Entries in Sophos (142)

Thursday
Feb162023

What’s New in SFOS v19.5 MR1

DateThursday, February 16, 2023 at 8:10AM
Support for New 5G Module for XGS 116(w), 126(w), 136(w)
We’re introducing a 5G cellular module for all XGS 116, 126, and 136 models (including w-models) which have a modular expansion bay.
The new global module enables 5G cellular network connections using the 5G Sub-6 bands, with download speeds of up to 4.5 Gbps and upload speeds of up to 660 Mbps (this may vary by carrier and region). The module also provides automatic fallback to 3G and 4G LTE (Cat-20) networks.
Our optional slot-in module becomes a fully supported, fully integrated part of the appliance, managed from your firewall console. This provides significantly better compatibility and interoperability than competitive external solutions.
We deliver the module with four cable-connected antennas to allow optimal coverage and performance.

Support for New 5G Module for XGS 116(w), 126(w), 136(w)We’re introducing a 5G cellular module for all XGS 116, 126, and 136 models (including w-models) which have a modular expansion bay.
The new global module enables 5G cellular network connections using the 5G Sub-6 bands, with download speeds of up to 4.5 Gbps and upload speeds of up to 660 Mbps (this may vary by carrier and region). The module also provides automatic fallback to 3G and 4G LTE (Cat-20) networks.
Our optional slot-in module becomes a fully supported, fully integrated part of the appliance, managed from your firewall console. This provides significantly better compatibility and interoperability than competitive external solutions.
We deliver the module with four cable-connected antennas to allow optimal coverage and performance.

AuthorBob Appleby | CommentPost a Comment |
in ,
Friday
Jul162021

In July 2020, Sophos announced the End of Sale (EOS) and End of Life (EOL) dates for several products.

DateFriday, July 16, 2021 at 10:25AM

Updates since July 2020 include:

  •  All those products have now reached End of Sale and can no longer be purchased by new customers
  • Existing customers of these products can renew until the End of Life date
  • Some products have already reached their End of Life date and are no longer supported or operational

For many of the remaining products, only 2 years remain until they reach their End of Life date. We strongly suggest you start planning a migration strategy and start your move to the recommended Sophos products.


Given the aggressive nature of attacks that we continue to see across the industry, along with the ever-increasing pace of cybersecurity, customers should ensure that they have regular patching and upgrade plans.

The list below details the products included in the announcement from July 2020 with a reminder of their End of Life date and migration path. 
Product  End of Life (EOL) date  Migration Path 
Endpoint Products    
Endpoint Protection, Server Protection and Enterprise Console products (managed on premises) 20-Jul-23 Intercept X Advanced or Intercept X Advanced for Server 
Sophos Mobile as a Service 30-Sep-21 Sophos Mobile managed in Sophos Central 
Sophos Mobile (managed on premises) 20-Jul-23 Sophos Mobile managed in Sophos Central 
SafeGuard Enterprise 20-Jul-23 Sophos Central Device Encryption 
     
Network Products     
Remote Ethernet Device (RED) 15 31-Aug-23 SD-RED 20 
Remote Ethernet Device (RED) 15w 31-Aug-23 SD-RED 20 plus Wi-Fi Module or APX
Remote Ethernet Device (RED) 50 31-Aug-23 SD-RED 60 
Sophos Web Appliance 20-Jul-23 XG Firewall 
Sophos Firewall Manager 30-Jul-21 Firewall Management in Sophos Central 
Legacy SATC Client 31-Jul-21 XG Firewall and Intercept X for Server
     
Email     
PureMessage for Exchange 20-Jul-23 No migration option
PureMessage for Unix 20-Jul-23 Sophos Email 
Sophos Email Appliance 20-Jul-23 Sophos Email 
Reflexion Total Control 31-Mar-23 Sophos Email 
RTC Encrypt and Radar Lite 31-Mar-23 Sophos Email 
AuthorBob Appleby | CommentPost a Comment |
in
Friday
Jul162021

In July 2020, Sophos announced the End of Sale (EOS) and End of Life (EOL) dates for several products.

DateFriday, July 16, 2021 at 10:25AM

Updates since July 2020 include:

  •  All those products have now reached End of Sale and can no longer be purchased by new customers
  • Existing customers of these products can renew until the End of Life date
  • Some products have already reached their End of Life date and are no longer supported or operational

For many of the remaining products, only 2 years remain until they reach their End of Life date. We strongly suggest you start planning a migration strategy and start your move to the recommended Sophos products.

Given the aggressive nature of attacks that we continue to see across the industry, along with the ever-increasing pace of cybersecurity, customers should ensure that they have regular patching and upgrade plans.

The list below details the products included in the announcement from July 2020 with a reminder of their End of Life date and migration path. 
Product  End of Life (EOL) date  Migration Path 
Endpoint Products    
Endpoint Protection, Server Protection and Enterprise Console products (managed on premises) 20-Jul-23 Intercept X Advanced or Intercept X Advanced for Server 
Sophos Mobile as a Service 30-Sep-21 Sophos Mobile managed in Sophos Central 
Sophos Mobile (managed on premises) 20-Jul-23 Sophos Mobile managed in Sophos Central 
SafeGuard Enterprise 20-Jul-23 Sophos Central Device Encryption 
     
Network Products     
Remote Ethernet Device (RED) 15 31-Aug-23 SD-RED 20 
Remote Ethernet Device (RED) 15w 31-Aug-23 SD-RED 20 plus Wi-Fi Module or APX
Remote Ethernet Device (RED) 50 31-Aug-23 SD-RED 60 
Sophos Web Appliance 20-Jul-23 XG Firewall 
Sophos Firewall Manager 30-Jul-21 Firewall Management in Sophos Central 
Legacy SATC Client 31-Jul-21 XG Firewall and Intercept X for Server
     
Email     
PureMessage for Exchange 20-Jul-23 No migration option
PureMessage for Unix 20-Jul-23 Sophos Email 
Sophos Email Appliance 20-Jul-23 Sophos Email 
Reflexion Total Control 31-Mar-23 Sophos Email 
RTC Encrypt and Radar Lite 31-Mar-23 Sophos Email 
AuthorBob Appleby | CommentPost a Comment |
in
Friday
Jul162021

Sophos: EOL Products

DateFriday, July 16, 2021 at 10:17AM

The following products were included in the July 2020 announcement and have already reached their End of Life date. These products are no longer supported or operational. 

Product  End of Life (EOL) date  Migration Path 
Cloud Web Gateway 30-Jun-20 Intercept X Advanced or XG Firewall 
Cyberoam Central Management Console (CCMS) 31-Dec-20 Firewall Management in Sophos Central 
Cyberoam iView NR 31-Dec-20 Central Firewall Reporting 
Cloud Firewall Manager 31-Dec-20 Firewall Management in Sophos Central 
iView 31-Dec-20 Central Firewall Reporting 
Cyberoam Network Security Appliances 31-Mar-21 XG Firewall 
Cyberoam Central Console (CCC) 31-Mar-21 Firewall Management in Sophos Central 
AuthorBob Appleby | CommentPost a Comment |
in
Thursday
Feb112021

Sophos Managed Threat Response (MTR) Video Overview

DateThursday, February 11, 2021 at 1:58PM

Sophos Managed Threat Response (MTR) Overview from Sophos on Vimeo.

AuthorBob Appleby | CommentPost a Comment |
in , ,
Thursday
Feb112021

Sophos News: MTR Casebook: Uncovering a backdoor implant in a SolarWinds Orion server

DateThursday, February 11, 2021 at 1:52PM

A real-world story from the Sophos Managed Threat Response team

This is a great read and worth your time if you have any interest in security and this shows the what you can expect from a strong MTR engagement experience.

Setting the scene

The organization in question came to Sophos Rapid Response after falling victim to a Ragnar Locker attack in early 2020. A ransomware payload was delivered manually by a highly capable group at around 2 a.m., while admins were asleep, hitting as many computers as they could in quick succession.

They hit hundreds.

Sophos Rapid Response was brought in to help identify, contain and neutralize the threat. It took the team less than two days to resolve the active threat and over the following days incident responders were able to ascertain the threat actor had entered the network two months prior to the ransomware attack.

With the Ragnar group removed from their network, the customer transitioned to the full MTR service in Notify mode with our security operations team watching over them 24/7.

While the pressing threat of Ragnar Locker was out of the picture, in November 2020 another threat actor stepped into view…

AuthorBob Appleby | CommentPost a Comment |
in ,
Thursday
Jan212021

Sophos Alert: End of Support for Sophos Enterprise Console Managed Windows 7 and Windows Server 2008 R2

DateThursday, January 21, 2021 at 12:35PM

Sophos has now ended standard support for all Windows 7 and Windows Server 2008 R2 devices managed by Sophos Enterprise Console (SEC). Extended support is available for purchase for both operating systems.

Without an extended support license, all Sophos updates will be disabled for Windows 7 and Windows Server 2008 R2 devices managed by SEC commencing February 1, 2021. 

Lifecycle Milestones 

Windows 7 

  • Standard Support End Date - December 31, 2020 (Expired)
  • Extended Support End Date - March 31, 2023

Windows Server 2008 R2 

  • Standard Support End Date - December 31, 2020 (Expired)
  • Extended Support End Date - March 31, 2023

A full list of supported platforms and operating systems with retirement dates can be found in KB34756.

About Sophos Enterprise Console

Sophos Enterprise Console is a single, automated console that manages and updates Sophos security software on computers running Windows, Mac OS X, Linux and UNIX operating systems, and in virtual environments with VMware vShield.

Sophos Enterprise Console enables you to do the following:

  • Protect your network against malware, risky file types and websites, and malicious network traffic, as well as adware and other potentially unwanted applications.
  • Control which websites users can browse to, further protecting the network against malware, and preventing users from browsing to inappropriate websites.
  • Control which applications can run on the network.
  • Manage client firewall protection on endpoint computers.
  • Assess computers for missing patches.
  • Reduce accidental data loss, such as unintentional transfer of sensitive data, from endpoint computers.
  • Prevent users from using unauthorized external storage devices and wireless connection technologies on endpoint computers.
  • Prevent users from re-configuring, disabling, or uninstalling Sophos security software.

If you have any questions, please contact us.

AuthorBob Appleby | CommentPost a Comment |
in ,
Wednesday
Jan202021

PAconnect Premium Security Package

DateWednesday, January 20, 2021 at 11:01AM

When you have been attacked and are down with Ransomeware, where do you turn? Our company has the people trained and the right partnerships in place to help you get your company back up and running as quickly as possible. We have the right tools that help to prevent this in the first place but if you have not decided to implement them then we have other solutions that we can draw upon.

Our new CyberSecurity Product Premium package includes a 24x7 component that tracks and mitigates CyberAttacks to your network. If you need a higher degree of security or just want to feel more secure about your network we have the products that will take you to that next level. 

Firewalls are essential for securing the network perimeter and separating trusted from untrusted connections. They will protect network resources and infrastructure against unauthorized access.  Firewalls also provide a means to secure connections between office locations and to connect employees more securely from remote locations. This is our first layer of protection we suggest that you put in place.

Email Security is a prime attack vector for security failures. Providing a means to secure your system from these attacks takes a multi-layered approach through training to increase awareness of what these attacks look like, as well as providing barriers to help prevent the attacks from ever succeeding. Using scheduled training, advanced email protection software, email encryption products and more we help you to lock down your security on this attack path.

DNS Protection: Providing an additional layer of protection between an employee and the internet by blacklisting dangerous sites and filtering out unwanted content. By using secure DNS servers both at home and at work, employees can avoid unnecessary risks and the potential for malicious attacks.

Endpoint Security Solutions add another layer to our security stack. Our products provide automated patch management on your systems and AI and Machine learning level security to protect your system from malware, trojans and ransomware attacks. Our premium package also provides active threat hunting and remedial diagnostics for those of you who require a more critical security stance and ability to document any intrusion/attack attempts to your network. Our goal is to provide the right level a protection at a price that you are able to afford and take advantage of.

 

AuthorBob Appleby | CommentPost a Comment |
in
Tuesday
Jan052021

Naked Security Topic: Phishing tricks that really work – and how to avoid them

DateTuesday, January 5, 2021 at 12:31PM

We are seeing quite a few more Phishing Scams the past couple of months and some of them are really hard to tell if they are the real thing or just another SCAM!

This article in Naked Security from Sophos approaches this discussion from a different direction because it comes from some of the Phish Threat creators over at Sophos. Take a look!

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Monday
May182020

Sophos EDR 3.0 Overview PowerPoint Presentation

DateMonday, May 18, 2020 at 10:39AM

Our web meeting yesterday provided us with a look at very interesting updates to the Sophos Intercept X Advanced with EDR license that will be released soon.

The features shown in this video provides a sophisticated management engine for accessing the logged data the is part of the EDR product. It will give you direct access to machines and the ability to create queries that drill into issues, equipment, status of updates and much more. In the hands of IT Administrators this will give them much greater insight into their systems that they are managing for now additional cost. 

All of this is availble now through the early access program but will soon be available in the product.

If you have been hesitating jumpiing into Intercept X Advanced with EDR these new features may be just the thing to get you there!

Overview of Live Discover and Live Response
Available in EDR 3.0 (Central Intercept X with EDR License)
Early Access Program (EAP) is open to all customers and trial accounts in Central starting in April

AuthorBob Appleby | CommentPost a Comment |
in ,
Friday
May152020

Sophos Central How-To: Getting Started With Intercept X and Endpoint Advanced

DateFriday, May 15, 2020 at 9:50AM

This is a 12-minute overview for getting started with Intercept X and Endpoint Advanced protection inside Sophos Central. Skip ahead to these sections: 00:00-01:09: Sophos Central overview

AuthorBob Appleby | CommentPost a Comment |
in ,
Wednesday
Nov062019

Business Email Compromise (BEC) scams

DateWednesday, November 6, 2019 at 4:44AM

They come in many forms, but they are getting more and more sophisticated and taking companies and individuals for larger amounts of money. Naked Security wrote a report yesterday about the City of Ocala, Florida that wrote out a check after it received fraudulent new payment information that was processed into their system. The scammers used all of the right processes and until the Construction Company called the city about the payment.

Naked Security has a great posting on the many ways that this is happening and what to look for to protect yourself and your organization from this happening to you: Click Here

AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Tuesday
Nov052019

NFC being on is not always a good thing...

DateTuesday, November 5, 2019 at 10:58AM

Google has patched a bug that let a hacker, and this is key, that is physically close to your phone to send malware to your phone using NFC (Near Field Communication) functions.

Take a look at this report from Sophos's Naked Security Blog that spells out the vulnerability: Click Here

What to do?

  • You can turn off permissions for the NFC app to install unknown applications, which will prevent the NFC app from trying to install an APK.
  • You can also turn off Android Beam in the NFC and Payment area of your Android device’s settings, while still leaving NFC on for contactless payments.
  • Finally, you can install the fix that Google released last month, patching the flaw.

AuthorBob Appleby | CommentPost a Comment |
in , , , , , ,
Tuesday
Oct292019

Adobe Crative Cloud customer database breached

DateTuesday, October 29, 2019 at 8:37AM

Naked Security reported on this breach that exposed 7.5 million Adobe customers revealing the following information:

  • Account creation date
  • Adobe products used
  • Subscription status
  • Whether the user is an Adobe employee
  • Member IDs
  • Country
  • Time since last login
  • Payment status

See full details here: https://nakedsecurity.sophos.com/2019/10/28/adobe-database-exposes-7-5-million-creative-cloud-users/

 

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Tuesday
Jun252019

Are you handling Credit Card Payments? Let us help you become PCI compliant!

DateTuesday, June 25, 2019 at 11:14AM

While we are all working towards making our businesses run as smoothly and safely as possible, one of things you may have overlooked is making sure you client’s financial information is as safe and secure as possible.

Credit Card information is a critical piece of information that you need to be aware of protecting. It is not hard to do so but you need to put the right protection in place to help you do this.

We find many small businesses still using simple home routers or just your Internet Provider’s modem for your connection to the Internet. That is just not the right piece of equipment to do this. You need to call one of our security experts to provide suggestions on how you can easily create a secure environment for your business.

We suggest Sophos Security products primarily to do this for you. The first line of defense is to put in place a business class firewall that will provide the following protection:

  • ·         Intrusion Protection for those trying to break into your network and detection of outbound traffic that needs to be secure and managed
  • ·         Control address, port, protocol and specific application traffic and behavior patterns.
  • ·         Perform NAT (Network Address Translation)
  • ·         Detect and block spoofed IP Addresses
  • ·         Inspect data traffic for malicious activities

While this is a good first step in creating a protected environment, it is not the only one you need.

Again, contact one of our security specialists that can provide you with a complete analysis and recommendation for your business.

AuthorBob Appleby | CommentPost a Comment |
in , , , , , , , , ,
Friday
Nov302018

Naked Security Post: Huge Marriott breach puts 500 million victims at risk

DateFriday, November 30, 2018 at 11:51AM

by 

Marriott has today revealed that its Starwood guest reservation database has been subject to unauthorised access “since 2014”. The scope of the data breach is huge, covering nearly five years and approximately 500 million guests.

The company has created a website to deal with the breach at info.starwoodhotels.com (note that at the time of writing it redirects to answers.kroll.com).

Who’s affected?

The company warns that if you made a reservation at one of its Starwood brands in the last five years then you are at risk:

If you made a reservation on or before September 10, 2018 at a Starwood property, information you provided may have been involved.

According to Marriott, its Starwood brands include: Starwood branded timeshare properties, W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.

What data is at risk?

It seems that different guests may be subject to different levels of exposure, according to how much data they shared. Until you have successfully confirmed your level of exposure with Marriott, you should assume the worst.

Information put at risk by the breach includes “some combination of” name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, communication preferences, payment card numbers and payment card expiration dates.

Although payment card numbers were encrypted, thieves may have stolen the information required to decrypt them.

What happened?

Marriott has not revealed what events or security failures occurred (it may not yet know), but it has released some details about how it discovered the breach.

The company says that on 8 September 2018 it was alerted to an unauthorised attempt to access the Starwood guest reservation database. Security experts called in to deal with the incident revealed that unauthorised access to the Starwood network started as far back as 2014, two years prior to Marriott’s acquisition of Starwood.

On 19 November 2018, Marriott learned that a recent attempt to encrypt and exfiltrate data from the network had included data from the Starwood guest reservation database.

As you can see from what Marriott has revealed so far, it can be difficult for everyone concerned to tell the difference between data that has been put at risk and data that has actually been stolen.

Until they can confirm otherwise, victims would be prudent to assume they amount to the same thing.

AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Thursday
Nov082018

The New and Improved Root Cause Analysis in Intercept X

DateThursday, November 8, 2018 at 12:29PM

There are a lot of interesting things happening with Sophos Security Products these days. With the recent release of Intercept X with EDR you have even more information for forensic analysis of malware attacks.

To get the best results from your installation you need to have a Sophos XG Firewall, Sophos Central Enpoint and Intercept X.  Here is a case study some of the improvements in Root Cause Analysis in Intercept X.

Click Here

AuthorBob Appleby | CommentPost a Comment |
in ,
Page 1 2 3 4 5 ... 8 Next 20 Entries »