We recently decided to make our DNS infrastructure inside each of our core data centers more robust and therefore installed three virtual servers on three different hypervisors to function as DC-local recursive DNS servers. We chose an unbound DNS recursive resolver for this task, as we had positive experience with it from the past and we already had collectd scripts for its performance monitoring, as well as the necessary puppet modules.
When you turn on your computer in the morning, do you have enough time to brew a cup of coffee while it starts up? Is your PC so tired that you can take a walk around the block waiting for a program to open? If your machine seems like it’s on life support, there are a few things you can do to help put some pep back in its processors.
In events that took place on consecutive days, the two tech giants presented last week their new ‘weapons’ in the fight for computer supremacy. Whereas Microsoft has decided to go for more pricey, sophisticated and innovative computers, Apple has decided to stay with what the company knows works well and has limited itself to introducing some improvements in its acclaimed laptop computers.
The Redmond company has taken everyone by surprise by rolling out an ‘all-in-one’ device, Microsoft Studio, aimed at knocking the iMac off its perch as the favorite tool among creative pros. The new computer is one part PC, one part graphics tablet. It can be folded, allowing artists and designers to use it in a similar way to a tablet, while offering at the same time an extremely powerful computer very reminiscent of Apple’s iMac for all kinds of professionals.
Additionally, the company founded by Bill Gates has upgraded its Surface Book tablet and presented the new update of its Windows 10 operating system: Windows Creators Update. This new version is stuffed with new features, including the first revision in a long time of its security tool Windows Defender.
The program ditches its classic look and feel in favor of a more Windows 10-style appearance, with a responsive interface adapted to touch screens. It also looks like Windows Defender will be integrated with other tools, like Windows Firewall or Family Safety, allowing for central management of all security aspects of Microsoft’s operating system.
As for Apple, the new MacBook Pro features some significant enhancements with regards to security. First, it incorporates Touch ID for the first time ever. Touch ID, already present in the company’s iPhones, is a fingerprint scanner which, despite posing certain security risks, introduces a new mechanism to verify a user’s identity on Apple’s computers beyond traditional passwords.
This biometric security system will be integrated into Apple’s laptops through the new Touch Bar, a multi-touch strip located above the keyboard and which displays contextual menus and allows for different actions depending on the program you are using. With the Touch Bar, for example, you will be able to do something as simple as paying for an online purchase just by placing your finger on the small display.
If this were not enough, the new MacBook Pro comes equipped with a secondary processor that will perform all security-related tasks, including managing Touch ID and the new Touch Bar. This secondary processor includes what is called ‘Secure Enclave’ technology, specifically designed to manage personal and confidential data most securely.
The post Microsoft and Apple unveil new computers with improved security features appeared first on Panda Security Mediacenter.
A few days ago Tal Liberman, a security researcher from the company enSilo revealed a new code injection technique that affects all Windows versions up to Windows 10. Due to the nature of this technique it is unlikely that it can be patched. In this article I’d like to shed light on this attack, its consequences and what can be done in order to protect ourselves.
Basically this attack takes advantage of the own operating system to inject malicious code and then use some legit process to execute it. Although it is not that different to what malware has been doing for ages (malware has been injecting itself in running processes for decades) it is true that the use of the atom tables (provided by Windows to allow applications to store and access data) is not common, and it is likely to go unnoticed by a number of security solutions.
This attack is not common, and it is likely to go unnoticed by a number of security solutions.
The best explanation you can find so far is the one made by Tal in his blog “AtomBombing: A Code Injection that Bypasses Current Security Solutions”.
Not really. First, in order to use this technique malware has to be able to be executed in the machine. This cannot be used to remotely attack and compromise your computer. Cybercriminals will have to use some exploit or fool some user into downloading and executing the malware, hoping for the security solutions in place not to stop it.
The way the attack is performed to inject code is new, although as I mentioned earlier malware has used malware injection techniques for a long time, for instance you can see that in many ransomware families.
New, but not that dangerous… why the panic?As I said first malware has to be executed in the machine, but we know that at some point this will happen (not a matter of IF, but WHEN.)
Many security solutions have the ability to detect process injection attempts, however to do this they rely on signatures, therefore many of them are not able to detect this particular technique nowadays. On top of that, many of them have a list of trusted processes. If the malicious code injection happens in one of them, all security measures from that product will be bypassed.
Finally, this attack is really easy to implement, now that it is known there will be a number of cybercriminals implementing it in their malware sooner than later.
On one hand, traditional antimalware solutions are great to detect and prevent infections of hundreds of millions of different threats. However they are not that good at stopping targeted attacks or brand new threats.
On the other hand we have the so called “Next Gen AV”. Most of them claim that they do not use signatures, so their strength come from the use of machine learning techniques, which have evolved greatly in the last few years, and they have shown they are pretty good at detecting some new threats. As they know their weakness is that they are not that good stopping all threats, they have a great expertise in post-infection scenarios, offering a lot of added value when a breach has already happened. Another issue they have is that machine learning won’t give you a black or white diagnosis, which translates into high false positive rates.
Not the best, although it is better than using just one as they can complement each other. It has however a few downsides. As a starter you have to pay for both. Although it can be justified due to the overall protection improvement, it means you will need extra budget for the extra work (false positive exponential growth coming from Next Gen solutions, different consoles to manage each one, etc.) Performance can become an issue is both are running in the same computers. And finally these solutions don’t talk to each other, which means you are not taking full advantage of the information each one handles.
Panda Solutions for Companies combine the power of the traditional solutions and the machine learning techniques.
The best solution is one that has both capabilities, one that has the power of traditional solutions as well as long experience in machine learning techniques combined with big data and cloud. Working together and exchanging information, with a continuous monitoring of all running processes, classifying all programs that are executed on any computer of your corporate network and creating forensic evidences in real time in case of any breach. Only deploying a small agent that will take care of everything, using the cloud for the heavy-processing tasks offering the best performance in the market. In other words, Adaptive Defense 360.
The post AtomBombing, a new threat to your Windows appeared first on Panda Security Mediacenter.
We have good news for you. Here at Panda Security we have launched a new Customer Loyalty Program to reward our customers with more favorable renewal conditions.
The Plan includes special renewal discounts that will increase year after year to reach 50% from your third renewal onward. That is, the longer you stay with us, the more you’ll save.
It’s as easy as selecting the auto-renewal option when you first purchase your product. That way, you’ll ensure you are always protected with the latest advances in computer security and the best services to ease and protect your digital life at the best price.
It’s as easy as selecting the auto-renewal option when you first purchase your product. That way, you’ll ensure you are always protected with the latest advances in computer security and the best services to ease and protect your digital life at the best price.
Also do not forget to get the most out of your protection, it is much more than a simple antivirus.
1. Wifi monitor that helps you to control the devices that use your network, being able to block those that could be using it without permission. Goodbye neighbors!
2. Parental Control to you keep your children safe from contents that are not appropriate to their age.
3. Data protection so you can browse and shop online without fear of having your personal information stolen.
4. Devices optimization so that they always perform as if they were new.
5. Password Management to manage from a single tool the different passwords of services like email, online bank or your Netflix account.
6. Protection for mobile devices:
7. We also offer Support service to our Premium Gold Protection customers. It Will be like having a computer technician at home
The post New Panda Security Loyalty Program appeared first on Panda Security Mediacenter.
With great power comes great responsibility. Powerful words. We’re not talking about a web-slinging superhero though, but a different type of web altogether -the World Wide Web- and with the ongoing expansion of the Internet of Things, its increasing connection to the physical world is inspiring awe and wonder, but also a growing necessity for out-of-the-box thinking and creative risk assessment from cyber security experts the world over.
Here at Panda Security, we have gathered a few of our ideas on ways that hackers could get unprecedented access to your daily lives through the app-integrated devices you keep at home.
As the Internet of Things continues to integrate seemingly inane and unrelated objects, an entire comprehensive home operating system seems increasingly likely. While this will turn your house into a streamlined living space completely catered to your comfort, it could also put you at greater risk of falling victim to a cyber attack in your own home.
Central to any future smart home’s security would surely be its locking system.
Recent investigation, though, has shown that smart locks are alarmingly easy to hack, making them embarrassingly unable to guarantee the function they are there to provide in the first place.
Current systems simply make it too easy for a cyber hacker to actually physically enter your home.
We’ve thought further ahead though; what if a hacker were to completely invert their use of this technological weak spot in the future? If a smart lock can be compromised in order to open it, maybe hackers will find a way to keep your doorway completely shut.
The future’s equivalent of a home invasion could be completely silent, a hacker controlling events from a distance, perhaps asking for a sizeable ransom before letting you out of your own home.
It may make a terrible idea for a film script (Home Very Alone) but it’s a terrifying thought nonetheless. If all of your security devices are interlinked, cyber attackers could potentially also have access to your house alarm and even your car keys.
One safety feature that is already incorporated into some smart smoke detectors available on the market is the ability to let a smart house pull information from, and manipulate, other smart devices so that they can react accordingly in case of an emergency. This feature is implemented for the user’s safety, allowing a house that detects a fire, for example, to unlock all the doors in the house in aid of a speedy exit.
That is a great example of the way IoT businesses are working to seamlessly integrate and interconnect devices within smart homes. However, there is one strong reservation; if this technology is breached by a cyber attacker, there is the potential for setting off a chain reaction that could greatly reduce the safety of a smart home.
Another way that a hacker could potentially intrude from afar is by setting off a false smoke alarm that will send for the fire services. The chaotic scene could act as a smoke screen, making you a soft target for other potentially malicious cyber attacks.
One of our wilder ideas perhaps, but with all the furor about exploding mobile phones at the moment, we’re aware that IoT is increasingly putting us in the position of giving hackers access to potentially explosive devices!
Could this be manipulated in a cyber attack? Attackers typically work en masse, such as in distributed denial of service attacks (DDOS), where thousands of emails or requests are sent to a server to slow down or crash the intended target’s servers.
If that’s the case we could face a future in which hackers try to send as many machines into overdrive as possible in the hope that some will malfunction. A terrifying prospect, and perhaps part of the reason for which government agencies have been liaising on the potential dangers of IoT related cyber attacks.
Remember that Simpsons episode in which Marge falls for a Pierce Brosnan voiced AI house operating system that does the cooking and is secretly planning to “get rid” of the rest of the family? As bemusing as it may seem we may only be a few small technological leaps away from mirroring the events of that hilarious, yet horrifying, HAL parody.
Ok, granted your fridge isn’t about to have an intelligent conversation with you, and much less hatch a murderous scheme against your family. However, as far back as two years ago, the CIA were highlighting the threat of smart refrigerators in people’s homes.
The Central Intelligence Agency were alarmed when a refrigerator was used as part of a “zombie” network to perform a DDOS attack. All of this unbeknownst to its owners, who had no idea their fridge had taken on a, quite devilish, new purpose aside from keeping tomorrow’s lunch cool.
As these devices become smarter, tracking your shopping habits and ordering deliveries for the home, could a hacker gain access to your bank details or disrupt your order? All we know is that AI and fridges are best left as a spooky cartoon vision for now!
The post Are (IoT) Smart Homes of the Future As Smart As They Say? appeared first on Panda Security Mediacenter.
Ashley Madison, Dropbox and Yahoo have something in common—they are all victims of mass data breaches where user log-in credentials were stolen. Sadly, this type of tactic has become more common over the last year. What’s even worse is that it seems like this will continue to be an objective for cybercriminals—after all, why wouldn’t they want access to millions of users’ data? The greater the risk, the bigger the reward.
Large corporations cannot escape these attacks. Although you might think that regular internet users are the targets of these attacks, most cybercriminals are after large corporations. Despite the security solutions that companies can implement, a recent study has revealed that 97% of the thousand largest companies in the world have been victims of data breaches.
The 97% of the thousand largest companies in the world have been victims of data breaches.
Many users choose to use their corporate email when signing up for one of these online services which, over time, will be victims of some type of attack. If a business’s employees always use the same password to access different platforms, regardless if they use their work email or a personal one, the situation becomes much riskier.
Following a recent investigation, out of all the mass leaks that have affected large corporations, LinkedIn suffered a massive data breach during the attacks last May. Adobe was a victim of a similar attack during 2013. It’s no wonder these two companies were hit: both services are accessed by professionals who use their corporate emails to log-in.
However, the LinkedIn and Adobe cases are not the only multinational companies who have been victims. In fact, the study also reveals one of the most famous data breaches, the Ashley Madison attack that endangered thousands of corporate emails linked to large corporations.
The danger these data breaches have on corporate accounts is much greater than simply affecting the company’s reputation. In fact, according to a recent report by the Ponemon Institute , these data breaches cost companies an average of 4 million dollars, that’s more than 3.5 million euros. With that said, make sure your employees are educated on the matter—While signing up for one of these services, they shouldn’t use corporate information like business emails, and they should make sure they use different usernames with several complex passwords.
The post 97% of Large Companies are Victims of Mass Data Breaches appeared first on Panda Security Mediacenter.
A variant of the Android banking Trojan GM Bot is now targeting customers of more than 50 banks around the world, including Citibank, ING, and Bank of America. In the last three months, our mobile users encountered GM bot more than 200,000 times.
Biometrics continue to stand first in line to replace traditional passwords. All those whose employees use long and complex combinations of letters and numbers will be looking forward to a system whereby all that is required is for a fingerprint or iris pattern to be recognized by a sensor in order to access the services that employees have to use every day.
Nevertheless, in addition to these two popular systems which some latest generation mobile devices already incorporate, other biometric-based systems have been put forward as the alternative that will finally consign traditional passwords to history. This is the case with signature recognition.
The truth is that this is a system that has been around for decades, in one form or another. Whenever you pay by credit card and have to sign a digital screen with an e-pencil, signature recognition is being used to confirm your identity. What’s happening is that your signature pattern is being contrasted with the one that your bank has stored in its systems.
This is not however a simple comparison of both images. The security software doesn’t just place the two signatures next to each other to see if they coincide, or at least, if they are similar. In reality, signature recognition compares the way that both images have been created, looking for a similar behavioral pattern.
So although it may be relatively simple to forge a signature, replicating the speed and pressure that was used to make the signature is practically impossible. As such, signature recognition using the most advanced technologies appears to be the perfect replacement for passwords for operating corporate bank accounts.
However, as with all secure identification methods, there are also downsides. One of the major setbacks is that the way we sign things varies for a number of reasons, which is a serious challenge. For the system to be practical, it is essential to be able to distinguish between a slow signature due to an injury and one that is the result of an attempted fraud.
Moreover, it is not an efficient way, at least at present, of accessing services. In fact, when you sign for something when paying for it, this data is not being used in real time. Instead, the data is sent to your bank to be validated later.
The current failings, however, of signature recognition will not see the door closed on this technology. It is more than likely that future corporate banking operations will be authorized through a simple signature on a tablet or smartphone.
The post Signature recognition, a reliable replacement for passwords? appeared first on Panda Security Mediacenter.
