Author Archives: Panda Security

Is Captcha dying? What will protect us in future?

You may not know what CAPTCHA is, but you’ve certainly used it many times before. That distorted text that needs to be retyped before you can submit a form on a website? That is CAPTCHA in action.

CAPTCHA is actually a very important tool for protecting websites against bots and automated hacking tools. Malicious apps are very good at completing forms automatically, but not so good at decoding the text hidden in images. And it was this principle that led to the creation of CAPTCHA tests in the first place.

Are you a human?

Bots have been a major problem for website owners for many years. To help separate real people from bots, technologists invented the Completely Automated Public Turing Test to tell Computers and Humans Apart – CAPTCHA. Humans can read the text hidden in the pictures, computers cannot.

Recently the CAPTCHA test has changed somewhat. Now you are presented with nine small pictures and you must click all that match a specific instruction; all the pictures that contain a storefront for instance. The basic principle remains the same though – bots cannot accurately analyse the picture, so they cannot fool the system.

Computers can pass the test

The problem is that computers are getting smarter. Artificial Intelligence and machine learning technologies means that bots can teach themselves how to analyse images and identify the letters hidden in them. They can even accurately identify elements in images, allowing them to circumvent newer CAPTCHA systems.

What next?

Unfortunately, this means that CAPTCHA no longer offers protection against bots. It also means that websites still using CAPTCHA are at risk of hacking.

Web technology specialists are looking at other ways of detecting whether you are human or not. One solution proposed by Amazon is the use of a test that humans will fail – like counting how many times the letter ‘e’ appears in a long sentence. Bots will not fail these tests – but people often will.

Google have developed another alternative they call ‘Invisible reCaptcha’. The system uses AI to detect how you interact with the webpage, tracking mouse movements and click times for instance. Because a bot does not make these “human” motions, the system can identify and block them – without you even knowing that it is there.

We need a working replacement

By keeping bots away from their websites, site operators ensure that their mailing lists are accurate, competitions are not cheated, goods and tickets are not sold to illegal touts and re-sellers, and that your data is not stolen. So a working CAPTCHA system is actually benefits you too.

If a suitable CAPTCHA replacement cannot be identified, it may be that website owners are forced to use an alternative system that verifies identities. Social logins – like Facebook and Google – are a useful option, but they can also be exploited by bots.

It may be that the fight against bots becomes a race between Artificial Intelligence systems; the good guy site operators battling hackers with ever smarter computer systems that can train themselves to spot a human. Ironically, we can expect to see less human input into the decision making process in future.

Download Panda Mobile Security

The post Is Captcha dying? What will protect us in future? appeared first on Panda Security Mediacenter.

Cyberattackers don’t take summer holidays

August is many clients’ preferred time of year to take some time off. This usually means that a lot companies experience a reduction in demand for their products and services, with the obvious exception of companies in the tourism or hotel industries. As a result, organizations adjust their activity to adapt to this lower demand.

These changes in a company’s activity can lead them down two dangerous paths in terms of cybersecurity: the erroneous belief that cyberattacks will let up in the summer months, and a lowering of their guard, either due to this belief, or as a direct result of the reduced activity.  Both are mistakes that can have very serious consequences.

August is a busy month for cyberattacks

According to the data compiled in’s timeline of attacks, in August last year, 89 high impact cyberattacks were registered. This means that August was the third busiest month for cyberattacks in 2017. Of these attacks, 78% were cybercrime and 10% were cyber espionage.

Among the most notable attacks were the attempts of one Nigerian cybercriminal to infect, defraud, and steal data from 4,000 organizations, including financial, industrial, oil, and infrastructure companies.

In another incident, an attack that had made headlines around the world a few months earlier came back to threaten some companies in August: WannaCry forced electronics manufacturer LG to shut down part of its systems in South Korea for two days in order to prevent the further spread of the attack.

Finally, it’s also worth mentioning that a cyberattacker from the collective Anonymous managed to access confidential data belonging to a company that manages appointment bookings for the UK’s National Health Service. The attacker gained access to the data of 1.2 million British patients.  While the company was quick to highlight that at no point did the attacker have access to patients’ medical history, they did obtain data such as contact names, phone numbers, and email addresses.

As for this year, the data for July isn’t yet available. However, Hackmageddon points out that during the first half of this year, every month has seen more attacks than in 2017. This trend suggests that these weeks will also see a high number of attacks.

Never let your guard down

 None of the most wanted cybercriminals’ most dangerous attacks came with an advance warning. What’s more, given that these statistics show that cyberattacks don’t let up either in number or intensity over the summer, a company’s cybersecurity measures should be as strong as they are every other month of the year.

In the summer it is vital to maintain vigilance in order to have complete control over authentication, identity management and encryption.  Following the Zero Trust model — not trusting anything or anyone — is the best strategy for the company. It’s also vital to prioritize the defense of critical assets. Cybercriminals will try to get the highest revenue possible during this period, since people tend to be more relaxed. This means that it’s essential to evaluate the risk posed by each system and application, and focus efforts on protecting the basic elements that are needed for the company’s day-to-day running.

It’s also important to remind employees of the importance of staying vigilant over the summer, especially if they access company files from their holiday destination, or from public areas like airports and train stations.  Connecting to public WiFi could put the security of your company’s information at risk.  This is why it’s so important to provide a VPN that employees can use to access the Internet with total security.

As well as protecting access to information, we mustn’t forget to make backups and provide proper protection for them. The information contained in these backups is vital, so appropriate security measures must be applied to them.  Should an incident occur, these backups have to be used. As such, only people who absolutely need them should be able to access them, and the passwords to get into them should be strong.

Finally, in order to maintain a suitable level of security over the summer, it’s vital to have in place advanced cybersecurity solutions like Panda Adaptive Defense 360. Companies need to opt for detection, prevention and response solutions with functionality and full expert support 24 hours a day, 365 days a year. Having this kind of solution and following the above recommendations are the best way to protect your company from cyberattackers that, as the statistics show, don’t take holidays.

The post Cyberattackers don’t take summer holidays appeared first on Panda Security Mediacenter.

How much could a personal data breach cost your company?

Last month we found out the results of the investigation into the Cambridge Analytica and Facebook scandal in the UK. The social network has received a fine of £500,000, a paltry sum in comparison with its annual turnover, and also in comparison to the fine it could have faced within the framework of the GDPR.  However, economic sanctions imposed by data protection bodies are not the only costs stemming from a data breach.

A report carried out by Poemon Institute has shown that the average cost of a personal data breach is 3.86 million dollars, a 6.4% increase compared to last year.  Within this cost are expenses such as detecting the breach, carrying out an investigation, informing the pertinent authorities, legal services, and public relations.  To all of this we also need to add the loss of client trust, another element that can damage a company’s finances.

The average size of a breach of this type has also increased, something that has contributed to the increase in costs, since, according to the study, the more records that are lost, the more expensive the breach is. For example, a breach of under 10,000 records has an average cost of $2.1 million, while a breach of 50,000 records costs $6.5 million.

The study was carried out before the GDPR came into effect. However, it predicts that the European regulation will mean a huge increase in the average cost of a breach of personal data, since the maximum fine can be 4% of annual turnover or up to €20 million, a considerably larger sum than the current average.

The cost depends on the type of attack

Three different causes of data breaches are identified in the report: criminal or malicious attacks (48% of cases), human error (27% of cases) and system glitches (25% of cases). The most expensive case was criminal attacks, with an average cost of $157 per record.  This can be put down to the fact that these incidents are more difficult to detect, and even after being detected, take longer to contain. In comparison, a breach caused by human error has an average cost of $128 per record.

Other factors can also cause the cost of an incident of this type to vary. For example, the geographical location of the company – the cost rises to 7.91 million dollars in the USA, and goes down to 1.24 million in Brazil. The speed with which the breach is contained also plays an important role. If the breach can be contained within 30 days, the cost is reduced to $3.09 million, whereas if it takes over 30 days, the cost rises to $4.25 million.

These days, with the proliferation of the Internet of Things (IoT), it may come as no surprise that the use of mobile devices has an effect on the cost of a data breach. Extensive use of this kind of devices can add $10 per record to the cost of a breach, while the loss of a device adds $6.5.

How can you save your company the costs related to data breaches?

The most important thing when it comes to mitigating the risks related to this is to be extremely careful with how personal data is handled. It’s vital to know where data is stored and to know who has access to it. With Panda Data Control you can discover and audit unstructured personal data on endpoints: from data at rest, to data in use and data in motion. This module of Panda Adaptive Defense generates reports and alerts in real time about unauthorized use of data, to avoid exfiltrations, and to help you to implement proactive operation and access measures in your company.

The post How much could a personal data breach cost your company? appeared first on Panda Security Mediacenter.

The most wanted cybercriminals: A threat to companies

The end of June 2017. The network HBO, responsible for some of the world’s most successful series, spots something worrying: emails from its executives and even scripts for its most legendary series, Game of Thrones, are being leaked online.

Shortly afterwards, the company receives a warning from someone who claims to have stolen 1.5 terabytes of confidential material: unreleased Game of Thrones scripts, episodes of the series, plot summaries, and content from other shows, such as Curb Your Enthusiasm, and The Deuce among others.

A 6 million dollar ransom in bitcoin

The cybercriminal threatened to release all the material in his possession, and set his price:  6 million dollars. HBO had a deadline of three days to pay the bitcoin ransom, otherwise the 1.5 terabytes would be released. Part of the material was indeed released, but just a fraction of it.  How much HBO paid is still unknown (if indeed they paid anything).

The person responsible for shaking the foundations of the TV industry went by the name of Skote Vahshat. But now we know his real name.  He is an Iranian national called Behzad Mesri, who, since then, has been on the FBI’s list of most wanted cybercriminals.

A 100 million dollar theft

This FBI list is a collection of some of the most notorious and dangerous criminals in the IT world.  Among the names on the list is Evgeniy Mikhailovich Bogachev, better known as Slavik, the developer of Zeus, a piece of malware that was capable of obtaining bank account numbers and the passwords necessary to access them.

Slavik left a long list of victims in his wake: at the height of his activity, Russia’s premier cybercriminal managed to amass over 100 million dollars in a series of crimes against the corporate cybersecurity of several companies, such as Oracle and Bank of America, and even managed to obtain information from the US Department of Transport and NASA.

46 financial institutions brought down

Large banks aren’t safe from this type of crime either.  Between 2011 and 2013, seven Iranian citizens (Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar y Nader Saedi) devoted themselves to carrying out distributed denial-of-service (DDoS) attacks against a plethora of US banks, managing to crash their websites and endanger their cybersecurity.

The seven cybercriminals weren’t exactly acting alone. In the ensuing police investigation, it was revealed that all of them worked for the companies ITSec Team and Mersad, two private companies that are frequently contracted by the Iranian government.

The result?  No fewer than 46 US banks and financial institutions suffered a total of 176 days of cyberattacks. These companies lost tens of millions of dollars. They of course had to face the cost of tackling (or mitigating) the attacks, but there was also the cost of the subsequent compensation for their clients due to the downtime of almost all of their services.

How to protect corporate cybersecurity

There is no doubt that this kind of cybercrime puts the companies that it hits in a tight spot. But it also affects those that haven’t been exposed to it, but are worried about finding themselves in the same situation at some point in the future. As a consequence, institutions must act on two fronts to protect their corporate cybersecurity.

1.- Prevention. The best way to protect against a cyberattack is to be prepared. Companies should therefore establish measures that, even if they don’t entirely eliminate the risk, help to minimize it.  In this sense, it’s vital to have advanced cybersecurity solutions in place that establish the firewalls that are necessary to keep out all kinds of intruders. This is exactly what Panda Adaptive Defense does. In any case, companies need to make employees aware of cybersecurity protocol. This includes not trusting unsolicited emails and not downloading attachments unthinkingly. They also need to know who to turn to if they have any doubts, so as not to put the company’s IT security at risk.

2.- Reaction. When a group of cybercriminals has the knowledge, the resources, and the time needed to attack a company’s cybersecurity, it’s not always easy to keep it from happening.  For this reason, companies should also have an action protocol in place for the moment they become aware of an attack.  They will then proceed to close as many channels of communication as possible, try to locate the focal point of the problem, and find a solution.

The level of sophistication of the attacks carried out by the FBI’s most wanted cybercriminals is a challenge to corporate cybersecurity, and is yet another reason for organizations to invest in measures to make themselves more cyber-resilient.  At Panda Security, we have at our disposal the latest technology as well as the most highly skilled team of experts to help your company to achieve this goal, with a new security model that has all the answers.

The post The most wanted cybercriminals: A threat to companies appeared first on Panda Security Mediacenter.

Group Video Chat Now Available on WhatsApp

WhatsApp, the Facebook-owned voice, video, and messaging app, recently announced that group video calling has finally arrived for their 1.5 billion users. The cross-platform app that sees more than 60 billion messages sent per day said that its user base can now make group video calls with up to four people in total per call. To add more participants to the call all you have to do is start a one-on-one voice or video call and then click on the “add participant” button located in the top right corner of your screen. Even if all four call participants are based in four different contents, they will still be able to video chat with each other as long as they have installed the latest version of WhatsApp on Android or an Apple device and have a reliable internet connection.  If one of the people drops, even if it is the person who started the call, the remaining three will remain connected.

The long-awaited group video calling option for WhatsApp does not come as a surprise – back in May, Facebook announced that group video calling capabilities would be added to WhatsApp’s list of features sooner than later. Speculators were expecting it to happen at some point in the fourth quarter of 2018, but WhatsApp managed to roll out the new feature less than three months after the tech summit. The new feature was a needed move for the company as they were one of the last popular online messaging platforms not supporting group video chats. Rival messaging platforms such as Giant has been offering the option for simultaneous group calls for up to 200 people for years.

What are the risks of WhatsApp’s new feature?

WhatsApp has been enjoying a constant user growth ever since it was created back in 2009. Sadly, the increased popularity attracted some of the wrong crowds too – online predators see the trendy platform as yet another playground where they can execute all sorts of phishing and scam campaigns. Whether it is a fake retail coupon or an invitation to an “unbelievable deal” that leads you to a malicious website, hackers have been trying to lure WhatsApp users into trouble for years.  With the introduction of group video calling they now have one more tool to get even more creative with their phishing techniques.

WhatsApp is particularly popular among vulnerable groups of people as it is considered very user-friendly and does not require password setup – the app is easily accessible by youngsters and the elderly. If you want to be on the safe side, the connected devices used by all members of your family must have antivirus software that comes with parental control capabilities. Keeping an eye on the online activity of your loved ones must be a priority!

Download Panda Mobile Security

The post Group Video Chat Now Available on WhatsApp appeared first on Panda Security Mediacenter.

How patches can help you avoid future problems

Last year we saw one of the largest personal data breaches in history, when the personal data of 147 million people was stolen from the US company Equifax.  What was the cause of such an enormous breach? The answer is simple: an application that hadn’t been updated. A vulnerability in the web application Apache Struts allowed hackers to access the data without any difficulty. And this theft could have been avoided: there was a patch available for this vulnerability months before the attack happened.

This case is just one of many in which applications that needed updating have caused security incidents, and serves to underline the importance of patch management in corporate cybersecurity. This is something that has been confirmed in a recent study of 3,000 cybersecurity professionals carried out by Ponemon Institute and ServiceNow.

The results demonstrate that a company that is able to detect a vulnerability quickly and apply a patch in a timely manner are less likely to suffer a personal data breach. Time is of the essence: the time between a patch being released and an attack that exploits the vulnerability has reduced 29% over the last two years. This means more pressure on IT professionals to apply patches as quickly as possible.

Automatic vulnerability detection reduces risks

A measure that can reduce the possibility of suffering a security breach by 20% is carrying out a vulnerability scan. The study highlights that a manual search can take hours, while, as we have mentioned, during an incident, speed can mitigate irreparable damage.  However, 30% of companies that have suffered a breach of this type don’t carry out this kind of scan. This is a highly risky bad practice, where the biggest loser is the organization itself.

A lack of scanning may also be the reason for another worrying figure: 57% of companies that suffered a breach say that it was possible due to a vulnerability for which a patch was available when the breach happened. If we don’t know what vulnerabilities there are in the system, there is a much higher possibility of them being exploited.

Another problem that has been revealed by the study is that almost two thirds of companies have trouble knowing which patch to apply first, since they don’t have enough information to be able to prioritize each patch. If they are unable to prioritize, urgent problems may go unresolved, while other less important problems are resolved first.   Again, this is something that could be improved via the use of automating tools.

Time needed to find and apply patches

According to the report, managing a company’s vulnerabilities entails a major workload: companies spend an average of over 321 hours a week managing the vulnerability response process. This is the equivalent of eight full-time employees’ working weeks.

How can difficulties related to patching be avoided?

The most important thing when it comes to patches is to be able to know what vulnerabilities exist in the system and what patches need to be applied.  With Panda Patch Management, you can manage all the patches that are necessary for your systems. Patch Management audits, monitors, and prioritizes updates on operating systems and applications. In exploit and malicious program detections, it notifies you of pending patches. Installations are launched immediately, or scheduled from the console, isolating the computer if needed.  This way, you’ll be able to manage the patches that your company needs, without having to invest more time or resources in it.  This way you’ll complete your protection system in order to shield your assets.

The post How patches can help you avoid future problems appeared first on Panda Security Mediacenter.

The Comprehensive Guide to Cybersecurity – A Free Online Webinar Series

Large scale Ransomware attacks and data breaches have dominated the news recently. “It is clear from these cybersecurity incidents that traditional methods of protection are no longer enough to prevent attacks” says Jeremy Matthews, Regional Manager Panda Security Africa. “Organisations need to adopt a new approach to cybersecurity leveraging next-gen Endpoint Detection and Response (EDR) and Remote Monitoring and Management (RMM) technology,” explains Matthews.

The landscape has changed significantly in the last few years, with attacks becoming increasingly sophisticated and targeted. Additional pressure from data control regulations such as GDPR and POPIA, as well as the influx of IoT devices make securing and managing the organisation’s network a challenge.

With this webinar series, Panda Security aims to provide insights into the evolution of cyber threats and the key challenges we now face, as well as address common misconceptions about security solutions and discuss the new model for creating cyber-resilient organisations.

The first online webinar in the series – Catching the Intruder in his Tracks, takes an in-depth look into the evolution of threats. The webinar will provide insights into how forensic data can be used to hunt for threats, giving examples of attacks stories and case studies.

Is your AV Causing More Harm Than Good – the second edition to the series, will discuss key challenges in today’s cybersecurity environment. The webinar will provide insights into why traditional AV products can leave your organisations vulnerable and why some international governments have chosen to ban certain security providers. It will cover whether your AV technology meets compliance needs under GDPR and POPIA.

The series will culminate with a look into how organisations can leverage centralised device management tools to improve efficiencies and take control of their IT infrastructure – providing insights into the solution, its benefits and the implementation process.

This not-to-be-missed, online webinar series will give business leaders and decision makers the knowledge and tools they need to build cyber-resilient organisations. The series runs from the 7th of August to the 25th of September and is completely free to attend.


Catching the Intruder in his Tracks – Advanced Threat Hunting

Is your AV Causing More Harm than Good?

Centralised Device Management from the Cloud

The post The Comprehensive Guide to Cybersecurity – A Free Online Webinar Series appeared first on Panda Security Mediacenter.

Bug bounty programs: from Netscape to now

The world of cybersecurity and hacking has changed a lot in recent years, especially the stereotypical image of hackers that was so popular a few decades ago. It is a concept that has evolved rapidly within the IT and cybersecurity industries.

In the early 90s, a trend started to gain momentum: large companies that, far from fearing those who were skilled at creating security breaches, decided to hire them, and put them in charge of their corporate cybersecurity. Because, as you know, if you can’t beat them, join them.

Forerunners of bug bounty

In 1995, Netscape decided to take this trend even further.  Right at the moment when its Netscape Navigator 2.0 Beta was flourishing, the company encouraged developers from all over the world to look for security bugs in its browser. This wasn’t some altruistic act, and it wasn’t just for fun. Netscape offered a financial reward to those who found any possible bugs.

This may just seem like an interesting anecdote, but in fact, it set in motion an extremely interesting practice. Because, whether they were conscious of it or not, Netscape had just invented bug bounty, an initiative where companies launch official contests where they encourage skilled IT security experts to look for security bugs in their systems.

Cybersecurity companies and tech giants

It was some years before Netscape encountered another company that was doing the same thing, but in 2002, the idea started to gain traction: iDefense launched its bug bounty program, while the Mozilla Foundation and TippingPoint joined in in the following years.  All of them offered a reward of between 400 and 500 dollars cash to anyone who managed to break their corporate cybersecurity via a pen testing exercise, based on attacking different IT environments in order to find and report their weaknesses.

These days, procedures like this are an absolute must for cybersecurity entities like CanSecWest, but also for all kinds of tech giants, such as Google, (who paid almost 3 million dollars in rewards in 2017), Facebook, Dropbox, Tesla, or even Microsoft.  The rewards have also gone up: currently a programmer who is able to break through security breaches and find these bugs can even earn up to 500,000 dollars.

Things have reached such a level that, as well as specific companies’ projects, there are pioneering global initiatives that are working on this kind of project. The most famous of these is HackerOne, the platform that analyzes possible security breaches in large companies like Airbnb, GitHub, General Motors, Nintendo, and even public bodies such as the US Department of Defense.

A headhunting exercise

For many of these companies and the people who take part in their challenges, the financial reward is, in reality, almost the least important thing. The fact is that very often, bug bounty events can serve as a perfect talent pool for this type of company to bring on board the best undiscovered cybersecurity experts. The salary of a new job can be a rather more attractive reward than a cash prize.

What’s more, for many tech companies, these contests, far from showing them up as companies with weak cybersecurity, mean a real boost for their publicity and marketing, especially when it comes to opening up to the hacking community and encouraging a culture of responsible cybersecurity.

Ethical hacking

One key factor shouldn’t be forgotten: bug bounty isn’t based on a malevolent philosophy, or on the desire to bring down a company’s cybersecurity. Quite the contrary: the basic premise is to find bugs, report them, and collectively contribute to the IT security of the companies that hold these events.

The popularization of bug bounty is doubtless the clearest proof of the fact that many businesses’ mentalities have shifted: whereas it used to be the case that those who reported these bugs were met with legal threats, now, their active, prudent, and ethical search for this type of problem is rewarded. Whatever it takes to fight, all together, for the future of corporate cybersecurity.

The post Bug bounty programs: from Netscape to now appeared first on Panda Security Mediacenter.

10m customers affected by Dixons Carphone hacking

When Dixons Carphone approached the UK Information Commissioner’s Office to report a suspected data breach in June, it was believed that around 1.2 million customers were affected. But with the assistance of the National Cyber Security Centre, investigations have revealed the incident to be ten times worse than thought.

Extensive forensic analysis has found that more than 10 million customer accounts have been compromised. Hackers appear to have accessed a vast amount of personal data including names, postal and delivery addresses and email addresses.

No sign of fraud. Yet.

When speaking to the press, Dixons Carphone management has been keen to stress that there is no sign of sensitive financial data like credit details being stolen. They also point out that there have not been any reports of fraud associated with the hacking as yet.

But with so many customer records having been exposed, there is always a risk that they will be used for fraudulent purposes at some point in the future. It is also important to note that although criminals would prefer to steal credit card details, they can still begin the process of identity theft using names and address data.

The actual hacking took place last year, so it seems unlikely that the criminals plan to use the data they accessed.

100,000 shoppers at risk

Dixons Carphone has also been keen to downplay another aspect of the ongoing data security investigation. A second, possibly unrelated, breach of the corporate payment processing system resulted in more than 5.9 million payment card details being stolen.

Analysis of the breach reveals that the vast majority (5.8m) of the exposed cards are protected by Chip and PIN technologies, making them virtually impossible to clone. A further 105,000 older cards are not as well protected and may still be used fraudulently.

There is also no sign that these card details were successfully exported from the Dixons Carphone systems – just that they have been accessed illegally by an unknown third party.

Will there be a massive GDPR fine?

The General Data Protection Regulation recently came into force, specifying potentially huge fines for any business that fails to properly protect personal information. If the breach is sufficiently extreme, these fines could reach €20m or more.

Because these incidents took place before GDPR came into force, Dixons Carphone are facing a maximum fine of £500,000. Still a significant penalty, but nowhere near as devastating.

I’m a Dixons Carphone customer – am I safe?

Dixons Carphone has made it quite clear that the security failings which led to the breach have now been addressed. They have also added new security measures to further strengthen their defences against future attack.

Will they fall victim to hackers again? It’s hard to know for sure. The embarrassment caused by this incident will help to ensure that Dixons Carphone treat customer data with greater care in future however.

Why not check your own PC security defences now? Download a free trial of Panda Dome to keep the hackers away from your personal data.

Download Panda Mobile Security

The post 10m customers affected by Dixons Carphone hacking appeared first on Panda Security Mediacenter.

Android and Apple users affected by a Bluetooth vulnerability

Few days ago The United States Computer Emergency Readiness Team (US-CERT) issued a statement informing the masses about a Bluetooth vulnerability. The fault has been seen on equipment using Qualcomm and Intel chipsets, and Broadcom devices, meaning that almost every Android and Apple user in the world could have become a victim of cybercrime. The vulnerability affects Bluetooth firmware and operating system software drivers, and it allows remote attackers to exploit it to obtain sensitive information.

Attackers within Bluetooth range of two connected devices have been able to utilize a man-in-the-middle network position allowing them to log all information exchanged between the connected devices. The vulnerability lets hackers decrypt, monitor, and even interfere with the traffic sent between the two devices. Millions of devices have been susceptible to being penetrated. A missing validation in the encryption method used in Bluetooth is named as the main reason for the vulnerability – hackers have been able to obtain the keys required to unmask information that is supposed to be encrypted.

Luckily, obtaining the keys is not possible 100% of the time, and even if the OS of one of the connected smart devices is fully up-to-date, hackers are not able to interfere with the connection. In a statement, Bluetooth SIG highlighted that for an attack to be effective, the hacker would not only need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure, but the hacker would also need to intercept the public key exchange by blocking each transmission, sending an acknowledgement to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. Not a relatively easy task!

All affected vendors have issued patches to address the vulnerability. If you’ve been delaying the software update on your phone or a tablet, now is the perfect time to charge up your smart devices and leave them to perform the updates.

We remind you that Bluetooth exploits are not something unseen and such exploits could be used against you. The best way to avoid becoming a victim of cybercrime is to have quality antivirus software installed on all your smart devices, and to make sure all your devices are running the latest versions of their operations systems. Lastly, turn off your Bluetooth when you are not using it – you will decrease the chances of getting hacked, and you will increase your device battery life.

The post Android and Apple users affected by a Bluetooth vulnerability appeared first on Panda Security Mediacenter.

How can I protect my fleet of vehicles against cybercrime?

The first connected vehicles started appearing in the mid-90s, alongside the development of the first commercial cellular networks. To begin with, they had very basic functions, such as direct voice connection with emergency services. Later on, one of their key functions was added: GPS tracking in order to share the exact location of the vehicle.

Nowadays, they are more widespread than ever. Statista estimates that by the year 2020, there will be 83 million connected vehicles in existence.  Although more and more private vehicles have some kind of online technology, it is businesses and their fleets that most benefit from these technologies, thanks to the telematic data provided by OBD (on-board diagnostics) ports in vehicles. 

Attack vectors: from OBD ports to management platforms.

OBD ports were originally designed to monitor emissions, but nowadays they provide all sorts of data, from the vehicle’s location and driving parameters (speed, acceleration, etc.), to weight and type of freight, and the state of the vehicle’s mechanical components.  Using cellular networks and a SIM card, this data is generally sent to a centralized platform that the company’s fleet manager operates using some type of interface.  This way, the manager controls the real time position of their vehicles, their status, as well as the status of the freight and their routes.  This means it is possible to optimize routes in order to save time and fuel, as well as making decision that can improve the operation of the fleet.

However, these ports, telecommunications, and centralized platforms pose several important questions in terms of the security of these fleets. Who needs to have access to this data? What about to the devices? Are the communications safe? What about the platform? If the vehicles are transporting valuable goods, finding out the location and route of each vehicle, as well as what it is carrying, is a desirable goal for potential thieves. For example, if the thieves managed to gain access to data belonging to a cash-in-transit company, they could find out the exact time that the van was going to deliver the cash to the bank, and find out the most vulnerable points of the route, in order to rob the vehicle.

In any case, it isn’t necessary to picture movie scenes of spectacular heists on armored cars in order for cybercrime to endanger a company with a fleet of vehicles.  In Texas, a former employee at a car dealership sought vengeance against the company, and managed to disable 100 clients’ cars simultaneously, using the fact that the vehicles were connected to a central control system that allowed them to be blocked in the event of nonpayment.  What’s more, malicious software affecting the platform could in itself seriously endanger the company’s operations with its fleet of vehicles: it could result in delays or mistakes in the vehicles’ routes, generating economic losses or even put the drivers’ safety at risk.

Measures to protect your fleet of vehicles

So, how can we protect our fleets of vehicles from cybercrime?  NAFA, the Fleet Management Association, has several recommendations, which we have summarized here:

  • Securing access to vehicle ports: This is the main way into each vehicle’s data, and so access to it should be restricted to trusted professionals and a guaranteed telematics provider.
  • Encryption on telecommunications: the telematics solution provider mustn’t leave data security exclusively in the hands of the telecommunications operator, and should guarantee that all data that is sent has point to point encryption.
  • Development of an internal data privacy policy Companies must establish mandatory rules to protect the fleet of vehicles’ sensitive data, which should cover all areas: from access to ports, to the management of the platform only by authorized persons and using secure passwords.

 Protecting platforms: The software of fleet management platforms must be up to date and protected against all kinds of external malicious attacks that can put the fleet of vehicles’ data at risk, using effective cybersecurity solutions and measures.

 Of the four recommendations, the most critical is probably protecting the platform, since the whole fleet of vehicles depends on it, as do their information, routes, and freight.  In this context, companies must seek advanced cybersecurity solutions that have the full capacity to prevent, detect, and respond to any kind of risk, and that acts quickly to mitigate the damage in case of problems.

The post How can I protect my fleet of vehicles against cybercrime? appeared first on Panda Security Mediacenter.

A lack of cybersecurity training could lead to dismissals in your company

A study published last month has revealed some important data about cybersecurity awareness in companies. According to the study, 31% of UK companies that have experienced a data breach have fired an employee for negligence in relation to the breach. This figure is a clear indication of the important role played by employees when it comes to cybersecurity.

This study comes a little over a month after the GDPR came into force, and shows that the new regulation has helped to increase awareness about personal data stored and shared on endpoints and networks in all kinds of organizations.

The same study also reveals that 88% of large companies in the country believe that employee negligence is the biggest risks in terms of information security. There are many kinds of negligence that can affect a company: for example, a weak password or the loss of a device can lead  to data leaks.  Something else that can cause serious problems is neglecting security updates for software.

Lack of IT training

However, despite the fact that companies are fully aware of the vital role played by employees in the protection of data, they haven’t carried out an efficient training plan with the aim of avoiding the catastrophic consequences that an incident related to confidential information can mean for the company. And the fact is that a lot of the time, involuntary negligence can be mitigated with adequate training in cybersecurity protocols.

The percentage of large companies that have given their employees training of this type – the dangers of using public WiFi and identifying fraudulent emails, for example – is relatively low. With a total cost to the US economy of 676 million dollars last year, information about tactics such as the use of fraudulent email to compromise not only an endpoint, but the whole corporate network via lateral movements once the action has been carried out, is especially important.

The percentage of small companies that offer this type of training is even lower. This serves to underline the fact that many companies of this size still have a long way to go to get up to speed with cybersecurity.

The results of a basic IT skills test have further highlighted the lack of elementary awareness of IT matters among employees: only 1% of participants got full marks.  A worrying trend was the inability to identify file extensions.  This could well facilitate the job of those who want to get malware onto computers by attaching malicious .exe files; if an employee doesn’t know the meaning of the file extension, they are more likely to open it, putting the whole company’s cybersecurity at risk.

Nowadays, a strong cybersecurity policy is vital for any company. However, the company may still be at risk if an employee doesn’t follow protocols.  And since many employees are unaware of whether their company even has any kind of cybersecurity policy, the likelihood of their breaching this policy is alarmingly high.

Staffing problems

This issue is exacerbated by something that has been emphasized by IT managers:  many say that it is getting harder to find professionals with the right cybersecurity skills. This means that many companies’ IT security may be at some risk, not because of a lack of preparation on their part, but because they are unable to fill key positions in the company with qualified workers.

As well as providing employees with adequate training, remember that there are advanced cybersecurity solutions, like Panda Adaptive Defense. A cybersecurity suite managed by specialized PandaLabs technicians that, thanks to its 100% Attestation service, can cover any detection gap, ensuring the trustworthiness of all running processes and allowing you to react in terms of prevention, detection, and response against known and unknown malware.  This way, Panda Adaptive Defense allows you to increase the efficiency of the IT department, locating security risks or abuses in the use of corporate infrastructure, so that they can focus on what is really important for the running of your company.

The post A lack of cybersecurity training could lead to dismissals in your company appeared first on Panda Security Mediacenter.

Do we trust privacy technology too much?

The Internet has become absolutely vital to maintaining relationships in the modern world. As well as our social network of friends from across the globe, we also rely on a collection of apps and online services to stay in touch with our loved ones who we see every day.

This has some interesting implications on what we say online. We are very careful to regulate what we say, depending on the potential audience. We are unlikely to share our deepest secrets publicly on our Facebook timeline where anyone can see them for instance. But we may use a private Facebook Messenger chat session to discuss deeply personal issues with a trusted friend.

The illusion of privacy

Some apps – like Facebook Messenger and Snapchat – claim to offer enhanced privacy protections. Snapchat promise that messages sent using the app are automatically deleted in 10 seconds.

As a result, users are tempted to share more sensitive information than they would using a standard messaging app. But there is a problem.

Take Snapchat for example. Photos and messages really are deleted after 10 seconds – from the recipient’s phone. But that doesn’t mean that the picture is gone forever. By taking a screenshot, or using another app, the recipient can keep a copy of the picture – and you have no control at all over what they do with it.

The app may feel private, and the app developer may promise that your data is secure, but nothing can completely protect your privacy. This is the “illusion of privacy” and it can cause serious problems when you take these promises at face value.

Hiding and seeking online

Security experts call this desire for privacy online “hiding”. Many apps contain features specifically designed to help us hide – and all too often they overpromise on how protected we really are. Because for every “hiding” app, there is another designed for “seeking”, helping to circumvent those safeguards and uncover the information we want to keep hidden.

Often it is the human factor that is the greatest threat to our privacy. The hiding technology works in principle, but it does not take into account what other people do, or their actions to expose us.

This is a serious problem because our trust in privacy technology can be used against us. If the system is secure and we trust it, we are more likely to share extremely sensitive information using it. When this trust is broken by a seeking app used by an untrustworthy contact, the fall-out can be incredibly severe.

Taking a default position of mistrust

In order to better protect our privacy, we must each take greater responsibility for what we share online. Tech companies know that people are concerned about their privacy, and they make many bold statements about how they will protect us.

But the truth is none of these safeguards is foolproof. It may be that if you want to share an unpopular opinion or some personal photographs, social media apps and services are not the tools to use.

To learn more about protecting your privacy, download a free trial of Panda Dome today.

Download Panda FREE VPN

The post Do we trust privacy technology too much? appeared first on Panda Security Mediacenter.

Panda Endpoint Protection Plus on the new Aether platform, tested by AV-Comparatives

For the first time, the independent laboratory AV-Comparatives, an organization that tests and evaluates the antivirus software made by the industry’s main manufacturers, has tested the cybersecurity solution Panda Endpoint Protection Plus, a solution that is managed from the Aether platform, in its Business Security Report 2018 (March – June).

Over the course of 2017, Panda Security achieved maximum levels of protection in the Real-World Protection Test, leading it to take home that year’s Gold Award. Now the organization has started to evaluate advanced cybersecurity solutions for companies, and Panda seeks to demonstrate its excellence in the corporate segment, where it triumphs thanks to its disruptive model, which has been certified by many institutions.

Main Endpoint Protection Plus functionalities on the Aether platform

At a moment when the cybersecurity market is extremely mature, the competition is fierce, but the solutions, services, and technology on offer are very similar, especially for traditional protection models, Panda seeks to differentiate itself, and presents a unified, innovative platform for all its endpoint security solutions: Aether Platform.

The vision of Aether Platform is to offer complete security management from the cloud. This new platform is efficient, scalable and extensible for the centralized management of all of Panda Security’s endpoint solutions. It is based on 8 pillars:

Real-Time information, Multi-Product, Cross-Platform, Multi-Customer, Granular, Flexible, Detailed and Accessible via API.

Endpoint Protection Plus, the solution evaluated by AV-Comparatives, forms part of the Aether Platform, and so benefits from all of this platform’s features.  The product presents light and easy security and productivity for the endpoint, and provides centralized, uninterrupted protection for all Windows, Mac and Linux workstations, including laptops and servers, as well as the main virtualization systems and Android devices.

The AV-Comparatives evaluation highlights:

The centralized administration at any moment and from anywhere, with no need for technical knowledge.

The usability and clarity of the console that was evaluated, which facilitates the tasks of configuration, installation, and deployment. Advantages that, thanks to its responsive design, you will be able to use comfortably from any mobile device.

– The information and configuration of tasks in real time.

Flexible organization:  Filters, customizable tree and Active Directory.

Information about the software and hardware of each computer.

Control panels and reports with detailed, customizable information based on filters, searches, periods of time, and target groups.

Granular configuration. Granularity allows the recycling of settings and a more efficient management.

Tracking of user activity.

User permissions (Roles) with full granularity.

– Independent configuration tasks with advanced options such as maximum execution time and expiration time.

 Business Security Report: conclusions

After this evaluation, AV-Comparatives states that the overview provided by Panda Security’s cybersecurity solution, with its detailed breakdown, along with the reporting capabilities, should be sufficient for an administrator to understand what has happened.

And the fact is that controlling the security of your IT infrastructure, anywhere and at any time, reacting in real time to any incident, with solutions like Panda Endpoint Protection Plus, is fundamental for the protection of your company.

Though it may seem obvious, it’s worth remembering that those who dedicate more resources to cybersecurity receive fewer attacks. While home users and small businesses make up for 4.41% of attacks, in medium and large companies the figure drops to 2.41%, according to the latest PandaLabs report.  However, although this percentage may seem low compared to the hundreds of thousands of attacks registered every year, it must be remembered that cybercriminals don’t need to attack every computer on a corporate network. By infringing the security of just one of them, hackers can create real problems for their victims.

Donwload the report here

The post Panda Endpoint Protection Plus on the new Aether platform, tested by AV-Comparatives appeared first on Panda Security Mediacenter.

Will you be able to buy a 5G smartphone for Christmas?

Santa Claus may not be the only one coming to town this year – last week one of the biggest wireless carriers in the US added a few more names to their list of cities named to get mobile 5G network by the end of 2018. AT&T confirmed in a statement that the new wireless technology would drastically increase the mobile wireless internet speeds and enhance their first-responders broadband platform. The list so far includes cities from all sizes such as Dallas, Atlanta, Waco, Charlotte, Raleigh, and Oklahoma.

AT&T wants to be the first major US carrier to introduce 5G to their customers and aims to bring its technology to at least a dozen cities by the end of 2018. AT&T hopes that the new 5G network will attract investors to those communities, have a positive impact on jobs creation and drive overall economic growth.

T-Mobile is in the game too; they announced plans to build 5G infrastructure in 30 US cities by the end of 2018. However, even though that the network might be ready for usage soon, they will likely start offering it to its customers at some point next year. Verizon wireless is also catching up on the 5G implementation game but not for their wireless service offering – they are planning on strengthening their position in the broadband market first, by introducing 5G broadband service. They have plans to launch the latest technology to at least four cities in the US, starting with Los Angeles.

How is this going to affect you?

Faster speeds

In an interview for Venture Beat published back in May 2018, Qualcomm spokesperson stated that the 5G speeds would go anywhere from 1 to 4.5Gbps. Having in mind 4G LTE is often referred as offering a 1 Gbps connection, it is safe to say so we can expect the new 5G speeds to make your internet about 2 to 4 times faster than what you have right now. Rapid internet speeds mean that live streaming of ultra-high definition 8k video may come sooner than later.

New phones

The users wanting to experience fasters speeds to their fullest will have to purchase 5G compatible cellphones. All major mobile device manufacturers are actively working on developing the first 5G phones for the US market. While some of them are expected to release brand new 5G compatible devices later this year, the majority of the cell phone manufacturers will leave it for 2019.

Different billing

US wireless carriers will most likely introduce different options for unlimited internet depending on your speed of choice. Verizon Wireless currently offers genuinely unlimited 3G internet speeds to people who cap their LTE data usage. As an example, if you are on an 8GB monthly data plan and you end up using all your data allowance, Verizon Wireless would automatically throttle your speed to unlimited 3G. Downgrading to 3G will make your internet access unlimited but essentially decrease your internet speeds nearly ten times.

Increased data consumption

Moving to a 5G network will undoubtedly increase the amounts of wireless data that you are using. Ultra high-res video will most likely become a standard, and your data consumption will start reaching new highs prompting you to upgrade to higher data plans. This would undoubtedly have an impact on your wireless bill.


The fasters speeds of the advanced 5G technology will not only help wireless carriers meet the ever-growing data consumption demands of their user base but will increase the productivity of first responders and law enforcement. Companies in the cloud computing and AI industries will only benefit from the new technology as they will strengthen the stability of their offerings, and even increase their service portfolios.

What will happen to LTE/4G?

The rollout of 5G does not necessarily mean that your carrier would immediately terminate the existence of their 4G network. Wireless carriers will keep the network up and running as a backup for areas where 5G isn’t available, similar to the way 3G is being used nowadays in the US.

The new technology will inevitably have an impact on everyone in the US. Mixed reality will enter more industries, AI and cloud computing companies will use the technology to grow, and 5G will bring the detail in ultra-high definition video. AT&T’s readiness to deploy 5G by the end of the year is a sign that we may soon see 5G smartphones hit the retail network! However, with great power comes great responsibility, the faster speeds may give more power to cybercriminals too – stealing 1TB of data would not take as long as it does right now. When 5G hits the market protecting all your connected devices will be as important as it is right now!

Download Panda Mobile Security

The post Will you be able to buy a 5G smartphone for Christmas? appeared first on Panda Security Mediacenter.

No kidnapping, no ransom

Large scale ransomware attacks have been big news over the last few months. Thanks to ever more sophisticated samples — such as the recent variant, Synack —that target victims in almost every country, this has become a global threat.

Download the whitepaper

The figures speak for themselves: with a cost of around $5 billion in 2017, and a 350% increase compared to the previous year, there is no doubt that this Trojan’s reputation as a large threat in the cybersecurity industry is still very much intact.  A cyberthreat that is on the rise, and that will continue to exist as long as victims keep paying the ransoms.

Nowadays, as well as being a threat that is constantly evolving thanks to the variety of samples and infection techniques available to hackers, it is also a criminal tactic that, for hackers, is worth investing their efforts in.  Juicy rewards with a low risk of being caught, and a large amount of targets who can be infected; from individual users to large companies, there are plenty of opportunities.

Advice to avoid ransomware:

  • Ensure that employees’ user accounts are protected with strong passwords, and that they don’t have administrator permissions.
  • Don’t open emails from unknown senders or emails that ask you to open them: the best thing to do is to delete them straight away, and under no circumstances reply to them.
  • Don’t trust shortened links or attachments, even if they’re from trusted contacts.
  • Create backups regularly to avoid loosing data.
  • Draw up and implement an auditing plan (carried out by internal auditing teams, or specialized third parties), both for the organization’s systems and for its policies, in order to be able to detect possible vulnerabilities.
  • Invest resources in improving training and staff awareness of IT security, especially when it comes to this type of threat.
  • The importance of multilevel security: In view of current threats like ransomware, basic protection is not enough. To ensure maximum protection, it is highly recommended to use complex, robust multiplatform tools like Panda Adaptive Defense360.

Download the whitepaper

The post No kidnapping, no ransom appeared first on Panda Security Mediacenter.

A step-by-step guide to disappear from the Internet

Celebrities and public figures are not the only ones who get affected by their online publicity. We live in the digital age, and your online presence is starting to determine who you are even if you are not a public figure. Your online life sometimes affects what happens to you in the real one.

You may not think your online presence would be of interest to anyone, but you might be wrong. By merely googling your name, your friends, family, and co-workers might be able to find details about your life that you are not willing to voluntarily share with them. Clues about personal information could be found online – such topics may include your views on things like sexual orientation, political beliefs, religion, hobbies, etc. Your digital prints might be standing in the way of you nailing your next job interview before you even get there. Your old MySpace profile, or Twitter activity from 2009, might be readily available for evaluation by your current or future employer. While you might be proud of your past, do you want all this information readily available to anyone who expresses interest in you?

We have previously discussed that internet privacy is almost non-existent. Sometimes unknowingly, users leave so many digital prints all over the internet that removing it f from the net might be a challenging task. However, it is not an impossible one. No matter what your reasoning behind wanting to delete yourself from the internet is, there are certain things that you can do to make your information and personal data not as easily accessible for everyone. We decided to prepare some of the best practices that might help you achieve the desired internet-free nirvana you’ve been dreaming about.

–    Close all your accounts using

One of the best ways to start deleting yourself from the internet is a website called It is a tool that finds a vast amount of your online accounts and gives you instructions on how to delete your profiles on them, or helps you request sensitive data deletion from the webmasters. The tool comes with preset emails that help you maintain the professional tone.

–    Remove your details from people-search websites

Deleting yourself from data broker websites such as White Pages and Radaris is a must should you want to decrease your digital presence. Sadly, tools such as phone reverse lookup make the life of every person interested in you very easy, as finding information about you is only a few clicks away. As we’ve previously discussed, getting the full name of the person who lives next door is an easy task even if you’ve never spoken to him/her. Data brokers have tools that allow you to find almost anything about anyone – sensitive information may include full name, DOB, previous addresses, employer, outstanding mortgage of a property, etc.

–    Stop using social media

Your online presence is hugely dependent on your social media activity. The more active on social media you are, the harder it gets to delete yourself from the internet. And your presence sometimes affects your real life. If you vocally express specific political views that are not popular, and you’ve listed your relationship to a particular business, you may end up bankrupt or jobless as people know that they can harm you by leaving negative reviews on Yelp or forwarding your conversations to your manager.

–    Delete email accounts

There is no true deletion from the internet if you still have email accounts. Email accounts are often associated with identity, and if you want to be genuinely out of the internet world, you have to delete your emails and close your email inboxes for good. Emails are indeed an easy way to communicate but also leave so much digital print – we bet this will be a tough one. Check our next tip if you are not ready to delete your emails.

–    Unsubscribe from all these companies that bombard you with emails

If you are not prepared to give up on your email and hasn’t managed to find all your online accounts, you may want to start unsubscribing from the companies that still try to reach you. Manually unsubscribing can be a hassle but this is the only way you can make them stop bombarding your inbox. The path to total freedom is not easy.

–    Start using VPN

If you’ve managed to delete all your accounts and you’ve taken down vast chunks of your online presence, now is time to start enjoying the anonymous type of internet you had 20 years ago. Even if there are some things about you left on the internet, getting a quality VPN service may be the beginning of the rest of your internet life as you will finally be able to browse anonymously, and avoid leaving more digital prints.

–    Get sensitive personal information unpublished

There is a difference between personal data and confidential personal information. While your name, current address, and DOB might be a public record and is considered personal data, sensitive information such as SSN and bank account information that ends up published must be taken down. If the website administrator refuses to cooperate, you can send a legal request to Google to have it removed from the results.

Before you delete yourself from the internet, make sure that this is what you want. And if you are not 100% sure, create a backup of the information that you may need in the future. Taking impulsive decisions may result in forever lost images, contacts, and emails. Printing out essential emails and writing down the contact details of all your friends and family is also a must. Last but not least, most of the times deletion of accounts is definitive – be prepared to lose the 100% positive feedback on eBay that you’ve been building over the last decade. When you decide to get back online, you may have to start developing your accounts stats from scratch!

Download your Antivirus

The post A step-by-step guide to disappear from the Internet appeared first on Panda Security Mediacenter.

Official Certifications: Generating Trust and Making Us Stand Out

Markets have a well-established life cycle.  So much so that their level of maturity determines not only the level of competition that we can expect, but also the very nature of the demands that clients can make.

And the fact is that, despite its relative youth, the cybersecurity market is extremely mature: The competition is fierce but the solutions, services, and the technology on offer are very similar, especially when it comes to traditional protection models, where there is a notable commoditization.

Nevertheless, the evolution and professionalization of cyberattacks is reaching unprecedented levels. We see over 285,000 new malware samples every day. Hacking is evolving towards new malwareless strategies that in fact already make up 49% of the cases in the world. There are new trends based on leaking and kidnapping confidential information, and government sponsored advanced attacks are ever more common.

The maturity of the market, the pressure from the competition, and the demands made by cyberthreats all mean that clients are calling for a response that is more and more perfect – a truly reliable solution.

A new vision breaks onto the market

With such a standardized market and such similar competition, cybersecurity providers are compelled to make themselves really stand out.  But with this market approach and such a threatening security context, it is not enough to do things the same way they’ve always been done. For clients, it’s not enough to simply get all kinds of tools to cover up any possible security gaps.

Efforts must be focused on what is really important.  And the endpoint is where people’s, companies’, and governments’ critical information is stored and processed.  Work stations and servers must, therefore, be defended. Everything that happens within the corporate network must be controlled, and every effort must be made to reduce the attack surface to the absolute minimum.

Panda met the needs of its clients and of the market in general over the last 6 years in order to design a visionary strategy that the rest of the industry is working to adapt to today.  At that moment, Panda started to differentiate itself by evolving its strategies, reinforcing its development teams, and reinventing cyber-defense models to guarantee the maximum level of protection that had ever been seen.

A disruptive model based on monitoring, registering and classifying absolutely every active process on every computer on the corporate network. This is how Panda Adaptive Defense was born. A cybersecurity suite that incorporates Endpoint Protection and Endpoint Detection & Response (EDR) with 100% Attestation and Threat Hunting & Investigation services.  This combination of solutions and services provides a detailed overview of all activities on every endpoint, total control of running processes, and reduction of the attack surface.

Certification of the model

Finally, this evolution is being rewarded by the market, with an exponential growth in sales and market share; by analysts, with their express recognition and positioning on comparison tests; and even by public institutions, with the numerous official certifications that the company is receiving.

These endorsements certify calibrated guarantees of security, high performance standards and, above all, absolute trust in the capacity, functionalities, and capabilities of Panda Security’s solutions.

In this light, Panda Security has emerged as the leading European manufacturer or EDR systems, with fully European technology, solutions, cloud platform, shareholders, and headquarters.

This makes Panda Adaptive Defense the only solution with the certification “Common Criterial EAL-2; the  Centro Criptológico Nacional (National Cryptology Center) “Qualified IT Security Product” qualification; and the “High ENS (National Security Framework)” classification.

As such, Panda and its solutions are completely aligned with the European Parliament’s proposals that were approved in motion A8-0189/2018, placing them as the ideal candidates to enter the plan for a European Cybersecurity Certification, that was approved yesterday by the European Parliament.

Who says this?

The Centro Criptológico Nacional (National Cryptology Center, CCN) is the body responsible for coordinating the action of the various Government agencies that use encryption methods and procedures, guaranteeing the security of information technology in that area, reporting on coordinated acquisition of cryptological material, and training government staff who are specialized in this field.

Gartner is the leading consultancy company when it comes to questions such as, what technological trends are making a difference? Or, which of the different manufacturers’ product or solution is at the forefront? This is why their Magic Quadrant is considered to be one of the essential analyses of the sector.  Where Panda Security is recognized as a visionary on the chart for Endpoint Protection Platforms.

AV- Comparatives is an independent laboratory that tests and evaluates antivirus software, regularly publishing graphs and reports on the manufacturers that participate in its tests. Over the course of 2017, Panda Security achieved maximum levels of protection in the organization’s Real-World Protection Test, leading it to take home that year’s Gold Award for this test.

The post Official Certifications: Generating Trust and Making Us Stand Out appeared first on Panda Security Mediacenter.

GDPR takes its first victims

In the weeks leading up to the deadline for GDPR’s obligatory implementation, complaints to the leading data protection agencies in Europe about breaches of the new regulation piled up;and  it hasn’t taken long for the reactions, and of course, the sanctions, to appear. Facebook, which has been under scrutiny for months now, has received the first large sanction for not following the data processing standards found in the legislation.

And the fact is that two months after the GDPR came into force, data protection is still causing real headaches in many companies, both in Europe and further afield. Not only have we seen cases of intentional theft of data, but we’ve also seen cases where data has been lost due to internal cybersecurity carelessness.

And now we know the consequences of one of the cases of personal data abuse that has generated most interest among the public in the last few months: Facebook and Cambridge Analytica. A controversy that affected over 87 million users whose personal information was collected by the consulting firm without their express consent, and then sold to third parties, who supposedly used it to benefit Donald Trump’s presidential campaign.

Now, the Information Commissioner’s Office (ICO) in the UK has given Facebook a fine, the first the social network has received in relation to this scandal.  The £500,000 (€564,951.15) fine is the maximum stipulated by the country’s data protection laws.  This amount is probably not enough to make a dent in Facebook’s finances: the company is able to earn the same amount every five and a half minutes.

The IOC ruled that Facebook failed to safeguard its users’ data, and that it failed to be transparent with how it used this data or the interests that lay behind this abuse. The IOC will also bring criminal action against SCL Elections, Cambridge Analytica’s parent company.

So what has been the outcome of all this? The social network must pay the fine, although it is undoubtedly a minimal fine in comparison with the magnitude of the scandal.  It’s worth remembering that the GDPR can impose fines of up to 4% of a company’s annual turnover. This means that, had this been a sentence within the framework of the European Union, Facebook could have faced a fine of €1,581,863,215, significantly higher than the one imposed by the UK.

This is not an isolated case

While the Facebook controversy is making headlines, there are many other cases of abuse of data that have come to light in the last few months.

In September 2017, Equifax was implicated in one of the largest data breaches in history, when personal data of over 142 million people was leaked.  If we suppose that the company would have received the highest sanction possible under GDPR, Equifax would have faced the astronomical fine of 124 million dollars.

An even bigger case in terms of the amount of data affected was Exactis, a US marketing company. At the end of June, a database with 340 million individual records containing personal data was left exposed on the Internet without authentication.  This means that anyone could have accessed the database and its content.

Timehop was involved in another significant breach that exposed the data of 21 million users on July 4. The hacker that stole the data was able to gain access thanks to a cloud storage account that didn’t use multi-factor authentication. The company has stated that it contacted data protection officials shortly after the discovery of the breach.

It is clear that the economic sanctions that the GDPR entails are no trifling matter, and that, despite the increased interest in the subject of data protection, the problems surrounding the handling of personal information (PII) aren’t going to go away overnight.  But…

How can you avoid getting on the wrong side of GDPR?

If you’re worried about your company’s IT security, you’ll  be interested to find out about Panda Adaptive Defense, the advanced cybersecurity suite that incorporates Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) solutions with 100% Attestation and Threat Hunting & Investigation services. The combination of these solutions and services provides a detailed overview of all activities on every endpoint, total control of running processes, and reduction of the attack surface.

Panda Adaptive Defense has modules created specifically to stop access, modification and exfiltration of both internal and external information.  Because Panda Data Control is able to discover, audit and monitor unstructured personal data on endpoints: from data at rest, to data in use and data in motion.

It stops uncontrolled access to your company’s sensitive data and helps you to company with the new data protection rules found in the GDPR.

The post GDPR takes its first victims appeared first on Panda Security Mediacenter.

Cortana security flaw means your PC may be compromised

Voice activated personal assistants are supposed to make our lives easier, which is why tech companies are building them into everything. Amazon’s range of smart speakers come pre-installed with Alexa, while smartphones ship with Siri, Google Now or Cortana depending on the manufacturer.

You can even find digital assistants built into your home computer now too. Ever since Windows 10 was released, PC users have been able to issue voice commands via Cortana just like they do using their phones.

Researchers uncover a new bug

Cybersecurity experts and hackers are constantly trying to find gaps and flaws that allow them to break into computers. And because Cortana is relatively new, the virtual assistance has been under intense scrutiny.

Sure enough, a flaw has been discovered that allows hackers to break into a Windows 10 PC using Cortana voice commands – even when it is locked. The problem is that Cortana is always listening. Although this is meant to make your life easier, it means that anyone can issue voice commands to the computer.

Normally it would be impossible to install malware or hack the computer while it is locked. But Cortana circumvents the usual safeguards, allowing a hacker to execute the commands that will install malware.

Don’t panic just yet

Cortana cannot be forced into downloading malware from the Internet or other computers – but it can be used to run scripts and other executables from a USB drive. This is good and bad news. Bad because Cortana can be tricked into installing malware, good because it can only be done with physical access to your computer.

If you can keep hackers out of your house, they won’t be able to access your computer. There is also no proof that the Cortana bug has been exploited by hackers yet.

Protect yourself

Just because the chances of falling victim to this particular hacking technique are rare, doesn’t mean you shouldn’t take steps to protect yourself. First, you must disable Cortana on the lock screen – you can find a complete guide here. Note that Cortana will still function normally once your computer is unlocked.

Next, you must install a reliable antivirus suite like Panda Dome. Panda Dome will detect malware and viruses automatically and prevent them being installed – by Cortana or any other method.

Finally, you must update Windows 10 regularly to patch these vulnerabilities as quickly as possible. Microsoft has already released an update address the Cortana flaw. You can download the patch directly from Microsoft Security TechCenter, or use Windows Update to fix this and other issues automatically.

With the patch applied, you can decide whether to re-enable Cortana on the lock screen or not.

Don’t wait

Every security risk needs to be fixed as soon as possible. Use the instructions above to bring your PC security up-to-standard – and don’t forget to download your free trial of Panda Dome either. You can learn more here.

Download your Antivirus

The post Cortana security flaw means your PC may be compromised appeared first on Panda Security Mediacenter.

GDPR, two months later

May 25 was D day, the day that the countdown to GDPR, the new General Data Protection Regulation, came to an end, and the legislation became obligatory across the whole of the European Union. Although companies had two years in which to adapt, in the end, the majority of cases saw a last-minute scramble to implement the new regulation.

Many companies were noticeably nervous and apprehensive, something that is understandable if we consider that the consequences of breaching the GDPR are severe, with fines of 10 million Euros or 2% of annual turnover (Level 1), or 20 million Euros or 4% of annual turnover (Level 2).

But now that the dust has started to settle, what assessment can we make of the situation? Have companies adjusted to the new regulation? Have they solved their doubts? Has corporate cybersecurity been standardized in Europe? Have the privacy policy update emails stopped? Has this whole process finally ended? The fact is there are still things left to do, and, if we analyze the consequences of the GDPR, we can say, broadly speaking, that there have been three different situations.

Request a trial

A rise in complaints in several countries

In the weeks leading up to the deadline for the new data protection regulation, large and small companies turned to all kinds of experts in order to adapt to the legislation. Not all of them, however, have managed to properly adapt. Or that, at least, is what many consumers think.

According to The Guardian, data protection agencies in many countries have reported a sharp rise in the number of complaints for apparent breaches of the GDPR: the UK Information Commissioner’s Office and the French CNIL have both reported that the number of complaints of this type have increased considerably.  France, for example, has seen a 50% increase in complaints.

Google and Facebook under scrutiny

Many of the companies that were most concerned about the arrival of the GDRP were small and medium businesses. Though these companies handle less data, they also have less flexibility in their budgets, meaning that they have fewer resources to be able to adapt to the legislation. However, the reactions that we have seen in the two months since its application have gone in the opposite direction.

In fact, according to the non-profit organization NOYB (None of Your Business) most complaints have been against tech giants such as Google, Facebook, or Twitter. The reason? These large companies, rather than totally changing their data treatment policies and fully adapting them to European legislation, chose to launch a standard message, forcing users to accept their new privacy and cybersecurity policies; if users didn’t accept, their accounts would be blocked.

The other side: those who went too far the other way

Nevertheless, there was also a third case that got a lot of people talking: this is where we saw large companies that, despite the fact that they already complied with the new legislation, decided to send their users an email, asking their permission to receive notifications.

If a user chose not to accept these new policies, or simply didn’t click on the link in the email, the company that sent it would be forced to remove many users from their database – users whose permission, in fact, didn’t need to be asked.

This is what lawyer Samuel Parra believes: “There are companies that, after being incorrectly advised, sent this email asking their users for consent again, when in fact, these users’ data had been obtained legitimately, so new consent wasn’t needed.” Thus, “they now have a problem: they have found that 70 or 80% of users didn’t click on the link in the email, meaning that these companies have to delete their details from their database”, something that has meant that “several companies may have lost a large amount of future revenue, all because of some bad advice”.

Whatever the case, one thing that is true is that all companies that handle data belonging to users in the EU not only have to have their users’ permission, but they also have to establish certain corporate cybersecurity measures, such as protecting their communications (emails are the gateway for threats to your company), or implement an action and information protocol in case of possible cyberattacks.

If you’re worried about your company’s IT security, you’ll be interested to find out more about Panda Adaptive Defense, Panda’s advanced cybersecurity suite that not only acts automatically on the most frequent intrusions, but also has a human team of analysts who are able to prevent, detect and respond to cyberattacks.  What’s more, we’ve incorporated the module Panda Data Control to simplify the task of complying with the GDPR, helping you to have greater visibility and control of all personal data, including unstructured data, and to strengthen your security.

The post GDPR, two months later appeared first on Panda Security Mediacenter.

Hola VPN Hack Targets MyEtherWallet Users

MyEtherWallet (MEW), a well-known cryptocurrency wallet interface, used Twitter to urge MEW customers who used Hola VPN within the last 24 hours, to transfer their funds immediately to a brand new account. They said they received a report that confirms the Hola VPN Chrome extension has been hacked. MEW’s Twitter account stated the attack was logging users’ activity including sensitive information such as usernames and passwords. The details of a currently unknown number of MEW users were exposed to hackers during a five-hour window on July 9th.

Hola VPN said in a blog post that upon learning about the incident, they immediately set up a response team of cybersecurity experts to investigate the incident and prevent it from happening again. They claim they immediately took emergency steps to replace the malicious extension causing the data leak. Regular MEW users were not affected by the data breach as the MEW service was not compromised, and the incident is known to be entirely out of MEW developers’ control. However, the breach certainly throws a shadow at the Israeli VPN service provider.

This is not the first time MEW users are being targeted. Earlier this year hackers managed to snatch more than $300,000 through execution of a sophisticated DNS hijacking attack. Many users lost their funds forever. Services such as MyEtherWallet do not operate like banks –  they do not charge transactions fees, they do not offer insurance, and they do not store cryptocurrency. Instead, they provide users with an interface that allows their clients to interact directly with the blockchain. Hugely unregulated and still in its wild west years, blockchain is like a vast, global, decentralized spreadsheet, and users are the only one responsible for the funds they store on such virtual wallet interfaces.

How to protect yourself?

First and foremost, use common sense and make sure that the sites you are visiting are legitimate. If you are a MEW user, your website needs to be Even if a single letter in the URL is changed, you are not in the correct place, and you are being phished.

Avoid opening websites that feel sketchy, or you do not trust – clicking on random links you see on social media may end up forwarding you to malicious sites. If you want to access a specific website, open a new tab on your browser and type the correct link manually. Navigating directly to the website decreases the chances of ending up on a phishing website.

Do not use the same password on other websites. One of the worst cybersecurity practices is to use the same password on multiple sites. If you struggle to remember your passwords, use tools that allow you to keep them safe and protected, or write them on a piece of paper. Make sure to change your passwords every three months – sometimes it takes years for companies to announce that they have been hacked.

Lastly, make sure that you have antivirus software installed on all your connected devices, and you deal with reliable VPN service providers. As in real life, cheap (or free) sometimes end up costing more. Quality VPNs encrypt your web traffic, do not allow hackers to monitor your online activity and do not let cybercriminals re-route your web traffic to phishing websites. Stay safe!

Download Panda FREE VPN

The post Hola VPN Hack Targets MyEtherWallet Users appeared first on Panda Security Mediacenter.

How to save data

Our smartphones are latched to us at all times and we constantly spend time online. From using applications to searching the web, we spend at least a few hours a day connected to the internet. But at what cost? While wifi becomes more and more accessible, using data is still the go-to for many people on the go.

While some data plans are unlimited, many are restricted to 3-20 GB of data. When it comes to saving data, there are a few things to take into account. We’ll show you which apps are killing your data plan, how much data you really need and tips to keep your data usage down.

Now that you are an expert on how to save data, take a few minutes to update your settings and reflect on what apps you can cut down on. Remember to use safe, private wifi when you can, and to toggle off cellular data for apps that are rarely used. These tips can save you money on your cellular bill and battery life for your devices.

Ting | Confused | Tech Walla | Lifehacker | CNET | Digital Trends | Whistle Out | Time | Apple | iMore |

The post How to save data appeared first on Panda Security Mediacenter.

Emails, the gateway for threats to your company

It’s an undeniable fact: these days, email has become one of the main vectors for cyberattacks against companies.  According to the recent 2018 Email Security Trends report by Barracuda, 87% of IT security professionals have admitted that their company has faced some kind of threat via email in the last year. This has led three quarters of the professionals surveyed to be more concerned about this risk factor now than they were five years ago.

And this concern hasn’t appeared out of the blue. The same study has shown that 81% of heads of corporate IT security have noticed an increase in the number of cases compared to the situation one year ago.  What’s more, a quarter of the professionals who agree with this statement qualify the increase as “drastic”.

But why is the volume of cyberattacks carried out over email on the up?  Just like with other kinds of threats, the success of these attacks can be put down to human error: whether it’s due to a lack of time to stop and assess the authenticity of the email, or because of our innate sense of curiosity or compassion, mechanisms like social engineering do exactly what they set out to achieve. This is the opinion shared by the vast majority of the IT professionals surveyed; they single out “poor employee behavior” as their main concern when dealing with these cyberthreats.

Mitigation costs are rising drastically

The economic consequences of these attacks are also increasing.  81% of heads of cybersecurity agree with this statement, emphasizing, in 22% of cases, that the costs stemming from mitigating a security breach have grown very significantly.

Of the different types of malicious actions that can financially damage a company via email, information theft, ransomware, and BEC scams are the most costly.  In other words, we’re facing two types of cyberattacks: on the one hand, we have attacks that seek to make a profit by attacking a company’s information and either selling it, or kidnapping it in order to demand a ransom. On the other hand, we see attacks whose aim is to trick an employee who has access to the company finances into making a transfer to the cybercriminals without realizing.  In a previous post, we saw how this last kind of scam, Business Email Compromise, became the most lucrative cybercrime of 2017 in the USA.

How can I deal with this threat in my company?

The fact that human error plays such a key role in the success of this kind of scam of course means that companies must train employees at all levels to pay attention to tell-tale signs in suspicious emails: how they’re written, spelling, or the kind of links they contain.  Likewise, they must get into the habit of thoroughly verifying the supposed intention of any emails received: for example, by checking with the finance department that the bank transfer that they are being asked for is legitimate, in order to avoid BEC scams.

But is this enough? The heads of IT security who responded also recommended some other measures that should be kept in mind:

  • Phishing drills: This highly effective method to test the possible negative effects of phising consists of surprising your employees with this kind of email, to see how they react. Those who get tricked by the email will have learned for themselves the type of behavior they must avoid in the future, whereas those who pass the test will still be alert as they were before.
  • Social engineering detection: This requires a specific, practical training process for employees. The aim is to make sure they ask themselves a series of questions before replying or paying attention to a dubious email. Here are some examples of this type of question: “Can a third party help me verify the identity of the person who is contacting me?”, “Am I really authorized to carry out the thing they’re asking me to do?”, “Is the action or information that they are requesting public?”
  • Encrypting emails: To avoid the possible theft of emails containing confidential information, your company must have a system that encrypts all emails sent by employees, making it necessary to introduce an additional password in order to gain access to the content of the email.
  • Having an advanced cybersecurity solution: Using a suite like Panda Adaptive Defense will help you to detect any possible attempts to attack your company via email, thanks to the use of cognitive intelligence and a real time detection system. This way, you will avoid possible financial losses that can result from this kind of cyberattack.

The post Emails, the gateway for threats to your company appeared first on Panda Security Mediacenter.

The hunter becomes the hunted: How cyber counterintelligence works

Corporate cybersecurity is one of the biggest headaches for any company. Not just because data and information about their clients, users, or providers may be put at risk. Competitiveness can also be seriously damaged by the loss of confidential internal information.

We always think that cyberattacks against businesses are carried out by third parties with no direct relationship to the company, with the sole purpose of selling that information. But, what about when the cybercriminal is from a rival company, or even a country’s government? And what about when the cyberattack aims to steal information that will directly endanger the business model and the projects of the company that is the victim of the attack?

This is where we start to see a practice that, while not widespread, is beginning to become more significant among larger companies: cyber counterintelligence.

What is cyber counterintelligence?

Counterintelligence takes as a jumping off point one basic premise: if someone is going to attack your company, the best defense is a good offense. This is why, instead of acting preventively or reactively, this kind of company prefers to change things up, and catch the cybercriminal as they take their first steps.

This strategy can be carried out in several ways:

1.- Leaving their doors “open”. A company may leave an access point apparently deactivated or unprotected. This way, the cybercriminal will find this gap, and think that they are getting right to the core of the company and all its information.

2.- Fake information If the cybercriminal takes advantage of this gap, it is likely that they will find apparently confidential information. What they don’t know is that that the door wasn’t that “open” after all, and the information they’ve found isn’t that confidential. What has actually happened is that the company has tricked them, leaving fake documents for them to find.

3.- Keep them busy while they’re stealing However, as long as the cybercriminals think they are out of sight and have access to information, they will snoop around as they please. What they don’t know is that, all the while, the company that is apparently experiencing a cyberattack is actually watching, obtaining information about the attacker in order to take possible measures against them.

The drawbacks of counterintelligence

It may seem like counterintelligence promises to be the perfect solution to avoid endangering a company’s cybersecurity. But the truth is that there are several drawbacks:

1.- It isn’t available to everyone. If a company wants to carry out cyber counterintelligence, it must have a team dedicated to the task. And it goes without saying that that is something that only large budgets can afford.

2.- The possibility of failure. If a company decides to “play” at counterintelligence, it must be willing to accept the rules: it could lose. Because the cybercriminals may be aware that they’re being watched, and so, while they pretend to be acting where they can be monitored, they’re actually getting in through another entrance.

3.- Legal conflicts. Counterintelligence is no trifling matter: at times is can entail breaking some laws, meaning that any company that carries it out could become involved in some serious legal problems.

4.- Diplomatic conflicts. In some cases, cyberattacks between companies occur when two companies from different countries are competing for the same project or the same contract. When this happens, cyber counterintelligence can cause a diplomatic clash with the government of the country where the rival company is based.

As such, companies that really want to protect their company’s cybersecurity must use less delicate, more secure methods. One example of this is Panda Adaptive Defense, a solution that not only acts both preventively and reactively, but also stops unauthorized access and protects companies from any kind of breach in their cybersecurity. Thanks to continuous monitoring of all the processes on the corporate network, Panda Adaptive Defense is able to stay ahead of cybercriminals, activating its protection systems before the attack happens.  Our advanced cybersecurity solution guarantees a higher level of protection, without the need to use riskier techniques like counterintelligence.

The post The hunter becomes the hunted: How cyber counterintelligence works appeared first on Panda Security Mediacenter.

Is Article 13 about to ruin the Internet?

European lawmakers were set to vote on changes on the 5th July that will dramatically increase Internet regulation. Perhaps the biggest proposed change is the introduction of Article 13 which is intended to improve copyright protection.

Under the terms of Article 13, any Internet platform that hosts “large amounts” of user-uploaded content is expected to monitor every submission. This means identifying and removing any content that infringes copyright.

Blocking copyright infringement is good…

Content creators – like musicians and filmmakers – rely on their work to provide an income. When people reuse that content, the original creator loses out. Some people would say that it is no different to stealing food from your local supermarket.

Obviously protecting copyright is incredibly important to these people. And it is for their protection that Article 13 has been created.

…but auto-blocking isn’t

According to the latest statistics, 60 hours of videos are uploaded to YouTube every minute. It would be physically impossible to employ people to check each film for copyright infringements (unlicensed clips or background music). Instead, content platform owners like Facebook, Flickr and YouTube will need to develop an automated system to analyse content as it is uploaded.

The problem is that automated systems tend to be pretty poor. YouTube has tried content scanning in the past – Content ID – which was notorious for creating false positives, blocking perfectly legitimate movies in the process.

A more sinister future?

Some Internet experts are concerned about the longer term implications of Article 13, suggesting that the new regulations could be misused. They believe that the law creates a new surveillance framework that could be easily subverted by totalitarian governments to curb free speech.

Internet blackouts and bans on sites that are perceived as anti-government are already a regular occurrence in Turkey, Iran and China. These experiences suggest that the fear of government interference is not entirely unwarranted.

Linking to sites could be expensive

Have you ever shared a link to a news article on your Facebook page? Another update to the regulation – Article 11 – defines a new tax on platforms for linking to news articles. In future, Facebook could be charged because you share a link to a BBC News story.

With millions of pages being shared every day, Facebook will face a huge bill for the activities of their users. In order to protect their profits, Facebook may ban links to news websites, or even charge users for the service.

Decision time

The proposed changes have already passed scrutiny and will be approved (or denied) by MEPs today. Article 13 (and other amendments) will then be written into law and applied by all member states in due course. Importantly firms based outside the European Union will be expected to adhere to the new regulations.

Unfortunately, it is almost impossible to plan for the new regulation because the European Union has not specified exactly how the link tax or copyright filter will work. Should Articles 11 and 13 become law, the way you use the web may change forever.

Download Panda FREE VPN

The post Is Article 13 about to ruin the Internet? appeared first on Panda Security Mediacenter.

Danger on board: shipping routes are at risk

Updates to the cybersecurity ecosystem seem to have gotten lost at sea for the shipping industry. Measures that have been outdated for years in other sectors are still in force on the high seas, meaning that ships are susceptible to being robbed, hacked, and even sunk. Vessels that were traditionally isolated are, thanks to the Internet of things and advances in technology, now always online via VSAT, GSM/LTE and WiFi connections, and have complex electronic navigation systems.

Discover Panda Adaptive Defense

A study by Pen Test Partners has shown how easy it is to gain access to a vessel in the shipping industry.  Some of the access methods presented are truly worrying: exposed satellite communication terminals, user interfaces accessed via insecure protocols, default login details that have never been modified… The list goes on. In this industry, a cyberattack would have an enormous economic and business impact, since maritime transport moves goods totaling millions of Euros all around the world.

Satellite communications: a threat in motion

Thanks to Shodan, a search engine for IoT connected devices, the Pen Test researchers discovered in previous investigations that the configurations of some satellite antenna systems were easily identifiable through old firmware or unauthenticated connections.  To gain access to systems, and ultimately hack them, they came across dangerous default login details, like “admin/1234”.

ECDIS, charting a course for disaster

The Electronic Chart Display and Information System (ECDIS) is the electronic system used by these ships to navigate, and that also warns the captain about any hazards on their course. This tool, which contains graphical and nautical information, is an alternative to the old fashioned maritime maps that don’t offer information in real time.  Upon testing over 20 different ECDISs, the analysts discovered that most of them used very old operating systems (some with Windows NT, from 1993), and incorporated configuration interfaces with low levels of protection.

In this way, the researchers demonstrated that cyberattackers could cause the ship to crash by accessing the ECDIS and reconfiguring the database in order to modify the dimensions of the ship. If the ship seemed to be a different size, longer or wider than it really is, the electronic systems would offer incorrect information to other nearby crews.  They also showed that attackers could force a collision by falsifying the position of the ship shown on the GPS receiver.  It may sound implausible, but in the case of particularly busy shipping routes or places with low visibility, a falsification of this type could be catastrophic.

Even if the vulnerabilities shown by the analysts aren’t exploited in such an extreme way, it’s hugely important to know that security gaps in vessels can cause substantial damage, both to national industries and in the maritime environment, including ports, canals, and docks.  The analysts underlined that, by using ECDIS, it is also possible to gain access to the systems that warn the captain of possible collision scenarios.  By controlling these collision alarms, attackers could bring routes as important as the English Channel to a standstill, endangering the imports and exports of a whole country.

Simple solutions for complex systems

As well as updating systems and ensuring that no sensitive information is exposed on the network, the shipping industry must also maintain the defenses that are needed for Internet devices, like we’ve seen in the case of satellite communication systems. To maintain connection privacy, Transport Layer Security (TLS) protocols must be put in place on these devices, since a failure in just one device can compromise the security of the whole network.

The analysts reported that a first step to mitigate most of the problems exposed in the study would be to use strong passwords for admin profiles, making sure to modify the default login details.  To avoid serious problems like sabotage, destruction of ships or goods, collisions, and loss of infrastructure, it’s essential to have protection systems for the whole network perimeter, including the transport of goods, to bring the domain of cybersecurity out into international waters.

The post Danger on board: shipping routes are at risk appeared first on Panda Security Mediacenter.

Employee habits that can put your company at risk

We often talk about the cybersecurity risks that companies can be exposed to through their own Internet connections, but the truth is that most of the time, the employees themselves tend to be the weakest link in the company.

And the fact remains that there are several things that employees may do every day that could well lead to serious security breaches. That’s why it’s a good idea to be up to speed with the threats you could be facing, and to be responsible when managing the tools that are used to handle the company’s information.

Be careful with public WiFi

Although this habit is probably one of the most widespread among the majority of employees, it’s also one of the least advisable.  These days we struggle between wanting to consume more content and trying to use less data. This means that finding a totally or partially open Wi-Fi connection can seem like a godsend, especially for someone needing to do something work-related, such as connect to the company’s internal network, send large files, log on to platforms that consume a lot of data, and so on.

However, using public WiFi can really put your company’s cybersecurity at risk. When in use, this connection can expose the user to possible intruders who, with a bit of social engineering, could gain access to the employee in question’s data: usernames and passwords, or confidential company information, to name but a few. Stealing information through open WiFi connections isn’t as difficult as you might expect, so it’s best not to trust them to keep you safe.

How to avoid it

To avoid this kind of risk, it’s absolutely essential that employees avoid using open WiFi connections wherever possible.  In the rare case that an employee has no choice but to use a connection of this type, they should do so with a VPN that can protect their data, and, more importantly, any sensitive information that they may have on their device, thereby minimizing the possible risks.

Phising, malware, and intrusions

The endless back and forth of emails is a constant in almost every type of company, which can entail certain risks.  One clear example of this is the tech support scam: an employee receives an email in which they are asked for certain data, with the pretext of needing to solve some kind of technical problem. The employee is asked for certain information, which then ends up in the hands of someone who can jeopardize the whole company’s cybersecurity.

But this isn’t the only case. A cybercriminal can also send an email impersonating another employee, with an attachment that could be invasive, steal data from the computer, or even spy on and monitor the activity carried out on the device.

Mobile apps can also pose a series of risks. If an employee is in the habit of using their personal phone to handle company data and information, managing apps improperly could give rise to problems, especially if access is granted to unofficial apps that, in the same way as malware, get hold of the information stored on the phone, spy on it, or even modify its operation guidelines.

How to avoid it

The key thing here is raising awareness about corporate cybersecurity: every company must make sure its employees know the importance of being responsible with emails and the apps on their phones.  In the case of the latter, they should only be downloaded from operating systems’ official stores.

On the other hand, it’s important for companies to have ransomware insurance, and encryption on their company email. This way, as well as avoiding possible intruders, if someone does manage to gain unauthorized access to the IT system, confidential information will be better protected, and the company’s cybersecurity won’t be compromised.  If you want a tool that can help you to avoid unwanted visitors, you can try Panda Adaptive Defense, the tool that will help you to batten down the hatches of your company’s IT security. Panda’s advanced cybersecurity solution allows you to stay ahead of attacks, even before they happen, limiting the risks stemming from everyday tasks that employees carry out without thinking.

The post Employee habits that can put your company at risk appeared first on Panda Security Mediacenter.