Are you in Las Vegas?
(Don’t panic: this isn’t the start of a song.)
If so, are you attending Black Hat USA 2015?
Then be sure to stop by at Booth #452 to say “Hi” to the Sophos folks.
Naked Security writer and Chet Chat podcaster Chester Wisniewski will be teaming up on the booth with Simon Reed, the Head of SophosLabs.
They’ll be doing joint presentations at the following times:
• Wednesday, August 5, 2015 @ 14:25 (2.45pm)
• Thursday, August 6, 2015 @ 10:30 (10.30am)
Their topic builds on the report we discussed in our recent “When Penguins Attack” podcast, and is entitled The Infected Web – Status Report From the Front Line.
LISTEN NOW
Malware on Linux – When Penguins Attack
(Audio player not working? Download MP3, listen on Soundcloud, or read the transcript.)
If you’ve listened to the “Penguins” podcast, you’ll know that Chester needed to extract just a week’s worth of SophosLabs data to acquire a list of 178,000 newly-infected web pages.
As Chester recounts in the podcast, his main concern during his research was that the sites he was looking into would be cleaned up by the time he visited, leaving him nothing malicious to measure any more.
Of course, with 25,000 newly-malicious pages a day, sites that are cleaned up within a few days, or even a few hours, can still serve the crooks perfectly well.
For a short-lived malware distribution campaign, or as the destination bait-and-switch pages for a spam run, even a few hours of illicit service “borrowed” from a legitimate site is gold to the Bad Guys.
But it was much worse – much, much worse – than that, with most sites still infected a week later, and many showing signs of having been infected (or, more precisely, infectious) for a year or more.
So, stop by at the Sophos booth for a glimpse into how to build a Lab full of experts to take the fight back to the crooks.
The first 25 people to arrive each day will receive a T-shirt!
We’ll also be doing live demos relating to malware and malware research (not demos of our products).
And we’ll be giving away our outrageously cool and popular Sophos socks, tattoos and laptop stickers, while supplies last.
→ I’m not 100% sure, but I think the Sophos tattoos can be removed before you leave Nevada, unlike the more traditional sort of Vegas tattoo. But please check before proceeding.
If you aren’t in Vegas, or if we run out of socks and stickers before you get to the booth, you can always buy your own at the Sophos Store.
For those about to code, we salute you.
Anonymous
Interesting Listening, Malware on Linux – When Penguins Attack. I do not know if I am attempting to simplify a complex solution since I do not run a web hosting business. But why do web host companies just remove or refuse to host un-patched systems. If they are taking over legitimate customers, I would think it would be in the best interest of the web hosting company to make sure there customers are safe and happy with the hosting service.
Karen
OMG… I want these socks. Too bad I’m not in Vegas visiting your booth. Booooo! But I still want them. And I happily read your blog a few times a week — you know to get my security news (and be a little paranoid about all the insecurity that comes with technology).
Paul Ducklin
You can buy them for $9 a pair at:
https://shop.sophos.com/collections/itsocks
Free delivery in the USA, I am fairly sure. 22 designs to choose from :-)