Tag Archives: featured1

Panda Security

Panda Security: 25 years fighting against malware – Infographic

Already 25 years together? It seems like yesterday when a group of friends in Bilbao started this adventure! Who would have thought that, 25 years later, we would be present in over 80 countries and competing with the big boys. Constantly reinviting ourselfs and always learning! We are nonconformists, and that’s what makes us constanly innovate our products, addapting as the World changes, faster and faster every minute. Since the pre-internet era, when viruses were transmited by disketts, to the present, the Internet of Things era, when we are surrounded by a multitude of always-connected devices. Panda Security has been here protecting us!

Let’s go Panda! For another 25 years together!

panda security 25 years malware

Our technology

  • 1998. We lunch the 1st antivirus with a daily signature file.
  • 2004. We launch the 1st behavioral scan.
  • 2007. We develop the 1st Cloud scanning product.
  • 2009. We launch the 1st antivirus in history to protect from the Cloud.
  • 2010. We become the 1stsecurity company with a completely Cloud-based offering.
  • 2011. We launch a console for partners to manage their customers’ complete life-cycle & security.
  • 2012. We launch the 1st SaaS security solution for endpoints & Exchange servers.
  • 2013. We are the 1st developer to propose a disruptive security model based on Cloud Computing, Big Data and Behavioral Analysis.
  • 2014. We launch the 1st security service that ensures all running processes.

Malware Eras

  1. Entertainment Era: From 1971

Viruses were created for fun, some of them highly damaging and others harmless, but they were designed for nothing more than to entertain their creator. They spread slowly (months, or even years) as they were distributed via floppy disks.

  1. Macro Era: From 1996

The Internet became more popular and we started to see viruses that altered or neutralized the macros’ functions. These viruses spread through documents or were downloaded by clicking on a banner or file attached to an email.

  1. Helminthic Era: From the end of 1998

The Internet was becoming increasingly widespread, and the first email worms started to appear. Although the distribution of these worms was limited, the “I Love You” virus got to be sent to numerous email contacts, saturating the Internet.

  1. Automat Era: From 2003

The appearance of “Blaster” in 2003 heralded the emergence of network worms; this new kind of threat didn’t require user intervention to infect computers.

  1. Usurper Era: From 2004

As network and email worms infected millions of computers around the globe, we began to see the first examples of malware created by cyber-criminals for financial gain: banker Trojans. The first phishing attacks were carried out.

  1. Institutional Era: From 2007

In 2007 we saw the first massive cyber-attack on a country; Estonia was the victim of a massive attack that took down Web pages and services of the national parliament, banks, ministries, newspapers, etc. The attack originated in Russia.

One year later, before the Russian invasion of Georgia, a cyber-attack was launched that completely isolated the country from the Internet.

  1. Hacktivism Era: From 2010

Anonymous launched campaigns against different organizations. And large companies started to fall victim to attacks (in 2011 accounts were hacked and data was stolen from Sony PlayStation Network, RSA Security, etc.).

  1. Advanced Era: From 2013

Money or political interests motivate everything: widespread ransomware campaigns (CryptoLocker, TorrentLocker, CTB-Locker, etc.), highly sophisticated banker Trojans, attacks on large organizations, including point-of-sale terminals, APTs (Advanced Persistent Threats), etc.

Want to share this infographic? Here is the code!

The post Panda Security: 25 years fighting against malware – Infographic appeared first on MediaCenter Panda Security.

Panda Security

Car to car: Internet-connected cars. Will they be the main cause of accidents in the future?

car to car

Smartphones, watches and a thousand home appliances. More day-to-day objects are connected every day. But the Internet of Things also runs on four wheels. Tomorrow’s cars will not be flying cars, as science fiction movies have told us, but their future lies in the Internet.

Cars will connect to one another to share information and they will also be connected to infrastructures to obtain data of interest in real time.

If the next revolution in automobiles will come from Car-to-Car (C2C) and Car-to-Infrastructure (C2I) connections, automakers will need an army of cyber-security experts to safeguard the cars of the future. If they can connect to one another, they will also be vulnerable to cyber-attacks.

car to car map

So far, cyber-security does not seem to be a strong point of the intelligent cars currently on the market. For example, a 14-year-old boy managed to gain wireless access to the brain of one of these cars using a $15 (just over €13) circuit board.

He achieved this feat at a hackathon organized a few weeks ago by Delphi, a US company that makes electronic systems for vehicles.

During this hackathon, the participants —the majority of them students— demonstrated that intelligent vehicles are not immune to IT attacks. They also showed that some of these vehicles can be opened (or even started) even though they are locked.

Internet-connected cars

The cars of the future will be a clear target for cyber-criminals, as not only will they be able to cause a large number of accidents by hacking the brain of these vehicles or steal them without needing to break the windows and hotwire them; the vulnerability of these cars will allow them to steal large amounts of data and wreak havoc in cities.

car to car accident

C2C and C2I systems will allow vehicles to constantly share information. Sharp breaking, breakdowns, traffic jams or the duration of traffic lights will be some of the data that could circulate through short-range wireless networks or simply through the car’s Internet connection.

A cyber-attack could turn one of these intelligent cars into the gateway to any information network connected to the vehicles, from the power grid to the system used by the police or the traffic light network in a city.

The solution lies in manufacturers of intelligent cars considering security and developing systems that detect which cars have been hacked in order to isolate them from the rest of the network.

There are many suggestions, such as installing security chips like those used on credits cards, or creating new software or hardware that establishes secure connections.

The post Car to car: Internet-connected cars. Will they be the main cause of accidents in the future? appeared first on MediaCenter Panda Security.

Avast

5 ways to thwart the thief who stole your Android

Avast Anti-Theft is free

Remote recovery options help you keep control of your device, even when it’s lost.

Avast Anti-Theft is a free app designed for Android smart phones and tablets. It’s main purpose is to help you locate your lost or stolen mobile device, allowing you to track it on a map and control it remotely. You recover your phone by controlling it remotely with SMS commands or via the internet by logging in to your My Avast account.

If your phone is lost or stolen, here are some things you can control remotely:

  1. 1. Locate your device on a map – Whether you misplaced your phone, left on the bus, or a thief grabbed it and ran, the GPS on your phone can be enabled so you can receive continuous GPS location updates.

Avast Anti-Theft user Ducky Boy wrote about his experience finding his phone that he dropped on the highway while riding his motorcycle using the GPS feature. Read about it in On the road with avast! Mobile Security.

  1. 2. SIM card change notification – Thieves usually change the SIM card after stealing a phone. Anti-Theft recognizes when this happens and notifies you of the new number and geo-location so you can maintain contact with your phone.

Partier and Avast user Andreas lost his phone during a particularly fun party. The next morning he remembered he had installed Avast Anti-Theft. Here’s how he got his phone back, Don’t be sorry for party rocking – install Avast Anti-Theft!

  1. 3. Activate the remote siren – Scare the wits out of the thief by activating an extremely loud siren with an SMS command. We guarantee that everyone will hear it. When the thief tries to turn it down, it goes to maximum volume.

Our Avast Communications team decided to try out the siren just to see how loud it really got. Believe me, it was loud. And annoying. We quickly learned How to turn off Avast Mobile Security’s Anti-Theft Siren.

  1. 4. Call/SMS forwarding – We took a page from the spy handbook with this feature! You can instruct your phone to call you, with screen blacked out, so you can silently listen in on the thief and obtain details of calls made and received as well as copies of text messages.
  1. 5. Remote Memory Wipe – If all hope is gone, you can still protect your privacy by remotely triggering a full, permanent wipe of all phone data (contacts, call log, text messages, browser history, apps, email accounts), including reliable, physical wipe of memory cards (limited functionality on older versions).

This step is super important even if you didn’t lose your phone. We did an experiment where we bought 20 used phones from eBay and found all kinds of personal stuff including nude photos, private messages, even financial documents! Here are the details about what we found, Tens of thousands of Americans sell themselves online every day

Anti-theftPrepare yourself before disaster strikes

Hopefully, you will never need to use Avast Anti-Theft, but it’s best to be prepared just in case something bad happens. You can install Avast Anti-Theft for free from the Google Play Store along with Avast Mobile Security.

Now that you have Avast Anti-Theft  on your phone, there are a few things you need to set up. Learn what you need to do here, How to set up your smartphone for remote control.

 

Panda Security

How to manage your clients cycle of life with Panda Cloud Partner Center!

Enterprises security expenses continue increasing. How can Panda Cloud Partnet Center help you? It’s the tool that enables you to know your clients’ status.

Panda Cloud Partner Center offers an increasing benefits solution as part of a business management group plan.

Would you like to be a partner of Panda Security?

The post How to manage your clients cycle of life with Panda Cloud Partner Center! appeared first on MediaCenter Panda Security.

Panda Security

Fusion: Cloud Security, Management and Support

Do you need a security solution capable of protecting, managing and remotely supporting all devices on your IT network, including smartphones and tablets? If so, meet Panda Fusion.

Panda Fusion is a cloud-based solution that meets all your needs, and is easy to deploy and scale as it doesn’t require maintenance or infrastructure investment. Available anytime, anywhere through a simple web browser.

Try now Panda Fusion and discover its benefits:

  • It offers maximum protection against malware and unknown threats.
  • It reduces costs through optimization of your IT infrastructure.
  • It provides an optimal support experience, through proactive problem resolution and remote, non-disruptive access to their devices, wherever they are.

Want more information?

Cloud-based solution

Want to share this infographic? Here is the code!

The post Fusion: Cloud Security, Management and Support appeared first on MediaCenter Panda Security.

Avast

Don’t be sorry for party rocking – install Avast Anti-Theft!

Andreas L. lost his phone at a party, but that’s not the end of the story. Avast Anti-Theft helped him find the thief and get his phone back.

A lot can happen when you go to a party: you may bump into old friends, make new ones, or dance like there is no tomorrow. Losing track of your personal belongings can also happen when you party, which is exactly what happened to Andreas from Bangkok.

Andreas recently commented the following on our Facebook page:

// <![CDATA[
(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = “//connect.facebook.net/en_US/all.js#xfbml=1”; fjs.parentNode.insertBefore(js, fjs);}(document, ‘script’, ‘facebook-jssdk’));
// ]]>

Post by Andreas Luck.

We were happy to hear Avast Anti-Theft helped Andreas get his phone back and asked him what happened and how exactly he used Avast’s features to get his phone back. Here is his story:

Andreas went to a party in Bangkok where he made new friends, had a few drinks and at the end of the night Andreas responsibly took a taxi home. When he woke up the next morning he realized that every smartphone owner’s worst nightmare had happened to him, his phone was missing! Losing a smartphone is not only frustrating because the hardware is expensive, but because it contains so much personal information.

Avast Anti-theft can help you find your lost phone.

Find your lost phone with Avast Anti-Theft like Andreas did.

Avast Anti-Theft to the rescue!

While Andreas worried about his phone, he received a message from Avast. The message informed him that his phone’s SIM card had been changed and provided him with the new SIM card’s number and service provider. That is when Andreas realized he could use Avast’s other anti-theft features to GPS locate his phone and perform commands like wiping his phone remotely. Luckily, Andreas did not have to go as far as wiping his phone, but the option did help him in his efforts to get his phone back.

I will look for you, and I will find my phone

With his phone’s new number in hand, Andreas called the thief to confront him and demand he return his phone. Andreas let the thief know that he knew his location (and more) and could render the phone useless and go to the police if the thief did not cooperate. The thief gave in and sent Andreas his phone.

Andreas’ story is one of many lost and found stories we have received from Avast Anti-Theft users and each story gets more interesting! From this experience we can only recommend partiers install Avast Anti-Theft before going out, we will have your back so you can party worry free!

You can install Avast Anti-Theft for free from the Google Play Store.

If you have a story to share, write us on our Facebook or Google+ page. We could share it in our blog.

 

Avast

Why you need to protect your small business from hackers

Avast Free Antivirus protects small and medium sized businesses for free.

IT pros have used Avast Free Antivirus at home for years. It’s not a huge leap to use free Avast for Business at their place of business.

Small and medium-sized businesses face a challenge when it comes to keeping their data secure. Many companies don’t have the budget to hire a Managed Service Provider (MSP) to take care of their IT needs, and often, they think they do not have enough knowledge or time to handle it themselves, therefore the path of least resistance is to not have any security at all. At the very best SMBs use a consumer version of antivirus software.

But these days, neither of those options is a good idea. Having no protection leaves you too vulnerable, and the problem with using a consumer product in a work environment is whoever is managing the network cannot look across all computers at once and implement policy changes or updates.

Do hackers really target small businesses?

The media coverage of big time data breaches like Target, Neiman Marcus, and Home Depot may have many SMB owners thinking that they are not at risk, but even small and medium-sized businesses need to make sure that their data and that of their customers is protected.

Here’s a statistic that should get your attention: One in five small businesses are a victim of cybercrime each year, according to the National Cyber Security Alliance. And of those, nearly 60% go out of business within six months after an attack. And if you need more convincing, a 2014 study of internet threats reported that 31% of businesses with fewer than 250 employees were targeted and attacked.

Why do hackers target small businesses?

Hackers like small businesses because many of them don’t have a security expert on staff, a security strategy in place, or even policies limiting the online activity of their employees. In other words, they are vulnerable.

Don’t forget that it was through a small service vendor that hackers gained access to Target’s network. Hackers may get your own customer’s data like personal records and banking credentials and your employee’s log in information, all the while targeting the bigger fish.

While hackers account for most of the data lost, there is also the chance of accidental exposure or intentional theft by an employee.

Avast for BusinessWhat can I do to protect my small business?

For mom-and-pop outfits, Avast for Business, a free business-grade security product designed especially for the small and medium-sized business owner, offers tremendous value. The management console is quite similar to our consumer products meaning that the interface is user-friendly but also powerful enough to manage multiple devices.

“Avast for Business is our answer to providing businesses from startup to maturity a tool for the best protection, and there’s no reason for even the smallest of companies not to use it, because it starts at a price everyone can afford, free,” said Luke Walling, GM and VP of SMB at Avast.

Some companies may still opt to pay for a MSP, and in many cases, especially for medical or legal organizations, handing over administration to a third-party may be a good way to go. Either way, our freemium SMB security can be used, and if you use a MSP then the savings can be passed on to you.

Is free good enough for a business?

Many IT professionals have been using free security on their home computers for years. It’s not such a huge leap of faith to consider the benefits of making the switch in their businesses as well.

“I have been using Avast since 2003 at home, with friends, with family. You really come to trust and know a product over the years. It lends itself to business use really well, nothing held back,” said Kyle Barker of Championship Networks, a Charlotte-area MSP.

How do I get Avast for Business?

Visit Avast for Business and sign up for it there.

Panda Security

Skype worm reloaded  

skype scam

Skype worms are not exactly new anymore (unfortunately).

Scenario is simply: someone on your friends list got infected and is now sending you a link to a ‘funny image’ or pictures of you. In this case, you are being baited by a video of you. Let’s just hope it’s nothing embarrassing ;)

skype worm

Lol! Seems like there’s a cool new video of you going around.

When visiting the (totally not malicious looking) link, you get a video, but apparently you need to download a plugin first:

malicious link

When you click on Install plugin… a new file called ‘setup.exe’ gets downloaded. It’s actually simply a self-extracting archive which contains a file named: ‘setup_BorderlineRunner_142342569355180.exe’

When running the setup.exe file:

skypefall setup

It almost seems like we’re installing legitimate software, SkypeFall version 1.0. Almost.

Clicking Next, Next, Next in the setup wizard, nothing much seems to be happening, but in the background there’s quite a lot going on:

skype setup wizard

A new file called ‘SkypeFall’ is dropped and a new DLL is being registered. Afterwards, two new processes are now active in memory: SkypeFall.exe and rundll32.exe, in which the latter is actually running the DLL BorderlineRunner.dll.

Files are being created in both respectively %programfiles%BorderlineRunner and %appdata%SkypeFall. A new service is also registered:
HKLMSystemCurrentControlSetServices6b57ae94

Afterwards you’ll spam all your friends with the same message as well, following the pattern:
skype scam

 

We detect this malware as:

W32/Skyper.A.worm

IOCs

Domains:

hxxp://24onlineskyvideo.info

hxxp://24videotur.in.ua

hxxp://deepskype.net

hxxp://factorygood.net

hxxp://ironskype.net

hxxp://letitskype.info

hxxp://letskype.net

hxxp://popskypevideo.net

hxxp://popvideoskype.com

hxxp://popvideoskype.info

hxxp://popvideoskype.net

hxxp://skypepopvideo.net

hxxp://skypepopvideo.net

hxxp://skyvideo24.in.ua

hxxp://skyvideo24online.in.ua

hxxp://skyvideo24online.ru

hxxp://skyvideotape.in.ua

hxxp://skyvideotape.ru

hxxp://someskype.com

hxxp://someskype.net

hxxp://techine.info

hxxp://techine.net

hxxp://videosk.in.ua

hxxp://videosk.info

hxxp://videoskype.ru

hxxp://videoskype24.ru

hxxp://videoss.in.ua

Hashes (SHA1):

b6f690849e9ed71b3f956078934da5ed88887aa3

42c685ac60555beaacd5e07d5234a6600845e208

dfb9bfb274e9df857bb0fae02ba711e62a2a9eb6

726db7f1c956db8c5e94d21558cbbe650b949b7e

How to avoid the malware W32/Skyper.A.worm

  • Never click on unknown links, especially when a friend sends you a generic text saying there are pictures or videos of you going around. If you’re really curious, ask them first what’s it about. Better be safe than sorry.
  • Don’t be fooled by known icons or “legit” file descriptions, this can easily be altered.
  • Even if you clicked the link and you’re not suspicious, you should be when a file is downloaded and no pictures are shown, but just an EXE file.

The post Skype worm reloaded   appeared first on MediaCenter Panda Security.

Panda Security

Watch out! WhatsApp Calling, the new WhatsApp scam!

whatsapp voice calls

Since WhatsApp announced that they were adding free voice calls to its services, cybercriminals have been trying to take advantage of it, and they have done it!

How are they doing it? Via a WhatsApp message wich invites the users to “try” the voice calls. If you get it, just ignore it!

Congratulations!! You’ve been invited to try Whatsapp Calling! Invite Your 10 Activate WhatsApp Friends to Activate Whatsapp Calling”.

whatsapp calling scam

Our collegues of Softonic have tried it and, obiously,  it turned out to be a scam. By clicking on the link you are redirected to a fraudulent site in wich after inviting ten friends you will be able to make voice calls via WhatsApp.

As you can imagine, by doing so, not only you won’t be able to call anyone, but you will be sending spam to those ten friends you chose!

We know you are eager to make calls via WhatsApp, but don’t be anxious! The safest way for installing this option will be when the own app informs you that you can make voice calls free of charge!

The post Watch out! WhatsApp Calling, the new WhatsApp scam! appeared first on MediaCenter Panda Security.

Avast

Malvertising is bad for everyone but cybercriminals

One rotten malvertisement not only ruins the bunch, but can damage your SMB's reputation.

One rotten malvertisement not only ruins the bunch, but can damage your SMB’s reputation.

Malvertising, sounds like bad advertising right? It is bad advertising, but it doesn’t necessarily include a corny jingle or mascot. Malvertising is short for malicious advertising and is a tactic cybercriminals use to spread malware by placing malicious ads on legitimate websites. Major sites like Reuters, Yahoo, and Youtube have all fallen victim to malvertising in the past.

How can consumers and SMBs protect themselves from malvertising?

Malvertising puts both website visitors and businesses at great risk. Site visitors can get infected with malware via malvertising that either abuses their system or steals personal data, while businesses’ reputations can be tarnished if they host malvertisments. Even businesses that pay for their ads to be displayed on sites can suffer financial loss through some forms of malvertising because it can displace your own ads for the malicious ones.

To protect themselves, small and medium sized businesses should make sure they use the latest, updated version of their advertisement system, use strong passwords to avoid a dictionary attack and use free Avast for Business to discover and delete malicious scripts on their servers. Consumers should also keep their software updated and make sure they use an antivirus solution that will protect them from malicious files that could turn their PC into a robot, resulting in a slowed down system and potential privacy issues. Avast users can run Software Updater to help them identify outdated software.

How does malvertising work?

Businesses use ad systems to place and manage ads on their websites, which help them monetize. Ad systems can, however, contain vulnerabilities. Vulnerabilities in general are a dream come true for cybercriminals because vulnerabilities make their “jobs” much easier and vulnerabilities in ad systems are no exception. Cybercriminals can take advantage of ad system vulnerabilities to distribute malicious ads via otherwise harmless and difficult to hack websites.

Why cybercriminals like malvertising

Cybercriminals fancy malvertising because it is a fairly simple way for them to trick website visitors into clicking on their malicious ads. Cybercriminals have high success rates with malvertising, because most people don’t expect normal looking ads that are displayed on websites they trust to be malicious. Targeting well-visited websites, not only raises the odds of ad clicks, but this also allows cybercriminals to target specific regions and audiences they normally wouldn’t be able to reach very easily. Another reason why malvertising is attractive to cybercriminals is because it can often go unnoticed, as the malicious code is not hosted in the website where the ad is being displayed.

Examples of malvertising

An example of an ad system platform with a rich history of vulnerabilities is the Revive Adserver platform, formerly known as OpenX. In the past attackers could obtain administrator credentials to the platform via an SQL injection. The attackers would then upload a backdoor Trojan and tools for server control. As a result, they were able to modify advertising banners, which redirected site visitors to a website with an exploit pack. If the victim ran outdated software, the software would download and execute malicious code.

Another malware family Avast has seen in the wild and reported on that spread via malvertising was Win32/64:Blackbeard. Blackbeard was an ad fraud / click fraud family that mainly targeted the United States. According to our telemetry, Blackbeard infected hundreds of new victims daily. Blackbeard used the victim’s computer as a robot, displaying online advertisements and clicking on them without the victim’s knowledge. This resulted in income for botnet operators and a loss for businesses paying to have their ads displayed and clicked.