Tag Archives: highlighted

Panda Security

Why Big Data is the new focus for information security

Leave a comment

big data

Big Data is the current buzzword in the technology sector, but in fields such as security it is much more than this – businesses are starting to bet strongly on the implementation of tools based on the collection and analyzing of large volumes of data to allow them to detect malicious activity. What started out at a fashionable term has turned into a fundamental part of how we operate.

So, what exactly are the advantages of Big Data? Well, have a think about the current situation in which the use of mobile devices is growing, the Internet of Things has arrived, the number of Internet users is reaching new highs, and quickly you realize that all of this is prompting an increase in the number of accesses, transactions, users, and vulnerabilities for technology systems. This results in a surge in raw data (on the World Wide Web, on databases, or on server logs), which is increasingly more complex and varied, and generated rapidly.

Given these circumstances, we are encouraged to adopt tools that are capable of capturing and processing all of this information, helping to visualize its flow and apply automatic learning techniques that are capable of discovering patterns and detecting anomalies.

Big Data and Machine Learning: looking for a needle in a haystack

A lot of existing cyberattacks have something in common – they are designed to block the noises made by IDS/IPS alters (a medium-sized company could experience tens of thousands of alerts each day), hiding itself among the large amount of information generated by the daily operations of the targeted businesses. The key to detecting these intrusions lies in recognizing this small trail of anomalies, which is like a modern version of finding a needle in a haystack. Luckily, this is exactly what Big Data does.

Faced with the daily wave of alerts, it is inevitable that a human alone would be incapable of detecting, in real-time, unusual concentrations of attack with specific sources, types, or aims. However, where the human fails, algorithms of machine learning (low-level algorithms that don’t follow specific instructions, but rather detect patterns in the data) are able to “learn” normal system activity and detect, in real-time, any unusual activity on the device.

The key for using Big Data for security analysis is based on the promise that while humans are less effective given the increase in the amount of data to analyze, machines can use this information to improve the detection of anomalies, in the same way that surveys are more reliable when they include more people.

Adaptive Defense, Panda’s Big Data based solution

Adaptive Defense, a product recently launched by Panda to put an end to APTs, a new generation malware that traditional antiviruses are incapable of combatting, is an example of how to successfully apply Big Data and Machine Learning to security tools.

Adaptive Defense is capable of continuously analyzing, in real-time, software that tries to run on a system, automatically classifying all of the applications thanks to the Machine Learning algorithms. This allows the user to receive immediate alerts with detailed reports explaining the nature and activity of the malware, and even activating blocking modes that only allow for the running of software classified as goodware.

Keep in mind: Big Data is data, too

Using Big Data as a central tool in cybersecurity strategies beings with it, as we’ve already seen, an extensive list of advantages, but it also generates new worries. If the analysis of these massive volumes of data perfects the detection of malicious activity that is capable of generating leaks, the possibility that this new type of data could cause a leak could have massive legal and trust repercussions than we have ever seen.

The post Why Big Data is the new focus for information security appeared first on MediaCenter Panda Security.

Panda Security

Black Friday and Cyber Monday: How to shop safely online

Leave a comment

shopping online

As the year draws to a close, many retailers take the opportunity to slash the prices on goods, allowing us to take advantage of some great offers. With Christmas just around the corner, events such as Black Friday are great ways to get gifts for friends and family at significantly lower prices.

However, the if the idea of being surrounded by hundreds of frantic shoppers, worn out sales assistants, and long queues fills you with dread, then perhaps Cyber Monday is the shopping event for you. This term, which was coined in 2005 and falls on the Monday following Thanksgiving in the USA, was thought up by marketers to promote online shopping, with special deals that aren’t available in-store.

So, now that you don’t have to worry about the stressful experience of going to the store, we’ve put together a few tips to ensure you won’t have any stressful experiences after shopping online. Take a look below and make sure your Cyber Monday is a safe and stress-free one!

Black Friday and Cyber Monday: How to shop safely online

  1. Stick to well-known websites

The first thing you can do to be safe while shopping online is to only use trusted, official websites. Start your shopping by going directly to the store’s website as opposed to using a search engine to find what you need. Also, only continue if you see that the website is secure by checking that the URL begins with HTTP and that the lock symbol is present. 

  1. Only use a secure Wi-Fi connection

This is a fundamental one, yet people continue to ignore it. Public Wi-Fi may be convenient, especially if you are relaxing at a café and spot a bargain online which you can’t resist. However, it’s best to carry out purchases from the safety of your home, where you have control over who else is connected to your network.

  1. Check your statements

Keep up to date with all transactions carried out with your bank account as the sooner you spot something unusual, the quicker and easier it will be to avoid bigger problems. If you spot something suspicious, contact your bank immediately.

  1. Be aware of the returns policy

When shopping online, remember that the returns or exchange policy may be different to that in store. Also, some stores may only offer store credit on reduced goods, so always check before you buy.

  1. Keep your computer updated and protected

Giving out your bank details online involves an element of trust, so the best way to ensure that nobody else gets their hands on you sensitive information is to have a protected and up-to-date computer. Keep your operating system updated and always use a trusted antivirus that best fits your needs.

  1. Be wary of email offers

It’s common to be bombarded with emails offering you great discounts or offers, but treat them with suspicion. Avoid clicking on links sent via email and verify that the offers are valid on the official website instead.

The post Black Friday and Cyber Monday: How to shop safely online appeared first on MediaCenter Panda Security.

Panda Security

Universal Children’s Day: 7 Tips to Protect Your Child on the Internet

Leave a comment

Universal Childrens Day

Today is Universal Children’s Day, a day set aside for everyone to protect and defend the rights of children. But do we know how to protect children from the dangers involving the Internet and new technologies? It’s important to defend their rights and their innocence in the online world.

The internet is a world known by the children and they must know how to handle it perfectly. Its domain of social networks, search engines, forums… In many instances children have a stronger understanding than that of their parents; therefore they sail along them without excessive parental control. There are many cybercriminals and stalkers who take advantage of this situation to take advantage of children, who are unaware of the dangers they face on almost all occasions.

Pornography, harassment, theft of data and identity… There are many threats facing children online. Through the computer, tablet, online games or mobile phone, children should know how to recognize and react to these situations.

How to Protect a Child’s Online Enviroment

Childrens on Internet

1. Education

It is the cornerstone for training minors, but the dynamic growth of the online world makes it even more essential in this case. However, the little knowledge that parents know about the network causes education to be poor. What is Facebook? What is Tuenti? Should my child chat online with strangers? These are the questions that are asked on several occasions by parents who do not understand this new kind of social environment 2. 0.

Parents must teach their children how to create their online personality, just as they teach them how to behave in real life. There are some values that they should maintain in both worlds: do not to speak with strangers, do not to show an image of you that could be later used against you, do not to give personal details to people you don’t know … Web education and teachers are great the resources that parents who feel lost in this world can use.

2. Control the Hours Spent Online

In today’s work, the social relationships online compete against offline social relationships. All children should learn to disconnect, so they can continue to enjoy a conversation or a real life experience, away from the world 2.0.

3. Show Network Hazards

Sometimes overprotection hinders children from really knowing the threats that face them. Actual cases of harassment, espionage, identity theft, blackmail, etc will happen to those that are less aware threatening situations.

 4. Who Does My Child Talk To?

Parents try to preserve the privacy of their children, but the truth is that you we need to know whose talking and what they’re saying. Just as in real life, a child must know to distrust a stranger who approaches them, they must also learn that these type of people exist and are duplicated within the online world.

 5. Which Photos Should Be Uploaded to the Network?

It’s easy to control the clothing and appearance of children in real life, but do we know what pictures up of them are up on the network? We must remind them of the danger of over-exposure on the Internet. This issue is complicated because in many cases, not even the parents themselves are aware of the consequences of particular photographs up on a social network.

6. Where Does My Child Go Online?

There is certain web content that a minor does not have to see. Since it is impossible to control which pages your child is browsing on the Internet, or what places can be reached via banners and ads, you should install parental control. Through this, the parent may decide which sites are appropriate for their child.

 7. Use Common Sense

Like always, if we teach our children to at least to use common sense, it can used within  2.0 world.

Have you ever faced an online situation complicated with a minor?

The post Universal Children’s Day: 7 Tips to Protect Your Child on the Internet appeared first on MediaCenter Panda Security.

Panda Security

Panda Security reveals cyberattacks aimed at public organizations around the world

Leave a comment

PandaLabs, the laboratory of Panda Security, warns in this, its latest quarterly report, that there has been a wave of cyberattacks where the security and information of various governments has been compromised.

A so-called cyberwar between countries has been present in the last few years, however, PandaLabs has detected a growing interest between countries in compromising the security and information of different governments. With that in mind, one of the most important attacks during this period was against the Hacking Team, which controls a multitude of cyberespionage and cyberattack tools for various governments around the world.

“This case is particularly worrying, as they have managed to decrypt the passwords of the most protected of systems”, explains Luis Corrons, technical director of PandaLabs. “The criminals not only wanted to know which clients used the cyberespionage services, which includes intelligence agencies and governments, but also which products they were using”.

This wave of attacks which took place in the third quarter of the year has also seen the Pentagon’s unclassified email system compromised. This was done via a very sophisticated attack which has the hallmarks of having a government behind it. What’s more, the FBI has confirmed that it has detected a growth in interest among terrorists in strategies for launching cyberterrorist attacks against the United States, which appear to be in their planning stages.

More than 21 million new specimens of malware

The PandaLabs quarterly report has also collected information on the number of new malware samples created in this period. Although this time of the year usually sees a drop in new samples, this year there has been 21 million new threats, which is an average of 230,000 per day.

To carry out their attacks, hackers are using Trojans which, with a slight difference, are the most common malware (69.15%) and also cause the most infections (77.64%). They are trailed by traditional viruses (11.34%), and special attention should be given to Potentially Unwanted Programs (PUPs), which are included in the Others category (7.96%).

malware

“Infecting a device that is connected to the Internet with a Trojan is as easy as hiding it in a file that the victim downloads”, states Luis Corrons. “From then on, all of the information on the device, the organizations information, or user passwords are at risk”.

Controlling devices, the most common method

This quarter has confirmed that the Internet of Things now forms part of our digital lives. This also brings new risks and raises the chances of us being victims of an attack. As this Quarterly Report highlights, there are new methods that are being used to put our security at risk.

Attacks continue to be produce don social media and mobile devices, and now we are also seeing the emergence of techniques to compromise the routers of businesses and homes, leaving them under the criminal’s control without the victim even realizing it.

Businesses such as Jeep Cherokee and Land Rover have also seen their vehicles targeted. The latter had to inform its customers of a fault in the software of 65,000 cars which had been on sale since 2013. The fault allows criminals to unlock the doors via the Internet.

China remains the country with the highest infection rate

PandaLabs’ report also shows the infection rates across the world, with a global average of 32.12%. Once again, it is China which is placed at the top of the list, with an infection rate of 45.35%. It is followed by Peru (42.89) and Turkey (40.99).

Other countries that have registered a rate of infection that is higher than the global average include Poland (34.54%), Brazil (34.32%), Slovenia (33.98%), Colombia (33.11%), Spain (32.50%), and Costa Rica (32.22%).

The countries with the lowest infection rates were Norway (20.12%), Sweden (21.33%), and Japan (22.75%).

The complete report is available here. 

The post Panda Security reveals cyberattacks aimed at public organizations around the world appeared first on MediaCenter Panda Security.

Panda Security

How to stop your child from downloading inappropriate apps

Leave a comment

children online

There can’t be a parent in the world who doesn’t know the beauty of a happy, entertained child. Unfortunately, parents can’t always play the role of the entertainer because keeping a child attentive and interested is not an easy task. So, what can a parent do to keep their little one distracted while they grab a few minutes for themselves? In the past the television was a guaranteed way to keep kids occupied – sit them down on the sofa, switch on some cartoons, and finally get some household chores out of the way while the kids watched their favorite animated characters in delight.

Nowadays, however, with the explosion in tablets and smartphones, there are a whole array of apps for kids to play with. Unfortunately, leaving your electronic device in the hands of a curious and adventurous child could wind up being more trouble than it seems. Due to their nature, children will be intrigued by the device and may end up diverging away from the game or app that you have selected for them, possibly even entering the Apple Store or Google Play store, and downloading some inappropriate content.

What’s even more worrying is that it is also possible to carry out in-app purchases, even in apps aimed at kids. So if you’ve left your purse or wallet lying around, and your child is clever enough to put two and two together, you could wind up with some unexpected charges.

If you aren’t sure on how best to stop your child from downloading inappropriate apps or making in-app purchases, then fear not as we’ve compiled a few tips to ensure that your child won’t have access to content that isn’t suitable for them.

online safety

If you’re an iOS user…

  1. Turn on your restrictions

This may seem obvious, but a lot of people don’t know that the settings of your iOS device allow you to restrict certain activity. All you need to do is enter your settings and hit the tab in the part labelled “General” to turn them. Once activated, you select a special password which will make it impossible to turn the restrictions back off unless the password is entered.

From there you can go through your list of apps and choose which ones you want to put restrictions on by selecting the tab beside the apps. A further step would be to remove your chosen payment method from your Apple account.

  1. Demand a password for purchases

If you don’t want to ban purchases completely, you can also put a limitation that requires a password every time there is a purchase made in the App Store or iTunes Store.

  1. Monitor accounts for teenagers

If you have a child that is over 13 years of age that has their own Apple account, make sure that you only allow them to make purchases with gift cards. If you still don’t trust this method, you can activate the “Ask to Buy” feature if you are using Family Sharing.

If you’re an Android user…

  1. Be aware of authentication processes

Google Play has an authentication process that has a few different options available. First of all, any app that is aimed at children aged 12 or under automatically requires authorization for in-app purchases. However, for other apps you can freely download unless you set up authorization for every purchase or for purchases made every 30 minutes. We highly recommend choosing the former, which you can access via the User Control area.

  1. Have the same restrictions on all devices
    Authentication settings apply only to the device where you add them. If you use your Google Account on more than one device, you must repeat the instructions mentioned above on each device.

So, as you can see all it takes is 10 minutes of having a look at your settings and you can avoid any nasty surprises or unexpected charges. If you’re wondering how else to protect your kids when they’re using the Internet, here are some further tips that will allow them to surf the net safely.

The post How to stop your child from downloading inappropriate apps appeared first on MediaCenter Panda Security.

Panda Security

How to avoid disaster in the event of credit card theft

Leave a comment

safe credit card

When it comes to choosing PINs for your credit card and cellphone you’ve done everything right – you avoided the temptation to use the year you were born in for either and both have different codes. However, these precautions could all be for nothing if a cybercriminal gets in the way of your credit card and the sales point.

The standard verification process for payments by debit or credit cards consists of a card with an integrated chip and a PIN. However, a group of investigators from the École Normale Supérieure (ENS) in Paris have just published a report which explains how a group of attackers found a way around this system and managed to steal €600,000 in stolen cards. The good news, fortunately, is that they were arrested not long after.

This group of attackers stole 40 credit cards which, supposedly, should have been useless without knowledge of the card’s PIN. However, the criminals were crafty and modified the cards by adding a second chip inside the card which was impossible to spot by looking at it.

When the card was placed in the POS (Point of Sales Terminal), they took advantage of the EMV’s vulnerabilities and carried out a “man-in-the-middle” attack which allows them to intercept the communications between the card and the system.

In that moment the second chip came into play and allowed them to complete the transaction using any PIN. This turned out to be an easy method that they used more than 7,000 times.

credit card

Despite the investigators saying that the vulnerabilities have been corrected and that the fraudsters arrested, this case highlights the importance of contacting your bank if your wallet is stolen or if you lose your card.

What’s more, the modification of the card isn’t the only way that they can fleece you if the card ends up in their possession. Ross Anderson, professor of Security Engineering at the University of Cambridge, has spent years investigating how attackers could take control of a credit card and has recently summed up some of the paths open to cybercriminals.

Some of the methods that cybercriminals could use include copying the card information from a POS to send to another one, passing the information of a chip and PIN card to a magnetic stripe card, or even manipulating a POS with the aim of intercepting a card during a transaction and sending the information to a cellphone.

So, what can users do now that they know about these vulnerabilities? In reality, there isn’t really a lot that they can as the majority of these frauds take advantage of the weaknesses in the standard POS, which means card makers and banks should be worries about making transactions as safe as possible.

Some recommendations include only paying with card in places you trust, not keeping all of your savings in the same account, and checking your account often to ensure that there are no unusual movements taking place.

credits card

Being aware of the vulnerabilities of credit cards could also help us to choose other alternatives, such as cards that read our fingerprints. This is a method of protection that no cyberattacker can steal from us.

Last year MasterCard unveiled the first card with a fingerprint reader in conjunction with Zwipe, a Norwegian startup. We have also seen large credit card companies say that they will experiment with facial recognition technology for online purchases.

This step could see then end of traditional passwords in the next few years and it could be a solution to the vulnerabilities facing chip and PIN cards. In the meantime, the best thing to do is keep informed of the risks that you face when using your credit card.

The post How to avoid disaster in the event of credit card theft appeared first on MediaCenter Panda Security.

Panda Security

The coupon scam that’s flooding WhatsApp

Leave a comment

whatsapp scams

If you end up getting a WhatsApp that’s offering you a coupon for a discount at the likes of Ikea or McDonald’s then you’re right to be suspicious – none of these companies are giving away coupons and it’s like that  you’re being a victim of a fraud.

In reality, the name of these, and many other companies, are being used for what seems to be a global social engineering campaign which aims to steal information from unsuspecting victims.

It all begins with a link send to one of your contacts which they will pass on to you – relax, your friends aren’t out to scam you, it’s just how it works.

By opening the link, potential victims are taken to what appears to be a questionnaire on behalf of a well-known supermarket or brand. Via this method, the scammers hope to make use of these famous names to trick you – the likes of Zara, Lidl, Starbucks, or H&M.

starbucks whatsapp

According to the information found after opening the link, the corresponding store is looking to expand and is looking for its users to fill out a survey. They ask you to give your name, address, email, and telephone number, which goes directly to the cybercriminals.

All of this information is collected and later used to carry out spam campaigns, but not before signing the victims up to different premium SMS scams. So, the scam doesn’t just involve identity theft, but could also affect your telephone bill and, in the end, your wallet.

Even though these types of phishing scams have been going on for years, the possibility of getting an easy discount and spreading it to friends, thus making it viral, have turned this new way of tricking people into a global phenomenon.

ikea scam

The best way to avoid falling victim to these scams is to be cautious when it comes to sharing your personal information and to always be wary of promotions that you see online, especially if the brands don’t usually do it and even more so if it comes via WhatsApp.

What’s more, there have been times when these coupons and offers have been sent to victims in different languages or in different currencies – so if you get an offer in Spanish but you live in Australia, or they offer you a coupon in dollars but you live in Ireland, common sense should tell you that something isn’t right.

The post The coupon scam that’s flooding WhatsApp appeared first on MediaCenter Panda Security.

Panda Security

How to get the best out of your computer

Leave a comment

plane

You have surely, at one point or another, missed the speed at which your computer once worked when it was new. Now, when you turn it on, it takes an eternity to start up and you’re sat there wasting time.

With time it is normal for the performance of your PC to drop due to the buildup of unnecessary files which reduce the space available on the hard drive.

Likewise, the fragmentation of files, which can also take excessive amounts of time, plays a role in slowing down your PC’s performance.

With this in mind, it is recommended that you do a clean out of your PC every so often, eliminating unnecessary files, etc.

Seeing as we can’t give you a new computer, we came up with a solution to help your PC regain its former glory. Even if you didn’t think it possible, you can do this with an antivirus software.

Cleaning the PC: solution for a slow computer 

The PC Tuneup feature is present in the 2016 antivirus protection line through the Panda Global Protection 2016 and Panda Gold products.

best computer

With this you can:

  • Clean cookies and unnecessary, temporary files that can slow down your PC.
  • Eliminate invalid entries on the register which can affect your PC’s start up.
  • Manage the start up of your computer. You will be able to see all running programs and deactivate them if necessary. Also, the product constantly monitors and advises the user in the event of a program installing itself during the start up process.
  • Optimize your Android devices to increase performance and battery life.

Do you want to try it out? Give our new 2016 consumer solution products a go and tell us what you think!

Remember that we can only help you if you contact us via the technical support page.

The post How to get the best out of your computer appeared first on MediaCenter Panda Security.

Panda Security

How to set up your household router to protect yourself from attack

Leave a comment

set up router

To keep your electronic devices secure, it isn’t just important to be aware of cyberattacks that could arrive via emails or false links. You need to keep an eye on your router, which provides you with your Internet access, which has become a target for the cybercriminals.

Using these apparatuses as a way to launch attacks is becoming more and more popular and it has been brought to light by two Spanish organizations – the Instituto Nacional de Ciberseguridad (INCIBE) and the Oficina de Seguridad del Internauta (OSI).

They base their warnings on information registered by the INCIBE during the past few weeks. The experts at the organization have detected that the number of daily attacks targeted at routers have increased, reaching nearly 5,000. What the cybercriminals try to do is to install a type of malware on the device and make it form part of a network in which they carry out a denial of service attack (DDoS).

denial service attack

DDoS attacks use a series of computers and other devices with Internet access to saturate server requests where files are stored on a web page, which then stops working and remains inaccessible to others.

  • Each router that was compromised had activated the option of remote administration, which permits access to users outside of the network, allowing any IP address to control its settings.
  • Also, the INCIBE has indicated that the owners of these devices hasn’t modified the access details from the default settings (user name and password). By keeping the original default settings, it was very easy to access them remotely.
  • These factors allow cybercriminals to modify the working options of the router and set up access to a local network. Later, they would only have to install the malware which makes it work as if it were a bot, carrying out massive attacks.

router

  • One of the measures put forward by the OSI to avoid your router being attacked is to change the administrator details and to use better passwords.
  • Also, it isn’t advisable to activate the remote administration unless it is necessary and, in this case, do it during as short a period as possible, so as not to give the attackers a chance to detect its vulnerability.
  • Every router is configured the same, although the interface where you do it and the access options vary slightly depending on the brand. Changes are carried out from the web browser by entering the IP of the device (it comes in the manual, on the tags that are attached to it, or you can find it in the connection settings within the Control Panel).

Finally, if these tips reach you too late and your device is already infected, the best option is to reinstall the firmware (the program that controls the router) from a security copy.

The post How to set up your household router to protect yourself from attack appeared first on MediaCenter Panda Security.

Panda Security

Kemoge: Google Play faces new app attack

Leave a comment

Android users will be well aware of the fact that the Google Play store, and their Android device, are constantly under the watchful eye of cybercriminals. Thanks to the wide usage of the Android operating system, these criminals use this in the favor and use the Google Play store to help spread their malware to unsuspecting victims.

android malware

The latest case is called Kemoge and, similar to another recent malware that affected iOS users, has its roots in China. This follows Google removing many apps from the online store that disguised themselves as legitimate applications but actually began to push out adware and, eventually, more malicious things. Some of the popular apps that were disguised as Kemoge include Smart Touch, Calculator, Talking Tom, Light Browser, Privacy Lock, Easy Locker and others including adult apps. The malware then collects information from the infected device and starts sending ads in an aggressive manner. The eight root exploits are more worrisome because the attackers can use them to download, install and launch apps on the infected device.

Once the campaign was discovered, Google set about deleting the infected applications from its online store and issued warnings to users. The infection covered a large spectrum of devices, but the root exploits are not one-to-one mapping. Furthermore, some of the root exploits are device oriented, like motochopper which targets Motorola devices, but some others are general root, like the put_user exploit, which can root unpatched devices from Samsung, HTC or Motorola.

Once the device is infected, Kemoge beings to install different components which help it gain root access. It, for example, registers MyReceiver in the AndroidManifest which invokes another component called MyService, both of which are disguised as legitimate Google code because they include Google’s com.google component prefix. This means that the device is under constant control without the victim realizing it.

As always, the best way to avoid being the victim of malware, regardless of what device you are using, is to be protected with an antivirus for Android. As we have seen before, there are many different ways that you could have your or your loved ones’ privacy or information compromised, and prevention is the best form of protection.

The post Kemoge: Google Play faces new app attack appeared first on MediaCenter Panda Security.