Category Archives: Antivirus Vendors

Antivirus Vendors

Your Company’s IT Resources are a Mine for Hackers

Blockchain technology was invented in early 2009 to support bitcoin, a new digital currency with a clear objective: make transactions without the need for traditional intermediaries. Invented by the enigmatic Satoshi Nakamoto, bitcoin kicked off the cryptocurrency boom. But as society’s interest in cryptocurrencies has grown, so has criminal interest, creating headaches for companies’ security departments.

The rise of cryptojacking

Mining cryptocurrency is necessary for the system to work. Mining consists of a series of computations performed to process transactions made on blockchains. It creates new cryptocurrency and confirms transactions along the blockchain network. To create more cryptocoins, it is necessary to mine them. Without mining, the system would collapse.

Many users themselves have begun mining cryptocurrencies as a way to make money. Miners perform mathematical operations to verify transactions, and to do so, they use special software. Therefore, for mining to be lucrative, it is necessary to have a great deal of computational power. To make money from mining, cybercriminals are turning to cryptojacking.

Cryptojacking consists of the unauthorized use of a user’s devices to mine cryptocurrency. Basically, attackers make use of malware to hijack computers, tablets or smartphones, for example, and use them to covertly mine cryptocurrency. The user will probably note some lag in their device, but won’t be aware that it’s due to an attack attemping to mine cryptocurrency. One of the most common techniques consists in taking control of the victim’s CPU or GPU from a website infected with malware to mine cryptocurrency, such as what happened recently with YouTube. In this case, the advertising agency DoubleClick was victim of an attack that hid a Coinhive cryptojacking script in the code of YouTube advertisements. Coinhive is the most commonly used script to carry out these types of attacks. A study by security researcher Troy Mursch detected 50,000 new infected websites with cryptojacking scripts, with 80% of them using Coinhive.

Another attack technique consists in using Microsoft Word’s online video function, which allows users to insert videos in documents without the need to embed them. In this case, attackers take advantage of this feature to insert malicious scripts and to covertly take control of the power of the victim’s CPU.

Background theft

Cryptocurrency has become the gold of the 21st century. As a result, we are set to see more attacks attempting to mine cryptocurrency. Now that IT teams and state security forces have their eye on ransomware attacks, cybercriminals are opting for more secure methods to make a buck and have begun stealing IT resources to mine.

The difficulty in detecting this type of attack is making it one of cybercriminals’ preferred methods to illegally line their pockets. These attacks are also becoming increasingly sophisticated in order to affect the greatest number of devices possible. The more computational power they steal, the faster they can mine. This is giving rise to attackers fighting each other over CPU resources. Cybercriminals are including a mechanism in their code to detect competing miners and eliminate them in order to take complete control over the CPU’s resources.

That’s why companies are becoming the prime objective of attackers in 2018. If they get access to a corporate network, they have an enormous amount of resources available to them.

How can a company protect itself from cryptojackers?

These attacks have serious consequences for businesses. The most evident consequence comes from stealing CPU cycles which can slow down systems and networks, putting business and the general system availability at risk. Furthermore, once a company has been attacked, it is likely that a lot of time, money and effort will be required to get rid of and correct the problem. Intensive cryptocurrency mining can also have financial repercussions for a company, as electricity bills can be quite a bit higher due to the high energy demand.

Additionally, these attacks can wreak havoc on corporate devices. If mining is performed over a prolonged period of time, devices and their batteries can experience extreme overheating which can the devices.

Of course, one should also not forget that being a victim of cryptojacking means that an attacker has gotten through security systems and has obtained control of the company’s devices, putting the company’s data privacy at risk.

To be protected from a possible cryptocoin mining attack, one should follow these security measures:

  • Perform periodic risk evaluations to identify vulnerabilities.
  • Regularly update all systems and devices.
  • Adopt advanced cybersecurity solutions that allow for a detailed visibility of activity on all endpoints and control all running processes.
  • Create a secure browsing environment, installing extensions that hinder cryptocurrency mining.

The post Your Company’s IT Resources are a Mine for Hackers appeared first on Panda Security Mediacenter.

Read More

How Cybercriminals Target Freelancers – And What You Can Do About It

Whoever coined the adage “time is money” was probably a freelancer. It’s tough for the self-employed to enjoy the financial or emotional benefits of paid time off. Any hour you’re not writing, designing, or programming is an hour you’re not getting paid. There’s also the non-billable time you spend communicating with clients, tracking down late payments, and promoting yourself. You simply can’t afford extra downtime from a computer virus or a data breach. Unfortunately, your career choice makes you a tantalizing target for cybercriminals.

Malware makers and hackers know you handle private client data, that you work from home, that you likely use public WiFi, and that you probably haven’t downloaded cybersecurity software. It’s not an ideal situation … except for enterprising cybercriminals.

Take the time now to study these cybersecurity tips, and you’ll save money later when you don’t become a victim of ransomware.

Modernize your OS

Operating systems work their best to protect you against malware when they contain the latest security patches. The sooner you update, the better your chances of avoiding a hack. Set your OS to update automatically and check it regularly. Update all of your apps, too. Hackers exploit antiquated app architectures to make their way to your clients’ private data.

Also consider moving your work flow to the developer’s latest operating system. Many people still like working in Windows XP, and Microsoft still offers security updates. But if you just can’t part with Windows 7, at least make sure you’ve installed the correct Windows Service Pack.

Passwords: On-point protection

If hackers know the passwords for your clients’ accounts, nabbing their data is pretty simple. That’s why creating strong passwords is a cybersecurity must. Never use the same password for multiple accounts or create conspicuous ones like “123456” or “password”. Follow these steps for creating secure passwords and install a password manager to help …

  • Automatically generate strong passwords
  • Remember your passwords more easily
  • Protect you from phishing attacks
  • Make changing your passwords a breeze
  • Use your passwords on mobile devices

Beware phishing scams

Phishing is a popular online scam cybercriminals use to steal login credentials. With phishing scams, cybercriminals don’t need complex malware and sophisticated algorithms to infiltrate your laptop and steal your data. They trick you into voluntarily supplying your own passwords, credit card numbers, and SSN. The trick to defeating a phishing scam is understanding how phishing emails work and looking for common characteristics like these:

  • Suspicious links. Before clicking, check to see if any email link is taking you to the right URL. On a Mac or PC, hover your cursor over the link and check the lower left-hand corner of your browser to see the address. If they’re different, be extremely cautious. To check a URL on a smartphone, long press the link, and a window will open to reveal the address.
  • Grammar bad is. A common trait of many phishing emails is broken English, misspellings, and bad grammar.
  • Bad Body Image. Phishing scammers often use entire images for the body of their emails to bypass spam filters. If an email’s body is a .jpg or .png file, it may be a scam.
  • Click or Else! If the email has a threatening tone and asks you to sign into your account through a link in the email, you’re likely dealing with a phishing attempt.

With phishing attacks, you can’t be too cautious. Cybercriminals are constantly upping their email game, even using emails from legitimate websites like YouTube to launch their attacks. And scammers don’t limit themselves to just emails. The two websites and (don’t go here!) both exist, but they have vastly different content. If you’re not sure a website is legitimate, you can use online tools to look up a domain’s reputation for safety.

Cloak your data in a VPN

Virtual Private Networks encrypt the data you transmit over the internet by routing it through smaller, private networks. As a result, you can make it impossible for cyberthieves to identity you as the sender and receiver of the data or to locate your physical location.

VPNs offer encryption at every step of the browsing process, which makes them ideal for remote work and surfing public WiFi networks like cafes, hotels, or libraries. They’re also useful during work trips to countries with strict internet censorship.

The best VPNs are paid services, but research before you buy. Not all VPNs are created equal. You can run a compliance test to make sure a VPN adheres to standard encryption methods.

Working off-site isn’t a time to let your guard down

That Starbucks around the corner you consider your “off-site office” has free WiFi, but don’t assume it’s safe to surf. Using open WiFi networks leaves your clients’ data more vulnerable to hackers who can intercept your communications with a man-in-the-middle attack.

Cybercriminals also conspire in the physical world, stealing devices, swiping USB drives, or taking pics of laptop screens. Don’t make your clients pay for your mistakes. Follow these tips when using public WiFi:

  • Never leave your devices unattended.
  • Lock your laptop screen when your computer is idle.
  • Sit with your back against the wall when possible.
  • Get a privacy screen for your laptop.
  • Remove USB drives and DVDs from your computer when not using them.
  • Install tracking software for your devices in case of physical theft.
  • Encrypt sensitive files with encryption software.
  • Look for trusted local spots to get your work done.

Treat a public workspace like a phishing email: Scrutinize it well. You don’t need to be the roving Eye of Sauron — just practice common sense, and you’ll go a long way in protecting your clients’ data.

More copies of your data makes it safer

Backing up your files protects you from crashed drives and malware attacks. Data backups neutralize ransomware attacks. When people only have one copy of their high-priority data, cyberthieves can demand large sums of money for its return. If you have copied data to an external hard drive, ransomware popups become empty threats.

Ideally, you should make two backups: one on a physical hard drive and one online. Cloud storage services are inexpensive services that have the added benefit of letting you access the data anywhere there’s an internet connection. A little investestment is also a selling point for your services. Clients feel safer knowing you’re protecting their data. That translates into more contracts for you!

Download antivirus software

It’s takes effort to watch out for phishing scams and manage passwords, but downloading antivirus software helps take some of the burden off of you. Antivirus software is like hiring a 280-pound MMA badass to stand guard outside your apartment door. It scans for and eliminates common computer viruses and other malware, warning you if they try to break into your devices and kicking them out if they do. Paid versions of AV software often come with added features like password managers and firewalls.

Time is actually more than money

When you protect your clients’ data, you’re saving more than just your money, you’re saving the a business’s lifeblood — the thing that ensures their success. These tips prove you don’t need to get an online computer science degree to protect your clients’ data from cybercriminals. You also don’t need to take out a second mortgage to protect your devices. A sizeable chunk of good cybersecurity habits are just common sense and resourcefulness, two qualities, as a freelancer, you demonstrate every day.

Download your Free Antivirus

The post How Cybercriminals Target Freelancers – And What You Can Do About It appeared first on Panda Security Mediacenter.

Read More

Is your home a smart home? Make it safer

Is your home a smart home? Make it safer with Avira Home Guard

Give your home a free intelligence test with the Avira Home Guard. The wave of smart devices flooding homes has created a security rip current: the situation looks fine, but there are many security issues just lurking below the surface that many people are not wanting to take a deep look into. The Internet of Things […]

The post Is your home a smart home? Make it safer appeared first on Avira Blog.

Read More

Keys for an Effective Incident Response Plan

Despite the fact that a cyberattack can have devastating effects, the majority of companies are not prepared to deal with such problems. And even though a company may have a good prevention plan and a solid security team, breaches do occur. That’s why a good incident response plan needs to be in place.

What is a SIRP?

A Security Incident Response Plan (SIRP) is, as its name indicates, a guide to applying measures in case of a breach in security. Its objective is to minimize the amount and severity of cybersecurity incidents. According to experts, many companies learn to deal with the damage caused by a security problem after an attack. But this can be very costly.

A SIRP allows companies to deal with an incident as soon as possible, making sure no damage is extended and solutions are applied almost immediately. Therefore, in addition to a SIRP, it is advisable to have a Computer Security Incident Response Team, or CSIRT. However, preparing a plan requires a seasoned and experienced IT team, which does not preclude the need to be prepared from the outset.

Preparing an incident response plan

Every SIRP consists of a series of steps, which are not always necessary but establish a general action plan. A SIRP can be divided into three stages.

  • Initial course of action

This stage begins by evaluating the situation, paying special attention to all activity. Steps should be taken to make sure a false positive has not been given. The seriousness of a possible attack should be assessed a priori. From here on out, all information is meticulously logged. The next step is to assure proper communication of the incident to the rest of the CSIRT to ensure coordination. Containing the damage is essential, so it is necessary to decide which data is most important and to protect it according to its priority. To minimize any risk, one must keep in mind that it is always better to interrupt an IT process than to try to repair any damage afterwards.

  • Classifying the attack

From here on, the SIRP identifies the type of and severity of the attack. This is essential in order to correctly repair the system. It is necessary to identify the nature of the attack, its origin, its intent and what systems and files are exposed. The next step is to identify unexpected physical access points and examine key groups to find any unauthorized entry. Special attention must be paid to any gaps which show losses in the system’s log.

Log files and unusual connections should be examined, as should the security audit, any failed login attempts and any other indication of unusual activity to give a clue as to how the incident occurred. This is the most meticulous part of the process. Once the attack has been correctly identified, the entire team may proceed to secure the logs, tests and all relevant information. This should not be neglected due to the significant legal implications.

  • Notification, documentation and review

In the last stage, information is organized, the incident is documented, and everyone involved is notified. Informing everyone involved is necessary to prevent future damage and to contain any possible future attacks.  Furthermore, from May 2018, notifying those involved of incidents will be even more important. The entry into force of GDPR will require companies to report to authorities any personal data breaches within 72 hours. Once the notification has been made, the systems and documentation will need to be recovered. The recovery will depend on the motives of the breach, its targets and the amount of damage caused to the system. Having backup files is crucial, and backups should be reviewed for any weak points to prevent security problems.

Lastly, a detailed report should be included in the documentation. Since all processes have been logged during the incident, this information should be saved and organized accurately and chronologically. A cost assessment of the incident should also be included as it could be used as further evidence. The last step consists of reviewing the response and action guidelines to improve the incident response plan, evaluating the errors committed and proposing improvements.

Advanced cybersecurity solutions, such as Adaptive Defense 360, allow IT teams to have complete visibility of a corporate network and perform detailed forensic reports on infections.

The post Keys for an Effective Incident Response Plan appeared first on Panda Security Mediacenter.

Read More

Employers’ best bet for appealing to security pros? Value their opinions

The report also sheds light on how not to go about attracting new hires. Vague and inaccurate job descriptions along with job postings that include insufficient qualifications were found to top the list of turnoffs for many jobseekers

The post Employers’ best bet for appealing to security pros? Value their opinions appeared first on WeLiveSecurity

Read More

Panda Security Africa and BDO form Strategic Partnership to Mitigate Cyber-Risk

Leading global cyber security firm Panda Security Africa and audit, advisory and tax firm, BDO South Africa, have formed a strategic cyber alliance to enable BDO to offer a managed security service to their clients, using Panda’s next generation EDR solution.

Predictions for 2018 indicate that cybercriminal activity shows no signs of slowing down, and organizations need to constantly review their cybersecurity strategies to reflect the advanced threats of today. Traditional protection models are no match for sophisticated threats such as ransomware, exploits, script-based and other malware-less attacks – adopting next generation EDR (Endpoint Detection and Response) technology into a holistic cybersecurity strategy is where the solution lies.

BDO Advisory’s Director of IT Audit and Cyber Laboratory, Graham Croock, says they chose to partner with Panda Security Africa as BDO is committed to the provision of world class services to clients using best of breed technology. This strategy is supported by the BDO Global Cyber Leadership Group (GCLG) headed up by Greg Garret in the US.

Graham Croock confirms that as cyber security is a global concern, it is imperative that global security service and product offerings are utilized. Given that BDO and Panda are both global players, the fit is perfect. The solution will also facilitate the ingesting of data by the BDO Security Operation Centre (SOC) operations in Israel and Norway which will contribute additional value to the services provided through collaboration.

Traditional endpoint protection is only effective in protecting against known malware. It is not capable of dealing with attacks where exploits, file-less malware and other advanced technologies are used. A solution such as Panda’s Adaptive Defense closes the detection gap and hardens protection to effectively stop ransomware, APTs and other sophisticated attack types. Adaptive Defence is an EDR class technology with a differentiated approach involving the monitoring and classification of all running processes to deliver a 100% attestation service that ensures only trusted applications can execute.

“We are very proud that the industry considers Panda Security as a visionary in advanced protection technologies for the endpoint. This affirms the cybersecurity model introduced by Panda. We became the only manufacturer to offer advanced protection based on the complete visibility of endpoint activity, together with classification services for all running processes and threat hunting. This is a significant innovation and an added value for our technology, our customers and our partners such as BDO, with whom we share the common goal of offering our customers the best services “, says Juan Santamaría, CEO of Panda Security.

Panda Adaptive Defense gathers up to 10,000 data points for each executable. Using big data, machine learning and artificial intelligence, the service classifies goodware, malware or unknown processes – in real time. Action is automatically taken against malware and unknown processes, blocking them and preventing potential attacks from executing. Manual classification by PandaLabs analysts is done for the 0.015% of programs that cannot be handled automatically – thus ensuring a complete attestation service.  In addition to proactive protection, Adaptive Defense provides unparalleled visibility of endpoint processes for various use cases including audit, forensics and IT operations.

“This partnership between Panda Security and BDO will be important in protecting digital infrastructures and corporate networks in key industries in southern Africa” says Jeremy Matthews, Regional Manager of Panda Security Africa. “We are pleased to be a part of this initiative – adding value to BDO’s risk consulting and management service with Panda’s intelligent endpoint security technology and services” continues Matthews.

About Panda Security

Panda Security is the leading Spanish multinational in advanced cybersecurity solutions and in systems management and monitoring tools. Since its inception in 1990, it has consistently maintained a spirit of innovation and marked some of the most important advances in the world of cybersecurity.

Currently, the development of advanced cybersecurity strategies is the core of its business model. Panda Security has a presence in more than 80 countries and products translated into 23 languages, with over 30 million clients worldwide.

About the BDO Cyber Lab

The BDO Cyber and Forensic Lab provides a host of services, each applicable at different stages of a company’s cyber maturity. A team of cyber consultants – forensic investigators, data scientists, analysts, ethical hackers, business intelligence experts, IT auditors, and change management experts – offer cutting edge forensic analytics technology.

The post Panda Security Africa and BDO form Strategic Partnership to Mitigate Cyber-Risk appeared first on Panda Security Mediacenter.

Read More