Category Archives: Antivirus Vendors

Antivirus Vendors

Panda Security

10 Tips for protecting your company’s email

Practically all important information that we work with nowadays reaches us via corporate email. That’s why email security is so important for companies. Here we offer some advice to bear in mind to prevent unauthorized people from accessing your email – and the information it contains.

keys

10 Tips for protecting your company’s email

Many of the cyber-attacks that target large companies can be traced back to email. When all’s said and done, this is the place where a company’s most useful information can be found; where employees chat; where credit card details -even passwords- are sent. Read on if you want to know how to look after this information.

  1. The first thing you should be thinking about as a company owner is training your staff in IT security, to eliminate dangerous behavior when using company email.
  2. Employees can counter risks by deleting old emails. You accumulate hundreds (even thousands) of messages in the belief that the information is really important (it could be for a cyber-criminal!). If you genuinely regard the information as vital, you could always save it to an external hard drive or data base and then delete the original emails.smartphone email
  3. Encrypt your email. One of the main features of corporate email is that it gives companies control over sensitive information, and prevents it from being circulated through employees’ personal email accounts. The best way to ensure such control and keep it from falling into the wrong hands is to encrypt it.
  4. When you have to create a password make sure it’s complex and that nobody could guess it. That said, make sure you can easily remember it too.
  5. You should also be careful when starting a corporate email session from public computers in libraries, Internet cafes and the like. Make sure you close the session before leaving the computer, though even then you can leave traces of your activity that are easily detected by cyber-criminals. Better only to access your company email on trusted networks.
  6. Don’t give your email address to everyone, and don’t post it on public Internet sites, remember that scammers are always on the lookout for new victims. inbox
  7. Careful with fake emails that try to trick you into resetting passwords as part of a supposed security check. These are normally scams designed to steal your passwords and access your email account. If you really need to change your password, go to your email provider’s website and make any changes from there, but don’t click on links sent to you via email.
  8. On a similar note: don’t even open emails sent from unknown sources.
  9. And of course don’t forget that company email is a working tool, it’s not for exchanging messages with friends and family. Remembering this will also help keep information from falling into the wrong hands.
  10. Last but not least, a good tool for protecting email from malware and other dangerous content is Panda GateDefender, which can prevent unwanted files from entering into contact with your company’s most sensitive data. This software filters spam to safeguard employee productivity, and also enables the secure and centralized storage and administration of your network’s users’ messages, ensuring flexibility and complete connectivity.

 

The post 10 Tips for protecting your company’s email appeared first on MediaCenter Panda Security.

Panda Security

Careful with FileZilla! There is malware that imitates it perfectly

filezilla

Anyone who has a website will be familiar with the term FTP (File Transfer Protocol), a protocol for transferring files over the Internet. When designing a website, you will have to use this quick method for storing the files that you want users to see (pages, pictures, documents, etc.) on a server.

There are also various types of programs for transporting data: these are called FTP clients, which connect your computer to the machine on which the information will be stored. One of the most widely-used is FileZilla, open and free software used by amateurs to professional web developers.

The first program, developed by Tim Kosse, was launched in 2001. Now it can be run on the most common operating systems (Windows, Linux and Mac OS X).

If you use this tool regularly, be on the lookout: malware has been detected in some versions (Filezilla v3.5.3 and Filezilla v3.7.3). The false application is installed in exactly the same way as the official version; it simulates the wizard interface perfectly and runs without any hitches.

The functioning of programs like FileZilla is simple: they allow web files to be arranged as if they were just another directory on your computer. In fact, you are managing a space in the memory of another computer (or several, if you work with various servers). You can save the data in different folders and arrange them as you please.

filezilla-malware

As you add more documents, they are transferred to this hard drive, which could be located in another country. This is where the activity of the malicious software comes in, which acts like a Trojan. It identifies each connection you establish with your server and communicates with another computer to which it sends the address where the information is housed and your FTP account login credentials.

Some addresses have been detected to which the malware transfers the stolen data, both with a Russian domain. These are ‘aliserv2013.ru’ and ‘go-upload.ru’, created in the domain register Naunet.ru, associated to fraudulent activity such as spamming. This platform hides its customers’ details and ignores demands to suspend its illegal domains.

Although this fraudulent version seems to work like the secure programs, certain characteristics give it away.

The main difference lies in the information in the About window in the program’s menu.

malware-filezilla

In this section you will find different references in the ‘Linked against’ option. In the malformed software, the versions of GnuTLS and SQLite are earlier versions than in the official program. In addition, you will find that the program does not allow you to update them.

GnuTLS (GNU Transport layer Security Library) and SQLite are two systems that guarantee that an application uses a secure transport layer (encrypted) to send data. These two systems are also open and free.

By using an outdated version of these programs, you risk a cybercriminal being able to monitor the login credentials used by FileZilla and decrypt the supposedly secure connections established.

Another difference with the flaw-free version is the presence of two additional libraries (ibgcc_s_dw2-1.dll and libstdc++-6.dll), although these do not seem to have any malicious effects.

Just follow these clues in order to check if the version you have installed is a spoof or the official program. In any case, make sure that you only download freeware like FileZilla from a website that offers security guarantees.

The post Careful with FileZilla! There is malware that imitates it perfectly appeared first on MediaCenter Panda Security.

Avast

An old threat is back: Ramsonware CriptoWall 3.0. Get Avast for protection.

The nightmare is back! Your security could be seriously compromised if you do not act now. Install and update your Avast for PC before is too late. The original version of CryptoWall was discovered in November 2013, but a new and improved variant of the CryptoWall ransomware starts to infect computers all over the world last days. It’s the CryptoWall 3.0. Some sources estimate that it has already infected over 700,000 computers up to version 2.0.

Ransomware

CryptoWall is a malware that encrypts certain files in your computer (and secure delete the original ones) and, once activated, demands a fine around $500 as a ransom to provide the decryption key. You’re asked to pay in digital Bitcoins in about 170 hours (almost a full week). After that period, the fee is raised to $1000.

You could be asking why haven’t the authorities blocked the financial funding of them? They use unique wallet ID for each victim into their own TOR anonymity servers. For the user to be able to pay the ransom, he needs to use a TOR-like connection called Web-to-TOR. Each TOR gateway redirects the victim to the same web page with the payment instructions. The commands and communication control is now done using Invisible Internet Project (I2P) instead of Tor.

Infection could reach you in various ways. The most common is as a phishing attack, but it also comes in email attachments and PDF files. The malware kit also abuses various vulnerabilities in unpatched – read non up-to-date – Flash, Java, browsers and other applications to drop the CryptoWall ransomware.

How Avast prevents the infection

1. Avast Antispam and antiphishing protection prevents some vectors distribution.

2. Virus signature block all known ransomwares versions. Remember that Avast automatic streaming updates releases hundreds of daily updates for virus definitions.

3. Community IQ intelligence and sensors of our more than 220 million users that detects malware behavior all over the world. See how it works in this YouTube video.

4. Keeping your software updated is another security measure that prevents the exploit of their vulnerabilities. Learn how Avast Software Updater can help you with this job.

What more can I do?

Avast also helps in prevention of this disaster through its Avast Backup that allows you to keep all your important files in a secure and encrypted way. We also recommend local backup, as the new malware could also attack other drives and even cloud storage. Did you know that Avast Backup also performs local copies of the files? You can enable it at Settings > Options > Local backup, and configure the backup location (better an external drive) and also versioning of the files. Remember to disconnect the external drive from the computer (and the network) to prevent infection of the backups by CryptoWall and further encryption of the files.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on Facebook, Twitter and Google+.