Category Archives: b2b

The importance of updating your systems and software

The importance of updating your systems and software updates

Unpatched software leaves businesses open to attack

There seems to be a system or piece of software for everything nowadays – from apps that let you explore internet browsers in virtual reality to software that can help improve your speech, technology is helping push the boundaries of what can be achieved both inside and outside of the workplace.

But while every business, on the face of it at least, is happy to acquire new systems and applications to drive productivity and reduce costs, far too few update these systems and/or software on a regular basis to ensure security. The “gold standard” for the implementation of critical patches is 30 days, and 90 days for non-critical patches, although that’s still more than enough time for cyber criminals to do damage.

Often, these businesses have bespoke systems and/or software applications that are set up in a certain way and only work with specific versions of software. A lack of updates to the system/software infrastructure could result in critical parts of it not working.

Businesses cannot afford to adopt an approach of “if it’s not broken, don’t fix it”. The fact is that outdated systems and third-party applications often have a host of vulnerabilities, and ignoring software updates could prove to be a grave mistake.

Cybercriminals target software and system vulnerabilities

The majority of impactful cyberattacks often have one thing in common: they target known vulnerabilities in systems and third-party software. WannaCry and the Equifax and BA hacks are all high-profile examples of successful attacks on unpatched systems.

But these cases also have something else in common: each one could have been avoided. Software updates and patches were released before the attacks took place, and the only reason that so many businesses fell victim to these cyberattacks is because they neglected to download, run and install them.

In the case of WannaCry, an investigation by the National Audit Office discovered that the NHS had repeatedly been warned to migrate away from its dated systems – and that “basic IT security” was all that was required to prevent the “unsophisticated” WannaCry attack.

The same applies to the Equifax with an out of date version of Apache on their webserver, and BA who had not updated a cross-site scripting vulnerability.

Without a doubt, the fundamental issue is that many businesses mistakenly believe themselves to be secure because they have advanced cyber security and intrusion detection solutions in place.

But cybersecurity is only as good as its weakest link. If a business uses outdated systems or software, endpoints are left vulnerable and can be readily compromised by a cybercriminal with very little working knowledge.

Businesses face a multi-faceted challenge in the form of patch management

Indeed, the management of system software updates and patches has become a serious challenge for modern organisations. As the technology landscape has evolved and diversified, businesses now use a variety of systems and third-party applications to manage and enhance processes. Updating infrastructure is no longer a simple button press on an operating system – it’s a business-wide decision that affects all existing activities.

For many businesses, and large enterprises in particular, updating their technology stacks often means stopping critical operations for a day or two as system software updates and patches are downloaded, installed and configured. And as their infrastructure is incredibly intricate, any update or change could result in key bits of software malfunctioning.

Subsequently the patch management process becomes time-consuming, and businesses face the difficult decision of taking crucial elements of their infrastructure offline for updates and maintenance. Neglecting these updates is akin to someone leaving their front door open and windows unlocked, but many businesses simply cannot afford to take their activities offline for even a minute.

Manage software and system updates through automated patch solutions

For businesses with this kind of complex infrastructure, it’s easy to understand why updates and patches are pushed further and further back. Installing a patch as soon as it’s available is best practice, but that kind of agility can only really be applied to a small business with limited systems and software or a single user.

Basic operating system updates can (and should) be applied as and when they are available. But for more bespoke in-house systems, which are connected to a suite of tools, a more considered approach is necessary.

Fortunately, businesses can readily manage and update their systems and third-party software infrastructure through automated patch management solutions.

Automated patch management does exactly what it says on the tin: it analyses software and systems in use to determine whether patches and/or updates are available and downloads them. These patches and/or updates are acquired in the background and can be installed at a specified time.

Panda Patch Management, a module of Panda Adaptive Defense, manages vulnerabilities – outdated systems and third-party software – and their corresponding updates and patches. Full visibility of endpoint health, i.e. whether systems or software is outdated and patch status, is provided in real time and across the enterprise.

The solution also correlates detected and identified threats with uncovered vulnerabilities to minimise response time and contain and remediate attacks through automated patch application. This kind of patch management allows businesses to get ahead of software vulnerability exploit attacks, enhance endpoint security and reduce attack vectors.

Businesses cannot afford to overlook or avoid patching and updating software infrastructure. Cybercriminals are banking on businesses not updating or patching their systems or software so that they can exploit vulnerabilities and deal damage. If an update is available, it should be applied at the earliest and most practical opportunity.

If you want to find out more about Panda Patch Management and how it can ensure that your business remains protected, click here.

The post The importance of updating your systems and software appeared first on Panda Security Mediacenter.

The danger of stolen data: credential stuffing attacks

credential stuffing

When we talk about cyberattacks, for companies, there is one word that normally comes to mind: malware, every computer’s nightmare, that can infect their systems and take with it not just the company’s most sensitive information, but also that of their users, clients, providers, employees, and so on.

However, malware isn’t always a cybercriminal’s tool of choice; in fact, in 2017 it started to give way to other kinds of attack, which are having similar levels of success at achieving the same goal: breaking through their victims’ corporate cybersecurity.

What is credential stuffing?

A credential stuffing attack is a kind of cyberattack in which, using details gathered from a data breach, the perpetrator manages to access user accounts on a platform by bombarding credentials until they hit upon the correct combination.

To carry out an attack of this kind, the cybercriminal must first get, steal, or buy a database made up of user accounts, with their login names and passwords. Their next step is to try to log in to the affected platform using these login details. As it is not always guaranteed that the details will coincide, the strategy is to launch multiple automatic logins until the details match up. What’s more, the identification processes are carried out by specialized botnets so that the platform believes them to be authentic. If it is possible to log in, the credential stuffing attack will have been a success.

The victims: Dunkin Donuts, Yahoo…

These cyberattacks are affecting an increasing number of companies.  The latest victim was Dunkin Donuts. In November, the company detected the theft of credentials and their subsequent use in an attack on the users of DD Perks, its loyalty and rewards program. The credentials stemmed from a data breach, although Dunkin Donuts stated that this breach didn’t happen on their system, rather on the system of a supplier, which gave access to third parties. Specifically, the user information came from a previous leak, and so the cybercriminals used this information both to access DD Perks accounts and to log in to other platforms that used the same credentials.

But there is, unfortunately, one incident that takes the crown for credential stuffing attacks: in 2016, around 500 million Yahoo accounts were seriously compromised by the prior leaking of a vast amount of information after another data breach. In this case, the breach had one more outcome: when Yahoo went public with the incident, many users received emails from people claiming to belong to the company, which contained a link to resolve the breach. These emails, however, were a phishing attempt by another group of cybercriminals.

Success rate and how to avoid them

When it comes to evaluating the potential damage of credential stuffing, it is important to get some perspective. According to a Shape Security study carried out in 2018, their success rate is usually, at best, 1%, a figure that may make this attack seem insignificant.

credential stuffing

However, we must bear in mind the fact that these cyberattacks usually use databases that can contain credentials of several million users. This means their success rate, though modest in relative terms, is large enough in absolute terms for the affected company’s reputation to be seriously damaged by the exposure of its corporate cybersecurity.

Companies must therefore take appropriate steps to avoid both data breaches and possible credential stuffing attacks.

1.- Two factor authentication? Two-factor authentication (2FA) is one of the most commonly used methods for companies and platforms that want ensure a secure login for their users. However, as we have already seen, two factor authentication is not infallible, since it can be broken by getting users to introduce their details on fake portals.

2.- Cybersecurity solutions. A company’s security cannot rely 100% on users correctly managing their passwords, especially since the attack very often comes first: i.e., data breaches are often a consequence of poor corporate cybersecurity management, rather than as a result of poor password management by users. This is where Panda Adaptive Defense comes in: it has a data protection module, Panda Data Control, that is able to monitor data in all its states, including when it is at rest, helping the solution to know at all times what processes are being run and what data is being used.

3.- Employee awareness Companies must also instill in their employees a series of prevention measures, as they are often the easiest point of entry for cybercrime. Employees must remain alert, as well as not giving out their credentials via email (to avoid phishing, tech support scams or BEC scams) and, if they come across any problems, report the incident to the company’s head of IT.

The post The danger of stolen data: credential stuffing attacks appeared first on Panda Security Mediacenter.

Panda Security is recognized as a 2019 Gartner Peer Insights Customers’ Choice for EDR Solutions.

The Gartner Peer Insights Customers’ Choice distinction is based on feedback and ratings from end-user professionals who have experience purchasing, implementing and/or using the product or service.

Gartner Peer Insights

Panda Security, a leading European multinational in advanced cybersecurity solutions and services, is delighted to announce that we have been named a January 2019 Gartner Peer Insights Customers’ Choice for Endpoint Detection and Response Solutions, thanks to our Panda Adaptive Defense.

 “Panda Security is honored to be recognized as a 2019 Gartner Peer Insights Customers’ Choice for Endpoint Detection and Response Solutions, as we strive to keep our customers protected against malware and non-malware attacks and turn endpoint activity data into insights and actionable intelligence.” Said Juan Santamaria Uriarte, CEO, Panda Security “We believe this recognition is a proof of our success in achieving our mission and we look forward to bringing new innovative solutions and services in the space of advanced threat prevention, detection, investigation and threat response to Panda Security’s and our Channel Partners’ portfolio.”

Being named a Customers’ Choice means that Panda Adaptive Defense is recognized on the powerful online platform, Gartner Peer Insights, on which reviews are written and read by IT professionals and technology decision makers within corporations.

As of January 17, 2019, Panda Security has received an overall rating of 4.6 out of 5 for the Endpoint Detection and Response Solutions market, based on 128 verified reviews. Some of the reviews that Panda Security has received include:

“By far the best, among all other EPP & EDR that I tested and can withstand direct or targeted attacks. No Antivirus or EDR and EPP solutions can offer 100% but, this is the closest.” – Infrastructure and Operations. Education. Gov’t/PS/ED <5,000 Employees. See the review here
“Quite Better Than Other EDRs. AD is a powerful tool and the advanced console integrated with ART is very useful. Panda is able to block and classify different malware and to make the user feel safe.” – Security and Risk Management. Communications. Gov’t/PS/ED 50,000 + Employees. See the review here
“We have now a lot of visibility related to the activity of the endpoints. We don’t have much noise from users by false positives being blocked. Furthermore, it has detected activity generated by red teams, giving us the availability to make threat hunting in the endpoints.” – Analyst. Construction Gov’t/PS/ED <5,000 Employees. Europe, Middle East and Africa. See the review here

Gartner defines Endpoint Detection and Response solutions as those that record and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems. According to Gartner, EDR solutions must provide the following four primary capabilities:

  • Detect security incidents.
  • Contain the incident at the endpoint.
  • Investigate security incidents.
  • Provide remediation guidance.

The concept of the distinctive security model offered by Panda Adaptive Defense is based on monitoring, classifying, and categorizing absolutely every running process (100%) on all endpoints on the corporate network. If anyone tries to perform any action, the Panda experts are aware of it immediately, and verify where it originated, how the attempt was made, and what its intentions were. As well as this, the response and remediation capabilities recognized by Gartner allow us to react even before any effects can occur.

And the fact is that Panda Adaptive Defense 360 is not a product; it is a cybersecurity suite that merges Endpoint Protection and Endpoint Detection and Response (EDR) solutions with 100% Attestation, and Threat Hunting and Investigation services, all provided with a single lightweight agent. The combination of these solutions and services provides a highly detailed visibility of all endpoint activity, an absolute control of all running processes, and the reduction of the attack surface.

Do you want to know how our cybersecurity solution works?

Live Demo

About Gartner Peer Insights:

Gartner Peer Insights transforms the way enterprise software is bought and sold by creating another source of trusted information in the software buying process.  Gartner’s review platform is a place for all IT buyers to find advice they can trust from fellow IT professionals.  Gartner Peer Insights includes more than 40,000 verified reviews in more than 190 markets.

For more information, please visit www.gartner.com/reviews/home

Required Disclaimer: Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates. Reviews have been edited to account for errors and readability.

The post Panda Security is recognized as a 2019 Gartner Peer Insights Customers’ Choice for EDR Solutions. appeared first on Panda Security Mediacenter.

How to use emerging technology in the fight against cybercrime

How to use technology in the fight against cybercrime

The digital transformation brings with it a litany of advantages and opportunities for all kinds of organizations, from an increase in productivity and efficiency, to larger markets in which to operate.

But these advantages and the breaking down of barriers for the sake of increased globalization go hand in hand with some drawbacks, one of which is the incredible increase in the amount of cyberattacks carried out. We need look no further than last year, when there were almost double the amount of cybersecurity incidents in companies compared to the previous year. What’s more, there were around 159,000 data breaches driven by ransomware or new attack methods. And the economic consequences of these incidents are staggering: the global cost of cybercrime is expected to exceed $2 trillion by 2019.

It is clear that in order to tackle figures like these, it is necessary to invest in qualified professionals. However, with the increase in the scale and sophistication of attacks, the development of cybersecurity professionals has been outstripped by the growth and the sophistication of cyberthreats.

In this context, it is clear that there is a lack of cybersecurity professionals; in fact, 22% of organizations report that their cybersecurity teams are not large enough to take on everything that is required of them. The Information System Security Certification Consortium, or (ISC)2, estimates there to be a skills gap of just under 3 million professionals.

Download the whitepaper

Addressing the shortage with technology

The boom of the Internet of things (IoT) means that there are ever more data points to track and more points of entry into systems. The use of machine learning and artificial intelligence (AI) can help address this problem, and at the same time mitigate the skills gap. These technologies can gather and analyze data, trace threats, search for vulnerabilities, respond to breaches, and thus reduce the IT team’s workload. At Panda Security, we make this technology a reality with our Threat Hunting and Investigation service, which allows the automatic classification of 99.98% of threats, leaving just 0.02% of them to analysts. This way we can focus on the really dangerous attacks.

Some of the advantages that technology can bring to our organizations are:

Prevention. With AI, systems can be developed to search for security flaws and deploy solutions in real time.

Detection. AI can help cybersecurity analysts to detect and analyze high risks incidents, and to investigate threats.

Response. Machine learning and artificial intelligence can segregate networks to isolate assets or to redirect attackers away from vulnerabilities or valuable data.

Choosing the right cybersecurity solution for my company: what does it need to have?

Panda Security leverages a combination of solutions and services for their customers to provide visibility of all endpoint activity, control of all running processes, and to reduce the attack surface. This includes device management and control features, EDR and EPP solutions, 100% Classification and Threat Hunting services, all the data gathered by its Collective Intelligence for more than 28 years, and external IOAs and IOCs, all perfectly synchronized. These advantages are grouped together on the security platform, Panda Adaptive Defense.

The Cybersecurity Tech Accord – the key accord in the interest of defending equitable, global cybersecurity of which Panda Security has been a member since last year – has prepared a whitepaper, “Addressing the Cybersecurity Skills Gap through Cooperation, Education and Emerging Technologies”. In it, you can discover what challenges the skills gap presents, what initiatives have been proposed to resolve it, and more details on how emerging technology can put a stop to this problem.

Download the whitepaper

The post How to use emerging technology in the fight against cybercrime appeared first on Panda Security Mediacenter.

Ten corporate cybersecurity New Year’s resolutions

corporate cybersecurity resolutions

New Year is a moment when many of us set ourselves a series of resolutions to try to improve some part of our lives. And one resolution that should be on everyone’s list is an improvement in cybersecurity habits. With this in mind, we’re sharing these 10 tips for online security that will help you to protect your digital life, as well as that of your company.

In our PandaLabs Annual Report 2018, we compiled many cases where cybersecurity went wrong. And the fact is that many of these incidents — and the serious consequences they entailed — could have been avoided by following some basic security tips.

Download the infographic

Good practices for 2019

  • One good habit to bear in mind is the use of firewalls to block unwanted access to our devices. In many cases, this solution is the first line of defense against cyberattacks. The most dramatic example of what can happen if we do away with firewalls is the case of Exactis. This US data broker left around 350 million records exposed in June last year. Anyone could have accessed details about hundreds of millions of US citizens. The cause? A lack of firewalls to protect this information.
  • Multifactor authentication. This method of confirming a user’s identity when logging in adds another layer of protection by asking for a code received on a mobile phone or on a computer. It means that, even if someone gets their hands on our password, accessing our account is more complicated. In July last year, the app Timehop gave us an example of what can happen if we don’t use multifactor authentication: the company blamed a data breach that affected 21 million users on a lack of multifactor authentication on a cloud account.corporate cybersecurity
  • Updating operating systems and installing patches helps to minimize the threats of malware and vulnerabilities. This is especially important if we consider one of the predictions found in our PandaLabs Report: in 2019, new catastrophic vulnerabilities will be discovered, similar to Meltdown and Spectre, which were discovered at the start of last year. Installing all necessary updates and patches is the only way to protect yourself against the vulnerabilities that may threaten corporate cybersecurity, and thus reduce the attack surface.
  • It is very important to be selective when it comes to sharing personal information on the Internet. This information could be used to guess passwords and logins. Discretion is particularly relevant for another of our predictions for 2019. The massive analysis of data, through readily available Big Data tools, allows detailed profiles of personal preferences and trends in many areas to be extracted. Personal information spread over different social networks (Facebook, Twitter, LinkedIn, etc.), correctly analyzed and correlated, can allow the development of highly sophisticated and personalized social engineering attacks with malicious intentions.

Discover the 10 corporate cybersecurity resolutions for 2019 in our infographic, and stay protected this year.

Download the infographic

The post Ten corporate cybersecurity New Year’s resolutions appeared first on Panda Security Mediacenter.

Three cybersecurity tips to help train your employees

cybersecurity training

It’s typically believed that the most sophisticated and complex cyberattacks are the biggest threat to a business.

In reality, however, the biggest cybersecurity threat for many businesses is their own employees. In fact, four of the five top causes of data breaches are down to human or process error. This includes loss or theft of paperwork, data emailed to the wrong recipient and insecure web pages.

In an ever-changing digital-first landscape, where cyberattacks are becoming more and more sophisticated, keeping up with the methods used by cybercriminals and making sure employees are aware of the dangers have become significant challenges.

In this blog, we list three cybersecurity training tips for businesses looking to get employees up to speed and in turn keep business information protected.

Update cybersecurity policies and procedures and educate employees

Employees who aren’t aware of their cybersecurity obligations are more likely to ignore relevant policies and procedures, which could lead to unintentional disclosures of data or successful cyberattacks.

The fundamental issue here is that policies and procedures are never actively taught, shown or provided in context. Instead of showing how these policies and procedures protect the business in a real-life scenario, employees are instead handed the business’s cybersecurity handbook or tip sheet and told to remember it, often alongside the rest of the company’s policies (working hours, holiday protocol, dress-code, benefits, etc.) during induction. The policies and procedures can often be complex and confusing, may not have been updated properly, and could be difficult to apply.

Taking this into account, businesses need to carefully review their cybersecurity policies and procedures to make sure they are not only easy to understand and apply, but also up to date. For example, if a BYOD culture exists within the organisation and the cybersecurity policies have not been updated to take this into account, security holes are inevitable.

Similarly, if those policies have no information to govern how business devices are used – i.e. if the devices are specifically for business only – employees will naturally use them for personal activities and potentially expose crucial business information to cybercriminals.

The last thing businesses need to do to ensure employees are up to scratch is to run regular cybersecurity training courses. Show employees how these policies and procedures work to protect the business and get senior members of staff to champion and emphasise them to employees. This will ensure that a culture of cybersecurity is developed at every level within the business.

Underline the importance of password management

According to a study carried out by OneLogin in 2017, less than a third (31%) of IT decision makers require employees to rotate passwords monthly. Another report by OpenVPN revealed that 25% of employees admit that they use the same password for every enterprise system they access.

Evidently, password management is a major issue and challenge for businesses when it comes to cybersecurity. With employees disregarding basic password management and IT decision makers failing to remind those employees, there needs to be a drastic change in attitude if businesses are to improve cybersecurity practices.

Businesses need to take a more positive approach to the password management process. Not only should they implement more advanced password management tools – multifactor authentication or even PKI authentication – but they should also reward employees that follow the password procedures outlined in their cybersecurity policies.

At the same time, employees also need to realise their responsibility in the process – and this starts with senior business members and C-suite executives teaching the importance of this to the rest of the employees. At every stage they should sit down with employees and explain the business benefits of comprehensive password security in a way those employees can understand. Providing real-world examples such as identity theft and data theft, for instance, can help to get employees on board.

Help employees to understand phishing

Phishing is on the rise, and cybercriminals are getting better and better at it. More than 2,500 complaints were recently made about fake TV licence emails, while a US university was breached after two students fell for a phishing scam.

Cybercriminals have recognised the futility of targeting other attack vectors due to the sophistication of current solutions. Instead of attacking software, cybercriminals are going after the individuals and targeting endpoints – such as mobile phones and laptops – to get access to a business’ wider network.

The challenge is educating employees on phishing so that they can identify a phishing email – particularly if they are using an endpoint device such as a mobile phone or laptop – and follow through with reporting it.

On that basis, IT departments should run employees through the basics of spotting a phishing email; some of the things to look out for are:

  • Email address

Cybercriminals have methods to disguise fake emails and know how to trick victims into thinking a sender is legitimate. Businesses should have a process or solution in place to highlight unknown senders and block known fraudulent email correspondence. If employees spot a rogue email address, they should flag it with their IT department before proceeding.

  • Greetings in the email

Phishing emails are often automated and lack personal greetings. These emails have generic terms like “customer”, “employee” or “dear sir/madam” with no recognition of the recipient’s name. Employees should be cautious of these emails, especially if they are asking for personal information.

  • Grammar and style

Many phishing attacks come from other countries, so these emails are often written by non-native English speakers. These emails typically include grammar and stylistic issues. If an email comes from a supposedly reputable brand or company but includes spelling and grammar mistakes, it’s probably a scam.

  • Link destination

Before clicking on links in emails – employees should hover over them to check the link destination. If the website URL looks suspicious, is different to the sender’s supposed brand/company – employees should be cautious and check it online or flag it.

  • Calls to action

Emails demanding immediate action or response (and have a number of the issues mentioned above) are most likely scams. These emails are designed in such a way to scare people into taking action and/or giving up confidential information.

  • Images and logos

Don’t trust images and logos. They can easily be downloaded and replicated. Cybercriminals can insert any kind of visual content into emails to persuade victims that their emails are legitimate. Take them with a pinch of salt.

Getting employees to look at all of the above will help businesses to keep employees and data safe and secure. A good rule of thumb is if unsure of the legitimacy of an email – flag it.

Regular cybersecurity training and review of policies and procedures will help to build a culture of cybersecurity within a business. As employees come to appreciate the importance of it, they will follow process in everything they do – and teach the same to new employees.

The post Three cybersecurity tips to help train your employees appeared first on Panda Security Mediacenter.

The seven most serious data breaches of 2018

data breaches 2018 data leaks

Cybercrime grows every year, and 2018 was no exception. Cybercriminals can change their attack methods, their targets, or the way they act, but the challenge is always the same: breaking through companies’ corporate cybersecurity and getting access to as much data as possible.

Many companies, unfortunately, learn this lesson the hard way: Adidas, Ticketmaster, T-Mobile and British Airways are just a few. But, serious though these cases were, they didn’t top the list. The following are the seven most serious data breaches of 2018.

1.- Aadhaar: 1.1 billion records.

India has a serious cybersecurity problem. To be more precise, its national ID database, Aadhaar, which contains information on close to 1.1 billion citizens does. The database was leaked, and made available to anyone willing to invest (very little) money to get it.

In January, several Indian journalists discovered that throughout the country, there were circulating several WhatsApp groups in which anyone could buy the file of a specific citizen. The price, 500 rupees (a little under 6 euros), granted access to not only names and surnames, but also to personal data and bank details. Despite the fact that the government denied this leak, it went much further than this: researchers also discovered that, for a period of time, citizens who visited their own profile online could access other citizens’ profiles simply by changing their ID in the private URL on the Aadhaar website.

2.- Marriott: 500 million customers

Marriott is one of the largest hotel groups in the world, and its most serious weak point has just been discovered.  The company announced in November that the booking system for other hotel chains in its group had been hacked. The data leak had been in progress since 2014, and had affected no fewer than 500 million customers, whose bank details and personal data are now at the disposal of whoever wants to buy them.

3.- Facebook and its pact with Netflix, Microsoft…

One of the biggest scandals of the year, and yet another black mark for Facebook. The New York Times revealed that Mark Zuckerberg’s social network has, for years, shared its users’ data (without their knowledge) with over 100 tech giants. Among the companies that bought this information were some as important as Amazon, Bing, Yahoo!, and Netflix, all of which had access to users’ publications and even their private messages.

Data breaches 2018 infographic

4.- Exactis: 340 million records.

The plans of the American data broker Exactis were laid to waste last June. This time not because of theft, or even a cybercriminal act. So what had happened? The agency had left around 340 million records exposed on a public server.

In this case, there were none of the users’ bank details in the records, but they did contain 150 fields of information, with perhaps even more sensitive information: number of children in a house and their ages; the kind of payment card used by that person; an estimation of the value of their house; if they have shares in companies; their hobbies; the company with which they have their mortgage; their ethnic group; along with many others. The million dollar fines for GDPR infringement won’t take long to arrive.

5.- Under Armour: 150 million records.

If you use MyFitnessPal, one of the most widely used nutrition apps in the world, your data is at serious risk. The company that developed the app, Under Armour, was forced to admit in March that a cybercriminal had accessed the registration details of around 150 million users. Among the data stolen from each user are both the email address used to register and the password used to access the account.

6.- Panera Bread: 37 million records.

Is there anything worse than being the victim of information theft? Yes: ignoring those who have been telling you about it for eight months. This is exactly what happened to the restaurant chain Panera Bread, which had to announce that its website had exposed the registration details of at least 37 million customers. Now these customers know (or at least they should) that their names, email addresses, physical addresses and the last four digits of their credit cards have been at the mercy of whoever wanted to take or buy them.

7.- 35 million US voters

As if the elections in the States hadn’t suffered enough: suspicions of vote tampering, the spreading of all kinds of information using voter details… Then this: in October, it was discovered that a website was selling electoral records of around 35 million voters. This incident, which affected 19 states in the country, wouldn’t have allowed any alteration of votes, but it would have been enough to change voter lists at polling stations, stopping citizens from being able to vote correctly.

As we can see, many companies have been forced to make data protection the leading priority to protect their corporate cybersecurity. To fight this problem, there are tools such as Panda Data Control, the data protection module of Adaptive Defense. It stops uncontrolled access to the company’s personal and sensitive data by monitoring all system processes, sending out alerts in real time about leaks, use, and suspicious, unauthorized movements. Ultimately, it proactively and immediately detects any kind of threat, helping companies not only to protect their corporate cybersecurity, but also to comply with the GDPR and avoid its million euro fines.

The fact is that data has become the oil of the modern age, and this goes far beyond tech companies. Any kind of company, regardless of its sector or its size, can be exposed to cybercriminals. It is therefore essential that they know how to protect their greatest asset: their data.

The post The seven most serious data breaches of 2018 appeared first on Panda Security Mediacenter.

Patches and data control: Keys to your organization’s security

emotet whitepaper patches

November 2018, Chile. The bank Consorcio de Chile discovers that it has become the victim of an advanced cyberattack, a dangerous and undesirable situation for any company. If we add to this the fact that the attack involved the Trojan known as the nightmare of global banking, and the fact that this particular nightmare managed to steal 2 million dollars from the bank’s funds, the outlook is extremely disheartening.

Download the Whitepaper

Analysis of EMOTET

The Trojan in question is called Emotet, and Chile is just the latest country on its list of victims—a list that already includes countries such as Germany, Switzerland and the United States. But what is Emotet, how does it spread, and what damage can it do?

Emotet is a polymorphic banking Trojan. Its main goal is to steal data such as user credentials, or to spy on network traffic. It is also frequently used to download other malware, including other banking Trojans.

The most common propagation method for this Trojan is email, whether via infected attachments or embedded URLs. One particularly dangerous feature of Emotet is that it takes over its victims’ email accounts. This helps to trick other users into downloading the Trojan onto their systems.

Emotet graphic

Once Emotet has infected a computer on a network, it uses the vulnerability EternalBlue to get to other endpoints on unpatched systems.

The most serious damage

The most serious consequences that an organization can experience as a result of an EMOTET attack include:

-Theft of personally identifiable information (PII).

-Leaking of financial and confidential information, which can be used for blackmail.

Theft of login credentials, making other accounts vulnerable

Long remediation periods for network administrators.

Loss of productivity of employees whose endpoints have to be isolated from the network

It is clear that this malware would be a serious danger for any company it managed to infiltrate. This is why at Panda Security, we recommend having the best preventative protection against any kind of malware, both known and unknown. This is what Panda Adaptive Defense does, since it stops all malware from running, as well as keeping endpoints updated.

In our whitepaper, Patches and data control: Keys to your organization’s security, you can find more information about the risks that this Trojan can entail, how it can get into your company, and how Panda can help you to avoid the most drastic damages.

Download the Whitepaper

The post Patches and data control: Keys to your organization’s security appeared first on Panda Security Mediacenter.