MediaCenter Panda Security |
Do you accept app permissions without reading them? You should be more careful! Posted: 26 Jun 2015 03:56 AM PDT A smartphone is nothing without its apps. Looking around the apps store is something we do quite frequently, either by necessity or to see what's new or which game is most popular. And probably, while you are there browsing you end up downloading one or two. That’s when Android users have to accept certain permissions of their new application. Apple users approve these permits the first time they use the app or certain features. Applications request access to certain data and features of your device. As expected, maps apps ask for permission to use GPS and locate your device. However, most applications ask for more permissions than they should, which means that we are taking a few risks just by accepting them. One of the most shocking examples is the flashlight apps. For using them you don't need to sing in and they are free. However, when installing the app we have to accept permissions which have nothing to do with the app's purpose, as knowing their location thanks to GPS data, taking pictures, recording audio or even reading our text messages. App Permissions – Read before acceptingFacing that avalanche of totally unnecessary permissions, the best thing users can do before installing an application is to look closely at what information the app wants to access. Most of these times, these permissions do not respond to a real need for the application to function, but serve to create an advertising environment that adapts the location and the user’s interests. Hence a flashlight wants access to GPS or a QR code reader asks permission to view your browsing history and your web markers. The users take several risks when they systematically accept these permissions. On the one hand, they are letting developers to know their location or their Internet habits, and the final destination of this information is not clear at all. But the situation may be much more serious if there is a security breach in the application's meat that allows cybercriminals to access your smartphone through these permissions. So, giving full access to Internet could result in cybercriminals taking advantage of the connectivity to download malware to your device or to steal passwords transmitted through Wi-Fi. However, security breaches and cybercriminals are not the only risks that a user may face when approving the requested permissions. In fact, they are not even the most common. The major risk is users handing over their data to apps development companies, and these companies end up sending their users' private information to analysis or advertising companies. These permissions can also lead, in the case of downloading malicious applications, to scams related with calling services and premium messages, which do not provide any service for the user but charge exorbitant prices for each message. Finally, when you download and install an application, the best thing you can do is to stop and analyze if the permissions required are necessary and, especially, if the developer can be trusted. Checking this before approving permissions willy-nilly can avoid any surprises, or at least, our data falling into anybody's hands. The post Do you accept app permissions without reading them? You should be more careful! appeared first on MediaCenter Panda Security. |
Cryptolocker in Companies – Interview with Juan Santesmases Posted: 26 Jun 2015 01:36 AM PDT Cryptolocker is the threat that everyone is talking about. It affects both home users and companies though, in many cases, companies are more exposed due to the large amount of confidential information they handle. Juan Santesmases, Vice President Product Management & Business Development at Panda Security, explains what Cryptolocker is and how companies can deal with it. Cryptolocker has been the talk of the town in IT security circles over the last few weeks… What makes it different from the rest of threats that companies face?Cryptolocker is a type of targeted attack, and like all targeted attacks, it requires great sophistication and, consequently, a great investment from the cybercriminals who launch it. The damage caused by this targeted attack is not very different from that caused by other attacks suffered by companies every day. The big difference is that, in this case, the target company is aware of the attack because the malware itself notifies it to the infected user, who knows from the start how much it will be to retrieve the stolen information. Hence its great popularity among cyber-criminals. However, there are many other targeted attacks equally or even more harmful than CryptoLocker which in many cases go unnoticed by companies and end users. Especially if they involve theft of vital business information, such as customer data, product development plans, or sensitive personal information such as banking details. Even if detected, these attacks are often not publicized due to the impact they may have on a company's reputation. We have seen attacks like these suffered by Sony, Google, Amazon, Target, and many other companies. What do cybercriminals want with this type of attack?Cryptolocker is a type of malware known as ransomware. This particular kind of malicious software is designed to hijack the victim's data and demand a ransom for it. The high volume of this “market", which has every characteristic of a traditional market, with its supply and demand, makes it very profitable for criminals, who invest large sums of money to develop this type of threat. Is there any way to identify it?It is really difficult. Generally speaking, companies are very unprotected against this type of attack, hence its high rate of infection and the echo it receives in the media. This vulnerability is due to the fact that traditional detection mechanisms, such as email or Web filtering systems and antivirus solutions, are simply not effective enough. To a greater or lesser extent, traditional detection mechanisms are based on comparing software, URLs, or email signatures with known patterns of previously detected and classified threats. However, with an average of more than 200,000 new malware samples put in circulation every day, this type of strategy has become obsolete. Despite the investments made by security vendors to improve the efficiency of their traditional protection mechanisms and reduce reaction times, they continue to be just that: reactive mechanisms. In the end it becomes a race between criminals and security vendors that we do not always get to win. That's why we need a whole new approach to protection. Something Panda realized seven years ago, and has culminated in the development of Panda Adaptive Defense, our persistent threat protection system that is able to stop Cryptolocker and, more importantly, its variants. What differentiates Adaptive Defense from other solutions?First, Adaptive Defense is a service rather than a solution. Adaptive Defense evaluates and classifies all applications running on customers' endpoints, based on the analysis of more than two thousand actions that each application can perform. This process takes place largely automatically in our Big Data Environment, and is complemented with the manual analyses carried out by our security experts at PandaLabs. The continuous classification and monitoring of all applications has allowed us to not only identify and categorize malware, but also goodware and its vulnerabilities. Our database contains more than 1.2 billion goodware applications. Thus, while a traditional antivirus solution blocks known malware and assumes that any other application is benign, with the risk that that entails, Adaptive Defense only allows the execution of applications cataloged as goodware. It could be argued that there are already whitelisting tools with a similar approach. However Adaptive Defense goes beyond traditional whitelisting, doing all the classification work automatically and transparently to the company’s system administrator. Finally, as it is installed on the endpoint, Adaptive Defense provides full visibility into all applications installed on the device, notifying security administrators of any threat detected and allowing them to take remediation actions against them. Targeted attacks, advanced persistent threats, Cryptolocker… No one can doubt that companies are in the crosshairs of cybercriminals.As I said before, cybercrime has become a very profitable business for criminals. The resources and tools available to criminals are so important that no company, regardless of its size, is out of their reach. In Spain, all of the companies in which we have deployed our solution, regardless of their size or the safety measures in place, had endpoints whose security had been compromised to a greater or lesser extent. In fact, according to INCIBE (Spain's Cybersecurity Agency), the economic impact of cybercrime in Spain during 2014 amounted to €14 billion for businesses. Our mission as IT security vendors goes beyond developing more effective products and services, we must raise awareness and help businesses implement adequate protection strategies. VISIT ADAPTIVE DEFENSEThe post Cryptolocker in Companies – Interview with Juan Santesmases appeared first on MediaCenter Panda Security. |
You are subscribed to email updates from MediaCenter Panda Security To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States |
Comments
Post a Comment