Tag Archives: featured1

Panda Security

Facebook alerts you if someone tries to steal your identity

Facebook-identity-theft-photo-1

Connections are made and maintained online via social media

You can get insight into the life of a stranger through their Instagram photos, Snapchats, or profile pages, but when does it become too much? Our names alone can connect the dots for a perpetrator, making it easy to know our whereabouts. Information about where we work, where we went to University, or where our favorite coffee shop is…it’s all online.  Everything you “share” can have serious backlash: identity theft.

Celebrities are commonly impersonated online, on fake Instagram and Facebook accounts, but they are not the only ones who need to keep track of their digital reputations. A stranger can copy your photos and concoct their own version of your life.  It could be very possible that someone has already impersonated you.

Fight the fakes

The social network created by Mark Zuckerberg is fighting these fake accounts. A tool has been created that automatically notifies users who may be victims of phishing. This feature is already available in 75% of the world’s countries.

When Facebook detects that another person may be posing as you, they automatically notify you about the potentially “fake” profile. After that, the user can confirm or deny whether the profile is a fake. If it’s confirmed, Facebook gets to work; more specifically, the team manually carries out this part of the notification system.

Although they say impersonation is not a widespread problem, Zuckberberg has added this to the list of harassment he doesn’t want associated with his company. To fight it, they will continue their strict and controversial naming policy (requiring users to identify themselves with their real names), but will also actively pursue phishers.

Facebook-identity-theft-clones

Using our photos without our consent

Facebook has also launched two other security features that are next in line. One is a new system that reports the existence of intimate photos shared without the user’s consent and the other is a tool that lets them check the security status of images uploaded to their accounts. They have also introduced a feature that gives users the ability to manage the privacy settings of their photos (Who can see them? Do you really want them to be public?).

Though security is always advancing, the bad guys of the Internet are closely following behind. Next time you decide to upload personal photos, “check-in” to a geographical location, or update your work history on LinkedIn, remember that someone, somewhere might use your identity for their own personal gain.

The post Facebook alerts you if someone tries to steal your identity appeared first on Panda Security Mediacenter.

Panda Security

Introducing Panda Protection Service, who said cybersecurity was expensive?

Panda_Protection_Service_Antivirus

 

Technology is always changing, growing, and improving our lives, whether it is at a business or a personal level. Digital transformation affects everyone. In Spain, more than 26 million Internet users regularly access the Internet from different devices, but do they always do it safely? At Panda Security, we want to lead our users on the road to digitization, offering solutions like Panda Protection Service.

Save on cybersecurity

2015 holds the record as the year with the most malware created in history. In total, there were 84 millions of new samples detected and neutralized by PandaLabs, with an average of 230,000 per day. One of the main methods of attacks that has become increasingly popular is done by compromising routers in homes and businesses, allowing the attacker to be in control of the device for a continued period of time.

How can we protect our privacy and the privacy of our loved ones? Panda Protection Service was created to provide maximum protection for your devices and those of your family, by optimizing device performance in the most economical way. A monthly subscription system allows users to pay only for what they use with the flexibility of canceling the service at any time they choose.

Protect your digital world, no strings attached.

Consumers (currently known as “multiscreen users”) have changed. Not only have their habits changed, but they have changed in the way they interact with their devices, using more than one device at a time to do many different things. Social networks are the main catalysts of user activity. According to the latest study published by IAB, the most commonly used devices that are connected to Social Media are PCs (99% of users), phones (75%), tablets (28%), and lastly, Smart TVs, that are currently present in about 6,350,400 households.

Social media is the primary use of the Internet for most users (to see what’s going on with their friends, to send messages, post, chat, etc.), and can get expensive if preventative security measures aren’t taken. Try Panda Protection Service to safeguard all of your devices… the first month is free!

 

The post Introducing Panda Protection Service, who said cybersecurity was expensive? appeared first on Panda Security Mediacenter.

Panda Security

Uncovering the WhatsApp encryption

 

mobileAvid WhatsApp-ers were the first ones to notice the new security changes the company put into action last week.  Now, your conversations on WhatsApp are safer through end-to-end encryption.  With this new security system, your messages safely travel from mobile to mobile, from your hands to the person on the other side of the message.

The notification would appear in a message like this:

FOTO 1 (ENG)

Say you are at your favorite coffee shop, sipping on a hot drink and you decide to connect to the Wi-Fi, but instead connect to a false Wi-Fi network (hackers set-up fake networks to gain access your information like e-mail, passwords and other information.)

In theory, cyber-criminals could steal your messages but it’d be pretty pointless without a decryption key. Breaking public keys, which are different for each message, would be both time-consuming and extremely complicated. Instead of juicy information, the third-party would see senseless characters in the place of the message.

The security measure reassures us that the content coming into our mobiles (i.e. text, photos, videos, files, and voice recordings) are completely private.iStock_000017519004_Large

But end-to-end encryption is not the solution to everything.

However, it is a giant step for the safety and quality of our chats.

Experts say there several factors to consider:

  • To make the system work, all participants must have updated their WhatsApp. If one of the members of a group still using an older version, the chats remain “unsafe”.
  • This security measure ensures that messages travel from one mobile to another securely, but they remain vulnerable to attack if they are stored on the devices. Not all “smartphones” are the smartest: some don’t encrypt their content but most modern ones do by default or at least allow it as an option (ex. the latest iPhone or Lollipop by Android).
  • Sometimes the juiciest of information is not shown in our messages, but in something called metadata, which is “data that provides information for other data” like who called who, when they called, for how long, etc.  In the end, if your sensitive information ends up in the hands of a country’s secret service or a judge, WhatsApp’s parent company, Facebook, would be responsible for it.  Do you trust them?

 

You should update your WhatsApp and enjoy the insurance of end-to-end encryption, but don’t solely depend on it for your full-protection and privacy. Although it’s a definite upgrade in mobile security, it’s still an insufficient form of protection.

 

The post Uncovering the WhatsApp encryption appeared first on Panda Security Mediacenter.

Avast

Mid-Valley Literacy Center protects its people with Avast for Business

The Mid-Valley Literacy Center is a 501(c)(3) nonprofit located in Keizer, Oregon, where adults come to improve their literacy skills in order to increase their economic stability and overall quality of life. With 25 staff members, the majority of which are volunteers, the center found itself trying to manage a variety of platforms and deal with the complexities that come with allowing their staff to use their personal devices for work purposes.   

Alan Scott (center) and fellow Mid-Valley Literacy Center staff members having a blast during a company fundraiser.Alan Scott (center) and fellow Mid-Valley Literacy Center staff members having a blast during a company fundraiser.

Panda Security

Five myths about security that most people still believe

FOTO PRINCIPAL

Myth #1: “The network would be safer if we shut down the deep web”

Looking for the GOOD in goodbye 

Where can you go to escape the grasp of Google’s tentacles? Some go to the deep net, an elusive online-abyss, buried deep in the network. In the recent poll by the Centre for International Governance and Innovation (CIGI), 70% of the people interviewed believe that getting rid of the deep web would be a good way to combat cyber-crime and terrorism.

Shockingly, radical groups like ISIS rarely use the dark web, as shown in a recent study by researchers Daniel Moore and Thomas Rid. ISIS propaganda and recruitment is spread throughout the internet, on “traditional” websites and networks, so their message can be heard everywhere.

Eliminating the dark web doesn’t mean a peace-seed will be planted in its place. The dark web is often used as a platform for expression in countries where freedoms are limited regarding communication and Internet access. So in a way, sweeping away the deep web could actually kill activism instead of terrorism.

Myth #2: Software must have back doors for governments

When one door closes another one opens

No need to hide the key under the mat, anymore. Following Snowden’s revelations regarding the activities of secret service cyber-surveillance and the Apple-FBI-San Bernardino controversy, most of the participants (63%) think that government intelligence agencies should have unlimited access to devices (for reasons of national security, of course).

If this is permitted, then the government wouldn’t have to go through the hassle of breaking Cyphers, those super complicated codes used for encryption that are unbreakable unless a vulnerability exists in the algorithm. The problem with this solution is that it would leave users vulnerable, who, at the same time, would be the main beneficiaries of these protective measures. Without encryption and back doors, programs and applications we use every day could easily be at the mercy of cyber-criminals.

FOTO 2

Myth #3: Cybersecurity is not for everyone

How to cover your tracks

Many users think that those privacy-protecting programs and services (recommended by Snowden and other activists) are not available to us “common people” but there are many ways for anonymous communication online. Browsing through the free software program Tor (The Onion Router) or implementing something called PGP (Pretty Good Privacy) encryption in your email may seem extremely complex, but anyone can do it using the tutorials that are available online.

Myth #4: Who would want to attack me?

You’re the fish they want to fry

Maybe you think that you’re not a target. But you’re wrong. In fact, the most attractive victims for cyber-crooks aren’t the pretty pennies, but the ones that are the easiest to attack. If you haven’t budgeted for antivirus protection, then you are exactly the fish they want to catch!

FOTO 1

Myth #5: Phones don’t need antivirus software

My $700 phone is unstoppable!

So you think your phone can do-it-all? That slow-mo video function won’t prevent you from getting hacked. There’s a long list of reasons you should install a good security solution on your smartphone or tablet. That dough you dropped on your latest-generation smartphone could actually double if your phone isn’t protected with the right antivirus system. Ransomware (a virus that “kidnaps” info from you then requires you to pay it back) is one of the most common threats amongst those super popular Android or iOS smartphones (with a ransom payoff at around $350US).

Don’t stop protecting! Learn more about the internet’s cockroaches

The post Five myths about security that most people still believe appeared first on Panda Security Mediacenter.

Avast

New feature in Avast Wi-Fi Finder: Offline Mode

Dollarphotoclub_91770694.jpg

Avast Wi-Fi Finder’s Offline Mode helps you find hotspots without an Internet connection.

It’s never a pleasant experience to find yourself roaming around a foreign city unable to find Wi-Fi hotspots, especially when you’re unable to use your own data plan to begin with. In these cases, wouldn’t it be great to have a tool that could simply work its magic and locate nearby hotspots?

Avast

What WhatsApp’s new end-to-end encryption means for you

WhatsApp’s new end-to-end encryption means that the only people who can read your messages are you and the person that you’re chatting with.

Last night, I was chatting with a friend from home via WhatsApp, when a message appeared within my chat informing me that my messages and calls in WhatsApp were now secured with end-to-end encryption.

WhatsApp_encryption.jpg

What is end-to-end encryption?

Think of encryption as a high-tech form of scrambled eggs — when you send messages, make a call, or send photos or videos with the latest version of WhatsApp, your messages are randomly mixed and secured. Only the person receiving your message has the key to unscramble your message so that it can be read. This makes it impossible for hackers, governments and even WhatsApp itself to access any of your messages. In the case that messages are intercepted by criminals or authorities, encryption renders messages unreadable to the unauthorized viewers.

Avast

Andromeda under the microscope

Andromeda is one of the longest running and most prevalent malware families to have existed. Andromeda was first discovered in late 2011 and it probably evolved from ngrBot/DorkBot. Throughout its existence, the groups behind Andromeda have used various methods to spread the malware and infect users.

We have seen Andromeda spread via spam email campaigns with infected files attached (doc, xls, pdf, zip.), through illegal download sites, warez (infected cracks, keygens, ..), or infecting users via other phishing campaigns.

Infection vector

In recent months, the authors have mainly focused on spreading Andromeda via exploit kits (Neutrino, Nuclear, Angler,..) located on compromised websites or advertisement services. These exploit kits are mainly found on a dubious sites (p0rn, warez, video streaming sites, share sites etc.) but occasionally appear on trusted sites as well.

infection_scheme_Andromeda.png

Panda Security

Internet giants join forces to reinforce email security with a new protocol

FOTO 1Gmail recently announced that they have approximately one billion active users per month.  That has made it possible for their other services like Android, Maps, YouTube, Chrome, and WhatsApp (owned by Facebook) to become widely popular.

Now, Google has another purpose: to make our emails safer. Google, Microsoft, Yahoo, LinkedIn, 1 & 1 Mail and Comcast (the leading provider of cable television in the United States) have joined forces to develop a new email protocol.

These companies have submitted a proposal to improve email security for the Internet Engineering Task Force (IETF), an organization that ensures that the network functions properly. The group of experts from these companies has proposed a new protocol, SMTP STS (Strict Transport Security).  But what’s the benefit of making it a standard?

In 1982, the world began using the Simple Mail Transfer Protocol (SMTP). This protocol sent all messages in plain text and did not include measures to prevent a cyber-criminal from intercepting emails.  In 2003 they presented SMTP STARTTLS to help improve security. Using this, the SMTP connections are secured by utilizing TLS protocol (Transport Layer Security) to encrypt messages, however, STARTTLS presents a security flaw: this protocol allows messages to be sent even though the server’s identity cannot be verified.

STARTTLS is vulnerable, especially with “man-in-the-middle” attacks, where the cyber-criminal is able to spy on messages sent between the mail’s sender and receiver without them knowing. For example, an attacker could convince the client that the server does not use SSL or could present a fake digital certificate, and by doing so, they could intercept emails.

FOTO 2

Google just launched the new SMTP STS standard to prevent a cyber-attacker from committing these crimes. With this, all emails are encrypted when sent and no cyber-criminals can spy on the communications channel. This protocol is similar to HTTP Strict Transport Security (HSTS), designed for the server and the web browser to interact using only secure communications.

The new system checks if the recipient uses SMTP STS and if they have a valid and updated certificate of encryption.  This ensures that the email is being sent through a secure server.  If there is a flaw, it will be detected before the email is even out of the box.  In the case of a flaw, the email will not be sent and the sender will be informed why. Using this protocol, we can prevent a cyber-attacker from spying on us.

According to Google’s latest data, 83% of the messages sent from Gmail to other providers, and 70% of those sent from other providers to another service, are already encrypted using TLS.  The protocol aims to increase the privacy of our emails.  But for now, the new SMTP STS is only a proposal that the IETF has six months to test.    The fact that these tech giants have already developed this project  suggests that it may be a reality soon.

At the very least, it is always advisable to have some service that protects your company’s mailbox traffic  against “malware” and “spam”.  Especially since emails contain a large amount of confidential data, even more in the corporate field, making email privacy extremely important.

The post Internet giants join forces to reinforce email security with a new protocol appeared first on Panda Security Mediacenter.