La Piazza

Published by eKnowledge team, December 2010

Dear readers,

Thank you all for your support during this year.

Our wish for the New Year is to keep having your priceless support in order to continue developing and enhancing the Great Community we build together day by day.

We wish you all a very Merry Christmas and a Happy New Year and we want to share this little present with you. Click on the image below:

With our best wishes,

The eKnowledge team

Published by Javier Guerrero, December 2010

The protagonist of this new chapter in the “Malware for Beginners” series is very significant as, even though this type of malware was not the first one to appear, it was the reason for the ‘boom’ of the viral phenomenon and became the epitome of what is today known as malware.

In fact, we still use today the term “virus” to refer to any type of malware in general, when reality shows that, except for the occasional surge, the number of viruses in circulation is much lower than that of Trojans, for example.

But, what is a virus?

Well, just as any other type of malware, a virus is a small program that “infects” other files. The infection process consists of introducing its code in the target file (normally an executable file) so that, from then on, the infected file will carry the virus and become a new source of infection.

It is due to this parasitic behavior that this type of file was compared to biological viruses. Computer viruses differ from other malware specimens like Trojans or worms in that the latter do not need a host to spread. Also, this characteristic makes them more complex to develop as a computer virus must know the internal structure of the file it tries to infect in order to be able to install on it.

These two aspects may explain why there are so few viruses currently in circulation compared to other malware strains. Also:

• Any error in the infection process could lead to file corruption and lack of usability.

• Finally, given that viruses affect all executable files on the system and any computer with the Windows operating system and the most popular applications installed may contain thousands of executable files, virus infections can be really spectacular and visible.

Obviously, this goes against the current strategy followed by malware writers, who now focus on silent attacks in order to profit financially from their creations.

And as always, don’t forget that to protect yourself it is essential to have an antivirus program installed and up-to-date with an anti-spam filter. Any Panda Security solution will keep your computer free from viruses and other malware.

Javier Guerrero Díaz
R+D – Development Dept.
Panda Security

===========================================================================

Javier Guerrero works in Panda Security as a technical specialist and analyst/programmer. Since joining the company in 1998 he has taken part in numerous projects, almost always involved with kernel layer technology: the first Panda Platinum, Panda Security and Panda Security for Networks, firewall and TruPrevent technologies, file permanent protection modules, Shield and the Cloud AV interception layer. He currently works in the Interception Unit and is responsible for the Cloud AV file and process interceptors.

Published by Blanca Carton, December 2010

Our aim when we created Panda’s support channel on YouTube last year was to post a series of video tutorials that helped you resolve your queries about your antivirus.

That’s why we have just posted the video How to install your 2011/2010/2009 antivirus product.

[youtube=http://www.youtube.com/watch?v=KhwMYCZaB0M&w=425&h=344]

What do you think about it? Was it helpful? Please post your comments!

Remember to subscribe to the Support channel to find out about the new videos!

Anyway, we’ll keep you posted from La Piazza as… This is just the beginning! : -)

Finally, let us remind you that you can find the answer to any queries you might have about your product in the articles posted on the Panda Security support website, or contact our expert technicians in the Tech Support forum.

Published by Blanca Carton,  december 2010

Many of us are a bit reluctant to shop online as we believe we may fall victim to some scam. Even thought it is true that online shopping is sometimes subject to fraud, it is just enough to follow some basic tips to protect yourself when doing your Christmas shopping online.

What to bear in mind when shopping online

1. Only visit trusted sites. Look for pages with a professional appearance, pages from a well-known brand, sites displaying a customer service telephone number… It is very important to know who you are buying from.
2. Be wary of prize-drawings and ridiculously good offers. Read the conditions of each promotion carefully to avoid nasty surprises.
3. Pay for your purchases securely. You don’t necessarily need to always pay by credit card. There are different means of payment and, whenever possible, we recommend that you use cash on delivery to avoid surprises.If this is not possible and you choose to pay by credit card, remember that you will have to provide more information, and therefore you must be sure that the transaction will be completely safe.
4. Make sure you are on a HTTPS page: Web addresses normally start with ‘HTTP’, for example: http://www.pandasecurity.com/homeusers/downloads However, the pages you make online payments on must be more secure and they should start with ‘HTTPS’ https://shop.pandasecurity.com
5. It is advisable to have a bank account with a credit card associated with it for making online purchases. This account will contain just the money you need for this purpose, making monitoring easier.
6. Keep product warranties in a safe place. Besides handling the electronic aspect of online purchases, e-businesses must offer straightforward warranties on products bought. The Web page must contain the following information:
   • Means of payment
   • Delivery terms
   • Product warranties
   • Returns
7. If you find out that the product you receive is faulty, is different from the one you purchased or the delivery terms are not fulfilled, file a complaint through the company’s Customer Service Dept.
8. If you don’t receive any answers and you suspect there could be some kind of fraud, report it as soon as possible.
9. Finally, keep an antivirus installed and update it frequently. This is your barrier against spam and phishing.If you are not sure about something during the installation or update processes, don’t leave it for later. Look for the appropriate solution in the support forums available to you for any queries you might have, even during the holidays.

Follow these simple tips and you won’t have any surprises when it comes to doing your Christmas shopping on the Internet. The end result will be the smile of those receiving your presents.

Nothing else from my side, I’d like to wish you all very happy holidays in the company of your loved ones.

Published by Javier Merchan, November 2010

Have you ever received an email from a supposed admirer in Russia or the Ukraine? If not, then either you don’t have email or your anti-spam protection is doing a fantastic job.

It goes like this. A stunningly attractive woman, normally from Russia, has found your email address and is writing to you because she wants to get to know you in person and visit your country. After you’ve exchanged a couple of emails with her, she falls hopelessly in love with you and desperately wants to meet you. So you think: How could she not fall in love with me? After all, I guess I can be quite charming.  And importantly, who could resist, after seeing her photo?

For all women reading this post: How can you say that you don’t understand men?  You see, we really are that simple.

Typical photos included in these emails:

Well, I’m sorry guys but I’m going to ruin it for you… for all your charm, you won’t end up marrying the beautiful Russian blonde. The girl of your dreams is, I’m afraid, just in your dreams.

Don’t get me wrong, I’m not saying you won’t meet and fall in love with someone as beautiful as this.  Just that it won’t happen like this.

This is one of the most popular Internet scams, just like the Nigerian letter, fake job offers and lottery prizes.  Yet people are still falling into the trap.

How do these scams work?

1. As with any other type of spam, thousands or millions of email addresses are harvested and spammed.  Obviously, the more mails sent, the greater the chance of finding potential victims.
2. The message claims to be from a girl, often from Russia, the Ukraine or other Eastern European countries, and include a photo (normally they use a model).
3. The messages are normally written in English or Spanish, two of the most widespread languages, with poor spelling and grammar, but given their nationality –and their looks- many seem prepared to excuse that.

   Typical message:
   

4. If you reply, you will soon hear from the girl, wanting to know all about you and no doubt telling you about how she intends to leave her country.  As you get more intimate, she will suggest coming to live with you, and will send you even more photos.
5. Then comes the crunch. Just when the girl is about to leave her country to meet you, some last-minute problem occurs (holdups with the visa, bribes that need to be paid, etc.). To resolve this, she will ask you for a small amount of money, anything from $500 to $1000. This, obviously, is where the fraud starts; the girl doesn’t exist, she is just an invention in order to defraud users.

Some years ago, this type of fraud tended to arouse more suspicion, yet now, with so many people participating in social networks (Facebook, Twitter, etc.), they have become more plausible. With so many personal profiles and email addresses in the public domain, people may think it feasible that somebody has seen their photos and has taken a liking to them.

What should I do if I’m targeted by one of these scams?

It’s normal that if you’re not aware of these types of criminal ploys, you might think that you have found true love on the Internet. So here are some practical tips that will help keep you out of harm’s way:

• Use your common sense. Always distrust emails from unknown sources. Even if you spend half your time in the gym and a real charmer, the chances of an unknown girl from another country wanting to know you via email are practically nil…  Love at first sight across the Internet is a very remote possibility. As a general rule, you should be highly suspicious of these kinds of contacts from the outset.

• Have a good antivirus installed that can detect spam. Many of these messages will be detected and classified as junk mail by most security solutions. This will help you be wary of the content of any such messages.

If however, you do fall victim to fraud, PandaLabs advises you to promptly report the crime to the police. Even though tracking down this type of crime can be complex, law enforcement agencies are becoming increasingly adept at dealing with cyber criminals.

You can find more information about Internet scams in Panda Security’s Press Center: top scams on the web

================================================================================

I have been working in Panda Security since 2001 and I am the PR Coordinator.  This may sound strange, but it consists of working with our offices worldwide to coordinate PR and Communication actions. I love sports (lately I prefer to watch rather than take part), reading and good movies… This is subjective, as some people may consider Rambo a good movie, and others may like French movies where the main characters look at each other through a window while the rain is pouring down it. You can contact me in http://twitter.com/javiermerchan or josejavier.merchan@pandasecurity.com

Published by Luis Corrons, November 2010

The Dutch High Tech Crime Team (THTC) of the National Crime Squad announced the dismantling of a dangerous botnet. This botnet is part of the Bredolab network, used by cyber-criminals to distribute malware on the computers of unwary users, infecting more than 30 million computers around the world.

How do Trojans work?
The main objective of this type of malware is to install other applications on the infected computer, so it can be controlled from other computers.

Trojans do not spread by themselves, and their name derives from the trick that the astute Greeks used to enter Troy in mythology: They reach computers hidden in an apparently inoffensive program, but in certain cases, when the application is run, a second program, the Trojan, infects the computer. This is a perfect example of a downloader-type Trojan.

What do Trojans do?
Like viruses, they can destroy files or information on hard disks. Yet they can also capture and forward confidential data to an external address or open communication ports, allowing intruders to remotely control your computer.

They can also capture keystrokes or record passwords entered by users. They are frequently used by cyber-criminals, for example, to steal bank details.

Means of infection:

1. Cyber-crooks look for vulnerabilities on websites and, once they find them, inject malicious code into the page in order to compromise it.
2. Trojans infect users’ computers as they access a compromised website. The Trojan triggers the infection directly without the user’s consent, or hides the malicious payload within other downloads carried out by the user.
3. Once on the user’s computer, the Trojan opens a backdoor for downloading other malware, or opens a port to remotely control the system.

According to PandaLabs, more than 50% of the malware received this year was Trojans. This is logical given that Trojans are designed, by and large, for financial gain, and they offer the best ROI to their creators.

In this presentation you can find out if you are infected and how to keep yourself safe from trojan infections:

Remember, “The most destructive virus sits between the keyboard and the chair”.  Don’t become the weak link on your computer!!

And as always, don’t forget that to protect yourself it is essential to have an antivirus program installed and up-to-date with an anti-spam filter. Any Panda Security solution will keep your computer free from Trojans and other malware.

Published by Ana Etxebarria, november 2010

I spent my whole childhood learning English. I’m not exaggerating; I started when I was three years old in the kindergarten, doing gym class and singing “head, shoulders, knees and toes…”

When it came to deciding which degree course to go for, I opted for my best subject and chose one of those courses that will guarantee you a place in the dole queue: English Philology.

At university I had to choose a second foreign language. I chose German. I didn’t learn very much, though I did get to spend an unforgettable year living in Munich, so I think that was the right decision.

Some years on, I feel I can say that my English is decent enough and in German I would be able to order a taxi, book a table in a restaurant and not much else.

But we are in 2010, and my linguistic limitations are no longer an obstacle to reading a Web page in German. Let’s take my company’s Web page as an example. It seems as if there is some kind of special Panda Security 2011 product discount, but I couldn’t tell you much more. Now, if you look closely, Google is kindly asking if we would like the page translated. So, would we? Yeah, why not?

The result is not great, but it may be good enough depending on what we’re looking for.

Let’s keep testing. I have copied a complete paragraph describing one of our products, Panda Global Protection 2011, into Google Translator.

The result is spectacular. It really is good. My conclusion is that you no longer need to know a language to be able to read newspapers, Web pages, etc.

Of course, these types of tools would never be able to tell us how to pronounce the words, or maybe they would?

Forvo (http://forvo.com/) offers the pronunciation of more than 700,000 words in the most common languages and in some that are not so common:

I could go on indefinitely about the countless translation applications that exist for iPhone or iPad, but I think we can leave it there for the moment.

To finish, I would say that it is no longer necessary to know a language in order to read it, but of course it would always be necessary in order to have a coffee, exchange ideas, or tell someone who doesn’t speak your language how you feel. I still think I chose a wonderful course at university, and although it has had nothing to do with my professional career, the memories I have from those years will be with me forever. Bye, Tschüss, Adiós!

Published by José Manuel Bernal, October 27th 2010

We are happy to announce that we just released Panda Cloud Antivirus version 1.3.

This new version of Panda Cloud Antivirus has been made possible thanks to our large community of users and specially to our Support Forum Trusted Mods who have helped a lot of users and gathered enough feedback to incorporate major improvements as well as many different bug fixes. All new features have been included in both the Free and Pro Edition.

If you have Panda Cloud Antivirus 1.1.0, 1.1.1 or 1.1.2, you will get the upgrade automatically and transparently.

If you don’t have Panda Cloud Antivirus installed yet you can download it from www.cloudantivirus.com

What’s new at the latest Cloud Antivirus version?

The new Cloud AV version includes:

• Malicious Web & URL Filtering. This feature blocks websites that push malware, exploits and drive-by downloads. It is available both in Free and in Pro Editions and is installed by the toolbar. Unlike similar solutions, this web filtering works at a low level so it works under all browsers: Internet Explorer, Firefox, Chrome, Safari, etc.For those of you that didn’t install the toolbar but would like to install the Web & URL Filtering, you can download it from here and install it manually.

• Unified Recycle Bin and Quarantine. Previously the Recycle Bin handled suspicious detections and the Quarantine handled deleted malware detections. This has been unified into a new Recycle Bin for ease of management. This is included in both Free and Pro Editions.

• Automatic and transparent upgrades to new product versions, previously only available in the Pro Edition, this is now available in the Free Edition as well. All users of Free Editions versions 1.1.0, 1.1.1 and 1.1.2 will automatically and transparently upgrade to the new 1.3. See notes below for the upgrade schedule.

• No more nagging advertising. After listening to many of you we have decided to turn off the nagging advertising popups prompting to upgrade to Pro Edition. If you want to support Panda Cloud Antivirus and wish to get the Pro Edition, you can do so from here, but we won’t bug you anymore from the popups.

• Hot updating of behavioural blocking rules. In order to increase protection on the fly against new vulnerabilities and attacks and to fix false positives, hot updating of behavioural blocking rules allows faster response time in both the Free and Pro Editions.

• Immediate notifications of virus detections. Previously if Panda Cloud Antivirus encountered multiple viruses, it would delay its traybar notification and show them grouped. This behaviour has been changed so that the notifications are shown immediately.

• Suspicious detection counter. Under the statistics window there’s some new counters for the different types of heuristics and behavioural detections.

• New versioning format. Unified versioning format in GUI and other parts of the program.

• Many bugfixes as reported by users in our support forum:

1. Fixed issue with Windows 7 Start menu slow-down.
2. Fixed Panda traybar icon disappearing.
3. Fixed “you are not connected to the Internet” message when there is connection.
4. Fixed issue when Free Edition users can activate behavioural analysis.
5. Fixed slow-down and conflicts while playing Allods Online and AION.
6. Fixed cloud-response time configuration which defaults to 30 seconds.
7. Fixed constant accesses to the floppy disk drive.
8. Fixed BSOD issue after install.
9. Fixed bug while exporting an empty report to TXT/CSV.
10. Fixed Conficker detection.
11. Fixed BSOD while compressing malicious PDFs.
12. Fixed translation errors.

Panda Cloud Antivirus version free and Panda Cloud Antivirus version paid

The basic version will remain free, and those who wants to buy superior version with more features and tech support can pay for the Pro one for 29,95.

Panda Cloud Antivirus Support Forum

I’d like to encourage anybody who needs help to contact me or any other moderator through our support forum. I am sure we can be of great help to answer any questions you might have.

You will have a whole support team available to you, including the following moderators: intrepid44, Shadowman, swejuggalo, Ibrad09, GoneToPlaid, budee and kilps. Also, I’d like to take this opportunity to thank them all for their great job.

Take part in the forum and tell us your opinion!

Note: More information in Panda Cloud Antivirus Blog

Published by Javier Guerrero,  October 2010

We use the term malware to refer generically to the multiple threats to which IT systems are exposed every day. However, this word covers a whole range of concepts with which, on the whole, most users are unfamiliar.

Although this is perfectly understandable (one of my favorite maxims is that “you don’t need to be mechanic to drive a car”), it’s not a bad idea to have an understanding of the mechanisms used by the different types of malware. So let’s start with something simple: keyloggers.

A keylogger is simply a component (generally software, although hardware-based keyloggers also exist) that registers keystrokes on a keyboard without the user’s knowledge.

Not too nasty really, is it? Nothing could be further from the truth. Keyloggers are used to steal information entered by users, such as:

• User names and passwords for starting OS sessions social network credentials.
• Credit card numbers. Keyloggers are a crucial element of many banker Trojans that steal this type of data and send it to hackers, who profit financially at the expense of unwitting users.In fact, most banks now implement measures in their Web services to protect against this threat, such as virtual keyboards.

In any event, the advice that we generally give for other types of malware also applies for keyloggers:

• Don’t download or run files from dubious sources
• Only browse trusted sites
• Use a good, up-to-date security suite.

And, of course, use your common sense. These are the best weapons in the fight against malware.

===================================================================================
Javier Guerrero works in Panda Security as a technical specialist and analyst/programmer. Since joining the company in 1998 he has taken part in numerous projects, almost always involved with kernel layer technology: The first Panda Platinum, Panda Security and Panda Security for Networks, involving firewall and TruPrevent technologies, file residents, Shield and the Cloud AV interception layer. He is currently part of the interception unit and it is responsible for the file and process interceptors in Cloud AV.

By Iñaki Gorostiza, September 22, 2010

Google Instant highlights just how marvelous human beings are: we can search for something at the same time as we read the results, without our heads exploding.

Instant is the result of 15 new technologies which, according to the people at Google, will help our searches return faster and more accurate results. An unprecedented act of generosity that will help us save five seconds for every search we make. Start thinking what you’re going to do with all this free time!

On the face of it, Instant is a significant advance in the mechanics of search engines, yet Adwords advertisers and behavioral philosophers dabbling in SEO have misgivings. Collective hysteria has erupted across social media, with apocalyptic predictions of the death of SEM and SEO.

This is nothing new, every time the search engine supreme engenders a new function (Google has delivered more than 540 search quality improvements since 2009) the Earth’s axis shifts another millimeter: Caffeine, Google Suggest, personalized searches, universal – realtime search, and now Instant. But, has anything really changed? Do we really have something to worry about?

What’s new in Google Instant?

Broadly speaking, three things are new:

• Dynamic results: Every time you type a letter, the SERP updates to display the results most relevant to what you have written.
• Predictions: Google will predict what you are looking for, and will display this prediction in light gray text.
  
• Textfield with Scroll: You can immediately mouse over the predictions and see the results.

Google Instant supports Chrome, Firefox, Safari and Internet Explorer 8+ and is already available to Google users in France, Germany, Italy, Russia, the UK, USA and Spain.

Although it is currently only implemented for Web searches (and accessed from a Google account), the plan is to include it in other content: videos, images, maps and news, as well as on other devices, such as cell phones.

Why Google Instant?

Google Instant, evidently, optimizes search time, and estimates suggest that users will save some 350 million hours over the next year.

It is also thought that Instant will improve the scope and quality of search results, in other words, our searches will be better.

Google hopes that these two factors will encourage users to make more searches with the consequent positive repercussions for its main source of monetization: its Adwords sponsored advertisements.

Moreover, Google Instant, as we will see below, will subtly favor PPC over organic results in the SERP. Everything suggests that this is another initiative from Google that will improve revenue while making us all happier individuals.

Redefining e-marketing metrics

The first direct consequence of Instant is that it redefines the concept of the impression, which is of essential importance to PPC.

Traditionally, an ‘impression’ has been defined as every time an Adwords advertisement is viewed in the SERP. Starting with this parameter, others such as the CTR or CR can be derived with a view to calculating the ROI of a campaign.

In this new scenario, where the SERP is dynamic, changing with every keystroke, Google does not count impressions until one of the following criteria has been met:

• The user clicks Enter to run the search.
• The user clicks the Search button.
• The user clicks a specific result.
• The user clicks a suggestion.
• The user does nothing for three or more seconds.

One aspect that I personally find lacking is that Google Analytics still doesn’t offer advertisers a way of segmenting traffic directed from Google Instant. Fortunately though, the community has made up for the omission by generating filters for this purpose. So what’s your take on this?

I’ll be following up this issue and shortly publish a second part to the article, looking at how Google Instant revolutionizes the SERP.

==================================================================================

Iñaki Gorostiza works in Panda Security as Web Development Responsable. Since joining the company in 2002, he has taken part in numerous projects, in the Development Area and online promotion. You can contact him on his blog http://www.hellogoogle.com, where he publishes articles that help companies grow on Internet, and at http://twitter.com/hello_google.