Category Archives: Panda Security

PandaLabs Second Quarter Security Landscape Report

imageIn a rather surprising statement, PandaLabs, in its 2011 Second Quarter Security Report, makes the point that there’s a challenging grey area between “Hacktivism” (LulzSec and Anonymous), and Criminality. Frankly, I don’t subscribe to this “blurry lines” view.

I see the issue in rather simpler terms – if security holes exist in critical systems which enterprise, or government, are either unwilling, or unable to address – ultimately creating a host of innocent victims – then I encourage LulzSec and Anonymous to continue their campaigns of outing non-responsive, and non-responsible organizations. I’m more than a little tired of being placed at risk due to organizational ineptness, or failure to adhere to common sense security practices.

Some key findings from Panda’s report (determined from data collected through Panda ActiveScan) include:

Every minute, 42 new malware strains were created.

image

Trojans constitute 70 percent of new malware followed by viruses (10 percent) and worms (8.53 percent). Surprisingly, Adware, which only represents 1.37 percent of all malware, accounted for more than 9 percent of all infections.

image

China, Thailand and Taiwan continue to lead infection rankings.

image

Top 10 least infected countries.

image

So, should these statistics hold any relevancy for you? Should you be preoccupied, or overly concerned, with these numbers? The answer, it seems to me, depends on how aware you are of the overallInternet security landscape, and where you fit into the following user groups.

  • Those who know.
  • Those who think they know.
  • Those who don’t know, that they don’t know.

Hopefully, you are in that small group who can confidently say – “I know”.

Broken record time:

I’ll risk sounding like a broken record, once again, and repeat what I’ve said here numerous times –

“Controlling malware intrusion, while surfing the Net, through the use of a  “virtual” environment rather than operating in a “real” environment, makes sense given the escalating level of cyber criminal activity on the Internet.”

BufferZone, is a particular effective and easy to use freeware virtualization application (perfect for casual users), which creates an isolated environment called the Virtual Zone, while you surf the Internet. You can read more about BufferZone, here.

About PandaLabs:

Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats.

To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day.

This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage.

The full report (PDF), is available here.

Follow Panda on Twitter and Facebook.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Adware, Cyber Crime, Cyber Criminals, Don't Get Hacked, Internet Security Alerts, Malware Reports, Panda Security, PandaLabs, trojans, Windows Tips and Tools, worms

NEW – Panda Cloud Antivirus 1.5 Released

imagePanda Cloud Antivirus 1.5, Panda Security’s newest release (June 20, 2011), of it’s popular cloud-based antimalware application, should be even more effective at keeping the bad guys at bay with it’s newest enhanced features.

New features include – improved scanning speeds, less CPU consumption, advanced configuration options for exclusions of files based on file extensions, and a new activity monitor which shows information such as scanned file details, and previous viruses detected.

Panda Security obviously pays attention to its users recommendations for improved product features, since a number of these new features were suggested by the user community.

Panda Cloud Antivirus is based on Collective Intelligence, a system for detecting and disinfecting viruses and other threats that feeds off the knowledge shared by millions of users. The computers that are part of the Panda Community – instantly share and benefit from all the information stored in the cloud.

Testing anti-malware applications takes considerable time in order to get to the heart of the matter – does an application work in the “real world?”

Will the application do what an average user expects – does it block malware effectively and efficiently? Particularly new, or emerging, malware threats.

Is the interface crafted in such a way that an average user doesn’t need to digest an instruction manual in order to navigate the application?

Is the application capable of providing adequate protection without stressing system resources?

I’ve been running Panda Cloud Antivirus, on a secondary system, since April 2009, and in this extensive testing, Panda Cloud Antivirus has met, or exceeded, all of these requirements. So, I’m looking forward to giving this new release a workout.

Installation:

Pay particular attention at the Install screen. Once again, you’ll be asked to accept a Toolbar and a change in your Homepage – annoying as hell. As well, on this screen, you can choose your language.

image

Panda is obviously convinced that the “more is less” GUI approach, is suitable for most users. Kudos – I couldn’t agree more.

image

The optimized scan screen.

image

Scan time: under 5 minutes – 19,873 files.

image

image

The settings menu is accessed via the tool icon – as shown at the “hand icon” in the above screen shot. I found this “hideaway” a little awkward.

image

Despite an abundance of settings you’ll find some settings are only available in the Pro version.

image

At less than $30 for the one year Pro Edition license, you might consider jumping up to this version. Frankly though, I’m no fan of one year licenses.

Not when one considers that a lifetime license for Malwarebytes’ Anti-Malware and SUPERAntiSpyware, both of which are outstanding applications, can be purchased for less than $30 – considerably less when on sale.

Fast facts:

Light – Only works where necessary. It’s so light you won’t even notice it.

Easy – Don’t worry about complicated decisions ever again. Panda Cloud Antivirus will make the best decisions for you to keep your PC protected.

Secure – Panda Cloud Antivirus is based on Collective Intelligence, a system that continuously collects and analyzes viruses and other threats gathered from the community of millions of Panda users around the world.

Free – No tricks! Panda Cloud Antivirus has a free version that protects you against viruses and malicious websites.

Note: Panda’s Collective Intelligence servers have analyzed 175,569,053  (and counting) viruses, and known goodware.

System requirements: Windows 7 32-bit, Windows 7 64-bit, Windows Vista 32-bit, Windows Vista 64-bit, Windows XP 32-bit,  Windows XP 64-bit.

Panda Cloud Antivirus is available in 20 languages.

Download at: Panda Security

Backed by more than two years experience running Panda Cloud Antivirus in various editions, I have no hesitation in recommending Panda Cloud Antivirus 1.5 as a front line antivirus application.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Antivirus Applications, Cloud Computing, Cloud Computing Applications, Cyber Crime, downloads, Free Anti-malware Software, Freeware, Internet Safety Tools, Malwarebytes’ Anti-Malware, Panda Security, Software, SUPERAntiSpyWare, Windows Tips and Tools

Stay Malware Free (Hopefully!) – Scan With A “Live CD” Regularly

imageI’m regularly asked how often I scan my primary personal machine for malware. The answer is – as part of a layered security approach, I have a formal schedule which I stick to without fail.

Once a day, I quick scan the system drive with both Microsoft Security Essentials, and Malwarebytes’ Antimalware – making sure the databases are updated and current.

Running a quick scan with both these applications, takes less than 5 minutes. For example: Malwarebytes’ – 150,000 objects – 2 minutes and 30 seconds. Microsoft Security Essentials – 30,000 items – 1 minute and 18 seconds.

Much of today’s malware though, can be extremely difficult to identify and remove – despite a user relying on frontline antimalware applications to do the job. So, I don’t see any advantage in running full scans on a live system – instead, once a week I run a Linux-based antimalware application (a live CD), which scans from the outside looking in. Malware generally can’t hide if it’s not running.

I’ve come to rely on the following free live CDs, which I regularly alternate, to ensure (hopefully), I’m operating in a malware free zone.

Panda SafeCD

Click to see larger images

This useful utility comes in handy when you need to clean a malware infected machine. Or, as in my case, to ensure a machine is not infected. It is particularly useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.

Features include: Automatic detection and removal of all types of malware. Boot from CD or USB stick. Supports using updated signature files. Supports 13 languages. Supports both FAT and NTFS drives.

The download consists of an ISO. You can either burn this to a CD/DVD or alternatively, create a Boot USB stick by using something like the Universal Netboot Installer (UNetbootin).

Kaspersky Rescue Disk 10

image

Kaspersky Rescue Disk 10, is designed to scan and disinfect x86 and x64-compatible computers that have been infected. Particularly useful when the infection is at such level that it is impossible to disinfect the computer using anti-virus applications, or malware removal utilities, running under the operating system.

Note: Kaspersky Rescue Disk 10 can be run from a USB device.

Avira AntiVir Rescue System

image

Avira AntiVir Rescue System is a Linux-based application that allows you to access a system that cannot be booted anymore. Not only will this application scan the system for infections, but it can be used to repair a damaged system, or rescue data.

If you’re looking for an uncomplicated, reasonably quick booting alternative antimalware scanner/rescue CD, which will update the definition database automatically (assuming you’re connected to the Internet), any one of these freebies will do the job nicely.

In the constantly evolving world of cybercrime, all users are well advised to scan their computers regularly with an antimalware application that does not rely on the native operating system.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

24 Comments

Filed under 64 Bit Software, Anti-Malware Tools, downloads, Free Anti-malware Software, Freeware, Kaspersky, Linux, Malware Removal, Malwarebytes’ Anti-Malware, Panda Security, Software, USB, Windows Tips and Tools

Panda Safe Browser – Just Released As A Free Application

imagePanda Security has unhooked its Panda Safe Browser from its  Antivirus Pro, and Internet Security software, and is now offering it as a free application.

Since this application was just released in the last few hours, I have not had a chance to take it for a test drive. But, Panda Security has an excellent reputation for quality –so, I’m hopeful that the application will perform as advertised.

Although this is a Windows application, based on Firefox, Panda has managed to incorporate Linux within the program, in order to take advantage of Linux’s well known built-in safeguards against vulnerabilities. As additional protection against a malware infection, Panda Safe Browser runs as a virtual machine.

From Panda Security:

Panda Safe Browser allows you to browse the Web safely and privately, without being affected by malware or exploits that can be hidden on any site. Every time you close Panda Safe Browser, the session data is deleted, assuring your privacy and the integrity of the software for the next run.

Panda Safe Browser is based on multiple layers of protection that minimize the risk of an infection from the web to only a theoretical, almost impossible, chance.

First, it’s based on Mozilla Firefox, a much secure browser than Microsoft Internet Explorer. This considerately lowers the possibility of an attack.

Second, it has almost no plug- ins that can be explored by malware to run on the system (like a PDF‐file reader, although it can read PDF files).

Third, it runs on with limited permissions, which means that even if some malware can exploit Firefox or the plugins it uses, the practical use of an attack will be close to none, because it cannot make changes to the operating system.

Forth, inside Panda Safe Browser Mozilla Firefox runs on the Linux operating system, which has much less common vulnerabilities to explore.

Fifth, on the top of all of this, Panda Safe Browser is a virtual machine, which means its functioning is isolated from your PC. So, an attacker should have to be aware of this and to bypass at least four much elaborated levels of security even before arriving to your “real” PC, where with the help of the most advanced Panda Security technologies (that, alone, have several more layers of protection) you would be completely shielded from that very slight possibility of attack.

Nothing is 100% safe, but Panda Safe Browser brings you much closer!

System Requirements: Windows – both 32, and 64 bit.

Download here: Panda Safe Browser

A big “Thank You” to regular reader Charlie L., for bringing this to my attention.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

12 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Browsers, cybercrime, Don't Get Hacked, downloads, Firefox, FrostWire, Linux, Malware Protection, Online Safety, Panda Security, Safe Surfing, Software, Spyware - Adware Protection, Windows Tips and Tools

PandLabs 2011 Security Trends Predictions

imageEvery year, I hold on to the belief that we’ve seen the worst that cyber-criminals can throw at us – so I’m always hopeful, that the outlook for the coming year might offer some improvement. As the years go by, inevitably it seems, my hopes have been dashed.

The Internet, despite its promises (many of which have come to pass, admittedly), has become a cesspool of cyber criminals (who continue to belittle us), scam and fraud artists, and worse. A cesspool that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software. And now it seems, we’re approaching the point where anarchy might well begin to rule the Internet.

The recent WikiLeaks kafuffle, with its counter play DDoS attacks pitting supporters against non-supporters, is a singular indication of how quickly the Internet can devolve into anarchy. No matter the views one may hold politically, with respect to the WikiLeaks disclosures, the use of hacktivism as a political tool is a worrisome trend.

PandaLabs, in its just released predictions covering the top security trends for 2011, is predicting an increase in the type of hacktivism the WikiLeaks conflict has pushed into the spotlight. Moreover, PandaLabs report paints a dismal picture of how the Internet threat landscape is likely to shift and change, in the coming year

According to PandaLabs, in addition to a new focus on hacktivism and cyber-war; more profit-oriented malware; social media; social engineering and malicious codes with the ability to adapt to avoid detection will be the main threats in the coming year.

Report highlights:

Continued growth of new strains of malware creation

2010 marked a turning point in the cyber war, and PandaLabs expects more of the same in 2011

Cyber-protests, or hacktivism (e.g. Anonymous), are all the rage and will continue to grow in frequency

Social engineering will increase as cyber criminals increasingly use social platforms to launch distributed attacks

Windows 7 users will become a significant target for malware in 2011

Mobile security will be a top concern for Android users

As tablets gain market share, so will their appeal to be targeted by cyber criminals

As the market share of Mac users continues to grow, so will the number of threats

HTML5 will be the perfect target since a security hole can be exploited regardless of the browser

Highly dynamic and encrypted threats are expected to increase, given the financial incentive for information on the black market

Being aware of the shape of the Internet landscape, and the changes that are occurring, or may occur in that landscape, now, more than ever, is a necessity – a prerequisite to protecting yourself and your computer from cybercriminal attack. Forewarned is forearmed, needs to be your guiding light – appropriate knowledge will act as your shield.

About PandaLabs:

Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats.

To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyze and classify the more than 63,000 new malware strains that appear every day.

This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage.

Get more information about PandaLabs and subscribe to its blog news feed here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

5 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Safety, Internet Security Alerts, Malware Reports, Online Safety, Panda Security, PandaLabs, Reports, Windows Tips and Tools

Panda Security’s Collective Intelligence Says 20 Million New Strains Of Malware In 2010

imageIt may well be, that malware creators have discovered the same principal that countries involved in the the nuclear arms race have come to know – once you have enough weapons; you have enough.

According to Luis Corrons, technical director of PandaLabs – “so far in 2010, purely new malware has increased by only 50 percent, significantly less than the historical norm. It seems hackers are applying economies of scale, reusing old malicious code, or prioritizing the distribution of existing threats over the creation of new ones.”

Complacency though, is not in the cards , at least not yet, since Corrons went on to say –  “This doesn’t mean that there are fewer threats or that the cyber-crime market is shrinking. On the contrary, it continues to expand, and by the end of 2010 we will have logged more new threats in Collective Intelligence than in 2009.”

The evolution of malware – 2010:

The average number of new threats created daily has risen from 55,000 in 2009 to 63,000 in 2010 to date.

The average lifespan of 54% malware has been reduced to just 24 hours, compared to a lifespan of several months that was more common in previous years.

34% of all active malware threats were created this year.

20 million strains of malware have been created already this year; the same total for the year of 2009.

Many malware variants are created to infect just a few systems before they disappear. As antivirus solutions become able to detect new malware more quickly, hackers modify them or create new ones so as to evade detection.

image

Graphic courtesy of PandaLabs.

So, should these statistics hold any relevancy for you? Should you be preoccupied, or overly concerned, with these numbers? The answer, it seems to me, depends on how aware you are of the overall Internet security landscape, and where you fit into the following user groups.

  • Those who know.
  • Those who think they know.
  • Those who don’t know, that they don’t know.

Hopefully, you are in that small group who can confidently say – “I know”.

About PandaLabs:

Since 1990, PandaLabs, the malware research division of Panda Security, has led the industry in detecting, classifying and protecting consumers and businesses against new cyber threats.

At the core of the operation is Collective Intelligence, a proprietary system that provides real-time protection by harnessing Panda’s community of users to automatically detect, analyze, classify and disinfect more than 63,000 new malware samples daily.

The automated classification is complemented by a highly specialized global team of threat analysts, each focused on a specific type of malware, such as viruses, Trojans, worms, spyware and other exploits, to ensure around-the-clock protection.

Learn more about PandaLabs and subscribe to the PandaLabs blog here. Follow Panda on Twitter and Facebook.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

1 Comment

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Security Alerts, Malware Reports, Online Safety, Panda Security, PandaLabs, Windows Tips and Tools

Cyber Shopping on Black Friday? Six Tips From PandaLabs To Keep You Safe

imageCyber shopping on Black Friday can be very appealing – no lining up at midnight, no line ups at all, no risk of being trampled by unruly crowds, shop in your PJs if you like, “shopping around” and comparing prices is a snap, and the list of benefits goes on.

So, if you cyber shop, you may not face the risk of being trampled to death by an unruly crowd, or being shot to death by an angry shopper – both tragedies actually did happen on Black Friday, November 28, 2008. But, you will face substantial cyber security risks.

Staying safe while you cyber shop requires that you be much more wary, and that you understand that cyber crooks salivate at the opportunities Black Friday cyber shopping creates for exploiting the unwary and careless consumer.

Cyber shopping safely requires that you follow well established best practices that have proven to substantially reduce the risk of being victimized.

PandaLabs suggests holiday shoppers adhere to the following best practices this Friday and Monday, and throughout the holiday shopping season:

Avoid using search engines for locating special holiday deals. Criminals commonly turn to Blackhat SEO, which involves maliciously using search engine optimization around hot keywords to poison search engine results. Instead of using a search engine, go directly to reputable sites that you are familiar with. Screenshots of a recent malicious Black Friday search result is available at here.

Don’t click on embedded links in advertisement e-mails. E-mails that appear to be advertisements from legitimate vendors could be a well-disguised scam or malware attack. Chances are you’ll be able to find the same deal by going directly to the website in your favorite web browser.

Install all available operating system updates and patches. Cyber criminals are particularly skilled at exploiting critical vulnerabilities in operating systems and commonly used applications. Computer users are often silently redirected to a website with a carefully crafted malicious payload that leaves the computer infected with data-stealing malware or extortion-based threats. In addition to updating your system, PandaLabs strongly advises people to update Adobe Flash, Adobe Reader, and Java software, which are all commonly targeted by cyber criminals.

Don’t underestimate criminals. Cyber criminals have no limits, and will create fake advertisements, shopping carts, poison various search terms and more in order infect your computer and steal your personal data. If you’re unsure if a site is legitimate, run a search online to see if you can determine whether it’s widely known. If you can’t find details on a retailer, PandaLabs advises holiday shoppers to take their business elsewhere.

Only purchase from sites that offer secure browsing (SSL/https). You can tell if a site uses SSL/https if there is a padlock icon on the bottom corner or in the address bar of your browser. Some browsers like Internet Explorer and Chrome turn the address bar green to indicate that the site is secure. Even if a site uses SSL/https, remember that SSL only works to create a secure Internet tunnel between you and the e-commerce server. You can still transmit sensitive data over to cyber criminals, so it’s best to run frequent anti-malware scans.

Always use updated anti-malware protection. Despite growing awareness of today’s Web-borne threats, many people still don’t use even a basic anti-virus solution and leave themselves vulnerable to infections, data loss and identity theft. You can download Panda Security’s award-winning Panda Cloud Antivirus software, which is completely free, here.

About PandaLabs:

Since 1990, PandaLabs, the malware research division of Panda Security, has led the industry in detecting, classifying and protecting consumers and businesses against new cyber threats.

At the core of the operation is Collective Intelligence, a proprietary system that provides real-time protection by harnessing Panda’s community of users to automatically detect, analyze, classify and disinfect more than 63,000 new malware samples daily.

The automated classification is complemented by a highly specialized global team of threat analysts, each focused on a specific type of malware, such as viruses, Trojans, worms, spyware and other exploits, to ensure around-the-clock protection.

Learn more about PandaLabs and subscribe to the PandaLabs blog here. Follow Panda on Twitter and Facebook.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Cyber Shopping Tips, cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Security Alerts, Panda Security, PandaLabs, Safe Online Shopping Tips