing a wallet, then hacking a server is like robbing a bank. Servers store large amounts of sensitive information and have become popular targets for cybercriminals.

Today’s businesses need the most up-to-date protection, and Sophos Cloud Server Protection gives overtaxed IT personnel an innovative, high performance and simple-to-manage solution for securing server environments.

Continue reading

New Amazon Web Services Resource Center

aws-1With a busy week well under way at Amazon’s re:Invent conference, we’re pleased to launch our brand-new AWS Resource Center.

It showcases many of the ways Sophos makes AWS security simple!  You’ll find a wealth of valuable information and resources that demonstrate just how easy it is to secure your AWS networks, servers, and applications with Sophos.  There are case studies, videos, guides, links to test drives, and much much more to help you get started securing your AWS infrastructure.

Continue reading

What is Shellshock? This infographic explains how a Shellshock attack works and how to stay safe

Bash-Shellshock-150Shellshock, a serious vulnerability affecting Linux, UNIX and OS X computers, is making life difficult for IT admins, as vendors rush out patches to stay ahead of the cybercriminals trying to exploit this bug.

Like the Heartbleed bug in OpenSSL, Shellshock has a nasty-sounding name, far-reaching impact, and major consequences for security. Yet Shellshock is worse than Heartbleed in one important way — it could allow an attacker to take complete control of vulnerable machines.

If you’re looking for a little tutorial on Shellshock, we’ve created a simple infographic to explain the bug, how an attacker might exploit it, and what you can do to stay safe.

Continue reading

What you need to know about the Bash “Shellshock” vulnerability

nsgIn the light of the recent Bash vulnerability known as “Shellshock” (CVE-2014-6271 and CVE-2014-7169), here’s the reality instead of the hype.

Shellshock is a newly-discovered vulnerability in Bash (the Bourne Again Shell), one of the most commonly used shells on Linux, UNIX and OS X.

Although it can be exploited in some cases, the good news is that not all implementations can be exploited, and only certain services and applications allow a hacker to exploit this issue.

Continue reading

What’s the deal with the Home Depot data breach?

TheHomeDepotThe massive data breach of payment card numbers and other customer details at Target last December raised serious doubts about security of point-of-sale (POS) systems. And the recent breach of the Home Depot has amplified those concerns, as more and more retailers are owning up to breaches involving POS compromises.

In the Home Depot’s case, the company hasn’t fully disclosed what data was lost or at how many of its more than 2,000 stores — leading to speculation about the size of the breach and whether the same type of malware that hit Target was involved. [UPDATE: Home Depot confirms 56 million payment card numbers were exposed.]

What can consumers and retailers do to stay safe?

Continue reading