Articles about Sophos

cloud

Sophos gulps down hot Mojave, will puff out more secure clouds

Sophos has slurped up the security firm Mojave Networks in a bid to develop the world's strongest and most secure cloud. You should probably now get excited about data security. "Mojave Networks is a young innovative company that has built a leading platform right at the intersection of three cutting-edge areas of security: …
Jasper Hamill, 08 Oct 2014

APT devs are LOUSY coders, says Sophos

The most infamous advanced persistent threat groups write exploits that fail more often than they work, malware bod Gabor Szappanos says. The malware prober with SophosLabs Hungary office examined 15 exploit writing groups and rated six as having only basic skills. Szappanos found one popular exploit (CVE-2014-1761) used as a …
Darren Pauli, 05 Feb 2015

CONFIRMED: Sophos shifting threat response work to India

Updated Sophos has confirmed it is moving the "majority of its [computer security] threat response work" to India. The Register got wind of the change from an anonymous tipster who told us SophosLabs is shifting away all of its frontline operations to India after it acquired Cyberoam there in February this year. In a statement, Sophos …
John Leyden, 04 Jun 2014
IT Crowd. Source: Channel 4 / 2entertain

Sophos to offshore American support operations

Exclusive Sophos plans to offshore support operations from the US to Canada and the Philippines as part of a wide-ranging restructuring of its support operations. The plans were outlined in an internal email to staff from Mary Winfield, SVP Global Support, leaked to El Reg by an anonymous tipster. "Another year, another round of layoffs …
John Leyden, 20 Oct 2014
The Register breaking news

Sophos pulls out spade, fills in holes in Web Appliance

Sophos has pulled out the weeds in its web-scanning software after Core Security identified multiple holes in its Web Protection Appliance versions 3.8.0, 3.8.13 and 3.7.9 and earlier. The Core Security advisory states that if a remote attacker can gain access to the appliance's web administrator interface, the attacker could …
axe_channel_teaser

Sophos picks up axe again, 'plans to DECIMATE staff'

Sophos plans to shed 150 jobs as part of restructuring exercise, according to a source who tipped off El Reg. The security-software maker confirmed to The Register that cuts in some areas of its business were on the cards. But it declined to discuss the specifics of the planned redundancies; for example, it did not say which …
John Leyden, 16 Apr 2013
The Register breaking news

Got a Sophos Web Protection box? Make sure it's up to date

Sophos has plugged security holes in its Web Protection Appliance that could place its customers' internet connections in the hands of eavesdroppers. The equipment is supposed to filter out suspicious or harmful web traffic for businesses. But the flaws allowed any unauthenticated user to access sensitive configuration files in …
John Leyden, 04 Apr 2013
channel_teaser_exit

Sophos slips Junk into gap left by departing EMEA veep

Sophos veep for northern Europe, Middle East and Africa Ciaran Rafferty has quietly left the organisation, The Channel can reveal. Rafferty joined Sophos as UK and Ireland country manager a little over three years ago and was handed a wider remit in August 2010. "After three years of significant contributions to Sophos, Ciaran …
Paul Kunert, 04 Jul 2012
The Register breaking news

Sophos dangles free Android antivirus to tempt BYOD-friendly biz

Sophos has crafted a freebie antivirus app dubbed Sophos Mobile Security for Android-powered devices. The software tries to protect smartphones against malware, warns fandroids of privacy-invading programs and can lock down a gadget if it's lost or stolen, ideally without taxing either performance or battery life. The software, …
John Leyden, 30 Jul 2012
The Register breaking news

Sophos to axe 35 developer posts, shifts gaze to mobile, networks

Exclusive Sophos intends to shed 35 jobs from its development team as part of a company shakeup. The security software maker confirmed cuts are on the cards, but would not discuss the specifics of the planned redundancies after an anonymous source tipped off the The Reg. The firm said it will attempt to move affected workers within the …
John Leyden, 15 Nov 2012
The Register breaking news

Google bod exposes Sophos Antivirus' gaping holes

A security researcher has discovered embarrassing and critical vulnerabilities in Sophos' enterprise protection software. Tavis Ormandy, an information security engineer at Google, published a paper along with example attack code to highlight flaws present in Windows, Linux and Mac OS X builds of Sophos' antivirus product. The …
John Leyden, 06 Nov 2012
The Register breaking news

Sophos antivirus classifies its own update kit as malware

Sophos users woke up to mayhem on Thursday after the business-focussed antivirus firm released an update that classified itself and any other update utility as a virus. As a result enterprise PCs running the application went haywire, generating false positives reporting SSH/Updater-B malware. Sysadmins were bombarded with …
John Leyden, 20 Sep 2012
The Register breaking news

Sophos shutters partner portal after hack attack

Sophos has shut down its portal for partners after finding two software packages on its servers designed to allow access to them – and possibly to user data stored there, as well. The security software firm posted a statement on the portal explaining that it had spotted suspicious behavior on some of its servers this Tuesday. An …
Iain Thomson, 05 Apr 2012
channel

Sophos buys security appliance firm Astaro

UK-based net security firm Sophos is getting into the hardware game with the purchase of all-in-one security appliance firm Astaro. Terms of the deal to acquire privately held Astaro, announced Friday, were not disclosed. Astaro, with $56m in billings during 2010, is the fourth largest dedicated unified threat management (UTM) …
John Leyden, 06 May 2011
Headshot of Trojan horse

Vawtrak challenges almighty ZeuS as king of the botnets

Crooks behind Vawtrak, a dangerous banking Trojan, are ramping up its reach and sophistication, security firms have warned. Vawtrak currently ranks as the single most dangerous threat, according to PhishLabs. Only Zeus and its many variants (GameOver, KINS, ZeusVM, Zberp, etc.) taken as a single malware "family" would outrank …
John Leyden, 27 Dec 2014
The Register breaking news

Sophos says sorry over Google Analytics false alarm

Updated Sophos has apologised after its security screening technology went awry and began falsely warning users when they visited websites running Google Analytics. The false positive - which identified web content served up from google-analytics.com as malicious code (specifically HTMLGen-A) - kicked in at around 05:15 GMT and …
John Leyden, 10 Jun 2011
Our Playmobil figure innocently tweeting away at his computer

My employer, comply with data protection law? Don't think so – say 3 in 4 office drones

Less than a quarter of staff at businesses in the UK, France and Germany think their organisation fully complies with data protection laws, according to a new study. Cyber security company Sophos commissioned a survey of 1,500 office workers in the three countries and found that 77 per cent of respondents were not confident that …
OUT-LAW.COM, 03 Oct 2014
The Register breaking news

Reduced growth forces Sophos to shed 80 jobs

Tough times in the information security market have obliged UK-based information security firm Sophos to draw up plans to reduce its workforce by around 7 per cent. A decline in its rate of growth in the first half of this year prompted Sophos to make the tough decision to shed around 80 jobs. The job reductions will be achieved …
John Leyden, 12 Nov 2010
Cartoon of  green skeletal figure reaching out of phone

Gameover ZeuS botnet pulls dripping stake from heart, staggers back from the UNDEAD

The Gameover ZeuS malware is back from the dead just six weeks after a takedown operations that aimed to put a stake through the heart of the botnet, which is linked to the even more infamous CryptoLocker ransomware. International law enforcement acted against the crooks behind the Gameover ZeuS in early June. For the past month …
John Leyden, 14 Jul 2014
Wifi grumpy cat

Sydney wallows in cesspit of WiFi obsolescence and ignorance

Sophos has brought its Raspberry-Pi-powered World of Warbiking WiFi-sniffing peloton to Sydney and found, as it does everywhere around the world, that some people just can't be bothered with WiFi security. The Word of Warbiking sees Sophos' head of security research James Lynbe strap a Pi and various WiFi cards to his bicycle …
Simon Sharwood, 02 Jul 2014
The Register breaking news

Apax buys control of Sophos for $830m

Updated Apax Partners has bought a majority stake in UK-based net security firm Sophos in a deal announced on Monday valuing the company at $830m. Dr Jan Hruska and Dr Peter Lammer, who co-founded Sophos 25 years ago, will retain a significant minority shareholding, reportedly valued at $300m. TA Associates, a minority shareholder in …
John Leyden, 04 May 2010

Panic like it's 1999: Microsoft Office macro viruses are BACK

Macro viruses involving infected Word and Excel files were a plague in the late 1990s. Yet, like grunge music, the genre fell into decline as techniques and technologies moved on. More recently macro viruses have staged something of a revival, thanks to social-engineering trickery. Windows executable malware has dominated macro …
John Leyden, 08 Jul 2014

Favicons used to update world's 'most dangerous' malware

Developer Jakub Kroustek has found new features in the dangerous Vawtrak malware that allow it to send and receive data through encrypted favicons distributed over the Tor network. The AVG security bod reveals the features in a report (pdf) into the malware which is considered one of the worst single threats in existence. He …
Darren Pauli, 25 Mar 2015
globalisation

Sophos debuts freebie anti-virus scanner for Macs

Updated Sophos released a free of charge Mac anti-virus product for consumers on Tuesday in a bid to highlight the growing security risk against the platform and to shake fanbois out of their complacency. The business-focused internet security firm is making Sophos Anti-Virus Home Edition for Mac available for download at no charge - …
John Leyden, 02 Nov 2010
The Register breaking news

Sophos sorry for blog comment spam campaign

Sophos has apologised after a third-party marketing agency hired by the anti-virus and anti-spam specialist sprayed link spam on the blog of security expert Gunter Ollmann. Multiple auto-generated comments submitted to Ollmann's technicalinfo.net blog containing hyperlinks to the anti-malware portal on the Sophos website. The …
John Leyden, 22 Mar 2010
Punk-styled girl with piercing gazes at an apple

Gullible Apple users targeted by bogus order cancellation scam

Cybercrooks are targeting Apple iCloud users with phishing messages designed to steal financial information. A new run of spam messages offer a slight twist on the popular ”bogus order" scam. Instead of simply telling you about a payment you're supposed to have made, prospective marks are invited to cancel a transaction already …
John Leyden, 13 Feb 2015
management strategy4

Security vet Rafferty rocks up at Clearswift with bold plan

Security industry vet Ciaran Rafferty has been tapped up by Brit content and email traffic filtering firm Clearswift to run global sales. Billed by the firm as an industry rainmaker - someone that can conjure clients and cash - Rafferty has bags of channel experience gained in numerous previous roles. According to the man he'll …
Paul Kunert, 11 Mar 2014
Collection of antique keys

Popular crypto app uses single-byte XOR and nowt else, hacker says

A programmer claims the makers of a popular encryption app have failed to implement its core feature: encryption. The hacker, using the alias NinjaDoge24, analyzed the NQ Vault app, which supposedly encrypts files on smartphones and other gadgets. Ninja claims the software used only XOR (exclusive or) and a single-byte key to …
Darren Pauli, 07 Apr 2015
The Register breaking news

Sophos to shed one in 20 jobs

UK-based security firm Sophos plans to shed five per cent of its workforce as part of a "business reorganisation". Sophos spokesman Graham Cluley said the credit crunch was not a factor in the planned redundancies. "This is an internal reorganisation to do with setting business priorities, it's not a result of the economic …
John Leyden, 22 Jan 2009
The Register breaking news

Sophos punts anti-virus for Klingons

Sophos is now offering anti-virus protection for Klingon speakers. According to the company, you can use Klingon Anti-Virus from Sophos to "quickly perform an on-demand scan and find viruses, spyware, adware, zero-day threats, Betazoid sub-ether porn diallers, and Tribbles that your existing protection might have missed." But …
Cade Metz, 18 May 2009
chart

Sophos bids €217m for data loss firm

UK-based net security firm Sophos has launched a €217m ($342m) bid to buy data loss prevention firm Utimaco. Sophos intends to offer €14.75 per Utimaco share, a premium of 92 per cent on its closing price of €7.68 on Friday. Investcorp Technology Partners, the largest single shareholder, has already agreed to sell its 24.99 per …
John Leyden, 28 Jul 2008
Spam

America: Land of the free, still home of the BIGGEST spammers on the planet

The US prides itself on being the best at a lot of good things. And, judging by the latest data from security vendor Sophos, America is still the best at spaffing spam in the world. Countries sending spam Gold medal in spam goes to the US The firm's quarterly list of countries that send spam (as opposed to hosting spamming …
Iain Thomson, 18 Oct 2013
blackmail

DANGER: Is that 'hot babe' on Skype a sextortionist?

North Yorkshire police have issued a general warning after three men in the York area fell victim to sextortionists. Someone posing as a woman called Cathy Wong befriended each of the victims on Facebook before asking them to Skype her. During the online chat session, she enticed each of them into performing an indecent act, …
John Leyden, 14 Jan 2015
Mouse man

DARPA: We KNOW WHO YOU ARE... by the WAY you MOVE your MOUSE

The US's mad-tech military boffin unit is developing a form of biometric measurement based on how user handles a mouse. Behaviour-based biometrics, for example how a computer user handles their mouse or crafts an email, would add to the existing repertoire of authentication techniques. Existing authentication techniques include …
John Leyden, 03 Feb 2015
bamboo_bikeC

HALF of London has outdated Wi-Fi security, says roving World of War, er, BIKER

Wireless security across London remains flaky despite the well-known risks, according to an infosec bod who has been riding his bike all around town identifying insecure wireless networks and highlighting shoddy user behaviours that could be exploited by rogue hackers. James Lyne, global head of security research at Sophos, went …
John Leyden, 05 May 2014
iCloud brute force

Apple's OS X Yosemite slurps UNSAVED docs into iCloud

Apple's OSX 10.10 – aka Yosemite – is silently uploading users' unsaved documents and the email addresses of their contacts to Apple's iCloud, according to security researcher Jeffrey Paul. Berlin-based Paul said the discovered the document auto-syncing without consent issue, and another hacker expanded the point by discovering …
John Leyden, 27 Oct 2014
The Register breaking news

Sophos downplays Android malware threat

Updated Android users have little reason to fear an immediate onslaught of malware despite the demonstration of a rootkit-based attack at last week's Defcon conference, according to a leading anti-virus supplier. Researchers at Spider Labs demonstrated proof-of-concept malware that could access messages and emails on an Android …
John Leyden, 03 Aug 2010
management strategy2

Insight Enterprises grabs Trustwave EMEA marketing director

Insight Enterprises has raided Trustwave's reservation and made off with EMEA marketing director Jill Murray, El Chan can reveal. She is not a direct replacement for Ashley Gatehouse, who ran Insight's marketing activities across mainland Europe and the UK until last year, as her remit will cover only Blighty. Sources told us …
Paul Kunert, 14 May 2014
graph up

Sophos appoints new CEO

UK security firm Sophos has appointed a new chief exec. Steve Munford is stepping up from chief operating officer to head the firm as a replacement to Sophos's co-founders and former joint CEOs, Dr. Jan Hruska and Dr. Peter Lammer. Both Hruska and Lammer will remain on the company's board. Munford first joined Sophos in 2003 …
John Leyden, 04 Jan 2006

US parking operator: YEP, hackers got your names, credit card numbers, secret codes...

Point-of-Sale systems have been hacked at major US parking garage operator SP+. The breach has resulted in the exposure of customer financial information, SP+ explained at an advisory on Friday. SP+ said it had learned of the breach from the firm that handles its payment card processing. The firm operates about 4,200 parking …
John Leyden, 02 Dec 2014
The Register breaking news

Sophos DNS snafu creates update problems

Domain name system problems left some users of Sophos unable to get security updates on Friday. The same issue, blamed on a mistake by one of the security firm's service providers rather than hostile action, left many surfers unable to access its main sophos.com website. Graham Cluley, senior technology consultant at Sophos, …
John Leyden, 05 Sep 2008

Syrian Electronic Army slurps a MILLION reader passwords from Forbes

Forbes.com has become the latest media outlet to fall to an attack by the Syrian Electronic Army (SEA) with the account records of more than a million people swiped. A database containing email address and password combinations for 1,071,963 accounts was dumped online by the hacktivisits – including the records for Forbes …
Cartoon of  green skeletal figure reaching out of phone

Chinese cops cuff teen over Heart App Android malware flap

Chinese authorities have arrested a 19-year-old suspected of unleashing a fast spreading strain of malware that infects Android smartphones. Police told Chinese newspapers including Sina.com that "Li", a 19-year-old software engineering student, was cuffed in Shenzhen on suspicion of creating the Heart App Android malware within …
John Leyden, 12 Aug 2014
For Sale sign detail

Sophos changes channel programme

Anti-virus specialist Sophos is tweaking its channel programme in response to a survey of its resellers. The firm's new business development team will generate qualified sales leads at firms with between 100 and 1,000 seats. Sophos is also increasing availability of its training courses - they're now run every month and it has …
John Oates, 18 Jul 2005
Spam

Malware-flingers target gullible corporate bods with office printer spam

Sneaky cybercrooks are disguising links to malicious sites in spam emails posing as messages from Hewlett-Packard ScanJet printers. The attack takes advantage of the fact corporate users often receive emailed messages from scanners and multi-function printers located in their own offices, which contain attachments of the scan …
John Leyden, 09 Apr 2013
Toy Story

Researcher details how malware gives AV the slip

Researcher James Wyke has discovered throw-off tactics used by malware to frustrate investigators. These tactics were part of a suite of impressive methods VXers used to find technical artifacts that could help them distinguish between computers belonging to victims and those used by malware researchers. While malware writers …
Darren Pauli, 26 Aug 2014
GCHQ Benhall doughnut aerial view

Hear ye, young cyber warriors of the realm: GCHQ wants you

Spooks have called upon the good people of Blighty to help protect an airline from attack by a vicious group of nerdy cyber-terrorists. That might sound like the secret services are getting a bit desperate, but don't worry kids: it's only a game. The bods at GCHQ have announced a new part of the Cyber Security Challenge UK …
Jasper Hamill, 21 Aug 2014

IEEE expands malware initiatives

Standards body the IEEE has launched two new anti-malware initiatives designed to help software and security vendors spot malware that's been inserted into other software, and improve the performance of malware detection by cutting down on false positives. The organisation's Anti-Malware Support Service (AMSS) is designed to …
apple mac malware vxer

Mac security packages range from peachy to rancid – antivirus tests

Updated Independent tests of Mac antivirus products have discovered that the effectiveness of these security packages runs from a risible 20 per cent to an unimpeachable 100 per cent. German security lab AV-TEST.org put 18 free and paid-for Mac OS X security products and services to the test, discovering widely differing performances in …
John Leyden, 04 Sep 2014

Is that a failed Outlook security update in your pocket or are you pleased to phish me?

Web criminals have fired off Patch Tuesday-themed phishing emails to trick confused users into handing over their login details. Their messages attempt to convince users into visiting a website masquerading as a Microsoft Exchange system, which tries to coax visitors into handing over their email accounts' address and password. …
John Leyden, 15 Oct 2013