Tag Archives: Cybersecurity

Panda Security

Can we trust our computers? Many have been tampered with during the manufacturing process.

Leave a comment

3How can you prevent a manufacturing sabotage from becoming an IT disaster? Securing your company’s network with the right protection measures isn’t always enough. Of course you should install an adequate protection system and ensure that your employees use robust passwords. However, there is something that we cannot control: the manufacturing process.

Did you know that your business’s computers can be manipulated during the manufacturing process? A cybercriminal’s network is very sophisticated. In fact, these hackers have accomplices allover the world, including in factories where parts are produced (like microchips). Since the products are tampered with before the computer is finished, no one really suspects that the pieces are infected after they’re installed.

Luckily, manufacturers have discovered a complex solution that can beat this scheme. A new system was proposed by Siddhard Garg, a computer engineering professor at NYU. He believes that for the tightest security the microchips should be strategically manufactured in different phases.

Garg’s proposal makes it so that cybercriminals never know exactly where the piece will be created, making it difficult or impossible to carry out their plans.

Math makes the difference

Garg’s proposal isn’t a new one. In fact, this idea of distributing the manufacturing process to various factories is already being practiced. However, this professor has gone a step further; his method requires advanced mathematics. Instead of randomly distributing the microchip production, this will ensure the greatest security without heavily increasing the production costs. Garg’s system doesn’t just aim to prevent microchip tampering, it will also stop the production of counterfeit parts that affects both manufacturers and buyers.

With this method, since you aren’t building an entire chip in a same factory, there is no finished design to steal and copy.

The post Can we trust our computers? Many have been tampered with during the manufacturing process. appeared first on Panda Security Mediacenter.

Panda Security

No password? You’re asking to be hacked.

Leave a comment

75 million smartphones in the US don’t have their passwords set on

TransUnion’s latest Cyber Security Survey confirmed that Americans who feel extremely or very concerned about cyber threats have increased 20 percent since last year – from 46 percent in 2015 to 55 percent in 2016. Fears are legitimate – hacking and cyber security have even become one of the main topics in the presidential debates between Donald Trump and Hillary Clinton.

If you think this is surprising keep reading, the most shocking part of the survey is not the fact that its’ findings confirm the notion that we are constantly under cyber danger/attack – we already know that. The most shocking part is the facts that despite the increasing fear, nearly 50% of the participants admit that they don’t take actions to protect their content.

Nearly half of the people who participated in the survey admitted they don’t lock their phones with a password.

Let us translate this for you – currently there are nearly 320 million people legally living in the USA with about 225 million of them being adults. More than two thirds of the adults living in the US have smartphones. If the statistics are right, a quick math shows there are more than 75 million people in the US whose smartphones don’t have their passcodes set on. This is scary! This means two out of the three Kardashians don’t have passcodes on their phones! What could go wrong? We will let Kim and Kanye tell you.

What should you do?

Setup a password on your cell phone.

We all know what the consequences of identity theft are – unless you want a stranger buying a car in your name, or leasing a property in a city you’ve never heard of using your SSN, you should go find your phone and setup your password on, right now. Then add a recurring reminder on your calendar to change it frequently!

Admit the problem.

The threat is real and hundreds of thousands of peoples’ lives are being ruined by hackers stealing their precious information. Having a lock on your phone might be a good beginning but it does not solve your problem entirely.

Find a solution that works best for you.

The option we recommend is Panda Security Antivirus.Downloading your copy of Panda Security antivirus will protect you from getting your email hacked, and it will keep your credit cards, personal information and cell phone safe.

According to TransUnion about 1 million people will call TransUnion Fraud Victim Assistance Department in 2016. Let’s hold hands together, be more protective of our personal information and decrease the number of calls they get by practicing common sense. It’s natural to want to protect ourselves, but it is hard to wish to protect what we have if we don’t realize that the threat is real. The most astonishing results come from taking practical, protective actions before things go wrong. Let’s not get to the point where we are in need of calling the fraud department by acting now and protecting our personal information early rather than late.

The post No password? You’re asking to be hacked. appeared first on Panda Security Mediacenter.

Panda Security

Almost half of companies save employee passwords in Word documents

Leave a comment

passwordsThere is a growing awareness of cybersecurity within companies, but are these companies taking action to improve their security? As seen in a recent study, 750 IT security decision-makers worldwide were surveyed to see whether they are “learning and applying lessons from high-profile cyber-attacks”, and if it influences their security priorities and decisions.

The study examined the contradictory situation that is currently present in a number of global businesses. On a positive note, 79% of those surveyed said that they learned their lesson after seeing cyberattacks jeopardize the IT security in other companies, and 55% confirmed that they have changed the way they manage corporate accounts in order to adapt to the current cybersecurity climate and avoid unnecessary risks.

Nevertheless, the survey also exposes a very different reality. Far different from those who are complying with security procedures, 40% of the survey’s participants stated that they just use a Word document or worksheet to manage their company’s credentials and 28% stated that they use a shared server or a USB stick, for the same purpose. What is obvious is that IT security is absent in almost half of the 750 businesses in the survey.

Of course the previously mentioned storage methods are all susceptible of suffering a cyberattack, especially if they fall into the hands of someone with the right know-how, but they can also be leaked by the company’s own employees. A Word document makes private information accessible for any employee in the company.

To ensure that employees only use their own password, companies should use a password manager that will also protect their company’s devices. This will also help keep documents and devices, like a Word document or USB memory stick that stores passwords, safe from a cyberattack or infection.

In terms of cybersecurity, there is still a long way to go in the business environment. IT security should be a priority. Although, 95% of these organizations have a plan in place in case of IT emergencies, only 45% of them periodically check that they are functioning properly.

Despite their carelessness, 68 % of those surveyed claim that their greatest concern and challenge is the data theft of their customers (but this percentage does not correspond with the cybersecurity mechanisms implemented by IT security heads).

The post Almost half of companies save employee passwords in Word documents appeared first on Panda Security Mediacenter.

Panda Security

This is why you should “tether” your work phone

Leave a comment

3g-4g

The tablets or smartphones at your office connect to either 3G or 4G (which is better than WiFi). When tablets and other connected devices (like smartphones or smartwatches) become essential to an employee’s work, then it is essential these employees are properly trained on using them safely. Surely, workers think that connecting an office device to their data is much safer than using a WiFi Network.

Whether you connect with 3G or 4G, Regardless of how you connect to the net, your tablets and phones will all connect to the internet in the same way, whether you use 3G or 4G: the internet provider has the power in giving us access to the internet. What’s interesting about this? Well, in the case of WiFi connection, the provider always sends encrypted data.

Although there is no confirmation that the internet you connect to on your mobile devices is 100% secure, what we do know is that the possibility of a cyberattack through a 3G or 4G connection is much lower than through a WiFi network. However, Spanish cybersecurity experts recently demonstrated how it is possible to attack a 3G or 4G connected device, but its still in the proof of concept phase.

Fortunately, in order for cybercriminals to perform these 3G attacks, the resources are excessive. This makes it the safer option. Especially if the device in question is protected by a solution consistent with the company and its private information.

In fact, this is your better option, even for a laptop. It is safer to use your Smartphone or Tablet as a sharing point than connect to an unsecure public network—this is called “tethering”. With tethering, you can connect your computer to your mobile device’s data. Here’s another great option that’s a little easier and does the same thing: a 3G USB Flash Drive.

In the end, protecting your business’s private information is the most important, and most of it is managed using these same tablets or smartphones. It is recommended that businesses choose an internet connection with a powerful data plan: any WiFi network (even some private ones) are less secure than the 3G or 4G one we enjoy on our smartphones. Encrypted business information is worth the price of a great data plan with GBs and GBs of internet.

The post This is why you should “tether” your work phone appeared first on Panda Security Mediacenter.

Panda Security

Apple Macs – more secure, but not invulnerable

Leave a comment

pandasecurity-apple-macs-not-invulnerable

Over the years, Apple computers have developed a reputation for exceptional security. In fact, many people believe that Macs are completely invulnerable to malware, like viruses and ransomware.

But in an age where cybercriminals are using increasingly sophisticated attacks to break into computers, Apple owners need to know the truth.

No computer is 100% secure

The first thing to realise is that Apple computers are not completely hack proof. No computer is completely hack proof. It is completely untrue to say that Apple Macs cannot be hacked, or be infected with malware.

In fact, one of the first viruses ever created was targeted at the Apple II computer back in 1982. The virus was relatively harmless – it simply displayed a rather childish poem on screen. But the reality was that the computer’s built-in security had been breached.

More malware followed over the years, each becoming more serious as time went on.

OS X significantly improves security

With the release of OS X in 2001, Apple significantly improved the security of their operating system. The core of the operating system made it much harder for malware to install itself – and it was around this time that Apple began to attract a reputation for being 100% secure – one they did little to dispel.

Interestingly, there has been roughly one significant item of Mac malware released every year since 2004. But the fact that there are less viruses targeting OS X than Windows, helped drive the legend of invulnerability. In most cases the only way to “catch” one of these viruses was to install illegal software from a “warez” website.

Ransomware – a true game-changer

Like its Windows-based relatives, most Mac malware was designed to steal personal information. However these viruses were relatively easy to identify and remove – often before any real damage was caused.

The emergence of ransomware has completely changed the game however. These malware infections encrypt the files stored on your Apple computer so that you can no longer read or use them. The only way to decrypt them is by paying a ransom to the cybercriminal behind the infection.

Eventually the ransomware infection will make all of your files unreadable.

There’s still worse to come

Cybercriminals are also creating new attacks that use a number of different techniques to trick you installing their malware. An infected email may be followed by an official-sounding phone call for instance, encouraging you to download and install an application to assist with internet banking, or to troubleshoot a technical issue.

Hackers are also becoming more patient, sometimes spending days and weeks building trust with their victims, using a technique known as “social engineering”. Which makes these attacks all the more subtle and effective.

Mac anti-virus software is no longer optional

When Mac malware was relatively rare, the chances of your computer becoming infected were slim. Mac malware is becoming more common and sophisticated – so all of your computers need to be protected with a comprehensive security package.

Panda Antivirus help to block malware and ransomware before it can be installed on your computer. It will also help to protect against social engineering attacks – you won’t be able to install dodgy software, even by accident.

To learn more about how to protect your Mac, download a free trial of Panda Mac Antivirus now.

The post Apple Macs – more secure, but not invulnerable appeared first on Panda Security Mediacenter.

Panda Security

Are you willing to gamble your company’s security with the new iPhone 7?

Leave a comment

iphone panda security

Apple has taken the world by storm once again with the release of the latest version of its top-of-the-range smartphone. Two new iPhones, the 7 and the 7 Plus, are on the Smartphone market with some standout novelties: the absence of the classic headphone Jack and the addition of two new and improved cameras. Unfortunately, the topic of cybersecurity was absent from the keynote presentation, in fact, Tim Cook and his team did not devote a single minute to this important issue.

This isn’t to say that the lack of conversation regarding security in the brand new iPhones makes them a danger to your business or your employees. In fact, if businesses decide to use it as a corporate phone, users could actually benefit in regards to security thanks to some of its new standout characteristics and changes.

Novelties in Apple Mobile Security

The new Home button, for example, is not a button at all.  On the new version the Home button is actually a touchpad with a Haptic system that permits users to perform various functions—from exiting applications to using the multitasking function—while some of the other features were designed specifically for user convenience, security and privacy such as the Apple Pay or Touch ID.

Unlike the original iPhone button, the new Haptic button is designed to last over time.

iphone panda securityIn addition to the physical iPhones, a new operating system is also added to the new 7. The iOS 10 is presumed to be more robust in terms of cybersecurity (this is great news, especially after discovering various faults in the beta operating system).

It also permits users to respond to messages without introducing a security code or having to use Touch ID to unblock the device.

In conclusion, although Apple has given little or no attention to cybersecurity in their keynote, the combination of the iPhone 7 with the new operating system continues to be an excellent option for preventing IT risks in the corporate mobile sphere. If these devices become a growing danger for your company, make sure to combine them with the best advanced security solution.

The post Are you willing to gamble your company’s security with the new iPhone 7? appeared first on Panda Security Mediacenter.

Panda Security

Top 5 things you are revealing to the world when downloading torrents

Leave a comment

Top 5 things you are revealing to the world when downloading torrents

Downloading torrents is certainly not as popular as it used to be but people still do it. The fact you may be able to watch a movie free of charge before it is even available in your town’s movie theatre may sound appealing, we wanted to highlight that this is illegal and your actions will have consequences.
In this blog post we are not going to focus on the consequences, we are sure you already know what happens to the bad guys. We want to stress on the type of information you are sharing with the world while downloading torrents;

Username and Password

Very often torrent websites require you to create a profile before you are able to download a torrent. Therefore you are forced to come up with a username and password. Having in mind people don’t enjoy using multiple passwords some folks end up literally giving their username and password without a fight. Imagine what hackers who crack software for fun could do with your personal information. It feels like getting a wolf pack to guard your sheep.

IP Address

You are sharing your IP address with both seeders and leechers. Almost every torrent client has the option to see details about the peers you are connecting with. Sharing your personal IP address with complete strangers is not the safest thing. Not all peers are there to help you, hackers masked as seeders/leechers are lurking around harvesting IP addresses.

ISP – Internet Service Providers

Your ISP knows what you are doing. Even though it is NOT in their interest, sometimes they are forced to share information with the law enforcement. Your ISP provider will not hesitate to share information about you when pressured by the authorities. After all torrents can be heavy and ISP providers are certainly not very happy when they see you abusing the unlimited data stream they offer you.

Traffic Information

Getting to download an actual torrent is not an easy task. You have to go through a whole bunch of shady websites so you can get to the point where you will download the torrent you want. There are a whole lot of ‘download’ buttons that download everything else to your device but the desired torrent. Even if the content you want to download may not be illegal, you share all your traffic information with the website admins. Remember what we discussed about the wolf packs.

Social Media channels

Torrent websites sometimes offer you perks when following them on social media. This immediately gives an idea to everyone interested about the type of people that support those websites. Even if you are not downloading or distributing any illegal content, engaging with them on social media channels and being active on torrent forums may drag you towards a group of people you don’t want to be in.
Peer to peer file sharing is not always illegal but you have to keep in mind that very often cheap things end up being expensive. You should be fully aware about what you exposing to the world on your journey to the next episode of the Big Bang Theory.

If you are in store you don’t just go and grab a DVD and walk out, you pay for it. The reason why you don’t steal is not only because you are a good person but also because you are afraid that your action may ruin your life. Nowadays, being on internet is similar to walking on the street or in the store, your actions are being monitored – let’s make sure you don’t embarrass yourself before the whole world.

The post Top 5 things you are revealing to the world when downloading torrents appeared first on Panda Security Mediacenter.

Panda Security

Links that endanger your cyber-security

Leave a comment

panda security

On any given day, employees at your company click a multitude of links and many of them come from unknown sources. But clicking these mysterious URLs endangers more than your security, it can also threaten your business.

Curiosity can cost you. The sole purpose of these links is to transfer malware onto your system. What’s worse is that, as demonstrated in a recent study, the majority of internet users click these unknown links.

Zinaida Benenson, a professor from the University of Erlangen-Núremberg, and her team of investigators sent 1,700 students messages (from both Facebook and email) containing a shortened link in order to access a photo album. To do this they created fake accounts and profiles to see if the students trusted and clicked the unknown sources.

But, of course, a photo album did not appear when the link was clicked. Luckily for the study’s participants, there was only an error page that allowed for the investigators to count how many of them clicked the bait. The study’s results speak for themselves: 56% of those that received the link via email and 38% via Facebook clicked the links.

More than half of internet users click links without thinking.

Later on all of the study’s participants received a questionnaire. Once again, one of the conclusions drawn from the study was the most surprising: The number of those who clicked the unknown links totaled 78%. Why? For most participants, curiosity was to blame.

It is extremely important that employees are aware of the risks when clicking a link from an unknown source: this mistake can endanger all of the private data stored on company systems, including information stored in the Cloud.

However, if you see that curiosity takes flight, the best advice you can adopt is to begin using a solid protection service such as Panda Solutions for Companies, the only way to protect ourselves against these type of cyberattacks.

The post Links that endanger your cyber-security appeared first on Panda Security Mediacenter.