CyberSafety.co.za

Panda Security announced a new beta of its popular cloud-based consumer antivirus service Panda Cloud Antivirus, version 1.9.2. The beta, which will be the last version before the final release of Panda Cloud Antivirus 2.0, is fully compatible with Windows 8 and incorporates a new smart community-based firewall. 

Panda Cloud Antivirus 1.9.2 fixes several bugs found in version 1.9.1 released in August 2011. It also incorporates a new, improved firewall with an intrusion detection system (IDS) and better rule configuration settings. Finally, the new version offers better malware detection and disinfection capabilities, lower impact on system performance and includes Google Toolbar.

“This beta version is the final step before the long-awaited 2.0 version of our free, cloud-based solution,” explained Jeremy Matthews, Country Manager of Panda Security Sub-Saharan Africa. “It includes all the improvements suggested by our user community in order to minimize intrusiveness and provide maximum protection with the least impact on PC performance. Panda Cloud Antivirus has always stood out as being one of the lightest solutions on the market, and we continue to provide it with a lighter footprint in each new version”.

“Making Panda Cloud Antivirus and our 2012 consumer solutions compatible with Windows 8 Release Preview was important to ensure that users of Microsoft’s new operating system benefit from the best protection against malware,” Bustamante said.

For more information and to download the free beta, please visit: http://blog.cloudantivirus.com/2012/06/04/panda-cloud-antivirus-beta-1-9-2/

While South Africans are obsessed with physical safety, the hacking of LinkedIn has shown how oblivious we are to cyber crime, writes Thalia Randall.

Wednesday saw a major victory for the online hacking community: six million encrypted passwords were successfully “stolen” from LinkedIn and published on a Russian website, along with an open invitation for hackers to decrypt the data.

The experience left many of South Africa’s 1.6 million LinkedIn users scurrying for virtual “cover”, as they changed their passwords to pre-empt a personal security breach.

According to Panda Security country manager Jeremy Matthews, it also highlighted something about South African internet users: a naive “carelessness” about our security measures online.

“As South Africans, we’re very conscious of physical security and traditional crime. But [what we don’t realise] is that there is as much danger in the the online world as there is in the physical one,” he said.

National oblivion, he stated, happens because South Africans are not “conscious” of our “shift from the physical to the digital”.

This leads to a naivete that makes us more vulnerable to virtual attack, he said.

The weakest link

And public vulnerability is a hacker’s biggest opportunity.

Illustrative of this is the second wave of online-intruder-opportunism that saw hundreds complaining on Twitter on Thursday. Fake emails bearing the LinkedIn logo invited users to enter their new password after clicking on a link.

Unaware that LinkedIn’s Vicente Silveira has indicated that “there will not be any links” in the authentic directive email from the company, many users unwittingly provided their new passwords to further would-be invaders.

But according to Matthews, the problems stemming from this “would not have been so bad if people had better passwords”.

“People need to learn the necessity of password management. Digital security is part technology, part management,” he said.

Robert Fall, a web application developer in Cape Town, explained the knock-on effect of poor password management.

“If someone has used the same password on another account, the intruder would now be able to gain access to both,” he said.

“People may say ‘if someone gets access to this silly little blog, I don’t really care’. But what they don’t realise is that if someone accesses that blog, then they know your email address, and then they could re-set the password to your internet banking,” added one of Fall’s colleagues.

“Basically everything you have online is linked to your email address. Once hackers have access to that, your entire online personality is at risk.”

How to up our virtual ante

According to Fall, one way to avoid becoming an easy target is to use a “strong” password.

Strong passwords contain a combination of letters and digits, and are not related to anything personal about the user.

“If you posted the name of your dog on facebook, and also put it as a password question on gmail, you are at risk,” he said, explaining how easy it is to unwittingly link a password with personal details that are publicly available.

Another way, he said, is to have separate passwords for each account – thus limiting the damage to only one account if a hacker ever did invade.

For Matthews, the public must realise that “just because you have an anti-virus or a firewall installed, it doesn’t mean you are safe.

What we need is human firewalls!” he said. Part of Matthews’ suggested “human fire-walling” is making sure that users do not share passwords or discuss sensitive information within earshot of others.

In spite of his belief that people are far more aware of security risks today than they were a year ago, Matthews said “we [still] need to up our game, both at a corporate level and a personal level.”

“As a South African, I might have electric fencing and security beams – and that’s all well and good – but I still need to be careful who I answer the door to,” he said.

How to reset your LinkedIn password. Click here

Check if you LinkedIn account has been hacked. Click here

(Source: Mail & Gaurdian)

Below is the link to the article “The era of cyber warfare” which was featured in the iWeek magazine on the 18 April 2012. Panda Security ZA Country Manager, Jeremy Matthews gave his thoughts on cyber warfare and what companies should do to avoid security holes.

http://www.iweek.co.za/special-report/the-era-of-cyber-warfare

-       The new corporate solution protects Mac computers and servers

-       In 2010, 308 vulnerabilities were discovered in Mac OS X, 67% of these were classified highly critical

Global IT vendor Panda Security has announced the launch of Panda Antivirus for Mac Corporate Edition. The new solution, for Mac desktops, laptops and servers, delivers complete protection against all types of malware able to affect Mac OS, Mac OS X, Windows and Linux, protecting users not just against threats designed specifically to target the Apple platform, but also preventing Mac users from transmitting malware for other operating systems.

“Many companies, universities and other organizations now operate with a diverse network topology including Mac servers and workstations operating alongside Windows systems” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “In these environments it is very important not just to protect against specific threats that target Apple platforms, but also against those Windows threats that can be transmitted via Mac and infect all systems.”

Panda Antivirus for Mac protects against all types of threats in near real-time. It can also scan Apple iPhone, iPad and iPod, thereby ensuring that if any of these devices is carrying malware, they won’t infect other similar devices or the Mac computer or server.

It is also designed specifically not to impact performance, as it operates silently taking advantage of available resources or low workloads.

The antivirus scans folders, files and email, detecting and eliminating or blocking all types of threats initially designed for Windows, but which also affect Mac. These threats include Trojans, spyware, keyloggers, adware, hacking tools, botnets, dialers, scareware and other Macro viruses.

2010: A turning point for Mac security

In 2009 some 34 vulnerabilities were detected in Mac OS. This figure rose to 308 in 2010, with 67% of these vulnerabilities classified as highly critical, indicating that any attacker could take remote control of unpatched systems, among other actions.

“2010 has been an intense year for threats” says Luis Corrons, technical director of Panda. “We have collected over 20 million new examples of malware, and the figure continues to rise. Every day our laboratory receives some 63,000 new threats. Regarding Mac, we’ve seen an increase in the number of threats designed specifically for this platform, although there are many more that can affect corporate Mac users: all Office macro viruses, for example. And there are other types of threats which all Mac users are exposed to, such as phishing, or vulnerabilities in popular programs including browsers, PDF readers, etc.”

Price and availability

The solution is available from February 2011 for R208* per license for workstations, servers and the administration console (12 months with full services, for license ranges between 100 and 199 seats).

For more information go to: http://www.pandasecurity.com/enterprise/solutions/mac-corporate-edition

*Price at rate of exchange

 About Panda Security

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the World. Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyze and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance. Panda Security has 61 offices throughout the globe with US headquarters in Florida and European headquarters in Spain. In 2006, Jeremy Matthews founded Panda’s local subsidiary in Cape Town, opening the international vendor’s first presence on the African continent.

 For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

-       According to data gathered by the free online antivirus Panda ActiveScan, 50% of scanned computers were infected with malware, mostly Trojans

According to Global IT vendor Panda Security, 50% of all computers scanned around the globe in January were infected with some kind of malware. This data was gathered from Panda’s free online antivirus  Panda ActiveScan. As for the most damaging malware threat, Trojans caused the most incidents (59% of all cases), followed by traditional viruses (12%) and worms (9%).

The list of most prevalent malware threats is topped by generic Trojans, followed by down-loaders, exploits and adware. It is also worth mentioning the presence of Lineage, an old Trojan that continues to spread and infect systems.

Thailand, China, Taiwan, Russia and Turkey occupy the top positions in the ranking of countries with the largest number of infections (over 50% of scanned computers infected with malware), while other traditional ‘malware paradises’ like Brazil or Poland have slipped down the list this month.

“We don’t see many significant changes regarding the number of worldwide infections from month to month”, says Luis Corrons, Technical Director of PandaLabs. “This just reflects the reality of the current situation: Every day we receive some 61,000 new malware samples at our laboratory, and unless you have a solution like Panda Cloud Antivirus whose latest protection technologies provide near real-time protection, it takes too long for traditional solutions to incorporate new malware signatures. This lapse in time leaves users unprotected against new threats”.

“While South Africa doesn’t occupy the top positions with regards to infections, we are seeing a steady increase in the amount of malware aimed at African users”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. “This malware usually takes the form of money related scams, targeted at new or inexperienced internet users”, he concludes.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/

Follow Panda South Africa on Twitter @PandaSecurityZA and Facebook

-      Numerous Twitter accounts have been created to spread malicious code through festive messages

-      Every year threats are spread via email and social media using Christmas-themed messages

According to Panda Security, cyber-criminals are exploiting Twitter to spread malware in festive-themed messages. Using methods akin to Black Hat SEO techniques, hackers are taking advantage of trending topics to position malware distribution campaigns. Topics such as “Advent calendar”, “Hanukkah” or even “Grinch”, are among the most popular subjects used by hackers to entice users.

Thousands of tweets have been launched using festive-themed phrases, such as “Nobody cares about Hanukkah” or “Shocking video of the Grinch”, along with short URLs pointing to malicious websites.

Users that click the link will be taken to a page that infects systems with false codecs by exploiting a security hole in PDF files and tries to trick users into downloading a codec that is really a downloader Trojan, which in turn downloads more malware onto the compromised computer.

In addition to subjects related to Christmas, cyber-criminals are using other hot topics to spread their creations, including the Sundance festival, the AIDS campaign and the Carling Cup.

According to Jeremy Matthews, head of Panda’s sub-Saharan operations, “Social networks like Facebook and Twitter are becoming increasingly popular with hackers because of their ever-increasing number of users, and the ease at which they (the hackers) can post malicious links. That’s why the number of clicks, and therefore infections, tends to be very high.”

Keep your computer safe this Christmas

With the increased risk over the Christmas period, Panda offers users a series of practical security tips for using social media:

1) Don’t click suspicious links from non-trusted sources. This should apply to messages received through Twitter, through other social networks and even via email.

2) If you click on the links, check the target page. If you don’t recognize it, close your browser.

3) Even if you don’t see anything strange in the target page, but you are asked to download something, don’t accept.

4) If you do download or install an executable file and the PC starts to launch messages or behaves strangely, there is probably malware on your computer. In this case, you should check your computer with a free online scanner such as ActiveScan, available at: www.activescan.com

5) As a general rule, make sure your computer is well protected to ensure that you are not exposed to the risk of infection from any malicious code. You can protect yourself with the new, free Panda Cloud Antivirus solution (www.cloudantivirus.com).

“It is important to remember that hackers will take advantage of any big holiday or event, which is why it is important to remain extra vigilant during these times”, concludes Matthews.

For more information about Panda, visit http://www.pandasecurity.com/.

-       Between January and October this year, hackers have created 20 million new variants, the same amount as in the whole of 2009

-       The average number of threats received every day by PandaLabs has risen from 55,000 to 63,000

According to Panda Security in the first ten months of the year the number of threats created and distributed account for one third of all viruses that exist. These means that 34% of all malware ever created has appeared in the last ten months. The company’s Collective Intelligence database, which automatically detects, analyzes and classifies 99.4% of the threats received, now has 134 million separate files, 60 million of which are malware (viruses, worms, Trojans and other threats).

In the year up to October, some 20 million new strains of malware have been created (including new threats and variants of existing families), the same amount as in the whole of 2009. The average number of new threats created every day has risen from 55,000 to 63,000.

“This would all suggest that the cyber-crime market is currently in good health”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. “Also, this figure may reflect the increasing number of cyber-crooks with limited technical knowledge who are turning their hand to these activities.”

This also means that although more malicious software is created, its lifespan is shorter: 54% of malware samples are active for just 24 hours, as opposed to the lifespan of several months enjoyed by the threats of previous years. They now infect just a few systems and then disappear. As antivirus solutions become able to detect new malware, hackers modify them or create new ones so as to evade detection. This is why it is so important to have protection technologies such as Collective Intelligence, which can rapidly neutralize new malware and reduce the risk window to which users are exposed during these first 24 hours.

Despite these dramatic numbers, the speed with which the number of new threats is growing has dropped since 2009. Since 2003, “new threats have increased at a rate of 100% or more. Yet so far in 2010 the rate of growth is around 50%”, explains Luis Corrons, Technical Director of PandaLabs.

“This doesn’t mean that there are fewer threats or that the cyber-crime market is shrinking. Quite the opposite; it continues to expand, and by the end of 2010 we will have logged more new threats in Collective Intelligence than in 2009. Yet it seems as though hackers are applying economies of scale, reusing old malicious code or prioritizing the distribution of existing threats over the creation new ones”, adds Corrons.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/

Follow us on:

http://www.facebook.com/PandaSecurity

http://www.youtube.com/PandaSecurity1

http://www.twitter.com/PandaSecurityZA

-       11.6% of all computer threats gathered over the last 21 years belong to this category

-       34,8% of all computers worldwide are infected

Panda Security has warned of the recent proliferation of fake antiviruses (also known as ’rogueware’), as 40% of all fake antiviruses ever created have been created this year. That is, ever since this type of malicious code was first reported four years ago, 5,651,786 unique rogueware strains have been detected, out of which 2,285,629 have appeared from January to October 2010. 

If the number of rogueware specimens is compared to the total number of malware strains included in Panda’s Collective Intelligence database, 11.6% of all samples correspond to fake antiviruses. “This is a staggering figure, especially if you consider that this database contains all malware detected in the company’s 21 year-history and rogueware only appeared four years ago”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. 

Rogueware’s sophistication, realism and social engineering techniques are the basis of its success, as shown by the fact that more and more users are falling victim to this scam. So far this year, 46.8% of all computers worldwide have become infected with some sort of malware, and 5.40% have been affected by rogueware.

While there are many different types of rogueware, the top fake antiviruses are created to generate a profit.

Every new victim of a fake antivirus scam allows hackers to make money by selling antivirus licenses that users will actually never get, stealing credit card data they can sell on the black market and use to make online purchases, etc.

According to a study conducted by Panda, rogueware authors make over $34 million a month (approximately $415 million a year).

How fake antiviruses work

Even though the fraudulent business of rogueware was first reported in 2006, it was not until 2008 that this type of malicious code actually started to proliferate. Users can become infected simply by browsing the Web, downloading codecs for media players, clicking links in emails, etc

Once they have infected a system, these applications try to pass themselves off as antivirus solutions that detect hundreds of threats on the victim’s computer. When the user goes to remove the threats, they are asked to buy the ‘full’ product license, and very often they take the bait and end up doing so. However, once they buy the license, they will never hear from the ‘seller’ again and still have the false antivirus on their computer.

“The best way to protect yourself against fake antiviruses is to have a good real one, like Panda, stalled. Always initiate all program and software installations yourself, and don’t trust pop up programs that make excessive claims”, concludes Matthews.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow us on Facebook and Twitter @PandaSecurityZA

• Apple’s popular service has become a target for hackers looking for confidential bank data
• The email is a fake iTunes receipt corresponding to a purchase the user hasn’t made.

According to Panda Security, Apple’s popular iTunes platform has become the target of hackers looking to reach millions of potential victims -who every day enter their credit card details in this device- in order to steal this data and infect them.

Victims of this malware attack receive a cleverly crafted email informing them that they have made an expensive purchase using their iTunes device. The user, who has not made this purchase using the platform, is concerned by the email and rapidly tries to resolve the problem by clicking on a link in the email.

After clicking the link the user is asked to download a PDF reader, which is a fake. Once installed, this program redirects the user to infected Web pages (mostly Russian) containing banker Trojans among other malware which steal the user’s personal details. 

“Phishing is nothing new”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. “What never ceases to surprise us is that the techniques used to trick victims continue to be so simple, although the design and content is often very well worked. It’s often difficult not to fall in the trap.”

Panda suggests that in order to avoid becoming a victim of this new attack, users should not enter platforms such as iTunes through email notifications. Rather, enter the website from the platform itself. This way, users can also check their account status in real time from the account itself, and thus recognize an attempt at phishing.

This technique has been reported to the Anti-Phishing Working Group, who has started to block some of the Web addresses linked to in the fake email. 

“We advise all users to be wary of any emails of this type, now matter how genuine they might seem”, concludes Matthews.

If you think you may have been affected, Panda advises you scan your computer thoroughly to locate any possible active threats. If you do not have an antivirus installed, you can use the free Panda Cloud Antivirus, available from www.cloudantivirus.com.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda Security South Africa @PandaSecurityZA

Join our Facebook Group

-       As many as 1,000 infections every 10 seconds was recorded

-       The attack is fully patched and is no longer exploitable

Global IT vendor Panda Security witnessed yesterday (21 September) the first massive infection of the popular social media site, Twitter. The source of the attack appears to be an account created in Twitter, called Rainbow, the name which has now been given to the worm: Image available at: http://www.flickr.com/photos/panda_security/5011843008/

This infection was caused by a weak spot in Twitter that lead to various unexpected occurrences when users on www.twitter.com ‘moused’ over the malicious tweet. Some of the effects included the automatic distribution of the malicious tweet to user’s followers and the appearance of strange messages, with giant letters reading ‘Hello’, as well as blacked out tweets. Users visiting their profiles were also redirected to other web addresses.

The vulnerability allowed javascript to be run, opening a host of possibilities to users with malicious intentions. The first injections of javascript appeared to be pranks. However, they have evolved, and it would seem that some users have been exploiting the vulnerability for other, more malicious ends.

“The scary thing is that the URL used in the attack could be used to exploit other vulnerabilities in users’ computers”, explains Jeremy Matthews, head of Panda’s sub-Saharan operations. “If, in addition to re-tweeting the code, a criminal was to embed the URL with drive-by-download techniques, we would be looking at millions of potential victims. However, this is unlikely as Twitter will presumably fix the security hole before this happens.”

Twitter clients that didn’t run javascript, such as TweetDeck, were unaffected and were therefore able to continue using the social network without risks. According to Panda, the Twitter site may now be used directly, as the vulnerability has been patched.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.