Category Archives: Panda Security

Panda Security

Panda Security

What are Advanced Persistent Threats? Interview with Fernando Andrés

files

On several occasions we have discusses the need for effective protection against Advanced Persistent Threats in corporate environments, however, do companies really know what we are talking about? Are they ready to implement such protection?

Fernando Andrés, Global Panda Advanced Protection Service General Manager, helps us clarify the meaning of this concept and explains how Panda Security’s corporate solutions are the best fit for corporate needs.

  • What are Advanced Persistent Threats?

Simply put, I would define them as Threats 3.0. They are the evolution of the threats that have always existed in the digital world, but extremely sophisticated and overwhelming in number. All of them have the following features in common: they are financially motivated, extremely selective and, unfortunately, perfectly capable of bypassing traditional defenses.

  • What are the biggest security threats that companies face today?

Every threat that goes after a company’s most precious asset: sensitive corporate information and any other data that can be easily monetized by attackers, such as credit card data, for example.

  • Adaptive Defense leverages state-of-the-art technologies praised by analysts, customers and partners in the technology industry. What is the solution’s differentiating factor?

The differentiating factor is that Adaptive Defense is capable of stopping and blocking advanced threats. It neutralizes what others cannot as shown to many of our customers.

adaptive defense

This has been possible thanks to the effort of our R+D department, which has pioneered the application of technologies such as Cloud Computing, Big Data and Collective Intelligence to the IT security world. We have developed a service designed to constantly audit network resources, detecting and blocking advanced threats, and ensuring immediate response to computer security incidents.

  • What type of company is Adaptive Defense designed for?

Corporate customers without doubt. Companies of a certain size with sensitive information they need to protect. Our experience shows that Adaptive Defense is best suited for companies with more than 100 employees.

  •  Why should a company install Adaptive Defense?

Because it works. It stops these particularly dangerous threats, protecting businesses.

  • The last few months have been dominated by a particularly destructive malware –CryptoLocker– and Adaptive Defense is the only product that can detect it. How can this type of malware affect a company?

CryptoLocker is designed to blackmail businesses by stealing their most valuable asset: corporate data. CryptoLocker can really sink a company. Would you hire the services of a company which left your personal or financial data exposed?

As I mentioned before, Adaptive Defense provides unique benefits. It has shown its full potential detecting what other vendors can’t detect or detect too late. Unlike other solutions that act reactively when the damage is done, we deliver proactive protection.  This new approach has increased the demand for this type of service, especially among corporate accounts.

The post What are Advanced Persistent Threats? Interview with Fernando Andrés appeared first on MediaCenter Panda Security.

Panda Security

How to secure the files your company stores in the cloud

cloud

Goodbye CD, DVD and pen drive. When you need to share a document with a work colleague or you have to take work home, you no longer need to use physical storage devices: the cloud has everything you need.

Services like Dropbox, Mega or Box have become more popular recently, gradually sending physical storage drives into oblivion.

More specifically, and according to Eurostat, 21 percent of European Union citizens used the cloud as storage space in 2014. In fact, this figure is only the average for EU countries and in some countries, like Denmark and the United Kingdom, the percentage of citizens who use the cloud to store files greatly exceeds 30 percent.

countries in the cloud

There is no doubt that the business world is largely responsible for the growing use of the cloud for storing and sharing files. More convenient than using physical devices and more economical than installing internal servers, the cloud seems to have gotten into our offices too.

The advantages of services like Dropbox are obvious. However, when using virtual storage spaces to store and share your company’s information their security measures could leave much to be desired.

A few months ago, a vulnerability was discovered in Dropbox that disclosed personal files, and at the end of 2014, 7 million passwords for this service were leaked. If the fact that confidential corporate information is one of the main targets of cyber-criminals is added to these serious security flaws, the conclusion is obvious: your company’s files are not completely secure in the cloud.

However, your company does not need to steer clear of these services from fear that a cyber-criminal will steal its document, but you will have to take certain precautions before using them. The key is in passwords, file encryption, two-step verification and the best enterprise antivirus solution.

In this case, Panda Cloud Fusion can protect, manage and provide remote support for all the devices in your company’s network anytime and anywhere.

dropbox

Firstly, it is essential to follow the tips on how to create strong passwords, like any other service. You know: letters, numbers, uppercase, lowercase, a symbol or two and if possible, never use the same password as the one you use for your email, Facebook and other services.

As regards file encryption, some virtual storage services store our documents encrypted. Although Dropbox does not, Mega, the cloud platform of the controversial Kim Dotcom, does encrypt your files. However, nothing is perfect. Mega stores on its servers a copy of the key for decrypting your files, so it is not 100% secure either. One of the best options is for you to encrypt your files before uploading them to the cloud using one of the services that allows you to do this.

Finally, some of these services (like Dropbox or Google Drive) allow you to enable two-step verification of your account. This system combines the password that you choose with a password that the service sends to one of your devices (almost always to your phone in a text message or an app). This adds a second layer of security that makes it difficult for someone to access your account.

The cloud is convenient, yes, but you have to pay attention to security.

The post How to secure the files your company stores in the cloud appeared first on MediaCenter Panda Security.

Panda Security

Systems Management strengthens its capabilities to control all types of devices

Panda Security announces the features of the new version of Systems Management, the cross-platform solution that allows you to manage, monitor and provide support to all types of devices from a web console, inside or outside the network.

The latest version of Systems Management includes new features that allow simple and centralized management. One of its main features is that agents can be installed remotely from the web management console. Once a Systems Management agent has been installed on a device, it will automatically detect network computers that do not have Systems Management in order to install it at a click. Another of its key features is the ability to add individual patches to the policies created, offering greater control in patch management.

Greater security for iOS phones

In addition to the features currently supported on smartphones and tablets, which allow you to carry out a hardware and software inventory, geolocalize them and wipe them remotely; the security of iOS devices can be significantly strengthened by defining the characteristics of the passwords set by the user. Furthermore, functions can be blocked, such as installing games and apps to ensure more productive use of the device and the VPN and Wi-Fi settings of handsets can be configured centrally.

“The new features of Systems Management offer companies simpler management and increase user productivity”, says Manuel Santamaría, Product Manager Director at Panda Security. “All of this results in cost reduction, favouring independence of the IT administrator and providing the best security for the client’s IT network”, he concludes.

Systems Management_ScreenShoot_EN

The post Systems Management strengthens its capabilities to control all types of devices appeared first on MediaCenter Panda Security.

Panda Security

Speaking with Gartner about Advanced Persistent Threats

Advanced Persistent Threat

Despite the continuous and growing investments in computer security –Gartner estimated that in 2013 enterprises spent more than $13 billion on firewalls, intrusion prevention systems, endpoint protection platforms and secure Web gateways–, it is clear that the war against malware is far from being won.

In fact, the consulting firm warns that “All organizations should now assume that they are in a state of continuous compromise” (“Designing an Adaptive Security Architecture for Protection from Advanced Attacks”, February 12, 2014). It is precisely with the aim of informing our customers and users in general of the real danger posed by advanced threats that we offer readers this exclusive newsletter that includes the aforementioned Gartner report.

The subject is really important, as shown by the following data: 85 percent of targeted attacks against businesses go undetected for weeks or more, and 92 percent of incidents are discovered by a third party, according to Verizon’s 2014 Data Breach Investigations Report.

To fight this situation, Panda Security proposes the use of services capable of detecting and combating advanced threats: Panda Advanced Protection Service monitors and controls every application running in an organization. The service, designed for large enterprise customers, consists of an agent installed on every endpoint on the network, a cloud infrastructure, and the constant monitoring and assistance provided by PandaLabs security experts.

The post Speaking with Gartner about Advanced Persistent Threats appeared first on MediaCenter Panda Security.

Panda Security

Dating Apps on your company’s phone. Be careful not to reveal too much personal information!

dating apps people

Your personal life is not incompatible with your professional life, and even less so on your smartphone, a device we use for almost everything these days. People use the same phone for work, social networking and even dating through apps like Tinder.

In principle that shouldn’t be a problem. However, a report published by tech giant IBM shows that this could put personal user information and corporate data at risk.

Tinder is just one of the dozens of dating apps that have recently emerged, and the number of their users grows exponentially.

dating apps play store

IBM’s analysis was based on the 40 most popular dating apps available on Play Store. The company‘s experts concluded that 63 percent of all apps had security flaws and were vulnerable to hacking. Consequently, any criminal that could access any of these applications would be able to obtain not only personal user information but also corporate data.

The study revealed that 73 percent of dating apps had access to GPS location information. With this data, an attacker could track users’ movements and find out where they live, where they work, who they meet and where they spend their spare time.

Additionally, an attacker could take control of a phone’s camera or microphone to access the user’s photographs or calls and gain knowledge of their professional activities, for example.

smartphone GPS

Purchasing and credit card information could also end up in criminal hands. Crooks could also install malware on the device, monitor the user’s activities or even spoof their identity, taking control of their account profiles and acting on their behalf. In an attempt to give users peace of mind, IAC (the parent company of Tinder, Match and OKCupid) promptly denied that any of its apps could be exploited in any of these ways.

IBM’s security experts also analyzed the devices used by employees of different organizations. In this case, researchers found that for 50 percent of enterprises analyzed, employee-installed dating apps had access to professional data.

Apart from presenting these alarming results, the US multinational offered up some tips to users of these apps:

  • Use unique passwords for all your online accounts. Make your passwords complex enough to be secure and, as previously suggested on other occasions, change them regularly.
  • Always apply the latest patches and updates to your apps and devices as soon as they become available. This will fix any identified bugs.
  • Use only trusted Wi-Fi connections when on your dating app.
  • Review app permissions before installing them and after any software upgrade or updates are made. These permissions will indicate the data that the app can access. If they look suspicious, maybe you should just go for another, less dangerous app.

If you yourself use any of these apps don’t be afraid. Check the software’s conditions of use and if you think the app is not trusted, simply uninstall it. You can always leave your phone aside and turn to more traditional methods to find your ‘special one’. ;)

The post Dating Apps on your company’s phone. Be careful not to reveal too much personal information! appeared first on MediaCenter Panda Security.

Panda Security

The largest bank robbery in history

US newspaper The New York Times has published a fascinating news story about what could be the largest bank robbery in history. According to the article, the thieves have stolen at least $300 million but this figure could be triple that amount, reaching almost $1 billion.

In order to carry it out, the thieves used malware to infect employees’ computers, compromise them and give the cyber-criminals access to the internal network. In this way the attackers studied the internal functioning of the bank’s daily routines, so that the transfers they planned to make did not attract any attention and blend in with the normal daily operations.

Today a report will be published that will clarify some of the questions surrounding the attack. I was struck by the way the article begins, with what seems like the beginning of a Hollywood story: an ATM in Kiev started “spitting out” cash without anyone touching it.

The most surprising aspect is not the act itself. A cash machine is just a computer and attacking it so that it can obey commands not given by the bank is perfectly possible. However, if one thing does not make sense, it is that the criminals even bothered to carry out this attack when they are capable of stealing millions of dollars without attracting any attention using transfers.

cashier

The answer to this mystery is simple. It is not a robbery but hundreds of them. Multiple banks from different countries are victims of the attack and in each one they have carried out the attacks that best adjusted to the level of comprise they achieved, according to what they were able to access, etc. In those in which they were able to carry out transfers and send money abroad, that is what they did. If they could not do this but were able to hack the cash machines, they took the money in this way.

Time to get serious

Cyber-criminals have compromised 100 banks in 30 countries. According to the information published so far, some employees received emails that infected their computers with malware. Once a computer has been compromised it is relatively easy –for them at least– to move across the internal network, compromising more computers and gaining access to all of the resources they need. When they had control of the key computer, they installed a Trojan which gave them full access to it.

In the light of the data published, it is clear that the losses that a robbery like this can generate are huge, and it is very noteworthy that an attack of this kind had gone unnoticed for so long (they had been working on it since the end of 2013). The banks I know take security very seriously. I have no doubt that they all had some kind of security solution installed and a team to make sure that it was operating correctly. Neither do I doubt that it was insufficient, although that is easy to say when we have just seen the magnitude of the attack.

What should they do? Is there any way to stop all of these attacks? No system is perfect or 100% attack proof. However, there are some measures that are relatively easy to implement that significantly increase security, preventing attacks like this.

Firstly, in a bank it is very debatable that any employee should be able to install and run (consciously or not) any software that has not been previously approved by the security team. Simply preventing the installation of unauthorized software will eliminate the majority of attacks carried out.

Remember that this attack has been described by a representative of the company investigating it as “one of the most sophisticated attacks the world has seen to date”, and the attackers still needed to send an email and an employee to open it and run the attachment (or click on a link).

You might think that the attack could have used an unknown vulnerability to compromise the computer, which has been done in the past and is perfectly plausible. In this case, simply visiting a website could compromise the computer. However, if you have a system that monitors the behavior of the processes running on each computer, these types of attacks can be detected. If the browser process, for example, downloads and tries to run an unknown program, automatically block it and problem solved.

Some readers could think that if it were that easy all large companies would use this type of system, if not on all computers at least on those that can access critical data and should be well protected. Unfortunately, there are very few solutions of this type on the market. Whitelisting-based applications, which basically only allow known files to be run, are very awkward to use in the day to day and on top of that, once they let a process run (the Internet browser, for example), they do not monitor it.

What is left? Well, from my 16 years of experience in the IT security world I can assure you that it is time to get serious. We must forget about fear and back disruptive technology that allows us to control everything that happens on our networks. They must be flexible enough to give me the option to “lock down” the network and not allow anything unknown to be installed or run, or to be a little more open provided that we have timely information on what is happening in the network.

This set of technologies and services, which we have been working on for more than 2 years, is available with Panda Advance Protection Service.

With the information that I now have on what is the largest bank robbery in history, I can say that if any one of the 100 banks affected had used Panda Advance Protection Service, they would have been protected and the attackers would probably not have been able to steal a penny.

The post The largest bank robbery in history appeared first on MediaCenter Panda Security.

Panda Security

The vulnerable Internet of Things: Security when everything is connected

secure mobile

The Internet of Things is here to stay. Soon, all of our home appliances will be virtually linked. Televisions, clocks, alarms, cars and even fridges will be connected to the Internet and will know almost everything about you to make life easier. Cisco believes that in 2020 there will be more than 50 billion connected devices and a report by the Pew Research Center says that by 2025 we will be used to them knowing our habits.

Despite the advantages that they will offer users, manufacturers and even carriers, there is another group that could benefit from the information we transmit: cyber-criminals. If the Internet is no longer restricted to your computer or phone, and even your fridge knows what you have to buy or your pacemaker informs your hospital of how your heart is beating, a new world of possibilities opens up to cyber-criminals.

The US Federal Trade Commission (FTC) has also raised concerns over the privacy problems related to all devices being connected, and has asked manufacturers to make a special effort not to forget the importance of security. “[The Internet of Things] has the potential to provide enormous benefits for consumers, but it also has significant privacy and security implications,” warned FTC Chairwoman Edith Ramírez during the Consumer Electronics Show.

Ramírez advised connected device manufacturers to adopt three measures to make devices less vulnerable:

  1. Implement security from the design of the device using privacy testing and secure encryption.
  2. Design the device to store only the information it requires.
  3. Be completely transparent to consumers so that they know exactly what data is going to be used and transmitted.

smartphones and computers table

These attacks could have various targets: firstly, to steal specific user data and secondly to cause harm to device manufacturers. Similarly, an intelligence agency could be interested in spying on certain information.  According to experts there are various attacks that could become common:

  • Denial of Service. Paralyzing a service is more serious if all devices are connected.
  • Malware-based attacks. Malicious code can be used to infect hundreds of computers to control a network of smart devices or to put their software in danger.
  • Data breaches. Spying on communications and gathering data on these devices (which could also store data in the cloud) will become another more common attack, compromising our privacy. Both intelligence agencies and private companies with commercial purposes could be interested in gathering information on a specific user.
  • Inadvertent breaches. Our confidential data might not only suffer targeted attacks but could also be lost or accidentally disclosed if the devices do not adequately protect privacy.
  • Security attacks on our homes. The majority of manufacturers of these devices have not considered security necessary and many do not have the mechanisms to correctly protect the data. For example, an attacker could spy on the data of our smart meter.

security on the cloud

To improve security, authentication methods must be adequate, adopting stronger passwords so that both the credentials and the data are correctly encrypted. In addition, security problems could arise in the network. Many devices, such as televisions, connect via Wi-Fi and so manufacturers should adopt strong encryption algorithms. Secondly, special care should be taken with the software and firmware on these devices; they should be able to update and each update must incorporate security mechanisms.

The Internet of Things has many benefits, now it just needs to be completely secure for users.

 

The post The vulnerable Internet of Things: Security when everything is connected appeared first on MediaCenter Panda Security.

Panda Security

10 tips for protecting your privacy when everything seems against it

girl with computer

We are always talking about the dangers that our data often faces in the Internet. Constant leaks and vulnerabilities in the services we use the most seem inevitable. Even platforms and applications we consider harmless suspiciously gather information on their users that do not seem to be closely related to their activity.

There are plenty of warnings, but we are not often told what we should do to keep our data out of the hands of third parties and safe from illicit uses or for which we have not granted our permission. Are we unprotected? We give you a few tips so that you no longer feel completely defenseless.

10 tips for protecting your privacy

  1. Go on a diet and forget about cookies

    These tools, which have installed themselves in our virtual life, gather a lot of data about our habits (searches and pages visited) that is often used to design custom advertising. You can avoid them by using browsers in ‘incognito’ or ‘private’ mode. Another option is to regularly clear your browsing history and cookies.

cookies

  1. Use a virtual private network

    A Virtual Private Network, more commonly known as a VPN, allows you to browse the Internet securely, even when you are connected to a public network. Although they are often associated to being used to hide illegal activities, there is nothing bad about them. On the contrary, it is highly advisable to use them when you do not have a secure connection.

  1. It does not matter where you took that picture

    Sharing the selfie you have just taken on social networks could reveal a lot of data about the device you used and where you are. Perhaps the phone model or camera specifications are not very important but it is a good idea to change the settings so that the exact coordinates of you location do not appear. Here you have how to disable the GPS to the mobile phone camera.

  1. Log out occasionally

    Everyone finds it difficult to remember their password. It is much more convenient and easier to stay logged on to Facebook or Gmail so that you can access them by simply clicking the icon. However, remember that doing this allows these platforms to follow you around the Internet.

  1. Keep your virtual profiles clear

    As happens with pictures, when you update your status in Facebook or send a tweet, you could be giving out your location. Even what you say and when you say it could be analyzed by these platforms.

  1. Create an alert in Google with your name

    Have you ever googled your first name and last name? You probably haven’t found anything strange, but it is recommended to create an alert in the search engine to stay informed about any changes. If a page is talking about you, the browser will send you an email to let you know.

  1. Have various email accounts 

    If, in real life, you do not go to the bank to carry out a financial transaction with the same attitude as when going to a concert, you should do the same in the Internet. Keep important things separate from leisure and hobbies. Open various email accounts to separate work and family issues from your hobbies or Internet shopping. This will prevent all of them from being flooded with spam and a potential intruder will not be able to access all of the information at the same time.

  1. Encrypt documents before saving them to the cloud

    It cannot be denied that storing all types of files in Dropbox or Google Drive has its advantages: you have them all in one place, they do not take up space on your computer and you can access them from any device. However, it also has its dangers. Those responsible for these services could analyze your files and it is not too difficult for cyber-criminals to get a look at them either. The best way of avoiding problems is to encrypt them before saving them on these platforms.dropbox ipod

  1. Nothing is free

    Facebook, Twitter and WhatsApp are free services, like email services. Don’t be fooled. If they are not charging you it is because they are making money in another way, often related to your personal data. They collect information about your preferences and habits in order to give it to other companies. Paying for premium versions or more expensive platforms can often have its advantages, even if these are not financial.

  2. Keep your computer security updated

    To finish, we give you a tip that could sound very obvious but that we often neglect: keep your antivirus software updated and check the security status of your computer. There is lot of spyware around and any barrier is useful for preventing it from attacking your computer without you realizing.

With these simple tips you can save yourself a few upsets. Data leaks, attacks and spoofing are often due to the owners of the information not taking enough precautions. Don’t do the same!

The post 10 tips for protecting your privacy when everything seems against it appeared first on MediaCenter Panda Security.

Panda Security

When cyber-attacks cause physical damage

industry

We are used to hearing about cyber-attacks and the massive damage they cause to those affected. You do not need to go too far back to find some examples, such as the leaking of the photographs of celebrities in a compromising situation last summer or more recently, the mass attack on Sony that leaked several unreleased movies.

The attacks against the integrity and reputation of the production company and celebrities are serious, but we do not often see that the consequences of these crimes result in tangible material damage. Although various cases have been recorded, they have not gone beyond the borders of their countries because they do not have the same public nature as Sony and the Hollywood stars.

While we carefully followed the latest events in the Sony case this Christmas, another event took place in Germany. Just before the holidays, the German government published a report that detailed how a group of cyber-criminals had attacked a steel mill in the country.

The cyber-criminals manipulated the facility’s control systems. When one of the blast furnaces exploded, the detection and extinguishing equipment failed, resulting in massive damage (which is not specified in the document).

The case of Germany is not the first case of a computer attack that resulted in physical damage. Another earlier example is that of Stuxnet, a spy malware that reconfigures industrial systems. It was used by the United States and Israel against Iran at the end of 2007 and the beginning of 2008. They used it to sabotage the centrifuges at a uranium-enrichment plant.

The malware was not discovered until a couple of years later, in 2010. Since then, experts have been warning that something similar could happen again, and perhaps with worse consequences.

Major vulnerabilities have been detected in the equipment and systems that manage not only corporate and industrial facilities but also those that control the power supply of a town,  water treatment plants and even hospitals and government offices.

However, there is some doubt about the veracity of the attack on the German steel mill. The report that attests it, compiled by Germany’s Federal Office for Security Information, says that the cyber-criminals accessed the steel mill’s network and from there, they took control of production and the equipment.

factory

According to the report, the event could have been triggered in two ways: either through an email message carrying hidden malware or a downloaded file that allowed the malware to install itself on a computer. Once it had reached one computer, it was able to spread across the company’s network.

The German office’s report does not refer to the name of the company, when the first attack took place, how long it took for the explosion to occur or if the fire was actually part of the cyber-criminals’ plan. Although the last question shows that, intentionally or not, cyber-criminals can cause significant physical damage.

The experts who reported the findings say that the probability of this type of cyber-attack happening again is increasing and, therefore, measures should be taken to prevent them.

One of them is to separate management and administration networks from those that control production and machinery. In this way, cyber-criminals will not be able to reach the latter via the Internet.

They also warn that a system is only isolated when it is not connected to a computer with an Internet connection. Many companies believe that it is enough to use a firewall as a barrier between the two areas, but it could be incorrectly configured or have security flaws that make it vulnerable.

Everything suggests that more effort should be made not to leave any weak spots. Not only is valuable corporate information at risk of being disclosed, but a cyber-attack could have physical consequences as serious as they are unpredictable.

The post When cyber-attacks cause physical damage appeared first on MediaCenter Panda Security.

Panda Security

Valentine’s Day. 10 Tips for avoiding viruses

android smartphone tablet

Valentine’s Day is the day of couples, red roses, hearts and… viruses. Cyber-criminals take advantage of this important date to carry out massive attacks using attached files or malicious links.

Romantic videos, links to stores where you can get the perfect gift, pictures… are just some of the excuses used by hackers to infect as many devices as possible through social engineering.

10 Tips for avoiding viruses on Valentine’s Day

  1. Do not open emails or messages received on social networks from unknown senders.
  2. Do not click a link received by email. It is better to type the URL directly in the browser bar. This rule applies to messages received through any mail client and through FacebookTwitter or any other social network, instant messaging programs, etc.
  3. If you click on one of these links, check the landing page. If you don’t recognize it, close your browser.
  4. Do not run attachments from unknown senders. At this time of year, you have to be very careful with files with subjects or names related to Saint Valentine, romantic pictures, etc.
  5. If you don’t notice anything strange about the landing page but are prompted to download a file, be wary and do not accept.
  6. If you do download and install any type of executable file and the computer starts launching strange messages, it is probably malware.
  7. When shopping online it is recommended to do so from the original store, not from links you have received. Do not buy from online stores unless they have a solid reputation and never from websites on which transactions are not secure. In order to check if a page is secure, look for the security certificate, which is represented by a yellow padlock symbol next to the browser bar or in the bottom right corner.
  8. Do not use shared computers to carry out transactions that require passwords or personal data.
  9. Make sure you have the best antivirus for your needs installed and updated.
  10. Keep up-to-date with the latest security news.

The post Valentine’s Day. 10 Tips for avoiding viruses appeared first on MediaCenter Panda Security.