Tag Archives: Cybersecurity

TrickBot, new spam campaign against companies

attack panda security

On November the 2nd we witnessed a new spam campaign delivering emails each with a Word document attachment targeting UK companies. Each email message had the subject “Companies House – new company complaint” and the Word document attachment was titled “Complaint.doc”. When users open the document, this is what they see:

windows trickbot

How TrickBot works?

If the user follows the instructions given, the macro in the document will be executed. It will download a file called dododocdoc.exe which will be saved in %temp% as sweezy.exe and then executed. This file is a variant of the TrickBot malware family. Once executed it will install itself in the computer and will inject a dll into the system process svchost.exe. From there it will connect to the command and control server.

This has not been a massive campaign, but it has been targeted to UK companies – we’ve just seen a few hundred e-mails to our clients, and all of them were protected proactively without needing any signature or update. However taking a look at the potential victims, all of the emails were to companies, no home users were targeted, and it turns out that most of them were to businesses in the UK. There were 7 cases in Spain, and one in Belgium, Ireland and Thailand. The campaign was short, the first case happened at 10:55am and the last one at 12:11pm (GMT).

The macro uses PowerShell to execute the malware, which is a common technique that is becoming more and more popular recently, being used in ransomware attacks or even to infect Point of Sale terminals.

From Panda Security we recommend that businesses ensure all software is updated, have a reputable security solution in place  and hold regular staff security awareness training.

The post TrickBot, new spam campaign against companies appeared first on Panda Security Mediacenter.

China Passes Cybersecurity Law to Tighten its Control over the Internet

China has long been known for its strict censorship policies, which has already made it difficult for foreign companies to do business in the world’s most populous country of more than 1.35 Billion people.

Now, the Chinese government has approved a broad new controversial cybersecurity regulations that would further strengthen the country’s censorship regime, making it more difficult for

Modern Day Fears – Don’t Let The Monsters Get You

pandasecurity-modern-days-fears-halloween-2It is this time of the year when we are all going to Halloween costume parties, playing pranks on each other and visiting haunted attractions. Why do we do it? Well, we want to ward off the evil spirits while having fun in the process. There is nothing wrong with that!

However there are plenty of scary things going on in real life too. Instead of going to Knott’s Scary Farm, turn on the TV. We’ve come up with a list of modern world fears. We sincerely believe that 10 years from now you will be more afraid of hackers in Eastern Europe than from going to the dentist. In the year 2025, the Bogeyman will no longer be after you, he most likely will be after your virtual reality goggles and your credit card information!

Here are a few things people are scared of this Halloween

DDoS-o-phobia

Early this week half the internet went down after an unprecedented DDoS attack. The attack was so big that people were unable to complain on Twitter, as Twitter itself was down. Experts say an army of smart fridges, webcams, DVRs and other IoT devices managed to ruin your Monday morning! This on its own sounds like the plot of a Hollywood blockbuster, a bad one obviously. The media reported that some manufacturers left their devices so vulnerable to hacking attacks that they now are having some of their products recalled.

Imagine telling someone, 20 years ago, that an army of smart fridges and webcams would cause a major disruption in people’s lives! They would probably have laughed and brushed you off as a joker. Today though it is reality and is a real threat to our everyday life. Twitter and Facebook are like electricity, people start panicking when these services go missing.

Hack-o-phobia

So far we’ve learned that there are millions of people literally begging to be hacked as they don’t have their cell phone passwords set. The good news is that the other 2/3 of the US adult population actually have their cell phone passwords set and they are not interested in giving it up easily. Monsters are scary, but sharing your precious moments and credit card information with complete strangers whose main purpose in life is to ruin yours, sounds even scarier.

People should be scared, especially if they are not doing much to prevent hackers from stealing information from their smart devices.

Cell-phone-damage-o-phobia

The dog used to be man’s best friend, now it is the smartphone! A recent study confirmed that every day we spend more than four hours staring at our smartphones. We’ve never been as reliant on smartphones as we are now. With this in mind, we are attached to our smartphones and one of our biggest fears is of damaging them, or even worse, having our device in the hands of people who want to take advantage of all the confidential information on it.

So before you start watching horror movies at home – turn on the news channel, the threat is real and your fears are justified. Be prepared, be very prepared… by downloading the best free antivirus software in the world.

Panda Security wishes you a very scary Halloween! Stay safe!

The post Modern Day Fears – Don’t Let The Monsters Get You appeared first on Panda Security Mediacenter.

The Antifraud Card of the Future!

credit card

Whether you usually use a personal or corporate credit card, anyone can be the victim of a data breach. Criminals can easily use a phishing attack to take your card number, PIN and even the security code on the back of your card. What’s worse is that they’re so quick! By the time you’ve discovered the theft, it will be too late. Even if your company quickly cancels the card, you will already have some serious problems… the thief will have already spent your hard earned cash.

These kind of attacks happen more often than you think. In the first half of 2016 there were more than a million cases of financial fraud with the objective of robbing credit card data. This statistic is worrisome, without a doubt, especially considering that this number doubled the results from 2015.

This is where Motion Code steps in. This new technology was developed by the French company Oberthur and will revolutionize the way we make purchases. Its goal is pretty simple: to preserve your security by changing the security code on the back of your credit card, constantly.

How will they do this exactly? Well, unlike the cards we use now that have a tiny rectangle on the back with three secret numbers, Oberthur has proposed a solution: they want to substitute this rectangle with a small screen that changes the numbers every hour. At first glance, the credit cards are exactly the same, but instead of the security code changing every three years, the numbers change every hour.

This means that the cybercriminal won’t be able to steal a dime: by the time a phishing attack is completed and the data is stolen, the screen will have changed and the whole scheme will be a complete waste of time for the criminal.

It may be inconvenient for your employees to use these cards because they will no longer be able to memorize the security code on the back. But really, who cares? They will have to check the security code every time they use it, but this smallest effort could also bring them the most security benefits in your company.

The post The Antifraud Card of the Future! appeared first on Panda Security Mediacenter.

The Internet collapses, brings the world to a halt for a few hours

 

young man with glasses sitting in front of his computer, programming. the code he is working on (CSS) can be seen through the screen.

A massive cyber-attack against US DNS service provider Dyn knocked out major websites across the Internet last Friday. The attack shut down several websites, including Netflix, Twitter, Amazon and The New York Times. The Internet service was disrupted for almost 11 hours, affecting more than one billion customers around the world.

Cyber crooks are always looking for ways to exploit the latest, most innovative technologies to carry out attacks like those we saw just a few hours ago. Are we in the Age of Internet Attacks? The latest PandaLabs Quarterly Report already warned of the huge number of large-scale distributed denial-of-service (DDoS) attacks that have been occurring over the last few months, and the way many of them are exploiting botnets made up of not only computers but also smart devices like IP cameras.

The recent DDoS attacks reflect the new approach taken by Black Hat hackers when it comes to launching new, more devastating campaigns that combine everyday devices and malware to form highly dangerous armies ready to launch DDoS attacks.

Probing Internet defenses

Just one month ago, security guru Bruce Schneier, published an article with the most revealing title: ‘Someone Is Learning How to Take Down the Internet.’

The recent examples of denial-of-service attacks flood servers with useless traffic that overburdens Internet bandwidth and prevents legitimate users from accessing targeted sites. Attacked servers become saturated with the huge number of requests.

The article explained that the best way to take down the Internet is through a DDoS attack like the one suffered by Dyn, and how some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks, in what seems to be an strategy to gather information and see how well these companies can defend themselves.

A few weeks ago, the website of Brian Krebs, a US journalist specialized in computer security issues, was taken offline as he fell victim to the largest DDoS attack to date. He was only able to go back online after Google came to the rescue.

This attack adds to the list of those suffered by a number of tech giants over the last few months, such as the hack of 500 million Yahoo accounts back in September, or the theft of 60 million  Dropbox user IDs and 100 million LinkedIn passwords.

It is precisely the success of the Internet, with billions of connected devices worldwide, that makes it so appealing to criminals willing to exploit its vulnerabilities. Many of these devices lack basic security measures, making them easy prey for hackers and, in this context, any organization, media company or social networking service can become the victim of the next attack.

 

The post The Internet collapses, brings the world to a halt for a few hours appeared first on Panda Security Mediacenter.

US presidential debates and cyber security.

pandasecurity-us-election-cyber-security

What we’ve learned from the first two debates and what to expect from the last one?

One of the major questions discussed during the 1st presidential debate between Donald Trump and Hillary Clinton was about cyber security. We were secretly hoping that questions about cyber safety will be part of the topic list in the 2nd debate too but unfortunately this was not exactly the case.
Discussions around Donald Trump’s recently leaked “locker room talk” recording ended up being a bit more entertaining for the moderators than the cyber future of the free world. However, we hope the cyber security topic will be discussed again in the third and final presidential debate scheduled for later today.

The next president of the United States of America will have to make some hard decisions. See what they are below;

Government and private institutions are under attack!

Both candidates admitted that there is a 21st century war that is happening right now and right here in the USA. Even though that USA is certainly one of the dominating powers in this area, secrets are being stolen from both public and private sectors on a daily basis.

Hundreds of thousands of people and businesses are being affected by cybercrimes every year.

Who is behind it and how to tackle the problem?
According to Hillary Clinton, the threat is coming from organized cyber gangs as well as states. Even though there is no hard proof, there’s been speculation that North Korea, Iran, Russia and China have been behind some of the cyber-attacks executed on US soil. How are these issues going to be dealt with? Stay tuned.

How dangerous are whistle-blowers?

This is the question we will most likely see tonight. Pressuring Ecuador to cut off the internet of Julian Assange is not doing USA any good. Countries such as Russia welcome whistle-blowers. Are whistle-blowers heroes protecting the first amendment or traitors? We would love to hear the thoughts of the next president of the USA.
Being president of the free world is arguably one of the toughest jobs in the world.

Just one thing is sure, the debate later today will be fierce!

The post US presidential debates and cyber security. appeared first on Panda Security Mediacenter.

This palm-sized device will supersize your security.

Panda-Security-ORWLWouldn’t you like to get your hands on a tough little device that will boost your business’s security? Meet ORWL, a circular computer device that is engineered to top-off your computer’s security.

A great number of companies have been victims of data leaks because of an insider or cybercriminal who had physical access to their computers or devices. Once a cybercriminal entered your computer, they can access the internals of your computer, tap and leak information, and even hide malicious eavesdropping devices.

After two years of work and a successful crowdfunding campaign, the company Design Shift has designed a device that can identify attack attempts. It prevents undetected tampering of its electrical components and, if tampering is detected, the device immediately erases all data (even when the device is unplugged).

It also acts like a safe vault for your information, only allowing access to your system once the device is unlocked with both a physical key and a password. If the physical key is far from the device, the USB ports automatically deactivate, preventing a cybercriminal with physical access to infect it with malware. ORWL also verifies the integrity of all firmware prior to boot, using a battery-backed secure microcontroller. ORWL isn’t just robust, it’s pretty much impenetrable.

This super-secure computer is complex, but it’s also an open source product, and its inner workings are available for everyone to see.

We continue to witness a large number of sophisticated cyberattacks on banks and ATMs due to a combination of system vulnerabilities and insiders with physical access.  ORWL answers a large part of our problems in terms of physical attacks. In respect to software, which is always a weak point, you can ensure your security and make yourself indispensable with the right kind of solution.

 

 

 

 

The post This palm-sized device will supersize your security. appeared first on Panda Security Mediacenter.