Malicious spam campaign pretends to be from Sophos

Sophos is aware of a widespread malicious email campaign sent out with subject lines like this:

These emails claim to come from addresses such as:

Please note that this attack did not originate from Sophos, and there is no indication that we have been compromised in any way.

Unfortunately, the “From” address in an email is part of the email itself, just like the subject line or the message, so the email sender gets to choose whatever they want.

Continue reading

Follow these best practices to secure your data in the cloud

cloud-aws-best-practicesThere are many misconceptions about cloud security, and it starts with basic misunderstandings about what “the cloud” even is.

Essentially, the cloud is anything hosted and accessed virtually. Webmail systems like Gmail, and social networking sites like Facebook and Twitter are in the cloud. Really, the entire internet is the cloud!

As Sophos experts explain in a new whitepaper describing best practices for cloud security, the most important thing to remember is that when you put data in the cloud, you need to understand how it’s being protected. You shouldn’t assume that security is being taken care of for you.

Continue reading

SophosLabs investigates the most popular Microsoft Office exploit kits

SophosLabs Office exploitsMalware authors have been using Microsoft Office document exploits for quite some time, but in the past couple of years, document malware has experienced a resurgence.

Typically, exploited documents are attached to email messages and sent out to large numbers of random recipients (in the case of cybercrime groups) or a smaller number of selected targets (in the case of APT groups).

Office exploit generators play a crucial role in making Office exploitation available to common cybercriminals. However, despite their significance, most Office exploit kits have not been covered in detail.

In a new research paper, SophosLabs Principal Malware Researcher Gabor Szappanos analyzes some of the most impactful Office exploit generators.

Continue reading

5 things to consider when choosing a sandbox solution

Sophos SandstormMany organizations are considering next-generation solutions to deal with the unknown threats cybercriminals use to evade traditional defenses. One technology that’s had a fair share of hype is the sandbox.

A sandbox is an isolated, safe environment that imitates an entire computer system to execute suspicious programs, monitor their behavior, and understand their intended purpose, without endangering an organization’s network.

Choosing a sandboxing solution can be a challenge due to the numerous options available on the market. Consider the following five points before you make your decision.

Continue reading

How to: view and manage live connections on your XG Firewall

XG FirewallWe’ve created a comprehensive library of “How To” videos to help you get the most out of your XG Firewall, including a series of Getting Started and Networking videos.

Today, I’d like to share a short Networking video that shows you how to view and manage connections on your XG Firewall.

We begin within the Network Security Control Center, where you click on the Connections widget to go to System Tools > Connection List.

Continue reading

EU Parliament passes the General Data Protection Regulation – why it’s a good thing

EU data protectionAfter four years of preparation to overhaul the European Union’s data protection rules, the members of the EU Parliament gave final approval yesterday to the EU General Data Protection Regulation (GDPR).

The GDPR is a big step forward for better protection of EU residents’ data with a consistent set of regulations across borders.

The GDPR applies to businesses of all sizes, anywhere in the world, that hold information on European residents, and shows that Europe is taking the subject of data protection seriously.

We think the new regulation will make data protection a board-level issue, and it’s a signal to all companies who do business in the EU that they need to protect their customers’ data. Our advice is: don’t ignore the regulation and think “I won’t get fined.”

Continue reading

Announcing Sophos Central: Next-gen security management for partners, admins and (soon!) end users

Sophos CentralThis is a big day for Sophos, our partners, and their customers.

While the security industry has been increasingly trending toward complicated point products – each with their own admin consoles, policy setup, and terminology – we’ve been steadfast in our belief that powerful, feature-filled, and industry-leading security should be integrated and uncomplicated.

You may be aware of our “Security made simple” tagline, but if even if you aren’t, you should absolutely feel it when you use our products. And we believe that we’ve taken a major step forward in that spirit today with the launch of our all-new Sophos Central integrated management platform, formerly known as Sophos Cloud.

Continue reading