When Sophos Phish Threat was released in January, we pointed out that:
- Email remains one of the most problematic sources of infection; and
- It’s the ordinary, well-meaning people who often let poisonous emails into their organizations.
It may not fit neatly under a tree but, when family are all gathered around this holiday season, and inevitably someone mentions the way their computer has been “acting weird” lately, you’ll be able to give a gift that keeps on giving: Sophos Home.
And unlike so many other items on your shopping list, the price for this gift is unbeatable: Sophos Home is completely free.
Sophos is the same as any other business – we need to keep our employees (and the company) safe, while at the same time we need to give people the freedom to do their jobs.
Our employees want to be helpful, perform well, and give good support to their co-workers, clients and customers. But good nature is exploitable and it’s those easy-to-exploit characteristics that social engineers seek to tap into.
As an attacker, it’s usually easier to try and push past a human than to try and push past a machine. Unless we understand the tactics and techniques of cybercriminals, people may well fall prey to attacks and put the company at risk at the same time.
For a behind-the-scenes view of what it’s like to be on the frontline of tracking security trends, we interviewed John Shier, senior security advisor and nine-year Sophos veteran.
John works closely with SophosLabs to study and analyze all types of cyberattacks emerging around the world. He’s also an expert on the advanced technology needed to combat these threats.
Sophos has been working closely with Microsoft to ensure our products are compatible with their latest releases. And if you’re moving to Windows 8, follow these eight security tips to help you stay secure.
1. Exercise caution with apps for the new Windows 8 user interface (formerly known as Metro)
Some familiar applications have been completely re-written for the new Windows 8 UI. As a result they may work completely differently, despite looking the same. For example, an application historically delivered as an executable could now be entirely web-based. This impacts the visibility your existing security and monitoring tools have into these apps.
2. Use the Windows 8 style UI version of Internet Explorer
By default, plugins are disabled, blocking a major target for exploit kits and Blackhole attacks.
3. Make sure your security vendor can flag malicious Windows 8 UI apps
Windows 8 UI apps have important differences from regular applications, and your security product should be able to distinguish the two. The security product should correctly flag malicious or modified Windows 8 UI applications (tampered, modified, invalid license).
Let’s focus for a moment on Blackhole, the world’s most popular and notorious malware exploit kit. Barring a takedown by law enforcement, we are likely to be battling it for years to come. So it’s worth making sure you’re up to speed.
Exploit kits like Blackhole are pre-packaged software tools available on the malware black market. They identify and make use of vulnerabilities in software running on your computer to pull off a drive-by download.
The result: the computer silently downloads and runs malware, without producing any of the warnings or dialogs you would usually expect.