Tag Archives: News

Fall Creators, the new Windows 10 upgrade

Fluent Design is finally arriving to Windows 10

Earlier this year, Microsoft unveiled its Fluent Design System, a new design language for the Windows 10 interface, announcing at the same time a number of changes to the company’s software in the future. This week, the Redmond company has finally rolled out the first phase of the new system, as part of the Windows 10 Fall Creators Update.

The launch has been accompanied by a video showcasing some of the new design changes to Windows 10, although it doesn’t reveal much information about any of the future additions. The video offers a sneak peek of various components and apps that have been redesigned with new visual effects that aim to give Windows 10 more texture, depth and visual responsiveness to inputs. The new Fluent Design will roll out gradually, starting with its own apps and elements like the Start menu, Action Center and notifications. Microsoft has stated that these are just the first steps of the project and that new features and capabilities will be introduced in the future.

Fluent Design System is designed to be the successor to Microsoft’s Metro design and will appear across apps and services on Windows, iOS and Android. Microsoft is focusing on light, depth, motion and scale, with animations that add a sense of fluidity during interactions, in contrast to the minimalistic, tile-based interface of the past. Besides incorporating the first phase of Fluent Design System, Windows 10 Fall Creators Update also introduces OneDrive Files On-Demand, a new feature that allows users to access their documents without having to download them. Microsoft Edge has also been improved, incorporating a new tool to manage Favorites and the ability to import settings from Chrome. Finally, the operating system includes a new GPU monitoring option in the Task Manager.

More new features yet to come

We’re expecting to see even more changes in the next Windows 10 update, which is currently in development under the codename Redstone 4. Microsoft has started testing the initial features for this version, which is scheduled for March 2018. The main addition so far is a new Cortana Collections feature, which will see and remember users’ browsing habits. As Microsoft finishes its functionality tests, new information will be unveiled about the new improvements, in addition to a new Timeline feature that will let users resume sessions and apps on Windows PCs, iOS and Android devices more easily.

This update does not affect the operation of the Windows 10-compatible antivirus solutions available on the market, including the entire Panda Antivirus product line. So, installing a professional antivirus tool is not only possible, but highly recommended. In this context, the latest version of Panda’s antivirus solutions has the added guarantee of having achieved one of the best detection rates in the latest edition of the AV-Comparatives professional antivirus comparative review.

The post Fall Creators, the new Windows 10 upgrade appeared first on Panda Security Mediacenter.

Read More

Cryptocurrency Mining Takes its Toll on AWS Servers

Bitcoin has skyrocketed over the last several years and has become the most coveted currency of today. Not belonging to any state or country, able to be used all over the world equally and immediately, and able to provide complete anonymity when doing business — these are some of its biggest draws. But like any other payment system, using Bitcoin carries with it a few processing fees. Specifically, it uses a great deal of energy used for mining, and requires high-powered hardware. This reality places companies, and their infrastructures, in the crosshairs of cybercriminals looking to make a profit with mining software, without the overhead costs of running servers themselves.

 A few days ago, hackers attacked thousands of computers around the world through an attack of ransomware, posing as the Amazon team. Now, they’ve turned their attention to the power of the cloud.  Companies that hire Amazon Web Services (AWS) and do not adequately protect their servers are especially at risk.

Amazon and the Cryptocurrency Business

Despite the many security services that companies can hire for their systems, studies reveal that 97% of the 1,000 largest companies in the world are affected by data breaches and ransomware. Today, thanks to the rise of cryptocurrency, there is a more profitable activity offered by hijacked corporate servers: mining Bitcoins.

The value of this virtual currency has already reached record highs, attracting more and more cybercriminals interested in making easy money. In recent months, threat reports analyzed by PandaLabs show a marked increase in malware installed via the Remote Desktop Protocol (RDP). We witness thousands of ransomware infection attempts every day, as well as attempts to hijack servers for bitcoin mining. These attempts have one thing in common: the access route being the RDP after obtaining credentials through a brute force attack. It’s the same story all over again, just with different characters. We’ve seen it with ransomware and RDP attacks, and now we’re seeing it with bitcoin mining in the business world.

When we think of cryptocurrency, we usually associate it with bitcoin, but there are plenty of others. Hundreds, in fact. Cybercriminals install miners for a whole array of coins, as we saw in a case we wrote about which involved mining software for Monero and took place before the WannaCry attacks.

This time, according to a report by RedLock Cloud Security Intelligence (CSI), Amazon Web Services servers were compromised by cybercriminals who were able to access the system. However, in an unusual development, hackers did not seek to steal data or block the servers, but rather sought to access the system’s power for bitcoin mining. According to the information disclosed by RedLock, Amazon was not the only company attacked, as Aviva and Gemalto, two multinationals, were also mentioned in the report as victims.

What to Do to Protect Your Server

This latest hack shows the importance of creating robust corporate passwords. They don’t even need to be hard to remember. And of course, do not pass up advanced cybersecurity solutions that monitor the organization’s systems in real time, detecting and stopping any suspicious behavior that could be harmful.

The post Cryptocurrency Mining Takes its Toll on AWS Servers appeared first on Panda Security Mediacenter.

Read More

OnePlus Secretly Collects Way More Data Than It Should — Here’s How to Disable It

oneplus-telemetry-data

There is terrible news for all OnePlus lovers.

Your OnePlus handset, running OxygenOS—the company’s custom version of the Android operating system, is collecting way more data on its users than it requires.

A recent blog post published today by security researcher Christopher Moore on his website detailed the data collection practice by the Shenzhen-based Chinese smartphone maker, revealing that OxygenOS built-in analytics is regularly sending users’ data to OnePlus’ servers.

Collecting basic device data is a usual practice that every software maker and device manufacturers do to identify, analyse and fix software issues and help improve the quality of their products, but OnePlus found collecting user identification information as well.

Moore simply started intercepting the network traffic to analyse what data his OnePlus device sends to its servers, and found that the data collected by the company included:

  • User’ phone number
  • MAC addresses
  • IMEI and IMSI code
  • Mobile network(s) names
  • Wireless network ESSID and BSSID
  • Device serial number
  • Timestamp when a user locks or unlocks the device
  • Timestamp when a user opens and closes an application on his phone
  • Timestamp when a user turns his phone screen on or off

It is clear that above information is enough to identify any OnePlus user.

“Wow, that is quite a bit of information about my device, even more of which can be tied directly back to me by OnePlus and other entities,” Moore said.

“It gets even worse. These event data contain timestamps of which activities were fired up in which in applications, again stamped with the phone’s serial number.”

Moreover, there’s no direct option available to disable this data collection behaviour.

This same issue was also publicly reported to OnePlus in July last year by another security researcher and software engineer, who goes by the online moniker “Tux,” but the problem got ignored by OnePlus as well as others.

Moore also reported this issue to OnePlus support, but the team did not provide any solution to address it, while OnePlus did not yet respond.

However, the good news is that Jakub Czekański, an Android developer, today introduced a permanent solution to disable this data collection practice even without rooting your smartphone.

You can directly connect your OnePlus device in USB debugging mode to a computer, open adb shell and enter this command — pm uninstall -k –user 0 net.oneplus.odm — in order to get rid of OnePlus’ excess data collecting practice.

Powered by WPeMatico

All Yahoo Accounts Compromised in the 2013 Yahoo Data Breach

Recently Oath, owner of Yahoo, and a subsidiary of Verizon revealed that the biggest known cyber data breach ever recorded in the history of humankind was larger than Yahoo initially announced. As you may remember back in 2013 Yahoo suffered a cyber-attack – approximately one billion accounts were affected. Even though that it took Yahoo more than two full years to release the information about the data breach to the public, further investigation by the current owners confirmed that the incident was on a much larger scale. A few days ago, the current owners of Yahoo distributed a notice stating that every single Yahoo account might have been compromised during this very same attack. The total amount of user accounts that Yahoo had at the time was around the three billion mark.

The news is a significant blowback for Verizon as they might have been able to negotiate a better deal when acquiring Yahoo should they knew that the cyber-attack had affected every customer, instead of the initially announced one-third of the accounts. In the notice released earlier today, Chandra McMahon, Chief Information Security Officer at Verizon said;

Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats. Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”

The good news is that this is not a new security issue, Yahoo and Verizon claim that they have done everything possible to secure the accounts of its current users.

Yahoo is currently sending email notifications to the additional affected user accounts. The forensic experts hired by Verizon highlighted the fact that the compromised data is not known to contain passwords in clear texts, nor any banking information such as credit card numbers and bank account details. However, the investigation is still considered as an ongoing matter.

If you are worried that you may be amongst the affected ones, and you hadn’t taken any precautions when the breach was initially reported, check out our top 5 things you should do immediately.

The post All Yahoo Accounts Compromised in the 2013 Yahoo Data Breach appeared first on Panda Security Mediacenter.

Read More

Passwords For 540,000 Car Tracking Devices Leaked Online

Passwords For 500,000 Car Tracking Devices Leaked Online

Another day, another news about a data breach, though this is something disconcerting.

Login credentials of more than half a million records belonging to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal data and vehicle details of drivers and businesses using its service.

Just two days ago, Viacom was found exposing the keys to its kingdom on an unsecured Amazon S3 server, and this data breach is yet another example of storing sensitive data on a misconfigured cloud server.

The Kromtech Security Center was first to discover a wide-open, public-facing misconfigured Amazon Web Server (AWS) S3 cloud storage bucket containing a cache belonging to SVR that was left publicly accessible for an unknown period.

Stands for Stolen Vehicle Records, the SVR Tracking service allows its customers to track their vehicles in real time by attaching a physical tracking device to vehicles in a discreet location, so their customers can monitor and recover them in case their vehicles are stolen.

The leaked cache contained details of roughly 540,000 SVR accounts, including email addresses and passwords, as well as users’ vehicle data, like VIN (vehicle identification number), IMEI numbers of GPS devices.

Since the leaked passwords were stored using SHA-1, a 20-years-old weak cryptographic hash function that was designed by the US National Security Agency (NSA), which can be cracked with ease.

The leaked database also exposed 339 logs that contained photographs and data about vehicle status and maintenance records, along with a document with information on the 427 dealerships that use SVR’s tracking services.

Interestingly, the exposed database also contained information where exactly in the car the physical tracking unit was hidden.

According to Kromtech, the total number of devices exposed “could be much larger given the fact that many of the resellers or clients had large numbers of devices for tracking.”

Since SVR’s car tracking device monitors a vehicle everywhere for the past 120 days, anyone with access to SVR users’ login credentials could both track a vehicle in real time and create a detailed log of every location the vehicle has visited using any internet connected device like a desktop, laptop, mobile phone or tablet.

Eventually, the attacker could outright steal the vehicle or even rob a home when they know a car’s owner is out.

Kromtech responsible alerted the company of the misconfigured AWS S3 cloud storage bucket, which has since been secured. However, It is unclear whether the publically accessible data was possibly accessed by hackers or not.

Powered by WPeMatico

US Bans the Use of Kaspersky Software in Federal Agencies

We are living through one of the most precarious moments in international relations of the last several years. Threats of commercial warfare, espionage, and sanctions are constantly threatening to polarize two major world powers — the United States and Russia — and embroil them in perpetual conflict.

This can no doubt have huge — and serious — consequences in the field of cybersecurity. We’ve already discussed this in our PandaLabs Predictions Report for 2017 when we singled out the growing ambition of governments to gather enormous quantities of data that could be valuable to their national interests. And the first of these cyber consequences has already had its effect.

After years of suspicion and months of investigations, on Wednesday the US government issued a ban on the use of Kaspersky cybersecurity software by federal agencies. The ban cites concerns stemming from Kaspersky’s potentially playing a role in cyberespionage activities sponsored by the Russian state.

The US Department of Homeland Security said in a statement that they are “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies.” The statement continues, asserting that “the risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

“We’ve determined that [Kaspersky software] poses an unacceptable amount of risk based on our assessment,” said Christopher Krebs, a senior DHS official the National Protection and Programs Directorate.

Kaspersky denied the allegations, stating, “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent.” For now, the DHS is giving Kaspersky 90 days to prove that its products do not pose a security risk.

The Kremlin’s Backdoor

The US is clearly concerned about attacks targeting American institutions. Samuel Liles, Acting Director of the Cyber Division at the Department of Homeland Security (DHS), testified before the Senate Intelligence Committee that Russian government-backed hacking attacks targeted systems related to the presidential elections in more than twenty-one states.

The Congressional Intelligence Committee held a hearing to discuss the impact of Russia’s hacking of the 2016 presidential elections. It was there that Jeh Johnson, former DHS Secretary under the Obama administration, reiterated that Russian President Vladimir Putin had ordered the attack with the intention of influencing the outcome of the US presidential elections. He also asserted that they had failed to manipulate votes in these attacks.

During the Gartner Security & Risk Management Summit held in Washington in June, former CIA director John Brennan said the alleged alliance between the Russian government and cybercriminals to carry out Yahoo’s theft of accounts is only the tip of the iceberg, and that future cyberattacks by governments will follow this type of formula and become more frequent.

In the same summit, he confirmed that Russian intelligence services are not, strictly speaking, limited by any sort of laws, while US agencies are.

A global situation of this kind could hamper data sharing initiatives. And apparently, in light of recent statements made by the GSA suggesting that “a vulnerability exists with Kaspersky that could give the Kremlin backdoor access to the systems the company protects”, our predictions weren’t far off the mark.

And this is just the beginning. Last June, the Russian Minister of Communications, Nicolai Nikiforov, didn’t rule out the possibility of retaliating if the threat against Kaspersky were to persist.

The post US Bans the Use of Kaspersky Software in Federal Agencies appeared first on Panda Security Mediacenter.

Read More

Why is Online Voting Not a Good Idea?

pandasecurity-MC-online-voting

Online voting could introduce great risk into the election system by threatening voters

It’s the 21st century, and we are living in the future as technology is advancing at a rapid speed. It has never been easier to shop online and to do online banking. It is possible money will even cease to exist as blockchain digital currencies such as Bitcoin and Monero are gaining more and more popularity. At least here in the US, we rarely hold paper money with us anymore – all we see is a number on our internet banking profiles. And in the rare cases where you get a check, you no longer have to wait to deposit it at a bank, you skip the lines by using your banking app to deposit it from your phone.

Our lives are already online, should technology advancement keeps its steady growth, by the end of the century there will be mass production of driverless cars, and we will become interplanetary species. Scary and exciting at the same time as trips to Mars might be possible in our lifetimes.

Every process imaginable is getting improved thanks to technology. There is an app for everything except one – the voting system. When it comes to Presidential elections, what we still do is voting using physical ballots. Sounds archaic, doesn’t it? Our research shows that this is not going to change anytime soon. Here’s why;

Voter Fraud

In an ideal world, individuals eligible to participate in the elections will be assigned with login details that they will be able to use for casting votes. However, we all know people who sometimes are negligent towards the level of security of their login details. Individuals who are not tech savvy may end up swindled into sharing precious information with the wrong people. Or even worse, those login details may end up for sale online.

Another fraud related problem would arise from the fact that people’s addressed and information will have to be stored on third party servers to be used as a tool to verify their identities. Having so much sensitive information in one place might turn out to be a disaster should such database get pampered with. Regular folks might be stopped from the ability to cast a vote due to incorrect address adjustments, and bots might be added to the databases creating armies of fake voters.

Security

The inability of current technology to ultimately protect the elections from outside interference is one of the main reasons why online voting is not possible at the moment. Or at least it is not a good idea for a country the size of US. A possible cyber-attack could do so much damage that it may end up changing the future of the world, or render the elections’ results unusable.

One of the most prominent skills knowledgeable hackers have is to cover their digital traces after an attack; a successful hack may not only alter the elections but also may make us unaware that the breach ever happened. The possibility of such outcomes makes ordinary people, as well as experts, unable to trust online voting.

Privacy

Last but not least, elections are supposed to offer anonymity. Paper ballots do not leave a record of the person casting a vote. Online voting might not be able to protect people’s privacy as third parties involved in the elections might be able to see how certain people vote through the digital tracks left in the system. This raises a whole lot of ethical question and kills the entire idea of the elections.

In the free world, everyone willing to cast a vote deserves the right to remain anonymous and execute their right of voicing an opinion without any repercussions. Online banking or shopping transactions are based on your identity, where companies can confirm you are the one behind the screen. With online voting, this would not be a problem too, but the outcome needs to remain anonymous as you do not want people to be able to see who you voted for.

There have been speculations that the solution might be hidden in Ethereum’s smart contracts. The blockchain-based computing platform features smart contract capabilities that might hold the key to anonymous yet secure online voting. However, it is more likely for us to populate Mars before we develop an online voting solution smart enough to process 220 million votes in a night correctly.

The post Why is Online Voting Not a Good Idea? appeared first on Panda Security Mediacenter.

Read More

Equifax hit with a data breach possibly affecting half of the US population

pandasecurity tips equifax data breach

This Thursday Equifax, one of the three major credit bureaus in the US, announced that cyber security incident involving consumer information of nearly half of the population in the US had been spotted on July 29th, 2017. In the press release published yesterday, they stated that based on their internal investigation the data breach began taking place in mid-May, 2017 until it was intercepted on July 29th, 2017. They confirmed the personal information of more than 142 million people had been compromised. The stolen information includes personal information of Equifax consumers such as; full names, SSN, DOB, address, credit card numbers and driver’s license details. The breach includes sensitive personal data of UK and Canadian residents too.

The provider of consumer credit scores confirmed that even though the interference has been terminated, there is still an ongoing investigation about the damages as well as the reason for the data breach. It is not a secret that apart from being a credit bureau Equifax has also been marketing themselves as a “leading provider of data breach services, serving more than 500 organizations with security breach events every day.

This is a disappointing event for our company and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said in an official statement Chairman and Chief Executive Officer, Richard F. Smith.

The Atlanta-based credit bureau created an emergency website that is supposed to be able to provide users with information if their details have been amongst the exposed ones. According to Equifax, all you have to do is fill in your last name as well as the last six digits of your SSN. Sadly, the website does not provide any information if your details have been compromised. Understandingly, the site sparked a wave of negative public reactions because the created website does not provide you with information if you’ve been amongst the victims, but simply adds you to a queue for a free identity theft service subscription that you may be able to get in about 7-10 days.

Things do not look well for Equifax senior team as Bloomberg reported three Equifax execs had sold nearly $2 million in shares in the Atlanta-based credit bureau few days after the breach was discovered. Did they know about the breach when they sold the shares? It is unclear, so we will leave this to the U.S. Securities and Exchange Commission for civil cases and the U.S. Department of Justice for criminal cases to decide.

The percentage of having your details exposed in this data breach is high, so there are a few things you should do immediately;

  • Monitor your bank statements.

    Check your credit card bank statements at least once a week for fraudulent transactions. It only takes a minute to have a quick look.

  • Avoid spoofing websites

    Multiple sites are conveniently offering to check if your details have been part of the breach. Do not use them, only go through sites that are approved by Equifax, i.e., https://www.equifaxsecurity2017.com/

  • Install antivirus software

    Having antivirus software installed on all your devices will add another layer of security to your personal information. Not having antivirus software in such times is utterly irresponsible.

  • Change passwords

    Changing your password needs to happen at least once every three months. The information from this breach combined with the information from other breaches might be exactly what hackers needed to strike.

  • Check your credit reports

    Be vigilant and install an application such as Credit Karma on your phone. Make a habit of checking your credit reports at least once a week and be sure to report fraudulent accounts immediately.

As you can see, no one is fully protected against cyber theft. Experian was a victim back in 2015, Yahoo, LinkedIn, and eBay has had data breaches too. We advise you to be vigilant and to monitor your banking and credit accounts. Never be afraid to report fraudulent account activity!

The post Equifax hit with a data breach possibly affecting half of the US population appeared first on Panda Security Mediacenter.

Read More