Category Archives: Panda Security

Panda Security

Panda Security

Is WeChat set to shake up the tech industry?

It’s very easy to write off any instant messaging app that isn’t Whatsapp as a clone of the famous messaging giant.

How could anyone possibly take on the might of the Whatsapp –recently ranked as the best messaging app in the world for secure communication- behemoth?

Well, WeChat, a China-based messaging app has an active monthly user base of almost 1 billion users worldwide and has recently been called one of the world’s most powerful apps by Forbes magazine.

Here at Panda Security we’ve taken a look at the reasons behind WeChat’s success story and posed the question.

Can the Chinese messaging giant challenge the western tech companies’ supremacy worldwide?

WeChat is by no means a new player in the game.

The app has been around since 2011, which by tech industry standards is a long time indeed. It’s easy to forget, when some apps currently form such an integral part of our daily lives, that Whatsapp, for example, was founded in 2009, only two years before WeChat.

WeChat is a multifunctional and integral part of daily life in China.

Whatsapp, with its user base of over 1 billion people, can rightfully stake a claim to being the most seamlessly integrated app worldwide, forming an important part of millions of people’s daily lives.

However, many people who have travelled to China, for business reasons or otherwise, have found WeChat to be an unavoidable addition to their mobile devices. The transition back to using Whatsapp, many say, makes the western messaging giant feel one-dimensional by comparison.

Why is this?

WeChat is not simply a messaging app.

It’s many features means that it has managed to roll the functions of several apps into one interface, before companies that provide those functionalities in the west have had a chance to reach the Chinese market.

WeChat Shake, a function that allows you to shake your phone and talk to any other lonely -or bored- stranger who’s shaking there’s, makes the app a Tinder of sorts, helping users to connect with new people. Moments, meanwhile, is a social media feature, Facebook and Messenger combined.

Think Facebook’s recent announcement that you’ll be able to make payments to friends via its Messenger app is world changing? WeChat has had a comprehensive Pay feature since 2013 that even allows users to pay the bills using the app.

The Chinese messaging app is also a Slack, a gaming network and even an app store.

In fact, WeChat’s multifaceted nature means that businesses and brands see having a prominent presence on the app as an essential step towards being successful in China. Not bad for a simple ‘messaging service’.

The big players are paying attention.

Mark Zuckerberg’s recent strategy of splitting the Facebook and Messenger apps may well have been inspired by a desire to emulate WeChat’s multifunctional approach. However, it has also gotten the tech industry in the west paying more attention to the potential of multi-faceted messaging apps, spurring an onslaught of new faces in the messenger market, as well as leading some to believe that WeChat could really stake a claim outside of Asia.

Add this to the fact that a recent Apple keynote speech from Tim Cook, in which he took aim at the Chinese market, heavily featured the WeChat app.

This leads us to the following point…

Do WeChat have an unfair advantage?

Though it’s proving unsurprisingly tough for WeChat to break into the western market, they have a pretty comprehensive, and enviable, home advantage. China’s is, of course, an enormous market that tech giants such as Facebook and Whatsapp have had little success breaking into, due in large part to government bans and censorship within the country. Meanwhile, WeChat, and it’s parent company TenCent have comparable free rein to continue their dominance within China whilst also expanding and taking on the dominance of Facebook et al in the west.

Perhaps the thought of one single tech company playing such an integral part in people’s daily lives is a scary idea. What if the app’s cyber security is breached? Would privacy become an even more controversial issue? All we know is that Silicon Valley has taken note, and the traditional tech giants that we know may be set to face a very real challenge to their dominance in the coming years.

The post Is WeChat set to shake up the tech industry? appeared first on Panda Security Mediacenter.

Panda Security

Where the leading apps keep your company’s data

panda-security-data

The current digital economy revolves around data. Giving up our data is the price we pay for signing up for free internet services, as the companies who provide these services use this personal information in order to fine-tune ads paid for by their true clients: advertisers.

Data is the Internet’s oil. Unlike this limited fossil fuel, however, data is increased in quantity every day. In 2013, it was reported that 90% of the world’s data had been generated in the two previous years, in other words, between 2011 and 2012. The trend has not shifted since then. The companies and countries who control the world’s data reserves will have, as with petroleum, a highly valuable resource on their hands.

90% of all the data in the world in the year 2013 was generated between 2011 and 2012

So, where is the majority of the digital era’s black gold stored? For now, the winner is, by far, the United States. 63.5% of services analyzed by Jorge Morell, expert in the terms and conditions of these kinds of companies, store their data in the US.

A far cry from that figure, weighing in at 1.9%, it appears that Europe has not jumped on the bandwagon of Big Data, so for now it looks like the American domination of the digital market is here for the long haul.

For a more detailed look, 58% of the most visited websites in a country like Spain, the subject of Morell’s research, do not reveal where they store their users’ personal information. As of now, they are not obligated to do so, so many of them make no mention of it in their terms and conditions.

Among those who are transparent in this regard, the clear winner is, again, the United States (36% of all analyzed services), although it is rarely cited as the only one. The ambiguous “and other countries” is thrown into the report haphazardly, as well as the tags Canada, China, or the vague “Outside of the European Economic Area (EEA)”.

When data crosses the pond, companies are legally bound by the Safe Harbor or Privacy Shield agreements to declare where it is stored, hence the fact that national companies are more likely to keep this information a secret.

However, all websites that until now have been silent will soon be required to declare openly the country in which their users’ personal information is stored. The new General Regulation of Personal Data Protection, with which all countries in the EU will have to be in accordance starting in May 2018, will make it compulsory that companies who maintain operations in Europe reveal the whereabouts of their personal data storage for all users, whether companies or the general public.

Such being the case, we shall soon be able to answer with greater certainty the question, “Where do the leading apps keep your information?” For now, we know beyond the shadow of a doubt that in most cases your personal information ends up in or passes through the United States at some point as it bounces around the net.

The post Where the leading apps keep your company’s data appeared first on Panda Security Mediacenter.

Panda Security

What is a VPN and how it Works?

pandasecurity-vpn

Watch your favorite shows anywhere, and other useful VPN functions

In simple terms, a VPN, or Virtual Private Network, is a connection between a group of discrete networks that exchanges encrypted data between your computer and a distant server.

Sounds like boring technical jargon? Well, VPN’s can actually be used to perform some pretty neat tricks online that you’ll be missing out on if you don’t employ the services of these privacy boosting devices:

Safely access a work or home network from far away

VPN’s are an essential tool for professionals out there who travel and have to access important files from a distance. Individuals can use a VPN to access network resources even if they’re not physically connected to the same LAN (local area network).

Why are they perfect for dealing with important data from afar? Well, a VPN is also an efficient and easy way to maintain your privacy when you’re surfing the web. In fact, many experts recommend the use of a VPN when browsing the Internet on a public Wi-Fi hotspot as they guarantee that all the data you’re sending and receiving is encrypted and inaccessible to hackers.

If anyone tries to pry on your internet activity, all they’ll see is the VPN connection, all other data will remain anonymous.

Avoid censorship and detection online

A controversial function of the VPN for sure, they can be used to bypass government censorship anonymously. Whether you agree or not with censorship online, it’s an undeniable fact that certain websites are blocked for legal reasons, almost every government worldwide blocking certain websites within their country.

Meanwhile, the ability that a VPN gives its user to go undetected online has been highlighted in the news recently as police in Holland confiscated 2 servers from VPN provider Perfect Privacy without releasing a public statement.

The German and French governments also want to controversially force mobile operating systems, by law, to allow them to access encrypted content if they deem it necessary in federal investigations.

Watch your favorite shows online wherever you are

Here’s where the fun begins! Many, many people are using VPN’s merely for entertainment purposes. The reason for this? Companies like Netflix, Youtube and Hulu use geo-blocking mechanisms to make some of their content unavailable outside of certain countries due to legal requirements appertaining to arguably outdated content laws in this age of free information.

In fact some people argue that, though this is only speculation, the content laws being so outdated, recent attempts by companies like Netflix to crack down on VPN usage have only been for show. In other words, the streaming giant wants to keep Hollywood distribution companies, who are responsible for creating a great deal of the content shown on Netflix, happy whilst harboring no real desire for making it harder to access their shows worldwide.

As an example of the numbers, in the US, Netflix offers the full experience of roughly 7000 shows, whereas in the UK slightly more than 4000 are available. Countries that have only been reached by Netflix recently are far behind.

Netflix though, has recently been trying to crack down on VPN usage, whilst also admitting that it is almost impossible to do so effectively.

The company’s Chief Product officer recently said that “since the goal of the proxy guys is to hide the source, it’s not obvious how to stop VPN Users. It’s likely to always be a cat-and-mouse game.”

Though the streaming company have blocked certain VPN users from accessing the site, providers like Express VPN and Buffered VPN claim to have great success at getting around these measures.

The post What is a VPN and how it Works? appeared first on Panda Security Mediacenter.

Panda Security

How to avoid bogging down your own servers

panda-security-attacks

There’s been a lot of talk recently about DDoS (distributed denial-of-service) attacks in the wake of an incident that left thousands of users without internet access as a result of the collapse of the servers at Dyn, a DNS hosting service. Needless to say, we should be aware of this threat, know how it works, and how to defend ourselves against it. Especially now, in the age of the Internet of Things, which has made it easier for cybercriminals to build an army of infected devices to carry out this kind of attack.

Protecting multiple devices in the Internet of Things leaves much to be desired, opening up a broad avenue for attackers to easily gain access to and control over these devices in order to use them as weapons. In a DDoS, all of these involuntary recruits connect to the server at the same time in order to overwhelm it and render it incapable of responding to legitimate requests. It’s as though a mob of people jumped in front of you in the check-out line at the supermarket not with the intention of buying anything themselves, but rather just to block you from doing so.

This danger may be commonplace and companies should, of course, be weary of it, but the truth is that a company’s servers are much more likely to collapse as a result of their own errors than from an external exploit. This has been confirmed by Google’s experts, who, without citing concrete data, warn of the alarming frequency with which this occurs.

A company’s servers are more likely to collapse as a result of their own errors

 Researchers at the search engine giant allege that programmers and developers often assume that a traffic load will be correctly and evenly distributed by the system, with no contingency plan in place in case it doesn’t work out that way.

Google gives us this example in the way of an explanation. A good amount of mobile apps establish a connection with their servers in a given increment of time in order to fetch information. If there’s no urgency, many apps connect every 15 minutes. In the event of an error, these apps are programmed to resubmit the petition every 60 seconds so as not to have to wait an additional 15 minutes if something in case something goes wrong on the first attempt.

This system reveals its shortcomings when the server, for whatever reason, is unavailable for a given period of time (not necessarily a long one). When it’s back up and running, it receives not only the usual requests every 15 minutes, but will also receive, all at once, an onslaught of requests that were made every 60 seconds during its time offline.

The outcome? A self-inflicted DDoS attack, which could shut down the app as a result of excessive simultaneous connections. If, on top of that, the server goes back offline following this bottleneck of traffic, the chain of incidents will start all over again.

Tips to avoid DDoS attacks

In order to prevent this from happening, the experts at Google offer some advice:

  • First, make it so that the initial 60 second delay doubles with each failed request, so that the second attempt is submitted after 120 seconds, the third after 240 seconds, and so on. That way, the number of requests piled up will be lower when the server returns to normal.
  • They also recommend that the app keep count of the number of reconnection attempts that each user has made, so that the most urgent requests are given priority when the server gets back to normal. This way, the requests that have been waiting the longest will be attended to first, while the rest continue waiting. A traffic bottleneck will therefore be averted, along with unwanted downtime caused by a DDoS attack launched against yourself.

The post How to avoid bogging down your own servers appeared first on Panda Security Mediacenter.

Panda Security

“Cyber-crime is international, but we get stuck with national laws that may not be compatible in this fight”, Righard Zwienenberg

eset- panda- security

Our guest article Righard has been in the IT security world since the late 80’s, and “playing” with computers since the 70’s.

1- At the beginning, computer viruses were almost like a myth. However, over the years, computer attacks became real and they have evolved significantly, along with security solutions. To what extent are we doing things properly? It seems that today there are more attacks than ever before…

Obviously there are more attacks than ever before. In the beginning, having a computer was a novelty, on top of that, the underlying OS was rather diverse. Nowadays, almost everyone has one or more computers or devices. More devices makes the attack vector more interesting (higher chance of success for the cybercriminal) but as many more people are now “into” computers, there automatically are also more people that will exploit for ill purposes. It is inevitable. As in business, where there is an opportunity there will be an entrepreneur, likewise in cybercrime, if it can be exploited, someone will.

With the growth and evolution of the OS’s, security solutions followed. Actually not only the security solutions but also the general perception of security by the public. Guess banking Trojans and ransomware were useful to raise the awareness.

guest-article-panda

Senior Research Fellow, ESET

2- You developed your first antivirus in 1988. Back then, the number of viruses to detect was very small, despite the fact that they already used some really complex techniques. Considering the way computer threats have evolved, would it be possible for somebody today to develop an effective security solution by himself?

Why not? All you need is a good (new) idea and implement it. It may be the holy grail of heuristics and proactively block a complete new type of threat, or even multiple. That is how the current anti-malware products started in the late 80’s. Of course a single issue solution would nowadays not be enough anymore as customers expect a multi-layered, full protection solution and the sheer number of daily new malware will make it impossible to keep up just by yourself. So it will be more likely that you sell your technology to a larger company or you become a niche player in the 2nd opinion market. But… There is nothing wrong with that!

3- You’ve worked with groups that cooperate with governments, agencies and companies. In your opinion, who should be more interested in improving their IT security knowledge?  Governments? Companies? The public sector and authorities?

Sadly all of the above. Education and Awareness is key here. New threats emerge all the time, and you need to be aware of the to defend yourself against it. Or at least be able to check if your security vendor is defending you against it.

Governments try to have all people use digital systems and guarantee people’s privacy, but can they? They say they do, but then, even at large public events like the 2016 elections for the US Presidency, where you would assume all the security is in place, ignorant security flaws pop up.

media-center-eset-panda

In the above case, the official website for – the now elected – Donald Trump allowed an arbitrary URL to show the header above the news archive. That can be used as a funny gimmick, but most likely also be exploited if the arbitrary URL is extended perhaps with script code.

4- You have collaborated with law enforcement agencies in multiple cases of cyber-crime. In your opinion, are law enforcement forces well prepared to fight cyber-crime? Do they have enough resources?

They are well prepared and most of the time have the resources to fight cyber-crime. You will be surprised what they actually know and can do. But what usually is the problematic issue is international laws. Cyber-crime is international, but we get stuck with national laws that may not be compatible in the fight against cyber-crime. On top of that, cyber-crime is digital and very fast moving. Too much legislation prevents swift actions. Politics has to catch up with more organic laws that “go with the flow” and do not takes ages to get updated against the latest threats, allowing law-enforcement to rightfully act against cyber-crime and not to have a case dismissed in court due to old-fashioned legislation.

New threats emerge all the time, and you need to be aware of them to defend yourself against it.

5- Is there an appropriate level of cooperation between law enforcement agencies and security vendors/experts, or do you think there is room for improvement?

Room for improvement is always there. But LEO’s and the private sector already do work together (although as mentioned hindered by (local) laws). Some new cooperation initiatives are actually about to be started and initiated by LEO’s. It clearly shows that working together, it will be easier to reach the mutual goal: to get cyber-criminals locked up, removing safe havens for them.

6- Ransomware attacks can have disastrous consequences for consumers, employees and companies in general. The cost of recovery from a security breach can be very high for an organization; however, what do you think of the expenses a company must face to prevent such attacks?

These must be seen as a preventive measure, a kind of insurance. You do invest for a lock on your door although the door can be closed, right? And when you compare the cost for preventive measurements against the cost after ransomware (the lost work, the lost time, checking and cleaning up the entire network (as you don’t know if it put some executable files of some stolen data somewhere on an open share, or if a backdoor was installed, etc.), the negative public PR, etc.), it isn’t all that expensive. Awareness (and thus proper education) is the key for all people to understand that reporting suspicious activity earlier can actually save a lot of money for the company. In this case, the cost of a report of suspicious activity that turns out to be false is nullified by the cost saved by that single report of suspicious activity where it turns out the threat is real.

Awareness (and thus proper education) is the key for all people to understand that reporting suspicious activity earlier can actually save a lot of money for the company.

7- Righard, you’ve been working with AMTSO (Anti-Malware Testing Standards Organization) since its inception. During this time, you’ve had the opportunity to work in different positions within the organization: CEO, CTO, and now you are a member of the board. What influence has AMTSO had on the world of security solution testing? What difference has it made?

AMTSO had – in my perception – a tremendous influence on the world of security solution testing. Yes of course, it was a struggle in the beginning, errors were made, but now, after repairing the organizational flaws, AMTSO came up with Guidelines and Recommendations that were adopted by testers and vendors, making sure that all testing was done fair and equally. This has also caught the eye of other organizations that are now recommending AMTSO and AMTSO “compliant” tests or to get a product certified by a tester that has adopted the AMTSO Guidelines and Recommendations.

8- What challenges will AMTSO have to face in the near future?

AMTSO is growing and is now changing the Guidelines and Recommendations into real Standard Documents. This is a delicate procedure to complete, but when completed and done properly, a big step forward. As AMTSO is growing and getting more members of different industries, but also from the same industry with motivations or ways of thinking that are different than the established industry, with older and newer companies, keeping it all together to continue to build AMTSO broader and going for AMTSO’s goals, that will be a challenge. But I am sure the new management will be able to do so. I would not have stepped down as CEO/President if I didn’t believe it would be in good hands!

The post “Cyber-crime is international, but we get stuck with national laws that may not be compatible in this fight”, Righard Zwienenberg appeared first on Panda Security Mediacenter.

Panda Security

Your Tinder Account could be hacked.

Security researchers have discovered that two of the world’s most popular mobile dating apps can be hacked, exposing sensitive user data in the process. The team from the University of South Australia ran a series of tests, proving that a number of personal details could be extracted from the apps relatively easily.

Capturing network traffic reveals all

The two apps in question, Tinder and Grindr, claim to keep personal details private until users select a match, someone they want to make.

The two apps in question, Tinder and Grindr, claim to keep personal details private until users select a match, someone they want to make contact with. It is only at this point email addresses or usernames are shared, allowing people to connect directly.

The team of experts found that a determined hacker could capture information as it passed between the user’s phone and the Internet. Flaws in the apps themselves could also be exploited to reveal even more information directly on the Android smartphone.

Using the same techniques demonstrated by the university team on the Tinder app, hackers are able to recover all the profile images viewed by the user, along with details of each “match”. Further probing reveals the user’s unique Facebook token – a string of numbers and letters that could be used to personally identify the app user.

Security tests suggest that Grindr is even less secure. Among the information recovered were the details of profiles the user had viewed, along with their own email address. Even more worrying was the discovery that messages from private chats could also be accessed by hackers.

Why does it matter?

Romantic relationships are built on trust by sharing private thoughts and feelings with another person. We make ourselves vulnerable by discussing things we wouldn’t share anywhere else.

This kind of deeply personal information is extremely attractive to hackers who can use it to blackmail the user, or to build a personal profile for advanced social engineering attacks. The secrets revealed in private conversations can often be used to guess passwords, or “trick” people into handing over valuable information like bank account numbers.

How to protect Tinder against hacking

Tinder and Grindr were both criticized by the University of South Australia for failing to properly protect users’ data. In the conclusion of their report, users were urged to be extra careful about the apps they install on their Android phones.

Ultimately the responsibility for these problems lie with the app developers who need to improve their security provisions. In the meantime, Android users can enhance their own protection using Panda Mobile Security to prevent personal data from being accessed without permission – as was the case here.

Panda Mobile Security prevents malicious apps from stealing data, and can be configured to limit data sharing between legitimate apps, helping to keep your sensitive personal information away from hackers. Which means you can focus on finding love without someone accessing your private chats.

The post Your Tinder Account could be hacked. appeared first on Panda Security Mediacenter.

Panda Security

How to avoid hacking to Critical Infrastructure

panda-security-infrastructure

The cyber-attacks on the backbone of today’s economies are materialized in those assaults that affect society as a whole. The strategic priorities of national security include infrastructure exposed to the threats that can affect the operation of essential services.

PandaLabs, Panda Securitys anti-malware laboratory, has released a whitepaper called “Critical Infrastructure: Cyber- attacks on the backbone of today’s economy” with a timeline of the most notorious cyber-security attacks around the world on critical infrastructure, and recommendations on how to protect them.

Malware and targeted attacks aimed at sabotaging these networks are the main threats to critical infrastructure. Oil refineries, gas pipelines, transport systems, electricity companies or water supply control systems all form part of a technologically advanced industry where security failures can affect the whole of society.

Malware and targeted attacks

Today’s increasing trend towards interconnecting all types of infrastructure also increases potential points of entry for attacks on the services that have become essential for today’s societies.

This is apparent with the cyber-attacks that have been carried out in the past against these networks, the first of which took place in 1982, even before the Internet existed. In this case, attackers infected the systems of a Siberian oil pipeline with a Trojan.

critical-infrastructure-pandaIn addition to paralyzing and reducing services, which was what happened to the Venezuelan oil company PDVSA when it was hit by an attack that reduced production from 3 million barrels a day to 370,000, such attacks can also have a significant financial impact. One of the largest car manufacturers in the USA was left with losses of around US$150 million thanks to an attack using SQLSlammer, which spread rapidly and affected 17 production plants.

The threat is real

panda-security-crtical-infrastructureOne of the most infamous cases of cyber-attacks on critical infrastructures in history was Stuxnet. It is now known that this was a coordinated attack between the Israeli and US intelligence services, aimed at sabotaging Iran’s nuclear program. The case became the catalyst that made the general public aware of these types of threats.

Over the years there have been key events that have marked turning points in global security, such as the 09/11 attacks. In Europe, there was a similar key date, March 11, 2004, the date of the Madrid train bombings. As a result, the European commission drew up a global strategy for the protection of critical infrastructure, the ‘European Programme for Critical Infrastructure Protection’, which includes proposals to improve Europe’s prevention, preparation and response to terrorist attacks.

How could these attacks have been avoided?

The technical characteristics and the high level of exposure of data that can be stolen means that special care needs to be taken in protecting these infrastructures, including a series of good practices, such as:

  • Checking systems for vulnerabilities.
  • The networks used to control these infrastructures should be adequately monitored and, where necessary, isolated from external connections.
  • Control of removable drives is essential on any infrastructure and not just because it has been the attack vector for attacks as notorious as Stuxnet. When protecting such critical infrastructure, it is essential to ensure that malware doesn’t enter the internal network through pen drives or that they are not used to steal confidential information.
  • Monitoring PCs to which programmable logic controllers (or PLCs) are connected. These Internet-connected devices are the most sensitive, as they can give an attacker access to sensitive control systems. Moreover, even if they don’t manage to take control of a system, they can obtain valuable information for other attack vectors.

In light of this panorama, protection against advanced threats and targeted attacks is essential. Adaptive Defense 360 offers comprehensive security against these attacks and provides companies with all they need to defend themselves and close the door on the cyber-security vulnerabilities that can, in the end, affect us all.

Download the infographic “Cyber-attacks on the backbone of today’s economy” here.

Download the Whitepaper:

international

International Edition

 

Russia

Russian Edition

 

PortuguesePortuguese Edition

 

swissSwiss Edition

 

The post How to avoid hacking to Critical Infrastructure appeared first on Panda Security Mediacenter.

Panda Security

How To Evaluate a Next- generation Endpoint Protection

Adaptive-defense-document

We are lately seeing blogs attempting to publicly demonstrate that next-generation protection solutions, like Adaptive Defense, are vulnerable. These proofs of concept aim to demonstrate that there are malicious files that evade detection when reaching a system or attempting to run. The problem with these demonstrations is that the writer expects the malicious files to be stopped before being run. But that’s a mistake, and reveals a clear misunderstanding of this new protection model based on the continuous monitoring of process activities.

To be truly effective, a next-generation solution must provide continuous protection against all types of attacks. This means that it must offer continuous prevention, detection at runtime, visibility into every action taken, and intelligence to block malicious actions such as lateral movements.  It is not enough to provide detection at file level based on a list of malware files. Efficient security means being able to protect systems before, after and during an attack.

The cyber-security ‘war’ goes beyond the ‘battle’ of detecting malicious files when they reach a computer or attempt to run. It will be won by whoever is capable of efficiently, seamlessly and unobtrusively monitoring every process running on devices, blocking those that, despite being apparently and initially harmless, show malicious behaviors. Today’s malware is extremely sophisticated and should never be underestimated. But not ony that…

Protection is not only about detecting threats before, after and during an attack, it is also remeadiation and prevention.

That’s why a next-generation solution must also include response and remediation capabilities. These products are known in the security sector as EDR (Endpoint Detection and Response) solutions, and they incorporate forensic analysis tools capable of tracing every action taken on the endpoint in order to remediate and prevent present and future attacks.

Why past methodologies are no longer valid

Panda Adaptive Defense integrates all of those features into a single Next-Generation protection solution based on continuous monitoring, and which provides prevention, detection, visibility and intelligence to block known and unknown attacks. In addition to continuous monitoring via hundreds of sensors, Adaptive Defense also provides forensic analysis tools for efficient remediation and prevention.

When  you read these proofs of concept, you must understand that they are not real. The fact that a security solution doesn’t detect a file as malware at the time of reaching a system doesn’t mean that it is not efficient. On the contrary, in the particular case of Adaptive Defense, it is perfectly possible that the solution doesn’t detect the file at that time, but it will detect it as soon as it attempts to run, or will monitor and block it during an attack.

This ability is not present in traditional solutions based on a more or less generalist malware blacklisting strategy, and which rely on detecting malicious files on the system or when attempting to run. With these solutions, if a malicious file is not classified as malware, it will be allowed to run regardless of the actions it carries out during its life cycle.

Adaptive Defense might also let it run, albeit keeping an eye on it at all times and reporting its activities to our Machine Learning Intelligence platform. This system, which is in constant evolution and correlates data from thousands of endpoints with hundreds of sensors, will determine if the file’s activities constitute malicious behavior, in which case it will prevent it from running. Then, the file will be immediately classified either automatically or by a team of cyber-security experts. This analysis will determine with complete accuracy the nature of the attack. The old model doesn’t provide any of this.

Welcome to the Next-Generation Panda Security!

The post How To Evaluate a Next- generation Endpoint Protection appeared first on Panda Security Mediacenter.

Panda Security

How is Internet privacy upheld in the ‘digital afterlife’?

How do you account for someone’s digital presence after they’re no longer with us in the physical world?

The ‘digital afterlife’ is a concept that has been receiving increased attention from tech giants like Facebook and Google. Their aim is to make the passing of a loved one or relative easier, while also playing a role in celebrating people’s lives after they have passed away.

Internet Privacy

The issue of Internet privacy is, of course, a touchy one and this is magnified immensely in the difficult period after someone has passed away.

Whereas it used to be less clearly defined, Facebook recently felt the need to clarify the process that it adheres to after a user has passed away. If the social media giant is made aware of a user’s passing, there are two options; the account is memorialized or deleted. The account cannot remain active.

There’s an important reason for this, and that is the curious cyber security risks that come with leaving the page of a social media page unaccounted for after a user has passed away.

Unfortunately, the growing digital graveyard left by people’s data footprints as they lived their lives is not treated with the same reverence as its equivalent is in the physical world.

Cyber Security risks for a social media account

There are tangible cyber security risks for a social media account that isn’t being used, with reported incidents of deceased users’ accounts being hacked and taken over by spambots. These accounts are often used for advertising, with some users having reported seeing their deceased relative or friend’s account starting to like pages on the social media website months, or even years after that person has passed away.

People’s social media pages have also even been hacked after their deaths and distasteful messages left on their page as status updates.

These risks are the main reason that Facebook has recently clarified its policy on changes to a user’s account once they have passed away. In a recent statement, the tech company said, “if Facebook is made aware that a person has passed away, it’s our policy to memorialize the account.

Facebook though, has had issues with processing memorialization requests; there have been reported cases of it taking up to 6 months for a request from a family member to be processed, and others of people receiving no response at all.

With over a billion users, and some estimates claiming that more than 8,000 Facebook users die every day, it’s no easy task dealing with so many accounts and companies like Facebook and Google usually outsource such extensive undertakings.

Whilst the policy is strict on what happens to deceased users’ accounts, the social media giants don’t want this to take away from the freedom of deceased users’ loved ones in having a say in their relative’s digital afterlife.

Facebook have released a statement saying “there is more we can do to support those who are grieving and those who want a say in what happens to their account after death.” Google, meanwhile, have highlighted the importance of allowing people to “plan [their] digital afterlife.” Both companies allow users to designate a contact who will have access to their memorialized account after they have passed away.

Facebook ‘legacy contacts’ and Google+ ‘trusted contacts’ are able to curate their loved one’s social media pages after they have passed, by posting pictures and leaving updates whilst those who are already friends can leave parting messages.

Allowing this form of contact decreases the risk of cyber security being an issue in the digital afterlife.

The post How is Internet privacy upheld in the ‘digital afterlife’? appeared first on Panda Security Mediacenter.

Panda Security

Panda Security Scoop Advanced Award from Computing

panda-security-award

Panda Security were delighted to attend Computing’s Security Excellence Awards 2016, held in the heart of London on 24th November, and took home one of the major prizes with Adaptive Defense named best solution against Advanced Persistent Threats.

This first award ceremony from the UK’s leading business technology publication Computing, celebrating achievements of the IT industry’s best security companies, was attended by hundreds of industry notables and disruptors alike.

prize pandaAs well as some mind-melting table magic the audience were amazed by ‘pretty fly’ compère Chris Turner who took suggestions and items from the audience merging them seamlessly into hilarious improv’ raps.

Amongst those handed out on the night, of special note was the award for Advanced Persistent Threat Solution, as stealthy attacks are becoming increasing more common against organisations, requiring solutions to be one step ahead of the game at all times.

Fending off stiff competition in this hotly contested category from Darktrace, Barracuda and Illusive Networks, Panda Security was announced the overall winner with their Adaptive Defense Solution, with the award accepted by Tony Lee, Managing Director of Panda Security UK & Ireland.

The award was judged according to functionality, differentiation and adoption, and the winner Adaptive Defense is just the latest result of innovation from Panda Security designed to work alongside existing security solutions and protect against APTs and other advanced threats such as Ransomware.

 

For more information on Panda Security’s solutions visit http://www.pandasecurity.com/enterprise/

Congratulations to all Finalists and Winners at this first ever Computing Security Excellence Awards, we are excited for next years’.

The post Panda Security Scoop Advanced Award from Computing appeared first on Panda Security Mediacenter.