Tag Archives: Mobile News

Did you know your eReader can be hacked?

Could be your eReader a potential target for attack?

Most people think that hackers only target PCs and laptops. Some may also be aware that cybercriminals are now targeting smartphones too. But did you know that virtually any device – including your eReader – could be a potential target for attack?

Tablets as eReaders

With the exception of the Amazon Kindle, dedicated eReaders are now quite rare. Most people actually use cheap Android-powered tablets to read ebooks.

Obviously this is perfectly sensible – a reader that can be used to browse the web is really useful. But just like any other Android-powered tablet, there is a risk of security compromise.

These eReader tablets can install and run apps, just like Android smartphones – and this is there the problems arise. Malware infected apps are depressingly common; once installed they can steal personal information, access your passwords, allow criminals to commit identity theft and even use your tablet to attack other systems.

Malware is not just restricted to apps however. Determined hackers may disguise their apps as ebooks in the hope of tricking people into downloading them. Once loaded, these fake ebooks will install malware in the background, so you may not even know that there is something wrong.

The Internet of Things

Even if you never download apps to your eReader app, there is still a risk that cyber criminals could break in. WiFi connected devices are increasingly popular, allowing you to do all kinds of automated tasks. Remote light switches, connected thermostats, CCTV cameras and the like can all be joined to your home WiFi network to make your life easier through automation.

Known as the Internet of Things, these new technologies promise to change the way we live our lives at home. Unfortunately, every WiFi connected device also provides criminals with a range of potential targets to attack. Once in, they can then begin stealing data from the other devices attached to your network – including your eReader tablet.

Protecting your eReader

Because of these risks, you must protect your eReader in the same way you do your PC and smartphone. You should only ever download ebooks and apps from recognised, reputable stores like Amazon and Google Play for instance. This will help greatly reduce the risk of downloading an infected file.

You should also ensure that you have a suitable mobile security app installed on your eReader – like Panda Mobile Security. This will help prevent malicious apps from installing themselves, and alert you when there is a potential problem. You can then stop your information being stolen, or your device damaged.

If you suspect that your eReader has already been hacked, you should download Panama Mobile Security immediately. The longer an infection is left untreated, the greater the potential loss and damage caused.

For more help and advice on protecting your eReader, please get in touch.

The post Did you know your eReader can be hacked? appeared first on Panda Security Mediacenter.

How to Bolster Security for Your Online Store This Holiday Season

tips-cybersecurity-panda-christmas

The gift giving season is just around the corner. With the frenzy of Black Friday and Cyber Monday already behind us, shops that conduct their sales online (and their clients) should be prepared for the most hectic weeks of the year still to come.

Unfortunately, this is also the busiest time of year for scammers that try their luck at fishing in frenzied waters. Cybercriminals are well aware of how many companies, regrettably, don’t invest enough in protecting their online sales platforms. Thus, cyberattacks and data breaches soar around the holidays. Luckily, if you run an e-commerce website, you’re still in time to follow these tips:

  • tips-online-salesDon’t cache your clients’ payment information. The best way to avoid problems is by thoroughly verifying that credit card numbers are never stored in your data base and never pass through your servers. It’s as easy as resorting to one of the many payment solutions on the market, such as PayPal or Braintree, which take it upon themselves to handle that sensitive data for you.
  • Make sure your website’s platform (Prestashop, Magento…) is up to date. Search the Internet for common vulnerabilities these tools may have and look for a way to remedy them. The same goes for plugins and extensions you may have installed.
  • Implement a secure SSL protocol. This is essential to your online store (especially when transmitting user information). In truth, it’s essential to any website, but customers perceive e-commerce platforms that don’t show the “http” in the address bar as insecure. And with good reason.
  • Be prepared for the flood of traffic. A large number of users will connect at the same time to make holiday purchases on your website. Check that your web hosting service is up to speed and can handle traffic peaks, that you are using a well-configured load balancing solution and a CDN to reduce the traffic that your server has to withstand. Not only will you avoid downtime, but also you will increase speeds and improve user experience.

From a vendor’s standpoint, these are some issues to be kept in mind to increase security for the holidays.

But there’s something else that businesses should keep in mind when it comes to protection at this time of year. Namely, that their employees, whether they like it or not, will be making purchases using company computers.

Among the precautionary measures that we would like to impart, these are especially pertinent. Before making a purchase, your employees should make sure:

  • That their system is up to date has the protection of a reliable advanced cybersecurity solution.
  • That they only make purchases on well-known websites that have a solid reputation, and that the webpage uses an SSL protocol with security certificates.
  • That they avoid bargains that seem implausible, especially if they appear in emails and the sender is not fully trustworthy.

With this advice and a bit of common sense, holiday preparations shouldn’t bring about any unpleasant surprises. Shopping online is quick, convenient, and easy, but we have to stay vigilant to avoid falling into scams.

 

The post How to Bolster Security for Your Online Store This Holiday Season appeared first on Panda Security Mediacenter.

Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft

yahoo-data-theft

In 2016, the theft of passwords from internet titans is no longer an exception. Just when it seemed like the year was winding down, having left us with the surprising news of what until yesterday was considered the highest magnitude cyberattack in history suffered by Yahoo and reported three months ago, this same company returns to headlines after announcing the theft of data from 1 billion accounts.

This comes on the tail of some revealing figures. For example, massive data breaches have, amazingly, affected 97% of the 1000 largest companies in the world.

After admitting last September that in 2014 they had suffered a large-scale theft that affected 500 million users, Yahoo revealed today that in 2013 it suffered what is now considered the worst incident of information piracy in history with the theft of 1 billion accounts.

There’s a strong resemblance between this attack and the ones we’ve been analyzing over the past months. These recent attacks showcase the way cybercriminals gain access to names, email addresses, phone numbers, dates of birth, passwords, and in some cases clients’ encrypted and unencrypted security questions. The dimensions of the incident are truly staggering.

Yahoo disclosed that “an unauthorized third party” accessed the data and that at this time the culprit remains unnamed.

Economic repercussions aside, these incidents also call into question the issue of deteriorating user confidence. For example, Verizon’s initiative to integrate Yahoo into the AOL platform will certainly come under scrutiny.

How Should You Keep Your Business Safe?

There’s a legitimate reason to fear for your business’s confidential information. An outsider capable of getting the key to your company’s data, as happened at Yahoo, is a latent risk. Prevention has become the greatest asset in combating Black Hats and avoiding some of the dire consequences of these attacks.

To that end, we encourage you to turn to the advanced cybersecurity solution best suited to your company’s needs. Our Adaptive Defense 360 can offer you:

visbilidad- adVisibility: Traceability and visibility of every action taken by running applications.

 

deteccion- adDetection: Constant monitoring of all running processes and real-time blocking of targeted and zero-day attacks, and other advanced threats designed to slip past traditional antivirus solutions.

 

respuesta- adResponse: Providing forensic information for in-depth analysis of every attempted attack as well as remediation tools.

 

prevencion- adPrevention: Preventing future attacks by blocking programs that do not behave as goodware and using advanced anti-exploit technologies.

 

This is the only advanced cybersecurity system that combines latest generation protection and the latest detection and remediation technology with the ability to classify 100% of running processes.

The post Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft appeared first on Panda Security Mediacenter.

One billion and one reasons to change your password

After another Yahoo’s data breach find out why you need to strengthen your security

Dear 2016, we want you to please be over already! PLEASE!

In a statement released by Yahoo yesterday they confirmed that there’s been another data breach. According to the press release the leaked information is associated with more than one billion Yahoo user accounts. The incident is different than the one reported few months ago. However, initial examinations suggest both attacks have been performed by the same hackers. There are a few things we recommend you to do right away to avoid becoming a victim of cybercrime. Don’t delay it!

When did this happen?

Yahoo confirmed the incident happened August 2013. Not to be mistaken with the data breach reported on September 22nd earlier this year.

What information was stolen?

No one really knows for sure, however the stolen information may have included personal information such as names, email addresses, telephone numbers, dates of birth, passwords and, in some cases, encrypted or unencrypted security questions and answers.

How is this affecting Yahoo?

In terms of branding and resonance, it’s the latest security blow against the former number one Internet giant. This kind of news won’t help user confidence in the company that has been heavily criticized by leading senators for taking two years to disclose the September 2014 breach. To make matters worse, this new one is from 2013. Yahoo was down more than 2.5 percent in after-hours trading on the Nasdaq in New York.

The company once valued at $125bn will not be sold for more than $5bn to Verizon. The price may go even lower. What make things really bad for Yahoo is that according to BBC, Yahoo knew about the hack but decided to keep quiet… not a smart move.

The good news

Even though your personal information has been circling the dark web for more than 2 years, you may not be affected at all. We are talking about 1 billion accounts – this is a lot of data to process. However, if you don’t change your passwords regularly or if you tend to keep using the same answers on security questions, you may be in danger.

Troublemakers might be able to use the information to get your bank details or commit identity fraud. It’s vital to be self-conscious and protect yourself. And if you do, you don’t have anything to worry about.
Even though Yahoo are working closely with law enforcement and they are doing their best to protect your data, changing your password regularly and installing an antivirus software is a must.

The post One billion and one reasons to change your password appeared first on Panda Security Mediacenter.

How does automatic renewal work for Panda’s homeusers

How to stay protected without having to renew your subscription

It seems like only yesterday when you installed your Panda Security antivirus protection, and all of a sudden… Oh no! You realize your antivirus protection is about to expire!

Already? How can it be?

It's time to renew your antivirus protection

Deep inside, you know this is something you have to do if you don’t want to find your computer locked by a nasty virus once again just when you are going to watch Narcos, but, really…

Why should you renew your antivirus subscription?

1. Because hackers have the bad habit of never ceasing to come up with new ways to hijack your identity, files or photos to try and steal your money. So it’s better to keep your computer and software always up to date

via GIPHY

2. Because with the Tuneup feature included in Panda Security’s new product lineup, you can say goodbye to seeing your devices slow down over time.

tune up your devices

3. Because the parental controls will help you keep your kids away from inappropriate Internet content.

renew antivirus

Plus, there is a simple way to stay protected without having to remind yourself of the need to renew your antivirus subscription. Isn’t it great? All you have to do is click a button the next time you renew your license.
Make sure you select the auto-renewal option when renewing. This way, whenever your subscription expires, it will be automatically renewed and you will remain protected one more year without having to lift a finger.

pandasecurity-automatic-antivirus-renewal-2-jpg

Plus…. The more you renew with Panda the better conditions you’ll get, as you’ll get bigger and bigger discounts with each renewal to reward your loyalty.

renew antivirus

Renueva mi protección ahora

The post How does automatic renewal work for Panda’s homeusers appeared first on Panda Security Mediacenter.

In 2017, less malware and more advanced attacks

pandalabs-predictions

The decline in new malware and the increased professionalization of attacks will set the tone in cybersecurity for next year, according to PandaLabs’ Cybersecurity  Predictions for 2017. Ransomware will encompass the majority of attacks, and companies will amass a larger number of increasingly advanced intrusions.

As far as cybersecurity goes, we bid farewell to a year replete with high-profile attacks that have jeopardized large corporations and private users. Ransomware attacks from Petya, Trojans such as Gugi for Android, the spyware Pegasus, PunkeyPOS, or large-scale attacks targeting point of sale terminals as well as the recent DDoS (Distributed Denial of Service) attacks have affected large organizations and international communication networks.

We rank the most popular attacks of the year, analyzing their evolution and taking a look at the cybernetic threats that 2017 has in store:

Cybercrime

Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalizing their operations in a way that allows them to make quick and easy money in an efficient manner.

Ransomware

This Trojan Horse will take center stage with regard to cybersecurity and will cannibalize other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Panda Security encourages victims to keep in mind that paying the ransom does not guarantee the total recovery of stolen data.

Companies

The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.

Internet of Things (IoT)

The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.

DDoS Attacks

The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).

Mobile Phones

Focusing on one single OS makes it easier for cybercriminals to fix a target with maximal dissemination and profitability. Android users will get the worst of it in the next 12 months.

Cyberwar

The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.

Download the Pandalab’s Predictions here:

Download

 

 

The post In 2017, less malware and more advanced attacks appeared first on Panda Security Mediacenter.

Panda Security and Altitude Partner to Secure Information in the Contact Center

partnership-panda

Panda Security, a leading advanced cybersecurity company, and Altitude, a global provider of omnichannel solutions that deliver great customer experiences, today announced a new strategic partnership. This partnership will combine Panda and Altitude expertise, solutions and services to maximize and optimize the prevention of data leakage in the contact center.

Recent research  shows a 29% increase in data breaches since 2013, with an average cost of $4 million per incident and an average cost of $158 per lost or stolen record. Other reports  point out that, for the first time, in 2015 security events traced to insiders have outranked security incidents by outsiders.

Innovative integrated monitoring and security platform for the contact center

The Panda Security and Altitude partnership will provide an integrated monitoring and security platform that relies on big data and analytics to detect and block outsider and insider threats in the contact center. Both companies will work together to deliver endpoint protection, detection and response, data leak prevention and user/entity behavior analytics.

“Contact Centers need to be more effective in preventing breaches and they need to be able to react if the prevention fails” said Raúl Pérez García, Global Presales Manager at Panda Security. “Our solution, integrated with Altitude, analyzes and correlates all the information generated about cyber-threats in order to initiate prevention, detection, response and remediation routines, configuring a whole security intelligence system able to uncover malicious behavior patterns and generate advanced cyber-security action to pre-empt malware”.

“The deliberate or accidental release of sensitive data in contact centers is a problem with far reaching consequences as companies are required to comply with more regulation to take reasonable technical, physical and organizational measures to protect the security of sensitive information”, states Jesus Cuadrado, Business Solutions Manager at Altitude Software. “Together with Panda, we are bringing to the market a solution specifically designed to stop the loss of sensitive information in a contact center environment, focused on automating the protection and detection of mishandled data”.

Panda Adaptive Defense 360 is the first cyber-security service that combines next-generation protection and detection and response technologies, with the ability to classify 100% of running processes. The platform delivers a complete cyber-security infrastructure, comprising a suite of services that connect contextual intelligence with the solutions that implement remedial actions on endpoints. Adaptive protection against malware, integrating prevention, detection, forensic analysis, categorization of all running processes and automated remediation.

The Altitude uCI (Unified Customer Interaction) suite is a complete, modular contact center software solution that provides all the functionality required to provide customers with the best experience. The modularity of the contact center software solution allows contact centers to grow according to business needs, avoiding significant upfront investments. Whether organizations use all the modules, just part of the solution, or employ 10 or 100 agents, Altitude uCI provides the ability to engage with customers and provide them with outstanding service.

 

The post Panda Security and Altitude Partner to Secure Information in the Contact Center appeared first on Panda Security Mediacenter.

Panda Endpoint Protection Is Given The VB100 Certificate By Virus Bulletin For Windows 10

virus-bulletin-panda-awards

Panda Security’s cybersecurity solutions have been recognized by the independent consultancy Virus Bulletin, which specializes in the prevention, detection, and elimination of malicious software and spam.

The publication, which regularly features analyses of the latest virus threats and evaluations of the leading anti-malware products on the market, has awarded Panda Endpoint Protection the VB100 certificate in the most recent comparative examination of 2016 with Windows 10 Pro.

The publication, which regularly features analyses of the latest virus threats and evaluations of the leading anti-malware products on the market, has awarded Panda Endpoint Protection the VB100 certificate in the most recent comparative examination of 2016 with Windows 10 Pro.

Panda Security consistently maintains excellent results in the latest tests, placing the Spanish company in a privileged position.

See the complete report with study results here.

Quality Assurance Certification

Windows 10 has become the predetermined OS for Windows launched by Microsoft. There have been various issues which have set off alarm bells for some of the most cautious users.

The first characteristic of Microsoft’s new operating system that we should be aware of is that it has been designed like a cloud service. This means that now, whether you like it or not, you will share more information than ever with Microsoft. Fortunately, there are some things that you can configure to minimize the damage if you consider this to be a threat to your security.

Another of the characteristics of Windows 10 that has caused much debate is the “Advertisement ID”. It is basically a code, a unique identification number, which works like the cookies of a webpage.

For some, the new location options that Microsoft has included may feel invasive. Also potentially invasive is the fact that, as happens with Apple’s Siri or with Google Now, this tool requires access to large quantities of personal information in order to respond to whatever questions a user may ask it.

If this new operating system still hasn’t convinced you, and you’d prefer to keep your information private after installing Windows 10, the most advisable course of action would be to turn to a good cybersecurity solution such as the one offered by Panda Security, compatible with Windows 10 and vouched for by Virus Bulletin.

The post Panda Endpoint Protection Is Given The VB100 Certificate By Virus Bulletin For Windows 10 appeared first on Panda Security Mediacenter.

Is WeChat set to shake up the tech industry?

It’s very easy to write off any instant messaging app that isn’t Whatsapp as a clone of the famous messaging giant.

How could anyone possibly take on the might of the Whatsapp –recently ranked as the best messaging app in the world for secure communication- behemoth?

Well, WeChat, a China-based messaging app has an active monthly user base of almost 1 billion users worldwide and has recently been called one of the world’s most powerful apps by Forbes magazine.

Here at Panda Security we’ve taken a look at the reasons behind WeChat’s success story and posed the question.

Can the Chinese messaging giant challenge the western tech companies’ supremacy worldwide?

WeChat is by no means a new player in the game.

The app has been around since 2011, which by tech industry standards is a long time indeed. It’s easy to forget, when some apps currently form such an integral part of our daily lives, that Whatsapp, for example, was founded in 2009, only two years before WeChat.

WeChat is a multifunctional and integral part of daily life in China.

Whatsapp, with its user base of over 1 billion people, can rightfully stake a claim to being the most seamlessly integrated app worldwide, forming an important part of millions of people’s daily lives.

However, many people who have travelled to China, for business reasons or otherwise, have found WeChat to be an unavoidable addition to their mobile devices. The transition back to using Whatsapp, many say, makes the western messaging giant feel one-dimensional by comparison.

Why is this?

WeChat is not simply a messaging app.

It’s many features means that it has managed to roll the functions of several apps into one interface, before companies that provide those functionalities in the west have had a chance to reach the Chinese market.

WeChat Shake, a function that allows you to shake your phone and talk to any other lonely -or bored- stranger who’s shaking there’s, makes the app a Tinder of sorts, helping users to connect with new people. Moments, meanwhile, is a social media feature, Facebook and Messenger combined.

Think Facebook’s recent announcement that you’ll be able to make payments to friends via its Messenger app is world changing? WeChat has had a comprehensive Pay feature since 2013 that even allows users to pay the bills using the app.

The Chinese messaging app is also a Slack, a gaming network and even an app store.

In fact, WeChat’s multifaceted nature means that businesses and brands see having a prominent presence on the app as an essential step towards being successful in China. Not bad for a simple ‘messaging service’.

The big players are paying attention.

Mark Zuckerberg’s recent strategy of splitting the Facebook and Messenger apps may well have been inspired by a desire to emulate WeChat’s multifunctional approach. However, it has also gotten the tech industry in the west paying more attention to the potential of multi-faceted messaging apps, spurring an onslaught of new faces in the messenger market, as well as leading some to believe that WeChat could really stake a claim outside of Asia.

Add this to the fact that a recent Apple keynote speech from Tim Cook, in which he took aim at the Chinese market, heavily featured the WeChat app.

This leads us to the following point…

Do WeChat have an unfair advantage?

Though it’s proving unsurprisingly tough for WeChat to break into the western market, they have a pretty comprehensive, and enviable, home advantage. China’s is, of course, an enormous market that tech giants such as Facebook and Whatsapp have had little success breaking into, due in large part to government bans and censorship within the country. Meanwhile, WeChat, and it’s parent company TenCent have comparable free rein to continue their dominance within China whilst also expanding and taking on the dominance of Facebook et al in the west.

Perhaps the thought of one single tech company playing such an integral part in people’s daily lives is a scary idea. What if the app’s cyber security is breached? Would privacy become an even more controversial issue? All we know is that Silicon Valley has taken note, and the traditional tech giants that we know may be set to face a very real challenge to their dominance in the coming years.

The post Is WeChat set to shake up the tech industry? appeared first on Panda Security Mediacenter.

What is a VPN and how it Works?

pandasecurity-vpn

Watch your favorite shows anywhere, and other useful VPN functions

In simple terms, a VPN, or Virtual Private Network, is a connection between a group of discrete networks that exchanges encrypted data between your computer and a distant server.

Sounds like boring technical jargon? Well, VPN’s can actually be used to perform some pretty neat tricks online that you’ll be missing out on if you don’t employ the services of these privacy boosting devices:

Safely access a work or home network from far away

VPN’s are an essential tool for professionals out there who travel and have to access important files from a distance. Individuals can use a VPN to access network resources even if they’re not physically connected to the same LAN (local area network).

Why are they perfect for dealing with important data from afar? Well, a VPN is also an efficient and easy way to maintain your privacy when you’re surfing the web. In fact, many experts recommend the use of a VPN when browsing the Internet on a public Wi-Fi hotspot as they guarantee that all the data you’re sending and receiving is encrypted and inaccessible to hackers.

If anyone tries to pry on your internet activity, all they’ll see is the VPN connection, all other data will remain anonymous.

Avoid censorship and detection online

A controversial function of the VPN for sure, they can be used to bypass government censorship anonymously. Whether you agree or not with censorship online, it’s an undeniable fact that certain websites are blocked for legal reasons, almost every government worldwide blocking certain websites within their country.

Meanwhile, the ability that a VPN gives its user to go undetected online has been highlighted in the news recently as police in Holland confiscated 2 servers from VPN provider Perfect Privacy without releasing a public statement.

The German and French governments also want to controversially force mobile operating systems, by law, to allow them to access encrypted content if they deem it necessary in federal investigations.

Watch your favorite shows online wherever you are

Here’s where the fun begins! Many, many people are using VPN’s merely for entertainment purposes. The reason for this? Companies like Netflix, Youtube and Hulu use geo-blocking mechanisms to make some of their content unavailable outside of certain countries due to legal requirements appertaining to arguably outdated content laws in this age of free information.

In fact some people argue that, though this is only speculation, the content laws being so outdated, recent attempts by companies like Netflix to crack down on VPN usage have only been for show. In other words, the streaming giant wants to keep Hollywood distribution companies, who are responsible for creating a great deal of the content shown on Netflix, happy whilst harboring no real desire for making it harder to access their shows worldwide.

As an example of the numbers, in the US, Netflix offers the full experience of roughly 7000 shows, whereas in the UK slightly more than 4000 are available. Countries that have only been reached by Netflix recently are far behind.

Netflix though, has recently been trying to crack down on VPN usage, whilst also admitting that it is almost impossible to do so effectively.

The company’s Chief Product officer recently said that “since the goal of the proxy guys is to hide the source, it’s not obvious how to stop VPN Users. It’s likely to always be a cat-and-mouse game.”

Though the streaming company have blocked certain VPN users from accessing the site, providers like Express VPN and Buffered VPN claim to have great success at getting around these measures.

The post What is a VPN and how it Works? appeared first on Panda Security Mediacenter.