Stamp out snowshoe spam with Delay Queue in Sophos Email Appliance 3.9

Delay QueueWe’re pleased to announce version 3.9 of the Sophos Email Appliance (SEA). This update features Sophos Delay Queue technology – a sophisticated enhancement that increases spam detection by as much as 4% and blocks snowshoe spam.

Snowshoe spam is a type of unsolicited bulk email that spreads the load of a campaign over a large number IP addresses and domains in short busts, much like how snowshoes distribute your weight as you walk on snow.

Snowshoe spam campaigns only run for a few minutes at a time. This technique has proved to be a challenge for traditional anti-spam approaches of content analysis and IP reputation-based systems.

Continue reading

Would you mail your confidential business plans on a postcard?

Deadly IT sin #4: Unencrypted emailAs much as we complain about email as an annoyance, a distraction, and a productivity killer, we depend on it for vital business and personal communications. We might hate email, but we’d probably be lost without it.

What many people don’t realize is that email is quite old as a technology, and it’s very insecure. Not only are spam and phishing rampant, email snooping is a problem, too.

Because email traverses the Internet in plaintext, it’s only as private as sending a postcard. If you’re not encrypting your email, what you might think is a private communication could be read by anyone – whether it be Google, the NSA, or perhaps one of your competitors.

Continue reading

OpenSSL man-in-the-middle vulnerability – Network Gateway product patch information

On June 5th, 2014 a vulnerability (CVE-2014-0224) was found in OpenSSL that impacts our network security products. Fortunately, as of the publication of this article, there are no known in-the-wild attacks. Of course, as you’ve come to expect from Sophos, we’ve wasted no time in getting to work on patches to fix this vulnerability.

The vulnerability exists in OpenSSL and can allow an attacker using a man-in-the-middle attack to decrypt and modify traffic between a vulnerable client and server. Both client and server must be vulnerable for this exploit to work. OpenSSL versions 1.0.1 and 1.0.2-beta are affected.

Continue reading

Email encryption that makes compliance easy

secure-email-gateway-transparent-encryptionEmail is a common source of data loss. With governments across the globe increasing the penalties for breaches, encryption is the best way to secure data sent by email and comply with data security regulations.

Like everything else we do at Sophos, we’ve made protecting your email simple.

Sophos UTM Email Protection and our Sophos Email Appliances include our cutting-edge SPX technology that simplifies encryption without slowing down your business.

Continue reading