Tag Archives: featured1

Panda Security

Update Right Away or Wait it Out? Android’s Big Dilemma

Leave a comment

If your employees are like most users, they most likely postpone updates for their OS. In other words, your company’s mobile fleet could be at risk. This is especially true if they are using Android devices. When the famous little green robot gives a notification of the update, a good deal of people wait for other users to try it first and then gauge their reaction.

It seems sensible enough, but this practice could put your company’s security in danger. First of all, phones with Android are more susceptible to break-ins than ones with iOS. Then there’s the fact that most corporate phones are equipped with Google’s software, which in itself involves a risk — the good people at Mountain View take longer than Apple to launch updates with security patches when a vulnerability is detected.

So Google lags in its response to threats, but the fragmentation of Android devices makes the response time even longer. It’s not enough for Google alone to launch its update, but will later have to be adapted to the specific make and model that your employees are using. Ultimately, an Android patch takes long enough to arrive without the added time of the user postponing an update.

On the other hand, it is true that some people recommend letting some time pass to see how each individual phone reacts to a new update. This advice, which in principle is completely inadvisable for corporate security, does in fact have a reason for being. Some mid-range models could potentially lose some performance or even some functions when a new OS is installed.

Tips on How to Safeguard Your Corporate Devices

The need to protect the confidentiality of corporate data is underscored by this seemingly quotidian matter. For one thing, it’s crucial that employees have a powerful and recent mobile device so as not to run any risks when updating. Also important is that they always have at their disposition the right protection.

The bottom line: your employees should update their mobile software as soon as it’s available. You should also recommend that they make backup copies beforehand. Doing so will reassure them that there is no risk of losing anything. Finally, they should delete cached data to prevent their device’s losing performance. No stone should go unturned in the protection and safeguarding of your company’s data.

The post Update Right Away or Wait it Out? Android’s Big Dilemma appeared first on Panda Security Mediacenter.

Panda Security

Attacks That Change the Course of History

Leave a comment

Data theft is steadily refashioning itself as a political weapon. This past December, Barack Obama took advantage of his final days in office to take retaliatory measures against Russia. The Obama administration attributes to its Muscovite counterpart the cyberattacks carried out over the course of the recent presidential elections whose goal it was to tip the scales in Donald Trump’s favor for the presidential bid.

In an official statement, Obama announced the measures that include the expulsion of 35 Russian operatives and the introduction of new sanctions against certain people and organizations, including the two primary governmental espionage agencies.

The still-president Obama made this decision despite the Kremlin’s denial of its participation in the cyberattacks against the Democratic National Committee and other organizations in the Democratic Party. These cyberattacks came in the form of a massive email leak (containing many messages that damaged Hillary Clinton’s image), divulged by WikiLeaks to the media and considered to be a crucial element in the results of the election.

Shortly after the White House announcement, the FBI and the NSA published a report accusing Russia of the leak, which affected not only the Democratic Party but also John Podesta, chairman of the Clinton campaign. The document includes technical details of the tools and infrastructure presumably used by Russian intelligence services to “to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities”. These latter victims remain unnamed.

According to the report, that initiative was part of a broader plan that included attacks against other political organisms, corporate infrastructures, data processing centers, universities, and big businesses.

What Targeted Attacks Came Into Play?

The analysis alludes to two kinds of “spear phishing” attacks, a term which refers to fraudulent emails sent from addresses that belong to or seem to belong to one of the victim’s contacts. The first of them came about in the summer 2015. It was directed toward at least one person from a “U.S. political party”, who received an email with attachments that activated a malware download. This was then able to spread itself throughout the system and “exfiltrate emails from several accounts”.

In September of this year, the FBI warned the DNC for the first time that their systems were under attack by a group known as “the Dukes”, with ties to the Russian government.

The second attack took place in the spring of 2016. This time, the report tells us, the attacks consisted of mass emails requesting a change of password from users, a strategy used to access partymembers’ email accounts. While the investigations are underway, Trump continues to deny that the Russian government had anything to do with the intervention made on his behalf.

There is no doubt that with these and other recent developments in the field of cyberattacks, protecting ourselves and our future is key. Over the coming months we will begin to see more and more news on this prickly subject, a clear example of the influence that hacktivism and cybercrime can have in the geopolitical sphere.

Targeted attacks are commonplace. The only way to face them down is with an advanced cybersecurity solution like Adaptive Defense, keeping your company safe from the sorts of silent breaches that can happen without anyone noticing. Until it’s too late.

The post Attacks That Change the Course of History appeared first on Panda Security Mediacenter.

Avast

A new Locky ransomware attack is coming

Leave a comment

Locky ransomware, a variant of ransomware that scrambles your files, changes all the names, and then demands payment to unscramble them and release them back to you, has taken a holiday of sorts. Avast detection of Locky shows that attacks have slowed down considerably during the days before Christmas through New Year and leading up to Eastern Orthodox Christmas, which is celebrated in Russia on January 7.

Panda Security

The Dangers of the New Windows 10 Update System

Leave a comment

The latest version of the Microsoft OS has become once again a topic of discussion, and this time it may carry bad news for your company’s security. As the cybersecurity expert Sami Laiho revealed on his blog, every Windows 10 update poses a serious risk. Namely, while your system updates, anyone can take control of your corporate computers.

This is a big issue and it has been there for a long time,” explains Laiho. This serious flaw comes into play when the OS restarts after installing a new update. Once the system is being updated, all you need to do to gain control of it is to push Shift-F10 to access the command prompt with admin level clearance.

In light of this, the dangers that your company faces are multifaceted. Indeed, any employee can take control of their computer as administrator, access confidential documents, or access the corporate network and create a serious problem from within the company itself.

Laiho points out that it is not necessary to use any specific software to carry out this cyberattack. Just that innocent combination of keys is enough to sow chaos. As if that wasn’t enough, the threat is not limited to those who have physical access to the computer: “An external threat having access to a computer waits for it to start an upgrade to get into the system,” explains Laiho.

Microsoft is apparently working to fix this serious flaw. Meanwhile, the most important thing to prevent threats is to rely on an adequate security solution, and not to postpone Windows 10’s tedious updates.

Forget about how long the update takes. Ideally you would authorize it immediately and stay with the computer at all times. This is the only way to be sure that no bystanders take the driver’s seat of your computer. It is obviously very important to explain this to employees.

In the meantime, we’ll have to trust that they will not commandeer the system themselves and wait for Microsoft to resolve this critical vulnerability.

 

 

The post The Dangers of the New Windows 10 Update System appeared first on Panda Security Mediacenter.

Panda Security

Five Takeaways from the Security Crisis of 2016

Leave a comment

This year we have witnessed Yahoo acknowledge the greatest data breach in history. In September, the Internet giant admitted to the theft of at least 500 million email addresses, passwords, usernames, dates of birth, phone numbers, and, in some cases, security questions with their corresponding responses. Shortly thereafter, in December, the company announced that up to 1 billion accounts may have been compromised in a different breach.

This wasn’t the only major security crisis of 2016. The personal data of Snapchat employees (names, Social Security numbers, salaries…) fell in the wrong hands because of a con known as “whaling”. Cyber criminals impersonated Evan Spiegel, the company’s CEO, in order to obtain the data in question.

The credentials of 117 million LinkedIn users, 68 million Dropbox users, and 1.5 million Verizon customers also fell into the hands of cybercriminals, some of which went up for sale on the dark web. There are a few lessons we can learn from this and other unsettling news items we’ve seen in 2016.

1- No Password is Safe

At this point, following the theft of such an enormous quantity of information, one can assume that any password that is a couple years old is compromised. There is no service that is significantly safer to use than others, and none that we should trust blindly. It follows that the most sensible thing to do is to change all passwords that have been in use for a period of time. Reusing passwords unnecessarily puts the user at risk.

2- Security Questions Are Part of the Problem

As soon as they learned about their data breach, Yahoo disabled security questions like “when is your mother’s birthday?” and “what color was your first car?”. It’s no longer only a matter of whether the answers can be found by digging into potential victims’ profiles on social networks, but also of the fact that many answers have been directly stolen. Unlike passwords, this kind of data does not change. Substituting it for false data would be tantamount to creating a second password. In other words, the risk of forgetting it is still there, which obviously defeats its purpose as a means of password recovery. The remedy becomes worse than the original problem.

3- Delete Registration Emails

Cybercriminals place increasingly more value on web users’ emails and passwords. This comes as no surprise, since emails can be the door to many other things. If your password is stolen from one service, and you use the same one for email, intruders will have access to whatever recovery email they need for any other service you have an account at. What’s more, they can look through old messages for registration emails to find out where you’ve been signed up before. This is easily avoided by deleting registration emails as soon as you receive them.

4- Bigger Fish to Fry?

If you’re running a company, however small, don’t make the mistake of thinking that data theft only affects the giants. In fact, it’s easier and more profitable for cybercriminals to target small business. Not only have attacks on small businesses been on the rise, but also their consequences are much more severe. The smaller the company, the greater the risk of a security crisis wiping it out.

5- Be Transparent and React Quickly

If the worst should happen, notifying your customers or users that their confidential information has been stolen should not be taken lightly. It’s important to let them know right away, with as much detail as possible and without downplaying the potential risks. Hiding or disguising the truth can only make things worse. For starters, those who have been affected will not be able to change their passwords as quickly as they should. Finally, your credibility is at stake. The damages done to it will grow the more time that passes between the breach and your announcement of it.

 

The post Five Takeaways from the Security Crisis of 2016 appeared first on Panda Security Mediacenter.

Panda Security

How Fraudulent Advertising Could Be Costly to Your Company

Leave a comment

Your company may be losing money because of online advertising. Beyond the success of advertisements when it comes to converting marketing budgets into sales, a singular type of cyberattack threatens to directly affect your company’s accounts.

Namely, there exist networks of bots that are used to inflate the number of clicks that ads receive. These botnets enable fraudsters to manipulate web advertising metrics, which in turn leads advertisers to pay more than what they should for legitimate clicks.

A recent study reveals the worrying consequences of this subtle kind of fraud. All over the world it has already cost businesses more than $7 billion, bloating advertising figures spectacularly and making up 11% of banner impressions and 23% of video advertisement impressions.

The main problem of this cyberattack in relation to other threats on the web — such as phishing and ransomware — is that it goes completely unnoticed. After infecting devices, cybercriminals are able to discreetly redirect traffic to simulate ad clicks. Since these are real devices owned by real people, advertisers are unaware that behind their ads’ success lies an army of bots.

So, it seems like nipping the problem in the bud may be complicated (at least from the advertiser’s perspective, who is billed according to these metrics, rigged as they may be). However, there are several things that companies can do, such as using quality advertising platforms that offer certain guarantees and that have demonstrated their willingness to persecute those responsible for these botnets.

Beyond that, it’s important to use ad metrics to check the duration of the visit to the webpage and the geographic location from which the supposed clicks are originating. This could be used to expose the fraud. Visitors that enter the page for only a fraction of a second or that do so from a faraway country that has little reason to be interested in the product will, most likely, be infected devices in the botnet.

The same thing happens with botnets used to make social network ad campaigns more expensive. These campaigns are likely orchestrated by a competitor with the intention of making advertising more expensive. In fact, they are relatively easy to track. If a wave of phantom followers appears out of the blue (without profile photo and with strange names), it most likely fraudulent.

The post How Fraudulent Advertising Could Be Costly to Your Company appeared first on Panda Security Mediacenter.