Items tagged with Sophos

A remote desktop exploit in Windows known as BlueKeep is no joke, and to prove it, security researchers at Sophos have created a proof-of-concept demonstration showing how easy it would be for an unpatched RDP (Remote Desktop Protocol) server to be compromised. The researchers hope that the demonstration will essentially scare companies into patching Windows. BlueKeep is viewed as especially dangerous because it affects multiple different versions of Windows and is wormable, meaning it can rapidly spread to other vulnerable systems in a network in similar fashion to the WannaCry malware attacks that wreaked havoc a couple of years ago. Not to be taken lightly, BlueKeep has drawn the attention... Read more...
Apple users have generally eschewed anti-malware software and safe online practices, because “Macs don’t get viruses”. We’ve learned that’s a fallacy, of course, and Mac users would be wise to heed some advice about malware safety, but Sophos found that Macs were actually more likely to spread malware than be infected by it. In a blog post that veered sharply and irretrievably into disturbing comparisons between computer malware and Chlamydia, security firm Sophos announced a study that found that of the 100,000 computers they surveyed (that were equipped with Sophos software), one in five had some kind of Windows malware lurking onboard. (Yes, Sophos can benefit... Read more...
If you should happen to run across a USB flash drive on the subway, you may want to leave it there, assuming you weren't planning to take it to lost and found to begin with. There's a good chance it's infected with malware, and that doesn't just apply to USB keys you find on the ground, but ones you buy at auction, too. Security firm Sophos said it studied 50 USB keys bought at a major transit authority's Lost Property auction, and of those 50, two-thirds were infected with malware. That's bad news for the buyer, and the previous owner doesn't get off scot-free either. The study also revealed that drives were filled with information about many of the former owners, including their family, friends,... Read more...
Hackers are taking advantage of another highly publicized event to push spam on end users. In this case, Google+. Invitations to the new service are no long available, but even though the new social networking service is in "field test mode" (meaning somewhat imcomplete), an invitation to the service is a hot item. Pharmaceutical spammers have recently begun attempting to spoof invitations to the Google+ social service to get some views of their sites. Sophos Senior Technology Consultant Graham Cluley in a Friday blog post, "The messages look similar to the real emails that users may receive from friends who are already members of Google+. However, clicking on the links will not take you to the... Read more...
Security firm Sophos warned on Friday that the new Android Market website, as currently configured, could present a security hole for Android users.  However, given the way this website works, in reality it's not really that much of a concern. As noted by Sophos, when you select an app from the Android Market, and approve its installation on your phone, it is more or less immediately downloaded to your smartphone. While a user has to approve the permissions an app requires on a device after the installation on the website, when it downloads to the Android phone, no user intervention is required. As Sophos notes, this means that if an end user has their password stolen, a hacker could install... Read more...
Although still in its infancy, data loss prevention software is becoming increasingly important for companies who wish to protect the accidental and intentional release of sensitive information. To assist, Sophos introduced free programs that will prevent sensitive data from getting outside of corporate firewalls. In a move that will take on products sold by competitors Symantec and McAfee, Sophos plans to offer its data-loss prevention program for no charge to customers who purchase the company's anti-virus programs. Sophos, the world's biggest privately held maker of security software, hopes to boost sales of its anti-virus software for both business and personal computers with the offering.... Read more...