Tag Archives: featured1

Avast

Avast Cleanup is ready for beta testing

Become one of our Avast Cleanup beta testers!

Calling all beta testers!

We’ve got great news for you: Avast Cleanup, our PC-cleaning software, has undergone some big, exciting changes. The latest Avast Cleanup sports a brand-new design, includes exciting new features, and best of all, is now standalone – this means you can use it even without downloading Avast Antivirus products first.

We’ve now released the public beta version of Avast Cleanup and would love to receive your thoughts, opinions and insights on the program to help make it the very best it can be.

Panda Security

Why It Is Easier To Control Your Company’s iPhones With iOS 9

It is increasingly common for employees to use their personal technological devices to complete job-related work, whether it is responding to a corporate email from their Smartphone, managing a client relationship from the ease of their tablet, or performing typical work tasks at distance from home, using a personal laptop.

Teleworking, and a trend called BYOD (Bring Your Own Device), are at rise and have made the people in charge of security companies increasingly aware of the risks involved with the use of these devices. These devices should be treated with the same protection measures as office computers and systems.

Apple is aware of this and has included a set of tools to facilitate what is called MDM (Mobile Device Management) in iOS 9. This will help employees control their devices and access company resources more securely.

Thanks to these developments, companies can control the traffic of any employee’s iPhone, track IP addresses or install an application to track their location, for example. To respect employee privacy, the Smartphone will show their users that these actions are being taken on their devices, like someone is browsing their history or seeing the location of their device.

Companies can see any employee’s iPhone location.

In addition, the latest version of iOS allows for application white lists or black lists, which makes it possible for IT security managers to decide what can run and what cannot in employee devices. Same with passwords: If a website is not on the list of trusted sites, the user will not be able to save their user name and password for upcoming sessions (“Do you want to remember your username and password?”).

The MDM tools that Apple has added to its mobile operating system also allow managers to configure notifications that employees can receive on their phones; they can decide what will be displayed and what won’t, by adjusting the permissions of each app. Lastly, the person in charge for the company can block devices or erase their contents, remotely.

The person in charge for the company can block devices or erase their contents, remotely.

Thus, Apple has strengthened the security of their devices for the business environment, which requires even higher standards than usual for sensitive company information. It is a great step forward, but it is not the only measure that should be taken by IT security managers. They should always install a good anti-virus in each employee device, which is also essential to avoid malware and cyber-attacks. Let’s remember: a single infected mobile could cost your company thousands of euros.

The post Why It Is Easier To Control Your Company’s iPhones With iOS 9 appeared first on Panda Security Mediacenter.

Avast

How to get traffic to a fake app on the Google Play Store

Fake Android apps on the Google Play Store use shortcuts to get popular

It doesn’t happen too often thanks to the rigorous checks apps go through, but occassionally a fake app will slip onto the Google Play Store. How does it happen? 

Here’s what cheating developers do:

When an Android app developer creates a malicious app and wants it to get attention fast, the easiest way to do it is to make it look like some other app that is already popular, like Waze. The impatient developer names it “Waze Tips” so it looks like customers will learn something useful. Then he puts it onto the Google Play Store and creates fake comments and ratings so it looks legit. After that, he’s set for success.

That’s the logic behind fake Android apps. Not surprisingly, there actually is an app that uses all these methods called “Free Waze Traffic GPS Maps Tip”.

fakeWaze_slim-361005-edited.png

This fake app uses all the tricks to fool users into installing

 

Avast

Avoiding UEFA Euro 2016 and Copa America Centenario scams

Two of the biggest soccer, or as the rest of the world calls the sport, football, events –Copa America Centenario and the UEFA Euro Cup – have fans across the Americas and Europe hyped. Fans are trying to get as close to the games as possible, either by getting tickets to attend a match or by playing soccer/football themed games. Cybercrooks are also big fans of major events like these and they, unfortunately, like to take advantage of fans’ enthusiasm.

Copa_America_and_Euro_2016_scams.jpeg

Image via: Google Images

Beware of Copa America and Euro 2016 online scams

It’s only natural for die-hard fans to get excited when they see tickets on sale for either sold out games or for a cheaper price than the tickets sold on the official Copa America and UEFA sites. Cybercriminals are fully aware of how desired tickets to Copa America and the Euro Cup are and have set up phishing sites and phishing social media and email campaigns to trick people into buying phony tickets.

Panda Security

Tor and the Deep Web: Secrets from the Dark Side of the Internet

The “Deep Web” or “Invisible Web” is on the rise. Humans are curious by nature, and more and more internet users are going to the dark side. Everyone knows that the internet is a never-ending source of information, and search engines like Google, Yahoo and Bing can quench our thirst for information using just a few key words, with lists of information within seconds. But, are you aware that most of us are only accessing a mere 4% of the World Wide Web?

deep web

To understand this concept, you must imagine the entire Internet as an Iceberg.

We only know the tip of the Iceberg: The Deep Web’s Structure.

Like we stated in the previous paragraph, to better understand the Deep Web, it’s imperative to think of the entire internet as an iceberg that is divided into five parts, with each part more submerged than the previous.

Level 1. At the tip of the iceberg we will find all pages that we are able to access using search engines. This part is visible and accessible for “simple mortals” and the information is completely traceable.

Level 2. Below the surface of the water, we will find pages or sites that are not indexed (in other words, sites that aren’t visible) using traditional search engines (like Google or Yahoo). Therefore, they are only accessible to those who are “qualified”.

Level 3. If we dive even deeper into the cold water surrounding our iceberg we will begin to see very hard to find—and mostly illegal—information.

Level 4. As we grow closer to the most submerged point of our iceberg we will be able to find every type of illegal website. Most of them are monitored by the United States government (for example, child pornography websites).

Level 5. Once we have passed the four levels in the Deep Web we will reach the most hidden part of the internet, known as “The Dark Net”. A hacker’s paradise, this part of the web is built on a series of private networks that can only be accessed by “trusted” users. This is the darkest part of the web: it is not governed under the standard protocols and there is no security.

Tor: How to Access it in the Deep Web

Everyone is capable of accessing the deepest parts of the web, but to do so you have to use alternative search engines. Tor (The Onion Router) is a free software program that was designed by the United States Naval Research in the mid-90s to protect US Intelligence communications online.

Tor has a layered structure (hence, its name) that enables the user to navigate by jumping from one layer to another, ensuring that the user is protected by a cypher that prevents them from seeing your IP address. One of the Deep Web’s main characteristics is user anonymity.

deepweb2

Is it really possible browse the web anonymously?

Industry experts say that connecting through Tor can be risky. Tor does not allow the user to control which proxy they connect to, which could lead to threats like man-in-the-middle attacks and JavaScript infections, which violate user privacy.

pandasecurity-hackers-deep-web

The best way to avoid these type of attacks is to control the parts you can, like: the kind of operating system (Windows, Linux, etc.), the origin of the connection, the trustworthiness of the information that we share, etc. Organized gangs remain anonymous in the “Deep Web” thanks to their skill and organization in each of these areas.

Although the world of the Deep Web seems very fascinating, we must consider the enormous dangers that we might find. Panda will not accompany you on this journey!

The post Tor and the Deep Web: Secrets from the Dark Side of the Internet appeared first on Panda Security Mediacenter.

Avast

Do you know the social sites your tweens and teens are using?

We help you recognize popular social sites where your pre-teens and teenagers hang out.

Facebook maybe the number one stop for your teenager, but it’s not the only social media platform that’s popular. Seven out of 10 teenagers report that they use more than one social site to communicate with their friends and meet strangers. Here’s a rundown of the most frequently used social media platforms among teens. For now.

shutterstock_182474648-402667-edited.jpg

 

Panda Security

Be a Better Friend to the Environment with These Five Apps…

1605-enviromentday-wwf-2-04

Though we often speak of electronic waste and the darker side of technology, whose insatiable energy consumption is causing serious harm to the environment, we can actually use technology for good. It’s possible for the internet and our Smartphones to be environmentally friendly.

 

This Sunday, June 5th, we celebrate World Environment Day. We wanted to take this opportunity to share some of our favorite applications that help us be more sustainable.  Help us save the planet!

 

How Big is Your Footprint?

 

Our everyday routines have a greater impact on Mother Nature than we think. The first step in reducing our carbon footprint is to be aware of our actions. GiveO2 is an incredibly useful application that analyzes transportation activity and offers rewards if they are improved. Come on! “Compete to be the most sustainable!”

Leafully helps track how much electricity you consume by showing how your energy consumption is effecting the environment and how many trees are needed to offset the pollution.

 

We All Need Oxygen

 

You probably already recycle in one way or another; you try to save water, electricity, fuel and, in general, you try to respect our environment. But you can take it a step further. Applications like Gardenate educate users how to cultivate and take care of their gardens and vegetables. Don’t have a garden? This app can also help you take care of your household plants.  It notifies you when you need to irrigate, fertilize or treat them.

 

Not a Star in the Sky

 

Light pollution is often forgot about in today’s busy world. Light pollution is when we are unable to see the sky clearly due to artificial lights and street lamps. Loss of the Night is an app that raises light pollution awareness by helping users measure skyglow. The app was created so that, in the future, “cities will save energy and money, while having appropriately lit streets, dark bedrooms, and a sky once again full of stars”.

 

I Can’t Hear You!

 

Noise, especially in large cities, is another way we are unknowingly damaging the environment. Apps like NoiseTube helps us track the noise level in the most bustling and quietest cities.  Users are able to measure the noise level in their surrounding area then upload it to the app, enabling any Smartphone user to participate in “global noise mapping”.

 

Take Action

 

It is time to take action and help save our planet. There are a multitude of apps (like Go Green) that offer advice and recommendations for a more sustainable lifestyle. Are you part of the solution or part of the problem? Find out if you are helping or hurting the environment and, if necessary, change what you’re doing.  Check out the official

 

Go with peace as you download these apps, but make sure to download them off an official site like Google Play, the App Store, or the Windows Store, to avoid malware threats. And remember to have a good anti-virus on your device that will help you protect yourself from any of threat.

The post Be a Better Friend to the Environment with These Five Apps… appeared first on Panda Security Mediacenter.

Avast

Adware on Google Play: Knock-off FIFA apps take advantage of football (soccer) hype around Copa America and Euro Cup

Fake football apps appear on the Google Play Store in time for soccer fever surrounding major tournaments.

Copa America Centenario and Euro Cup start this Friday and next Friday respectively, and everyone across the Americas and Europe are in the football/soccer spirit.

I found four soccer/football apps on the Google Play Store, all with the same or similar names, that are pretty bad knock-offs of the popular FIFA app. All four apps have negative reviews claiming the apps do practically nothing but display ads. Clearly, the person or people behind these apps only intention is to make money and not to deliver quality apps.

I dug a little deeper and despite the fact that these four apps were uploaded under different developer names, they seem to be developed by one developer. All four apps have the same dex files and manifests. Each developer name has only uploaded one app and there are no links to any developer homepages.

Ad heavy soccer apps on Google Play

I decided to test each app to see if the negative reviews regarding the ads were true and unfortunately, they are.

Avast

Knock-off FIFA apps on Google Play

Fake football apps appear on the Google Play Store in time for Copa America and Euro Cup.

Copa America Centenario and Euro Cup start this Friday and next Friday respectively, and everyone across the Americas and Europe are in the football/soccer spirit.

I found four soccer/football apps on the Google Play Store, all with the same or similar names, that are pretty bad knock-offs of the popular FIFA app. All four apps have negative reviews claiming the apps do practically nothing but display ads. Clearly, the person or people behind these apps only intention is to make money and not to deliver quality apps.

I dug a little deeper and despite the fact that these four apps were uploaded under different developer names, they seem to be developed by one developer. All four apps have the same dex files and manifests. Each developer name has only uploaded one app and there are no links to any developer homepages.

Ad heavy soccer apps on Google Play

I decided to test each app to see if the negative reviews regarding the ads were true and unfortunately, they are.

Panda Security

Billion Dollar Sting: A Financial Corporation’s Worst Nightmare

Banks panda security

For years cybercriminals have had their focus on money, and most specifically in the financial system. For more than a decade they have been mainly targeting the weakest link in the chain: the final user that uses online banking services. This approach has some benefits for these cybercriminals: poor security in the end user, small money thefts that can go undetected for some time, etc. However it also has some cons: need of money mules, being able to find (infect) a victim that is using one of the targeted banks, avoiding antimalware software, etc.

In other words, they can make a lot of money, but at the same time it will require a lot of effort from their side.

Where is the big money? Financial institutions themselves. There is no discussion about this. However it is hard to break into them, and even more complicated to understand how their specific internal systems work in order to be able to fully compromise them, take the money and leave without leaving a trace. It requires a great investment to gather all the intelligence needed for this kind of heist, it is not easy to perform and it might require several months, if not years, of careful planning. Anyway it is worth it if 1 billion dollars can be stolen in just one hit.

This is basically what happened in February at the Bangladesh Central Bank, where attackers infected their system with malware specifically created for this attack and tried to make fraudulent transfers totaling 951 million dollars. That money was in the account Bangladesh Central Bank had at the Federal Reserve Bank of New York. Gladly most of the transfers could be blocked, and “only” 81 million dollars were stolen. But this was not the only case.

Tien Phong Bank, a Vietnamese bank suffered a similar attack in the last Quarter of 2015. That time cybercriminals also tried to make transfers through SWIFT, although the bank could realize in time and could halt the 1 million dollars transfers already on route. And a few months earlier, in January 2015, a bank from Ecuador –Banco del Austro –was hit in a very similar way, and 9 million dollars were stolen.

banks-sting-illustration

What are the similarities among the three cases? Malware was used to perform the attack, and all the money transfers were made using the SWIFT network. SWIFT (Society for Worldwide Interbank Financial Telecommunication) is a cooperative society formed by thousands of financial institutions around the world. Founded in 1973, it provides different services to their members.  The secure transfer of money among banks is one of the services offered and processed by the SWIFT network.

The biggest concern was if the SWIFT network, that was believed to be secure, had been compromised. If this was the case the entire financial system could be at risk. It looks like this was not the case and SWIFT has issued a press release where it clearly states this: “the SWIFT network, core messaging services and software have not been compromised.”

However, that depends on the point of view: cybercriminals successfully used the SWIFT network to perpetrate these heists. And they took a similar approach as the one described in the beginning of this article: target the weakest link in the chain. SWIFT provides a safe environment, but at the end of the day, each financial institution has its own internal system that communicates with the SWIFT network. In the same way cybercriminals were targeting final customers with banking Trojans, now instead of going after the SWIFT network, they are going after the banks connected to it. This means that, while we can say that the SWIFT network is safe so far, we can also say that there are potentially thousands of holes that exist, as many as financial institutions connected to them.

How did these attacks happen exactly?

There are still many unknowns, and some of them won’t ever be solved. These criminals have covered their tracks. In fact, the main purpose of one of the malware pieces used in the heist was to delete these tracks. One thing we know for sure: malware was used. How did it enter? For this we have two different options: there was help from an insider, or it was an external attack through Internet. Both seem plausible, even more so after we learned that the security infrastructure at the Bangladesh Central Bank was obviously not good enough.

If we take a deeper look at the Bangladesh incident, it was a highly sophisticated attack targeting specifically the Bangladesh Central Bank, but the way the malware is structured (using an external configuration file, which makes no sense if this was just a one time job) points out that we’ll find new victims. They will go after banks that have flaws / weaknesses in their security model, such as those that do not monitor the execution of software in their network, and so far the information we have on the other attacks confirm this hypothesis.

In their customer communication SWIFT tells all the banks that their first priority should be to ensure that you have all preventative and detective measures in place to secure your environment.

So that’s easy, right? How can we ensure that? Is there anything at all that can be done to completely prevent any new heist?

Criminals will keep trying, and eventually they may succeed. Anyway we know what they are after (money) and what computers they want to target (those connecting to the SWIFT network). Access to the SWIFT network is highly restricted, it can only be performed from certain computers and only certain users are allowed access to them. Those computers have to be highly fortified, and of course we are not just talking about having updated software and use an antimalware solution.

Only pre-approved software should be let executed in those computers. All executed processes have to be monitored in real time, logging everything that happens and looking for abnormal behaviors. It does not matter if the attack comes from the Internet or with the help of an insider. No unauthorized software can be allowed to be executed in those terminals, and the allowed one has to be protected with anti-exploit technologies and monitored in real time in case some abnormal behavior takes place.

Of course, if some person has physical access to a target computer, at some point they could disable any security solution, which is not a problem by itself if you can get an alert about it on the console used by the security team. Is there any better indicator of compromise than someone tampering with the security software installed in a critical system?

How to avoid these cyber-attacks

One of the most frustrating things that victims have to go through is the lack of knowledge of how the incident happened. How did it happen? When did it start? For how long? What did they do once the computers were compromised? Was there any confidential information leak? As an example, in the Bangladesh Central Bank case, three pieces of malware could be recovered after the incident, but that’s what there was left. Attackers probably used many other tools that were deleted and the victim won’t know anything about them.

Knowledge is power: being able to know how a security incident happened will help you fix any security weakness in your environment.

There are only a few solutions that are capable of delivering this level of service, Panda created Adaptive Defense for these type of cases and we already have financial companies, governments, and big corporations in different verticals (health, hotels, insurance, public utilities, etc.) actively using Panda Adaptive Defense. All of them suffer not just the regular cyber-attacks, but really targeted attacks against their assets. We have shown some of them, such as the one targeting a luxury hotel chain a few weeks ago or the one against oil tankers.

Our conclusion after studying these attacks is that If those banks would have had Panda Adaptive Defense in their SWIFT connected terminals, the heist could have been stopped in time.

The post Billion Dollar Sting: A Financial Corporation’s Worst Nightmare appeared first on Panda Security Mediacenter.