Tag Archives: featured1

Zane Lackey: “You shouldn’t invest in security just for compliance”

The concept of the cybersecurity manager is evolving, as the role shifts from the traditional “gatekeeper” to a more universal, company-wide security facilitator. Zane Lackey, our guest this month, is one of the most important white hat hackers in the world, and author of books such as Mobile Application Security and Hacking Exposed: Web 2.0. Currently, Lackey is the co-founder and CSO of Signal Sciences, a web application protection platform, and is also a member of the Advisory Board of the Internet Bug Bounty Program and the Open Technology Fund.

Although new infrastructures, services, and applications are being created, such simple things as security failures at the endpoint or a lack of two-factor authentication systems continue to be the cause of the global attacks making headlines.

We began the interview by recalling Zane’s days as a white hat hacker.

 Panda Security: What techniques do you use to detect a vulnerability and expose a threat to avoid an attack?

Going back to my pentesting days, which was quite a while ago at this point, the most common things I would look for were the assumptions made in the design of the system. Then I would look for ways those assumptions might be violated. On the defensive side, I took that mindset thinking about how to empower development teams and DevOps teams. That was one of the biggest lessons learned for me — going from a white hat, security consulting, pentesting kind of thing over to becoming a CISO and building a security organization, is really focused on how to give the engineering team as much visibility into what’s going on in production as possible.

PS: How do programs like Internet Bug Bounty help to resolve vulnerabilities that have been discovered? After a flaw is discovered, how do you act?

 I know there have been some changes in the Bug Bounty program recently, so I don’t want to say anything that would be incorrect there, but I think that from having run multiple Bug Bounties in the past, the important thing is trying to establish good communication with the researchers that come in. Because a lot of times, you’ll get a report that is partial or doesn’t contain all the info that is needed to reproduce the issue. So being able to say, “Hey, these are the five bits of information that we need so we can take this to the relevant service team or application team”, can help communication on both sides. And at the same time, trying to communicate back to the researchers so it’s not just a black box for them. Trying to be as transparent as possible on both sides — that’s what really leads to a good Bug Bounty experience, both for the researchers and for the organizations that actually work with them.

 I think anyone who’s run a Bug Bounty program gets used to seeing all kinds of things. You see everything from systems that you didn’t know about, to pretty much every type of vulnerability, even ones that you don’t think that you have. So I really strongly believe in the value of these programs, and I think they complement pentesting very well. Combining the two can really help most security programs out there. The reason I like Bug Bounty programs so much in combination with pentests is because it allows you to focus your pentests on very specific areas rather than trying to have them test everything when they don’t have time for that. So you can use your bug bounties to try and get very wide coverage, and you can use your pentests to try and get very focused and specific coverage.

PS: The NHS has recently hired white hat hackers to identify cyberthreats. Do you believe ethical hackers are indispensable in today’s organizations to avoid breaches and strengthen defense?

 For every organization, you need to be thinking about how people actually attack your systems. So white hat hackers, and pentesting, and bug bounties, those are all a piece of it. They’re not the full story, but they’re a piece of it. You don’t want to be doing security just for compliance, or just trying to check the box of different defenses to put in place. I challenge folks to have the number one thing that they’re thinking about as they’re trying to build a security program be: how would an attacker actually attack my organization? And really use that to drive the defensive programs that you put in place. And that’s where red teaming, white hat hackers, bug bounties, and all these ways to test your system can be a very powerful feedback loop. Because they can show, when your systems are being attacked, “this is where they went.” And that can focus your defenses.

So I really strongly believe in balancing offense and defense and using one to guide the other, and not just trying to do one in isolation.

PS: How can you implement DevOps to make companies safer?

I truly believe that embracing DevOps and embracing Cloud can make you safer. The reason for that is, in any development methodology, you’re still going to have vulnerabilities. So as soon as you recognize that fact, the logical conclususion is that the development technology that will allowyou to react the fastest is the one that can make you safest. In the old model of waterfall and changing applications very slowly, the problem was there was no way to react quickly. So this is why DevOps, Cloud, and the shift to Agility can actually make us safer.

PS: What can we learn from massive data breaches like Equifax, which happened via a web application vulnerability?

I’d say there are two things to learn from the breaches that we see every day. One is that, 99% of the time, they are the completely common, off-the-shelf things — its things that weren’t patched, it’s a weak password, its malware on an endpoint, etc. So going back to a previous comment, I would encourage all organizations to not think about the “insane, state-sponsored zero-day that’s crazy complex”, but rather to focus on the basics: how do you get coverage over malware on your endpoints? How do you get two-factor authentication on all your accounts? And how do you get coverage over the web application layer?

Because I think the other lesson that we’re all just starting to see in terms of the breaches but which we’ve been seeing in the trenches the last few years, is that historically the security risk was at the infrastructure layer and the network layer, so we always thought firewalls and IDSs and things like that could mitigate it. But over the last several years the risk has all moved up to the application layer and out to the endpoint. So learning where your risk actually sits is the number one lessor we should be learning as an industry right now, across the breaches that we’ve been seeing.

PS: Do you think companies will be ready for the GDPR? What will they need to do to be compliant and protect their data?

With any new compliance regime, there’s a lot of concern with it up front because no one is exactly certain what it looks like yet. So I think it will be a little fuzzy at first, then you’ll see products and services emerge to help with it and you’ll see a much clearer picture of what the auditors are cctually looking for and what steps really need to be taken as part of that.

Security and compliance are two separate things that sometimes overlap in small pieces. So defending your data, and not just being compliant with something, you have to ask: how do I defend my endpoints? How do I defend my web applications and my APIs and other things at the application layer? Because those two buckets are where so much of my risk is. So you should focus on getting visibility into those, getting effective controls into place around malware on the endpoints, two factor authentication for as many services as you can put it on, and then getting coverage and visibility and protection for your application layer.

PS: In terms of application security, do you prefer security by programming from within, or do you prefer protecting it from the outside?

The answer is both. For defending applications, how you do that effectively is you think about how to eliminate as many bugs as possible during the development cycle, but at the same time you recognize that there will always be vulnerabilities. So you couple that up with getting visibility and defense into the code that’s actually in production, and not just try to scan for bugs once it goes out and then just ignoring it once it’s out there live on the Internet. I think that’s been a major failing of the SDLC for the past 10 plus years.

The biggest piece of commonality I see amongst organizations that are doing this well is that they try to eliminate bugs before production, they recognize that there will always be vulnerabiliities, so they are really investing very heavily in getting visibility into how those services are being attacked in production and using that to bring that visibility directly to the development teams and the DevOps teams themselves, so that they can self serve with that information and not have to rely on the security teams to defend the services that they’re building.

The post Zane Lackey: “You shouldn’t invest in security just for compliance” appeared first on Panda Security Mediacenter.

Read More

Chatbots and AI -are they dangerous?

In order to better serve customers, businesses are increasingly reliant on Artificial Intelligence (AI). These computerised systems collect information about customers, and then try and apply it to solving business problems.

AI is proving to be particularly helpful in the area of customer service. By monitoring conversations with customers, AI systems begin to detect patterns of behaviour that can be used to predict questions or problems in advance. Customer service agents can use these insights to “fix” issues more quickly, and to deliver a better quality of service to clients.

AI and chatbots – a match made in customer service heaven

Online retailers are also looking for ways to improve the shopping experience by making it easier for customers to access the information they need. Many are now using “chatbots” – automated systems that can answer questions in a text chat window on the website.

Initially chatbots are pretty dumb – they can only answer specific questions, which have to be worded exactly right or the system doesn’t understand. But when backed by AI, the system becomes much cleverer.

AI can be used to “learn” how customers think, and to answer vague questions. The more the system learns, the more questions it can answer, more quickly.

Good technology can be misused

Unfortunately AI and chatbots can be used for evil too. Because AI Is specifically designed to better understand us as individuals, it is an ideal tool for identity thieves. The more they know about you, the easier it is to impersonate you.

As a result, shoppers need to be extremely careful about the websites that they visit, and the systems they interact with. Talking with a malicious chatbot could be as dangerous as entering your credit card details into a phishing website.

As AI matures and becomes cheaper to operate, we expect to see more examples of criminals misusing the technology to commit more identity fraud-based crimes. Over time, these systems may even be able to pull together data from multiple sources, like your Facebook profile, as well as using information supplied to fake chatbots.

The more information the AI can access, the more detailed a picture hackers can build of you, your preferences and interests. Which means that when they do try and exploit your data, their efforts will be much more convincing – and likely to succeed.

How to protect against fake AI and chatbots

To help stay aware of these dangers, and to prevent being tricked my malicious AI and chatbots, you should install a robust anti malware toolkit like Panda Gold Protection. Not only will this help keep your computers virus free, but it will also alert you whenever you visit a dangerous site – or even block access completely.

Take a step towards protecting yourself today by downloading a free trial of Panda Security – you won’t regret it.

The post Chatbots and AI -are they dangerous? appeared first on Panda Security Mediacenter.

Read More

Cyber Sabotage at the Winter Olympics

On Monday, while spectators were being dazzled by the opening ceremony of the 2018 Winter Olympics, held in Pyeongchang, the Olympics organizing committee was busy dealing with a cyberattack.

The decline in new malware samples and the professionalization of attacks on networks are setting new standards in cybersecurity. In this case, we’re dealing with a targeted attack and an act of sabotage, in which hackers sought to cause chaos during the opening ceremony. It affected some television and internet services before the ceremony, but was not successful in stealing data from servers.

Researchers from Cisco’s Talos division also added that the malware’s purpose was not theft, but rather destruction.

GoldDragoN, the latest Russian hack?

With the focus usually centered on maximum profit, there’s been an increase in the number of advanced infiltrations using sharp new tactics, such as malwareless attacks and the abuse of non-malicious tools.

PandaLabs explains that by not using malware, which is easily detected by advanced cybersecurity tools, attackers assume the identity of the administrator after having obtained  their network credentials. They warn that the techniques used by cybercriminals to attack without using malware can be highly varied, taking advantage of all kinds of non-malicious tools that are part of the day to day of IT managers.

In this case, the attack did in fact use malware (named GoldDragon), but to carry out certain actions it used non-malicious tools such as PsExec or the CMD itself. In this way, it was able to execute processes on other computers connected to the network without raising suspicion and without using a version modified by the attackers, but rather the official version.

To carry out its destructive actions, it launched system commands from a command window (cmd). Instructions looked like this:

C:Windowssystem32cmd.exe /c c:Windowssystem32vssadmin.exe delete shadows /all /quiet

Here, the vssadmin.exe is used to silently erase the backup copies created by the operating system.

Everything seems to indicate that the attack came from Russia. Ukrainian intelligence and a CIA report linked NotPetya and BadRabbit to Russian intelligence, and in the case of GoldDragon (also called Olympic Destroyer), all signs point to a more refined version of BadRabbit.

System tools as a new attack vector

Monitoring the execution of all processes on company workstations and servers is essential to avoiding close calls like the one we witnessed in this year’s winter olympics.

Traditional antiviruses are not able to detect these types of attack, nor to remediate them. However, Panda Adaptive Defense proposes a new security model based on the monitoring, control, and classification of behavior and the nature application in execution to offer robust and complete protection.

PandaLabs recommends the use of advanced cybersecurity solutions such as Panda Adaptive Defense, which also allow the client’s existing infrastructure to coexist with traditional antivirus systems and integrate with existing SIEM solutions.

The post Cyber Sabotage at the Winter Olympics appeared first on Panda Security Mediacenter.

Read More

Chaos Engineering: the Point of Adding Bugs on Purpose

Chaos engineering is a kind of contradiction: it works against the very system it is protecting in order to build an environment that is more resilient and more secure. How does it work? How is introducing errors useful and how does it help to secure the digital environment? Understanding this discipline can lead to substantial improvements.

What is it?

The concept of chaos engineering is based on four principles defined by Netflix. These principles consist of defining a “stable” state, making a hypothesis of the state that will follow, introducing variables that reflect events true to reality, and trying to break the hypothesis (in that order).

Through a series of tests, characteristics of the infrastructure, such as availability, security, and performance, are assessed. The goal is to resolve problems in these distributed systems in order to bolster recovery capabilities for the entire system. This means, in short, getting structures that withstand extreme conditions.

Resilience and “antifragility”

The concept of chaos engineering is only understood if we understand the definition of “antifragility”, a term coined by Nassim Nicholas Taleb. This is the precursor concept of chaos engineering and, in turn, is based on resilience. Resilience is defined as the ability to absorb disturbances. These disturbances are caused by stressors, or stress factors, that trigger destabilization.

It is a concept widely used in living organisms (ecology, physiology, psychology, etc.) and refers to the ability to overcome problems actively and adapt to the situation. “Antifragility” goes beyond resilience since it implies the evolution of a system, which would be able to grow from the stress to which it has been subjected to adapt to new failures.

Panda Adaptive Defense is a tool that keeps a close eye on the principles of antifragility and adds resilience to the company, while increasing visibility into the state of the corporate network.

The Simian Army

Taking all this into account, large companies such as Netflix or Amazon see in chaos engineering the possibility of testing their infrastructure to make their systems more mature and increasingly robust — and also more evolved. In short, more resilient. Since performing an analysis and correcting a problem in a repetitive and escalating way is a very difficult task, they use heuristic strategies focused on prioritizing decision-making aimed simply at resolving problems.

Thus, Netflix, for example, uses its own suite of applications called the Simian Army, which tests the stability of its network. Simian Army has more than a dozen stressors that test the system in various ways. Security Monkey, for expample, is just one “piece” of the Simian Army. It implements a security strategy into cloud-computing platforms based on chaos engineering.

How can chaos engineering help companies?

The first question is, why should a company consider using chaos engineering?

Implementing a strategy based on chaos engineering helps to work the antifragility of a platform, including meeting the control objectives and requirements of PCI-DSS in case of audits. Thus, any company could benefit greatly from implementing a tool such as Security Monkey in its security strategy.

This would require a “chaosification” of the platform in a controlled manner, which could consist of actions of the following type: disable SG (Security Groups) rules, modify files at random, randomly listen to ports, inject malicious traffic into the VPC (Virtual Private Cloud), randomly kill processes while they are taking place… and the list of havoc-wreaking could go on.

Thanks to this tool (or strategy), a deeper visibility of the consequences of attacks can be achieved with the intention of improving defenses. This, in the long run, is the basis of a more mature and reliable system, capable of recovering from attacks and reducing losses in the face of a serious security incident, something that should be mandatory for any high availability service.

The post Chaos Engineering: the Point of Adding Bugs on Purpose appeared first on Panda Security Mediacenter.

Read More

Quantum computing: What is it?

In the 1980s and 1990s, science fiction movies were obsessed with super computers and the way they would change the world. These days, super computers are relatively common, so instead we hear about “quantum computers”.

Back in 2015, IBM announced that they had managed to turn theory into reality as they unveiled their first working quantum computer. For IT geeks the news was very exciting – but what does it mean for home computer users?

What is a quantum computer?

Before trying to explain quantum computers, it helps to understand how a traditional computer – like your PC or Mac – handles information. Known as “classical” computers, these devices use long strings of “bits” to represent data. A bit can have one of two values: 0 or 1.

Everything on your computer – documents, pictures, emails and videos – are made up of very long strings of 1s and 0s. On a traditional computer hard drive, the bits are made by altering the polarity of tiny magnetic particles on the disk.

A quantum computer is very different. Instead of using bits, they use “qubits”. Qubits are stored by altering the behaviour of tiny particles like electrons or photons. More importantly, qubits are capable of representing more than just a 1 or a 0 – instead they can store 0, 1 or a “superposition” of many different numbers at once.

Using qubits, it becomes possible to carry out a “arbitrary reversible classical computation” on all those numbers simultaneously; a classical computer can only complete one calculation at a time. As a result, quantum computers are (in theory) much faster at completing complex calculations than even the fastest super computer.

If that sounds complicated, that’s because it is. Explaining a quantum computer is extremely difficult because they rely on advanced physics to carry out complex calculations. Even quantum physicists struggle to properly explain how quantum computers work.

Why do quantum computers matter?

The amount of data being created every day is phenomenal – and current computers will not be able to keep pace for much longer. Modern super computers are still too slow to perform some of the most important scientific tasks like testing the effects of new medicines at the molecular level.

With the ability to perform very complicated calculations more quickly, or to even model those drugs at the molecular level, quantum computers provide a much needed performance boost. Most data scientists agree that quantum computers are our best chance to deal with the challenges of the 21st Century.

Will you ever own a quantum computer?

Because of their complexity, quantum computers are extremely expensive. If the technology proves to be valuable, we should see that cost fall as more computer manufacturers get on board.

The reality is that the average home user won’t need the power provided by quantum computing. Or be able to afford the electricity bill for running a device that manipulates photons and electrons to store and manipulate data!

Download your Antivirus

The post Quantum computing: What is it? appeared first on Panda Security Mediacenter.

Read More

How to Avoid Ransomware in 5 Easy Steps

As you scroll through your social media feed, a window pops up: “Your hard drive has been encrypted. You have 48 hours to pay $200 or your data will be destroyed.” You see a link and instructions to “pay in Bitcoin.” An ominous looking timer counts down the seconds and minutes for the two-day window. Nine, eight, seven….  

Your thoughts immediately go to the contents of your hard drive — your daughter’s graduation video, your bank statements, a life insurance policy, pictures of your grandchildren — they all sit there, vulnerable, helpless bits of ones and zeros…and you don’t know what the heck bitcoin is.

Welcome to the world of ransomware — digital data hostage-taking only Hollywood could make up. Ransomware is a security threat for people and business, and cybersecurity experts predict it will only get worse in the future. One cause for its popularity is the profitability of the enterprise. Cyberthieves rake in millions every year with threats to destroy or encrypt valuable data if their ransoms aren’t paid.

You don’t need to be a millionaire or multinational corporation to be at risk. Cyberthieves also target the data of average consumers. When they target consumers, hackers may only request a few hundred dollars ransom but when the threat includes a thousand people, it makes for quite the lucrative venture. Many ransomware victims feel the risk of losing their data is too great, so they pay up. However, this only encourages the criminals.

The best way to combat ransomware is by not becoming a victim in the first place. To that end, here are five immediate steps you can take to avoid ransomware attacks.   

Step 1: Set Your Operating System to Automatically Update

The first step to avoiding ransomware is to update your operating system (OS). Anything connected to the web works better when it’s OS is updated. Tech companies like Microsoft and Apple regularly research and release fixes for “bugs” and security patches for vulnerabilities in their systems. It’s a cybersecurity game of cat and mouse. Cyberthieves search for “holes,” and companies race to find them first and “patch” them.

Users are key players in the game because they are the ultimate gatekeepers of their operating systems. If your OS isn’t up to date, you can’t take advantage of the security updates. Plus, your computer runs better with an updated OS.

Set your OS to update automatically and you won’t need to remember to do it manually. While Windows 10 automatically updates (you have no choice), older versions don’t. But setting auto updates are easy, whether you’re on a Mac or PC.  

Step 2: Screenshot Your Bank Emails

Cybercriminals use trojans or worms to infect your computer with ransomware. So avoiding these will help you avoid ransomware. Worms and trojan malware are often spread through phishing email scams, which trick users into opening email attachments containing viruses or clicking links to fake websites posed as legitimate ones.

One of the best tips for keeping phishing emails at bay is learning to identify them. Hackers send phishing emails that look like they come from banks, credit card companies, or the IRS. Phishing emails kickstart your fears and anxieties by suggesting there are “problems with your account” or insisting that “Urgent action is required.” Who wouldn’t be scared if their bank sent them an email saying, “You are overdrawn in your account.”

Cybercriminals use this fear to distract people so they will overlook the telltale signs of the phishing email like misspellings or common fear-inducing subject lines.     

Take screenshots of all of the legitimate emails from your bank, credit card companies, and others business that manage your sensitive information. Use these screenshots to compare with future emails you receive so you can spot phishing phonies and avoid ransomware.

Step 3: Bookmark Your Most Visited Websites

The next step in your ransomware avoidance journey is to bookmark all of your most visited websites. Just as with phishing emails, cybercriminals build websites that look like bank or credit card sites. Then they trick users into clicking a link and visiting them. From there, hackers steal your sign-in credentials or infect your computer with malware.

Think twice before you visit a website by clicking a link in an email, comments section, or private messaging app. Instead, bookmark your most visited or high-value websites and visit them through your browser.  

Step 4: Backup Your Data to the Cloud and a Hard Drive

This step is a no-brainer. Ransomware works if you only have one copy of your data. If it’s irretrievable, then cyberthieves have the upperhand, but if you have multiple copies, you have taken away the power behind the threat.

Back up your data to both a cloud service and a hard drive. That way, you have a copy that’s available anywhere there’s internet access and one that’s physically accessible all the time. Both types of storage are relatively inexpensive and will certainly prove worth it if you’re ever a ransomware target.

After backing up your data, set up a schedule so you can keep your data current. If you haven’t backed up your data in six months, you’re probably just as vulnerable to ransomware attacks as having no backup at all.

The post How to Avoid Ransomware in 5 Easy Steps appeared first on Panda Security Mediacenter.

Read More

Facebook Survey: More than 50% of users don’t trust news on the social network

Facebook tries to stop “fake news” by surveying its own users

Facebook is surveying its own users to try and stop the spread of “fake news” on its social media platform. The new survey asks two questions:

  1. Do you recognize the following websites?
  2. How much do you trust each of these domains?

The “fake news” phenomenon is a cybersecurity issue that we predict will be relevant in 2018 and beyond, since social media platforms are used to sway public opinion. As reported by the New York Times, social media companies provided evidence to Congress that Russian influence might have reached 126 million Americans on Facebook and other platforms during the 2016 elections.

Social media critics are questioning whether Facebook’s own users should be trusted to determine which news outlets are “fake news”. In fact, when it comes to domain trust, Facebook itself faces skepticism. A recent Panda Security survey showed that 47 percent of parents consider Facebook “unsafe” for their children to use.

Panda Security has conducted an additional survey using Google Surveys to see how much consumers trust Facebook as a gatekeeper of news and information on their newsfeeds.

We asked a weighted sample of 765 online users in the United States: “How much do you trust Facebook to choose what news you read?”

  • 8.2 percent said “A lot” or “Entirely”
  • 20.4 percent said “Somewhat”
  • 20.0 percent said “Barely”
  • 51.5 percent said “Not at all”

The data shows almost three-quarters of respondents have little confidence in Facebook’s ability as a news gatekeeper, with a minority of respondents indicating high levels of trust.

Looking at the data by gender, male survey respondents were more likely to distrust Facebook than female survey respondents. While 73.4 percent of males said they “Barely” trust Facebook or trusted it “Not at all”, 69.7 percent of females said the same.

A larger percentage of males also said they trusted Facebook “A lot” or “Entirely”: 8.9 percent of males versus 7.4 percent of females.

Trust among age groups was fairly consistent. While 49.1 percent of respondents aged 18 to 34 answered “Not at all” with respect to level of trust, 56.9 percent of respondents aged 35 to 54 answered the same. Among respondents aged 55 and older, 51.5 percent answered “Not at all”.

Methodology

The Facebook Trust Survey was written by Panda Security and conducted using Google Surveys. The survey collected responses from 1,015 online users in the United States from January 25 to 27, 2018. Responses were matched down to a weighted sample (by age, gender, and geographic distribution) of 765 to produce the final results.

The following methodology description is provided by Google Surveys: Google Surveys shows questions across a network of premium online news, reference, and entertainment sites (where surveys are embedded directly in the content), as well as through a mobile app, Google Opinion Rewards. On the web, users answer questions in exchange for access to the content, an alternative to subscribing or upgrading. The user’s gender, age, and geographic location are inferred based on anonymous browsing history and IP address. On the mobile app, users answer questions in exchange for credits for books, music, and apps, and users answer demographic questions when first downloading the app. Using this data, Google Surveys can automatically build a representative sample of thousands of respondents. For more detailed information, see the whitepaper.

Download your Antivirus

The post Facebook Survey: More than 50% of users don’t trust news on the social network appeared first on Panda Security Mediacenter.

Read More

AV-Comparatives Awards Panda Security with Gold for 2017 Performance

Today, Wednesday February 7, the independent laboratory AV-Comparatives celebrated the annual Awards Ceremony for manufacturers of IT security solutions that have undergone their rigorous tests over the course of the year. In 2017, Panda Security achieved the highest level of protection in the Real-World Protection Test, leading to the accomplishment of taking home the gold for the Security Awards of the same year.

Real-World Protection Test, the most demanding assessment 

In 2017, the independent laboratory AV-Comparatives submitted 21 computer security products for Windows to a rigorous investigation. All programs were tested for their ability to protect against real-world threats, identify thousands of recent malicious programs, provide protection without slowing down the PC, and remove malware that has already infected a device.

“AV-Comparatives’ Real-World Protection Test is one of the most challenging antivirus software tests there is. It simulates a typical user browsing the Internet. [It] is unique in the fact that it runs fully automatically, meaning no other testing lab can test against the same huge number of threats. Logging, screen video recording and sandboxing are all completely automated,” according to Andreas Clementi, founder and CEO of AV-Comparatives.

In order to distinguish products that achieve outstanding scores in the tests, the laboratory holds an annual awards ceremony. Panda has been recognized, among other things, for its ease of installation and use, a value which is further cemented by the excellent results obtained in the last 12 months.

The acknowledgments Panda Security received  in 2017 are the following :

“Real World Protection 2017 Gold Award” and “Approved Security Product” for its Panda Free Antivirus solution focused for homeusers and  for Adaptive Defense 360, the advanced cybersecurity solution for companies, respectively.

Initially focused on the creation of antivirus software, the company has expanded its line of business towards advanced cybersecurity services with technologies for the prevention of cybercrime.

With protection solutions and systems management and control tools, Panda Security will direct its actions both in the corporate market for companies and for domestic users. Its products are available in more than 23 languages for its more than 30 million users in 190 countries around the world.

AV-Comparatives: industry leaders in independent cybersecurity testing

AV-Comparatives is an independent, highly reputable organization and an established testing authority. Their analyses are focused on checking whether security software, such as PC-based antivirus products and mobile security solutions, fulfill their promises to users. Being certified by AV-Comparatives is highly valued by the industry and by customers.

The post AV-Comparatives Awards Panda Security with Gold for 2017 Performance appeared first on Panda Security Mediacenter.

Read More

Panda Security Appoints Juan Santamaría as New Chief Executive Officer

The Board of Directors have appointed Juan Santamaría, who for the past year had been serving as General Manager, as the new CEO of Panda Security. With this commitment, Santamaría will boost the company’s global business and consolidate its presence in the market as leaders in the sector of cloud-based advanced cybersecurity solutions.

“It’s an exciting project to push the company further at a time when its technology positions itself once again as a leader in the sector, a project that I’m taking on with very much enthusiasm, respect, and full dedication.” Juan Santamaría.

He holds a bachelor’s degree in Economics and Business Studies from the Complutense University of Madrid and an Executive MBA from INESE. He also holds a Master’s Degree in Financial Management and Control from IE Business School and completed a Private Equity Venture Capital program at Harvard Business School.

Juan Santamaría

Santamaría has a solid track record in running technology companies, with expertise in investment management in the field of ICT. He is a member of the board of directors of several technology companies such as Altitude Software, BKOOL and Kiuwan, where he has collaborated as an executive director before taking up his current position. Previously he was CFO of Sopra Profit, consultant at Gartner and executive Director at Logtrust.

José Sancho, president of Panda Security, said in a statement: “the addition of Juan is evidence of a commitment to the evolution of the company at a global level. Becoming the axis of management for the success of our advanced cybersecurity solutions, he will shape Panda Security’s technological and commercial program that, already, is taking on a revolutionary momentum in the international market. ”

His successful career has opened the door to his new position at Panda Security at a time of exponential growth for the company. His goal will be to maintain the quality and level of strategic relationships achieved so far, without losing the focus on the technological development applied to its cybersecurity solutions.

Fernando García Checa, former CEO of Panda, said: “Juan has a strong knowledge of Panda, is deeply involved in the project, and has made great strides as General Manager in 2017, achieving some of the highest numbers the company has seen in many years”.

The post Panda Security Appoints Juan Santamaría as New Chief Executive Officer appeared first on Panda Security Mediacenter.

Read More

6 Things We Should Have Learned in 2017

This past year we bore witness to the sophistication of cyberattacks and their vertiginous growth. If we look at what happened in security in 2017, there are quite a few lessons that we should heed to, especially for businesses. These six lessons will help us to avoid making the same mistakes this year.

  1. Our response to incidents is as important as preventing them

One of the most important events of last year was the Uber incident. It came to light that Uber had concelead the fact that data corresponding to 57 million users had been pirated at the end of 2016. As the Uber CEO acknowledged, the criminals downloaded a database from servers used by Uber containing the personal information of users (name, email, and phone number) and data relating to 600,000 drivers in the United States. To prevent the attack from coming to light, the company paid the hackers $100,000.

The data theft at Equifax was the biggest hack of sensitive personal data in history. An organized group of cybercriminals took advantage of a security breach within their web application to steal information on 143 million customers, taking their social security numbers, postal addresses and even driving license numbers.

Whereas failure to notify users of the breach led to some legal entanglement for Uber (made worse by their payout to hackers), in the case of Equifax, their inconsistent statements about the vulnerability and their post-breach lack of commitment to consumers demonstrate a highly unprofessional approach.

To avoid situations like these, it is crucial for security updates to be a part of your business strategy — and notifying authorities, though unpleasant, should always be the first step to take after a breach. What happened at Uber can also teach us another lesson: sharing credentials via code is not such a great idea. This bad practice is what gave hackers access to the servers, having obtained the credentials thanks to the code that Uber developers published on Github.

  1. Attacks are not just a matter of malware

Not everything is ransomware (although, if you follow cybersecurity in the media, it may sometimes feel that way). With malwareless attacks, attackers assume the identity of the administrator after having obtained their network credentials using non-malicious tools on the company’s devices. Malwareless attacks are sure to be a trend in 2018, so we would do well to learn from these cases.

PandaLabs detected a case in which the attackers used Sticky Keys to sneak through the back door, accessing the computer without entering credentials. This remote access can then be monetized by generating online traffic that can be sold to third party websites or by auctioning access to the compromised machines. Another example is the use of Powershell for cryptocurrency mining.

To combat these attacks, advanced tools combined with Threat Hunting methods based on user behavior are essential. Monitoring the corporate network in real time and giving visibility to the activities in the teams, we can discover what legitimate tools are being violated and protect our companies.

  1. Secure passwords do not have to be hard to remember

Despite the suggestions of Bill Burr, which for years governed the policy of password creation in the online environment, a secure password should not be difficult to remember. This year we learned that even those that combine alphanumeric, uppercase and lowercase, and special characters can often be guessed by a computer. Given that human behavior is predictable, computer algorithms allow cybercriminals to detect weaknesses and patterns, and with them they manage to decipher our passwords.

In 2017, we witnessed a radical change in the recommendations of the National Institute of Standards and Technology (NIST) to create a secure password. Now we are encouraged to use compound sentences with random words that are easy for us to remember; that way, a bot or a computer can not crack the password by means of countless combinations. The password, then, can still be easily remembered by the user, but it will be difficult for a cybercriminal to decipher it.

  1. The malware tries to go unnoticed

Malware is growing exponentially. PandaLabs registered 15,107,232 different malware files that had never been seen before. Only a small part of ¡ total malware is truly widespread. That is, most malware changes every time it infects, so each copy has a very limited distribution and always tries to go unnoticed.

Having a limited life, the malware attacks the smallest possible number of devices to reduce the risk of being detected. In this sense, it is essential to choose an advanced cybersecurity platform to recognize and respond to attacks in real time.

  1. Be quick to implement patches

When it comes to patches, it’s never too early. The idea is to implement a method of action according to the characteristics of the architecture of our company (its systems, services and applications) in which we evaluate the implications of patching >(or failing to patch). Once this is taken into account, acting quickly is essential. Equifax, to give just one example, was first attacked in May 2017 because they hadn’t patched a vulnerability detected in March.

  1. Neglecting Shadow IT can be very expensive

The systems, solutions and devices used in a company, but which have never been explicitly recognized by the organization, are known as Shadow IT. This enemy in the shadows represents an overwhelming number of blind spots for the security of the company, since it is very difficult to protect something whose existence we aren’t even aware of. According to an EMC study, annual losses caused by Shadow IT reach up to 1.7 trillion dollars. Therefore, it is necessary to design affordable policies that cover the needs of workers, preventing them from resorting to unauthorized solutions. Prioritizing security awareness and evaluating why users turn to applications and tools not provided by the company could even help to improve workflows.

To start the year on the right foot, we can take 2017, internalize it, and move forward. External threats continue to grow, so our attention to basic tasks and lessons learned should do so in turn.

The post 6 Things We Should Have Learned in 2017 appeared first on Panda Security Mediacenter.

Read More