"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
This article gives an overview of content control, Content Control Lists (CCLs), and how to create and update lists of controlled content.
Known to apply to the following Sophos product(s) and version(s) Sophos Endpoint Security and ControlSophos Email ApplianceSophos UTM Manager
A Content Control List (CCL) is a set of conditions that describe structured file content. A Content Control List may describe a single type of data (for example, a postal address or social securitynumber) or a combination of data types (for example, a project name near to the term "confidential").
SophosLabs Content Control Lists provide expert definitions for common financial and personally identifiable data types, for example, credit card numbers, social security numbers, postal addresses,or email addresses. Advanced techniques, such as checksums, are used in SophosLabs predefined Content Control Lists to increase the accuracy of sensitive data detection.
The following products allow CCLs to be configured:
Depending on which product you are using the procedure is different:
The most recent list is displayed in the Enterprise Console within the Data Control policy.
If you are using our email appliance see the product help and search for the term "To configure a CCL-based rule" or "CCL" for further information.
You cannot edit SophosLabs 'Predefined' Content Control Lists, but you can submit a request to Sophos to create a new SophosLabs Content Control List, or provide feedback on existing Content Control Lists as follows:
Send an email to email@example.com with the subject line Content Control List request and incorporate the following information:
Requests are sent to the Sophos product management team who will provide an initial response via email.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.