Document exploitation is a well-known method of distributing malware in the malware community. A common theory for why crooks use booby-trapped documents is that victims can be more easily convinced to open document attachments than executables.
Word, Excel and PDF documents that contain so-called exploits – active booby-traps – have the added trick of not requiring their victims to manually enable macros, as is often the case for VBA downloaders.
The latest technical paper from SophosLabs explores why we’re seeing more document exploitation malware in the wild, and investigates the long-standing popularity of a document exploitation generator called Ancalog, which is widely commercially available.
We know you face a challenge choosing the right security for your business. You’re buying something to protect you against the unknown, so how do you know what is the right product to buy?
We’re bound to tell you that our products are the best. That’s why it’s important for you to hear independent opinions too.
We’re so delighted to share that Sophos is cited among vendors who “lead the pack” in The Forrester Wave™: Endpoint Security Suites, Q4 2016 report from Forrester Research, Inc.
Headed up by our Chief Financial Officer Nick Bray, a band of brave Sophos UK employees took part in Action for Children’s Byte Night national ‘sleep out’ on a chilly October night last week.
Armed with their sleeping bags and Sophos onesies, the 26 Sophos Sleepers experienced what it was like to sleep rough in order to raise money and awareness for the 80,000 young people who find themselves homeless in the UK each year.
We’re pleased to announce the latest release of Sophos Web Appliance 4.3, which adds improved Sophos Sandstorm capabilities and completely updates the underlying Sophos Web Appliance operating system to a new improved kernel.
If you’re not familiar with Sophos Sandstorm, it gives your organization an extra layer of security to defend against fast-moving, targeted attacks, like ransomware, Advanced Persistent Threats (APTs) and newer, unknown malware.
Since its release, Sandstorm has become immensely popular with our customers, so we’re pleased to announce new features that makes Sandstorm even more powerful.
It’s been almost a month since we launched our brand new approach to endpoint security, Sophos Intercept X.
Intercept X features signatureless anti-exploit, anti-ransomware and anti-hacker technology that includes visual root-cause analysis and advanced malware cleanup. And it’s all managed via the Sophos Central Admin console.
But how does it detect ransomware?
Sophos is the same as any other business – we need to keep our employees (and the company) safe, while at the same time we need to give people the freedom to do their jobs.
Our employees want to be helpful, perform well, and give good support to their co-workers, clients and customers. But good nature is exploitable and it’s those easy-to-exploit characteristics that social engineers seek to tap into.
As an attacker, it’s usually easier to try and push past a human than to try and push past a machine. Unless we understand the tactics and techniques of cybercriminals, people may well fall prey to attacks and put the company at risk at the same time.
We recently announced the appointment of Tony Young as Global CIO of Sophos.
In his new role, Tony will be responsible for the strategy, security and management of the global IT organization at Sophos.
We met with Tony to say hello, and find out a bit more about him…
Welcome to Sophos Tony! What attracted you to the role of the first ever CIO of Sophos?
Thanks, I’m very excited to be here!
There were a few reasons that I was attracted to working at Sophos. First of all, I love high-tech. I’ve spent most of my working life in the industry and it’s a great place to be. I came to Sophos from GoPro where I was CIO, and working in a consumer business reinforced my excitement for our industry.
When I told people I was off to work for a security company, they asked me why. I explained that I had noticed how fractured many vendors in the security space are. A customer has to buy multiple products and then figure out how to stitch them all together. Everything is separate and you need an army of security professionals to enable and maintain any sort of security when faced with that fragmented approach.