fusionblog

Join our Panda Cloud Fusion Webinar

Join us on the 26th of February at 11:30am or 5th of March at 8:45am for an in-depth look at Panda Cloud Fusion, the easy-to-use solution that protects, manages and supports all your systems and devices from a single centralised cloud platform. Reduce costs and improve your security with Panda.

New features include:

  • Mobile device management (iOS)
  • SNMP monitoring
  • Granular patch management scheduling
  • New remote installation with remote discovery

Below are the registration links for the event. Please click on the date that you would like to attend.

 

11_30am 26th Feb - Register         8_45am 5th March - Register

CTB-Locker

The Latest on Ransomware: CTB – Locker

Ransomware is malware that limits access to data on devices and demands a ransom be paid to the developer. Some forms of ransomware encrypt files on the systems hard drive, while some simply lock the system and display messages intended to persuade the user into paying.

In the past week there have been several cases of ransomware called CTB-Locker also known as Critroni Ransom. Generally spread via e-mail as an attachment; CTB-locker is released from time to time with the most recent cases occurring 18/19/20 January 2015.

CTB locker is run by a user. The application encrypts common file-types such as Excel and Word documents and images files such as Jpegs. The user then receives a display message stating that the data has been encrypted and that they need to pay a ransom.

It is not likely that the encrypted files are recoverable, in some cases users may be able to use Volume Shadow Copy, but essentially the most effective means of “recovery” is to back-up data/files on a regular basis and restore the most recent back-up.

CTB Locker doesn´t always remove the volume shadow copy (VSS), so depending on the affected operating system, if it is Windows Vista or higher, it is possible to retrieve a copy of the files affected by malware.

In this case, it is necessary to follow the steps below:

  1. Download and install the following software: http://www.shadowexplorer.com/downloads.html
  1. Once installed, browse to the location where the affected files are located
  1. Select a date prior to the infection.
  1. Select the affected file or folder, and choose the option “Export”.

(more…)

2015-PandaLabs-Forecast

2015 Malware Predictions from PandaLabs

PandaLabs have released their predictions for IT security in 2015, based on reports and attacks in 2014.

CryptoLocker

This type of malware was in the spotlight in 2014, and these types of attacks are set to increase in 2015.

CryptoLocker operates in straightforward fashion: Once it gets into a computer, it encrypts all types of documents that could be valuable to the user (spreadsheets, documents, databases) and blackmails the victim into paying a ransom to recover the files. This type of malware is also known as ransomware.

Payment is most often demanded in bitcoins, so that it cannot be traced by the police, making this type of attack ideal for cyber-criminals – as many users choose to pay in order to recover the “hijacked” information.

Targeted attacks

A small percentage of the millions of new malware strains that appear every month are specifically created to attack previously defined targets. These attacks, known as targeted attacks, are becoming more common and will be highly significant during 2015.

Many companies are unaware that they could be the targets of such attacks and therefore do not have appropriate measures for detecting or stopping them.

(more…)

Q3-Image

PandaLabs Q3 Results: Trojans exceed PUPs in the third quarter

The results for the third quarter show that malware continues to break records, averaging at 227 747 new samples created daily.

The last four months has seen large high profile organisations fall victim to cyber-attacks; companies such as JP Morgan Chase, Target, Home Depot and online services such as Dropbox and iCloud.

The most recent victim is Sony. The hack on the company led to upcoming films and workers’ personal data, such as social security numbers and salaries being leaked online. The malware used in the attack was undetectable by industry standard antivirus software and was damaging and unique enough to cause the FBI to release a flash alert to warn other international organisations of the critical threat.

Trojans continue to be the most common malware during Q3, accounting for 75% of infections, compared to 62.80% in the previous quarter. PUPs ranked second, representing 14.55%of infections, decreasing since Q2. Adware/spyware comprises 6.88% of infections, worms at 2.09% and viruses at 1.48% – down since the second quarter.

The global infection rate increased from 36.87% in Q2 to 37.93% in Q3. The results for each country shows that China is still at the top, reaching an infection rate of 49.83%. China is followed by Peru at 42.38% and Bolivia at 42.12%.

Europe remains the region with the lowest infection rate, with nine European countries ranking in the top ten most secure countries.

The full report is available here.

PCOP

Panda Cloud Office Protection 7.1: What you need to know

Panda Security, has announced the new features of version 7.1 of Panda Cloud Office Protection (PCOP), Panda’s cross-platform solution that offers the best cloud-based protection.

This version includes improvements aimed at meeting the requirements of medium and large enterprises. Version 7.1 incorporates various technological and functional innovations, with emphasis on providing the user with greater control and management.

The new features include:

  • Content filtering for the Exchange protection, which allows emails to be filtered by the extension of the attachment, neutralizing dangerous attachments or attachments with a multiple file extension. All content gets filtered before it arrives at the endpoint, endpoint performance is unaffected.
  • White-lists included in device control. This feature allows different exclusions to be applied to different groups of computers selected by profile. In addition, white-listed devices can be used without any restrictions, regardless of the settings.
  • Mobile device control. This option allows the user to block access to mobile devices and white-list devices.
  • New local console on the endpoint. This console provides PCOP administrators and partners with a tool to enable or disable the endpoint protection in a rapid and timely manner, making troubleshooting easy and painless.
  • Ability to upgrade to new versions from the PCOP Web console. Notifications will appear in the console to indicate that a new version is available. Administrators then decide to apply the latest version from the console.

For more information on PCOP click here.