Tag Archives: Cybersecurity

‘Ghost Push’ Malware Threatens Android Users

Why should you update your Android device’s operating system? Two words. Ghost Push.

The well known trojan has had various iterations and it’s often updated to bypass new security updates.

At its peak, Ghost Push infected over 600,000 Android devices daily, a colossal number. The trojan is capable of rooting phones, displaying revenue-generating ads that drain your battery, and can be used by hackers as a means of spying on the infected party.

When infected, it is virtually impossible for the device’s owner to remove the virus, even by factory reset, unless the firmware is reflashed.

This is not an easy malware to get rid of.

The good news? A simple update of your Android operating system can make your phone much less penetrable to this type of malware.

However, even though Android has released version 7, Nougat, of its OS, there is still cause for concern. Recently released figures show that Android users are slow on the uptake when it comes to updating their OS. The majority of users are still running Lollipop, or earlier, meaning that they are vulnerable to the Ghost Push virus.

The latest iteration of the Ghost Push trojan.

In fact, the latest iteration of the Ghost Push trojan, which was discovered in September 2015, can infect devices running on Android Lollipop (version 5) or any of the OS that came before it.

In a recent blog post, Graham Cluley drove home the issue, emphasizing the root of what, on the surface, should be an easy problem to rectify. He said, “when you compare the take-up of new versions of Android compared to Apple iOS it’s clear that one ecosystem does a much better job of getting its users to upgrade to the latest version of their OS, protecting against security vulnerabilities, than the other.

There’s a reason for this. Whereas Apple has its own integrated app store, for Android it’s a different story. In their case, carriers, smartphone manufacturers and Google all have to work together to get a new update out to users. As such, the process takes longer, and updates are rolled out with much less frequency than they are for iOS.

Android Users

This, unfortunately, has a knock on effect that only serves to make Android users even more vulnerable. As Cluley puts it, Android users end up feeling abandoned, and this leads to many of them venturing “into the cloudy waters of installing third-party ROMs like CyanogenMod that receive regular updates.”

Recent research, also looked at the type of links that delivered the malware to users. Most were short links and ad links. The country most hit by the trojan infection, meanwhile, was India with more than 50 per cent of infections. Indonesia and the Philippines rank second and third, showing that the trojan is most prevalent in Asian countries. This doesn’t mean it’s not a threat in North America and Europe, though.

Be aware

Putting your trust in third-party sources can of course be risky, and that’s where infections like Ghost Push can be unwittingly installed by users. It’s important to be aware of what’s being installed.

Unfortunately installing third-party ROMs and applications can often lead to the installation of unwanted malicious malware and even ransomware. Android users should do their best to only download applications from reputable app stores and should avoid clicking on those suspect unknown third-party links, however tempting the proposition.

The post ‘Ghost Push’ Malware Threatens Android Users appeared first on Panda Security Mediacenter.

The worst passwords ever created

For many online services, the only thing keeping your personal data safe from hackers is a password. If a hacker can get hold of that password, they immediately gain access to the account.

Your choice of password is absolutely vital

Your choice of password is absolutely vital which is why most services force you to use a combination of letters and numbers to make it harder to guess. Despite this, many people continue to choose the same, easily-guessed passwords year after year.

Every year mobile app developer SplashData publishes a list of the 25 most common passwords worldwide. Not only are these passwords extremely simple to hack using automated cracking tools, but the fact they are so popular means that cybercriminals will try this list first.

The top 5 passwords

According to SplashData the top 5 passwords are:

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty

If any of these passwords look familiar, you could be in trouble.

Most people choose passwords very easy to remember

Most people choose these passwords because they are very easy to remember, and only take a second to type in. The fact that they are all letters or numbers, and all in lower case means that they require the minimum number of keypresses to enter – perfect for the small keyboards on smartphones.

Ignoring password best practice

When you first set up a new account online, you will be encouraged to choose a memorable word of phrase – preferably one that contains upper and lower case letters and numbers to make it harder to guess. But as we discussed on the Panda Security blog previously, these measures are not enough to fully protect yourself.

To increase security, upper and lower case letters need to be used in the middle of the password. They should also include special characters, like !?*(), making them almost impossible to guess. Not unbreakable, but certainly much more difficult.

Reusing passwords

The other major problem with SplashData’s list of most common passwords is that people tend to reuse them for all their accounts. So if cybercriminals gain access to your Facebook account using an easily-guessed password, they can then log into your email, online bank account, and virtually any other system.

More worrying still, if you use these same passwords at work, you place their systems and data at risk too. If the breach is significant, you could even lose your job.

Get creative with your passwords

Although you must include specific characters in your password, you can choose any word you like. Better still, you can string several words together to make very long, very complex password that is almost impossible to guess.

And if you must use the top 25 most popular passwords, try stringing several of them together instead. It’s not a perfect solution, but your password will be more secure.

Use a Password Manager

There are great security solutions that offer a larger degree of protection and include a password manager… all you need is a master password to access all of your favourite internet services. This way, you will only have to remember one password and, as you don’t have to memorize all of them, you can set different, more complex passwords for each service. It maintains your online privacy… at all times!

The post The worst passwords ever created appeared first on Panda Security Mediacenter.

WhatsApp, message encryption and national security

Is Whatsapp the perfect communication channel for terrorists?

The devastating terrorist attack that took place in London last week has brought grief to the UK and the rest of the world. The police that investigation into the incident has raised a number of questions, that could have far-reaching consequences.

WhatsApp and messaging encryption hits the headlines

The discovery that terrorist Khalid Masood had been using the messaging app WhatsApp shortly before the attack presents police with a problem. WhatsApp uses a technology called end-to-end encryption to encode text messages.

This encryption is intended to protect messages from being intercepted by hackers and cybercriminals. If a text is intercepted, it cannot be read without the decryption key – and only the authorised sender has that key. The text is completely garbage without decryption.

Unfortunately this also means that legal investigators cannot access those texts either – the data is completely inaccessible without access to Masood’s phone. Which means that the police may be missing vital evidence of other terrorist activities because the texts are encrypted.

UK government criticises encryption

Speaking in the media, UK Home Secretary Amber Rudd has criticised the use of end-to-end encryption, calling it “completely unacceptable”. She even went as far as suggesting that these encrypted messaging apps are “places for terrorists to hide”.

Ms Rudd’s main concern is that traditional surveillance techniques used to prevent terrorism and crime simply do not work in the age of complex encryption. As such, police and intelligence services are limited in what they can do to keep people safe.

A difficult issue globally

The London terror attack is not the first time security services have run into problems. The FBI has run into similar problems in the US too, unable to access encrypted smartphones belonging to criminals.

Service providers like Apple, Google and Facebook have complied with requests to access data in the past, but in the case of WhatsApp, they remain powerless to act. All encryption keys are specific to the phone owner – services providers like WhatsApp do not store copies, so even they cannot read messages.

Clearly there is no easy answer

For the majority of people, encryption is a vital tool to protecting their sensitive personal data. However criminals will exploit that anonymity – placing lives in danger in the process.

In future we may see WhatsApp and other messaging providers being forced by governments to create a “backdoor” in their apps that allows for proper surveillance. Although useful for the intelligence services, this approach could also be exploited by hackers, immediately weakening security of law-abiding citizens too.

How this situation will be resolved remains to be seen. But it could be that your favourite messaging app will undergo major changes security-wise in the near future.

The post WhatsApp, message encryption and national security appeared first on Panda Security Mediacenter.

AVG Business at MSPWorld 2017 Conference in New Orleans

AVG Business by Avast is proud to be a Gold sponsor of MSPWorld®, the premier conference for cloud and managed services professionals.

You may have thought the New Orleans Jazz and Heritage Festival was the highlight of springtime in “The Big Easy”, but for MSPs across the country, the event of the year is MSPWorld which takes place in New Orleans, Louisiana from March 26th to 28th. MSPWorld is the perfect place for people working in the managed services industry to learn from their peers, because this world-class conference is run by MSPs, for MSPs.

Visit AVG Business by Avast MSPWorld 2017 to get a 50% discount on a full conference pass, and stop by booth #33 to meet the AVG Business by Avast team. We are there to share our expertise on how to develop pricing models to support revenue growth, provide cost effective 24/7 support, and ensure your customers’ environments are secure and performing optimally.

We want to have some fun with you too, so plan to arrive early and join us Tuesday from 11:00am – 4:00pm at the Lakewood Golf Club for the MSPWorld Golf Tournament.  Reserve your spot to chill with us afterwards for an exclusive AVG Business Partner Event cruising on the Steamboat Natchez Tuesday evening.

Steamboat Natchez

Your schedule can get busy quickly at MSPWorld, so mark your calendar in advance for the following speaking sessions:

Creating a competitive MSP Pricing Model

Date: March 27, 2017
Time: 9:45am to 10:15am
Location: Gallery 1-3

Ryan Vallee, Product Management Lead for AVG Business by Avast, will be speaking about the importance of properly pricing your service to stimulate business growth. The science to calculating labor cost, overhead, software solution, etc. to achieve a desired margin can be a bit of a mystery to many. Whether you offer reactive, proactive, or fixed-fee models, this session will guide you to develop profitable service plans that take into consideration all known costs to provide a Managed Service to your customers; AND, help you evolve your business into higher levels of profitability.

Scaling your Managed Services for NOC & Help Desk

Date: March 27, 2017
Time: 2:15pm to 3:00pm
Location: Gallery 1

Staale Swift, Chief Executive Officer at NOCDOC will address what is going on in the market today and its impact on managed service providers. He will answer questions MSPs have about growing or expanding their businesses, what you can offer your clients, considerations when you are building up your offering, and the value you bring to the table.

We look forward to seeing you at MSPWorld. Visit our website to get your MSPWorld discount and for our exclusive partner event cruising the Mississippi River. Stay a few more days for Jazz Fest 2017.

Music lovers, are your Sonos devices safe?!

Shout out to a crowd “Hands up if you like music!” Cue plenty of hands going up, with some ‘whoohoo’ screams added on. Rock stars know how to win a crowd over. And not just rock stars… music is one of those universal pleasures passed down generations, with percussion being (probably) the earliest form of music known to humankind. Heck, the Egyptians were at it 6,000 years ago! Other civilizations developed musical instruments too until Guido D’Arezzo reportedly invented solfege a thousand years ago – thus making improvements to music theory that remain in place today (do, re, mi, fa, so, la, si, do… ).

Music and technology

The way we came to appreciate music has changed massively as technology evolved. From outdoor performances in public squares to enclosed theaters, to the invention of the humble gramophone all the way up to Sony’s Walkman, it looks as though the trend for “any music, anywhere… right now” is here to stay. The ability to listen to one’s favorite tunes while out and about is now a given and as common place an occurrence as can be.

At the turn of the millennium, four music visionaries founded Sonos in California. They forever changed music with the introduction at the CES showing off their smart speaker, an intelligent piece of technology operating wirelessly. The company’s Digital Music System bundle won the “Best of Audio” award at the CES Innovations Design and Engineering Awards in November 2005.

The rest, as they say, is history.

Today, Sonos offers many powered speakers that utilize Wi-Fi, Bluetooth, and other standards to extend usage beyond audio playback; a soundbar “PLAYBAR”; and a subwoofer (for those craving that deeper sound!). The company also offers a device to link its system to conventional audio equipment such as and CD player and amplifiers for example.

For music lovers, this means multiple devices within a single household can be connected to one another wirelessly, or through a wired Ethernet network or a mixture of the two. The Sonos system operates with a proprietary AES-encrypted peer-to-peer network known as SonosNet.

In theory, this allows for each unit to play any chosen input. If desired, synchronized audio with one or more zones can also be achieved. Latest versions developed by the company integrate MIMO (an essential element of wireless communication standards) that function on 802.11n hardware, this provides a more robust connection.

Is the system hackable?

Can I get my mate’s audio device to blast out some weird music as a prank? Well, one hack reported a few years ago was much creepier: called “Ghosty”, this Sonos hack freaked people out with haunted mansion sounds. We’re not joking. Developer Aaron Gotwalt combined an unofficial Sonos API, some spooky audio files, and a Raspberry Pi to achieve scary effects.

Taking control of a Sonos system isn’t exactly easy, but that’s beyond the point. Almost everything is hackable nowadays. In today’s era of plentiful connected, hackable devices… it’s good to know help is available. Take Panda Security for example. We operate toll-free, seven days a week phone lines with a human being picking up the phone. We resolve all your home IT and security issues providing much-needed piece of mind.

No need to call Ghostbusters if your Sonos system goes wild, call us – we’ll sort it out.

The post Music lovers, are your Sonos devices safe?! appeared first on Panda Security Mediacenter.