Category Archives: Panda Security

Panda Security

Panda Security

Top Cyber Risks of 2017

Last year is proof that stories about Kim Kardashian and Pikotaro’s PPAP song were not the only things able to break the internet, 2016 was a year full of news about data breaches, stolen sensitive information, hackers extortion and DDoS attacks that in some cases had a significant impact on the lives of many Americans. Phew, it’s all gone, and we are already in 2017!

Hopefully, reputable tech giants such as LinkedIn, Verizon, Google and Microsoft will be a bit more vigilant about keeping our sensitive information safe. Luckily there are anti-virus companies who have our backs even when tech companies’ security fail.

Having anti-virus software is similar to having a second layer of clothes in the winter. You like being prepared, don’t you?

After such a turbulent 2016, we’ve developed a little list of cyber threats to watch out for in 2017.

Cyber threats to watch out for in 2017

Connected devices

Currently, there are billions of connected devices all over the world – the revolution of self-driving cars is just about to kick in too. Drones, doorbells, kitchen appliances, thermostats and health gadgets – all sorts of new technology is now able to be monitored and controlled over the internet. The power of IoT gives us an unparalleled convenience, things we’ve never experienced before, but also poses a grave danger.

The potential threat is no longer about getting your fridge or printer hacked, but cracks in the system of such technology which if penetrated by criminals could cause significant security risks. No one would want a self-driving car or a drone hacked and operated by hackers.

This poses a great concern for our safety. We are expecting a wild 2017 for the consumers out there, as more attacks throughout the year are likely to follow. Currently, it is easier for cyber trouble-makers to create and control an IoT army of devices, than to develop new spyware. We hope to see the security features of IoT devices advance in 2017.

Sophisticated phishing attacks

It’s just the beginning of the New Year, and multiple sources have reported innovative and more sophisticated phishing attacks targeting Gmail accounts in the US. Sources say these phishing attacks can fool even experienced internet users. What is so different about these phishing attaches from the regular ones?

Not much, except for the fact that the design of the landing pages is getting better and better. Another difference worth mentioning is the URL bar. Anti-virus software companies have been preaching for years to always look at the URL bar and never input your login details in websites of whose URLs are not https or/and marked in red color.

In the new case of phishing attacks, the URL bar is in plain text, its’ not green nor red. Apparently, this tends to confuse people so be aware if you don’t want to be in the news as the next victim of a well-executed scam.

State-sponsored espionage

The New Year will surely bring us news of state-sponsored cyber espionage. Mainstream media still finds it hard to accept the legitimacy of the new president of the United States, and the means he used to make it to the chief commander of the free world role. WikiLeaks founder Julian Assange argued that the emails which revealed information about Secretary Hillary Clinton were part of a leak, not a state-sponsored campaign designed to elect Donald Trump. We will most likely never know the full truth but what we are aware is that state sponsored cyber-attacks will become a norm in 2017.

Hacker extortion

Last year a California hospital paid $17,000 in Bitcoin to hackers, a well-known university in the US also became a victim of an attack where cyber criminals installed ransomware on the company’s systems and demanded payment to unlock it. In all known hacker extortion cases, the victim ended up paying up the criminals. The main problem is that not only companies are under threat, but individuals too. There have been reported cases of senior citizens who have been held up by cyber bullies, demanding payments so they can regain access to precious family imagery. Or celebrities ending up paying to stop sensitive photos from being released into the world. Having in mind that most of all known occurrences of cyber extortion have been successful, and the fact that governments tend to lose the battles against it, the occurrences of such incidents are very likely to continue into this year.

Digital fingerprinting, biometric security and health data protection

Digital fingerprinting is getting popular among consumer devices. We saw tens and probably hundreds of them at CES 2017. Currently, all major cell phone manufacturers have it as an option to unlock their phones. Now there are home locks, padlocks, deadbolts and USB sticks that could be unlocked/opened with a simple touch. Even some car manufacturers are integrating the technology into their new car models. Sadly, a Japanese researcher recently came out with a statement that your fingerprints could be stolen when posing for a photo doing the piece sign. Criminals are getting creative, what a surprise! Facial and iris recognition may soon become a norm too so protecting the databases that store this information will become a challenge.

What an amazing time to be alive, the predictions for 2017 are straight out of a sci-fi movie.

However, these issues are now real and protecting our data in all its forms is vital. The convenience the new technology is bringing us opens backdoors for criminals to take advantage. Luckily there are anti-virus specialists such as Panda Security, who make sure your data stays safe and provide you with that extra layer of security that we all need.

The post Top Cyber Risks of 2017 appeared first on Panda Security Mediacenter.

Panda Security

Panda Security to Participate in This Year’s RSA Conference

This February, from the 13th to the 17th, the XXII Edition of the RSA Conference, the largest event of cyber security in the world, will be held at the San Francisco Moscone Center. Major companies, suppliers and cybersecurity gurus will gather to find solutions to their business concerns and discuss industry trends — an incomparable venue in which Panda Security will be giving advice on cybersecurity strategies.

An extensive list of national and international experts will give an array of lectures and will be present as exhibitors during the five days of the event. Among the list of cybersecurity gurus you will find Luis Corrons, technical director of PandaLabs (@Luis_Corrons), who will share his thoughts with the attendees at the Panda Security booth (4542).

In keeping with this year’s theme, “The Power of Opportunity”, we will talk not only about malware and cybersecurity predictions for 2017, but also the benefits of a strategy that combines big data and machine learning in the security of your business — cutting-edge technology that constitutes a great leap forward in advanced cybersecurity solutions and will be presented over the course of the event.

Did you know that more than 250,000 new threats are detected in our laboratory every day? We will address how to anticipate potential threats with practical examples and real cases that seem like something out of science fiction. Advanced cybersecurity and prevention are, as always,

A powerful panel of experts bringing together more than 45,000 participants and a large number of exhibitions and activities await you at the RSA Conference 2017, an event in which innovation in cybersecurity is the center of attention.

PandaLabs, the Laboratory That Has the Answers to Your Questions

PandaLabs is Panda Security’s anti-malware lab and represents the company’s nerve center in terms of malware. Luis Corrons, its technical director, is one of the experts who will be representing the company at the Panda Security booth.

The countermeasures necessary to protect Panda Security’s customers on a global scale from all types of malicious code are produced in real time and uninterruptedly at the laboratory.

PandaLabs is also responsible for the detailed analysis of all types of malware, in order to improve the protection offered to Panda Security users.

Don’t miss your chance to consult with the experts! Join us and discover the latest technologies and pioneering developments in the industry.

More Information

When: February 13-17, 2017

Tickets: Check the price list here and get your discount by presenting the Panda Exhibition Pass: XE7PANDA (redemption deadline is Thursday, February 16th)

Where: Moscone Center, San Francisco.

Panda Security will be at booth number 4542 (look for us on the map!)

The post Panda Security to Participate in This Year’s RSA Conference appeared first on Panda Security Mediacenter.

Panda Security

Quantum Computers and the Change in Cybersecurity

The next revolution in computer science already has a name: quantum computing. Computers capable of working with the superposition of ones and zeros (using qubits, which can take both values, unlike bits, which take one or the other) are still a laboratory animal, but research is increasingly approaching the dream of developing a machine with these characteristics capable of revolutionizing everything from medicine to computer security.

The quantum era will usher in a new phase in the eternal race between defenders and attackers of our privacy. Cryptography will be the battlefield in which this war of the future will be fought, the contenders of which are already preparing for a confrontation that could take place in the coming years.

Theoretically, a quantum computer would be able to break most of the current encryption algorithms, especially those based on public keys. A quantum computer can factor at a much higher speed than a conventional one. A brute-force attack (testing all possible passwords at high speed until you get the right one) would be a piece of cake with a machine that boasts these characteristics.

On the other hand, with this paradigm shift in computing will also come the great hope for privacy. Quantum cryptography will make things very difficult for spies and cybercriminals. While current encryption systems are secure because intruders who attempt to access information can only do so by solving complex problems, with quantum cryptography they would have to violate the laws of quantum mechanics, which, as of today, is impossible.

A quantum computer would be able to break most of the current encryption algorithms.

In any case, it is still early to fear or await with enthusiasm the arrival of these algorithms. Quantum computers are neither going to start decoding passwords tomorrow, nor will they be so dangerous when, within a few years, they are finally able to do so. Predictably, the security systems that would be most vulnerable to these machines will no longer be in use when, five years from now at least, they’ve become a more everyday reality.

Until then, and as a special precaution to protect the documents and some of the more confidential conversations of a company, it wouldn’t hurt to follow some tips. The most important thing is to avoid asymmetric key encryptions such as RSA, EIGamal, or one that’s based on the Diffy-Hellman protocol. Quantum computers would be able to solve relatively easily the mathematical problems at the core of their security.

The post Quantum Computers and the Change in Cybersecurity appeared first on Panda Security Mediacenter.

Panda Security

Spora, a Sophisticated New Ransomware, Detected in January

A few days ago, our colleagues at G-Data published an interesting analysis of Spora, a new ransomware that appeared in January. It had first been spotted by the people at ID Ransomware, and is mainly affecting Russia. A link was published in a forum detailing the analysis results of one of the samples sent by way of spam in VirusTotal. It is an HTA file that none of the engines present there detected, neither Panda Security, nor G-Data, nor any other.

Does this mean that the 53 participants in VirusTotal are unable to detect and block this new threat? Not at all. It means that at the time of the analysis nobody had bothered to write a signature to detect a file that, besides, is actually ephemeral. The important thing is to protect users and prevent them from becoming infected. If there is no other way to accomplish this than by creating signature, there’s not much you can do about it. But at least for some of us this is seems to be completely unnecessary in most cases, as in the present one.

Taking a look at the information in our cloud, we have observed and blocked Spora detections from the first moment, without having to create signatures for it. We can confirm that indeed most of the cases are in Russia, although we have also seen cases in Japan.

These are the different hashes that we’ve seen:

312445d2cca1cf82406af567596b9d8c

acc895318408a212b46bda7ec5944653

c1f37759c607f4448103a24561127f2e

c270cf1f2cfeb96d42ced4eeb26bb936

Always make sure to detect threats well in advance with a good cybersecurity solution such as Panda’s Adaptive Defense 360.

The post Spora, a Sophisticated New Ransomware, Detected in January appeared first on Panda Security Mediacenter.

Panda Security

It Isn’t Ransomware, But It Will Take Over Your Server Anyway

In this week’s Tales From Ransomware, we take a look at a ransomware that isn’t really ransomware. Nor even malware. But it can hijack your server anyway.

A few days ago we saw a typical Remote Desktop Protocol (RDP) attack, which lead us to believe that it was a similar attack to the one we told you about a few months ago which cybercriminals are using to infect devices with ransomware. But we were very wrong.

First of all because instead of encrypting data, it locks the desktop with a password that the victim doesn’t know. Secondly, it does not demand a ransom (!) in exchange for the credential, but rather seeks to keep the device locked for as long as possible so that it can be used for bitcoin mining for as long as possible. And thirdly, it doesn’t use malware as such.

Once they’ve gained access to your machine by brute force (this particular server was fielding 900 attempts daily) the attacker copies a file called BySH01.zip. This in turn contains:

  • BySH01.exe (executable through AutoIt)
  • 7za.exe (goodware, the well-known free tool 7zip)
  • tcping.exe (goodware, a tool for performing TCP pings)
  • MW_C.7z (a compressed password-protected file), which contains:
    • An application –goodware for bitcoin mining
    • An application –goodware for blocking the Windows desktop

The attacker runs the BySH01.exe file, and the following interface appears:

Кошелек – Wallet; Имя воркера – User Name; Количество ядер – Number of cores; Пароль – Password; Локация – Location; Пусть установки – Installation path; Расширения системы – Processor Extension; Порт – Port; Добавить в автозагрузку – Add to startup; Установить – Install; Удалить – Delete; Тест – Test; Пинг – Ping; Локер – Locker

With the help of our colleagues at Panda Russia, those of us who don’t know Russian can get an approximate idea of what its telling us with the above word list.

Basically, the bitcoin mining application uses this interface to configure how many cores to use, what extension of processor instructions to use, what “wallet” to send the bitcoins to, etc. Once the desired configuration is selected, the attacker clicks on Установить to install and run the bitcoins mining application. The application is called CryptoNight, which was designed for mining bitcoins using CPUs.

Then they click on Локер, which installs and runs the desktop lock application. It is the commercial application Desktop Lock Express 2, modified only so that the information shown in the properties of the file are the same as those of the system file svchost.exe. Finally it clears all the files used in the attack except CryptoNight and Desktop Lock Express 2.

Desktop Lock Express 2, the application used by the attackers.

We detected and blocked several attacks in different countries. Examples such as this one show how, once again, cybercriminals take advantage of weak passwords that can be guessed using the brute force method over a given period of time. Malware is no longer necessary to gain access to the system, so it’s up to you to use a robust password that will keep out unwanted visitors.

Tips for the System Admin

In addition to using a solution like Adaptive Defense, which detects and prevents this kind of attack, a couple of tidbits of advice for all administrators who have to have an open RDP:

  • Configure it to use a non-standard port. What 99.99% of cybercriminals do is track all Internet on TCP and UDP ports 3389. They might bother to track others, but they do not have to, since most do not change these ports. Those who do change ports do so because they are careful about security, which probably means that their credentials are already complex enough to not be gotten by brute force within any reasonable amount of time.
  • Monitor failed RDP connection attempts. Brute force attacks can easily be identified in this way, since they use automated systems and can be seen making a new attempt every few seconds.

The post It Isn’t Ransomware, But It Will Take Over Your Server Anyway appeared first on Panda Security Mediacenter.

Panda Security

What You Need To Know About The iMessage Security Flaw

With everything that’s gone down in 2016 it’s easy to forget Tim Cook’s and Apple’s battle with the FBI over data encryption laws. Apple took a strong stance though, and other tech giants followed suite leading to a victory of sorts for (the little guy in) online privacy. In this era of web exposure, it was a step in the right direction for those who feel our online identities are increasingly vulnerable on the web.

All of this stands for little though when a security flaw in your operating system allows carefully encrypted messages to be effectively decrypted offline. That’s what happened to Apple with its iOS 9.2 operating system. Though the patches that ensued largely fixed the problem, the whole issue has understandably left iOS users with questions. What really happened and are we at immediate risk?

What Is The iMessage Security Flaw?

A paper released in March by researchers at John Hopkins University exposed weaknesses in Apple’s iMessage encryption protocol. It was found that a determined hacker could intercept the encrypted messages between two iPhones and reveal the 64-digit key used to decrypt the messages.

As iMessage doesn’t use a Message Authentication Code (MAC) or authenticated encryption scheme, it’s possible for the raw encryption stream, or “ciphertext” to be tampered with. iMessage instead, uses an ECDSA signature which simulates the functionality. It’s still no easy feat exploiting the security flaw detailed by the researchers. The attacker would ultimately have to predict or know parts of the message they are decrypting in order to substitute these parts in the ciphertext.

Using this method, a hacker can gradually figure out the contents of a message by replacing words. If they figure out, for example, that they have successfully replaced the word “house” in the message for “flat” they know the message contains the word “house”. Knowing whether the substitution has been successful though, is a whole other process which may only be possible with attachment messages.

It may sound simple, but it really isn’t. The full details of the security flaw, and the complex way it can be exploited are detailed in the John Hopkins paper.
The paper includes the recommendation that, in the long run, “Apple should replace the entirety of iMessage with a messaging system that has been properly designed and formally verified.

Are iMessage Users At Immediate Risk?

Despite the recommendation, the answer is no. It is very unlikely. One thing that should be made clear is that these weaknesses were exposed as a result of months of investigation by an expert team of cryptologists. The type of hacker that would take advantage of these weaknesses would undeniably be a sophisticated attacker. That of course doesn’t mean that Apple shouldn’t take great measures to eradicate this vulnerability in their system.

Your messages, though, are not immediately at risk of being decrypted, and much less if you’ve installed the patches that came with iOS 9.3 and OS X 10.11.4 (though they don’t completely fix the problem). Tellingly, the flaws can’t be used to exploit numerous devices at the same time. As already mentioned, the process that was exposed by the John Hopskins paper is incredibly complex and relies on various steps that are by no means easy to complete successfully.

All of this means that it would take a very sophisticated attacker a complex and lengthy process (up to and beyond 70 hours) to decrypt one message. iMessage has a supported base of nearly one billion devices and handles more than 200,000 encrypted messages per second. We’ll let you do the math there but it seems highly unlikely that a hacker would try to exploit this weakness unless they’re trying to uncover very sensitive and important data.

A hacker would most likely carefully vet their target as someone who possesses valuable information that could then be contained within that person’s messages. If a hacker’s investing 70 hours of their time to uncover cat pics, the joke’s really on them.

Could this have any connection with the FBI encryption dispute?

Matthew D. Green, the well-known cryptographer and leader of the John Hopkins research team, has spoken with the Washington Post about the implications of his team’s research. “Even Apple, with all their skills -and they have terrific cryptographers- wasn’t able to quite get this right. So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.

So you’d probably need the resources of say, the FBI, to pull off an attack exploiting the vulnerability exposed in the John Hopkins paper. It seems very unlikely that individuals would be targeted en masse. 2016 has been such a surreal year though, who are we to say what is and isn’t possible?

The post What You Need To Know About The iMessage Security Flaw appeared first on Panda Security Mediacenter.

Panda Security

Pirate Party: the Future of Politics?

Could Iceland’s Hacker-founded Pirate Party be the Future of Politics?

So, Donald Trump is president of the leading world power. Yes, that really happened. While the jury is still out on the reasons behind the new president’s rise to power, many believe it’s down to a sense of apathy towards left wing politicians, in this case Hillary Clinton and the Democrats, who would otherwise be the traditional harbingers of progress and change.

One political movement however, is trying to do away with this apathy by embracing something that we’re all about here at Panda Security: online privacy and security on the web!

Introducing Iceland’s wing of the Pirate Party.

Okay, you’ve most likely heard of them already as 2016 is looking to have been a watershed year for them, having tripled their seats in Iceland’s parliament during October’s elections.

This party have really caught our attention though, and that of many others worldwide, with the way they are embracing technology and highlighting how it can play a much much larger role in the future of democracy.

The Pirate Party can be considered a worldwide movement, with branches cropping up all over, including in the UK, Australia and the US.

The first iteration of the party was founded in Sweden by Rick Falkvinge in 2006 after the Pirate Bay torrent website was raided by police. The fact that visitors to the website more than doubled due to media exposure following the raid, was enough of a signal that legislation was out of touch with public opinion when it came to online distribution and surveillance laws. And so was named, Sweden’s Pirate Party.

How did Iceland’s Pirate Party become so popular?

Iceland’s Pirate Party is based on the Swedish party’s model, however, it has its own ideas about issues like data protection as well as how Iceland should be run as a country. Their propositions seem to be appealing to an Iceland that is increasingly looking to break from the status quo.

Birgitta Jónsdóttir, a former Wikileaks volunteer, co-founded Iceland’s Pirate Party in 2012 along with other prominent activists and hackers. According to Jónsdóttir, Iceland’s Pirate Party can sense the winds of change and they see a future of technology-centered upheaval. In a recent interview she said, “we have to be innovative to fight against political apathy”.

But what does she mean by this? Well, the Pirate Party are very much working within the political system to advocate a peaceful political revolution based on greater political transparency, and a grass roots approach to politics. Think Mr.Robot gone mainstream.

The Pirate Party want to increase public participation in common-decision making by giving them direct access to the process via the Internet. Under their system, the public would be able to propose and veto legislation using the party’s online voting system.

Jónsdóttir has also gone on record saying the Pirates would implement propositions such as the United Nations’ proposed resolution, ‘The right to privacy in the digital age’. The resolution, aimed largely at addressing and curbing world governments’ illegal surveillance methods has, for all intents and purposes, been largely ignored by world governments.

The party’s success and recent popularity also comes after the backlash the traditional parties in Iceland have suffered following the 2008 financial crisis and, most recently, the stepping down of the country’s prime minister, Sigmundur Davíð Gunnlaugsson, following his implication in the Panama Papers scandal. Many Icelanders feel it’s time for change and that the Pirate Party are

But they’re hackers!

In a recent interview, Jónsdóttir said “we do not define ourselves as left or right but rather as a party that focuses on [reforming] the systems. In other words, we consider ourselves hackers.”

But what questions does this bring up? Hackers are bad right?

Well, yes and no. A hacker can be defined in various ways; it could be someone who breaks down firewalls and retrieves information, often illegally, or someone who finds simple solutions –a hack- to everyday problems. The Pirate Party propose themselves as the latter, a party that will introduce simple hacks to problems they feel the current system refuses to deal with.

Many questions still arise as to how their vision of Iceland’s future would function in the real world. Increasing democratic reach through the use of the Internet seems like a logical step in this technological age, but what are the dangers? In this future world, could a DDOS attack bring government to a halt? Could a malicious hacker bypass encryption and twist legislation by altering online poll results in their favor? Would transferring the democratic process onto the web empower hackers in new unconceivable ways?

In a recent interview, Ben de Biel, a spokesperson for Berlin’s Pirate Party claimed, “the established parties browse the Internet but we work with it.” Whilst any Pirate Party coming to power would lead to unprecedented change, Iceland’s is the closest to getting there. Their plans, if put into action, could lead to very positive change in digital privacy laws, however, they would also bring to light an increasing necessity for cyber security in an age that is becoming more and more technology reliant.

The post Pirate Party: the Future of Politics? appeared first on Panda Security Mediacenter.

Panda Security

Why Your Business Needs a Security Strategy for Social Networks

In 2017, it’s not easy to find a company that doesn’t have any sort of presence on social networks. A Twitter account, a Facebook page, and a lot of Instagram photos come standard in any business’s digital communications pack.

Added to this are all of the employees who access their own accounts during work hours. Despite all this activity, there are still plenty of corporations that don’t regulate it, putting their own security at risk.

According to a recent study by the Pew Research Center, around 50% of the companies analyzed have no briefing for social media use within the company.

Businesses that don’t take this security issue seriously are exposing themselves to a diversity of threats. First, they may witness their own employees leaving negative posts about the company from their work stations. Worse still, they could publish confidential corporate data.

Aside from avoiding potential scenarios in which lead to a corporate crisis, the main goal of a social network strategy should be too clearly define what your employees are permitted to do on them during work hours. One of the premises that should be clearly established is to not follow links whose origin is unknown or untrusted.

In that way, and with the right protection, it is possible to avoid some of the risks hiding in the deepest corners of social networks. Phishing attacks, spam, or any type of malware could jeopardize corporate secrets. A clear policy for Twitter & Company is critical.

Best social network practices could also increase productivity. This is demonstrably true, according to the same Pew Research study, as we see that 40% of employees at a company with no such policy use social platforms to relax a bit.

On the other hand, when a clear policy is in fact in place we see the number drop to 30%. Not only, then, are we avoiding risks, but also promoting a more professional work environment. Does your business have rules for the use of social networks in the workplace?

The post Why Your Business Needs a Security Strategy for Social Networks appeared first on Panda Security Mediacenter.

Panda Security

The Cruelest Ransomware Propagates Like a Meme

A link shows up in your inbox from a colleague that you never really hit it off with, or a cousin you’re on the outs with. You open it, and the cat’s out of the bag: you’ve been infected with a ransomware that has abducted all of the files on your computer.

This new malicious software is called Popcorn Time and its purpose is to get the victim to collaborate with the cybercriminal to infect new users. It is particularly cruel because, aside from demanding a 1 bitcoin payment (about $900 as of this writing) to return access to the encrypted files, the victim is offered the chance to recover the files for free if they contribute to its propagation.

Infecting Others to Free Yourself

The victim will be able to share the Popcorn Time download link with other users. If two of the newly infected decide to pay the ransom or pass the chain along, the accomplice will receive a code to unblock their files.

Essentially, Popcorn Time works like any other ransomware — it infects computers and encrypts its files. The twist lies in the morbid way it spreads itself that enables cybercriminals to take advantage of the word-of-mouth phenomenon.

“The model for getting it off your system is sort of a pyramid scheme, multi-level marketing style approach,” explains Kevin Butler, security expert at the University of Florida. “It could certainly make for some interesting discussions amongst one’s group of friends if you’re trying to figure out who infected you with this malware.”

How can you protect yourself from Popcorn Time?

Dissemination strategies like this one may not have such a significant impact as they seem to have at first glance. Is it easier to propagate a malware by asking for the collaboration of users, or by sending mass emails that get to many recipients quickly and at the same time?

One way or another, it’s crucial to be protected in the face of such dangerous threats as Popcorn Time, whether or not they propagate as a viral phenomenon. Keeping our operating systems updated, not clicking on suspicious links — even if an acquaintance has sent it — and keeping a good cybersecurity solution installed — this is some of the advice to be followed if you want to avoid having your files abducted by a cybercriminal.

The post The Cruelest Ransomware Propagates Like a Meme appeared first on Panda Security Mediacenter.

Panda Security

Adaptive Defense 360 Given Stamp of Approval by AV-Comparatives

Defending your devices in our hyperconnected world is no simple task. Your protection should include a wide range of defense mechanisms, a necessary deployment that, until now, has forced IT organizations to purchase and maintain a variety of products from different providers.

In December, AV-Comparatives gave their stamp of approval to the three principles of the Adaptive Defense 360 security model: continuous monitoring of all applications on company servers and workstations, automatic classification of endpoint processes using big data and machine learning techniques in a Cloud-based platform, and the possibility, should a process not be automatically classified, of a PandaLabs expert technician analyzing the behavior in depth.

“The evaluation by AV-Comparatives is a good reflection of the value of Adaptive Defense to our customers,” said Iratxe Vázquez, Product Manager at Panda Security. “We protect from and detect all types of known and unknown malware and zero-day security attacks (ransomware, bot networks, exploits, fileless malware, APTs, etc.), all thanks to the continuous monitoring of all processes running on our customers’ devices.”

The Adaptive Defense 360 solution has been endorsed as the first and only product that combines endpoint protection (EPP) and endpoint detection and response (EDR) in a single platform.

“As this solution classifies all executed processes, it cannot fail to record any malware.”

Efficacy Test

Panda Security’s advanced cybersecurity solution detects and blocks malware that other protection systems don’t even see. “We know that Adaptive Defense is easily one of the best solutions on the market, and we needed this to be certified by a prestigious laboratory in the world of security,” said Luis Corrons, Technical Director of PandaLabs.

Adaptive Defense 360 achieved 99.4% detection in the 220 analyzed samples and 0 false positives in the independent analysis performed by the esteemed AV-Comparatives Institute, which establishes this solution as the most advanced end-user cybersecurity software.

“For us it was essential that the tests were done with the utmost rigor, as we were looking for an environment that would perfectly simulate the real world and the threats to which companies are constantly exposed,” says Corrons.

The Intelligent Control Platform, a Synthesis of Machine Learning and Big Data

Artificial intelligence and machine learning are booming trends this 2017, allowing companies to use data science to optimize resources and improve their productivity. Imagine the effectiveness of a cybersecurity software that combines both of these trends.

“The protection that Adaptive Defense 360 ​​offers is much more than a marketing strategy,” said Iratxe Vázquez. “This solution is a protection strategy, a new security model that our customers will need in order to deal with cyber threats. The attacker continually adapts his behavior, easily avoiding traditional antiviruses. He infiltrates and acts quietly, making all kinds of lateral movements that we monitor, analyze and block before he reaches his targets.”

Adaptive Defense 360 ​​is part of an intelligent cyber security platform, capable of merging contextual intelligence with defense operations.

“We continuously monitor and evaluate the behavior of everything running on our clients’ machines, using Machine Learning’s adaptive techniques in Big Data environments, which gives way to exponentially increasing knowledge of malware, tactics, techniques, and malicious processes, along with reliable application information, “explains Iratxe Vázquez.

Adaptive 360 is also ​​integrated with SIEM solutions (Security Information and Event Management), which add detailed information on the activity of running applications at workstations. For those customers who do not have a SIEM, Adaptive Defense 360 ​​incorporates its own security event management and storage system for real-time analysis of information collected with the Advanced Reporting Tool.

AV-Comparatives has seen what we can do, and they liked what they saw. How about you? Have you witnessed intelligent cybersecurity in action yet?

Follow the links to download the first  infographic on the most notable examples of ransomware in 2016.

The post Adaptive Defense 360 Given Stamp of Approval by AV-Comparatives appeared first on Panda Security Mediacenter.