After releasing decryption tools for two variants of CryptXXX ransomware in April and May 2016, Kaspersky Lab is releasing a new decryptor for files that have been locked with the latest version of the malware.
Category Archives: Antivirus Vendors
Antivirus Vendors
Panda and Logtrust Stem Cyber-threats with Real-time Analytics
‘ART’ Automatically Pinpoints Attacks and Anomalies at Endpoints
Panda Security, the world’s leader in advanced cybersecurity solutions, and Logtrust, the real-time Big Data-in-Motion firm, announced the availability of the Advanced Reporting Tool (ART), as an optional module of Panda Security’s Adaptive Defense, which automatically generates Security and IT intelligence that allows organizations to pinpoint attacks, unusual behaviors, and detect internal misuse of systems and networks.
ART’s unique capabilities enable calculations, graphical visualization and alerts on data monitored, collected and correlated by Panda Adaptive Defense on companies’ endpoints. ART allows those companies to control the risks in the workplace and take security and resources management actions on end-points, including those associated with IoT networks and devices.
“Malware volume has grown exponentially, and the number of potentially vulnerable endpoints within an organization has proliferated, including data streams coming from IoT networks which may compose one of the most serious threats companies face,” said Pedro Castillo, CEO, Logtrust. “The combined capabilities of Panda and Logtrust allowed Panda to create a tool that applies real-time big data analytics to pinpoint attacks, unusual behaviors as well as detecting internal misuse of the corporate systems and network.”
Security Analytics that Border on Prescience
Panda Adaptive Defense represents a new security model that correlates data from multiple sources, bringing the capabilities of Big Data and machine learning to detect, analyze and prevent advanced threats. By partnering with Logtrust, Panda was able to leverage a cloud-based platform capable of both collecting a wide range of data and rapidly analyzing large volumes of data in machine real-time.
“Adaptive Defense, in combination with Advanced Reporting Tool (ART), is a leap forward in how companies approach cyber-security incidents, unusual behavior and resources misuse by both external factors and insiders, so it naturally requires tremendous speed and power to achieve its objectives,” said Iratxe Vazquez, Product Manager, Panda Security. “Logtrust’s Flat-Ultra-Low-Latency time-series data analytics platform, which processes over 150,000 events per second/per core, meets perfectly the performance and functionalities of our ART’s requirements.”
Additionally, Logtrust’s highly visual, customizable and intuitive interface affords the ability to:
- Easily create and configure dashboards with key indicators and adaptive search options
- Set default and custom alerts related to security incidents, risk situations, user access to critical information and application/network resource usage
A Penetrating, Holistic View of the Vulnerability Landscape
Panda Adaptive Defense relies on an innovative security model based on three principles: continuous monitoring of applications running on computers and servers, automatic classification using machine learning on Big Data platform in the cloud and security incidents experts analyze those applications that haven’t been classified automatically to be certain of the behavior of everything that is run on the company’s systems.
The massive amount of data, collected at endpoints and correlated in Panda Security’s Big Data platform is also cumulated at LogTrust Platform to provide security and IT managements insights, such as external and internal threats, diagnose critical vulnerabilities, and alert in real-time, so that businesses can immediately prevent or minimize Security and IT issues. Additional benefits of Advanced Reporting Tool (ART) Module working with Logtrust include the ability to:
- Perform Forensic Analysis. Go back up to 12 months to correlate data from endpoints, identify the malware and pinpoint every place it has touched, and analyze the application’s vulnerabilities.
- Completely Map All Vulnerabilities. Gain visibility into all machines, applications and elements running on any endpoint to assess vulnerability.
- Monitoring and Policies. Monitor and control use of corporate resources to determine if it is normal and expected, or a matter that needs to be addressed.
About Panda Security
Founded in 1990, Panda Security is the world’s leading cloud-based security solutions company. Based in Spain, the company has a direct presence in over 80 countries, products translated into over 23 languages and more than 30 millions of users worldwide.
Throughout its history, Panda Security has established a series of innovative milestones that have been later adopted by the rest of the industry. In fact, Panda has been the first vendor to propose a new technological approach based on three strategic elements: Cloud Computing, Big Data and Behavioral Analysis. This brings a new security model that assures the complete classification of all active processes on the systems. By analyzing, categorizing and correlating all this data about cyber-threats, its platform can leverage contextual intelligence to reveal patterns of malicious behavior and initiate prevention, detection and remediation routines, to counter known and unknown threats. Assuring the maximum level of protection ever seen in the cybersecurity industry. Visit www.pandasecurity.com and www.pandasecurity.com/intelligence-platform/ for more information.
About Logtrust
Logtrust is a Real-Time Big Data-in-Motion platform offering Fast Data, Big Data analytics through a solution that enables real-time analytics for operations, fraud, security, marketing, IoT and other aspects of business. Recognized as a Gartner Cool Vendor 2016, Logtrust is intuitive, interactive, and collaborative, with no coding required, guided widgets, and out-of-the-box advanced interactive contextual dashboards. The platform provides a completely real-time experience, with new events always available for query and visualization, and pre-built queries always updated with the most recent events. The highly customizable solution works non-intrusively with your system, with agentless collectors and forwarders, platform remote APIs to check health, and all capabilities callable via REST APIs. Service is always on with cross-cloud region disaster recovery, and data is always hot and unmodified (to meet data reliability and integrity compliance requirements). Logtrust is located at the epicenter of Silicon Valley in Sunnyvale, CA, and further serves its global clients through offices in New York and Madrid. Visit www.logtrust.com for more information.
The post Panda and Logtrust Stem Cyber-threats with Real-time Analytics appeared first on Panda Security Mediacenter.
Tech’s power to promote good or evil depends on who controls it
Originally published at The Parallax.
We often forget that technology is a double-edged sword. With the benefits of every advance comes the possibility that it will be used for destructive purposes. ISIS builds its own drones, botnets hijack appliances to bring down huge chunks of the Internet, and ubiquitous Web publishing has led to fake news outperforming real news on social media.
IoT attacks: 10 things you need to know
IoT attacks are on the rise. As the technology becomes more relevant to our lives, we take a look at what the state of play is.
The post IoT attacks: 10 things you need to know appeared first on WeLiveSecurity
Cybersecurity skills gap: it’s big and it’s bad for security
The cybersecurity skills gap is a big problem for organizations struggling to protect rapidly expanding systems from a growing range of threats. We look at how big and what to do about it.
The post Cybersecurity skills gap: it’s big and it’s bad for security appeared first on WeLiveSecurity
Hijacking and Theft: The Dangers of Virtual Reality for Businesses
Tech giants such as Google, Facebook, or Samsung are betting heavily on virtual reality. As such, this technology has all the hallmarks of something that may soon revolutionize our lives. It may also revolutionize a multitude of business sectors. Tourism (traveling without getting up from the couch), education (seeing history instead of learning the bare facts or visiting the inside of the human body for your anatomy lesson), entertainment (movies starring you), and much more.
However, it is still very much in the early stages of its development. We’re not hearing much about the cybersecurity risks that come along with it. We should be aware that virtual reality, as with any innovation, carries with it some new threats, as well as some old ones that can reinvent themselves in light of new technology.
Virtual Theft
Imagine you’re participating in a virtual reality contest that promises to give you the house of your dreams if you succeed in building it in 100 hours using Lego blocks. You toil away on your house to meet the requirements and in the end you succeed, at which point the organizers grant you the property of the living space that fascinates you so. However, there’s a cybercriminal on the prowl. He sneaks into the application’s servers and modifies the ownership of the property. Of course you’ve lost nothing physical, but you have lost valuable time. And the company behind the app has lost even more than that. At the very least, they’ve lost your trust, as well as that of the rest of their users.
Identity Theft
As worried as we are about the massive credential data breaches that companies increasingly suffer during cyberattacks, in the virtual world things may get worse. Intruders will be able to get their hands not only on usernames and passwords, but also on the user’s physical identity (the hyperrealist avatar generated after scanning their own body).
With all of their biometrics data in your possession, it may end up being easy to steal an actual person. Companies that safeguard such information may therefore face greater risks than those found in the age of credential theft.
Reality Modification
Attackers can figure out how to modify a given application’s code to manipulate (virtual) reality as they please. The number of scenarios is infinite. Accessing the virtual offices of a company that works remotely, modifying information to harm a business’s reputation, altering user experience… There’s a whole world of potential risks waiting to be discovered that will bring about new challenges for cybersecurity experts.
Headset Security
In much the same way that malware can affect computers and mobile devices, it can affect virtual reality headsets. Cybercriminals can attack these headsets with a diversity (and perversity) of intentions. Everything from a keylogger able to track user activity to a ransomware that blocks access to a specific virtual world until the user shells out a ransom may be implanted.
The post Hijacking and Theft: The Dangers of Virtual Reality for Businesses appeared first on Panda Security Mediacenter.
Don’t let cybercriminals ruin Christmas: Beware these 12 threats
With spirits and internet usage at an all time high, there’s no better time for cybercriminals to lure a victim online. Here are 12 threats to be aware of.
The post Don’t let cybercriminals ruin Christmas: Beware these 12 threats appeared first on WeLiveSecurity
Spammers dive into design for better phish
The newest phishing email to hit my Outlook inbox had a visual message: Spammers have learned that design sells. Most phish are really like fish – they smell, and not just after three days. There usually is something that screams “FAKE” and practically pushes you to trash it. The obvious forgery of most phish also […]
The post Spammers dive into design for better phish appeared first on Avira Blog.
Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft
In 2016, the theft of passwords from internet titans is no longer an exception. Just when it seemed like the year was winding down, having left us with the surprising news of what until yesterday was considered the highest magnitude cyberattack in history suffered by Yahoo and reported three months ago, this same company returns to headlines after announcing the theft of data from 1 billion accounts.
This comes on the tail of some revealing figures. For example, massive data breaches have, amazingly, affected 97% of the 1000 largest companies in the world.
After admitting last September that in 2014 they had suffered a large-scale theft that affected 500 million users, Yahoo revealed today that in 2013 it suffered what is now considered the worst incident of information piracy in history with the theft of 1 billion accounts.
There’s a strong resemblance between this attack and the ones we’ve been analyzing over the past months. These recent attacks showcase the way cybercriminals gain access to names, email addresses, phone numbers, dates of birth, passwords, and in some cases clients’ encrypted and unencrypted security questions. The dimensions of the incident are truly staggering.
Yahoo disclosed that “an unauthorized third party” accessed the data and that at this time the culprit remains unnamed.
Economic repercussions aside, these incidents also call into question the issue of deteriorating user confidence. For example, Verizon’s initiative to integrate Yahoo into the AOL platform will certainly come under scrutiny.
How Should You Keep Your Business Safe?
There’s a legitimate reason to fear for your business’s confidential information. An outsider capable of getting the key to your company’s data, as happened at Yahoo, is a latent risk. Prevention has become the greatest asset in combating Black Hats and avoiding some of the dire consequences of these attacks.
To that end, we encourage you to turn to the advanced cybersecurity solution best suited to your company’s needs. Our Adaptive Defense 360 can offer you:
Visibility: Traceability and visibility of every action taken by running applications.
Detection: Constant monitoring of all running processes and real-time blocking of targeted and zero-day attacks, and other advanced threats designed to slip past traditional antivirus solutions.
Response: Providing forensic information for in-depth analysis of every attempted attack as well as remediation tools.
Prevention: Preventing future attacks by blocking programs that do not behave as goodware and using advanced anti-exploit technologies.
This is the only advanced cybersecurity system that combines latest generation protection and the latest detection and remediation technology with the ability to classify 100% of running processes.
The post Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft appeared first on Panda Security Mediacenter.
One billion and one reasons to change your password
After another Yahoo’s data breach find out why you need to strengthen your security
Dear 2016, we want you to please be over already! PLEASE!
In a statement released by Yahoo yesterday they confirmed that there’s been another data breach. According to the press release the leaked information is associated with more than one billion Yahoo user accounts. The incident is different than the one reported few months ago. However, initial examinations suggest both attacks have been performed by the same hackers. There are a few things we recommend you to do right away to avoid becoming a victim of cybercrime. Don’t delay it!
When did this happen?
Yahoo confirmed the incident happened August 2013. Not to be mistaken with the data breach reported on September 22nd earlier this year.
What information was stolen?
No one really knows for sure, however the stolen information may have included personal information such as names, email addresses, telephone numbers, dates of birth, passwords and, in some cases, encrypted or unencrypted security questions and answers.
How is this affecting Yahoo?
In terms of branding and resonance, it’s the latest security blow against the former number one Internet giant. This kind of news won’t help user confidence in the company that has been heavily criticized by leading senators for taking two years to disclose the September 2014 breach. To make matters worse, this new one is from 2013. Yahoo was down more than 2.5 percent in after-hours trading on the Nasdaq in New York.
The company once valued at $125bn will not be sold for more than $5bn to Verizon. The price may go even lower. What make things really bad for Yahoo is that according to BBC, Yahoo knew about the hack but decided to keep quiet… not a smart move.
The good news
Even though your personal information has been circling the dark web for more than 2 years, you may not be affected at all. We are talking about 1 billion accounts – this is a lot of data to process. However, if you don’t change your passwords regularly or if you tend to keep using the same answers on security questions, you may be in danger.
Troublemakers might be able to use the information to get your bank details or commit identity fraud. It’s vital to be self-conscious and protect yourself. And if you do, you don’t have anything to worry about.
Even though Yahoo are working closely with law enforcement and they are doing their best to protect your data, changing your password regularly and installing an antivirus software is a must.
The post One billion and one reasons to change your password appeared first on Panda Security Mediacenter.