The post Video: Avira goes Prime time with its new all-in-one premium subscription service appeared first on Avira Blog.
Category Archives: Antivirus Vendors
Antivirus Vendors
Healthcare challenges: Ransomware and the Internet of Things are the tip of the iceberg
ESET’s Lysa Myers discusses the challenges facing healthcare technology, medical and fitness devices and highlights the need to secure medical devices
The post Healthcare challenges: Ransomware and the Internet of Things are the tip of the iceberg appeared first on WeLiveSecurity
China-based ‘Cloud Hopper’ Campaign Targets MSPs and Cloud Services
A new report by PwC UK and BAE Systems has revealed a sophisticated cyber campaign “of unprecedented size and scale” targeting managed IT service providers (MSPs). The campaign, dubbed Operation Cloud Hopper, was motivated by espionage and information gathering, as evidenced by the attackers’ choice of high value and low profile targets.
The authors of the report were able to conclude that Operation Cloud Hopper is almost certainly the work of a previously known group called APT10. The APT10 group is already well known in the world of cybersecurity, and it is a widely held view that it is based in China.
Using forensic analysis of operational times and IP zones, the authors of the report were able to conclude with a high level of certainty the identity of the group, their location in China, and the extent of the campaign. They were even able to sketch a portrait of their workday, including “a two hour lunch break”.
“Operating alone, none of us would have joined the dots to uncover this new campaign of indirect attacks,” Richard Horne, cyber security partner at PwC, recently told the BBC.
APT10 appears to be a well-staffed, highly organized operation with extensive logistical resources. According to the report, the group uses a variety of customized open-source software, original bespoke malware, and spear phishing techniques to infiltrate their targets’ systems.
Their strategy of choosing MSPs as a primary target has given them “unprecedented potential access to the intellectual property and sensitive data of those MSPs and their clients globally,” according to the report. “Given the level of client network access MSPs have, once APT10 has gained access to a MSP, it is likely to be relatively straightforward to exploit this and move laterally onto the networks of potentially thousands of other victims.”
Luis Corrons, technical director of PandaLabs, points out that carefully selecting targets, and customizing attacks accordingly, is more common every day. “Aside from the myriads of common cyberattacks businesses regularly have to deal with, nowadays we are witnessing huge increases in the amount of attacks in which cybercriminals are actually inside their victim’s network, adapting to his defenses and carrying out strikes with surgical precision as they target specific assets,” wrote Mr. Corrons in an email.
The Cloud Hopper campaign comes at a time when geopolitical tensions are increasingly crossing over into the realm of cyberespionage and cyberwarfare. Though the report does not openly suggest that there was any involvement on the part of the Chinese government, it does point out that the targeting of diplomatic and political organizations, as well as certain companies, “is closely aligned with strategic Chinese interests.”
Adaptive Defense Lets You Rest Easy
Fortunately, targeted attacks, even sophisticated ones perpetrated by highly professional groups like APT10, are pieces of cake for Panda’s Adaptive Defense. As it sees absolutely everything happening on all computers, it can stop these kinds of attacks proactively. Adaptive Defense can also provide forensic information about threats, by giving detailed and intelligent traceability for everything that happens on a company’s IT infrastructure — threat timeline, information flow, the behavior of active processes, etc.
Adaptive Defense 360 is the first cybersecurity managed service that combines next-generation protection (NG EPP) and detection and remediation technologies (EDR), with the ability to classify 100% of running processes. With this innovative technology, it is able to detect and block malware that other protection systems miss.
The post China-based ‘Cloud Hopper’ Campaign Targets MSPs and Cloud Services appeared first on Panda Security Mediacenter.
It’s time to finally say goodbye to Windows XP. And Vista. Again
Three years ago, Microsoft ended its extended support for Windows XP. Today, almost 8% of desktop users worldwide are still run the operating system.
The post It’s time to finally say goodbye to Windows XP. And Vista. Again appeared first on WeLiveSecurity
Sathurbot: Distributed WordPress password attack
This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a delivery medium and its distributed brute-forcing of weak WordPress administrator accounts.
The post Sathurbot: Distributed WordPress password attack appeared first on WeLiveSecurity
Tax identity fraud: Bringing the fight to this menace
Tax identity fraud is a multibillion dollar industry for criminals. ESET’s Lysa Myers explores new measures and offers some top tips on how to tackle this menace.
The post Tax identity fraud: Bringing the fight to this menace appeared first on WeLiveSecurity
Millions of iCloud Accounts Could Be Wiped if Apple Refuses Ransom
No less than $75,000 in cryptocurrency (Bitcoin or Ether), or $100,000 in iTunes gift cards — this is the exorbitant ransom that cybercriminals have demanded from Apple. The group, calling themselves the Turkish Crime Family, claims to have stolen access to 300 million iCloud accounts, and have threatened to wipe them on April 7 (tomorrow) if the corporation doesn’t pay up.
The cybercriminals sent a series of screen shots to Motherboard that apparently show the exchange of emails between the hacker group and Apple’s security team. They also provided access to one of the email accounts that they allegedly used to communicate with the company and lay down their conditions for the deal.
According to the messages on the account, the cybercriminals uploaded videos to YouTube to show how they were able to log in to several stolen iCloud accounts and even showed how they were able to access an elderly woman’s photos and remotely delete them.
Apple Won’t Be Had So Easily
Allegedly, an Apple employee had asked the criminals to take down the video that they’d uploaded to YouTube. The company also declared, “We do not reward cyber criminals for breaking the law”.
There are a few holes in the attackers’ story. In the initial correspondence, they claimed to have accessed 300 million accounts on Apple’s iCloud, but on the Turkish Crime Family twitter account the claim was a more modest 200 million. In a later correspondence, the number jumped up to 559 million.
“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers told Motherboard. It seems clear that one of the strategies of this group is to blackmail Apple by making their actions public, alarming as many Apple clients as possible.
However, a spokesperson for Apple has stated that “there have not been any breaches in any of Apple’s systems including iCloud and Apple ID.” The supposed list of email addresses and passwords may therefore have been obtained through a third-party service that had been previously compromised.
The spokesperson also stated that they are “actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved.” We’ll have to wait until tomorrow to see if there is a real threat, or if the hackers are simply bluffing.
In any event, the company has taken the opportunity to remind users to use robust passwords, that they don’t use the same credentials over various websites, and that they activate two-step authentication to add an extra layer of security.
The post Millions of iCloud Accounts Could Be Wiped if Apple Refuses Ransom appeared first on Panda Security Mediacenter.
7 ways a giraffe can damage your device
With April the Giraffe about to give birth in the Animal Adventure Park in Harpursville, New York, it is time to warn readers of how a giraffe can damage their device in ways that a cat or dog would only dream of: Licking it – A giraffe’s tongue is about 50 cm long and black. Equipped to […]
The post 7 ways a giraffe can damage your device appeared first on Avira Blog.
Millennials and GDPR ‘pose increased cybersecurity risk to companies’
Millennials and the demands of upcoming GDPR regulations could result in a greater cybersecurity risk for many businesses, new research has suggested.
The post Millennials and GDPR ‘pose increased cybersecurity risk to companies’ appeared first on WeLiveSecurity
eSports: Avira FIFA17 Contest with 2000€ Prize Pool – Join Now!
It’s been some time since we’ve last talked about eSports, but a good thing takes time. What is eSports? Now: For those of you who don’t know what eSports is, let me explain. eSports is short for ‘electronic sports’ and is the term for competitive video gaming. It’s exactly what you probably think it is […]
The post eSports: Avira FIFA17 Contest with 2000€ Prize Pool – Join Now! appeared first on Avira Blog.