Category Archives: Panda Security

Panda Security

Panda Security

How ‘open source’ has made Linux a secure operating system for companies

penguin linux

Perhaps is not the most common operating system on the users’ computers, but for companies there is no other like it. To be exact, there isn’t a safest one. Linux, corporations around the world rely on this operating system to run their servers.

According to the latest study by the Linux Foundation on the operating system most used in the corporate world, 75% of the companies rely on the software created by Linus Torvalds for their servers. The reason? Safety. Almost 80% of the companies that use Linux, think that it is the most reliable operating system.

If we look pass the numbers, it is very significant that places like NASA, CERN or even Google have chosen Linux as their operating system. ‘Open source’ to power, a security token in your company.

Death to vulnerabilities on Linux

It all started in 2007, when an employee of Linus Torvalds set out to eliminate the operating system’s vulnerabilities and errors. His name is Andrew Morton and in an interview he admitted that “I would like to see people spend more time fixing bugs and less time on new features”.

This way, Morton’s obsession for the last eight years has been no other than solving Linux errors. During all this time, the operating system’s code has grown several million code lines, within which there were thousands of patches and, of course, new features.

Linux

This obsession, together with the work of a large group of developers who have collaborated with the project which Torvalds started in the early 90s, has made Linux an operating system safer that most, both commercial and open source.

The quality standard for safety in a commercial operating system is usually a defect for every thousand code lines. Linux beat this with 0.55 errors per thousand lines in July last year.

One of the keys, ‘Open source’

Precisely its openness is what lies behind the security in Linux’s code. With more than four thousand developers contributing to the latest project version, there is an army of eyes looking through the ins and outs of the operating system, searching for bugs and potential vulnerabilities.

That’s what Linux can teach the rest of the operating systems. The community behind it constantly maintains its source code. Its members can detect vulnerabilities in the code lines and eliminate them. This is something unthinkable in operating systems like Windows, when any vulnerability found in the company’s software has to wait for a patch from Microsoft.

windows

That’s way many companies breathe at ease with Linux in their computers and servers. Nevertheless, having an army of machines operating with the system created by Torvalds is not synonymous with absolute relief.

In fact, that is another key of Linux’s success when talking about security, corporations that use ‘open source’ operating system have an eye on Linux’s code and raise the alarm as soon as a vulnerably is detected, so the developer’s community can fix it right away.

Your company’s security will increase when using Linux, yes, but its use entails a slight responsibility. We must not forget that there is nothing completely safe and that any vulnerability can jeopardize the company’s entire information.

Having computers running with Linux doesn’t mean we should forget about safety, actually it means that we should be on the lookout for possible system failures.

So, if in your company you have servers or work stations running with Linux operating system, you can protect them with our antivirus for Linux, Endpoint or Endpoint Plus.

The post How ‘open source’ has made Linux a secure operating system for companies appeared first on MediaCenter Panda Security.

Panda Security

Tinder, the app where you can have your heart stolen, but also your information and your pictures

tinder contact

To find a ‘match’ in Tinder we have to share personal information with other users. If you don’t have at least one picture and you don’t describe yourself a bit, how will anyone know if they are interested in you? The same happens when you visit other profiles.

However, each person can decide what to make public and what not. At least in theory, because a recent study by the University of South Australia questions the privacy of the eight most popular dating apps in Google Play, including Tinder and Grindr.

The research done by these computer security experts shows how easy is to access the data stored in these tools (hidden from the rest of the community), as email addresses and private messages exchanged with other users.

The first thing they did was to create a fake profile on each of the dating apps and from a cell phone try to steal other users’ information. They became cyber thieves for research purposes intercepting the network’s traffic data and tracking the apps supposedly private directory.

For major concern, they discovered that all these apps had huge security gaps which made them vulnerable to these kinds of attacks, achieving their goal: they obtained personal information of many profiles and saved it in their phone.

tinder match

In Tinder, which has over 50 million customers, they stole the pictures of all the profiles they visited with their fake account. In addition, they obtained their Facebook ID (a different sequence of numbers and letters assigned to each person), and with it they were able to identify every one of the accounts in the social network and access them.

If we take a look at Grindr, the findings are even more alarming. The research team amassed amounts of personal information of the different users they had visited with their fake account; from their birthdate to the distance between them and the owner of the last profile they viewed, through a complete record of all sent and received emails and their email account.

In light of the results, the authors warn us to be careful with the applications we choose for meeting people. They also recommend developers to add more strict security measures to prevent attacks, like the ones the researchers performed without many difficulties.

In addition, they claim that the cell phone is the cybercriminals’ main target: most users, regardless of their age and sex, have one. In them we store personal information which not even friends or family know.

This is not the first time a research questions Tinder’s security level. In 2013, another research team founded that is possible to know the longitude and latitude where a user is due to another vulnerability in the tool.

The post Tinder, the app where you can have your heart stolen, but also your information and your pictures appeared first on MediaCenter Panda Security.

Panda Security

The Police Virus strikes again! Android systems attacked!

The Spanish Police has warned of the reappearance of the Police Virus for Android.

Here we explain you how can they attack your cell phone, and what can you do to protect it!

android virus police

*** Posted June 2, 2014

A few days ago a new Android malware showed up, Android/Koler.A. It was in the news as it was actually a Police Virus / ransomware attack, similar to the ones we have seen in Windows computers, but this time it was targeting mobile phones.

Although in this case this piece of malware cannot encrypt any of the phone data, it is nasty and it is really difficult to get rid of it (without antivirus for Android), as the warning message is always on top and the user has only a few seconds to try to uninstall it.

While we were studying it, we found a new variant exactly the same as the first one but this one was connecting to a different server, in order to download the proper warning. And this server was still up… It turns out that the cybercriminals made a small mistake configuring it and left the door half-opened  Sadly, we could not get access to all the information there (there was a mysql database with all the payments, infections, etc. that we couldn’t reach ) but still we were able to download some files from the server and take a look at how it works.

I won’t go into details about the mistake they made to leave that door half-opened, as of course we do not want to help them ;)

Unsurprisingly, the way it works from the server side is really similar to the ones targeting Windows and that we have seen in the past: a number of scripts to geolocalize the device and show the message in the local language and with the images of local law enforcement. It saves information from all infected devices in the database and it takes the IMEI number of the mobile phone, adding the MD5 of the malware that is infecting the device. Doing this they can track the number of infections per malware variant and measure the success of their different infection campaigns.

This Trojan is targeting users from 31 different countries from all around the world; 23 of them are Europeans:
Austria, Belgium, Czech Republic, Germany, Denmark, Finland, France, Greece, Hungary, Ireland, Italy, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, Slovenia, Slovakia and United Kingdom.

Users from these countries are also being targeted: Australia, Bolivia, Canada, Ecuador, Mexico, New Zealand, Turkey and United States of America.

What if you have already been infected?

Well, probably you won’t have an antivirus installed in your phone, which makes the clean up a bit difficult. The “infection” screen will be on top of everything, and this malware also disables the Back key. However the Home button will still work, so you can give it a try, push the Home buttom, go to the App menu and uninstall the malicious app:

Android ransomware

 

The bad news is that you will only have 5 seconds to do this, as the warning screens pops up every 5 seconds. What can you do then? Well, you just need to restart your phone in “safe mode“. Depending on the mobile phone you have, it can be made in different ways. Those running pure Android versions (Nexus, Motorola) only need to go to the shutdown menu and press for a couple of seconds on shutdown, until the following message shows up:

reboot mode

 

Click OK, and once the phone is restarted you can uninstall the malicious app. To go back to normal just restart the phone in the usual way. If you are using a phone with a custom Android version (Samsung, etc.), you can easily use Google to find out how it is done in your device.

We managed to grab the ransom message screens for every country, where you can find a number of known people, such as the Obama (president of the United States), François Hollande (president of France), Queen Elisabeth… It was also funny to see in the US one that they mention Mandiant (the company who showed up how China had in their army a cyber-espionage unit).

The post The Police Virus strikes again! Android systems attacked! appeared first on MediaCenter Panda Security.

Panda Security

Watch out! A simple Arabic text message can crash your iPhone!

iphone 6 plus

Do you have an iPhone? Yes? Well, then the following news may be of interest to you!

A new security flaw has been discovered in iOS, Apple’s operating system. This vulnerability affects iPhones running iOS version 8.3, although other versions could also be affected.

According to the BBC, a specially crafted text message can cause vulnerable devices to crash and reboot. More precisely, the malicious message, containing Arabic characters, causes iMessage to crash and the iPhone to reboot.

sms iphone

Apple is aware of the issue and has announced they will make a fix available in a software update. We’ll keep you updated with any new developments!

The post Watch out! A simple Arabic text message can crash your iPhone! appeared first on MediaCenter Panda Security.

Panda Security

Panda Security detects over 225,000 new malware strains per day in the first quarter of the year

PandaLabs, Panda Security‘s antil-malware laboratory, today published its Quarterly Report for Q1, analyzing the IT security events and incidents from January through March 2015. The multinational security vendor detected over 225,000 new malware strains per day in the first quarter of the year,  with peaks reaching 500,000. This record-breaking figure represents a 40 percent increase over Q1 2014, and is well above the average for the entire year, which stood at approximately 205,000 new malware samples per day.

As is usually the case, most of these specimens were variants of known malware conveniently modified by virus writers to evade detection by antivirus laboratories. Trojans continued to be the most common threat type, representing 72.75 percent of all new malware, and the main source of infections (76.05 percent of the total).

CryptoLocker remains the biggest threat

The first months of the year were dominated by ransomware attacks, especially CryptoLocker, and it is safe to say that ransomware has become cyber-criminals’ preferred method to make money from companies’ stolen information.

That was the case with ten companies in the oil and gas maritime transportation sector, which fell victim to this type of attack, as revealed by Panda Security in a report on a hacking campaign dubbed “Operation Oil Tanker: The Phantom Menace” which targeted oil tankers.

“In this particular case, the attackers didn’t use any kind of malware, but legitimate files executed recurrently,”  explained Luis Corrons, Technical Director of PandaLabs at Panda Security.

Other popular attack methods exploited over the past quarter include social networks scams and mobile malware. One of the most notable scams made use of a fake $500 Zara gift card giveaway on Facebook to trick users. The scam spread like wildfire. In just a few hours over 5,000 people had joined the event, and more than 124,000 invites had been sent out.

Meanwhile, Android was in the bullseye for mobile malware attacks more than ever, this time through malicious SMS messages.

malware, pandalabs, report

China tops list of infections per country

The average number of infected PCs across the globe stands at 36.51 percent, up more than six percentage points compared to 2014. China once again led this ranking (48.01 percent of infected PCs), followed by Turkey (43.33 percent) and Peru (42.18 percent).

The list of least infected countries is dominated by European countries, the top one being Norway (22.07 percent of infected PCs). Other countries with a malware infection rate below the worldwide average include Denmark (28.18 percent), Finland (28.59 percent), Venezuela (33.35 percent) and USA (34.03 percent), among others.

“We must never forget that cyber-criminals’ sole motivation is money and information, and as our lives become more digital, we are more exposed to cyber-threats. This year we can expect to see more ransomware attacks, as well as new scams spreading through social media and mobile applications”, concluded Corrons.

The full report is available here.

The post Panda Security detects over 225,000 new malware strains per day in the first quarter of the year appeared first on MediaCenter Panda Security.

Panda Security

The safe mobile company, a fantasy?

mobile

Mobile companies are now a reality. Nobody doubts that accessing corporate applications through smartphones and / or tablets is not only convenient but also necessary, for increasing productivity to levels which were thought impossible until a few years ago. In addition, the demand by workers, employees and companies’ suppliers for access to the organizations’ mobile satellite systems, applications and certain data, is imperative. The problem, however, is that the boom in mobility has also brought certain risks which many companies are not yet aware of.

A company is not secure anymore if it only limits itself to protecting the traditional organizational perimeter.  It is no longer enough to have firewalls, threat management solutions, antispam and content filtering. Now it is necessary to protect access and not only from a PC. So it is essential to have a real strategy and best practice regarding the use of mobility in the company:  a strategy that in addition to ensuring the safety of the devices also incorporates other elements such as the protection of data and applications with which the mobile users interact. In addition, this strategy must be compatible with another requirement: that it does not interfere, in any way with the agility and entrepreneurial dynamism which the use of mobile devices provides.

Secure devices and encrypted communications

One of the first requirements to be included in any mobile security strategy is to protect mobile devices with antimalware security software. Yes, malicious software attacks not only the operating systems of traditional desktops or laptops. Recently especially Android, Google’s mobile operating system which is the most widespread in the market, and iOS, the Apple platform, have become a focus for cybercriminals. Even so, and despite the evangelization of the leading manufacturers of security software, there are still many companies (as also occurs with users on a personal level) who have not protected their mobile devices with the high risk that this entails. It is an indispensible task to have antivirus software in place and, of course, updated.

Another important aspect, in addition to encrypting communications on mobile devices so that no data can be intercepted, is to use a user authentication device that goes beyond the traditional password. In fact, many mobile devices already allow by default identification by fingerprint and there are even some prototypes which will bring recognition through the iris as standard practice. There is no need, however, to use biometrics.  The use of passwords can also be combined with other means of identification, for example involving the use of email or text messages to the mobile itself, other security tokens, etc. In this respect, organizations should train employees to use the correct identification tools and to know how to act in case of loss or theft of the device.

Beware of third-party software

It should also establish policies that restrict employees from using third party software that may cause risks for companies. There are many professionals who, when installing an app of dubious origin or which, although it seems authentic is in fact an imitation created by cybercriminals, see how their device is attacked and consequently the security of data handled by their organization seriously compromised. Following this line, the consultants, Gartner, advise that jailbreaks on iOS devices and rooting on Android phones should be avoided, these being two practices which give the user administrator privileges with the risks which this involves for companies.

Interestingly, the experts at Gartner claimed in a public study in 2014 that most of the security breaches which will occur on mobile devices in 2017 (up 75%) will be the result of a bad configuration of applications built for these gadgets. An example of this is the misuse of personal cloud services through apps that users of smartphones and tablets have installed. The best defense, they argue, is that the company should install a fixed configuration for this type of device under the umbrella of a management policy for mobile equipment which must be complemented with other tools for data protection.

The consultants also recommend that companies should specify which platforms and operating systems should be used for their mobile devices by their employees and that versions which cannot be updated or supported should be avoided, and that users should be required to register or be certified when entering applications such as virtual corporate email, VPNs, wireless and other shared applications. What is essential, they stress, is that the security team know what types of systems and applications its employees need to access and for what purpose, in order to establish the appropriate controls. Also, mobile devices must be configured to prevent wireless networks that are not safe and users should be recommended to disable the Bluetooth option to avoid unexpected scares.

Controls and audits are highly recommended

Finally, it is also recommended that companies undergo regular audits and controls (at least once a year) to evaluate the quality and robustness of their mobile security policy. It should not be forgotten that security incidents not only entail negative economic repercussions and loss of core assets such as the company’s own data or that relating to customers (or citizens, in the case of government departments) but also damage reputation and image. And to remedy this is just to be more aware of the new realities of today’s organizations, now completely mobile.

The post The safe mobile company, a fantasy? appeared first on MediaCenter Panda Security.

Panda Security

Interview with Diego Navarrete, Panda Security CEO

Panda CEO

January 2015; it has been a year since you arrived at Panda, how has the company changed in the past months?

The company did go through three mayor changes during this time:

The first one, and probably the most important, is return to growth. Results we are achieving now show that the market is responding positively to our approach. This is important because restores our confidence, both towards the market, and also, to all our employees and the work every one of them does.

The second change and, the most visible, is our new corporate image. Mixes the best of the “Panda culture” with the targeted change and reinforcement of the company’s values: people-centric, innovative and non-conformist.

The third is, our investment on the future, the advance security solutions led by Adaptive Defense. Thanks to these we are again innovation leaders in the security industry.

Which are the main strategic objectives set for this year? And for the coming ones?

We have a strategic plan for 2015-2019 based on three pillars:

  1. Technology: with three key opportunities over the next years:
  • Mobility: solutions must be multi device and ensure protection and global coverage.
  • Internet of Things: there are more and more connected devices and therefore more protection and security is needed.
  • Advanced Threats: only solved with massive data analysis in the cloud.
  1. International expansion: our clients are global and mobile and we have to continue being so. We will addressed this in three steps:
  • Complete geographies where we are already strong: Western Europe, Latin America and USA. During 2015 we opened new country partners in those countries in Latin America that had no coverage before, like Panama.
  • Open new markets in emerging countries and economies where we don’t have a strong presence. For example, India or China.
  • Complete the acquisition and conversion of subsidiaries in countries which become important to our business, such as Italy and Denmark, both in the process of incorporation.
  1. Growth,  the necessary proof that we are doing a good job, also with three key areas:
  • Maintain the organic growth of the current product portfolio.
  • Continue with the improvement and growth ratio in our Web offer.
  • Prove that Adaptive Defense gives the expected results.

Diego Navarrete

The company’s profits are distributed almost 50% between retail products and corporative products, will this trend continue?

Device protection nurtures of the same base technology for both markets. We will keep these two lines although it is true that in retail, the margins are narrowing and in corporate, especially with Advanced Threats protection, clients’ investments are increasing significantly.

Three reasons why Panda is a global company.
  • Because 85% of our business is outside Spain.
  • Because 50% of our employees are outside Spain (HQ).
  • Because cyber-attacks are global and so is their defense.
Which are the most important threats in cyber security users might face? And companies?

For the user the most serious is still the theft of personal information and the use of that data for criminal purposes.

In the corporate field, we cannot forget that the jewel in the companies crown are also their information and applications. However, they have also other requirements set by the industry for which they have to comply with general and industry specific regulation.

How do you see the market? Does it tend to free products?

The power has clearly shifted from the organizations to the individual. The best way of convincing him of the value of your solutions is for him to try them first and then, if he likes them and they add value, he will pay for them.

In the corporate market there have always been pilots and free trials. Now is the individual who has the possibility of trying the service before purchasing it.

I like this model because it forces us to improve and think continuously about the user experience.

At Panda we talk about the ‘Internet of Things’, ‘Big Data’, ‘Cloud Computing’, mobility. What role plays security here?

Panda has been working with Cloud and Big Data since 2007, a fortress and at the same time a necessity because the number of attacks multiplies every year. To analyze 225.000 malware samples that arrive daily to our servers we need to benefit from this technology. In addition, the Cloud allows us to give almost instantly and in real time solution to these security problems.

After visiting subsidiaries and country partners, how do you think Panda is perceived thorough the world?

As a company with great technology, close to the user, which is going through a transformation moment.

Something you are proud of?

I am very proud of two things: the decision I made 15 months ago, when I decided to join this project, and the human team I have come across.

And finally, why Panda?

Because we are reinventing ourselves and at the same time we are reinventing the industry, because we develop innovative and of the future technology with a clear vocation of service, because is a leader company and it has a fantastic human team.

The post Interview with Diego Navarrete, Panda Security CEO appeared first on MediaCenter Panda Security.

Panda Security

Scams have arrived on Instagram, watch out!

For several days now we have been seeing many brands promoting their Instagram accounts with contests and giveaways. But sadly, once again, this is a scam! The Spanish National Police has warned about it through their Twitter account.

The alleged prize are gift brochures to spend on these clothes shops. To be able to win them you just have to follow that account and share it in your Instagram account.

michael kors instagram

Tips to help you distinguish a fake Instagram account from an official one

  • Check its description
  • See if it has publications
  • Confirm the accounts it follows

Here you can see some examples:

springfiel instagram oficialspringfiel instagram falsa

Despite having seen this scam in Spain, we wanted you all to know, because we can find examples of these scams all over the world, so please be cautious, there is not such thing as a free lunch!

The post Scams have arrived on Instagram, watch out! appeared first on MediaCenter Panda Security.

Panda Security

Smart Lock: Enjoy your unlocked phone while you are in a ‘trusted’ place

smartlock android

We already know the importance of choosing well our passwords. In addition, if we want to do anything on our cellphone we have to follow this steps: enter our PIN, our code or pattern we have set to unlock the screen… something we are continuously doing as the phone locks itself every two seconds to save battery.

As far as security is concerned, laziness makes for a poor counselor, but sometimes all these boring actions are too much. We do not face the same risks at home watching TV than when we are walking on the street, at a bar or at any other place.

That is why, Google’s new initiative seems logical: Android versions 5+ (Lollipop) allows you to distinguish between what you consider safe locations and which pose a risk.

But, the operating system does not detect the danger itself (we haven’t reached that point yet), you have to indicate it. Something similar to what happens when your computer connects to a new wireless network and Windows asks you if it is a public access point, your work or your home. The difference is that when using Android, there are no warning pops-up reminding you to change the configuration.

Once the place is specify, the phone will recognize via GPS if you are actually there or not, and will activate or deactivate the feature that asks you to enter your PIN to unlock the screen.

If you pinpoint your home as a safe place, for your convenience this option will be disabled whenever you are inside, so you won’t have to continuously enter the code. On the contrary, as soon as you leave the perimeter, it will automatically activate and restore the protection standards.

If you want to start using the system, go to “Settings”, then to “Security”. Once deployed the tab, go to “Trusted agents” and there you tap on “Smart Lock”, to enable it.

Smartlock mobile

Then you just have to select your trusted locations and add them to “Trusted places”. To add a place, the phone asks for an address or location to find it in Google Maps.

Each time you want to change these options, you will have to enter the password, PIN or the pattern you chose to unlock the device, this is a security measure which prevents someone unauthorized from making changes.

Despite that the option is useful and that it saves us from wasting time locking and unlocking our phone, setting it up has some implications. The most important is that the screen lock not only disappears while you are in a trusted place, but also for 80 meters around. ‘Google Lock’ can be an advantage, if you use it wisely.

The post Smart Lock: Enjoy your unlocked phone while you are in a ‘trusted’ place appeared first on MediaCenter Panda Security.

Panda Security

More protection in the Beta version of Global Protection 2016

Panda Security announces the beta version of Panda Global Protection 2016, with a more powerful and lighter detection engine. In addition, this version includes Wi-Fi protection and offers recommendations for safeguarding the network from intruders. It also optimizes the PC by deleting unnecessary files and controlling the programs run at startup.

Panda’s new edition of its cross-platform solution for the consumer market also includes compatibility with Windows 10, and enhanced capabilities that make it an easier and more functional product for the user.

Designed to be flexible and intuitive to use, this new version gives the user easier access to its features.

beta, beta testers, win

Functionality at the service of complete protection

Panda Global Protection 2016 has been specifically designed to provide total and complete protection. In this respect, the new version includes improvements like the data shield and on-demand USB scanning, features that join the vaccine already included in previous versions.

Try the beta version of Panda Global Protection 2016

Beta testers can now take part in the Panda Global Protection 2016 beta. Anyone who wants to can now try the product and give their opinion, collaborating with their comments on how to improve the product. The beta testers who take part in testing this beta version can win €600 and become the “Beta Tester of the Year”.

To download the beta, click here.

Users can also share their opinion on the beta fórum.

The post More protection in the Beta version of Global Protection 2016 appeared first on MediaCenter Panda Security.