Tag Archives: Cybersecurity

Porn filter: is it enough to protect our children?

UK to create new porn filter – but is it enough to protect your kids?

The UK government has recently announced a range of new measures intended to help “police” the internet, identifying and prosecuting cybercriminals and terrorists for instance. In among the proposals of the digital economy bill are plans to restrict access to pornographic websites that breach specific guidelines.

Under the proposal, any websites depicting sex acts that would breach the regulations used by the British Board of Film Classification (BBFC) to issue certificates for movies will be banned. This ban will apply to all UK users – not just children.

Moves to improve online safety

This new filter is part of continued government efforts to protect children from accessing pornography online. Previous measures include “age gateways” on porn sites that will demand proof that the user is over-18 before allowing access.

The reality is that children are being exposed to (or choosing to access) more inappropriate images than ever before. Parents, teachers and healthcare professionals are increasingly concerned about what the long term effect of this exposure is, which explains these new initiatives to restrict access.

Will it work?

Already there are many people raising objections to this latest proposal, claiming that a block on certain websites is unfair to adults who are allowed to view pornography. Other complaints focus on the fact that many of the “banned” sex acts are completely legal for consenting adults to engage in. These objections have little bearing on children, but they could force the government to water down their proposals in the long term.

More problematic is the fact that web filters imposed by central governments around the world almost always have loopholes that are exploited by criminals to carry on as normal. It is entirely possible that a UK content filter will have similar gaps in coverage. Alternatively the use of anonymous web proxies will allow determined users to circumvent these safeguards.

Children need multiple layers of protection online

The proposed web filter will act as a robust baseline protection for your kids as they surf the web. But it will not be sufficient to keep them completely safe.

True internet security relies on using multiple layers of protection to keep unwanted content out. So it makes sense to install a secondary web content filtering tool like Panda Internet Security to catch anything that makes it through the government’s filters.

Panda Internet Security

Panda Internet Security has the added benefit of being able to detect and block attempts to circumvent security. If one of your kids tries to use an anonymous proxy for instance, the filter will detect and prevent access. You also have the added benefit of industry leading anti-malware protection included as part of your subscription.

Whether the government’s proposed porn filter is ever put in place remains to be seen. But there is nothing to stop you from installing your own filter to protect your children right now.

Click here to download a free trial of Panda Internet Security today.

The post Porn filter: is it enough to protect our children? appeared first on Panda Security Mediacenter.

FTC IoT privacy and security push points out D-Link router and webcam flaws

The US Federal Trade Commission has again acted on its serious concerns about data privacy and security in the Internet of Things (IoT). This time D-Link webcams and routers are the focus. Stephen Cobb puts this latest FTC move in context.

The post FTC IoT privacy and security push points out D-Link router and webcam flaws appeared first on WeLiveSecurity

The Dangers of the New Windows 10 Update System

The latest version of the Microsoft OS has become once again a topic of discussion, and this time it may carry bad news for your company’s security. As the cybersecurity expert Sami Laiho revealed on his blog, every Windows 10 update poses a serious risk. Namely, while your system updates, anyone can take control of your corporate computers.

This is a big issue and it has been there for a long time,” explains Laiho. This serious flaw comes into play when the OS restarts after installing a new update. Once the system is being updated, all you need to do to gain control of it is to push Shift-F10 to access the command prompt with admin level clearance.

In light of this, the dangers that your company faces are multifaceted. Indeed, any employee can take control of their computer as administrator, access confidential documents, or access the corporate network and create a serious problem from within the company itself.

Laiho points out that it is not necessary to use any specific software to carry out this cyberattack. Just that innocent combination of keys is enough to sow chaos. As if that wasn’t enough, the threat is not limited to those who have physical access to the computer: “An external threat having access to a computer waits for it to start an upgrade to get into the system,” explains Laiho.

Microsoft is apparently working to fix this serious flaw. Meanwhile, the most important thing to prevent threats is to rely on an adequate security solution, and not to postpone Windows 10’s tedious updates.

Forget about how long the update takes. Ideally you would authorize it immediately and stay with the computer at all times. This is the only way to be sure that no bystanders take the driver’s seat of your computer. It is obviously very important to explain this to employees.

In the meantime, we’ll have to trust that they will not commandeer the system themselves and wait for Microsoft to resolve this critical vulnerability.

 

 

The post The Dangers of the New Windows 10 Update System appeared first on Panda Security Mediacenter.

The Worst WhatsApp Scams of 2016

List of the worst WhatsApp scams for the year.

With 2016 coming to an end we wanted to put together a list of the worst WhatsApp scams for the year. As you may remember WhatsApp was acquired by Facebook back in 2014. The promising app which has been making a name for itself in recent years just got its 1 billionth customer. A quick Google search and we find out that there are nearly 2 billion smartphones in the world. With this in mind, we can easily conclude that every 2nd smartphone user in the world has WhatsApp installed on their cell phone.

This automatically gives cyber trouble makers an opportunity of having one more source they could use for tricking you into giving away personal information such as credit card details, social security number or bank details.

Here’s what you need to know to stay out of danger and not fall victim of WhatsApp scams.

Getting you to download an app

Getting a message from an unknown number that allows you a sneak peek into your friends’ WhatsApp conversations. The message may sound something like ‘All WhatsApp messages are now encrypted but this app beats the code. Find out what your best friend and your girlfriend are talking about.’

It may sound hilarious and easy to catch but you would be surprised by the number of people without antivirus protection who fall for this trick.

The Nigerian lawyer

Have you heard of the Nigerian inheritance scam? It is still out there and even in 2016 you may end up laundering money without even knowing it. People who fall for it very often give away their bank details too. It may sound very 2014 but this scam is still going on in 2016.

These guys have now migrated to sending their messages on WhatsApp. And they still send them because people still fall for it. It may be 1 in a hundred that does, or even 1 in a 1000 but people still do. Common sense and antivirus protection would save you from getting scammed.

Craigslist

Without going into details, every seller on Craigslist wishing that you communicate only via WhatsApp is a person not worth doing business with. No, you will not get that cute little labradoodle puppy if you use an archaic money transfer service to send cash to a third world country while communicating solely over WhatsApp.

The Lady from Thailand

The lady claiming to be from Thailand or the Philippines you’ve been chatting with since last month is now asking you to buy and send her the latest iPhone 7. Even though this may sound legit you can’t be sure of who she really is. Drop the chat and report it. Remember that if it is too good to be true, it most likely isn’t. Don’t be cyber prey.

The 60% off

It may be a voucher or just an invitation to fill out a survey that promises you a gift card. It sounds legit as it promises you a little prize at the end of the survey. You directly get a message that qualifies you for a huge discount on remarkably expensive watches or sunglasses.

In both cases the link forwards you to a website where you give away your name, home address, password and possibly credit card number and SSN. All you get in return are $0.20 or $0.14 transactions on your credit card statement followed by huge losses if these phishing transactions don’t get detected by your bank’s fraud department.
You may get a message about you having a voicemail, a message inviting you to download a premium app, an invitation to join a dating site with millions of single people. A website that is so secure that you are required to add your credit details to obtain membership. Just leave these scammers in 2016.

We hope you didn’t fall for any of these scams this year or simply had protection on your device to keep you away from the cyber criminals. Have a wicked 2017!

The post The Worst WhatsApp Scams of 2016 appeared first on Panda Security Mediacenter.

The Biggest Cyber-attacks of 2016

The worst cyber attacks of this year.

Cyber threats have been around all year. It’s actually really hard to compile a list of the top 3 cyber-attacks as evaluating the damage caused by a single cyber thread is nearly impossible. However we have been monitoring the cyber space for the past year so we made it possible to highlight some of the really bad ones.

The US election and how the hackers decided the winner of the US presidential elections

With complete respect towards democracy and people’s choices, it is not a secret thay hackers managed to get to many of the emails sent from and to one of the presidential candidates and members of her team. Yes, Hillary Clinton was under fire because emails of hers and her staff members ended up in the wrong hands.

Of course the authenticity of the emails was never officially confirmed but those emails cast a big shadow on her campaign. According to many, fake news generators mixed with ‘food for thought’ type of email leaks ended up deciding the results of the US presidential election.

We are never going to know if state hackers were behind the attacks or simply groups such as Anonymous and WikiLeaks. Who knows, maybe they wanted to get back at the Democratic Party for Obama’s actions during the Edward Snowden and Julian Assange cases. I guess we will never know…

Yahoo data breach

Earlier this year Yahoo admitted to more than 500 million user accounts being stolen from them back in 2013. Yes, it is true – your username and password might have been on sale in databases offered on the Dark Web for the past few years. When this was officially announced Panda Security advised people who had interactions with Yahoo to change their passwords.

Users are advised to change their passwords every 3 months nevertheless most people won’t change them. Clearly this is a personal choice. However if you don’t change your passwords regularly, your login details may still be circulating in the dark web and you are still under danger of being hacked. Just so you understand how high the stakes are here, because of this hack, when Verizon acquired Yahoo earlier this year they were able to negotiate a better deal.

DDoS Attacks

A massive cyber-attack against US DNS service provider Dyn knocked out major websites across the Internet earlier this year. The attack affected several websites, including Netflix, Twitter, Amazon and The New York Times.

The Internet service was disrupted for almost 11 hours, affecting more than one billion customers around the world. This attack added to the list of those suffered by a number of tech giants in 2016, such as the hack of 60 million Dropbox user IDs and 100 million LinkedIn passwords.

What’s next?

It surely has been a hell of a year so far, and it is not over yet. A few weeks ago Google was reportedly sending a new batch of warning emails to users, informing them that government-backed attackers might be trying to steal their passwords. The story is still unfolding. According to Wired, Russian hackers are targeting Germany’s elections. Would they succeed?

In 2017 we anticipate the unravelling of the Juliane Assange and Edward Snowden cases. Hopefully DDoS attacks will become harder to execute as regulations for connected consumer electronics are being strengthened. Would government supported hackers continue to change the political landscapes across the globe? We will also keep an eye on voice interactions with consumer electronics as they keep on growing.

Stay tuned!

The post The Biggest Cyber-attacks of 2016 appeared first on Panda Security Mediacenter.

Did you know your eReader can be hacked?

Could be your eReader a potential target for attack?

Most people think that hackers only target PCs and laptops. Some may also be aware that cybercriminals are now targeting smartphones too. But did you know that virtually any device – including your eReader – could be a potential target for attack?

Tablets as eReaders

With the exception of the Amazon Kindle, dedicated eReaders are now quite rare. Most people actually use cheap Android-powered tablets to read ebooks.

Obviously this is perfectly sensible – a reader that can be used to browse the web is really useful. But just like any other Android-powered tablet, there is a risk of security compromise.

These eReader tablets can install and run apps, just like Android smartphones – and this is there the problems arise. Malware infected apps are depressingly common; once installed they can steal personal information, access your passwords, allow criminals to commit identity theft and even use your tablet to attack other systems.

Malware is not just restricted to apps however. Determined hackers may disguise their apps as ebooks in the hope of tricking people into downloading them. Once loaded, these fake ebooks will install malware in the background, so you may not even know that there is something wrong.

The Internet of Things

Even if you never download apps to your eReader app, there is still a risk that cyber criminals could break in. WiFi connected devices are increasingly popular, allowing you to do all kinds of automated tasks. Remote light switches, connected thermostats, CCTV cameras and the like can all be joined to your home WiFi network to make your life easier through automation.

Known as the Internet of Things, these new technologies promise to change the way we live our lives at home. Unfortunately, every WiFi connected device also provides criminals with a range of potential targets to attack. Once in, they can then begin stealing data from the other devices attached to your network – including your eReader tablet.

Protecting your eReader

Because of these risks, you must protect your eReader in the same way you do your PC and smartphone. You should only ever download ebooks and apps from recognised, reputable stores like Amazon and Google Play for instance. This will help greatly reduce the risk of downloading an infected file.

You should also ensure that you have a suitable mobile security app installed on your eReader – like Panda Mobile Security. This will help prevent malicious apps from installing themselves, and alert you when there is a potential problem. You can then stop your information being stolen, or your device damaged.

If you suspect that your eReader has already been hacked, you should download Panama Mobile Security immediately. The longer an infection is left untreated, the greater the potential loss and damage caused.

For more help and advice on protecting your eReader, please get in touch.

The post Did you know your eReader can be hacked? appeared first on Panda Security Mediacenter.

How a Smart Toy Could Get Hacked

Almost a decade has passed since the arrival of Furby, which made quite a splash on the children’s toys market. That was just the beginning. Now, Christmas serves as a time to usher in new companions that, of course, come with their respective apps and are able to have full conversations, as though they were alive. The Internet of Things has come to the toy store.

This new brand of entertainment carries along with it certain privacy risks for children. In fact, a recent study carried out by the Scandinavian consultancy Bouvet demonstrates how certain technologies included in modern toys connected to the Internet could present some danger.

According to the study, the Cayla doll and the robot i-Que, two American toys that are also available in a few European countries, are far from being the ideal entertainment for the kids.

For starters, they come with a voice recognition system enabling them to hold a conversation with their young owners. Built by the American company Nuance Communications, this system records the children’s speech at all times and sends it to the company, which stockpiles the audio data.

Apart from this unsettling surveillance of children, these toys pose another risk. According to the study, these products employ surreptitious advertising. Bouvet discovered that, over the course of conversations, the toys talk about other products, such as specific animation films.

As if that wasn’t enough, the investigators also discovered that the toys are able to be manipulated and that cybercriminals could hack them to cut into conversations with children or steal the conversations being recorded.

However, these aren’t the first incidents that have triggered alarms when it comes to smart toys. In fact, some companies have been adapting children’s entertainment to devices for over half a decade, not without certain risks. Just a year ago, the seventh installment of Star Wars came to toy stores with the BB-8, a friendly robot that you could control from a smartphone. Shortly after, it was revealed that this toy could be hacked and hijacked by a cyber assailant.

Last Christmas, even Barbie herself was accused of posing a danger to children. An interactive doll able to converse with humans and improve itself with automatic learning, the Hello Barbie continuously listened to what children were saying in an espionage fluke that parents and associations didn’t find very funny.

Santa Claus will have to double check the things he places under the tree this year. For starters, we should assume that to some degree all smart toys collect at least some data from our children. Before purchasing a toy connected to the Internet of Things, check consumer reports to see if there are any known vulnerabilities. And most of all, enjoy your holidays without worry.

The post How a Smart Toy Could Get Hacked appeared first on Panda Security Mediacenter.