The US-based nonprofit organization Consumer Reports has come up with a new standard that aims to boost consumer confidence in privacy and data security.
The post Consumer Reports launches new privacy and data security standard appeared first on WeLiveSecurity
Cyber-attackers are always finding new ways of bypassing the protection systems installed on computers in order to avoid detection and steal user data. In that respect, Black Hat hackers have always turned to malware-based attacks (phishing, network worms, or the dreaded Trojans with ransomware as the most dangerous example) to reach their goals: break into companies to steal credentials and huge amounts of other data in exchange for a ransom… At least, until now.
PandaLabs has recently detected a quite clever attack targeting a company in Hungary. What makes it so special? Well, the attack does not use any malware as such, but scripts and other tools belonging to the operating system itself in order to bypass scanners. This is just another example of the increased self-confidence and professionalization we have been observing among cyber-crooks in recent months.
First, and as has become the norm in the latest security incidents analyzed at the lab, the attack starts with the attackers launching a brute-force attack against a server with the Remote Desktop Protocol (RDP) enabled. Once they get the computer’s login credentials, they have complete access to it.
Then, the first thing that the attackers do is run the sethc.exe file with the parameter 211 from the computer’s Command Prompt window (CMD). This turns on the system’s “Sticky Keys” feature. We are sure you have seen this message before:
Next, a program called “Traffic Spirit” is downloaded and run. “Traffic Spirit” is a traffic generator application which in this case is used to make extra money out of the compromised computers.
Then, a self-extracting file is launched that uncompresses the following files in the %Windows%cmdacoBin folder:
The attackers then proceed to run the Windows registry editor (Regedit.exe) to add the following key contained in the registery.reg file:
This key aims at ensuring that every time the Sticky Keys feature is used (sethc.exe), a file called SCracker.bat gets run. This is a batch file that implements a very simple authentication system. Running the file displays the following window:
The user name and password are obtained from two variables included in the sys.bat file:
This way, the attacker installs a backdoor on the affected machine. With this backdoor, the attacker will be able to connect to the targeted computer without having to enter the login credentials, enable the Sticky Keys feature (for example, by pressing the SHIFT key five times), and enter the relevant user name and password to open a command shell:
The command shell shortcuts will allow the attacker to access certain directories, change the console color, and make use of other typical command-line commands.
However, the attack doesn’t stop here. In their attempt to make as much profit as possible from the targeted company, the attacker installs a bitcoin miner to take advantage of every compromised computer for free money. Bitcoin mining software aims to use the victims’ computer resources to generate the virtual currency without them realizing. A cheap and very effective way to monetize computer infections.
How does the Sticky Keys feature aid cyber-crooks?
If an attacker can actually access a targeted computer via an RDP connection, what do they need a backdoor for? The answer to this question is quite simple: By installing a backdoor on the affected machine, even if the victim realizes that their system has been compromised and changes the Remote Desktop credentials, all the attacker has to do is press the SHIFT key five times to enable Sticky Keys and run the backdoor to be able to access the system again. And remember, all of this without running malware on the affected computer.
Adaptive Defense 360, Panda Security’s advanced cyber-security solution, was capable of stopping this targeted attack thanks to the continuous monitoring of the company’s IT network, saving the organization from serious financial and reputational harm. Protect your corporate network with the security solution that best adapts to your needs.
The post Sticky Attacks: When the operating system turns against you appeared first on Panda Security Mediacenter.
The following could be the story plot of the next Hollywood horror blockbuster. Average Paul works hard all year to put food on the table like millions of Americans. And being the good guy that he is, Average Paul understands that paying taxes is part of the game (even though he feels he pays too much of it).
Now, Average Paul has heard he could file his taxes online. He thinks it’s worth a shot: he’s expecting a bit of money back, and if there’s enough, he’ll take the family to Indiana to visit the in-laws. Some websites even say e-filing with them is completely free so why would he go to a physical agent. There’s nothing wrong about that!
The IRS, which administers the Internal Revenue Code here in the US, is keen to get a share of Average Paul’s revenues and has set-up a secured website for that very purpose. So has scammer Joe Crook, but his website isn’t secure at all. And this is where the horror story begins.
Average Paul is a busy guy, he’s gone online at the end of his latest shift, and he’s entered all sort of personal information on a website he found on Google. The problem is, he’s not on the IRS Internet site, neither he is on a certified website that helps in preparing and e-filing his federal and state Income taxes. He’s made his way onto Joe Crook’s fake website, and he’s about to get scammed.
Preparing your tax returns is a battle itself. Everyone wants to pay the least they can. It’s one of those universal truths. How can you make sure you’re not sharing confidential details with shady characters like Joe Crook? How can you do the right thing without being left out of pocket later on?
Last year the IRS disclosed that more than 700,000 social security numbers and other sensitive information had been stolen. Sadly, there’s no silver bullet to protect yourself when those entrusted with our information fail to keep it safe! Fortunately, you can take action by protecting your computer and mobile devices from malware and virus with Panda Security. The company has brought to the market multiple packages to suit all budgets. It pays to protect your computer.
This tax season, be clever and don’t let Joe Crook fleece you out. By being protected, you are not only saving yourself, but you are preventing Joe Crook from developing his so-called “business.” Don’t support the scammers by being unprepared!
The post Paying taxes is taxing enough appeared first on Panda Security Mediacenter.
Often seen as a male-dominated industry, women have played an important part in driving developments in the computer industry. As we celebrate International Women’s Day, these eight women have blazed a trail in IT, setting an example to us all.
Ada LovelaceDespite being the daughter of the well-known bohemian hell-raiser George Byron, Ada Lovelace’s own life was incredibly successful, albeit slightly less “colourful”. Encouraged to study maths and logic by her mother, Ada’s studies soon brought her into contact with Charles Babbage, ‘the father of computers’.
As part of her work with Babbage, Ada created what is believed to be the first ever computer program – an algorithm to be run by Babbage’s legendary Analytical Engine.
As well as being a Rear Admiral in the United States Navy, Grace was one of the first programmers of the Harvard Mark I computer. Her work led to the creation of the first compiler – a tool used to change computer code into a fully-functioning application.
Grace was also instrumental in creating COBOL, one of the first programming languages, and one that is still in use today.
During study for a graduate degree, Henrietta began working at the Harvard College Observatory. Her job – as a human computer was to help grade photographs taken through the observatory’s telescope, and to perform complex mathematical calculations.
Henrietta’s work paved the way for the techniques used by astronomers today to calculate the distance between Earth and distant galaxies.
Best known as a Hollywood actress, Hedy Lamarr was also an accomplished inventor in between roles. During World War II, Hedy helped to create a jam-proof radio guidance system to be used with torpedoes.
Although this signal-hopping technology was deployed by the US Navy until the 1960s (where it proved to be particularly effective), it is still in use today. The same basic principles are also used in modern WiFi and Bluetooth radio technologies – like those that make your smartphone and tablet work wirelessly.
After leaving school, Stephanie went to work for the Post Office Research Station where she helped build computers from scratch. She also learned to program machine code – the very low level language used by computer parts to work properly.
In 1962, Stephanie founded Freelance Programmers, a software company with the intention of helping women get into IT – just 1% of her programmers were male. The team worked on a broad range of projects, including the black box recorder for the supersonic jetliner, Concorde.
Having taught herself to program computers, Jude’s first job was in the IT department of a US food manufacturer. She also helped to create the Berkley Software Distribution (BSD) operating system which is still in use today.
Jude was also a committed social activist and hacker, going by the name of “St Jude”. Coining the term “cypherpunks”, St Jude helped to promote the idea of using cryptography to protect personal information as a route to social and political change.
Despite majoring in philosophy and theology, Mary became a computer programmer at the Massachusetts University of Technology. Initially she was programming IBM systems as part of a speech recognition project.
Later Mary was moved to a team working on LINC, widely believed to be the world’s first “personal computer”. As far back as 1964, Mary was using the LINC computer at home to refine the system’s design.
After a very successful period at university, Lynn was recruited by IBM to work on a project designing an advanced supercomputer. Known as the Advanced Computing Systems (ACS) project, the resulting computer is believed to have been an example of the first superscalar design.
Later Lynn worked for major organisations including DARPA and Xerox, and MIT as an associate professor.
Although these women may serve as examples to women considering a career in IT, their experiences and achievements are actually a lesson for all young people – regardless of gender.
The post International Women’s Day: 8 empowered woman in the computing world appeared first on Panda Security Mediacenter.
http://www.pandasecurity.com/mediacenter/src/uploads/2017/03/IMG-MC-bromaimpresoras-300×225.jpg
Printers are everywhere, but they’re not exactly the sort of device that we pay especial attention to when it comes to our businesses IT security infrastructure. In reality, corporate networks of printers that are not properly protected could end up being one of the company’s biggest security gaps.
A spectacular example of this can be found in an apparently mysterious event that recently affected more than 160,000 printers all over the world. Without warning, every one of them printed the same document, which warned that the printer in question would now be part of a bot network. In short, the printer had been infected and now seemed to respond only to orders coming from its new cybercriminal master.
Whatevs, flaming botnet. I DON’T EVEN LIKE THE OFFICE PRINTER. @lmaostack pic.twitter.com/UKxE9aKxCL
— Stephanie Sanchez (@IAmStephanieS) February 6, 2017
As it turns out, behind this singular attack was Stackoverflowin, an enigmatic hacker who explained that the whole thing was a joke intended to raise awareness of printers’ vulnerabilities. “It was kind of on impulse,” he acknowledged. As he explained, he was looking to raise awareness of how dangerous it is to expose connected printers to the public internet without a firewall or other tools.
In order for the humor of this singular attack to be noticed, the hacker’s warning came with a fun robot drawn with ASCII art. But jokes aside, the situation really is quite serious: printers of every kind and from all over the world have fallen into Stackoverflowin’s trap.
To achieve this, the hacker developed a script able to track printers connected to the Internet with one of its ports open. Using the open port, he was able to order the device to print the enigmatic document.
However, it is actually quite simple to heed Stackoverflowin’s warning and fix the problem. Just make sure that the ports on the printer network have a secure password and that all devices on your corporate network are covered by the right protection to avoid cyberattacks that, next time, may not be so friendly.
In case this wasn’t enough, a group of German researchers has published a study that shows that numerous printer security flaws can be exploited to access the memory of these devices and steal data such as passwords or even confidential documents. So check your printers! This is an issue that we collectively need to take more seriously, and these potentially vulnerabilities are worth looking into.
The post Over a Hundred Thousand Printers Simultaneously Ghost Printed Goofy ASCII Art appeared first on Panda Security Mediacenter.
Yahoo’s Marissa Mayer has missed out on $2m from her annual bonus due to her management of security breaches affecting billions of users.
The post Yahoo CEO forgoes annual bonus, worth millions, over security breaches appeared first on WeLiveSecurity
http://www.pandasecurity.com/mediacenter/src/uploads/2017/03/IMG-MC-galardon-300×225.jpg
The International Selection Committee of the Worldwide Marketing Organization (WMKTO) in Mexico has named advanced cybersecurity vendor Panda Security as winner of its prestigious “21st Century Global Quality Award” 2017.
This award is granted annually in recognition of those companies, products or professionals that stand out in the business world for their quality and service. The recipients are selected by an International Selection Committee comprised of prestigious entrepreneurs, diplomats, educational and governmental authorities, marketing and communications specialists, and banking institution directors, with 19 years’ experience in studying global market trends.
This international award was established to recognize and encourage the growth and development of companies and professionals who, despite the difficult global financial and economic conditions, have maintained the highest levels of product quality and professional competence. A recognition of the good work and the implementation of patterns of contextual intelligence on cybersecurity applied to companies in the country.
The award will be presented at the Marquis Reforma Hotel in Mexico City on March 4, 2017. The event will also feature the awarding of three other awards: the “Golden Star for Business Merit”, the “Golden Medal for Quality and Service” and the “Royal Crown to Excellence” to other leading companies in Mexico.
The post Panda Security receives “21st Century Global Quality Award” 2017 appeared first on Panda Security Mediacenter.
The UK is developing an internet safety strategy in an attempt to secure a position as “the safest place in the world for young people to go online”.
The post Major internet safety strategy to ‘bolster online safety’ for children in the UK appeared first on WeLiveSecurity
http://www.pandasecurity.com/mediacenter/src/uploads/2017/03/pandasecurity-netflix-phishing-ransomware.jpg
Netflix has enjoyed huge success over the last couple of years. As stated in the company’s overview, they have over 93 million members in over 190 countries enjoying more than 125 million hours of TV shows and movies per day.
Not bad for a company that started out during the declining years of physical entertainment, renting out DVD’s by mail.
Unfortunately, success often comes at a cost. Along with the adulation and well wishing, it often garners other types of, unwanted, attention. In the case of Netflix, this attention, as you can imagine, is increasingly coming from malicious cybercriminals.
What exactly are they doing though?
Cybercriminals are using several methods to breach vulnerabilities in people’s accounts. People who are probably too busy binge watching shows like Black Mirror to know what’s going on. Oh the irony!
Among the methods these cybercriminals are reportedly using are the theft of user credentials that can be sold on the deep web, the exploiting of vulnerabilities, and most recently, the infecting of systems with Trojans capable of stealing the user’s financial and personal information.
They could be sold on to other cybercriminals wanting to use the service for free. There’s another layer to the equation. A double-crossing of sorts; the lure of a free account could be used to trick someone into installing malware or ransomware onto their laptop.
Cybercriminals using details in this way can make a profit out of the initial selling of the information as well as by taking hostage of the same persons data. Never trust a criminal.
Trend Labs Security recently came across a ransomware luring Windows users via a pirate login generator. This is a typical way illegal websites share premium and paid for website details for free, as shown below.
Clicking the “Generate Login” button in this case leads to another prompt window that purportedly contains the stolen information of a genuine Netflix account. RANSOM_NETIX.A uses these fake windows as a distraction, however, all the while performing its encryption routine on 39 files, unbeknownst to most users.
The ransomware is employed using an AES-256 encryption algorithm and appends the files with the .se extension. As can be seen below, the ransom note demands $100 worth of Bitcoin (0.18 BTC).
This is actually relatively little, as ransomware demands go, some iterations demanding $500 dollars within a very short time frame. Others even ask you to infect your friends with ransomware in order to decrypt your information.
There are, of course, two victims in this ransomware scam; those who are unknowingly having their details used to lure the other type of victim, and the other one who receives the ransomware.
The first type of victim can perform a simple action if they suspect they’re account is being used illegally. Look through the “recently watched” section of your Netflix account to see if any shows are popping up that you haven’t seen. For this reason it’s good practice not to share your account with many people, however tempting it may be to allow friends or family in on the action.
It’s also good practice to stick to your provider’s security recommendations. As always, be wary of unsolicited emails pretending to offer legitimate services. A good antivirus, of course, can also act as a barrier to certain types of malware and cyber attacks.
For the second type of victim, the advice is simple; pay for the service. The ten euros a month in savings really won’t seem so great when the device it’s used on, and everything on it, is at the mercy of cybercriminals.
The post Netflix target of cybercriminals appeared first on Panda Security Mediacenter.
http://www.pandasecurity.com/mediacenter/src/uploads/2017/02/pandasecurity-MC-android-wear-3.jpg
Technology gets a bad reputation at times. It’s supposed to connect us, but really, it drives us apart. It’s making us less in touch with the world around us and less inclined to deal with emotional issues.
That may be a very one-sided view of things, but it’s hard to deny that people don’t hide behind their brightly lit screens on a daily basis.
Introducing MIT’s wearable AI system app, a piece of software designed to make people more in touch with their emotions.
How does it do this? Well, by putting them on a screen right in front of you, that’s how. The concept almost feels tailored to not allowing one to hide from their feelings by acquiring a glazed expression and burying their face into their device.
Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and Institute of Medical Engineering and Science (IMES) have recently come up with the idea for the tech device.
The device wasn’t designed specifically to prevent people using their devices to hide from their emotions, but rather to help people who may do so compulsively because of an underlying psychological issue.
The tech is based on the principle that human communication goes far beyond being purely verbal. People are constantly sending out signals through other means, like mannerisms, voice intonation and eye contact. These non-verbal signals can be difficult to read though for people with anxiety or for those who have developmental disorders such as Asperger’s syndrome.
This is what lead researchers at MIT to develop software that could capture audio data of a person speaking and analyze the speaker’s tone, pitch, energy, and vocabulary.
“Imagine if, at the end of a conversation, you could rewind it and see the moments when the people around you felt the most anxious,” says graduate student Tuka Alhanai, who co-authored a paper on the subject with PhD candidate Mohammad Ghassemi. “Our work is a step in this direction, suggesting that we may not be that far away from a world where people can have an AI social coach right in their pocket.”
According to MIT News, the students captured 31 different conversations of several minutes each before training two algorithms on the data. After analyzing the conversations, one algorithm classified them as either happy or sad, while the second labeled five-second blocks of the conversations as either positive, negative or neutral.
The model is 7.5 per cent more accurate than other existing approaches, however, it is not yet reliable enough to be used as part of a handheld social coaching device. According to Alhanai, this is very much the goal. To make this possible though, they will have to collect data on a much larger scale.
The model is 7.5 per cent more accurate than other existing approaches, however, it is not yet reliable enough to be used as part of a handheld social coaching device. According to Alhanai, this is very much the goal. To make this possible though, they will have to collect data on a much larger scale.
There is a slightly eerie implication to having our emotions read by an artificial intelligence. It might evoke images of HAL going haywire after lip-reading the protagonist’s plans to shut him down in 2001: A Space Odyssey.
While the tech obviously isn’t on the verge of allowing an AI to hatch a murderous plan, the team have urged caution in the way the system is used in the future.
The algorithm is run locally on the user’s device in order to protect personal information. Alhanai also emphasizes that a consumer version would have to set out clear protocols for getting consent from people involved in the conversations.
The thought of this type of technology being used for third-party data gathering and targeted ads is an uncomfortable one. Despite this, we can see the tech forming an important part in the future of wearables and AI. A huge technological step in a similar direction could also see lie detection playing a role in data security, something that could even be integrated into the security of a futuristic smart home.
MIT’s wearable emotion-reading technology is an interesting step towards integrating technology into the outside world. Augmented Reality companies like Magic Leap are promising a future of enhanced reality, projecting images seamlessly over the real world instead of cutting it out with virtual images. MIT’s new tech can, in one particular respect, be seen very much in the same vein.
Our tech will arguably be enhancing our emotional lives rather than dulling them.
Björn Schuller, professor and chair of Complex and Intelligent Systems at the University of Passau in Germany, seems to share this sentiment. Though he wasn’t involved in the project, he is fascinated about where this step could lead us:
“Technology could soon feel much more emotionally intelligent, or even ‘emotional’ itself.”
We’ll be keeping our eye on this new tech; a tantalizing step towards making technology form a seamless part of our lives instead of distracting us from things that are important in life.
The post A Smartwach Social Coach? New Tech Can Read Your Emotions appeared first on Panda Security Mediacenter.