Tag Archives: passwords

Panda Security

5 simple tricks to boost your PC security

Leave a comment

Because we rely on technology to manage every detail of our lives, devices are a natural target for criminals. Why steal your wallet when they can grab your online banking password and empty your account remotely?
Keeping your PC and other devices secure is incredibly important. Here are five ways you to avoid becoming a victim of cybercrime.

Security Tips:

Use your PC’s built-in tools

Since the launch of Windows Vista, Microsoft has included a feature called “User Account Control” in every version of their Windows operating system – including Windows 10. This built-in security function prompts you to enter a user name and password every time a new piece of software is installed. Without the password, the software will not be installed.
For many people, this constant prompting for a password is extremely annoying – so they simply disable User Account Control (UAC). Once turned off, software can be installed silently – making it much easier for viruses and malware to infect your PC. If you have disabled UAC, you need to re-enable it now.

Treat email with caution

There are over 205 billion emails sent every day, making it one of the most popular communications methods available. This is why email is used so often to launch cyberattacks.
From infected attachments that install malware, to phishing scams that trick you into disclosing sensitive information, your inbox is a potential minefield. You must learn to treat incoming email with caution, double-checking attachments and links before clicking them.
If you can get into this habit, your mailbox will be a lot safer place.

Install antivirus and internet security tools

Cyberattack methods are constantly evolving, and staying on top of security developments is a full-time job for seasoned IT experts. You can reduce the risk of becoming a victim by installing a trusted anti-malware solution like those offered by Panda Security.
Antivirus and internet security tools are designed to test files and we links automatically, blocking and removing harmful content before it can infect your PC. Preventing malware infections is much more effective that trying to remove them later.

Don’t reuse your passwords

The average internet user has 26 different online accounts. It’s no surprise then that we tend to use the same logon details over and over again – we typically share the same five passwords between our accounts. But if a password is cracked by hackers, they have everything needed to access all of the accounts that share that same word.

If you really can’t remember all of your different passwords, a tool like a Password Manager can. This apps generate unique, “strong” passwords and store them securely. When you need to logon, the password app “remembers” the correct logon details for you automatically.

Treat “free” WiFi with caution

When out and about, free WiFi hotspots can be a lifesaver, but everything is not always as it seems. Criminals have been known to set up wireless networks in public places in order to trap unsuspecting victims. These fake WiFi hotspots then collect all of the data sent and received by people connected to it – including sensitive data like credit card numbers and passwords.

You must always check that the hotspot is from a reputable provider – if you’re not sure, don’t connect. You can always ask a member of staff for assistance. If you will be using your device on public networks regularly, you should also consider whether a secure VPN subscription would help to keep you even safer.

Although keeping your PC safe may feel like a battle, many of the challenges can be overcome through the use of good security tools, and your own common sense. For more help and advice on how to keep your PC secure from criminals, please get in touch.

The post 5 simple tricks to boost your PC security appeared first on Panda Security Mediacenter.

Panda Security

Think Your Fingerprint Sensor is Impervious to Criminals? Think Again.

Leave a comment

pandasecurity-fingerprint-scannerTo swipe or to press? Your fingerprint is the new key that unlocks digital life. Fingerprint recognition is an increasingly popular security barrier that can be found in all sorts of high-end devices that are currently on the market. It’s fast and easy, and can be used as an alternative or a complement to those hard-to-remember passwords.

But can we depend on fingerprint recognition as a trustworthy protection mechanism? These little sensors, usually circular and flat, are very convenient.  With a swipe or press of your finger, and you’re in.  But the disadvantages of using fingerprint recognition are much higher. Yes, the main benefit to this kind of security barrier is that the biometrics used belong to a person and cannot be modified, except for in the case of surgery or accident, making them unique and impossible to recreate. Or can they be copied?

If you have seen police drama television shows, you have already passed criminology 101. Our fingerprints are left on everything we touch. Since the surface of the sensor itself is used to record the fingerprint, your smartphone could be easily compromised by anyone with access to the device and your fingerprints (which could remain on any of the many objects that pass through your fingers on a daily basis).

Fingerprints are left on everything we touch.

Unlike passwords which can only be saved on computers and devices that we use, fingerprints can be stored everywhere and on everything, making them public domain. It has been demonstrated how it is possible to make high quality copies of fingerprints using different techniques, which means that it is very much possible to create copies with the fingerprint in order to impersonate the user.

If this is true, why do we continue to use fingerprint recognition to protect the devices and services we use every day? In comparison to passwords, fingerprint scanners have many obvious benefits: a fingerprint is unique, you always have it with you, you can’t forget it, and it is easy to record it with a sensor, among other things.

Despite all of the foreseeable disadvantages, biometric recognition techniques like fingerprint sensors will continue to be the most widely used security method (and of course, they will be used hand-in-hand with classic passwords, or something similar). Clearly, double security barriers remain in our future.

The post Think Your Fingerprint Sensor is Impervious to Criminals? Think Again. appeared first on Panda Security Mediacenter.

Panda Security

Project Abacus: The End Of All Passwords

Leave a comment

pandasecurity-abacusGoogle wants to kill passwords. They have developed Project Abacus, a system that aims to make passwords obsolete and secure your devices ten times more than a fingerprint sensor. So what’s the downside? This new privacy system comes at the expense of knowing absolutely everything about the smartphone’s owner. Its new security system is also… a creepy one.

To get rid of unlock patterns, passwords, or fingerprint readers on smartphones, Google has proposed a “trustworthy score” that will be calculated using your personal mobile devices, and deciding whether or not the terminal should be unblocked.

To obtain this score, the smartphone will use all of the user’s information: movement habits, typing speed, location and even biometric data, like voice or facial recognition. In summary, by using the combination of this information, the smartphone will know if the person attempting to unlock it is its owner.

To achieve what it aims to do, Google must constantly keep track of our smartphone use. Your employees will be spied on 24/7 from their personal devices while Project Abacus makes their digital life more secure and comfortable. With Project Abacus, all of your personal information is in Google’s hands.

When Your Apps Spy On You…

The search-site’s plan does not only happen to use this system to unlock Android devices, but it goes far beyond that: the company has announced that it will launch an API so that developers can use Project Abacus as an identification method in third-party applications. The days are numbered for stored passwords and two-step verification. Not only will Google have access to employee information, but any company that uses Project Abacus will be able to use it as a security system.

The problem with Project Abacus is not only the fact that Google and other businesses would have access to the data collected from the phones, but they could also spy on us in real-time. Passwords would no longer be the objective for cyber-attacks. The new goal for cyber-criminals would be to obtain the huge amounts of personal information that would be available about your company and its employees.

Google is taking measures that could be a good compliment to a computer security system, but it is important to remember that they are also increasing the likelihood of a cyber-attack by accessing so much personal data from users. Cyber-criminals are constantly reinventing themselves and putting your at risk, so it is essential to protect your company with the most advanced cyber-security solutions.

The post Project Abacus: The End Of All Passwords appeared first on Panda Security Mediacenter.

Panda Security

Are Your Passwords For Sale On The Black Market?

Leave a comment

FOTO_1

Myspace is joining the list of 2016’s data breach victims, alongside Tumblr and LinkedIn. Yes, Myspace still exists and in fact, if you registered for the social media site prior to 2013, your old log-in information could have been compromised.

360 million emails and passwords were leaked in what is being called one of the largest mass data breaches in internet history. A few days ago, LeakedSource—a search-engine capable of searching leaked records—claimed to have learned account log-in information for a massive number of MySpace users.

Myspace acknowledged in its blog that cyber-criminals have gained access to log-in information from those who registered prior to June 2013. Until that date, passwords were protected by the hashing algorithm “cryptographic SHA1”, which is an outdated and insecure system which is no longer recommended.

The black hat, Peace, recently put the leaked data up for sale on the dark side of the net for six bitcoin (approx. $2,800 US or 2,400). This cyber-delinquent is also behind the Tumblr leak, where 65 million accounts were compromised, and the LinkedIn data breach (117 million leaked). As with Myspace, Peace attempted to sell the stolen information from Tumblr and LinkedIn on the black market.

Remember the Ashley Madison scandal? Well, the number of passwords stolen in this data breach is higher than those stolen in the Ashley Madison leak. If we take into account that the number of stolen passwords is higher than those stolen during the Ashley Madison scandal (39 million passwords leaked), it is particularly worrying.

FOTO_2

Prevention is Better Than Cure

Recently, LinkedIn required a password change for users whose personal data may have been compromised in the breach. Tumblr has done the same. For now, the former friend-network has ensured users that the matter is being investigated and that the company is implementing new security measures.

Nevertheless, internet users and social-network fiends should not wait for a big leak before they take steps to protect their privacy. One of the commandments of Internet safety is to periodically change passwords and to register different passwords with different services so if your data is compromised it only effects one set of log-in credentials.

One of the commandments of Internet safety is to periodically change passwords

With all those constantly-changing passwords, how can we remember them while remaining secure? It’s easy.  You can use password managers like Dashlane, which allows you to determine a password’s level of security and control them from the same page.

There are also great security solutions that offer a larger degree of protection and include a password manager… all you need is a master password to access all of your favorite internet services. It maintains your online privacy… at all times!

The post Are Your Passwords For Sale On The Black Market? appeared first on Panda Security Mediacenter.