After a cybercriminal manages to breach a network, it is not all about immediately attacking the target. New research shows that these black hat hackers may lie dormant or lurk on a network for around 250 hours on average before an attack kicks off or they are detected. This means that organizations should know that...Read more...
Sophos has published an emergency security update to patch a zero-day vulnerability in its XG enterprise firewall product. The patch plugs a hole that was being abused in the wild by hackers. Sophos says that it learned of the zero-they exploit on Wednesday of last week, after receiving a report from one of its...Read more...
The number of malicious Android apps that make it to the Google Play store continues to grow at an alarming rate. Sophos has issued a new report regarding 15 apps on Google Play that are abusive and designed to do nothing but serve ads to smartphone users. On top of spamming users with ads on their mobile devices...Read more...
A remote desktop exploit in Windows known as BlueKeep is no joke, and to prove it, security researchers at Sophos have created a proof-of-concept demonstration showing how easy it would be for an unpatched RDP (Remote Desktop Protocol) server to be compromised. The researchers hope that the demonstration will...Read more...
Apple users have generally eschewed anti-malware software and safe online practices, because “Macs don’t get viruses”. We’ve learned that’s a fallacy, of course, and Mac users would be wise to heed some advice about malware safety, but Sophos found that Macs were actually more likely to spread malware than be...Read more...
If you should happen to run across a USB flash drive on the subway, you may want to leave it there, assuming you weren't planning to take it to lost and found to begin with. There's a good chance it's infected with malware, and that doesn't just apply to USB keys you find on the ground, but ones you buy at auction...Read more...
Hackers are taking advantage of another highly publicized event to push spam on end users. In this case, Google+. Invitations to the new service are no long available, but even though the new social networking service is in "field test mode" (meaning somewhat imcomplete), an invitation to the service is a hot item. Pharmaceutical spammers...Read more...
Security firm Sophos warned on Friday that the new Android Market website, as currently configured, could present a security hole for Android users. However, given the way this website works, in reality it's not really that much of a concern. As noted by Sophos, when you select an app from the Android Market...Read more...
Although still in its infancy, data loss prevention software is becoming increasingly important for companies who wish to protect the accidental and intentional release of sensitive information. To assist, Sophos introduced free programs that will prevent sensitive data from getting outside of corporate firewalls. In...Read more...