Category Archives: Panda Security

Panda Security

Panda Security

How to get the best out of your computer

plane

You have surely, at one point or another, missed the speed at which your computer once worked when it was new. Now, when you turn it on, it takes an eternity to start up and you’re sat there wasting time.

With time it is normal for the performance of your PC to drop due to the buildup of unnecessary files which reduce the space available on the hard drive.

Likewise, the fragmentation of files, which can also take excessive amounts of time, plays a role in slowing down your PC’s performance.

With this in mind, it is recommended that you do a clean out of your PC every so often, eliminating unnecessary files, etc.

Seeing as we can’t give you a new computer, we came up with a solution to help your PC regain its former glory. Even if you didn’t think it possible, you can do this with an antivirus software.

Cleaning the PC: solution for a slow computer 

The PC Tuneup feature is present in the 2016 antivirus protection line through the Panda Global Protection 2016 and Panda Gold products.

best computer

With this you can:

  • Clean cookies and unnecessary, temporary files that can slow down your PC.
  • Eliminate invalid entries on the register which can affect your PC’s start up.
  • Manage the start up of your computer. You will be able to see all running programs and deactivate them if necessary. Also, the product constantly monitors and advises the user in the event of a program installing itself during the start up process.
  • Optimize your Android devices to increase performance and battery life.

Do you want to try it out? Give our new 2016 consumer solution products a go and tell us what you think!

Remember that we can only help you if you contact us via the technical support page.

The post How to get the best out of your computer appeared first on MediaCenter Panda Security.

Panda Security

Look&feel, reports… We unveil the new version of Adaptive Defense!

The new version of Adaptive Defense is here and we have reason to celebrate!

One of the most important changes to the product is the look&feel, which is now a lot more visual, accessible, and adaptable to all devices. You can manage the product from your smartphone, tablet, notebook, and, computer.

screenshot

AD 21

What’s more, this new console allows you to complete a new report on the attacks and threats that are detected by its advanced protection. This report can be seen in real-time or can be programmed to be sent by email.

informe

Adaptive Defense: more than just an antivirus for businesses

Adaptive Defense protects the endpoints, servers, laptops within your corporate network, and roadwarriors (remote users), by blocking the running of applications that, due to their behavior and nature, aren’t considered as safe applications or goodware. It protects your business against direct attacks, persistent advanced threats, and Zero-Day attacks.

With Adaptive Defense you will:

  • Know 100% of the applications that are running within your business
  • Avoid direct attacks in real-time
  • Be able to consult all information relating to direct attacks on your systems
  • Safeguard your business against future attacks and threats

The post Look&feel, reports… We unveil the new version of Adaptive Defense! appeared first on MediaCenter Panda Security.

Panda Security

10 easy-to-follow online safety tips for grandparents

grandparents security

Online security has no age limits and we can all protect ourselves from cybercriminals without being experts in the field. All you need to do is adopt the traditional “don’t speak to strangers” advice and apply it to your online habits.

Here we’ll recap ten simple steps that all of the family, including your grandparents, can follow to ensure safety while online.

10 easy-to-follow online safety tips for grandparents

1. Don’t trust every email that you receive

Some cybercriminals can pass themselves off as another person with the aim of stealing your personal information. So, how do you know when you’re being tricked? The easy way to stop this is to avoid conversations with people you don’t know. You should also avoid clicking on links sent by an unknown source and never give your personal information to a website that doesn’t begin with https:// (you’ll see a lock in the browser). Also, your bank will never ask for your email address, so don’t give it away.

2. Be wary of downloading attachments

If you receive an email from an unknown source with an attachment that is either ‘.zip’, ‘.rar’, ‘.exe’, a Word document, or a seemingly innocent photo, don’t download it. These could all contain malware that could infect your computer also be wary of emails from friends, as unwittingly, they could send you malware. It’s best to check with them before opening it, if you weren’t expecting to receive an email from them.

3. Surf the web safely

Don’t just give away your personal information to any website without thinking why they demand it. You should also trust your browser, as if there is anything suspicious it will inform you that the website is potentially dangerous. It’s best to pay attention.

4. Use different passwords and change them frequently

If you want to register yourself on trusted website, be sure to use a password with a mix of letters, numbers, and symbols (although a few websites will ask you for this anyway). Never use the same password for all of your accounts and make sure you change them every so often. Also, don’t send your password to anyone or leave it written down anywhere. It might seem a little extreme, but you need to stop others from accessing your network.

grandparents computer

5. Eliminate annoying ads

You never know what an innocent click can do until your browser is filled up with annoying banners, pop-ups, and ads that you don’t want to see. To avoid them, install a blocking service such as Adblock.

6. Be careful of SMS

Cyberattackers are now using this messaging service to carry out attacks, so you should also be wary of what these messages contain. A few months back there was a malware that was spread by this medium which simply asked “is this your photo? – Once the victim clocked on the link, an app was installed onto the device which was able to spy on their contacts.

7. Install an antivirus on all your devices

Leave the experts to worry about your computer or smartphone by letting the antivirus software look after and protect your device from malware. They help to ensure that you are safe when buying online and allow you piece of mind when surfing the net.

8. Exert caution with public Wi-Fi zones

Many is a time that you arrive at the train station, the café, or the hotel and have connected to the Wi-Fi that is offered freely. Although it is convenient, keep in mind that it is a public connection and you should be extra careful about what you do while connected. While browsing, make sure that the lock symbol is present and avoid carrying out bank transactions.

9. Remove your tracks when using other computers

If you log in to a personal email account or another service while using a different computer, be sure to delete all browsing history, including cookies. If you aren’t sure of where to find out how to delete your tracks, follow this simple tutorial from Chrome.

10. Allow updates to your software and operating system

The old saying “better the devil you know” doesn’t really apply to the internet. If your operating system or any of the apps that you have installed is saying that there are updates available, read it carefully and install it. Even if you need to adapt to a few changes, it’s better to have the most up-to-date version as it will be the one that the developers have installed the latest security updates for.

The post 10 easy-to-follow online safety tips for grandparents appeared first on MediaCenter Panda Security.

Panda Security

How to set up your household router to protect yourself from attack

set up router

To keep your electronic devices secure, it isn’t just important to be aware of cyberattacks that could arrive via emails or false links. You need to keep an eye on your router, which provides you with your Internet access, which has become a target for the cybercriminals.

Using these apparatuses as a way to launch attacks is becoming more and more popular and it has been brought to light by two Spanish organizations – the Instituto Nacional de Ciberseguridad (INCIBE) and the Oficina de Seguridad del Internauta (OSI).

They base their warnings on information registered by the INCIBE during the past few weeks. The experts at the organization have detected that the number of daily attacks targeted at routers have increased, reaching nearly 5,000. What the cybercriminals try to do is to install a type of malware on the device and make it form part of a network in which they carry out a denial of service attack (DDoS).

denial service attack

DDoS attacks use a series of computers and other devices with Internet access to saturate server requests where files are stored on a web page, which then stops working and remains inaccessible to others.

  • Each router that was compromised had activated the option of remote administration, which permits access to users outside of the network, allowing any IP address to control its settings.
  • Also, the INCIBE has indicated that the owners of these devices hasn’t modified the access details from the default settings (user name and password). By keeping the original default settings, it was very easy to access them remotely.
  • These factors allow cybercriminals to modify the working options of the router and set up access to a local network. Later, they would only have to install the malware which makes it work as if it were a bot, carrying out massive attacks.

router

  • One of the measures put forward by the OSI to avoid your router being attacked is to change the administrator details and to use better passwords.
  • Also, it isn’t advisable to activate the remote administration unless it is necessary and, in this case, do it during as short a period as possible, so as not to give the attackers a chance to detect its vulnerability.
  • Every router is configured the same, although the interface where you do it and the access options vary slightly depending on the brand. Changes are carried out from the web browser by entering the IP of the device (it comes in the manual, on the tags that are attached to it, or you can find it in the connection settings within the Control Panel).

Finally, if these tips reach you too late and your device is already infected, the best option is to reinstall the firmware (the program that controls the router) from a security copy.

The post How to set up your household router to protect yourself from attack appeared first on MediaCenter Panda Security.

Panda Security

Panda Antivirus for Mac, compatible with El Capitan

el capitan

September 30 saw the launch of El Capitan, Apple’s new operating system for its computers.

So, if you already have Panda Antivirus for Mac installed on your computer, or you’re thinking about getting an antivirus for Mac, we’ve got you covered – Panda Antivirus for Mac is compatible with El Capitan!

mac antivirus

Advantages of Panda Antivirus for Mac

  • Blocks both malware for Mac OS X and malware for Windows.
  • It scans both files and emails.
  • It quarantines infected files.
  • It offers two kinds of scans: a real-time scan that continuously analyzes Mac files, and another that performs monthly, on-demand scans.
  • You can even scan iPhones, iPads and iPod touch for malware.

Remember that Apple and its devices aren’t invincible. To avoid any nasty surprises such as XcodeGhost, you should always update the operating system, download apps from the official store, and use security software.

Are you ready to try our antivirus for Mac?

The post Panda Antivirus for Mac, compatible with El Capitan appeared first on MediaCenter Panda Security.

Panda Security

Kemoge: Google Play faces new app attack

Android users will be well aware of the fact that the Google Play store, and their Android device, are constantly under the watchful eye of cybercriminals. Thanks to the wide usage of the Android operating system, these criminals use this in the favor and use the Google Play store to help spread their malware to unsuspecting victims.

android malware

The latest case is called Kemoge and, similar to another recent malware that affected iOS users, has its roots in China. This follows Google removing many apps from the online store that disguised themselves as legitimate applications but actually began to push out adware and, eventually, more malicious things. Some of the popular apps that were disguised as Kemoge include Smart Touch, Calculator, Talking Tom, Light Browser, Privacy Lock, Easy Locker and others including adult apps. The malware then collects information from the infected device and starts sending ads in an aggressive manner. The eight root exploits are more worrisome because the attackers can use them to download, install and launch apps on the infected device.

Once the campaign was discovered, Google set about deleting the infected applications from its online store and issued warnings to users. The infection covered a large spectrum of devices, but the root exploits are not one-to-one mapping. Furthermore, some of the root exploits are device oriented, like motochopper which targets Motorola devices, but some others are general root, like the put_user exploit, which can root unpatched devices from Samsung, HTC or Motorola.

Once the device is infected, Kemoge beings to install different components which help it gain root access. It, for example, registers MyReceiver in the AndroidManifest which invokes another component called MyService, both of which are disguised as legitimate Google code because they include Google’s com.google component prefix. This means that the device is under constant control without the victim realizing it.

As always, the best way to avoid being the victim of malware, regardless of what device you are using, is to be protected with an antivirus for Android. As we have seen before, there are many different ways that you could have your or your loved ones’ privacy or information compromised, and prevention is the best form of protection.

The post Kemoge: Google Play faces new app attack appeared first on MediaCenter Panda Security.

Panda Security

Inside the mind of a cybercriminal: what is he looking for any why has he chosen your business?

hacker

One of the first steps to ensure that your private information isn’t accessible is to understand the reasons that drive hackers and cybercriminals to do what they do – what are their motives? Politics? Money? Fame? Or is it merely the thrill of getting away with it? What influences their actions and their possible responses?

What motivates a hacker?

Given the importance of having answers to these questions, the cybersecurity firm Thycotic carried out a survey of 127 hackers at the Black Hat USA conference in 2014.

51% of those questioned stated that their main motivation was the “search for emotions”, while only 18% said that they were driven by money. According to the report, this indicates that “modern hackers are curious, they are bored and want to test out their abilities”.

To get a better understanding of this information, we need to put it into context: only some of those responsible for cyberattacks make up what is known as hackers, while the rest of them are simple cybercriminals who are looking for an easy way to make money with their attacks.

A large majority of those (86%, to be exact) were also convinced that they wouldn’t have to face the consequences of their cyberattacks, which also lead them to continue doing what they do. The theory of the study is as follows: “The number of attacks carried out is far higher than the level of monitoring on the systems. Today’s hackers are more adaptable than ever and this allows for multiple attacks on multiple systems, increasing the levels of success without increasing the risk”.

Three reasons to target your business

  1. It’s a personal goal – they carry out these attacks as a personal challenge, something to show off to other hackers or merely to prove themselves a point. This doesn’t mean that there isn’t an element of danger to the attacks that it provokes.
  2. It’s done for personal gain – as we’ve already mentioned, many cyberattacks (the majority of the most important ones) are done with the aim of identity or economic theft.
  3. It’s a form of vandalism – sometimes it’s just done so as to wreak chaos (making IT systems crash, etc.), while other times there is a political element to the attack (“hacktivism”), such as the case of the groups that work under the name of Anonymous.

cybercriminal

How do they choose victims?

In the case of stealing information, 40% of the hackers stated that their main objective was to find the “weak link in the chain” of the business – the contractor. This person may not always have access to the company’s network but the hackers like that they aren’t subject to all of the company’s security policies, which makes them a valuable target.

A further 30% revealed that their main target was the IT administrator; someone with direct access to servers and systems where lots of confidential information is stored, such as that pertaining to clients or customers. This means that once the attacker has obtained control of the access codes, he can easily and quickly take control of the system.

How to protect yourself from an attack

Many hackers and cybercriminals on have to overcome traditional antivirus systems when they are carrying out their attacks – systems of protection that haven’t been able to adapt to the constant evolution of cyberattacks.

Due to this, Panda has come up with Adaptive Defense 360, a security solution that is capable of blocking applications based on real time analysis of their behavior, which allows us to close the “window of opportunity” on malware.

The post Inside the mind of a cybercriminal: what is he looking for any why has he chosen your business? appeared first on MediaCenter Panda Security.

Panda Security

How to protect your company from Zero-Day attacks

zero day attack

Any attack that takes advantage of the “window of opportunity” produced by recently discovered vulnerabilities is called a Zero-Day attack. In other words, a rapid attack that is deployed by cybercriminals before security experts have been able to patch up the vulnerability… or even before they’ve heard of the attack.

Any attack of this type if the dream of any hacker, given that it guarantees instant fame (sometimes these vulnerabilities are spread on the Deep Web), and is known for its ability to be destructive (when it’s used for the hacker’s own benefit). They are also a useful resource for certain governments to sabotage foreign systems or businesses.

The path to finding Zero Days

Protection against these attacks is so important that large technology companies employ their own in-house teams of hackers who compete against cybercriminals to detect and locate Zero Day vulnerabilities before they are exploited.

The objective for these teams is to develop the appropriate patch or to make the affected software provider aware of the problem. Google, for example, has its own dream team of hackers called Project Zero, led by Chris Evans and also includes other well-known hackers such as George Hotz (winner of the biggest prize in history for the detection of a vulnerability), Tavis Ormandy, Ben Hawkes, and Brit Ian Beer. Other companies, such as Endgame Systems, Revuln, VUPEN Security, Netragard, or Exodus Intelligence dedicate themselves to the detection of these threats.

It’s important to keep in mind another aspect of the Zero Day vulnerabilities – if the hackers that discover it decide not to spread it and choose a more discrete method to exploit it, the users could be weeks, months, or years exposed to an unknown vulnerability (this is the basis of APTs, or Advanced Persistent Threats).

hacker

How to protect ourselves against Zero Day attacks

As mentioned above, this is precisely where the danger of these Zero Day attacks rests. Just as it is impossible to make a vaccine for them, or that we know that it exists but we don’t know what caused it, traditional security tools (such as an antivirus), are unable to deal with a possible malware that is still unidentified.

However, there are a few steps and measures that could help us to reduce our exposure to Zero Day based attacks.

  • Never install unnecessary software: each software installed on your system is a window of entry for a potential Zero Day. It’s recommended that you review the list of software once in a while and uninstall those that you no longer use.
  • Keep updated: the software that you keep should always be updated to the latest version.
  • Use a reliable firewall: if it is impossible to detect a malware that comes from an unknown vulnerability, maybe we could detect a suspicious connection and stop it before it’s too late.

However, going beyond that, it is fundamental that our systems have an additional protection barrier in place that doesn’t depend on technology based on signatures to detect malicious software. With this in mind, Panda has developed Adaptive Defense 360, which is based on a distinct focus: the monitoring of every application and the real time analysis of its behavior with machine learning techniques and Big Data platforms.

This lets Adaptive Defense 360 offer two types of blocking:

  • Basic Block Mode, which allows both software tagged as goodware and others to run without being cataloged by the automated systems and Panda Security’s personal expert.
  • Extended Block Mode, which only allows for the running of applications cataloged as goodware.

The post How to protect your company from Zero-Day attacks appeared first on MediaCenter Panda Security.

Panda Security

The advantages of having a managed security service

managed security service

In the corporate environment, cyber-threats are becoming more and more sophisticated, security standards more complex, and budgets tighter and tighter.

The world of technology in the workplace is no longer just restricted to servers, workstations, or email accounts, but rather we need to consider mobile devices and the culture of BYOD (Bring Your Own Device).We also need to be aware of problems that may arise from new trends such as social media and the impact that all of this can have on the security of our corporate networks.

This all places a great stress on businesses when it comes to the monitoring and management of information security.

What are managed security services?

There are currently a new series of products emerging on the market that are placed under the name Managed Security Services. This includes typical services such as antiviruses, firewalls, intrusion detection, updates, content filters, and security audits, while also embracing the new needs that businesses have, based on these services being managed by a third-party who assumes responsibility for the function and monitoring of them at all times.

A study carried out last year in the USA, UK, Canada, and Germany showed that 74% of organizations were still managing their own security systems, but that 82% of IT professionals were working, or had thought about working, for a company that provided security management services.

Advantages of managed security systems

  • Providers of these systems help to mitigate the risks that come with the managing of security in a business and by opting for their services you can avail of lots of advantages. The first, and most obvious, is the relative cost – contracting a managed security service usually costs less than investing in personnel, software, and hardware.
  • The second advantage is related to the capturing of talented staff. Currently there is a shortage of personnel that are specialized in cybersecurity and this puts a stress on IT departments to keep a quota of trained and competent staff members. Being equipped with a dedicated team to take on these tasks can be a strain for some businesses, but is rather feasible for managed security providers. By externalizing these tasks, a company con focus its attention on more critical aspects of the business.
  • These services also allow for a round-the-clock monitoring, which is something that most businesses can’t provide, being restricted to the typical working hours that are in place.
  • We can also observe advantages in terms of the efficiency in which the security providers work – it’s hard for an organization to follow up on all new threats and potential vulnerabilities as they arise, just as it is to up to date with norms and security tools. All of this is while security providers are in contact with international experts which strengthens their know-how and their ability to react. What’s more, because many of them have had the chance to work side-by-side with law enforcement agencies means that they have an advantage when it comes to completing forensic analysis in court cases.

Adaptive Defense as a managed security service

With all that has been mentioned in mind, Panda Security has decided to offer its very own self-managed security solution, Adaptive Defense. Thanks to the latest cloud computing technologies (based on Machine Learning techniques and Big Data) developed by Panda, Adaptive Defense is capable of automatically classifying all running applications on the system without the need for any user intervention.

Adaptive Defense is also a solution that has zero impact on the customer’s infrastructure. This is due to it being a service that is operated from a centralized web console that allows for the securing of Windows workstations, servers, cell phones, and remote offices.

The post The advantages of having a managed security service appeared first on MediaCenter Panda Security.

Panda Security

Caution! Your smartwatch could reveal what you’re doing on your computer

smartwatch

In case you didn’t know it, according to the latest report issued by the International Data Corporation, sales of smartwatches have increased by 200% during the first quarter of this year, resulting in over 11 million units sold.

Not only do these gadgets attract consumers, but they are also getting the attention of cybercriminals. We’ve already warned you on a few occasions of the vulnerabilities of smartwatches, but a group of investigators from the University of Illinois have just uncovered a new security risk posed by these devices. They have shown that it is possible to use them to detect the information that someone enters into a computer.

Knowing which letters are being keyed in by the owner of a smartwatch could help cybercriminals to discover passwords without needing direct access to your computer.

It also isn’t even necessary to alter any of the settings on the watch or modify it in any way, the American experts were able to do it using an application that they developed. The tool they used captures all of the information obtained by the different sensors that the device is connected to.

With information from the accelerometer and the gyroscope, the app registers the movement of the hands and fingers on the keyboard. What’s more, the investigators have used the special information to construct a 3D map.

They introduced the information into a software that analyzed the rhythm of the inputs. By using two algorithms they were able to know the exact key that was hit, which allowed them to guess the different letters.

One of them detected the exact moment that the user started to input information on the keyboard and created a temperature map which indicated the keys. The other received the resulting information and analyzed the pauses between inputs, allowing them to calculate the number of letter that were hit by the right hand – as the watch was worn on the left.

So, by using this new mathematical tool as a dictionary, they were able to guess the letters used by the person wearing the smartwatch. The tool is efficient but it still needs to be perfected as it can’t yet detect punctuation or other symbols on the keyboard.

The work of these investigators is included in the Motion Leaks Through Smartwatch Sensors project, financed by the National Science Foundation. “Sensor data from wearable devices will clearly be a double-edged sword,” said Associate Professor Romit Roy Choudhury, who is affiliated with the Coordinated Science Laboratory.

Although the devices allow for the monitoring of information related to health, they could also put at risk the security of private information. According to Choudhury, “the real aim is to know the quantity and nature of the information that can be gotten about individuals”.

In this case it was the investigators that developed the app, but they assure us that any cybercriminal could make a similar one and spread it via platforms such as iTunes or Google Play. Because of this, just like with smartphones, it’s advisable to verify where any app comes from before you download it to your smartwatch.

The post Caution! Your smartwatch could reveal what you’re doing on your computer appeared first on MediaCenter Panda Security.