Tag Archives: highlighted

Adaptive Defense 360 Given Stamp of Approval by AV-Comparatives

Defending your devices in our hyperconnected world is no simple task. Your protection should include a wide range of defense mechanisms, a necessary deployment that, until now, has forced IT organizations to purchase and maintain a variety of products from different providers.

In December, AV-Comparatives gave their stamp of approval to the three principles of the Adaptive Defense 360 security model: continuous monitoring of all applications on company servers and workstations, automatic classification of endpoint processes using big data and machine learning techniques in a Cloud-based platform, and the possibility, should a process not be automatically classified, of a PandaLabs expert technician analyzing the behavior in depth.

“The evaluation by AV-Comparatives is a good reflection of the value of Adaptive Defense to our customers,” said Iratxe Vázquez, Product Manager at Panda Security. “We protect from and detect all types of known and unknown malware and zero-day security attacks (ransomware, bot networks, exploits, fileless malware, APTs, etc.), all thanks to the continuous monitoring of all processes running on our customers’ devices.”

The Adaptive Defense 360 solution has been endorsed as the first and only product that combines endpoint protection (EPP) and endpoint detection and response (EDR) in a single platform.

“As this solution classifies all executed processes, it cannot fail to record any malware.”

Efficacy Test

Panda Security’s advanced cybersecurity solution detects and blocks malware that other protection systems don’t even see. “We know that Adaptive Defense is easily one of the best solutions on the market, and we needed this to be certified by a prestigious laboratory in the world of security,” said Luis Corrons, Technical Director of PandaLabs.

Adaptive Defense 360 achieved 99.4% detection in the 220 analyzed samples and 0 false positives in the independent analysis performed by the esteemed AV-Comparatives Institute, which establishes this solution as the most advanced end-user cybersecurity software.

“For us it was essential that the tests were done with the utmost rigor, as we were looking for an environment that would perfectly simulate the real world and the threats to which companies are constantly exposed,” says Corrons.

The Intelligent Control Platform, a Synthesis of Machine Learning and Big Data

Artificial intelligence and machine learning are booming trends this 2017, allowing companies to use data science to optimize resources and improve their productivity. Imagine the effectiveness of a cybersecurity software that combines both of these trends.

“The protection that Adaptive Defense 360 ​​offers is much more than a marketing strategy,” said Iratxe Vázquez. “This solution is a protection strategy, a new security model that our customers will need in order to deal with cyber threats. The attacker continually adapts his behavior, easily avoiding traditional antiviruses. He infiltrates and acts quietly, making all kinds of lateral movements that we monitor, analyze and block before he reaches his targets.”

Adaptive Defense 360 ​​is part of an intelligent cyber security platform, capable of merging contextual intelligence with defense operations.

“We continuously monitor and evaluate the behavior of everything running on our clients’ machines, using Machine Learning’s adaptive techniques in Big Data environments, which gives way to exponentially increasing knowledge of malware, tactics, techniques, and malicious processes, along with reliable application information, “explains Iratxe Vázquez.

Adaptive 360 is also ​​integrated with SIEM solutions (Security Information and Event Management), which add detailed information on the activity of running applications at workstations. For those customers who do not have a SIEM, Adaptive Defense 360 ​​incorporates its own security event management and storage system for real-time analysis of information collected with the Advanced Reporting Tool.

AV-Comparatives has seen what we can do, and they liked what they saw. How about you? Have you witnessed intelligent cybersecurity in action yet?

Follow the links to download the first  infographic on the most notable examples of ransomware in 2016.

The post Adaptive Defense 360 Given Stamp of Approval by AV-Comparatives appeared first on Panda Security Mediacenter.

“Eye Pyramid”, the Cyber-Espionage Malware that has Italy Reeling

This Tuesday, the Italian state police dismantled a cyber-espionage ring spearheaded by a brother and sister that sought to exert control over public institutions and administrations, professional studios, employers, and politicians. The network was able to access confidential information by installing a virus on victims’ computers, stealing information sensitive to financial institutions and state security.

Among those affected are former Prime Ministers Matteo Renzi and Mario Monti, as well as the president of the Central European Bank, Mario Draghi, as well as other individuals in possession of confidential information. Mayors, cardinals, regional presidents, economists, employers, and law enforcement officials are also on the list.

How Eye Pyramid Works

The investigation has been dubbed “Eye Pyramid”, after the particularly invasive malware that the suspects used to infiltrate the systems of the people they spied on.

These intrusions appear to have first surfaced in 2012, reaching 18,327 users with the theft of 1,793 passwords using a keylogger. This comes out to be around 87GB data. The method of infiltration was simple given the serious nature of the attack: the cybercriminal sent an email, the recipient opened it, and upon opening the email a software was installed on the device, giving access to its secret files.

Older versions of the malware with unknown origins (although possibly linked to Sauron) were probably used in 2008, 2010, 2011, and 2014 in various spear phishing campaigns.

In a hyperconnected world, with mounting tension between cybersecurity and cyber-espionage — we’ve recently seen a crossfire of accusations exchanged between major powers like the US, China, and Russia — these attacks appear to have special relevance to state security and the dangers it faces in the cyber world.

Advanced Persistent Threat, or How to Avoid a Cybernetic Nightmare

This attack, unprecedented in Italy, will continue to be under investigation and, according to authorities, may end up revealing connections to other cyberattacks carried out in other countries.

Protecting your confidential and sensitive data from cybercriminal networks and attacks such as ATPs is crucial in combatting the growing professionalization of cybercrime.

Advanced threats are no longer an issue when you’ve got an advanced cybersecurity solution like Adaptive Defense 360, the platform that connects contextual intelligence with defense operations to stay ahead of malicious behaviors and data theft. Protection systems are triggered and jump into action before the malware even has a chance to run.

Thwarting potential threats before they become a real problem is the only way to rest easy knowing that your information has not ended up falling into the wrong hands.

The post “Eye Pyramid”, the Cyber-Espionage Malware that has Italy Reeling appeared first on Panda Security Mediacenter.

How to Bolster Security for Your Online Store This Holiday Season


The gift giving season is just around the corner. With the frenzy of Black Friday and Cyber Monday already behind us, shops that conduct their sales online (and their clients) should be prepared for the most hectic weeks of the year still to come.

Unfortunately, this is also the busiest time of year for scammers that try their luck at fishing in frenzied waters. Cybercriminals are well aware of how many companies, regrettably, don’t invest enough in protecting their online sales platforms. Thus, cyberattacks and data breaches soar around the holidays. Luckily, if you run an e-commerce website, you’re still in time to follow these tips:

  • tips-online-salesDon’t cache your clients’ payment information. The best way to avoid problems is by thoroughly verifying that credit card numbers are never stored in your data base and never pass through your servers. It’s as easy as resorting to one of the many payment solutions on the market, such as PayPal or Braintree, which take it upon themselves to handle that sensitive data for you.
  • Make sure your website’s platform (Prestashop, Magento…) is up to date. Search the Internet for common vulnerabilities these tools may have and look for a way to remedy them. The same goes for plugins and extensions you may have installed.
  • Implement a secure SSL protocol. This is essential to your online store (especially when transmitting user information). In truth, it’s essential to any website, but customers perceive e-commerce platforms that don’t show the “http” in the address bar as insecure. And with good reason.
  • Be prepared for the flood of traffic. A large number of users will connect at the same time to make holiday purchases on your website. Check that your web hosting service is up to speed and can handle traffic peaks, that you are using a well-configured load balancing solution and a CDN to reduce the traffic that your server has to withstand. Not only will you avoid downtime, but also you will increase speeds and improve user experience.

From a vendor’s standpoint, these are some issues to be kept in mind to increase security for the holidays.

But there’s something else that businesses should keep in mind when it comes to protection at this time of year. Namely, that their employees, whether they like it or not, will be making purchases using company computers.

Among the precautionary measures that we would like to impart, these are especially pertinent. Before making a purchase, your employees should make sure:

  • That their system is up to date has the protection of a reliable advanced cybersecurity solution.
  • That they only make purchases on well-known websites that have a solid reputation, and that the webpage uses an SSL protocol with security certificates.
  • That they avoid bargains that seem implausible, especially if they appear in emails and the sender is not fully trustworthy.

With this advice and a bit of common sense, holiday preparations shouldn’t bring about any unpleasant surprises. Shopping online is quick, convenient, and easy, but we have to stay vigilant to avoid falling into scams.


The post How to Bolster Security for Your Online Store This Holiday Season appeared first on Panda Security Mediacenter.

Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft


In 2016, the theft of passwords from internet titans is no longer an exception. Just when it seemed like the year was winding down, having left us with the surprising news of what until yesterday was considered the highest magnitude cyberattack in history suffered by Yahoo and reported three months ago, this same company returns to headlines after announcing the theft of data from 1 billion accounts.

This comes on the tail of some revealing figures. For example, massive data breaches have, amazingly, affected 97% of the 1000 largest companies in the world.

After admitting last September that in 2014 they had suffered a large-scale theft that affected 500 million users, Yahoo revealed today that in 2013 it suffered what is now considered the worst incident of information piracy in history with the theft of 1 billion accounts.

There’s a strong resemblance between this attack and the ones we’ve been analyzing over the past months. These recent attacks showcase the way cybercriminals gain access to names, email addresses, phone numbers, dates of birth, passwords, and in some cases clients’ encrypted and unencrypted security questions. The dimensions of the incident are truly staggering.

Yahoo disclosed that “an unauthorized third party” accessed the data and that at this time the culprit remains unnamed.

Economic repercussions aside, these incidents also call into question the issue of deteriorating user confidence. For example, Verizon’s initiative to integrate Yahoo into the AOL platform will certainly come under scrutiny.

How Should You Keep Your Business Safe?

There’s a legitimate reason to fear for your business’s confidential information. An outsider capable of getting the key to your company’s data, as happened at Yahoo, is a latent risk. Prevention has become the greatest asset in combating Black Hats and avoiding some of the dire consequences of these attacks.

To that end, we encourage you to turn to the advanced cybersecurity solution best suited to your company’s needs. Our Adaptive Defense 360 can offer you:

visbilidad- adVisibility: Traceability and visibility of every action taken by running applications.


deteccion- adDetection: Constant monitoring of all running processes and real-time blocking of targeted and zero-day attacks, and other advanced threats designed to slip past traditional antivirus solutions.


respuesta- adResponse: Providing forensic information for in-depth analysis of every attempted attack as well as remediation tools.


prevencion- adPrevention: Preventing future attacks by blocking programs that do not behave as goodware and using advanced anti-exploit technologies.


This is the only advanced cybersecurity system that combines latest generation protection and the latest detection and remediation technology with the ability to classify 100% of running processes.

The post Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft appeared first on Panda Security Mediacenter.

In 2017, less malware and more advanced attacks


The decline in new malware and the increased professionalization of attacks will set the tone in cybersecurity for next year, according to PandaLabs’ Cybersecurity  Predictions for 2017. Ransomware will encompass the majority of attacks, and companies will amass a larger number of increasingly advanced intrusions.

As far as cybersecurity goes, we bid farewell to a year replete with high-profile attacks that have jeopardized large corporations and private users. Ransomware attacks from Petya, Trojans such as Gugi for Android, the spyware Pegasus, PunkeyPOS, or large-scale attacks targeting point of sale terminals as well as the recent DDoS (Distributed Denial of Service) attacks have affected large organizations and international communication networks.

We rank the most popular attacks of the year, analyzing their evolution and taking a look at the cybernetic threats that 2017 has in store:


Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalizing their operations in a way that allows them to make quick and easy money in an efficient manner.


This Trojan Horse will take center stage with regard to cybersecurity and will cannibalize other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Panda Security encourages victims to keep in mind that paying the ransom does not guarantee the total recovery of stolen data.


The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.

Internet of Things (IoT)

The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.

DDoS Attacks

The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).

Mobile Phones

Focusing on one single OS makes it easier for cybercriminals to fix a target with maximal dissemination and profitability. Android users will get the worst of it in the next 12 months.


The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.

Download the Pandalab’s Predictions here:




The post In 2017, less malware and more advanced attacks appeared first on Panda Security Mediacenter.

How to avoid hacking to Critical Infrastructure


The cyber-attacks on the backbone of today’s economies are materialized in those assaults that affect society as a whole. The strategic priorities of national security include infrastructure exposed to the threats that can affect the operation of essential services.

PandaLabs, Panda Securitys anti-malware laboratory, has released a whitepaper called “Critical Infrastructure: Cyber- attacks on the backbone of today’s economy” with a timeline of the most notorious cyber-security attacks around the world on critical infrastructure, and recommendations on how to protect them.

Malware and targeted attacks aimed at sabotaging these networks are the main threats to critical infrastructure. Oil refineries, gas pipelines, transport systems, electricity companies or water supply control systems all form part of a technologically advanced industry where security failures can affect the whole of society.

Malware and targeted attacks

Today’s increasing trend towards interconnecting all types of infrastructure also increases potential points of entry for attacks on the services that have become essential for today’s societies.

This is apparent with the cyber-attacks that have been carried out in the past against these networks, the first of which took place in 1982, even before the Internet existed. In this case, attackers infected the systems of a Siberian oil pipeline with a Trojan.

critical-infrastructure-pandaIn addition to paralyzing and reducing services, which was what happened to the Venezuelan oil company PDVSA when it was hit by an attack that reduced production from 3 million barrels a day to 370,000, such attacks can also have a significant financial impact. One of the largest car manufacturers in the USA was left with losses of around US$150 million thanks to an attack using SQLSlammer, which spread rapidly and affected 17 production plants.

The threat is real

panda-security-crtical-infrastructureOne of the most infamous cases of cyber-attacks on critical infrastructures in history was Stuxnet. It is now known that this was a coordinated attack between the Israeli and US intelligence services, aimed at sabotaging Iran’s nuclear program. The case became the catalyst that made the general public aware of these types of threats.

Over the years there have been key events that have marked turning points in global security, such as the 09/11 attacks. In Europe, there was a similar key date, March 11, 2004, the date of the Madrid train bombings. As a result, the European commission drew up a global strategy for the protection of critical infrastructure, the ‘European Programme for Critical Infrastructure Protection’, which includes proposals to improve Europe’s prevention, preparation and response to terrorist attacks.

How could these attacks have been avoided?

The technical characteristics and the high level of exposure of data that can be stolen means that special care needs to be taken in protecting these infrastructures, including a series of good practices, such as:

  • Checking systems for vulnerabilities.
  • The networks used to control these infrastructures should be adequately monitored and, where necessary, isolated from external connections.
  • Control of removable drives is essential on any infrastructure and not just because it has been the attack vector for attacks as notorious as Stuxnet. When protecting such critical infrastructure, it is essential to ensure that malware doesn’t enter the internal network through pen drives or that they are not used to steal confidential information.
  • Monitoring PCs to which programmable logic controllers (or PLCs) are connected. These Internet-connected devices are the most sensitive, as they can give an attacker access to sensitive control systems. Moreover, even if they don’t manage to take control of a system, they can obtain valuable information for other attack vectors.

In light of this panorama, protection against advanced threats and targeted attacks is essential. Adaptive Defense 360 offers comprehensive security against these attacks and provides companies with all they need to defend themselves and close the door on the cyber-security vulnerabilities that can, in the end, affect us all.

Download the infographic “Cyber-attacks on the backbone of today’s economy” here.

Download the Whitepaper:


International Edition



Russian Edition


PortuguesePortuguese Edition


swissSwiss Edition


The post How to avoid hacking to Critical Infrastructure appeared first on Panda Security Mediacenter.

A phishing attack is launched every thirty seconds: 6 tips to protect yourself

Phishing continues to blight the Internet and is a thorn in the side of companies around the globe. Not only is it one of the most serious problems facing any company with even a minimal activity on the Web, it is also an ever-increasing threat.

phishing-tips- panda- securitySo much so, that a recent study has revealed that in the last year alone there have been more than a million attacks of this nature. This means that on average, a phishing attack is launched every thirty seconds with the aim of defrauding companies and home-users alike. In the case of businesses, the damage inflicted by this onslaught is nothing short of dramatic: the total cost to companies around the world is in excess of 9,000 million dollars, more than 8,000 million euros at today’s exchange rate.

The total cost to companies around the world is in excess of 9,000 million dollars.

Given this situation, in addition to having proper protection, it is more important than ever that companies follow a series of recommendations to prevent falling victim to an attack that could have grave financial consequences. Checking the source of each email you receive and not accessing bank websites from links included in emails are two of the basic precautions you can take to avoid falling into the traps set by cyber-criminals.

What makes these and other similar measures so essential is the dramatic increase in phishing attacks that has taken place over the last year. In the second quarter of 2016 alone, more than half a million unique attacks were identified, that’s a 115 percent increase on the previous quarter. Moreover, the increase with respect to the same period in 2015 is even more alarming: 308 percent.

In the second quarter of the year “Phishing” attacks have been incresing in a 115 %

To counter this situation, it is essential for companies to ensure that their employees are aware that they must only enter confidential data on trusted websites which, as with all secure pages, have an address starting with HTTPS. Phishing attacks are on the rise and they are also evolving. Now, for example, not only are they aimed at identity theft on social networks or taking money from current accounts, they are also being used to steal from e-Wallets.


The post A phishing attack is launched every thirty seconds: 6 tips to protect yourself appeared first on Panda Security Mediacenter.

TrickBot, new spam campaign against companies

attack panda security

On November the 2nd we witnessed a new spam campaign delivering emails each with a Word document attachment targeting UK companies. Each email message had the subject “Companies House – new company complaint” and the Word document attachment was titled “Complaint.doc”. When users open the document, this is what they see:

windows trickbot

How TrickBot works?

If the user follows the instructions given, the macro in the document will be executed. It will download a file called dododocdoc.exe which will be saved in %temp% as sweezy.exe and then executed. This file is a variant of the TrickBot malware family. Once executed it will install itself in the computer and will inject a dll into the system process svchost.exe. From there it will connect to the command and control server.

This has not been a massive campaign, but it has been targeted to UK companies – we’ve just seen a few hundred e-mails to our clients, and all of them were protected proactively without needing any signature or update. However taking a look at the potential victims, all of the emails were to companies, no home users were targeted, and it turns out that most of them were to businesses in the UK. There were 7 cases in Spain, and one in Belgium, Ireland and Thailand. The campaign was short, the first case happened at 10:55am and the last one at 12:11pm (GMT).

The macro uses PowerShell to execute the malware, which is a common technique that is becoming more and more popular recently, being used in ransomware attacks or even to infect Point of Sale terminals.

From Panda Security we recommend that businesses ensure all software is updated, have a reputable security solution in place  and hold regular staff security awareness training.

The post TrickBot, new spam campaign against companies appeared first on Panda Security Mediacenter.

AtomBombing, a new threat to your Windows

atombombing panda security

A few days ago Tal Liberman, a security researcher from the company enSilo revealed a new code injection technique that affects all Windows versions up to Windows 10. Due to the nature of this technique it is unlikely that it can be patched. In this article I’d like to shed light on this attack, its consequences and what can be done in order to protect ourselves.

How does it work?

Basically this attack takes advantage of the own operating system to inject malicious code and then use some legit process to execute it. Although it is not that different to what malware has been doing for ages (malware has been injecting itself in running processes for decades) it is true that the use of the atom tables (provided by Windows to allow applications to store and access data) is not common, and it is likely to go unnoticed by a number of security solutions.

This attack is not common, and it is likely to go unnoticed by a number of security solutions.

The best explanation you can find so far is the one made by Tal in his blog “AtomBombing: A Code Injection that Bypasses Current Security Solutions”.

If there is no patch and it affects all Windows versions, does it mean that we are under great danger?

Not really. First, in order to use this technique malware has to be able to be executed in the machine. This cannot be used to remotely attack and compromise your computer. Cybercriminals will have to use some exploit or fool some user into downloading and executing the malware, hoping for the security solutions in place not to stop it.

Is this really new?

The way the attack is performed to inject code is new, although as I mentioned earlier malware has used malware injection techniques for a long time, for instance you can see that in many ransomware families.


atombombingNew, but not that dangerous… why the panic?

As I said first malware has to be executed in the machine, but we know that at some point this will happen (not a matter of IF, but WHEN.)

Many security solutions have the ability to detect process injection attempts, however to do this they rely on signatures, therefore many of them are not able to detect this particular technique nowadays. On top of that, many of them have a list of trusted processes. If the malicious code injection happens in one of them, all security measures from that product will be bypassed.


Finally, this attack is really easy to implement, now that it is known there will be a number of cybercriminals implementing it in their malware sooner than later.

What can we do to protect our company’s network?

On one hand, traditional antimalware solutions are great to detect and prevent infections of hundreds of millions of different threats. However they are not that good at stopping targeted attacks or brand new threats.

On the other hand we have the so called “Next Gen AV”. Most of them claim that they do not use signatures, so their strength come from the use of machine learning techniques, which have evolved greatly in the last few years, and they have shown they are pretty good at detecting some new threats. As they know their weakness is that they are not that good stopping all threats, they have a great expertise in post-infection scenarios, offering a lot of added value when a breach has already happened. Another issue they have is that machine learning won’t give you a black or white diagnosis, which translates into high false positive rates.

Using traditional antimalware + Next Gen AV is the best approach?   

Not the best, although it is better than using just one as they can complement each other. It has however a few downsides. As a starter you have to pay for both. Although it can be justified due to the overall protection improvement, it means you will need extra budget for the extra work (false positive exponential growth coming from Next Gen solutions, different consoles to manage each one, etc.) Performance can become an issue is both are running in the same computers. And finally these solutions don’t talk to each other, which means you are not taking full advantage of the information each one handles.

Panda Solutions for Companies combine the power of the traditional solutions and the machine learning techniques.

The best solution is one that has both capabilities, one that has the power of traditional solutions as well as long experience in machine learning techniques combined with big data and cloud. Working together and exchanging information, with a continuous monitoring of all running processes, classifying all programs that are executed on any computer of your corporate network and creating forensic evidences in real time in case of any breach. Only deploying a small agent that will take care of everything, using the cloud for the heavy-processing tasks offering the best performance in the market. In other words, Adaptive Defense 360.


The post AtomBombing, a new threat to your Windows appeared first on Panda Security Mediacenter.

Insiders, their costumes are so good you won’t even recognize them.

halloween panda securityKnock knock! Trick or treat! Companies and cybercriminals play the same game. You could be opening back doors to cybercriminals this year, without even knowing it. You’ll lose this game if you don’t fight back. Ransomware attacks will capture your documents and the attackers will be expecting a big juicy reward (if you want your files back, that is). This Halloween, beware!

An insider could already be hiding within company walls, brewing up trouble. A recent study shows that 60% of attacks perpetrated in businesses were carried out from inside the workplace. From undercover spies to terrorism gangs to disgruntled employees that steal top-secret information. Double, double toil and trouble…

And what about you? What type of Insider are you?

gohst panda securityAttacks by staff with privileged access represents one of the greatest threats for the security of the corporate information and data of your customers. Research conducted by Ponemon Institute indicate that hackers and criminal insiders are the main culprits of the security holes and data breaches. Three quarters of these attacks are ill intended, and one quarter of them are accidently carried out by employees without bad intention.

This year, the global cost of the infractions carried out by insiders with bad intentions is 154 euros per capita, much higher than the cost of infractions caused by system errors and involuntary offenses (about 125 euros and 120 euros per capita).

A history of perfect crimes

wolfman panda securityAt the beginning of this month, an employee from the US government, Harold Thomas Martin, was accused of stealing classified information related to the NSA (National Security Agency). Let’s not forget the Edward Snowden leak from three years ago.

Shalom Bilik, who was subcontracted for computer system maintenance for Israel’s Ministry of Social Security and Welfare, accessed a database and stole information pertaining to 9 million Israeli citizens so he could sell it later on the black market.

Even Dropbox couldn’t escape from the insiders, when a cybercriminal stole data pertaining to more than 500 million users thanks to a negligence of an employee. It happened this time because of the carelessness of a Dropbox employee. The cybercriminals were able to obtain his LinkedIn password, which was the same one he used for saving files in the Dropbox Cloud. Stored in the cloud was a work document that contained a long list of email addresses. Access to more than 500 million users? What a treat for criminals who want to trick users with massive same campaigns.

Some tips to keep you protected from internal threats

  1. freddy panda securityStart using a cybersecurity solution that has advanced protection features, and that also has the capacity to detect and remedy possible threats.
  2. Lack of control over what happens in all devices and systems is a common point in all analyzed attacks. What will help us is a tool that’s capable of controlling all active processes on every device connected to the corporate network.
  3. Revise personnel policies and control systems in order to adjust to privacy requirements and adapt them to the technology that’s available.
  4. Keep your operating systems updated and programs on all of your company’s devices.

Make sure that Halloween only comes once a year. Manage, control and protect your information against advanced threats with Panda Solutions for Companies.

The post Insiders, their costumes are so good you won’t even recognize them. appeared first on Panda Security Mediacenter.