Category Archives: Panda Security

Panda Security

Panda Security

Companies don’t take proper care of the data they store in the cloud

cloud panda security

That hard disks, pen drives and other physical storage devices are an attractive target for cyber-criminals wanting to steal confidential information from enterprises is something that company managers are well aware of. And, in fact, they try to educate their employees about the need to use those tools properly.

However, the now-popular digital cloud, used by businesses to store increasing amounts of sensitive information, must also be taken into consideration when designing a company’s cyber-security strategy. Moving to the cloud has powerful benefits – cost savings, easy access to files from anywhere, convenience, etc.- yet it also poses some risks that must be identified and controlled.

According to a recent study published by the prestigious Ponemon Institute, the majority of businesses have not or do not know if they inspect their cloud services for malware.

The majority of businesses have not inspected their cloud services for malware.

According to the study, while 49 percent of business applications are now stored in the cloud, fewer than half of them are known, officially sanctioned or approved by the IT Department.

While respondents understand the risk of data breaches, nearly a quarter could not determine if they had been breached, and nearly a third couldn’t determine what types of data were lost in the breach(es). Neither do they know how the breach(es) occurred.

This and similar studies seem to indicate that enterprises rely too much in the security measures adopted by cloud service providers themselves and that, all too often, companies leave the protection of their most valuable secrets and assets almost exclusively in the hands of third parties such as Amazon or Slack.

To resolve this situation, CISPE, a coalition of cloud service providers operating in Europe, has published the sector’s first code of conduct aimed at ensuring data security and confidentiality. Compliant cloud infrastructure providers will be able to identify themselves with a ‘Trust Mark’ that will provide additional security assurance for customers, especially corporate ones.

Nevertheless, despite the measures taken by these Internet giants to ensure the integrity of the information stored on their servers, companies and their employees cannot ignore their own responsibility to keep corporate data and documents secure. Just as they take good care of their hard drives and pen drives, they should also take care of the cloud to prevent their data from ending up in the wrong hands.

The post Companies don’t take proper care of the data they store in the cloud appeared first on Panda Security Mediacenter.

Panda Security

Searching for celebrity news on Google can be dangerous for your computer

celebrites-malware-panda-security

Something as apparently inoffensive as employees keeping up with the lives of ‘celebs’ on the Internet could be far more dangerous than you think for your company’s IT systems. Whether you like it or not, some employees take advantage of dead time (and not-so-dead time) to look for all the latest gossip and news on the Web.

There may not be anything too risky about reading reputable newspapers online to see the latest news or check out your team’s results (although there have been cases of malware-laden ads in online newspapers). However, gossip columns and other celebrity stories have become a serious threat for the security of computers and mobile devices.

Cyber-criminals are well aware of the interest generated by the lives of the stars, which is why they have come up with specific strategies to bait users into downloading malicious programs on their computers when they access this content.

Cyber-criminals are well-aware of the interest generated by the lives of the stars.

The first step that the average user takes when looking for information about celebs is to ask Google. Yet some searches are more risky than others. Some famous people and related events offer more potential for attackers, as was the case recently with Brad Pitt and Angelina Jolie after their separation became public.

New film or music releases are also a popular weapon for criminals whose aim is to infect users’ computers and devices looking for passwords and other confidential information. Whenever a new story breaks, searches related to those involved increase dramatically and it becomes easier to infect users with malware hidden on malicious websites with related stories.

New film or music releases are also a popular weapon for criminals.

In order to minimize the threat, apart from having an efficient policy for controlling the way your employees use your company’s devices, the most effective measure is awareness. Firstly, your company’s workers should learn to distinguish between trusted pages and those that could potentially be used by criminals to infiltrate your systems. They should also avoid any links to illegal downloads, whether direct or via ‘torrent’ (highly in demand when a new film or song is released).

Of course, you can get an additional guarantee of protection against malware that exploits users’ fascination with celebrity news by having a security solution to protect all your devices, such as Panda Security’s corporate solutions.

The post Searching for celebrity news on Google can be dangerous for your computer appeared first on Panda Security Mediacenter.

Panda Security

Black Mirror – How much is already real?

pandasecurity-black-mirror-threats
Warning – the following article may contain spoilers

What it’s true of Black Mirror?

Charlton Brooker’s Black Mirror television series has become something of a phenomenon thanks to its almost prophetic predictions about society and technology. Set in the very near future, Black Mirror borrows technology stories from the media, and imagines the worst possible outcomes to create a bleak view of the world that we are creating today.

What makes Black Mirror so compelling is that the storylines are simultaneously outlandish and plausible. More impressive is the fact that some of the predictions have actually come true.

As the third season of Black Mirror airs on Netflix, it’s time to consider how close to reality the latest round of predictions really are.

Episode 3 – Shut up and dance

Hackers take control of a Kenny’s laptop, and use the webcam to secretly film him in a compromising situation. Kenny then receives a string of ransom texts to his phone, demanding he follow the supplied instructions or risk the embarrassing video being leaked to his friends, family and the rest of the world online.

The reality is that malware already exists to hack into computers, activating the web cam remotely. And like most malware, you probably won’t even notice anything is wrong until you receive a ransom demand or similar.

To prevent being spied on, some people take the extreme step of taping over their webcam – a method favoured by Facebook CEO Mark Zuckerberg.

Just as effective (and much easier to manage) is to protect your computer with a robust antivirus application like Panda Security that can detect and block malware before it can install itself.

Episode 6 – Hated in the nation

The Metropolitan Police investigate the brutal murder of a journalist in London. All the evidence seems to point to the woman’s husband, but of the detectives assigned to the case suspects that social media may also play a part.

As more deaths follow, it is discovered that a swarm of robot bees has been programmed to kill anyone trending online with the hashtag #DeathTo. The mob mentality of social media users is unwittingly singling out individuals for death.

The robot bees may not yet exist, but the vicious hashtags that accompany each attack in Black Mirror certainly do. Cyberbullying is widespread, and really does cause lasting damage to the victim, leading to stress, depression and, in extreme cases, suicide.

Online bots that respond to trending hashtags already exist, helping to spread viral messages, or trigger specific actions for companies that monitor social media. The artificial “intelligence” to drive a swarm of robot bees is ready, even if the technology is not.

To avoid attracting the attention of trolls online, parents should consider installing a comprehensive internet security package like Panda Gold Protection (you can download a free trial here). This will allow you to block access to sensitive sites – including social media – protecting your family against simple, unintentional mistakes becoming headline (life-threatening) news.

Horrifyingly close to reality

Black Mirror makes for uncomfortable viewing – mainly because it is so close to the reality we know. The dire outcomes of each episode are just realistic enough to create a terrifying view of the future. Fortunately you can avoid starting some of these chains of events with some effective internet security software.

For more help and advice about staying safe online, please get in touch.

The post Black Mirror – How much is already real? appeared first on Panda Security Mediacenter.

Panda Security

Are we closer to hacker-proof computer code?

formal verification

Can you imagine a system that could not be hacked? That repelled those who tried? This apparently impossible dream has been pursued by developers for decades, without much success. In theory, this is perfectly possible; in practice, however, it demands too much effort and program code would be too long.

However, the HACMS project has taken a very big step to fulfill that dream. According to information recently revealed to the public, in the summer of 2015 the U.S. Defense Advanced Research Projects Agency (DARPA) conducted an experiment consisting of subjecting an unmanned military helicopter equipped with a new kind of security mechanism to attack by a team of six hacking experts. The helicopter was impossible to hack into, despite the hackers had the advantage of having been given access to some parts of the drone’s computer system.

The security mechanism they were testing is based on an old concept that only recently is becoming a reality: formal verification, a style of software programming that ensures code integrity. With the technology that we have today, it was absolutely impossible to hack into key parts of the helicopter’s computer system, its code as trustworthy as a mathematical proof.

Writing such strong computer code has been the aspiration of every expert since the inception of computer science. For a long time it seemed hopelessly out of reach, but the technological advances made by military and academic institutions, in collaboration with large multinationals such as Microsoft and Amazon, have made the idea of creating hacker-proof code a closer reality.

 

The technological advances made by military and academic institutions, along with tech giants, 

have pulled hacker-proof code into a closer reality.

panda securityThe ongoing efforts towards developing unhackable code are being spurred by the need to strengthen security in our increasingly interconnected world, with the Internet of Things becoming a reality in households, cities and almost every object that surrounds us.

The promising results of the HACMS project have already been replicated in other areas of military technology, such as satellites and driverless trucks, and Microsoft is working on two projects based on similar techniques: one aimed at securing complex cyber-physical systems such a drones, and another one, codenamed Everest, to create a verified version of HTTPS that allows users to browse online safely.

It is difficult to think that we are witnessing the beginning of the end of hacking, but it is true that we are one step closer to making things much harder for cyber-criminals by designing programs which, with today’s technologies, are impossible to tamper with.

 

The post Are we closer to hacker-proof computer code? appeared first on Panda Security Mediacenter.

Panda Security

TrickBot, new spam campaign against companies

attack panda security

On November the 2nd we witnessed a new spam campaign delivering emails each with a Word document attachment targeting UK companies. Each email message had the subject “Companies House – new company complaint” and the Word document attachment was titled “Complaint.doc”. When users open the document, this is what they see:

windows trickbot

How TrickBot works?

If the user follows the instructions given, the macro in the document will be executed. It will download a file called dododocdoc.exe which will be saved in %temp% as sweezy.exe and then executed. This file is a variant of the TrickBot malware family. Once executed it will install itself in the computer and will inject a dll into the system process svchost.exe. From there it will connect to the command and control server.

This has not been a massive campaign, but it has been targeted to UK companies – we’ve just seen a few hundred e-mails to our clients, and all of them were protected proactively without needing any signature or update. However taking a look at the potential victims, all of the emails were to companies, no home users were targeted, and it turns out that most of them were to businesses in the UK. There were 7 cases in Spain, and one in Belgium, Ireland and Thailand. The campaign was short, the first case happened at 10:55am and the last one at 12:11pm (GMT).

The macro uses PowerShell to execute the malware, which is a common technique that is becoming more and more popular recently, being used in ransomware attacks or even to infect Point of Sale terminals.

From Panda Security we recommend that businesses ensure all software is updated, have a reputable security solution in place  and hold regular staff security awareness training.

The post TrickBot, new spam campaign against companies appeared first on Panda Security Mediacenter.

Panda Security

Microsoft and Apple unveil new computers with improved security features

apple microsoft security

In events that took place on consecutive days, the two tech giants presented last week their new ‘weapons’ in the fight for computer supremacy. Whereas Microsoft has decided to go for more pricey, sophisticated and innovative computers, Apple has decided to stay with what the company knows works well and has limited itself to introducing some improvements in its acclaimed laptop computers.

The Redmond company has taken everyone by surprise by rolling out an ‘all-in-one’ device, Microsoft Studio, aimed at knocking the iMac off its perch as the favorite tool among creative pros. The new computer is one part PC, one part graphics tablet. It can be folded, allowing artists and designers to use it in a similar way to a tablet, while offering at the same time an extremely powerful computer very reminiscent of Apple’s iMac for all kinds of professionals.

Additionally, the company founded by Bill Gates has upgraded its Surface Book tablet and presented the new update of its Windows 10 operating system: Windows Creators Update. This new version is stuffed with new features, including the first revision in a long time of its security tool Windows Defender.

The program ditches its classic look and feel in favor of a more Windows 10-style appearance, with a responsive interface adapted to touch screens. It also looks like Windows Defender will be integrated with other tools, like Windows Firewall or Family Safety, allowing for central management of all security aspects of Microsoft’s operating system.

As for Apple, the new MacBook Pro features some significant enhancements with regards to security. First, it incorporates Touch ID for the first time ever. Touch ID, already present in the company’s iPhones, is a fingerprint scanner which, despite posing certain security risks, introduces a new mechanism to verify a user’s identity on Apple’s computers beyond traditional passwords.

This biometric security system will be integrated into Apple’s laptops through the new Touch Bar, a multi-touch strip located above the keyboard and which displays contextual menus and allows for different actions depending on the program you are using. With the Touch Bar, for example, you will be able to do something as simple as paying for an online purchase just by placing your finger on the small display.

If this were not enough, the new MacBook Pro comes equipped with a secondary processor that will perform all security-related tasks, including managing Touch ID and the new Touch Bar. This secondary processor includes what is called ‘Secure Enclave’ technology, specifically designed to manage personal and confidential data most securely.

 

The post Microsoft and Apple unveil new computers with improved security features appeared first on Panda Security Mediacenter.

Panda Security

AtomBombing, a new threat to your Windows

atombombing panda security

A few days ago Tal Liberman, a security researcher from the company enSilo revealed a new code injection technique that affects all Windows versions up to Windows 10. Due to the nature of this technique it is unlikely that it can be patched. In this article I’d like to shed light on this attack, its consequences and what can be done in order to protect ourselves.

How does it work?

Basically this attack takes advantage of the own operating system to inject malicious code and then use some legit process to execute it. Although it is not that different to what malware has been doing for ages (malware has been injecting itself in running processes for decades) it is true that the use of the atom tables (provided by Windows to allow applications to store and access data) is not common, and it is likely to go unnoticed by a number of security solutions.

This attack is not common, and it is likely to go unnoticed by a number of security solutions.

The best explanation you can find so far is the one made by Tal in his blog “AtomBombing: A Code Injection that Bypasses Current Security Solutions”.

If there is no patch and it affects all Windows versions, does it mean that we are under great danger?

Not really. First, in order to use this technique malware has to be able to be executed in the machine. This cannot be used to remotely attack and compromise your computer. Cybercriminals will have to use some exploit or fool some user into downloading and executing the malware, hoping for the security solutions in place not to stop it.

Is this really new?

The way the attack is performed to inject code is new, although as I mentioned earlier malware has used malware injection techniques for a long time, for instance you can see that in many ransomware families.

 

atombombingNew, but not that dangerous… why the panic?

As I said first malware has to be executed in the machine, but we know that at some point this will happen (not a matter of IF, but WHEN.)

Many security solutions have the ability to detect process injection attempts, however to do this they rely on signatures, therefore many of them are not able to detect this particular technique nowadays. On top of that, many of them have a list of trusted processes. If the malicious code injection happens in one of them, all security measures from that product will be bypassed.

 

Finally, this attack is really easy to implement, now that it is known there will be a number of cybercriminals implementing it in their malware sooner than later.

What can we do to protect our company’s network?

On one hand, traditional antimalware solutions are great to detect and prevent infections of hundreds of millions of different threats. However they are not that good at stopping targeted attacks or brand new threats.

On the other hand we have the so called “Next Gen AV”. Most of them claim that they do not use signatures, so their strength come from the use of machine learning techniques, which have evolved greatly in the last few years, and they have shown they are pretty good at detecting some new threats. As they know their weakness is that they are not that good stopping all threats, they have a great expertise in post-infection scenarios, offering a lot of added value when a breach has already happened. Another issue they have is that machine learning won’t give you a black or white diagnosis, which translates into high false positive rates.

Using traditional antimalware + Next Gen AV is the best approach?   

Not the best, although it is better than using just one as they can complement each other. It has however a few downsides. As a starter you have to pay for both. Although it can be justified due to the overall protection improvement, it means you will need extra budget for the extra work (false positive exponential growth coming from Next Gen solutions, different consoles to manage each one, etc.) Performance can become an issue is both are running in the same computers. And finally these solutions don’t talk to each other, which means you are not taking full advantage of the information each one handles.

Panda Solutions for Companies combine the power of the traditional solutions and the machine learning techniques.

The best solution is one that has both capabilities, one that has the power of traditional solutions as well as long experience in machine learning techniques combined with big data and cloud. Working together and exchanging information, with a continuous monitoring of all running processes, classifying all programs that are executed on any computer of your corporate network and creating forensic evidences in real time in case of any breach. Only deploying a small agent that will take care of everything, using the cloud for the heavy-processing tasks offering the best performance in the market. In other words, Adaptive Defense 360.

 

The post AtomBombing, a new threat to your Windows appeared first on Panda Security Mediacenter.

Panda Security

New Panda Security Loyalty Program

pandasecurity-antivirus-renewal

We’ve a plan for you: Discover the New Panda Security Loyalty Program

We have good news for you. Here at Panda Security we have launched a new Customer Loyalty Program to reward our customers with more favorable renewal conditions.

The Plan includes special renewal discounts that will increase year after year to reach 50% from your third renewal onward. That is, the longer you stay with us, the more you’ll save.

How to you join the program?

It’s as easy as selecting the auto-renewal option when you first purchase your product. That way, you’ll ensure you are always protected with the latest advances in computer security and the best services to ease and protect your digital life at the best price.

It’s as easy as selecting the auto-renewal option when you first purchase your product. That way, you’ll ensure you are always protected with the latest advances in computer security and the best services to ease and protect your digital life at the best price.

pandasecurity-antivirus-renewal-2

Also do not forget to get the most out of your protection, it is much more than a simple antivirus.

Panda’s protection offers you features like:

1. Wifi monitor that helps you to control the devices that use your network, being able to block those that could be using it without permission. Goodbye neighbors!

2. Parental Control to you keep your children safe from contents that are not appropriate to their age.

3. Data protection so you can browse and shop online without fear of having your personal information stolen.

4. Devices optimization so that they always perform as if they were new.

5. Password Management to manage from a single tool the different passwords of services like email, online bank or your Netflix account.

6. Protection for mobile devices:

7. We also offer Support service to our Premium Gold Protection customers. It Will be like having a computer technician at home

Stop worrying and join our plan.

The post New Panda Security Loyalty Program appeared first on Panda Security Mediacenter.

Panda Security

Are (IoT) Smart Homes of the Future As Smart As They Say?

With great power comes great responsibility. Powerful words. We’re not talking about a web-slinging superhero though, but a different type of web altogether -the World Wide Web- and with the ongoing expansion of the Internet of Things, its increasing connection to the physical world is inspiring awe and wonder, but also a growing necessity for out-of-the-box thinking and creative risk assessment from cyber security experts the world over.

Here at Panda Security, we have gathered a few of our ideas on ways that hackers could get unprecedented access to your daily lives through the app-integrated devices you keep at home.

Ways hackers could get unprecedented access to your daily lives

pandasecurity-internet-of-things-infographic

A Doorway Ransom?

As the Internet of Things continues to integrate seemingly inane and unrelated objects, an entire comprehensive home operating system seems increasingly likely. While this will turn your house into a streamlined living space completely catered to your comfort, it could also put you at greater risk of falling victim to a cyber attack in your own home.

Central to any future smart home’s security would surely be its locking system.

Recent investigation, though, has shown that smart locks are alarmingly easy to hack, making them embarrassingly unable to guarantee the function they are there to provide in the first place.

Current systems simply make it too easy for a cyber hacker to actually physically enter your home.

We’ve thought further ahead though; what if a hacker were to completely invert their use of this technological weak spot in the future? If a smart lock can be compromised in order to open it, maybe hackers will find a way to keep your doorway completely shut.

The future’s equivalent of a home invasion could be completely silent, a hacker controlling events from a distance, perhaps asking for a sizeable ransom before letting you out of your own home.

It may make a terrible idea for a film script (Home Very Alone) but it’s a terrifying thought nonetheless. If all of your security devices are interlinked, cyber attackers could potentially also have access to your house alarm and even your car keys.

Smoke Screen Smoke Alarm

One safety feature that is already incorporated into some smart smoke detectors available on the market is the ability to let a smart house pull information from, and manipulate, other smart devices so that they can react accordingly in case of an emergency. This feature is implemented for the user’s safety, allowing a house that detects a fire, for example, to unlock all the doors in the house in aid of a speedy exit.
That is a great example of the way IoT businesses are working to seamlessly integrate and interconnect devices within smart homes. However, there is one strong reservation; if this technology is breached by a cyber attacker, there is the potential for setting off a chain reaction that could greatly reduce the safety of a smart home.

Another way that a hacker could potentially intrude from afar is by setting off a false smoke alarm that will send for the fire services. The chaotic scene could act as a smoke screen, making you a soft target for other potentially malicious cyber attacks.

The Hoover of Death

One of our wilder ideas perhaps, but with all the furor about exploding mobile phones at the moment, we’re aware that IoT is increasingly putting us in the position of giving hackers access to potentially explosive devices!

Could this be manipulated in a cyber attack? Attackers typically work en masse, such as in distributed denial of service attacks (DDOS), where thousands of emails or requests are sent to a server to slow down or crash the intended target’s servers.

If that’s the case we could face a future in which hackers try to send as many machines into overdrive as possible in the hope that some will malfunction. A terrifying prospect, and perhaps part of the reason for which government agencies have been liaising on the potential dangers of IoT related cyber attacks.

Beware the Fridge

Remember that Simpsons episode in which Marge falls for a Pierce Brosnan voiced AI house operating system that does the cooking and is secretly planning to “get rid” of the rest of the family? As bemusing as it may seem we may only be a few small technological leaps away from mirroring the events of that hilarious, yet horrifying, HAL parody.

Ok, granted your fridge isn’t about to have an intelligent conversation with you, and much less hatch a murderous scheme against your family. However, as far back as two years ago, the CIA were highlighting the threat of smart refrigerators in people’s homes.

The Central Intelligence Agency were alarmed when a refrigerator was used as part of a “zombie” network to perform a DDOS attack. All of this unbeknownst to its owners, who had no idea their fridge had taken on a, quite devilish, new purpose aside from keeping tomorrow’s lunch cool.

What’s next?

As these devices become smarter, tracking your shopping habits and ordering deliveries for the home, could a hacker gain access to your bank details or disrupt your order? All we know is that AI and fridges are best left as a spooky cartoon vision for now!

The post Are (IoT) Smart Homes of the Future As Smart As They Say? appeared first on Panda Security Mediacenter.

Panda Security

97% of Large Companies are Victims of Mass Data Breaches

data-breachAshley Madison, Dropbox and Yahoo have something in common—they are all victims of mass data breaches where user log-in credentials were stolen. Sadly, this type of tactic has become more common over the last year. What’s even worse is that it seems like this will continue to be an objective for cybercriminals—after all, why wouldn’t they want access to millions of users’ data? The greater the risk, the bigger the reward.   

Large corporations cannot escape these attacks. Although you might think that regular internet users are the targets of these attacks, most cybercriminals are after large corporations. Despite the security solutions that companies can implement, a recent study has revealed that 97% of the thousand largest companies in the world have been victims of data breaches.

The 97% of the thousand largest companies in the world have been victims of data breaches.

Many users choose to use their corporate email when signing up for one of these online services which, over time, will be victims of some type of attack. If a business’s employees always use the same password to access different platforms, regardless if they use their work email or a personal one, the situation becomes much riskier.

Following a recent investigation, out of all the mass leaks that have affected large corporations, LinkedIn suffered a massive data breach during the attacks last May. Adobe was a victim of a similar attack during 2013. It’s no wonder these two companies were hit: both services are accessed by professionals who use their corporate emails to log-in.

However, the LinkedIn and Adobe cases are not the only multinational companies who have been victims. In fact, the study also reveals one of the most famous data breaches, the Ashley Madison attack that endangered thousands of corporate emails linked to large corporations.

Large economic consequences

The danger these data breaches have on corporate accounts is much greater than simply affecting the company’s reputation. In fact, according to a recent report by the Ponemon Institute , these data breaches cost companies an average of 4 million dollars, that’s more than 3.5 million euros.  With that said, make sure your employees are educated on the matter—While signing up for one of these services, they shouldn’t use corporate information like business emails, and they should make sure they use different usernames with several complex passwords.

The post 97% of Large Companies are Victims of Mass Data Breaches appeared first on Panda Security Mediacenter.