Tag Archives: Internet Security

Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft

yahoo-data-theft

In 2016, the theft of passwords from internet titans is no longer an exception. Just when it seemed like the year was winding down, having left us with the surprising news of what until yesterday was considered the highest magnitude cyberattack in history suffered by Yahoo and reported three months ago, this same company returns to headlines after announcing the theft of data from 1 billion accounts.

This comes on the tail of some revealing figures. For example, massive data breaches have, amazingly, affected 97% of the 1000 largest companies in the world.

After admitting last September that in 2014 they had suffered a large-scale theft that affected 500 million users, Yahoo revealed today that in 2013 it suffered what is now considered the worst incident of information piracy in history with the theft of 1 billion accounts.

There’s a strong resemblance between this attack and the ones we’ve been analyzing over the past months. These recent attacks showcase the way cybercriminals gain access to names, email addresses, phone numbers, dates of birth, passwords, and in some cases clients’ encrypted and unencrypted security questions. The dimensions of the incident are truly staggering.

Yahoo disclosed that “an unauthorized third party” accessed the data and that at this time the culprit remains unnamed.

Economic repercussions aside, these incidents also call into question the issue of deteriorating user confidence. For example, Verizon’s initiative to integrate Yahoo into the AOL platform will certainly come under scrutiny.

How Should You Keep Your Business Safe?

There’s a legitimate reason to fear for your business’s confidential information. An outsider capable of getting the key to your company’s data, as happened at Yahoo, is a latent risk. Prevention has become the greatest asset in combating Black Hats and avoiding some of the dire consequences of these attacks.

To that end, we encourage you to turn to the advanced cybersecurity solution best suited to your company’s needs. Our Adaptive Defense 360 can offer you:

visbilidad- adVisibility: Traceability and visibility of every action taken by running applications.

 

deteccion- adDetection: Constant monitoring of all running processes and real-time blocking of targeted and zero-day attacks, and other advanced threats designed to slip past traditional antivirus solutions.

 

respuesta- adResponse: Providing forensic information for in-depth analysis of every attempted attack as well as remediation tools.

 

prevencion- adPrevention: Preventing future attacks by blocking programs that do not behave as goodware and using advanced anti-exploit technologies.

 

This is the only advanced cybersecurity system that combines latest generation protection and the latest detection and remediation technology with the ability to classify 100% of running processes.

The post Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft appeared first on Panda Security Mediacenter.

Tor Project Releases Sandboxed Tor Browser 0.0.2

The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – has launched an early alpha version of Sandboxed Tor Browser 0.0.2.

Yes, the Tor Project is working on a sandboxed version of the Tor Browser that would isolate the Tor Browser from other processes of the operating system and limit its ability to interact or

What is a VPN and how it Works?

pandasecurity-vpn

Watch your favorite shows anywhere, and other useful VPN functions

In simple terms, a VPN, or Virtual Private Network, is a connection between a group of discrete networks that exchanges encrypted data between your computer and a distant server.

Sounds like boring technical jargon? Well, VPN’s can actually be used to perform some pretty neat tricks online that you’ll be missing out on if you don’t employ the services of these privacy boosting devices:

Safely access a work or home network from far away

VPN’s are an essential tool for professionals out there who travel and have to access important files from a distance. Individuals can use a VPN to access network resources even if they’re not physically connected to the same LAN (local area network).

Why are they perfect for dealing with important data from afar? Well, a VPN is also an efficient and easy way to maintain your privacy when you’re surfing the web. In fact, many experts recommend the use of a VPN when browsing the Internet on a public Wi-Fi hotspot as they guarantee that all the data you’re sending and receiving is encrypted and inaccessible to hackers.

If anyone tries to pry on your internet activity, all they’ll see is the VPN connection, all other data will remain anonymous.

Avoid censorship and detection online

A controversial function of the VPN for sure, they can be used to bypass government censorship anonymously. Whether you agree or not with censorship online, it’s an undeniable fact that certain websites are blocked for legal reasons, almost every government worldwide blocking certain websites within their country.

Meanwhile, the ability that a VPN gives its user to go undetected online has been highlighted in the news recently as police in Holland confiscated 2 servers from VPN provider Perfect Privacy without releasing a public statement.

The German and French governments also want to controversially force mobile operating systems, by law, to allow them to access encrypted content if they deem it necessary in federal investigations.

Watch your favorite shows online wherever you are

Here’s where the fun begins! Many, many people are using VPN’s merely for entertainment purposes. The reason for this? Companies like Netflix, Youtube and Hulu use geo-blocking mechanisms to make some of their content unavailable outside of certain countries due to legal requirements appertaining to arguably outdated content laws in this age of free information.

In fact some people argue that, though this is only speculation, the content laws being so outdated, recent attempts by companies like Netflix to crack down on VPN usage have only been for show. In other words, the streaming giant wants to keep Hollywood distribution companies, who are responsible for creating a great deal of the content shown on Netflix, happy whilst harboring no real desire for making it harder to access their shows worldwide.

As an example of the numbers, in the US, Netflix offers the full experience of roughly 7000 shows, whereas in the UK slightly more than 4000 are available. Countries that have only been reached by Netflix recently are far behind.

Netflix though, has recently been trying to crack down on VPN usage, whilst also admitting that it is almost impossible to do so effectively.

The company’s Chief Product officer recently said that “since the goal of the proxy guys is to hide the source, it’s not obvious how to stop VPN Users. It’s likely to always be a cat-and-mouse game.”

Though the streaming company have blocked certain VPN users from accessing the site, providers like Express VPN and Buffered VPN claim to have great success at getting around these measures.

The post What is a VPN and how it Works? appeared first on Panda Security Mediacenter.

'Web Of Trust' Browser Add-On Caught Selling Users' Data — Uninstall It Now

Browser extensions have become a standard part of the most popular browsers and essential part of our lives for surfing the Internet.

But not all extensions can be trusted.

One such innocent looking browser add-on has been caught collecting browsing history of millions of users and selling them to third-parties for making money.
<!– adsense –>
An investigation by German television channel

New Privacy Rules require ISPs to must Ask you before Sharing your Sensitive Data

Good News for privacy concerned people! Now, your online data will not be marketed for business; at least by your Internet Service Providers (ISPs).

Yes, it’s time for your ISPs to ask your permission in order to share your sensitive data for marketing or advertisement purposes, the FCC rules.

On Thursday, the United States Federal Communications Commission (FCC) has imposed new privacy

An Army of Million Hacked IoT Devices Almost Broke the Internet Today

A massive Distributed Denial of Service (DDoS) attack against Dyn, a major domain name system (DNS) provider, broke large portions of the Internet on Friday, causing a significant outage to a ton of websites and services, including Twitter, GitHub, PayPal, Amazon, Reddit, Netflix, and Spotify.

But how the attack happened? What’s the cause behind the attack?

Exact details of the attack remain

This palm-sized device will supersize your security.

Panda-Security-ORWLWouldn’t you like to get your hands on a tough little device that will boost your business’s security? Meet ORWL, a circular computer device that is engineered to top-off your computer’s security.

A great number of companies have been victims of data leaks because of an insider or cybercriminal who had physical access to their computers or devices. Once a cybercriminal entered your computer, they can access the internals of your computer, tap and leak information, and even hide malicious eavesdropping devices.

After two years of work and a successful crowdfunding campaign, the company Design Shift has designed a device that can identify attack attempts. It prevents undetected tampering of its electrical components and, if tampering is detected, the device immediately erases all data (even when the device is unplugged).

It also acts like a safe vault for your information, only allowing access to your system once the device is unlocked with both a physical key and a password. If the physical key is far from the device, the USB ports automatically deactivate, preventing a cybercriminal with physical access to infect it with malware. ORWL also verifies the integrity of all firmware prior to boot, using a battery-backed secure microcontroller. ORWL isn’t just robust, it’s pretty much impenetrable.

This super-secure computer is complex, but it’s also an open source product, and its inner workings are available for everyone to see.

We continue to witness a large number of sophisticated cyberattacks on banks and ATMs due to a combination of system vulnerabilities and insiders with physical access.  ORWL answers a large part of our problems in terms of physical attacks. In respect to software, which is always a weak point, you can ensure your security and make yourself indispensable with the right kind of solution.

 

 

 

 

The post This palm-sized device will supersize your security. appeared first on Panda Security Mediacenter.

This is why you should “tether” your work phone

3g-4g

The tablets or smartphones at your office connect to either 3G or 4G (which is better than WiFi). When tablets and other connected devices (like smartphones or smartwatches) become essential to an employee’s work, then it is essential these employees are properly trained on using them safely. Surely, workers think that connecting an office device to their data is much safer than using a WiFi Network.

Whether you connect with 3G or 4G, Regardless of how you connect to the net, your tablets and phones will all connect to the internet in the same way, whether you use 3G or 4G: the internet provider has the power in giving us access to the internet. What’s interesting about this? Well, in the case of WiFi connection, the provider always sends encrypted data.

Although there is no confirmation that the internet you connect to on your mobile devices is 100% secure, what we do know is that the possibility of a cyberattack through a 3G or 4G connection is much lower than through a WiFi network. However, Spanish cybersecurity experts recently demonstrated how it is possible to attack a 3G or 4G connected device, but its still in the proof of concept phase.

Fortunately, in order for cybercriminals to perform these 3G attacks, the resources are excessive. This makes it the safer option. Especially if the device in question is protected by a solution consistent with the company and its private information.

In fact, this is your better option, even for a laptop. It is safer to use your Smartphone or Tablet as a sharing point than connect to an unsecure public network—this is called “tethering”. With tethering, you can connect your computer to your mobile device’s data. Here’s another great option that’s a little easier and does the same thing: a 3G USB Flash Drive.

In the end, protecting your business’s private information is the most important, and most of it is managed using these same tablets or smartphones. It is recommended that businesses choose an internet connection with a powerful data plan: any WiFi network (even some private ones) are less secure than the 3G or 4G one we enjoy on our smartphones. Encrypted business information is worth the price of a great data plan with GBs and GBs of internet.

The post This is why you should “tether” your work phone appeared first on Panda Security Mediacenter.

Got something to hide? Don’t pixelate it.

pixelate Many businesses share documents that are pixelated in order to protect private information, whether they be bank account numbers, photographs or other private information. Although pixelation used to be a simple and sufficient way to hide confidential information, now computers are smart enough to read these distorted images—even when your eye cannot. Pixelated documents are no longer safe!

Researchers from the University of Texas and Cornell Tech have developed software based on artificial intelligence that is capable of reading standard content-masking techniques (like blurring or pixelation) in order to read what was originally covered up.

One of the authors, Vitaly Shmatikov, warned that, aside from the complex technical developments, “the techniques we’re using in this paper are very standard in image recognition, which is a disturbing thought.”

But these researchers aren’t the only ones developing this type of software. More powerful object and facial recognition techniques already exist for those who want to use them. This means cybercriminals may already have the tools to unveil private information you thought was hidden.

pixelate

To carry out their research, the team fed neural networks images with faces, words and objects. The more times the neural networks “see” these images, the easier they can recognize them. After successfully memorizing the photos, the neural networks were able to successful defeat three privacy protection technologies including YouTube blurring technology, pixelation and Privacy Preserving Photo Sharing (P3).

In conclusion, pixelating or blurring information is no longer the best way to share confidential documents. After this research, the software was able to recognize 80% of the distorted images.

According to Lawrence Saul, a machine learning researcher at the University of California, San Diego, “For the purposes of defeating privacy, you don’t really need to show that 99.9 percent of the time you can reconstruct. If 40 or 50 percent of the time you can guess the face or figure out what the text is then that’s enough to render that privacy method as something that should be obsolete.”

To keep you corporate information safe, the best you can do is avoid sharing it (if you can) and above all, protect it with the appropriate protection for your company.

The post Got something to hide? Don’t pixelate it. appeared first on Panda Security Mediacenter.

France warns Microsoft to Stop Collecting Windows 10 Users' Personal Data

We have heard a lot about privacy concerns surrounding Windows 10 and accusations on Microsoft of collecting too much data about users without their consent.

Now, the French data protection authority has ordered Microsoft to stop it.

France’s National Data Protection Commission (CNIL) issued a formal notice on Wednesday, asking Microsoft to “stop collecting excessive data” as well as “