Tag Archives: News

Panda Security

The Home Depot confirms hacker attack. 56 million credit and debit cards compromised

Leave a comment

the home depot

The Home Depot, the home improvement retailer, has confirmed that its servers have been attacked and that 56 million credit and debit card details have been compromised.

According to the The Wall Street Journal, the company has also acknowledged that, in some cases, the accounts associated to the cards have been drained.

In addition, fraudulent transactions have appeared across the USA as the criminals use stolen card details to buy prepaid cards, electronic goods and even groceries.

This attack comes just months after a similar attack on Target Corp. and there could be a connection, as the same tool –BlackPOS- was used to exploit the vulnerability.

The security breach may have affected customers who shopped in any of the almost 4,000 stores that the company has in the U.S. and Canada between April and September.

Do you want to know how to prevent theft in your company?

The post The Home Depot confirms hacker attack. 56 million credit and debit cards compromised appeared first on MediaCenter Panda Security.

Panda Security

“The new iPhone 6 recharges with two minutes in the microwave”: A new urban myth about Apple

Leave a comment

Remember when some Apple users ‘lost’ their phones after believing stories about the iOS7 making the iPhone waterproof?

After the presentation of the latest new features in Apple devices and the new iOS8 operating system, the Internet is full of articles either in praise of or criticizing the company’s latest efforts. Users, eager to find all the latest information and the best tips on how to get the most from the new iPhone 6, scour forums and blogs to stay up-to-speed with everything about these new releases.

That’s why it’s no surprise to find these types of practical jokes doing the rounds on the Web, or to encounter some poor unsuspecting user, who perhaps expecting more than is reasonable from the new device, falls for the trick.

This story took the form of an advert, similar in style to the one launched by Apple on 4chan, announcing the new ‘Wave’ feature of iPhone, which could supposedly recharge the phone in the microwave.

wave iphone 6 apple

So do you believe everything you read on the Internet?

More | iOS 8. Apple increases user privacy

The post “The new iPhone 6 recharges with two minutes in the microwave”: A new urban myth about Apple appeared first on MediaCenter Panda Security.

Panda Security

iOS 8. Apple increases user privacy

Leave a comment

ios 8 privacy

 

No doubt if you have an Apple device, you’ll know that the new iOS 8 operating system is now available. What you might not know is that installing it will prevent Apple from accessing users’ devices without their consent.

This has been announced by the company, which says that “unlike their competitors” they will not access users’ systems without their permission. They claim that it is therefore not technically possible for them to comply with government orders to retrieve data from devices running iOS 8.

So how is privacy enhanced with iOS 8? To prevent itself from accessing these devices, Apple has modified its encryption system which is applied automatically when users select their password.

This way, Apple’s new operating system has taken a step forward in increasing privacy, as all the information stored on users’ iPads or iPhones (photos, emails, files, etc.) will be protected not only from Apple, but also from governments.

This is clearly how Apple has responded to accusations of collaboration with the National Security Agency (NSA) by handing over its customers personal data. Similarly, the company has also assured that it only provided the data of “less than 0.00385%” of Apple device users. ”

We remind you that it’s important to scan your iPhone or iPad for malware that could affect the functionality of your device. For your peace of mind, try our antivirus for Mac.

More | Cyber-espionage. Can you avoid it?

The post iOS 8. Apple increases user privacy appeared first on MediaCenter Panda Security.

Panda Security

5 million Gmail passwords leaked

Leave a comment

gmail

Do you have a Gmail account? This may interest you! A Russian cybersecurity forum has published a file containing more than 5 million Gmail accounts.

According to several experts, more than 60% of the username and password combinations were valid. However, Google says that the information is “outdated“, that is, these accounts have been suspended or the users no longer access them.

In a statement, Google said that it has no evidence that its systems have been compromised, but explains that “whenever we become aware that accounts may have been compromised, we take steps to help those users secure their accounts.“

The file published mainly contains British, Spanish and Russian accounts. If you want to know whether your account is on the list of those affected, you can do so here.

Panda Security recommends you increase the security of your passwords and use two-step verification of your Gmail account.

More | How to increase the privacy of your Gmail account

The post 5 million Gmail passwords leaked appeared first on MediaCenter Panda Security.

Panda Security

Apple denies its services were hacked

Leave a comment

apple

 

“Celebgate” -as the theft and publication of private photos of more than 100 actresses and models has come to be known – is not only affecting the direct victims of the theft but also the companies that have been implicated in the affair.

Initially, it was thought that the leaks could be due to a potential security hole in iCloud, Apple’s virtual storage platform, but the company has announced that, after a 40-hour investigation, they have discovered that the accounts of these celebrities “were compromised by a very targeted attack on user names, passwords and security questions.” Adding that these attacks have “become all too common on the Internet.”

Apple denies that the hacking of the accounts of actresses such as Jennifer Lawrence, Kirsten Dunst and Kate Upton was the consequence of a vulnerability in its iCloud or ‘Find my iPhone‘ services. Although some of the victims have already had their say on the issue.

kirsten dunst twitter

The company has also announced that it continues to work with the police to help identify the criminals involved and encourages all users to choose a strong password and double check their security systems.

More | How to create strong passwords

The post Apple denies its services were hacked appeared first on MediaCenter Panda Security.

Panda Security

Jennifer Lawrence: Victim of a security hole in iCloud?

Leave a comment

jennifer lawrence oscar

If you are on Twitter you may have noticed the actress Jennifer Lawrence has been ‘Trending Topic’ since yesterday afternoon.

jennifer lawrence twitter

 

The reason? The leak of nude photos of the 2013 Academy Award winner on the /b/ forum of 4Chan.

She has confirmed the story, although she is apparently not the only victim.

jennifer lawrence spokeman

 

Other models and actresses such as Kirsten Dunst, Kate Upton or Ariana Grande have also allegedly had pictures leaked, although not all these cases have been confirmed. Meanwhile, Mary E. Winstead has acknowledged the authenticity of the pictures that have been circulated, while Victoria Justice has denied that some photos allegedly of her are authentic.

It is still not clear how ‘Celebgate’ (as some are referring to this massive hacking) was carried out. Some sources have suggested a possible security breach in iCloud, Apple’s virtual data storage platform, though the company has yet to confirm this.

Until it is known how these images were stolen, the best anyone can do is apply common sense and ensure they use strong passwords to access their services. We also recommend that users check their Apple ID account.

 

 

 

The post Jennifer Lawrence: Victim of a security hole in iCloud? appeared first on MediaCenter Panda Security.

Panda Security

UPS stores attacked in the USA

Leave a comment

ups

UPS, the international courier service, may have been the victim of a cyber-attack using a virus detected in 51 of the company’s US stores.

A company spokesperson confirmed that the attack could have compromised confidential information, including customers’ names, card details and postal and email addresses. The earliest evidence of the presence of this malware at any location is January 20, 2014 and was eliminated as of August 11, 2014.

The attack has been traced back to the services that give employees remote access to the UPS system. Cyber-criminals exploited this to infect point-of-sale terminals and obtain information massively from the database.

UPS has informed customers of the stores that have been affected by the malware.

Attack on Target

This attack is similar to the one suffered by another US company, Target, which resulted in the theft of over 40 million credit card details.

Point-of-sale terminals are a highly-prized target for cyber-criminals. It’s not a question of chance, sooner or later someone will try to hack your terminals. To ensure protection you need a security solution that covers different aspects of the POS terminal and which can:

  • Restrict the running of software, only allowing trusted processes to run.
  • Identify vulnerable applications, warning you of any outdated software.
  • Enforce the behavior of permitted processes to prevent vulnerability exploits in trusted processes.
  • Traceability: If an incident occurs, your security solution should provide all the information needed to answer four basic questions: when the attack began; which users have been affected; what data has been accessed and what has happened to it; and how the attackers entered and from where.

These are not all the security measures that can be taken, although these four points at least must be covered.

The post UPS stores attacked in the USA appeared first on MediaCenter Panda Security.

Panda Security

Panda Security achieves the highest detection ratios in the industry’s leading tests

Leave a comment

Panda Cloud Antivirus, the free cloud antivirus from Panda Security, offers the highest levels of protection according to the two leading industry product tests, those of AV-Comparatives and AV-TEST.

AV-Comparatives confirms a 99.9% detection ratio

During the more than 150,000 ‘real world’ proactive detection tests carried out from March to June this year by the AV-Comparatives independent laboratory, Panda Security’s free anti-malware solution managed to detect and block 99.9% of threats.

This comparative test of over 20 antivirus solutions highlights the great protection capacity of Panda Security’s solution, beating out other free products such as Avast, AVG or Microsoft’s antivirus; or pay solutions including Kaspersky, McAfee and Sophos.

For more details of the AV-Comparatives test, click here.

AV-Comparatives confirms a 99.9% detection ratio

AV-Comparatives

100% detection ratio, according to AV-TEST

Similarly, in the ‘Real-World Protection’ test carried out by AV-TEST in May and June, Panda Cloud Antivirus also racked up the maximum score, with a 100% detection ratio for the second consecutive month. Out of 23 products tested by the laboratory, only three achieved the maximum detection rate, and one of these was Panda Cloud Antivirus, the free solution from Panda Security.

In addition to these excellent detection results, it’s important to note that Panda Security has scored maximum points in the AV-TEST ‘Monthly Consumer Product Testing’ performance test in June.

For more details of the AV-TEST product tests, click here

100% detection ratio, according to AV-TEST

AV-TEST

New XMT Smart Engineering engine

The results from both these labs are based on tests carried out on products based on the new XMT (Extreme Malware Terminator) Smart Engineering engine from Panda Security. With XMT, different technologies interact with each other to achieve new levels of efficiency and greater detection and disinfection power to eradicate all threats. The new XMT engine will be included in the new 2015 consumer product line that Panda Security will be presenting in August.

“The best thing is that the platform and engine with which we’re achieving these results are the basis of all our endpoint protection products. Our aim is to continue integrating technologies in the platform to stay in pole position when it comes to detection and provide our users with maximum protection and minimum impact on their systems”, says Luis Corrons, Technical Director of PandaLabs at Panda Security.

Panda Cloud Antivirus 3.0

Panda Security presented Panda Cloud Antivirus version 3.0 last May, after a trial phase during which the product was downloaded more than 30,000 times across 130 countries. The new solution includes, in both the ‘Free’ and ‘Pro’ editions a new more modern and intuitive ‘look and feel’. The solution also delivers improved protection technologies against new threats and attacks that exploit software vulnerabilities and automatically vaccinates USB drives, a feature which is now available to all users of the product, and not just the Pro version, as in the past.

It also includes the highly useful Rescue Kit for dealing with emergencies caused by malware, as well as a more complete process monitor.

Panda Security

Panda Security launches Version 7.0 of its cross-platform corporate solution

Leave a comment

?Panda Security, The Cloud Security Company, has announced major improvements in the new version 7.0 of Panda Cloud Office Protection (PCOP). Since the initial launch of Panda Cloud Office Protection, many companies have been able to enjoy the best possible cloud-based protection in a simple, agile and effective solution. Now, thanks to this latest release, customers will be able to act independently in the event of infections or problems with the protection deployed on their IT infrastructure. Similarly, customers now have easy access to all the information they need about their licenses, detections and the protections status.

Panda Security has included new dashboards in PCOP 7.0 with key information about licenses, detections and the protection status of computers

Panda Cloud Office Protection (PCOP)

?Benefits for organizations with more than 100 endpoints The latest release includes improvements aimed especially at customers with more than 100 endpoints. Panda Cloud Office Protection 7.0 includes major new technologies and features, including:

  • New dashboards. Offering key information about licenses, detections and the protection status of customers? computers.
  • Improved reports. Providing more detailed information about detections, reports are now easier to access and threat data is organized according to the level of risk, making it simpler to identify the most vulnerable systems.
  • Remediation. In the event of an infection, administrators can launch Panda Cloud Cleaner, Panda Security?s disinfection tool, remotely from the PCOP Web console. Administrators can also force reboots of computers from the console and find information on how to act should problems arise on the protection deployed on the company?s IT infrastructure. Similarly, FAQs are available detailing the steps to take to resolve such issues or if signature files are out-of-date.

?This latest version of Panda Cloud Office Protection responds to the needs and demands of our users. Many of the key improvements included will be particularly welcomed by customers with more than 100 endpoints. We have improved the reports process in PCOP 7.0 so our customers will now have more intuitive access to information about threats: where they?re located, where they came from, etc.,? says Manuel Santamar?a, Product Manager Director at Panda Security.

Panda Security

Panda Advanced Protection Service gets the backing of customers and partners alike

Leave a comment

Panda Advanced Protection Service (PAPS) represents a disruptive offer to the market from Panda Security, The Cloud Security Company, to combat malware in general and specifically APTs (Advanced Persistent Threats), and gets the backing of customers, partners and industry analysts.

Customers including Eulen and Mecalux, and partners such as Indra have placed their trust in this unique solution to guarantee the security of all applications run on endpoints within an environment of multinational operations.

Real-time blocking and warnings

Mecalux is a multinational company specialized in the design and manufacturing of automated warehouses and other storage solutions. In a highly geographically disperse operative environment, Mecalux realized that its infrastructure -comprising thousands of endpoints and servers around the world- needed effective yet flexible protection, as well as secure access to services such as ERP (SAP), CRM, etc. By implementing PAPS, Mecalux can protect and supervise its extensive network thanks to the complete visibility of all applications run by users. This allows it to identify, classify and block potentially dangerous applications or those with potentially dangerous behavior.

“We are highly satisfied with the quality of the service provided by Panda Security over these months. Thanks to this innovative service for classifying applications, we can rest assured that we have real-time blocking and warnings that protect us against advanced cyber-threats such as meta-exploits, APTs in adware, PUPs, etc.,” Jorge Box, IT Systems & Infrastructure Manager.

“Mecalux needed optimum, real-time, forensic information on targeted attacks that could compromise its corporate servers and endpoints, and PAPS was the answer it was waiting for,” explains Josu Franco, VP Corporate Development at Panda Security.

Forensic analysis services on-demand

Indra is the leading consulting and technology multinational in Spain and Latin America. It provides solutions and services for sectors including Transport and Traffic, Energy and Industry, Public Administration and Healthcare, Financial Services, Security and Defense, etc. As part of its offer to key accounts, Indra has recently set up a major cyber-security center (i-CSOC) which brings together all available knowledge on cyber-security throughout the company, with the goal of making it a leading point of reference in this field.

“Panda Advanced Protection Service is a managed security solution that allows us to guarantee complete protection of our customers’ endpoints and servers, with granular monitoring and supervision of the behavior of each device. We can also offer forensic analysis services to customers on request,” explains Alfonso Martín Palma, Senior Manager of Indra’s Cybersecurity Unit (i-CSOC).

“Panda Advanced Protection Service enables us to provide guaranteed security against cyber-crime and targeted attacks, a key point which we were not convinced we would be able to achieve when we began to evaluate solutions,” concludes Ascensio Chazarra, Cyber-security Manager at Indra.

“Our partners represent a vital part of the strategy of PAPS, given that they address the global cyber-security needs of corporate customers. As such, we believe that PAPS offers them an excellent chance to satisfy the needs of all customers worried about the threat posed by targeted attacks to their data and intellectual assets. PAPS is the definitive answer to this demand for advanced security services. We are more than satisfied that PAPS will be a cornerstone of Indra’s cyber-security center (i-CSOC),” says Josu Franco, VP Corporate Development at Panda Security.

Advances security for a distributed infrastructure

The Eulen Group, a leading provider of business outsourcing services, required an advanced security solution for distributed infrastructure, with diverse software requirements across its numerous business units, a high degree of endpoint mobility, and an increasing level of cloud solutions implemented throughout the company. In such a context, Panda Advanced Protection Service has been highly valuable to Eulen, thanks to the monitoring, blocking and prevention of the most dangerous attacks.

“After the success of this project, and thanks to the quality of the services delivered, Eulen is now concentrating on the security of new operating systems such as Android, and as such is considering further collaboration with Panda Security,” Alejandro Las Heras, Technology Director at Eulen Group.

“Thanks to Panda Advanced Protection Service, Eulen now has a service that closes the window of opportunity for malware. It classifies everything that tries to run, and what can’t be classified is blocked. In short, it prevents malicious exploitation of anything run, and monitors data access,” explains Josu Franco, VP Corporate Development at Panda Security.

A unique, disruptive model

Panda Advanced Protection Service is positioned in the vanguard of new trends in cyber-security. As confirmed by the Gartner Group, in 2018, some 80% of endpoint protection platforms will include forensic analysis and user monitoring capabilities, against the 5% recorded in 2013⁽¹⁾.

Other Gartner sources predict that by 2017 over 50% of user devices will only allow the running of applications that have been previously classified in line with security and privacy criteria, in comparison with the current figure of 20%⁽²⁾.


(1) Source: “Designing an Adaptive Security Architecture for Protection From Advanced Attacks.” Published: February 12, 2014. Analysts: Neil MacDonald, Peter Firstbrook        
(2) Source: Magic Quadrant for Endpoint Protection Platforms. Published: January 8, 2014. Analysts: Peter Firstbrook, John Girard, Neil MacDonald.