Tag Archives: News

Panda Security

Companies that are making the same mistake as Dropbox

dropbox panda security

Though it may seem trivial, it is not: the security of your company and of your customers depends largely on the passwords that your employees use. In fact, should any of them make such a serious error as, for example, reusing their login credentials across different services, the consequences could be catastrophic, as Dropbox has recently learned.

The case of Dropbox, in figures.

Just a few days ago, the cloud storage company acknowledged that passwords of more than 68 million accounts had been leaked, with a security issue jeopardizing the information of its more tan 500 million users. All the problems started with a simple lapse on the part of one of the company’s employees

The incident occurred in 2012, when some Dropbox users began to complain: email accounts that they had used exclusively to register for the service had started to receive a lot of spam messages. The key to the mystery lay in the theft of passwords from a Dropbox employee: cyber-crooks had got hold of the employee’s LinkedIn password, which was the same as the one used for the cloud storage account. And in the Dropbox account, the employee had a document with a list of user’s email accounts. The perfect gift for spammers.

Some of the passwords that have now been leaked correspond to those accounts included in the previous theft some years before. In fact, a few days before its acknowledgement of this latest leak, Dropbox asked users that had not changed their passwords for some years to do so as soon as possible: “We’re reaching out to let you know that if you haven’t updated your password since mid-2012, you’ll be prompted to update it the next time you sign in. This is purely a preventative measure and we’re sorry for the inconvenience”, read the email.

Some of the passwords filtered correspond to hacked accounts years ago (…) Dropbox asked users that has not changed their passwords for 4 years ago to do so as soon as possible.

In short, poor password practice by employees in company email or service accounts can put the whole company at risk. In fact, Dropbox has already taken measures to enable employees to comply with corporate security rules, including among other things, not reusing passwords. You can also do the same. Panda’s security solutions include a password manager to facilitate the use of different passwords for different services, without having to memorize each one.

 

The post Companies that are making the same mistake as Dropbox appeared first on Panda Security Mediacenter.

Panda Security

Know the tricks of the new Locky

tales-ransomware_tales

In this new Tales from Ransomwhere we discovered the tricks of one of the most infamous families in the landscape of the ransomware: Locky .

Recently (our colleagues from Avira reported it in July) they added a new feature, it includes an offline mode so it is able to encrypt files when the connection to the server is not available. The weak point is that this key is the same for every computer which files are encrypted, that’s why this is just something that is performed when for some reason the C&C server is unavailable.

On top of this now they have changed the way they infect computers. Usually these attacks rely on a small downloader Trojan who downloads and executes the ransomware. For example, when the attack comes from a javascript file, this usually downloads a small executable which only function is to get the ransomware and execute it. As I have explained in previous articles, cybercriminals are all the time making small changes trying to avoid detection from security solutions.

Distribution of new attack

In this case the attack is being distributed through email, we have seen a number of them with a zip file that has a javascript file inside named “utility_bills_copies <random characters>.js”. However there are different versions using different subjects and file types, for example this one:

ransomware panda security

 

Which inside has the following file:

ransomware zip

 

They have skipped the downloader Trojan part and the script gets the Locky variant in DLL format (with the downloader in most cases the downloaded file was an EXE), which is executed using Windows rundll32.exe. The first sighting of this was on August 22nd, and so far they keep using the same strategy. As you can see they are launching one wave per week:

Ransomware analytics

The most severely affected territories

We have seen just a few hundred infection attempts mainly in North and South America and Europe, although there are some in Africa and Asia too. In case they get a good return of investment we’ll probably see an increase in the next weeks. Here you can find a few hashes of this Locky variant:

ransomware_list3 (3)

 

The post Know the tricks of the new Locky appeared first on Panda Security Mediacenter.

Panda Security

What you should know about Windows 10

windows 10 panda securityIt is reaching the end of its first year and now companies are asking, is it the right moment to update to Windows 10?Now that it’s becoming somewhat mature, should businesses take the plunge and invest time and money to upgrade their software? The general opinion is that yes, companies should upgrade. After all, it takes far less time and resources to plan the transition than to deal with it after problems emerge due to outdated software.

January 2020 may be far away, but that is when Windows 7 will be discontinued, and businesses need a lot of time—months or even years—to complete this type of transition. There are also some companies that have chosen to continue using Windows 8, an operating system which has brought more sorrow than glory to the corporate sector.

In addition to the added benefits offered in Windows 10, the tech company has also tried to fix the Windows 8 problems and has also introduced new elements that are designed to attract more businesses which is a huge market that Microsoft can’t afford to lose to its competitors: Apple Mac and Google Chromebook.

The main focus for Windows 10 is to reinforce security. Some of the improvements include biometric identification support (Hello), improvements for mobile device management (MDM) and a centralized verification center through Azure Active Directory (this prevents unnecessary password duplication).

Panda Security’s antivirus solutions work perfectly with Windows 10

But perhaps the most talked about and significant aspect for businesses is the new update cycle. With the 10th version of their operating system, Microsoft has gotten rid of something that is typical in other companies: constant updates. Until now, security patches were published once a month (the famous “Patch Tuesday”) and most of the improvements were concentrated in large blocks called “Service packs”.

The wait until 2020 is long and not in-rhythm with the current digital economy, but with this new system, Windows 10 will be able to install updates immediately (as long as the people in charge decide so).

The post What you should know about Windows 10 appeared first on Panda Security Mediacenter.