Category Archives: Panda Security

Panda Security

Panda Security

Beware of the ‘Game of 72’! Your child might be involved in this ‘game’!

children computer

There is a new game circulating in social networks and it is becoming dangerously viral, it is terrorizing parents and it could jeopardize children’s safety. Dubbed ‘Game of 72’ its alleged rules are simple: when teenagers are challenged they have to disappear without a word for 3 days.

The winner is who creates the greater hysteria among the adults around him. Meanwhile, the youngster has to avoid contacting anyone during those long 72 hours.

Police worldwide has warned of this dangerous game existence, which allegedly travels around social media and which would have originated with the disappearance of a 13-year-old French girl, who went missing for three days and after being found safe, she said that she had taken on a social media dare.

To this day, there is no evidence of this game really being played. According to the authorities investigating the disappearance of the French girl, she most likely made up the existence of the game to protect the person with whom she had disappeared.

However, hoax or true, this ‘game’ could be understood by youngsters as true and might trigger a boom of real cases of teenagers playing to disappear. Either way, the ‘Game of 72’ or its spreading hoax could become one of the many dangers teenagers face on social media, as are sextortion or cyberbullying.

Parents have to try to avoid this kind of situations or at least to minimize their children’s risk in their journey through social networks. This can be done by educating children on the responsible use of these platforms.

How to educate children on the responsible use of social media

  • Control, as far as possible, the sites they visit, by checking the browser history. In addition, there are browsers for children that block inappropriate content.
  • Allow them to have their own profile on social networks, when they are old enough. According to the Spanish law, you have to be at least 14 years old, though it is really simple to do it before, they just have to lie about their age. We must be on the lookout and make them comply with the minimum age.

girl mac

  • Initiate them into the privacy world: while adults know more or less what we can share online when it comes to personal information, children have to learn where to draw the line.
  • Have your own profile on the social network your children visits. Monitor their actions on the networks can be done not only from a computer screen.
  • Try to spend some time with them while they are on the computer, is a good way of knowing what they usually do on social networks. We must talk with them and explain them the dangers of the Internet.

The fact that the ‘Game of 72’ may be a hoax doesn’t mean that social networks are a safe place. If not an absurd challenge to vanish for 72 hours, there are others dangers lurking on the world of social platforms. That’s why, we should educate our children as soon as possible and monitor, as far as possible, their Internet activity could be key to avoid greater evils.

The post Beware of the ‘Game of 72’! Your child might be involved in this ‘game’! appeared first on MediaCenter Panda Security.

Panda Security

According to PC Magazine Panda FREE is the best free antivirus for 2015

We bring you more great news! If a week ago we told you that we had achieved 100% detention rate according to AV-Comparatives, now we want to share with you that PC Magazine has listed Panda FREE as the best free antivirus for 2015.

best free antivirus

They highlight how easy to use it is, its quick install and that it provides “excellent lab results”.  PC Magazine says the best way of not having malware is to avoid downloading it and points out that Panda FREE has two ways of protecting you against these malicious downloads:

  • Blocking all access to known malicious URLs.
  • Scanning all the files downloaded, and eliminating the malicious ones immediately.

PC Magazine has chosen Panda FREE as their “Editors’ Choice”, and assures that Panda offers the best features of commercial antivirus according them and other independent labs.

Would you like to try the best free antivirus for 2015?

The post According to PC Magazine Panda FREE is the best free antivirus for 2015 appeared first on MediaCenter Panda Security.

Panda Security

How to find your phone – 3 alternatives to the rescue

how to find phone

Have you ever wonder if there is a way of locating your phone in case you lose it or it gets stolen? Well, relax, because the answer is yes! There is a way you can find your phone, how? Here we explain to you three ways of doing it! Keep reading. You have 3 ways of doing it.

How to find your phone

With Panda Mobile Security

Thanks to the mobile and tablet location system in our antivirus for Android, you can recover your device if you lose it!

Panda Mobile Security tracks and displays on a map your lost or stolen tablet or phone so you can find it quickly. You will also be able to block the device and erase all your personal information remotely to prevent others from accessing your most valuable information.

find phone

In addition, our service has an antitheft application that protects the user and ensures the phone’s safety. Panda Mobile Security makes a picture of the user and sends it via email together with the device’s location every time the user fails to enter the password.

If the device runs out of battery, Panda Mobile Security will geo-locate it and save this information, so it can be used later if necessary.

You can also use Google…

To find your Android phone or tablet with Google, you must do it through the site in English, since this feature it is only available in this language.

Once you are in the web site you will only need these three magic words: ‘Find my phone’. This Google search will result in a map, which will display your phone’s location with a precision that may vary a few meters, as the service informs.

In addition, if it is nearby but you still can’t find it, Google can make it ring, even if the device is in silence.

And if you have an Apple device: Find my iPhone

If you are an Apple user and you have lost any of your devices, don’t worry! You can find them with iCloud. Don’t know how, just follow this few steps:

  • Access your iCloud account or use the Find my iPhone app in another device to locate your iPhone, iPad, iPod touch or Mac on a map.
    find my iphone
  • Using Lost Mode you can track your phone, see where it is and where it has been.
  • Once you locate it, you can lock it and send a message with your contact number. So, whoever finds it can call you but can’t access the rest of your information.
  • If you think your device has fallen into the wrong hands, you can remotely erase it and restore your iPhone, iPad, iPod touch or Mac to its original settings.

And last but not least…

Phone locators

When we wrote this article we found lots of webs that offer a series of services which they call ‘phone locators’. But what they actually do is take advantage of those users who have lost their phone or tablet.

So, if we use these web pages, in addition to not finding our cell phone, we will waste our time and money. That is why, we recommend you not to trust any web if it asks you for any kind of financial compensation or personal information!

The best thing you can do to find your cell phone is to use official services like iCloud, Google or the feature included in our antivirus for Android.

The post How to find your phone – 3 alternatives to the rescue appeared first on MediaCenter Panda Security.

Panda Security

Venom: the security vulnerability in your floppy drive

venom snake

A new security vulnerability is putting at risk computers all over the world.

It is called “Venom” and the most odd thing is that exploits a vulnerability in something that almost no one uses anymore: the floppy drive.

The bug itself is quite dangerous as it allows the owner of a virtual machine to execute code in the host machine and from there move on to the network.

In other words, Venom takes advantage from a vulnerability in the virtual floppy drive controller to enter the system and obtain root privileges, as high as possible, not only of that machine in particular but also for all those connected to the same network.

The chart published in the web page created to gather information about Venom explains it very well.

venom vulnerability

The greater risk is that this vulnerability enables the cybercriminal to access the host system through his virtual machine. Once he is inside the physical machine, he will be able to access any virtual machine running in this system.

If you want to prevent Venom, you can download the already published patches here.

We will keep you updated!

The post Venom: the security vulnerability in your floppy drive appeared first on MediaCenter Panda Security.

Panda Security

Try our Beta and win 200€ on Amazon!

2016 beta contest

Today we are launching our Panda Security 2016 rage beta!

And we will like to ask you for your help! We will love if you could use it, have a look around and give us some feedback! We will appreciate your ideas, comments, and suggestions on what you liked best and, especially, what could be improved.

For a chance to win a 200€ Amazon Gift Card! Among the most useful comments we will give away not one, but 9 gift cards!

How to enter this giveaway? Through our channels in Facebook, Twitter (using the hashtag #PandaBeta), Google+ or by leaving a comment on this article.

Panda Security 2016 Beta Contest

What do you have to do? Download our beta and give us your opinion.

Dates: from May 19 to June 9.

How? Through our official channels.

banner en

The post Try our Beta and win 200€ on Amazon! appeared first on MediaCenter Panda Security.

Panda Security

Panda Security Uncovers Ongoing Attack Against Oil Tankers

Panda Security has released “Operation Oil Tanker: The Phantom Menace”, a groundbreaking report that details a malicious and largely unknown targeted attack on oil tankers.

First discovered by Panda Security in January 2014, the ongoing attack on oil cargos began in August 2013, and is designed to steal information and credentials for defrauding oil brokers.

Despite having been comprised by this cyber-attack, which Panda has dubbed “The Phantom Menace”, none of the dozens of affected companies have been willing to report the invasion and risk global attention for vulnerabilities in their IT security networks.

“The Phantom Menace” is one of the most unique attacks that PandaLabs has discovered. No antivirus engine was able to detect it when first triggered, primarily because the attackers used legitimate tools in conjunction with a number of self-made scripts to bypass any warnings that traditional AV software would detect. It was only discovered when a secretary opened a nonspecific attachment to an email – a type of file that Panda Security would later identify among ten different companies in the oil and gas maritime transportation sector.

“Initially this looked like an average non-targeted attack. Once we dug deeper, though, it became clear that this was a systematic, targeted attack against a specific sector in the oil industry,” said Luis Corrons, PandaLabs Technical Director of Panda Security, and report author. “We can limit the impact of this potentially catastrophic cyber-attack, but only if the victimized companies are willing to come forward”.

oil tanker, attack, phantom

Identifying the source of a cyber-attack is tremendously challenging

In most cases, identifying the source of a cyber-attack is tremendously challenging. Once discovered, however, “The Phantom Menace” had a telling weak spot: the FTP connection used to send out the stolen credentials. Through the FTP connection, PandaLabs was able to identify both an email address and name.

Panda Security stands ready to identify the individual to authorities, but without any credible reports being volunteered by the alleged victims, the authorities are unable to launch their investigations or make any arrests.

Panda Security hopes the release of its report will shed light on the potential damage of “The Phantom Menace” and encourage companies to take the necessary steps against the perpetrator.

To read “Operation ‘Oil Tanker: The Phantom Menace”, please visit here.

The post Panda Security Uncovers Ongoing Attack Against Oil Tankers appeared first on MediaCenter Panda Security.

Panda Security

The Chief Financial Officer as the new guarantor of corporate cybersecurity

cfo

Technology has for a long time been out of the laboratories and has held, in its own right, a position in the companies’ executive committees. The transformation that ‘digital technology’ is injecting into all types of organizations requires that the top-level executives understand the basis of this new era.  According to Gartner’s report “2014 Gartner Financial Executives International Technology CFO Study”, CFOs must be prepared for this trend as they have an increasingly important role in IT decision-making. It also stated that 30 percent of the CFOs interviewed (almost 40 percent if we talk about SMBs) claimed they took these decisions, compared with 24 percent in 2013.  If there is an area where they should pay special attention, this is without doubt that of information security.

No, cybersecurity is no longer the sole responsibility of IT managers. Nor is it that of the security managers, who often report to the former. CFOs also play a key role in defining the organization’s strategy regarding this subject.  Until now their only duty in the ICT area was to control the department’s budget and assess, together with the CIO, in which security solution they should invest and whether they should increase this in one sense or another. And above all, they must know how to act to protect their organization against the ever increasing risks appearing in the market, ranging from an infection caused by one of the multiple existing malwares, now operating in any platform, to an advanced persistent threat, amongst others. For this reason it is essential that the CFO works closely with the CIO on the development of a security plan which integrates perfectly into the company’s business model and its operations, as well as into its relationship with its employees and shareholders, and that it safeguards the brand and the corporate reputation.

From cost controller to evangelist

How should the XXI Century CFO act?  Experts recommend someone capable of analyzing along with the CIO, the value and vulnerabilities which come with the use of IT and who knows how the company should act when attacked, because it is now practically impossible to prevent ever more sophisticated security incidents. What one needs to know is how to minimize their impact.

On the other hand, the Chief Financial Officer must realize that these types of attacks directly impact on the company’s business and its market value.  This is pointed out in the report “The Value Killers Revisited: A risk management study” by Deloitte, which states that the issues that ‘kill’ this value are not only limited to factors such as the recent credit and euro crisis experienced by the market or M&A transactions, but also include others like cyberattacks, which nowadays are unfortunately very common, as has been seen with recent notorious cases (the Sony Pictures case is only one of many).

Therefore the inclusion of cybersecurity with the issues to be addressed in the risk committees and audits in which they participate is an obligation for CFO’s today, and they should bear in mind which of the company’s assets need the greatest protection in order to guarantee the continuity of the business.  Additionally they must participate in the development of a contingency plan for a possible cybersecurity incident and be certain that they know what to do, as should the CIO and the other members of the Executive Committee.  It is advisable that companies organize simulated attacks to ensure that everyone responsible is prepared should a high range cyberattack really occur.

The Chief Financial Officer should also explain to the managers the risks implicit within the new digital scenario pointing out the most dangerous players, and also assess which methods, technology and human resources are the  most appropriate to combat them. According to experts, one area on which they should concentrate is to have monitoring systems which facilitate the rapid identification of attacks in real time in order to respond with greater agility. It is necessary to anticipate these situations as much as possible. Today, for instance, it is unthinkable that customers are the ones who have to report a possible fraud related to the services offered by the company. The company must act as quickly as possible and be proactive rather than reactive if a security breach occurs, and have their communication and performance strategy already prepared for customers and third parties who may be affected.

Obviously all the above does not mean that from now on the CFO has to lead exclusively the cybersecurity initiatives in his organization. But he does have to start participating more actively and evangelizing about the importance of data security and about the policies to protect them within the Executive Committee. In short, companies (and also society) are now so digital that is simply impossible for its top executives, including the CFO, to ignore the risks and threats which the new scenario entails and which steps are the most appropriate to solve the problem.

The post The Chief Financial Officer as the new guarantor of corporate cybersecurity appeared first on MediaCenter Panda Security.

Panda Security

Panda Security reached 100% protection rate in AV-Comparatives’ tests

We have great news! Panda Security has obtained excellent results in April’s Real World Protection Test! And we are not the ones that say it! ;)

According to AV-Comparatives, we have achieved 100% detection rate in the tests conducted by this independent institute with a worldwide reputation.

av comparatives april

These results can only confirm the great results provided by the XMT™ scan engine, which is now included in all consume products.

Panda Security develops their products in response to the evolution of malware in recent years. Therefore, the XMT™ engine is the most effective response against threats like Cryptolocker and ransomware, of which we have all heard so much about in the last few months.

XMT antivirus

For example, in Spain, people are receiving an email that supposedly comes from the national post service informing you that a package has arrived and you have to collect it. But once you download it, it kidnaps your computer’s and asks you for a ransom if you want it back.

But we are not satisfied with these great results. Our objective is to keep up with the latest threats, so we can build a safer world. Try our free antivirus and enjoy the maximum protection!

The post Panda Security reached 100% protection rate in AV-Comparatives’ tests appeared first on MediaCenter Panda Security.

Panda Security

CryptoLocker: What Is and How to Avoid it

CryptoLocker is a new family of ransomware whose business model (yes, malware is a business to some!) is based on extorting money from users. This continues the trend started by another infamous piece of malware which also extorts its victims, the so-called ‘Police Virus’, which asks users to pay a ‘fine’ to unlock their computers. However, unlike the Police Virus, CryptoLocker hijacks users’ documents and asks them to pay a ransom (with a time limit to send the payment).

crypto-main

Malware installation

CryptoLocker uses social engineering techniques to trick the user into running it. More specifically, the victim receives an email with a password-protected ZIP file purporting to be from a logistics company.

The Trojan gets run when the user opens the attached ZIP file, by entering the password included in the message, and attempts to open the PDF it contains. CryptoLocker takes advantage of Windows’ default behavior of hiding the extension from file names to disguise the real .EXE extension of the malicious file.

As soon as the victim runs it, the Trojan goes memory resident on the computer and takes the following actions:

  • Saves itself to a folder in the user’s profile (AppData, LocalAppData).
  • Adds a key to the registry to make sure it runs every time the computer starts up.
  • Spawns two processes of itself: One is the main process, whereas the other aims to protect the main process against termination.

File encryption

The Trojan generates a random symmetric key for each file it encrypts, and encrypts the file’s content with the AES algorithm, using that key. Then, it encrypts the random key using an asymmetric public-private key encryption algorithm (RSA) and keys of over 1024 bits (we’ve seen samples that used 2048-bit keys), and adds it to the encrypted file. This way, the Trojan makes sure that only the owner of the private RSA key can obtain the random key used to encrypt the file. Also, as the computer files are overwritten, it is impossible to retrieve them using forensic methods.

Once run, the first thing the Trojan does is obtain the public key (PK) from its C&C server. To find an active C&C server, The Trojan incorporates a domain generation algorithm (DGA) known as ‘Mersenne twister’ to generate random domain names.  This algorithm uses the current date as seed and can generate up to 1,000 different fixed-size domains every day.

crypto code

After the Trojan has downloaded the PK, it saves it inside the following Windows registry key: HKCUSoftwareCryptoLockerPublic Key. Then, it starts encrypting files on the computer’s hard disk and every network drive the infected user has access to.

CryptoLocker doesn’t encrypt every file it finds, but only non-executable files with the extensions included in the malware’s code:

crypto list

Additionally, CryptoLocker logs each file encrypted to the following registry key:

HKEY_CURRENT_USERSoftwareCryptoLockerFiles

When the Trojan finishes encrypting every file that meets the aforementioned conditions, it displays the following message asking the user to make a ransom payment, with a time limit to send the payment before the private key kept by the malware writer is destroyed.

crypto main

 

 

Curiously enough, the malware doesn’t ask users for the same amount of money, but incorporates its own currency conversion table.

crypto table

 

 

How to avoid CryptoLocker

This malware spreads via email by using social engineering techniques. Therefore, our recommendation are:

  • Being particularly wary of emails from senders you don’t know, especially those with attached files.
  • Disabling hidden file extensions in Windows will also help recognize this type of attack.
  • We’d like to remind you of the importance of having a backup system in place for your critical files. This will help mitigate the damage caused not only by malware infections, but hardware problems or any other incidents as well.
  • If you become infected and don’t have a backup copy of your files, our recommendation is not to pay the ransom. That’s NEVER a good solution, as it turns the malware into a highly profitable business model and will contribute to the flourishing of this type of attack.

The post CryptoLocker: What Is and How to Avoid it appeared first on MediaCenter Panda Security.

Panda Security

Windows 10: Use bug-free Android Apps with it!

microsoft smartphone

When Satya Nadella became Microsoft’s CEO, one year ago, he suggested that things were going to change and mobility will be his main focus. Although the company has been trying it for some time now (i.e. when they bought Nokia for over 7.000 million dollars), they have never been able to stand out in the smartphone world.

Their lack of success may be in part because of their operation system uniqueness. While Windows has always been the most popular among desktop computers and laptops, they haven’t been able to win over the smartphone users. Android and iOS have always been one step ahead.

If we look into the applications market we see how the difference increases, the first two platforms are very attractive for a great number of developers, who rarely or never remember Microsoft’s virtual store. However, Microsoft has changed its tactic and now work under the maxim “if you can’t beat them, join them”, adding “and improve their product as much as you can”.

During the recent conference BUILD 2015, the company announced that applications for Android and iOS may be used in Windows tenth operational system, which will be launched this summer. The projects Islandwood (for Apple’s operational system) and Astoria (for Android) allow this translation, providing the necessary means.

Developers will have at their disposal a “universal platform”. This tool includes a complete kit to port the code written in Java for Android apps and in Apple’s language, Objective C.

windows iphone

But Microsoft wants to go one step further, they are also committed to safety. Not only will you be able to use the applications that were before just available in other phones, but also they assure they won’t fill up your device with malware.

Because if Google Play is full of all kinds and origins of tools, it is also full of virus and vulnerabilities that threaten your data. We have explained in other posts the many malicious apps in the platform and about security holes in Apple’s operating system.

Microsoft knows well Apple’s disadvantages and doesn’t want them in Windows 10. That’s why, together with the two previous mentioned projects, they are offering the possibility of eliminating the bugs from the apps before they are in Window’s operating system.

With this same ‘universal’ tool developers can analyze their apps for malware and then get rid of it. But the tests don’t end here, once the programs are ready they will have to go through a review team that will give them a final approval before publishing it in the store.

Within this group there are security experts that will analyze again the tools and will exclude the newly arrived that hide some kind of malicious software in their code.

It seems that Microsoft is stepping up in security matters, though we will have to wait some months until we can prove if their initiative stand out over the efforts of its competitors. If they fail to keep their promises, Windows platform will become a den of bugs fed from several fronts.

The post Windows 10: Use bug-free Android Apps with it! appeared first on MediaCenter Panda Security.