Small and medium-sized businesses (SMBs) are the biggest targets of cybercriminals, and they often don’t have the necessary budgets, people, processes, and products to protect themselves. Because of this, SMBs are increasingly turning their cybersecurity protection over to managed service providers (MSPs).
Tag Archives: featured1
New Security Measure in the US and UK: Tablets Banned on Some Flights
Laptops, handheld video games, cameras, tablets… unless it has some sort of medical use, all electronic devices bigger than a smartphone will be banned from the cabin of all flights originating in North Africa and the Middle East and bound for the US or UK.
The Trump administration announced the drastic measure, which will affect ten airports in Jordan, Egypt, Saudi Arabia, Kuwait, Morocco, Qatar, Turkey, and the United Arab Emirates.
According to the department of Homeland Security, terrorist organizations “continue to target commercial aviation and are aggressively pursuing innovative methods to undertake their attacks, to include smuggling explosive devices in various consumer items.”
The UK has adopted a similar ban against laptops and tablets. In this case, the measurements are specified and can only travel in checked luggage. The ban is effective for six countries in order to “maintain the safety of British nationals.” Recently, a bomb exploded on a Daallo Airlines flight that may have been hidden on a laptop, forcing the plane to make an emergency landing in Mogadishu.
Fear of Explosions… and Cyberattacks?
Even though the TSA (Transport Security Administration) hasn’t gone into detail about the ban, Kip Hawley, ex-director of the organization, defended the decision. According to Hawley, an explosive charge could be installed in a smartphone as well, but would be limited by size and insufficient to pose any major threat.
At the same time, a bomb in the cargo bay would be ineffective, since not only is it surrounded by suitcases that would stifle the blast, but is also itself highly reinforced.
Oddly enough, the decision arrived not long after the Federal Aviation Administration announced that lithium batteries presented the risk of catching fire while in storage under the plane. Some experts have criticized the new measures. Nicholas Weaver, researcher at the International Computer Science Institute, has taken the opposing stance that a bomb “would work just as well in the cargo hold.”
Weaver also points out that if hacking is the main concern, “a cellphone is a computer.” After the Germanwings accident, which took the lives of 150 people, some questioned whether a cybercriminal could be responsible. As of now, however, the threat of a cyberattack is still hypothetical. Indeed, it has only been demonstrated that control can be taken of navigation systems in a simulation environment.
Recently, a Spanish researcher discovered vulnerabilities in planes’ in-flight entertainment systems. The most damage he could do, however, was to turn on and off the lights, broadcast messages over the PA, or steal card numbers from passengers making in-flight purchases.
For the time being, it seems the fears of the US and UK are not based on a potential cyberattack, but rather on the stated concern about hidden explosives. As can be expected from sensitive policy decisions, however, neither London nor Washington are offering much in the way of details.
The post New Security Measure in the US and UK: Tablets Banned on Some Flights appeared first on Panda Security Mediacenter.
Why we (still) need World Backup Day
More than 40 years after the invention of the personal computer, it is astounding that we still need World Backup Day. This year’s event, which takes place on March 31st, the day before April Fool’s Day, ‘is a day for people to learn about the increasing role of data in our lives and the importance of regular backups.’ Here’s the key takeaway: You need to regularly back up your data because the chances of losing some or all of that data are high, and getting higher.
How safe are VPNs?
It’s a tough economy out there. Things are looking up, alright. But for some low-life criminals like Joe Crook, ANY work will always be too much work anyway. So what do people like Joe Crook do? They scheme. They’re on the lookout for the latest scam so that they can defraud you of your hard-earnt cash.
How does a vpn work?
Take VPN technology for example. For IT knowledgeable evil-doers, it’s as good a target as anything there is. The technology has been around for decades of course. In the beginning, it was meant for big businesses – and most probably it was never intended for the many purposes that it serves today (nope, it was not created with Netflix in mind!)
The original idea behind this technology was to create a private connection between multiple people and devices across the Internet. In other words, it was the Internet within an Internet: a secure, private and encrypted network keeping hackers, ransomware, prying eyes and anybody that was after your personal data.
In a way, VPN offered a perfect solution to those sharing sensitive data or looking to evade government censorship. VPNs typically allowed only authenticated remote access via tunneling protocols and other encryption techniques to prevent disclosure of private information. In short, no one knew where you surfed, what content you saw, nor where you were even surfing from. Your connection was fully encrypted!
VPN’s risks
But, sensing an opportunity, the Joe Crooks of this world came to realize people like Average Joe might have grown complacent in their use of VPN. For instance, millions connect to public Wi-Fi hotspots without thinking twice about the potential consequences. Fraudsters came to understand the technology’s possible weaknesses. And with over 280 million Internet users in the US alone, roughly 80% of which are using the web every single day, let’s just say there is plenty of fish to go after.
It’s not just traditional VPN that can be targeted
Research conducted just last year revealed that nine in 10 SSL VPNs were using insecure or outdated encryption. The large-scale study randomly scanned over 10,000 live and publicly-accessible SSL VPN servers (SSL refers to Secure Sockets Layer – it’s a form of VPN that can be used with a standard web browser).
Users’privacy
Although VPNs are meant to protect users’ privacy by setting up an encrypted tunnel between the device being used and the VPN provider’s servers, vulnerabilities are known to exist. Hackers like Joe Crook are keen to steal your data mid-transit and unfortunately are getting better at it.
So what more should you do to protect your privacy online?
When making payments online, are you unwillingly allowing hoodlums to help themselves to your credit card details? One thing for sure, our devices are getting more and more connected every day. Having access to a VPN should form part of your set of digital tools – though it isn’t a foolproof sort of firewall by any stretch of the imagination.
And for the highest level of protection look nowhere else but to Panda Security. We have developed a cyber-security platform designed to eradicate threats. Security systems are activated before threats are executed, and advanced protection for endpoints and servers helps destroy the malware before it’s too late. Now, that’s what we call protection!
We’d like to ask you about the VPNs, do you have 2 minutes ?
The post How safe are VPNs? appeared first on Panda Security Mediacenter.
Panda Security’s GDPR Preparation Guide Helps Ease the Transition to the New Regulation
There’s a new challenge that lies ahead for businesses that have operations within the European Union. The new General Data Protection Regulation came into effect on 25 May, 2016, and will begin to be enforced 25 May, 2018.
With the focus on protecting the fundamental rights and freedoms of natural persons and their right to the protection of personal data, the regulation establishes obligations and advantages both for private entities and public administrations.
Panda Security’s “Preparation Guide to the New European General Data Protection Regulation” introduces the new legislation to businesses before its application in 2018. Disregarding the application of the GDPR could lead to costly administration fines of up to 20,000,000 euros.
Panda’s objective is to address the need to adapt data security practices and thereby give its clients a competitive advantage.
How will the GDPR affect businesses?
One of the main points of the white paper is that taking action only when an infringement has already occurred is insufficient as a strategy, since such a failure can cause irreversible damage to interested parties and can be very difficult to compensate.
Here are some sanctions and other potential problems stemming from non-compliance with the GDPR:
- Direct or indirect economic repercussions. These could result from security incidents coming from outside the company or from a company’s own employees and collaborators.
- PR damages. Damages to your reputation could result from security incidents not properly being reported to the public.
- The loss of current or potential clients may occur when the company is unable to demonstrate that it is in compliance with the regulation.
- The risk of data-processing limits or bans imposed by data protection audits, which could affect the normal functioning of a company.
- The possible suspension of your service for your clients, which could induce them to leave your service or even take legal action.
- Reparations that interested parties will have the right to claim in case of infringement.
- Costly administration fines that could reach up to 20,000,000€ or 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.
Panda Security, a partner in compliance with the new law
For organizations dealing with data, prevention is the core element of the regulation. We underscore the importance of working with vision and anticipation as a competitive advantage in business strategy.
Businesses that have put their trust in Adaptive Defense are already well on their way to complying with the GDPR. It offers:
- Prevention: Adaptive Defense features an internal audit system to verify the security status of the IT infrastructure at any given time, even before the solution is deployed. In the implementation of the action plan for compliance with the GDPR, it proves to be an invaluable tool.
- Protection of personal data processed on a business’s systems, stopping, for example, any untrusted process from running.
- Risk reduction, key activity indicators, and endpoint status, which helps to establish security protocols.
- Tools to satisfy the requirement to notify authorities of security incidents within the first 72 hours after a breach·
- Control mechanisms and data management for the DPO, who will be notified in real time not only of security incidents, but also whether or not these incidents involve compromised personal data files.
The post Panda Security’s GDPR Preparation Guide Helps Ease the Transition to the New Regulation appeared first on Panda Security Mediacenter.
A backup plan can save you from ransomware [infographic]
Names like Locky and CryptoLocker are familiar due to numerous news reports, but if you haven’t heard of the growing threat of ransomware, here’s a quick summary: Ransomware is a type of malware that locks you out of your devices by encrypting your files. In return for access with the decryption key, it demands a payment, typically in bitcoin. In many cases, victims of ransomware cannot recover their files, so a backup is essential.
WYSIWYE: A User-Friendly Interface for Cybercrooks
What You See Is What You Encrypt.
The trend of installing malware on corporate networks through the Remote Desktop Protocol is booming among cybercriminals. In the last few months we have analyzed several cases of ransomware attacks directed at companies from different European countries that share this methodology and are being perpetrated by the same attackers.
Once credentials are obtained through a brute force attack on the RDP, the cybercriminals gain access to the computer.
At this point, when the goal is to deploy ransomware, attackers simply execute the corresponding malware automatically to start encryption and ultimately display the ransom message. However, here we can see a more personalized type of attack
In the intrusion analyzed, we see that the ransomware has an interface through which it can be configured according to the attacker’s preferences, starting with the email address that will appear in the ransom note that will be sent to the victim.
With this customized attack, it’s possible to hand-pick the network computers whose information the attacker would like to encrypt, choose files, self-delete upon completing the encryption, enter stealth mode, etc.
How to protect your business from customized attacks
The survival of any company in a digital environment calls for establishing a solid corporate network security strategy. Prevention in the face of unknown cybersecurity threats with the goal of neutralizing it as soon as possible, or blocking an attacker should he succeed in gaining entry to the system, plays a role of top priority today.
In the present case study, from PandaLabs we blocked attack attempts that used this form of ransomware against companies protected by Adaptive Defense in Germany, Belgium, Sweden, and Spain.
Here are the MD5s of the ransomware:
4C163E182FFBA6C87EA816B7D7A7D32B
D9489263DA3A5CA7E938315EFD32522D
A timely investment in prevention, detection, and response technologies, instead of adopting perimeter-based solutions, guarantees better preparation in the defense against cyberattacks.
The post WYSIWYE: A User-Friendly Interface for Cybercrooks appeared first on Panda Security Mediacenter.
‘Can you hear me?’ robocalls put consumers on alert [infographic]
I fell for it the first time I answered a call. A friendly female voice hesitated, then giggled the line, “Can you hear me?” After I answered, “Yes”, it took me a few seconds to realize I had been fooled. It wasn’t a silly girl with a bad connection calling me on behalf of Disney Vacations – I had just been targeted by a robocaller. By then it was too late.
Charger, the Most Costly Ransomware to Smartphone Users
Ransomware is evolving and becoming increasingly sophisticated, posing a greater threat to companies and private users alike. This malicious software has shown that it can propagate by using the viral mechanisms of a meme, that it can directly attack corporate servers, or even camouflage itself in false resumes. And now it has made its way to other devices, namely, our smartphones.
It is now the main threat to mobile devices, until now considered to be relatively virus-free compared with their PC counterparts. Recently, a new ransomware was discovered that goes by the name of Charger, which copies all the data from your agenda, text messages, etc., and seeks admin permissions from the devices owner. If the unwary user accepts the request, the malicious code begins its attack. A message warns the owner that their device has been blocked and their stolen personal data will be sold on the dark web unless they proceed to pay a ransom.
The Most Costly Ransom
Charger’s victims will have to pay 0.2 bitcoins (at about $1000 a bitcoin, it comes out to a round $200) to, supposedly, unblock their device. It may not be the first ransomware to affect smartphones, but never before has this figure been so high.
Also new is its means of spreading. Until now, most cyberattacks targeting mobile phones found their gateway in applications downloaded outside official app stores. With Charger it’s different. Charger attacks Android devices through a power saver app that could be downloaded from Google Play, Android’s official app store.
It is vital for employees to be aware of the dangers of downloading apps from unverified sources. They should also know that it’s not such a great idea to store sensitive corporate data on their computers or mobile devices without taking the proper security precautions. Keeping passwords or confidential documents on an unprotected device could end up giving cybercriminals just what they need to access corporate platforms.
We’ve said it before, and we’ll say it again: new attacks like these come about every day and can take anyone by surprise, be they casual users or security experts. The unpredictable nature of attacks like Charger make an advanced cybersecurity solution indispensable. Perimeter-based security solutions are simply not enough anymore.
The post Charger, the Most Costly Ransomware to Smartphone Users appeared first on Panda Security Mediacenter.
The worst passwords ever created
For many online services, the only thing keeping your personal data safe from hackers is a password. If a hacker can get hold of that password, they immediately gain access to the account.
Your choice of password is absolutely vital
Your choice of password is absolutely vital which is why most services force you to use a combination of letters and numbers to make it harder to guess. Despite this, many people continue to choose the same, easily-guessed passwords year after year.
Every year mobile app developer SplashData publishes a list of the 25 most common passwords worldwide. Not only are these passwords extremely simple to hack using automated cracking tools, but the fact they are so popular means that cybercriminals will try this list first.
The top 5 passwords
According to SplashData the top 5 passwords are:
- 123456
- password
- 12345
- 12345678
- qwerty
If any of these passwords look familiar, you could be in trouble.
Most people choose passwords very easy to remember
Most people choose these passwords because they are very easy to remember, and only take a second to type in. The fact that they are all letters or numbers, and all in lower case means that they require the minimum number of keypresses to enter – perfect for the small keyboards on smartphones.
Ignoring password best practice
When you first set up a new account online, you will be encouraged to choose a memorable word of phrase – preferably one that contains upper and lower case letters and numbers to make it harder to guess. But as we discussed on the Panda Security blog previously, these measures are not enough to fully protect yourself.
To increase security, upper and lower case letters need to be used in the middle of the password. They should also include special characters, like !?*(), making them almost impossible to guess. Not unbreakable, but certainly much more difficult.
Reusing passwords
The other major problem with SplashData’s list of most common passwords is that people tend to reuse them for all their accounts. So if cybercriminals gain access to your Facebook account using an easily-guessed password, they can then log into your email, online bank account, and virtually any other system.
More worrying still, if you use these same passwords at work, you place their systems and data at risk too. If the breach is significant, you could even lose your job.
Get creative with your passwords
Although you must include specific characters in your password, you can choose any word you like. Better still, you can string several words together to make very long, very complex password that is almost impossible to guess.
And if you must use the top 25 most popular passwords, try stringing several of them together instead. It’s not a perfect solution, but your password will be more secure.
Use a Password Manager
There are great security solutions that offer a larger degree of protection and include a password manager… all you need is a master password to access all of your favourite internet services. This way, you will only have to remember one password and, as you don’t have to memorize all of them, you can set different, more complex passwords for each service. It maintains your online privacy… at all times!
The post The worst passwords ever created appeared first on Panda Security Mediacenter.