Monthly Archives: March 2017

Panda Security

The Apps That Most Frequently Appear on Companies’ Blacklists

Leave a comment

Apps installed on smartphones and tablets are considered to be one of the biggest risks for companies today. And for good reason. In addition to diminishing the performance of the devices themselves, they can become the gateway to mobile and corporate tablets for cybercriminals.

Because of this, IT departments should be wary of employees downloading certain apps on their devices that may pose a risk, whether because of their popularity or their vulnerabilities.

A recent study looks at the applications that have been most banned by companies around the world, and the result is not surprising: although its popularity began more than five years ago, Angry Birds is the most vetoed mobile app to today.

After surveying technology leaders from nearly 8,000 companies around the world, the report’s authors concluded that globally the game has been declared the number one public enemy of corporate security. No wonder, bearing in mind that the sequel to the game, ‘Angry Birds 2’, was infected a couple of years ago by malware that affected iOS devices.

The ban of Angry Birds on corporate devices shows that, today, mobile phones and business tablets are used interchangeably for professional and personal matters. On the other hand, BYOD (‘Bring Your Own Device’) has become a trend that, either because of the vulnerability of certain applications or of employees’ own personal devices, can jeopardize the security of any company.

To carry out the study, its authors took into account both Android devices and those with iOS or Windows Phone as operating systems. In this sort of blacklist, other applications that veer more toward the personal than the professional follow on the heels of Angry Birds, Dropbox and Facebook: platforms like WhatsApp, Twitter or Netflix are also among the ten most banned applications in the business world.

Another notable conclusion of the study is that among the prohibited applications there are also some that would seem right at home in a corporate environment. However, even these are considered by many companies to be a danger to their security. Such is the case of Skype, Outlook or Dropbox itself, which, after a leak that compromised millions of passwords, seems to have fallen out of favor of late.

The post The Apps That Most Frequently Appear on Companies’ Blacklists appeared first on Panda Security Mediacenter.

NVD

CVE-2016-7468

Leave a comment

An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 – 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system’s tm.tcpprogressive db variable value is set to non-default setting “enabled”. The default value for the tm.tcpprogressive db variable is “negotiate”. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

Panda Security

Music lovers, are your Sonos devices safe?!

Leave a comment

Shout out to a crowd “Hands up if you like music!” Cue plenty of hands going up, with some ‘whoohoo’ screams added on. Rock stars know how to win a crowd over. And not just rock stars… music is one of those universal pleasures passed down generations, with percussion being (probably) the earliest form of music known to humankind. Heck, the Egyptians were at it 6,000 years ago! Other civilizations developed musical instruments too until Guido D’Arezzo reportedly invented solfege a thousand years ago – thus making improvements to music theory that remain in place today (do, re, mi, fa, so, la, si, do… ).

Music and technology

The way we came to appreciate music has changed massively as technology evolved. From outdoor performances in public squares to enclosed theaters, to the invention of the humble gramophone all the way up to Sony’s Walkman, it looks as though the trend for “any music, anywhere… right now” is here to stay. The ability to listen to one’s favorite tunes while out and about is now a given and as common place an occurrence as can be.

At the turn of the millennium, four music visionaries founded Sonos in California. They forever changed music with the introduction at the CES showing off their smart speaker, an intelligent piece of technology operating wirelessly. The company’s Digital Music System bundle won the “Best of Audio” award at the CES Innovations Design and Engineering Awards in November 2005.

The rest, as they say, is history.

Today, Sonos offers many powered speakers that utilize Wi-Fi, Bluetooth, and other standards to extend usage beyond audio playback; a soundbar “PLAYBAR”; and a subwoofer (for those craving that deeper sound!). The company also offers a device to link its system to conventional audio equipment such as and CD player and amplifiers for example.

For music lovers, this means multiple devices within a single household can be connected to one another wirelessly, or through a wired Ethernet network or a mixture of the two. The Sonos system operates with a proprietary AES-encrypted peer-to-peer network known as SonosNet.

In theory, this allows for each unit to play any chosen input. If desired, synchronized audio with one or more zones can also be achieved. Latest versions developed by the company integrate MIMO (an essential element of wireless communication standards) that function on 802.11n hardware, this provides a more robust connection.

Is the system hackable?

Can I get my mate’s audio device to blast out some weird music as a prank? Well, one hack reported a few years ago was much creepier: called “Ghosty”, this Sonos hack freaked people out with haunted mansion sounds. We’re not joking. Developer Aaron Gotwalt combined an unofficial Sonos API, some spooky audio files, and a Raspberry Pi to achieve scary effects.

Taking control of a Sonos system isn’t exactly easy, but that’s beyond the point. Almost everything is hackable nowadays. In today’s era of plentiful connected, hackable devices… it’s good to know help is available. Take Panda Security for example. We operate toll-free, seven days a week phone lines with a human being picking up the phone. We resolve all your home IT and security issues providing much-needed piece of mind.

No need to call Ghostbusters if your Sonos system goes wild, call us – we’ll sort it out.

The post Music lovers, are your Sonos devices safe?! appeared first on Panda Security Mediacenter.