" cyber-crime "

q1 headline image - blog

The Rise and Rise of the Cyber Economy – PandaLabs Q1 2017 Report

Developments in Cyber-crime, Cyberwarfare and AI mark the first quarter of 2017, as indicated by PandaLabs Q1 Report. The Report by Panda Security’s malware resource facility identifies prominent tactics, attack methods and shifts in the industry.

(more…)

IMG-MC-wysiwye

A User-Friendly Interface for Cyber-criminals

Installing malware through Remote Desktop Protocol is a popular attack method used by many cyber-criminals. over the past few months Panda Security’s research facility PandaLabs, has analysed several attacks of this nature.

Once credentials are obtained through brute a force attack on the RDP, the cyber-criminals gain access to the company. Attackers simply execute the corresponding malware automatically to start the encryption.
(more…)

password

Hackers Spark Revival of Sticky Keys Attacks

Hackers are constantly trying to find new ways to bypass cyber-security efforts, sometimes turning to older, almost forgotten methods to gain access to valuable data. Researchers at PandaLabs, Panda Security’s anti-malware research facility, recently detected a targeted attack which did not use malware, but rather used scripts and other tools associated with the operating system itself in order to bypass scanners.
(more…)

Pandalabs-summer16

Cyber Security Predictions for 2017

Analysis

2016 kicked off with more than 20 million new samples of malware detected and neutralised by PandaLabs – an average of 227,000 per day. This figure is slightly higher than that of 2015, which saw around 225,000 per day.

Throughout 2016, we’ve seen how the number of new malware has been slightly lower than in 2015 — about 200,000 new samples of malware per day on average — however attacks have become more effective.
(more…)

pandasecurity-punkeyPOS-principal1

“PunkeyPOS” – Latest Malware to target POS terminals

Panda Security’s anti-malware laboratory, PandaLabs has been investigating current and new threats of Malware across the world, and has uncovered a new piece of Malware that is targeting POS terminals – “PunkeyPOS”.

(more…)

The Apple logo hangs inside the glass entrance to the Apple Store on 5th Avenue in New York City,

Apple’s OS X Gatekeeper – Marketing or Reality

For decades now people have believed their Apple devices to be safe from hacker intrusion, they were seemingly unbreakable, but in late 2015 uncertainty set in when a security expert revealed that he had found a way to bypass Apple’s security. The same expert is now suggesting that not much has changed since then with regards to Apple’s security.

The original hole was discovered by using binary code of applications that had already been verified by Apple’s developers to pass through Gatekeeper. Because Gatekeeper was developed to ensure that all applications a user downloads are checked against the application’s Developer ID, if that ID is present that application will be allowed to run. Experts have proved that this is where the problem lies as malware can easily be hidden within Apple-trusted files and then activated once the application has been installed.

Shortly after these gaps in Apple’s security features were exposed Apple released patches to prevent further breaches. However according to experts in the field it appears that the same vulnerabilities remain and can be just as easily exploited today, in the same fashion, as they were back in September. The reason being is Apple has merely blocked the files that were reported but has not made changes to Gatekeeper’s verification process. The belief is that hackers would simply need to find a new trusted file that has not been blocked by the update, this trusted file can then be abused and used to bypass Gatekeeper. Once on the other side the trusted file will execute the malicious files and then begin to install malicious programs not trusted by Apple.

The experts suggest that in order for Gatekeeper to be secure it must be triggered anytime a new process is started, requiring each process to be signed off by an Apple-trusted developer.

Apple has yet to implement such changes. With OSX’s increasing popularity making it more and more of a target for malware creators it may just be time for Apple users to consider further protection of their devices and personal data.