Tag Archives: featured1

Panda Security

Tech Giants Use Differential Privacy to Extract Your Private Information

pandasecurity-apple-mac

Besides the exciting developments Apple presented at its annual WWDC event in San Francisco, there were also some security related announcements that should not go unnoticed.

 

The Apple brand talked about a new concept that they are beginning to use in all of their services that they say is the future of how users manage personal information on their platforms: they call it differential privacy.

What does differential privacy consist of?

 

You may think of Apple as a privacy defender; they are known to favor encryption and implement different measures in order to protect the personal data of their users. But in the age of “big data”, tech companies like Apple are also seeking as many personal details as possible about their users. Like any business, the tech company run by Tim Cook needs to know everything about their customers, both current and future.

 

How can the tech company seek personal data, while at the same, keep it private? It’s a privacy vs. government race (especially in the United States). Luckily for Apple users, in the realm of user privacy, this multinational giant is in the lead.

 

Apple has come up with something they call differential privacy. In other words, they extract conclusions about users and groups (or subgroups), while at the same time, ensuring that the information belonging to each one of those individuals is totally private.

 

Differential privacy lets you gain insights from large datasets, but with a mathematical proof that no one can learn about a single individual

 

“Differential privacy lets you gain insights from large datasets, but with a mathematical proof that no one can learn about a single individual,” explained Aaron Roth, a profesor of computer science at the University of Pennsylvania, who “[wrote] the book” on differential privacy, according to Apple’s Craig Federighi.

Much More Than Anonymizing Data

This does not anonymize data like many other internet services, which has proven to fail in many occasions. In 2007, for example, a group of investigators demonstrated how they were able to de-anonymize the “anonymous” data published on Netflix.

 

On the contrary, with their new focus Apple will not pass information from its devices to its servers until the data passes through a transformation process where it will go through various techniques like cryptographic and flow noise functions to ensure that it is mathematically impossible to associate your data with your identity.

 

They are not the only technology giant that is adopting differential privacy to protect their users’ personal information: other big businesses share this new idea including Google, and Microsoft, whose team of experts even includes some of the concept’s founders.

The post Tech Giants Use Differential Privacy to Extract Your Private Information appeared first on Panda Security Mediacenter.

Avast

CyberCapture: Protection against zero-second attacks

This week we released a new version of our core PC antivirus product, which we refer to as the Avast Antivirus Nitro Update. The update’s name is Nitro, because it is filled with innovative, new ways to increase speed and increase protection. One of the new ways we are increasing protection is with a cool new proprietary technology called CyberCapture. CyberCapture dramatically raises the bar when it comes to protection against zero-second attacks.

IMAGE_nitro_cyber_capture_infographics_600x500px.jpgCyberCapture looks at the smallest bits of a file to determine its safety

Let me explain how it works, and take a look at the infographic below which shows the path of an unknown file.

Panda Security

POS and Credit Cards: In the Line of Fire with “PunkeyPOS”

pandasecurity-punkeypos-principal.png

PandaLabs, Panda Security’s anti-malware laboratory, has been working on an in-depth investigation since May related to Point of Sale terminals (POS) in restaurants across the United States. A new malware sample was discovered during this investigation called PunkeyPOS, a malware variant that is able to access credit card data. PandaLabs left this information at the disposal of American law enforcement so they can take the appropriate actions. Let’s see what this is and how it operates.

How can they steal your card without touching your wallet?

PunkeyPOS runs seamlessly in all Windows operating systems. The cyber-criminal’s plan is to install the malware in POS terminals in order to steal sensitive information such as account numbers, magnetic strip contents (tracks) from bank cards, etc.

PunkeyPOS seems simple:

It installs a keylogger that is responsible for monitoring keystrokes, then it installs a RAM-scraper that is responsible for reading the memory of all processes running on the system.

Based on the information it captures, the malware performs a series of controls to determine what is valid and what isn’t. Regarding the keystrokes, PunkeyPOS ignores all information other than credit card data. It is mostly interested in tracks1/2 from the process memory that is obtained from RAM-scraping. The POS terminals read this information from the bank cards’ magnetic strips and then can use this data to clone the cards at a later time.

Once the relevant information has been obtained, it is encrypted and forwarded to a remote web server which is also the command and control (C&C) server. In order to avoid the detection of the card information in case somebody is scanning the network traffic, it is encrypted before it is sent using the AES algorithm.

The command and control (C&C) server address can be easily obtained based on this malware sample through reverse engineering or analyzing their communications. This is the main page of the control panel; it requires a username and password to get access:

pandasecurity-punkeypos-1

Follow the Trail to the Digital Pickpocketers

The cyber-criminals behind this attack haven’t been very careful. Since the server was not configured correctly, PandaLabs was able to access it without credentials.

Because of their neglect, PandaLabs was able to see where PunkeyPOS sends the stolen information. In addition to being in front of a panel that is used to access the stolen data, from this panel cybercriminals can reinfect or update current clients (POS bots).

pandasecurity-punkeypos-2

The version of the analyzed PunkeyPOS sample is hardcoded: “2016-04-01”. If we compare this sample with older versions, some from 2014, we can barely see any difference in the way it operates (in the References section of this article you can find links that will go further into detail about how it works.)

PandaLabs has been able to gain access to the control panel of PunkeyPOS, and has geolocated around 200 Point of Sale terminals that were compromised by this specific malware variant. We can see that virtually all the victims are in the United States:

pandasecurity-punkeypos-3

Taking into account how easy it is to sell this information on the black market, and how convenient it is to compromise these POS terminals anonymously through the internet, we are certain that cyber-criminals will be increasingly drawn to these terminals.

Protect your devices proactively from these types of attacks with an advanced cyber-security solution like Adaptive Defense. Real-time control of all inappropriate user operations is in your hands.

References:

http://krebsonsecurity.com/2016/06/slicing-into-a-point-of-sale-botnet/

https://www.trustwave.com/Resources/SpiderLabs-Blog/New-POS-Malware-Emerges—Punkey/

 

The post POS and Credit Cards: In the Line of Fire with “PunkeyPOS” appeared first on Panda Security Mediacenter.

Panda Security

Antivirus For Mac: Is It Really Necessary?

pandasecurity-mac-antivirus

The last few days have been intense for Apple fans. Last week, Apple’s Worldwide Developers Conference took place, where they presented the company’s new hardware and software. The “bitten apple” went into depth about their new operating systems for iPhone, Mac, Apple Watch and Apple TV but… what about security-related updates?

Following the horrible San Bernardino attack from last December, a controversial topic stemmed regarding the attacker’s iPhone. Apple’s case against the FBI initiated a dispute between user privacy and government access to personal data.

Meanwhile, other giants in the sector, like Facebook and Google, showed their support for Apple by promising to implement more effective encryption tools in the future. WhatsApp was the first to use end-to-end encryption.

Now Tim Cook presents a new file system called APFS, the Apple File System, which incorporates a new encryption system that gives developers multiple options like leave something unencrypted, encrypt it with a unique password, or encrypt it with multiple passwords. The Apple File System is already available online for developers and the new version will leave HFS system and improve security and data encryption.

Why is my Mac vulnerable to advanced threats?

Despite efforts of large security companies, the truth is that no operating system is 100% reliable. Apple computers are not the Macintosh systems that we once knew. Years ago, they had a safety-guarenteed reputation, with a different and solid operating system than others. At that time, hackers targeted computers with Windows operating systems, however, as Apple’s popularity has grown, so have the malicious-code-making hackers. Mac OS X is no longer impregnable and needs mac antivirus software.

In the recent PandaLabs’ Q1 report, experts discussed the latest threats directed specifically towards Apple operating systems. One example of this is the highly powerful ransomware based on Encoder, called KeRanger, which managed to infect Apple users at the beginning of 2016. We all remember the major Trojan attacker flashback and Browlock, also known as the Police Virus or Shellshock. All of the previously mentioned examples confirm that attacks on Mac OS X are growing.

While it is true that the number of threats in the Mac’s operating system are lower than other platforms (such as Windows) we must be aware of the importance of an effective antivirus for Mac in order to fully enjoy our Apple computers. Enough excuses, let’s start preventing viruses!

The post Antivirus For Mac: Is It Really Necessary? appeared first on Panda Security Mediacenter.

Avast

What is Nitro? Our newest, high-speed version of Avast Antivirus

Avast Antivirus Nitro Update is lightweight, delivers improved performance and includes our latest CyberCapture technology with zero-second threat detection against unrecognized files.

If you own a PC, you know you hate it when your antivirus software slows you down, so we developed our latest release to be strong and lightweight, with lower system impact to keep your PC running smoothly and protect you from the never-ending attacks we all experience.

So how do we keep the Nitro Update to Avast so lightweight? One way is we use new technology that utilizes the cloud to identify and analyze threats, which means Avast Antivirus Nitro Update is light enough that it doesn’t eat up your system’s resources. Our security software is smaller in size and designed to improve speed, boot time, download time, and system performance in Windows 10.

Nitro_Laptop-614736-edited.jpgWindows 10 PCs run faster with the Avast Antivirus Nitro Update than with Windows Defender

Panda Security

If You Add Extras to Your Web Browser = Extra Danger for You

pandasecurity-browser-1

Web browsers are full of dangerous options that nobody uses. Most computers come with pre-loaded web browsers like Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari, but these default web browsers are not configured for secure web browsing.

Anytime users are surfing the web, there can be a “variety of computer problems caused by anything from spyware being installed without your knowledge to intruders taking control of your computer”, as stated on the US-Cert website.

What may seem like a cool option for your Web Browser, could actually be a gateway for cyber-attackers that goes unseen to the average computer user. Sometimes “less is more”, and when it comes to computer security, the less entry-points a cyber-criminal has, the less we have to worry about defending ourselves.

There needs to be a complex balance between having freedom to use new technology functionalities, like web browser options, while at the same time, keeping the door shut to cyber-criminals.

But why download options if they are pointless? 83% of the latest browser functionalities are completely unnecessary, as revealed in a study from the University of Illinois. In fact, only 1% of the 10,000 most popular web pages use these features in some way, many of which do not even prove that they are useful.

83% of the latest browser functionalities are completely unnecessary.

A good example of this are the Ambient Light Events (ALS) that are designed so that websites perform differently depending on the levels of light that surround the device, and adapt the computer brightness to it. Although it sounds helpful, only 14 of the 10,000 websites that were cited in the study implement this and very few users are even aware that it exists.

 

pandasecurity-browser-2

 

Iframes is another story. It has become a very popular HTML element that is used in many different types of websites; interactive spaces on a web page allow users to insert part of another page onto their website (this is known as embedding). At least half of the most popular websites use this technology, and yet it is blocked 77% of the time due to security reasons. In 2013, hackers seeded Internet searches with malicious iframe code, leading to iframe overlay attacks on many prominent networks.” The majority of social networks have stopped using this program.

 

Something else that has caught our attention is vibrate API, which enables websites to manage features on devices… if they decided to use them. Today, only 1 out of the 10,000 most popular websites does this, but still, the features remain available, not only for legitimate developers but also for potential attackers who could use it for their own benefit, for example to spy your conversations (like they did here).

 

A cybercriminal could use the vibration of your Smartphone to spy your conversations

 

The difficult balance of taking advantage of available options while maintaining security seems is difficult to have, at least in regard to the browsers. To be protected, users better have a good anti-virus that is capable of stopping assailants if they get through these online-cracks.

The post If You Add Extras to Your Web Browser = Extra Danger for You appeared first on Panda Security Mediacenter.

Panda Security

Cybersecurity: An Opportunity For Digital Transformation

pandasecurity-digital-transformation-1

Although it is not a buzzword quite yet, the reality is, digital transformation is already impacting our professional and personal lives. Not a day passes without the media telling us what “it” is, why “it” is necessary, while bombarding us with examples of companies that are immersed in “it”.

It’s a fact that our lives are becoming more digital. We buy, we work, we store information, and we even communicate with other people through media and digital platforms. Just as we protect our analogue lives, we must protect our online lives.

pandasecurity-digital-transformation-2

Security plays a key role as a facilitator for Digital Transformation. 64% of managers recognize that cybersecurity is one of the pillars of this transformation, and not without reason.

There are two ways we can see this challenge: as a threat or as an opportunity. To approach Digital Transformation as if it is a threat is exaggerated….apocalyptic. We don’t want to downplay these threats… of course they are real, they really are! But fortunately, everyday there are more and better tools to protect businesses and their digital lives.

The cyber-security industry offers a plethora of services and products that are cheap, accessible and effective, and as a result, users are going to be better protected during their Digital Transformation. The cloud has been a great facilitator by implementing this change, protecting all kinds of businesses, regardless of size and sector.

And the same happens with cyber-security in the framework of digital transformation. 43% of executives consider security as the first challenge to address when implementing digital transformation. After all, we cannot really be digital without being protected. Knowing how to take on these changes in a positive way is, without a doubt, a competitive advantage for any organization.

And how do we protect ourselves?

While the technology that positively impacts us grows, so does malware and cyber-threats. These developing threats have a high human component and adapt to the various changes and stoppers that the cyber-security industry has put into action to fight them.

Therefore, in order to fight these threats, human response is absolutely necessary. As humans, we have a great ability: we are adaptable (yes, although we are talking about digital transformation we must remember that we are people). Fortunately there are cyber-security solutions for your business that support last generation technology and are capable of combining adaptability and human component, while allowing you to achieve an extremely high level of security.

Whether we like it or not, digital transformation is creating a new era… changing how we do things, how we live … and we are already fully immersed into it. We have a great opportunity to be more effective, efficient, fast and agile. The technology is there. Let’s take the bull by the horns and learn to protect ourselves like we already do in our analogue life. We will not regret it.

The post Cybersecurity: An Opportunity For Digital Transformation appeared first on Panda Security Mediacenter.

Panda Security

That no-good-Tinder-match wants to steal your money!

pandasecurity-tinder-botsMillions of people have been virtually stood-up by a potential partner that swiped left on the dating service, Tinder. To swipe left or swipe right—a decision made in an instant—is love in the times of the Smartphone…or so we think.

 

There is something that we didn’t take into account while using Tinder to find our future soulmates: many of our matches, and potential hook-ups, are actually robots that want to take us for all we’re worth. And unfortunately, these scammers are getting better and better at what they do.

 

Once they have established contact with their victim, the scammers use Tinder’s chat service to message their victim a link that will lead them outside of the app, usually to a premium service that takes users to a payment area (or any area where they may have to submit credit card credentials).

 

A seemingly less-dangerous variant of this scam encourages the victim to download some type of software, so that the bot’s creator can pocket some change for every visitor they deceive. In the worst cases, the download will contain a malicious code that might infect the victim’s phone.

Your “match” will lead you to a premium service area where you will have to pass through a payment page.

 

How can I detect them?

 

You will be able to recognize these scammers by the type of actions they attempt to carry out, like asking you to exit the app to an external private chat, tempt you with a better “glimpse of them” by asking you to pay for “their” videos or photos, or even try to play a game with you to see if you can beat them. They might attempt the classic “Nigerian Prince” illusion, and ask for a money transfer so they can buy a ticket to come see you, since they are so far away.

You can recognize these robots by the appealing yet limited phrases they use

 

You can also recognize the Tinder bots by their profile photos. The scammers use photos of models and actors from the internet, sometimes from pornographic pages, to attract their victims. If the procedure is automated, the language used will be very limited…whatever you say, the response will be similar. If you find anything like this, be suspicious!

The post That no-good-Tinder-match wants to steal your money! appeared first on Panda Security Mediacenter.

Avast

Windows 10 users need more protection than basic Defender

Windows 10 users should install Avast antivirus protection for the highest level of security.

wrong tool for the jobUsing the right tool makes all the difference.

Everyone knows that you need the right tool to do a job. When you cut down a tree, you don’t use a butter knife, you use a chainsaw. It you want to win a Formula 1 race, you don’t drive a riding lawnmower.

The same rule applies to your PC’s security.

You can’t go up against today’s online threats without the best protection. That’s why Windows 10 users need to install strong antivirus software to run in parallel with Microsoft’s pre-installed antivirus, Defender.