Articles about Sophos

Calculating photo via Shutterstock

Pound's plunge opens UK's tech SMBs to foreign buyouts - analyst

The £24bn purchase of Brit tech success ARM Holdings by Japan giant Softbank this summer was a contentious affair. The new government claimed it demonstrated that post-EU referendum Britain is “open for business”, although it has also voiced concern about British assets falling to overseas buyers with talk of a more focused " …
Gavin Clarke, 28 Nov 2016
London financial centre gherkin etc. photo by shutterstock

Losses and sales up, shares down at Sophos

Losses at London Stock Exchange-listed Sophos have gone up despite increasing sales. For the six months up to 30 September, revenues were $256.9m (£207.4m) compared to $234.2m in the same period a year ago. Losses, however, widened from $13.4m to $24.6m on rising R&D costs and more recurring business. Unified Threat …
John Leyden, 09 Nov 2016
shutterstock_184661174

Sophos buys Irish Barricade

Sophos has bought Barricade, an Irish security analytics start-up. Barricade has built a behaviour-based analytics engine based on machine learning techniques that has applications in malware detection. The technology will be used to enhance the security capabilities of Sophos' network and endpoint protection portfolio. …
John Leyden, 03 Nov 2016
Burglar sits in kitchen with stolen tablet. Photo by Shutterstock

Barracuda Networks chomps up contract with reseller Quadsys

Barracuda, a security, networking and storage vendor, has terminated its relationship with security reseller Quadsys. Five staff from Quadsys managed to avoid prison in September when they were handed either suspended sentences or community orders after pleading guilty in July to the charge of securing unauthorised access to …

This speech recognition code is 'just as good' as a pro transcriber

Microsoft on Tuesday said that its researchers have "made a major breakthrough in speech recognition." In a paper [PDF] published a day earlier, Microsoft machine learning researchers describe how they developed an automated system that can recognize recorded speech as well as a professional transcriptionist. Using the NIST …
Thomas Claburn, 19 Oct 2016
Stock market image via Shutterstock

Mega-Misys IPO trimmed: Firm slashes expectations by £1bn

Misys, the British banking software business, has slashed the value of its initial public offering by £1bn. The London-based business is currently privately owned by Vista Equity Partners, which purchased Misys for £1.3bn back when it delisted in 2012, and has more than 4,600 employees on a global basis. It had first listed in …
Office 365, photo by dennizn via Shutterstock

Securing Office 365? There's always more you can do

Wherever you look there's yet another SME or enterprise migrating to Office 365. This says a lot for the attractiveness of cloud-based office suites, and perhaps it also says something about the attractiveness of letting someone else look after one's SharePoint and Exchange servers rather than having to fight with their …
Dave Cartwright, 06 Oct 2016

True man-in-the-middle: Transmitting logins through the human body

Computer science researchers at the University of Washington are developing a technology to securely send data through the human body rather than wires or the air. Passwords sent over insecure networks are liable to sniffing. This well-understood problem is most easily mitigated against using VPN technology but now security …
John Leyden, 04 Oct 2016

Sophos to drop Quadsys after Five Avoid Jail

Sophos has finally “discontinued” its relationship with security reseller Quadsys after five of its staffers, three of whom were directors of the company, were sentenced for offences committed under the Computer Misuse Act last Friday. The Quadsys Five were first charged in August 2015, but while some vendors were quick to …
Crown courtroom. Pic: Shutterstock

Quadsys Five walk free after hacking rival company

Five senior staffers at security reseller Quadsys managed to avoid imprisonment today. The Quadsys Five walked free from Oxford Crown Court this afternoon after a sentencing hearing - they had pleaded guilty in July to charges of securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse …
Super-villain Dr Evil puts finger to lip in scheming manner, asks for one million dollars. Pic: New Line Cinema

VESK coughs up £18k in ransomware attack

Exclusive Hosted desktop and cloud provider VESK is staggering back to its feet after paying 29 Bitcoins (£18,600) in a ransomware attack earlier this week. VESK became aware that one of its environments had been impacted by a ransomware virus on Monday (26 September) at 3am. This virus was a new strain of the Samas DR ransomware, …
Kat Hall, 29 Sep 2016
FACEPALM

SOHOpeless Seagate NAS boxen become malware distributors

Update Sophos researchers say they've uncovered a malware strain that targets Seagate's network-attached storage appliances and turns them into distribution points for cryptocurrency-mining malware. Attila Marosi, a senior threat researcher, explains the attack in a document titled Cryptomining malware on NAS servers (PDF). “Attack …
Simon Sharwood, 12 Sep 2016

Sophos Windows users face black screens after false positive snafu

Users of Sophos’s security software were confronted with a black screen on starting up their Windows PC over the weekend as the resulted of a borked antivirus update. The botched update meant that the Windows 7 version of winlogon.exe was incorrectly labelled as potentially malicious, resulting in chaos and confusion all …
John Leyden, 05 Sep 2016

Kaspersky 'terminates' deal with security reseller Quadsys

Kaspersky Lab is the first big vendor to publicly rip up its contract with disgraced security reseller Quadsys in the wake of the hacking scandal that the company’s bosses recently admitted to. On 22 July, Quadsys owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davis and security consultant …
Paul Kunert, 02 Sep 2016
Sweet32 logo

Big data busts crypto: 'Sweet32' captures collisions in old ciphers

Researchers with France's INRIA are warning that 64-bit ciphers – which endure in TLS configurations and OpenVPN – need to go for the walk behind the shed. The research institute's Karthikeyan Bhargavan and Gaëtan Leurent have demonstrated that a man-in-the-middle on a long-lived encrypted session can gather enough data for a …
Undrey http://www.shutterstock.com/gallery-950635p1.html

Security FUD and malware outbreaks boost Sophos' coffers

Revenues at Sophos were buoyed by the growing threat of ransomware and the like to its target mid-market customer base. For the quarter ending 30 June 2016, Sophos recorded revenues of $127.4m, 12.2 per cent up from the $113.5m its business brought in during Q1 2016. Kris Hagerman, chief executive officer, commented: "Our …
John Leyden, 28 Jul 2016

Word hole patched in 2012 is 'unchallenged' king of Office exploits

Possibly the most exploited unchallenged Microsoft Office vulnerability of the last decade was found and patched in 2012. Sophos threat researcher Graham Chantry says the longevity of the dusty bug affecting Office 2003, 2007, and 2010, is thanks to its constant adaptation by exploit kit authors, and a pervasive unwillingness …
Darren Pauli, 05 Jul 2016
Rotten apple. Pic: Shutterstock (http://www.shutterstock.com/pic-29447929/stock-photo-a-rotten-apple-on-a-white-background.html)

AirPort owners: Apple's patched a mystery vuln

Apple has run out a security update for its AirPort routers, to fix a nine-month-old DNS parsing vulnerability. The firmware upgrade is here, and covers 802.11n AirPort Express, Extreme and Time Capsule base stations; and 802.11ac AirPort Extreme and Time Capsule versions. The Apple advisory states only that “A remote …

Smut shaming: Anonymous fights Islamic State... with porn

Elements of the Anonymous hacking collective have switched tactics in a campaign against supporters of the self-style Islamic State by attempting to shame and humiliate jihadists by adding pornographic images to their social media profiles. The smut-smearing follows months of attempting to report jihadist profiles on social …
John Leyden, 16 Jun 2016

Sophos U-turns on lack of .bat file blocking after El Reg intervenes

Sophos' WS1000 web appliance not only fails to include batch files in its download file type block list, but said it would only include the ability to block them as a feature. WS1000 is an enterprise-targeted secure appliance and intends to protect "every user, on every device, everywhere they go" by prohibiting particular end …

It's been a breach-tastic year. And Sophos sales were good, apparently

Operating losses at security software firm Sophos have grown in its first year as a listed company – despite increased sales and an encouraging outlook overall. For the year-ending 31 March 2016, Sophos recorded an operating loss of $32.7 million on revenues of $478.2m. This compares to a loss of $0.5m on revenues of $446.7m …
John Leyden, 26 May 2016

You’re invited to Security SOS Week

Promo Registration is open for Security SOS Week, a short series of live webinars each featuring Sophos expert IT security practitioners. The events range from protecting your business against social engineering to embracing the Internet of Things without letting crooks into your network. You can find out more and sign-up at Security …
David Gordon, 08 Mar 2016

SSL's DROWN not as bad as Heartbleed, still a security ship wreck

Security experts are split on how easy it is for hackers to exploit the high-profile DROWN vulnerability on insecure systems. One-third of all HTTPS websites are potentially vulnerable to the DROWN attack, which was disclosed on Tuesday. DROWN (which stands for Decrypting RSA with Obsolete and Weakened eNcryption) is a serious …
John Leyden, 02 Mar 2016

Locky ransomware is spreading like the clap

Greedy miscreants have created a new strain of ransomware, dubbed Locky. Locky typically spreads by tricking marks into opening a Microsoft Word attachment sent to them by email. Victims are encouraged to enable macros in the document which, in turn, downloads a malicious executable that encrypts files on compromised Windows …
John Leyden, 17 Feb 2016
White Hat for Hackers by Zeevveez, Flickr under CC2.0

School network manager wins £10,000 in NCC Group Cyber 10K challenge

The second edition of a business-development focused cyber security challenge, the Cyber 10K, has concluded – with the worthy winner receiving £10,000 to further develop an innovative security dashboard tool. The challenge was run by the information assurance firm NCC Group supported by a judging panel including your …
John Leyden, 11 Feb 2016

Alibaba security fail: Brute-force bonanza yields 21m logins

Up to 21 million accounts on Alibaba e-commerce site TaoBao may have been compromised thanks to stolen credentials reused on breached third-party sites. TaoBao is a seller-to-seller commerce site like Gumtree or eBay where users rely on reputation to secure the most sales. Reuters reports that China's Ministry of Public …
Darren Pauli, 08 Feb 2016

Sophos grabs ATP-thwarter tech firm SurfRight for $32m

Sophos has paid $31.8m in cash to snap up advanced threat prevention firm SurfRight, with the deal allowing traditionally conservative Sophos to integrate SurfRight’s signature-less endpoint threat detection and response tech into its line of endpoint security products and services. The UK-based company claims the two sets of …
John Leyden, 15 Dec 2015

Sophos, Fortinet settle patent lawsuit, allegations of staff poaching

Sophos has settled a patent infringement lawsuit with US competitor Fortinet, in a case that also involved allegations of staff poaching. The recently listed UK company, a cloud and network security solutions outfit, paid an undisclosed sum to Fortinet to settle the dispute, as a brief statement (below) explains. Sophos …
John Leyden, 09 Dec 2015
spies_648

MPs to assess tech feasibility of requirements under draft surveillance laws

IPB The UK government published a draft Investigatory Powers Bill earlier this month in a bid to close gaps it has said exist in the surveillance powers available to the UK's intelligence and security services. The Science and Technology Committee said that it will carry out a "short inquiry into the technology aspects" of the …
OUT-LAW.COM, 18 Nov 2015

Sophos undertakes unified unified threat management unification

Sophos has launched a threat intelligence sharing platform 'XG' for its endpoint and network security firewalls and unified threat management systems. It means kit within homogeneous Sophos houses will be able to share threat intelligence data such as an endpoint screaming to network security boxens whenever an employee runs …
Team Register, 10 Nov 2015
dislike_facebook_648

Dislike: Facebook scammers latch onto anti-Like button calls

Survey scammers have already capitalised on Facebook's tentative plans to develop a "Dislike" button. Last week, Mark Zuckerberg conceded the obvious point that people didn't want to say they "liked" posts about friends' bad fortune, the only single button option available through the social network at present. He …
John Leyden, 22 Sep 2015
Gavel

Quadsys Five fraud case transferred to Crown Court

A case involving the owner and certain employees at security reseller Quadsys, who were last month charged with fraud by Thames Valley Police, is to be elevated to Crown Court. As we revealed last month, the Quadsys Five, including owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davies and in …
Paul Kunert, 08 Sep 2015
Facepalming statue

Android in user-chosen lockscreen patterns are grimly predictable SHOCKER

People choose predictable Android lock screen patterns just like they pick predictable passwords. Research by Marte Løge, a recent graduate from the Norwegian University of Science and Technology, confirmed that the problems people have in setting up secure passwords and PINs are replicated in the field of Android lockscreen …
John Leyden, 26 Aug 2015

Quadsys Five charged with fraud over data-slurping allegations

The boys in blue have charged Paul Cox, MD at Oxfordshire-based security outfit Quadsys, with fraud after he and others at the firm allegedly hacked into a rival security reseller to take data, including pricing info. Cox was among five bods arrested in March by Thames Valley Police (TVP) in conjunction with the National Crime …
Paul Kunert, 14 Aug 2015
iot_internet_of_things

NSA: Here’s $300,000, people. Go build us a safer Internet of Things

The NSA is funding development of an architecture for a "safer" Internet of Things (IoT), in the hope of incorporating better security at a product's design phase. The controversial US intelligence agency is bestowing a $299,000, one-year grant to the University of Alabama in Huntsville (UAH) for a project that aims to build a …
John Leyden, 13 Aug 2015
virus_1_648

It's not just antivirus downloads that have export control screening

Export control screening for individuals hoping to purchase everyday consumer technologies extends beyond just antivirus software downloads, according to several sources contacted by The Register. Those who share the name of someone on a blacklist have to go through secondary screening (a bureaucratic process generally …
John Leyden, 13 Aug 2015
facebook_shock_648

Wanna harvest a stranger's Facebook data? Get a mobile number and off you go

Hackers and other miscreants are able to access names, telephone numbers, images and location data in bulk from Facebook, using only a cellphone number. The loophole was revealed by software engineer Reza Moaiandin. Moaiandin, technical director at UK-based tech firm Salt.agency, exploited a little-known privacy setting in a …
John Leyden, 12 Aug 2015

'Cops KNOW WHO I AM and I don't believe their hearts were truly in the shootout'

QuoTW It was a week of Firefox flaws, unruly Windows and big game news. Here were our favorite quotes from the past seven days: We may have arrived in the Windows 10 era but over in Wales, IT still parties like it's 2001. NHS systems have been found to still be running the ancient operating system Windows XP on their desktops. …
Team Register, 09 Aug 2015
virus_1_648

Want to download free AV software? Don't have a Muslim name

Exclusive Software export controls are being applied to blacklisted people as well as countries: and these controls apply to routine security packages such as freebie antivirus scanning software, as well as more sensitive technologies, El Reg has concluded. We've come to this way of thinking after investigating why Reg reader Hasan Ali …
John Leyden, 07 Aug 2015

Slippery Windows Updates' SOAP bubbles up SYSTEM priveleges

Blackhat 2015: Microsoft has bungled Windows Server Update Services (WSUS), according to hackers Paul Stone and Alex Chapman, with insecure defaults that let them hijack OS updates. Attackers that have previously gained admin privilege on a target system can elevate themselves to system-level access by skipping the normal signed update …
Darren Pauli, 07 Aug 2015

RIG exploit kit scum pop 27,000 machines a day

The authors of the RIG exploit kit have bounced back after a source code leak and are now again happily infecting computers at the rate of around 27,000 machines a day. The exploit kit, widely available at underground cybercrime markets, had its source code leaked in February. Trustwave Spiderlabs researchers say that since …
Darren Pauli, 04 Aug 2015

Flash zero-day monster Angler dominates exploit kit crime market

SophosLabs researcher Fraser Howard says the Angler exploit kit is dominating the highly competitive underground malware market: Angler's market share has exploded from a quarter to 83 per cent within nine months. The growth occurred between September and May this year, we'e told. Angler emerged in 2013 to become one of the …
Darren Pauli, 23 Jul 2015

Malwarebytes slurps startup, hopes to belch out Mac malware zapper

Security software firm Malwarebytes is moving into the Mac security software market with the acquisition of a start-up and the launch of its first anti-malware product for Apple computers. Malwarebytes Anti-Malware for Mac is designed to detect and remove malware, adware, and PUPs (potentially unwanted programs). The release …
John Leyden, 15 Jul 2015

Link farmers bust Google search algos

Sophos threat hunter Dmitry Samosseiko says internet lowlife are implanting hundreds of thousands of malicious PDF files a day on compromised websites to build a new cloaking system that foils Google's search algorithm analysis. Samosseiko says the blackhat search engine optimisation method applies old keyword-stuffing and …
Darren Pauli, 09 Jul 2015

Heart of Darkness: Mass of clone scam sites appear

Security watchers are warning about a fresh wave of cloned sites on the TOR network, evidence that cybercrooks are setting themselves up to fleece other ne'er-do-well on the so-called dark web. The latest attack of the clones marks the reappearance of an issue that cropped up before. For example, during Operation Ononymous, …
John Leyden, 07 Jul 2015

Sophos' putrid patch snuffs Citrix kit, kills call centre

A Sophos Web Appliance update has crashed users' PC fleets including knocking offline the Australian call centre of a global company for two days after support was quietly revoked for SSL 3.0 ciphers used in Citrix Receiver. The British security firm pushed out update version 4.0.2.3 last week to correct four non-critical issues …
Darren Pauli, 29 Jun 2015
Stock market. Pic: Alberto Carrasco Casado

Sophos: We'll have a market cap of £1bn when we IPO

Brit security slinger Sophos’s listing on the London Stock Exchange went live today, giving the firm a market cap of around £1bn – a valuation that has caused a stir among analysts. The intent to float was confirmed weeks ago, with the Oxford-based firm expecting to raise cash to fund the next phase of biz development and rub …
Paul Kunert, 26 Jun 2015
man_from_uncle_648

GCHQ: Security software? We'll soon see about THAT

The UK's spook agency GCHQ has been working with the National Security Agency to subvert anti-virus software, according to the latest piece of spoon-fed Snowden info reported on The Intercept. According to Glenn Greenwald's rag, spooks reverse-engineered software products in order to obtain intel – a tactic that will surely …
Kat Hall, 23 Jun 2015

Pew, pew, pew! Sammy shoots out updates to plug mobile keyboard snooping bug

Samsung has promised to deploy updates to resolve a serious mobile keyboard snooping bug, with security policy fixes expected in the coming days, the company said on Thursday – while simultaneously downplaying the issue. As previously reported, researchers at security firm NowSecure warned that a problem involving the keyboard …
John Leyden, 19 Jun 2015
Cloudy sky

Sophos buys cloudy email security outfit Reflexion Networks

Sophos has acquired cloud-based email security firm Reflexion Networks. Financial terms of the deal, announced on Tuesday, were undisclosed. Reflexion markets archiving, email encryption and business continuity services. Reflexion Total Control blocks spam and viruses before they ever get to the corporate network. Archiving, …
John Leyden, 09 Jun 2015