Panda Security USA Technology BlogPanda Security USA Technology BlogTechnology insights from Panda Security USA on today's most common Internet threats.
Articles:
1, 2
Articles
Security Shouldn?t Take a Backseat to Virtualization
2008-04-28 17:57:00 There?s no question that advances in server virtualization technology are becoming popular among corporations that want to save money by consolidating resources and improving operational efficiency. Virtualization enables a dramatic increase in cost savings in ongoing maintenance and the cost required to keep physical assets afloat.? These benefits are often seen by CIOs and other information ... More About: Security , General
Regulatory Compliance & The Real Risk of Undetected Malware: Part 2
2008-04-18 19:33:00 I am working on a white-paper that covers the disconnect between formal audit process and the technical safeguards implemented to ensure internal controls are adequate. As you may have read part 1 of this article series and how I talked about the missing element, this is a continuation delving deeper into the problem. Thoughts? Comments? “In the wake ... More About: Virus , Malware , Risk , Real , Part
Sever-Side Polymorphism or Crime-ware as a Service (CaaS)
2008-04-16 22:40:00 As the threat-landscape is evolving hackers are constantly changing technique in order to counter-act detection technologies that vendors develop. I remember a few years ago when polymorphism and metamorphism were used as a way to constantly generate new variants of worms. Essentially the virus morphed itself into different variations and successfully evaded signature based technologies. Eventually ... More About: Virus , Crime , Service , Ware , Side
Server Side Polymorphism & Crime-Ware as a Service Model (CaaS)
2008-04-16 06:05:00 As the threat-landscape is evolving hackers are constantly changing technique in order to counter-act detection technologies that vendors develop. I remember a few years ago when polymorphism and metamorphism were used as a way to constantly generate new variants of worms. Essentially the virus morphed itself into different variations and successfully evaded signature based technologies. Eventually ... More About: Crime , Service , Ware , Model , Server
The Hannaford hack: what we can learn from it
2008-04-05 02:05:00 Most people have heard of by now the recent high-profile data security breach with retail chain Hannaford Bros. According to an article published by SC Magazine (http://www.scmagazineus.com/Hannaford-te lls-regulators-how-breach-happened/articl e/108569/) hackers placed hidden malware on nearly 300 servers to intercept transactions. This malware was designed to locate and discover credit card information from consumers who interacted with the stores, thus, these hackers untimely harvested ... More About: General , Hack , Learn
Security Shouldn?t take a Backseat to Virtualization
2008-03-31 23:33:00 I will be presenting on the subject of why security shouldn’t take a back seat to virtualization on April 30th at the Wall Street Technology Association. This event is located at the Raddision Martinique in New York City. http://www.wsta.org/events/security_in_a_ virtualized_world_panel_discussion_and_fo rum Security Shouldn?t Take a Backseat to Virtualization Ryan Sherstobitoff, Chief Corporate Evangelist Companies are widely adopting server virtualization in an effort to improve operational ... More About: Malware , General
Think Your Protected? Think Again. Study Reveals Hidden Cyber-Crime Breache
2008-03-28 21:15:00 Over a five month period, Panda Security conducted several audits with a large state agency in the United States to assess the level of risk pertaining to hidden and undetected infection points. Due to the confidential nature of this customer, we cannot disclose the agency name. The information learned from this case is a great demonstration of ... More About: Crime , Study , Cyber , Hidden
Web-Site Defacements
2008-03-28 19:59:00 Recently I came across an interesting site (www.zoneh.com) that displays statistical information on web page defacement. It also shows information on the sites that were hacked and provides a mirror to them. However; some of these “defacement” sites are questionable and some contain “iframe” exploits; in our case a malicious packer was included in one of the mirrored sites hacked. This ... More About: Site , Web site
Application Scam Sites
2008-03-26 22:33:00 Recently Panda Security was notified regarding an on-line scam currently in production claiming to offer Panda Security, McAfee, Symantec and Adobe products in addition to a product known as error mechanic. The site www.pandasecuritysoftware.com and the following associated domains are part of this scam: pandaantivirus2008.com panda-antivirus-2008.com pandasecurity2008.com pandaantivirus-2008.com panda-anti-virus.com panda-2008.com antivirus-panda-suite.com panda-ib.com panda-2008.com panda-anti-virus.com panda-antivirus-2007.com panda-antivirus-2008.net panda-bdl.com panda-ib.com panda-suite.com pandaantivirus-2007.com pandaantivirus-2008.com pandaantivirus-ib.com pandaantivirus2008.com pandasecurity2008.com pandashield.com pandasuite2007.com panda-bundle.com pandabundle.com pandasecuritysoftware.com pandasecuritysoftware.net Some words of caution: This site and the domains are not supported or in anyways affiliated with Panda Security and ... More About: Virus , Sites , Scam , Application
Click-Fraud: The lesser known evil
2008-03-25 17:10:00 I came across this interesting article that talks about a Trojan; not any Trojan but a Trojan that automates PPC click-fraud that is currently targeting Google and Yahoo (http://www.securitypronews.com/news/secu ritynews/spn-45-20080312Click Fraud TrojanT argetsGoogleYahoo.html). What?s interesting about click-fraud is the little amount of attention that it receives in the media in comparison to Identity Theft and the other horrors of the Internet. ... More About: Virus , Evil
Behavioral Blocking: An effective means of stopping 0-day
2008-03-25 01:26:00 Behavioral blocking (a.k.a kernel rules / system rules) can provide the first layer of defense against emerging threats exploiting 0-day vulnerabilities. Exploits commonly take advantage of mistakes made by programmers and thus good applications can turn bad in an instant. Malformed documents have accounted for a good number of these attacks (PDF, MDB, DOC, etc) recently. Take for example the new ... More About: Effective
Regulatory Compliance & the Real Risk of Undetected Malware
2008-03-20 03:41:00 With the emergence of regulatory laws borne out of experience from a variety of embarrassing security breaches, today?s corporate leaders face a myriad of repercussions. These range from serious fines to jail time when found not in compliance with regulations such as Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley (GLB), and Payment ... More About: Malware , Risk , Real , Compliance , Regulatory
10,000 Web-Sites Hacked, Who?s Next?
2008-03-14 20:32:00 In the last few hours we have observed a high-profile hack in progress, which supposedly infected 10,000 web-sites with a script-based attack used to launch and execute malicious code. According to reports from several leading security firms the hack was orchestrated in a similar fashion to how the Miami Dolphins site was used to serve ... More About: Web Sites , Sites , Hacked
Unintentional Betrayal of CIOs
2008-03-13 22:21:00 Currently, buying decisions for security solutions are heavily influenced by the reviews and certifications they receive that measure product quality and effectiveness. These ratings, published by independent third parties, are oftentimes used as a barometer for how CIOs make buying decisions and whether they decide to go with one product over another. What CIOs don?t realize ... More About: Betrayal
Get your free risk assessments!
2007-10-29 02:13:00 Our education session at Interop 2007 was a huge success in raising awareness regarding the real malware situation. We educated many IT professionals on the real situation behind today’s protection models employed by thousands of companies. Companies simply are not feeling as secure as they should be with the current protection model they are using. In fact our ... More About: Free , Risk , Assessments
Think You are Protected? Think again. Briefings across the USA
2007-10-22 14:47:00 During the last part of this year I will be giving briefings to IT security professionals across the country regarding an antonishing new study conducted by PandaLabs. This study focuses on the level of infections in protected machines even despite having up-to-date anti-malware protection. We will be present at the following locations: Atlanta, Ga (ISACA) - Nov ... More About: Brief , Acro
Rochester Security Summit Conclusions
2007-10-16 02:21:00 Our presentation to the Rochester Security Summit was a very interesting one indeed. As we speculated IT Security professionals from major corporations were not aware of the level of infections on protected machines. Our audience found the subject of hidden infections and insidous banking Trojans to be really interesting. During the course of my presentation I recieved several questions on ... More About: Chester
Panda Security at Interop 2007
2007-10-14 23:01:00 Panda Security US will be at Interop 2007 this year. I will be giving a presentation on a recent study we completed within PandaLabs that indicates a significant population of PCs, more then 20% were infected with active running malcious code while having up-to-date security solutions. http://www.interop.com/newyork/education/ security.php My session will be at 11:45 - 12:30PM Thursday October 25th. This ... More About: Panda , Panda Security
Presentation at ISACA Geek-Week
2007-09-27 06:58:00 Panda Security will be presenting at the ISACA Geek -Week conference in Atlanta, GA in November. The conference will include a number of interesting presentations on IT audit and security. http://www.isaca-atlanta.org/geekweek.htm I will be speaking about a global research study we have recently concluded that indicates users are more infected then ever with hidden malware. So if you live in ... More About: Presentation , Resent
Hype or the Matrix Reloaded Part II: The Government Hacked!
2007-09-10 22:50:00 Recently there has been a lot of buzz concerning the latest reports on Government entities being hacked and in some cases their web sites are being defaced. With the increase in sophistication and change in motivation I would not be surprised if some of these attacks were successful. Web mafias and other foreign organized crime syndicates ... More About: Hype , Matrix , Part , Hacked
Distribution of new threats
2007-09-02 07:09:00 Have you ever wondered what type of malware is more predominant in the wild then others and which ones are going extinct? I thought I would shed some light on this subject since I have been getting quite a few questions lately. It seems in the last year that several categories of malware seem to be ... More About: Distribution , Threats , Tribu , Threat
Panda Security USA on the road
2007-09-02 06:29:00 For those who are interested in further information concerning what I talked about in the post - ”Hype or the Matrix Reloaded: Perception vs. Reality”; Panda Security will be giving a presentation at the Rochester Security Summit (www.rochestersecurity.org) in Rochester, NY on Oct 3rd from 10:30am to 11:30am. The slides from this presentation should be made available on-line shortly after. Furthermore; we are ... More About: General , Road , On The Road
Uncloaking Malware
2007-08-27 08:20:00 I was talking to a risk analyst at a large health insurance company about what she did not want in security solutions. She didn?t want just another signature file based solution. She didn?t want another traditional anti-virus solution. She didn?t want to just give a vaccine to a corpse one more time. She was concerned that there are attacks ... More About: Malware
Hype or The Matrix Reloaded: Perception VS Reality
More articles from this author:2007-08-27 03:06:00 I was at a government agency recently doing an on-line audit of a portion of their network ? almost 655 pcs. They had quite a bit of security measures in place including updated resident software, multiple firewalls, limited user privileges and did regular anti-spyware scans with a program that was specialized for this. Needless to say, they ... More About: Reality , Hype , Matrix , The Matrix , Loaded 1, 2 |
 |
|
 |
