Tag Archives: News

Panda Security

Music lovers, are your Sonos devices safe?!

Leave a comment

Shout out to a crowd “Hands up if you like music!” Cue plenty of hands going up, with some ‘whoohoo’ screams added on. Rock stars know how to win a crowd over. And not just rock stars… music is one of those universal pleasures passed down generations, with percussion being (probably) the earliest form of music known to humankind. Heck, the Egyptians were at it 6,000 years ago! Other civilizations developed musical instruments too until Guido D’Arezzo reportedly invented solfege a thousand years ago – thus making improvements to music theory that remain in place today (do, re, mi, fa, so, la, si, do… ).

Music and technology

The way we came to appreciate music has changed massively as technology evolved. From outdoor performances in public squares to enclosed theaters, to the invention of the humble gramophone all the way up to Sony’s Walkman, it looks as though the trend for “any music, anywhere… right now” is here to stay. The ability to listen to one’s favorite tunes while out and about is now a given and as common place an occurrence as can be.

At the turn of the millennium, four music visionaries founded Sonos in California. They forever changed music with the introduction at the CES showing off their smart speaker, an intelligent piece of technology operating wirelessly. The company’s Digital Music System bundle won the “Best of Audio” award at the CES Innovations Design and Engineering Awards in November 2005.

The rest, as they say, is history.

Today, Sonos offers many powered speakers that utilize Wi-Fi, Bluetooth, and other standards to extend usage beyond audio playback; a soundbar “PLAYBAR”; and a subwoofer (for those craving that deeper sound!). The company also offers a device to link its system to conventional audio equipment such as and CD player and amplifiers for example.

For music lovers, this means multiple devices within a single household can be connected to one another wirelessly, or through a wired Ethernet network or a mixture of the two. The Sonos system operates with a proprietary AES-encrypted peer-to-peer network known as SonosNet.

In theory, this allows for each unit to play any chosen input. If desired, synchronized audio with one or more zones can also be achieved. Latest versions developed by the company integrate MIMO (an essential element of wireless communication standards) that function on 802.11n hardware, this provides a more robust connection.

Is the system hackable?

Can I get my mate’s audio device to blast out some weird music as a prank? Well, one hack reported a few years ago was much creepier: called “Ghosty”, this Sonos hack freaked people out with haunted mansion sounds. We’re not joking. Developer Aaron Gotwalt combined an unofficial Sonos API, some spooky audio files, and a Raspberry Pi to achieve scary effects.

Taking control of a Sonos system isn’t exactly easy, but that’s beyond the point. Almost everything is hackable nowadays. In today’s era of plentiful connected, hackable devices… it’s good to know help is available. Take Panda Security for example. We operate toll-free, seven days a week phone lines with a human being picking up the phone. We resolve all your home IT and security issues providing much-needed piece of mind.

No need to call Ghostbusters if your Sonos system goes wild, call us – we’ll sort it out.

The post Music lovers, are your Sonos devices safe?! appeared first on Panda Security Mediacenter.

Panda Security

In the Wake of the CIA WikiLeaks Case, Some Tips on Corporate Cybersecurity

Leave a comment

Year Zero, the first delivery from WikiLeaks of the “biggest document leak” the Central Intelligence Agency has ever seen, is made up of over 8,000 files. The revelations they contain are causing quite a stir. If nothing else, they’ve shown that the CIA has at its disposal an enormous cyberespionage arsenal.

The documents detail how cyberweapons were prepared to make use of “zero day” attacks (which target vulnerabilities that haven’t been made public yet, and can therefore be easily exploited). These cyberweapons would be used to compromise the security of devices using iOS, Android, Windows, and macOS operating systems.

Something of considerable note from these leaks is that the CIA would not have to break the encryption protecting apps such as WhatsApp, Signal, or Telegram. By gaining access to the smartphone’s OS using malicious software, they are able to access all the information stored on it.

According to the documents, which have been deemed authentic by several security experts, the CIA even made use of security holes in other smart devices. The US agency worked with their British counterparts to develop a cyberespionage tool called Weeping Angel to use smart TVs as hidden microphones. So, how did the affected companies react? And what can the rest of us learn from this leak?

Google and Apple’s Reaction

Apple reacted to the leak with a lengthy statement, pointing out that the security holes that the CIA used had already been patched in the latest version of iOS. The company also ensured that is would continue working to resolve any vulnerability and encouraged users to download the latest version of its OS.

Google claimed that Android and Chrome’s updates had already solved the problems, while Microsoft and Samsung have said they are investigating the issue. Although WikiLeaks hasn’t released technical aspects of the malware in question, they have announced their intention to share them with manufacturers.

For their part, the CIA is keeping pretty quiet about the whole thing. They’ve limited themselves to a “no comment” about the leaked documents and have stated that the revelations put US citizens in danger. It’s the first major challenge for CIA director Mike Pompeo, recently appointed by President Trump.

Keeping in mind that US intelligence is able to detect vulnerabilities even in the tech giants themselves and even develop cyberweapons to take advantage of them, what can a company learn from these leaks?

One of the first lessons to learn is that the security on our devices leaves much to be desired. Another, to avoid exposing our companies to zero day attacks, a perimeter-based security solution isn’t going to cut it. The only way to combat zero-day attacks: update, update, update, and spring for an advanced cybersecurity solution.

Panda Security’s Adaptive Defense 360, to name but one example, is not too shabby when it comes to top of the line security. It allows continuous monitoring through surveillance and logs of all activity at every workstation and detects advanced threats in real time. It stops untrusted software the moment it attempts to run, responds in a matter of seconds, and recovers instantaneously. It’s nice to know that your as-yet-unknown security holes (and there is always one or two lurking beneath the radar, even at companies like Google and Apple) won’t be much use to potential intruders.

The post In the Wake of the CIA WikiLeaks Case, Some Tips on Corporate Cybersecurity appeared first on Panda Security Mediacenter.

Panda Security

Online harassment: is it time we do something about it?

Leave a comment

The real old, witty insult has come a long way since it was first blurted out by Mr. Caveman back in pre-historic times. That first grumble started everything and the rest, as they say, is history. Fast forward to 2017 – there’s now plenty of ways to deliver an insult to anyone, whether you know the person or not. And it can be done from a very familiar location: the relative safety of your home, sat at your desk, using a computer, typing furiously (instead of barking around as your distant ancestors did).

Online harassment is reaching epidemic proportions.

In the beginning, wasn’t the Internet promising a new era of civilized conversations? Here in the United States, freedom of speech is protected from government restrictions by the First Amendment to the United States Constitution. So what’s the difference anyway between a good old joke and harassment? Well, a joke is usually funny. Yep, that’s right: the fun has got to be both ways. A line is crossed when there are tears (we’re not talking about tears of joy here). Maybe it’s time to call time on the bullies.

Twitter seems to be thinking so. Everyone agrees there will always be trolls out there. Apparently, it’s a sad side to human nature. But since last month the company is making it harder for people who have been suspended for harassment previously to create new accounts. For obvious reasons, Twitter can’t disclose just how exactly it’s doing this. But the fact it is taking action has to be a good thing. Insiders say that in all likelihood users are still going to see some of the usual roughness, though it is hoped most of the mindless drivel will be flushed out. Phew!

“Safe search” feature

Also Twitter is working on a “safe search” feature, this is meant to remove those tweets that have sensitive content or come from muted and blocked accounts. These changes are being rolled out progressively so keep an eye out for them and be sure to share your thoughts about that with us. Are these changes making a difference? Are the tone of your exchanges better – if only a little bit?

Think before you tweet!

It’s important always to remember and follow the usual safety rules when online, so here are some Twitter-specific tips for you. Malicious people will sometimes try to take over accounts so they can send private messages or spam to a person’s followers. To guard against this don’t click links in Direct Messages unless you were expecting a link from that person! Also, many hacks will happen when Twitter login details are entered into a fake website. So be careful of sites that look like Twitter.com it’s easy to get spoofed.

Why not double check anti-virus protection while you’re at it? Granted, Twitter is doing its part to stop the insults flowing. How about you stop the hackers in their tracks with Panda Security? The company’s products include some of the most advanced cyber-security services available on the market. It may not stop the insults, but at least it will prevent you from becoming a victim of a cyber-crime.

The post Online harassment: is it time we do something about it? appeared first on Panda Security Mediacenter.

Panda Security

NSA and CIA were spying on you! So what?

Leave a comment

A few days ago WikiLeaks released information clarifying CIA have developed a whole lot of hacking tools that allow them to spy on everyone somehow connected to the internet.

Unfortunately,it’s not news NSA, and CIA are spying on you, this has been a well-known fact for years. According to NSA and CIA, the primary goal of the global internet monitoring is the fight against terrorism. There is no precise statistics of how many terrorist attacks have been prevented thanks to the patriot act and the hard-working guys at NSA and CIA. However, we are sure they’ve been doing a good job so far – with small exceptions there haven’t been any major incidents here on US soil since 9/11.

Even though no one is euphoric CIA and NSA seem to have access to virtually everything digital in the world, regular folks have accepted it.

So why is all the fuzz around WikiLeaks and their latest Vault 7 leak?

The problem is that according to Julian Assange, the tools CIA and NSA have developed could also be classified as cyber weapons. Briefly, it’s the equivalent of the discovery of the atomic bomb. If these cyber arms end up in the wrong hands, things can go horribly wrong. Imagine if a 16-year-old stoner from FYROM manages to access your router, and record everything connected to it. Imagine if they can do the same thing to a top government official.

Or if a piece of hardware used in airplanes has a backdoor allowing unauthorized access to the equipment located at captain’s cockpit. This is scary, isn’t it? We live in a digital era where adults in the US spend an average of 5 hours a day staring at their cell phones. We monitor our children with baby monitors, and we pay bills and shop online on a daily basis. There is barely any cash seen in the modern world; all our finances are in digital bank accounts. We no longer work for hard cash, we work for ‘doubloons’ in our bank account. Our life is starting to feel as we are in a video game, and as in many video games, villains want to take advantage of the regular people. Everything we do and that matters to us is somehow visible as a digital print.

So let’s get back to what’s scary.

The scary part is that CIA and NSA obviously are having issues keeping all this information secure and it is possible those cyber weapons will end up in the wrong hands. How would you feel if you know Iran, Russia or China have this power too? It would be a chilling fact to realize that a foreign government knows more about you than your own.

It will surely give you the chills to understand that a country with completely different beliefs and culture has access to your personal and professional life. Such hacking scandals also cause a stir around the globe as other nations say the USA needs to stop spying on them.

The good news is…

And if we try to somehow forget about governments fighting each other in cyber wars, such weapons could end up in the hands of groups of hackers who are after the regular people. The good news is that cyber criminals do not have nationality or beliefs; most of the times they are not after you; they are after your money. And using the weapons developed by CIA and described at WikiLeaks, gaining access to your bank account seems like a child’s play if you are not protected.

Julian Assange says the information released a few days ago is only 1% of what it is to come. According to WikiLeaks, the Vault 7 series will be the largest intelligence publication in history. We can surely expect extraordinary findings over the course of the next few months!

The post NSA and CIA were spying on you! So what? appeared first on Panda Security Mediacenter.