La Piazza

Posted by Alberto Domínguez, 29 July, 2009

Hi!

Like my colleagues David and Alvaro, I would like introduce myself in this blog, since I actively take part in the forum in Spanish as adominguez.

My name is Alberto Dominguez and I was born in Bilbao in 1982. To be honest, my interest in computers came quite late, although I have always been fascinated by “paralell worlds”, such as video games or technology in general.

At present, I work as a 2º level Technician of consumer products. As well as taking part in different forums and managing several incidents, I carry out other tasks, such as managing malware, which is currently one of the hottest topics and personally, the topic that most stimulates me. 

Malware evolution in recent years has been incredible. I can still remember the first spyware samples , the effects of Sasser or Blaster, or the propagation of worms like Netsky. Nowadays, the fight is against rootkits, although malware far ahead.

The infamous American exhacker Kevin Mitnick, who is an IT security expert, warns about the vulnerability of ATM operating systems.

It is known that the latest trend in cyber-crime is to implement specially-crafted codes in ATM computers, as they use Windows. This trend took off in Russia and Ukraine, but will not take long to reach the U.S and Latin America.

Once hackers enter the systems, they can see the information of the person who has inserted the card (from personal details to security passwords).

As you can see, malware is constantly evolving. Consequently, it is important for us to apply our own slogan and always be ONE STEP AHEAD.

Posted by Tony, July 21, 2009

I’d like to start by welcoming you all to the Panda Security Support Blog and Forum, and would like to thank you for taking the time for visiting; I hope you find it insightful as well as useful.

My name, is Tony Roberts and I look after the Support services here in the UK. I was born in the town of Brighton in 1975, which now holds City status. If you have never visited the South coast of England It can only come on the highest of my recommendations, especially in the summertime.

You’ll see me heavily involved within the Forum with the alias of Bone, this nickname came about several years back from a previous Boss of mine, Tony, Tone … Bone, and it seems to have stuck, perhaps too much, as the younger members of my family know me by no other name now!

I have always had a passion for everything tech from since I can remember and have been involved within the IT industry from my very first job, I’ve had many different roles over the years but primarily it’s revolved around Support services to one degree or another, I can fully appreciate being on the receiving end of what seemingly appears to be an almost irresolvable issue and understand the necessity in having easily accessible, professional but friendly support.

When I’m not working I enjoy the usual things, good films (sometimes bad), eating out, catching up with my friends and family etc, I also have a love for the sea to which fortunately I live very close to, I have also recently discovered scuba diving to which I plan to include more in my future holiday destinations.

Posted by Ana

Please, don’t feel offended! An Irish friend just sent it to me and I thought it was a funny way to say bye bye, I’m going on holiday! See you back in a few days! In the meantime, keep enjoying our forum. 

Posted by david, July 16, 2009

In the past few days, we have had reports from our customers regarding a notification from Windows Security Center (WSC) of Vista SP1 machines indicating that the Virus Protection is not compatible although the antivirus is actually working fine.

The guys from Microsoft’s Windows Security Center Team contacted us to inform that this isn’t the expected behavior and they are working hard to find a solution for this error.

On the other hand, we are currently developing an autofix (automatic hotfix) for our 2009 and 2010 products which will solve the problem by changing the way our products register against WSC. This autofix will be available through automatic updates during the next weeks.

The immediate solution is pretty easy, just navigate to Windows Update website and install Windows Vista’s Service Pack 2. Don’t you think it’s a good opportunity to update your system to Vista SP2? This update not only will solve this small problem but will also fix several security bugs.

Posted by Sandra, July 16, 2009
 
I am an intern at the Technical Training & Certification Department and would like to share with you a case study that we will use in one of our training courses.

Gloucestershire Hospitals NHS Foundation Trust required a system that would enable all the practice computers, many of which use separate networks, to link to a central server within the Hospital, without the risk of spreading viruses or being beset with spyware.

For this reason they installed the Panda Managed Office Protection (PMOP) antivirus solution, which helps 1,700 client computers throughout the county to receive and send vital information safely and efficiently.

PMOP is an advanced, Web-based anti-malware solution that benefits from Panda Security’s cloud-based “Collective Intelligence”.

According to Gloucestershire NHS, in two months, the Panda solution identified 435 suspect items, mainly spyware, which was hundreds more than their previous antivirus system. 
 
The challenge consisted in:

• Protecting email communications between individual practices and the hospital, enabling them to work without the risk of contracting a virus.
• Providing them with a scalable solution that could handle the increasing number of doctors joining the hospital in the future.
• Offering a solution that could be managed centrally by just one person, while delivering a high level of protection.
• Preventing loss of productivity.
• Enabling the Trust to achieve a rapid return on investment.

You can read the full case study at  http://www.ourpcdoctor.co.uk/index.php?option=com_content&view=article&id=91:local-nhs-choose-panda&catid=42:rokstories&Itemid=180

*

Posted by Alvaro Fradua, July 14, 2009

I prefer to be introduced by other people, so I can see how well they know me. This time, however, it’s my turn to briefly introduce myself; I’ll try not to be too idealistic.

My name is Alvaro Fradua Ruiz and my involvement in IT began in 2001, when I decided not to study to become a doctor. I have always had an interest in science, which is why I thought about medicine as a career, but seeing what it involved, and as I wasn’t the ideal student, I turned to my hobby, computers.

This hobby started when I ‘inherited’ my cousins’ Amstrad Spectrum (I can’t remember the model), and with just a few tapes to play with, I discovered the PC. I began to make improvements to the system, investigating and finding out what it was all about.

I started working in a small company in Bilbao, which was a Panda Security distributor. I can still remember the client number I used for my daily queries to the Tech Support department. When I finished there, Panda called me to join the 24×7 Tech Support team in November 2006.

I am now in the Retail Second-tier Support Department. In the forum you will know me as afradua, providing support during our timetable which runs approximately from 8:00 am to 8:00 pm (GMT +1).

In my spare time I like to read, listen to music, go for walks (weather permitting) and I enjoy outdoors sports (football, surfing and slacklining). Slacklining involves balancing on a rope, just above the ground.

I also love motorbike racing and I’m a great fan of Valentino Rossi. However, this is not something I actually take part in.

Posted by Alvaro, July 10, 2009

Microsoft has publicly announced two new vulnerabilities in Internet Explorer:  

1 .Users get infected on clicking a link to a video

This vulnerability affects the Windows XP and Windows Server 2003 operating systems.

Workaround published by Microsoft

2. Exploit that causes a memory overflow

This exploit takes advantage of a Mpeg2tunerequest stack overflow vulnerability in the msvidctl.dll library. Upon exploitation, an attacker could gain the ability to take full control of a compromised system.

You can find information about this second vulnerability at http://www.microsoft.com/technet/security/advisory/971778.mspx

Microsoft has not publicly acknowledged this vulnerability yet, and so it hasn’t published any official solution.

So far, there is only the possibility of setting a kill bit for the vulnerable control. You can do so by saving this file with the extension .reg and running it as administrator:

 Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
“Compatibility Flags”=dword:00000400

There is no information about the operating system versions affected by this exploit.

The following video explains how TruPrevent Technologies protect against this type of attack.

                       Sean-Paul Correll from Panda Security

Proactive protection against the msvidctl.dll ActiveX control vulnerability from Panda Security on Vimeo.

All our clients with Retail and/or Corporate products with TruPrevent Technologies enabled are protected against this exploit.

Remember PandaLabs blog, everything you need to know about Internet threats.

Posted by Alvaro, July 8, 2009

Who by now doesn´t know that Michael Jackson, the king of pop is dead? This post will not debate the circumstances surrounding this unfortunate event, but we would like to warn you about spammers who are sending new spam on the occasion of Jackson´s death.

As you all know, SPAM is defined as unsolicited mail, usually of commercial nature, sent in huge, even massive quantities with a detrimental effect on the person receiving these emails.

Malware creators are fast and exploit any event, as it is the death of the great pop icon, in order to modify the appearance of their spam mails.

In this particular campaign, different types of SPAM can be found. They all, apparently, contain privileged information regarding the death or even assassination of Michael Jackson.

The messages invite the recipient to view videos or pictures related to a possible plot to assassin the pop star, an appealling subject for many users.

During the tests performed on these messages, several rootkits and backdoors filtering users´ bank data have been detected.

We highly recommend to keep the anti-spam protection of your antivirus updated in order to protect yourself from these attacks.

Posted by david, July 3, 2009

Some weeks ago I had the pleasure of listening to a talk from Genis Roca, in which he explained how people’s perception of technology is ‘everything that has been invented after they were born’. The idea is that we don’t consider anything invented before we were born as technology, because it has always been there; it is something natural to us. While I share this perception of technology to a large extent, it is also true that in my case it applies only when I discover something new and even then for a short period of time (the ‘euphoric’ phase). Take, say, an Ipod; to my father this is technology, but to me it is just a device for listening to music, just as a discman was 20 years ago. Sure, I can also surf the net, watch movies… but in the end it is still a device designed for listening to music.

Are social networks and Web 2.0 technology? The way I see it, they are just channels through which I can interact with people and share information or just talk. Of course I can also share photos, play, post videos, tag friends,… but once again, in the end they are applications for communicating, just as in the 90s we had IRC, and in ten years’ time we will have… whatever.

So what essential differences are there between showing my friends photos in a traditional photo album or posting them on Facebook? Basically three: the immediateness, the duration and the feedback. I could be in London, take a photo, publish it on Facebook and in less than five minutes my friend Ted, who lives in the backend of nowhere in Australia, could be telling me what he thinks of the photo. If I keep my photos published for three of four years, then Ted can always see my photos of London again, without having to come to Spain to see my album.

If we apply all this to tech support, it drives us to look for a way of offering immediate support, which lasts and also provides real, sincere feedback. If customer ‘A’ has a problem, she can contact us and we can offer a specific solution to the specific problem. If customer ‘B’ has the same problem, he can send us an email and we can offer the same solution that we gave to customer ‘A’. If, two years down the line, customer ‘A’ has the same problem again, she can contact us and we can send the same solution that we did two years previously. So now, you will have realized, we have sent the same solution three times. It would seem then that we have a problem. We are providing immediate and effective solutions but they don’t last and they don’t always provide feedback. It’s as if my friend Ted wanted to see my photos of London and each time had to get in a plane and come from Australia to Spain to tell me personally that he likes them. Now I quite like seeing old friends, but this really doesn’t make much sense, does it?

This is why some time ago we started to move towards Support 2.0: from person-to-person, reusable, taking advantage of forums, Facebook, Twitter, blogs,… yet today I want to talk to you specifically about our new Tech Support forum.

Let’s put the previous situation in the context of the 2.0 environment. Customer ‘A’ has a problem and decides to go to the Panda Security Tech Support Forum to find a solution to her problem. She looks in several sub-forums but doesn’t find a solution, so she decides to contact us. Somebody who works at Panda Security offers a solution to the problem, customer ‘A’ applies the solution and immediately, through the solution we have provided, confirms that we have resolved the problem.

Panda Tech Support Forum

Some days later customer ‘B’ has the same problem, he goes to our forums and in one of the sub-forums he finds the solution that we gave to customer ‘A’. But that’s not all. He also sees that the solution has been satisfactory for customer ‘A’. This is very positive for customer ‘B’, he knows that the solution is good, applies it on his computer and goes back to the forum to give his feedback and offer suggestions on how the solution might be improved even. Some time later customer ‘A’ has the same problem again. What will she do? Look at my photos on Facebook or get a return plane ticket from Sydney to Bilbao? But it doesn’t end there, as anyone could run a simple Google search to find the post with the solution to the problem. The end result? We have immediate solutions, which last over time and we get feedback from the most important agents in the process: our clients.