Tag Archives: highlighted

Seven million Dropbox passwords may have been compromised

dropbox

Recently, it would appear that there is no Internet service whose users’ data hasn’t been compromised.

Now it’s the turn of Dropbox, the cloud storage service, which has had hundreds of its users’ passwords leaked and it’s claimed that many more could be published. Specifically, up to seven million users’ data may have been hacked, with the consequent threat to the privacy of the users who store their data on the platform.

These claims come from a user of Pastebin, a text sharing site used by hackers and IT security specialists, who boasts to have obtained seven million Dropbox passwords and, supposedly as proof, has published some of them on the site.

On its official blog, Dropbox was quick to deny that its services have been hacked, claiming that the passwords had been stolen from other services and then used to access the file storage platform.

Dropbox urges users not to employ the same password for various services and to enable two-step authentication.

Gmail: Five million passwords stolen

What has happened to Dropbox also happened to Gmail in September, when 5 million passwords were leaked. Neither Dropbox nor Gmail were hacked. The data was taken from other websites.

With this data in their hands, cyber-criminals can try the same password for other services such as Facebook, Dropbox, Gmail or Twitter.

More | How to create strong passwords

The post Seven million Dropbox passwords may have been compromised appeared first on MediaCenter Panda Security.

200,000 Snapchat images leaked

snapchat

After Celebgate, the leaking of private photos and videos of Hollywood actresses and models such as Jennifer Lawrence, now users of Snapchat have seen the security of their files compromised.

Snapchat is a mobile app for sending images and messages that are automatically deleted between one and ten seconds after being read.

Although Snapchat does not store users’ images, another app, Snapsave, which is available for Android and iOS, does store them. This is what has enabled 200,000 photos to be stolen, according to Snapchat.

According to The Guardian (UK), these include some 100 MB of nude images. It is as yet unknown whether these might include images of children, and it is important to point out that downloading of nude images of children under 16 is a jailable offense under child pornography legislation.

Images from ‘The Snappening’, as this leak has been dubbed, are already available on some Internet portals.

The post 200,000 Snapchat images leaked appeared first on MediaCenter Panda Security.

The Ebola virus becomes the latest bait used by fraudsters

The Spanish Civil Guard has warned via Twitter of a number of Ebola-related hoaxes that have appeared over recent days.

Once again, WhatsApp has become the main channel for such scams, which include bogus reports of new cases of Ebola or the canceling of classes at the CEU San Pablo University in Madrid due to a possible infection.

Spanish-Civil-Guard

Hackers often exploit such situations for financial gain, and it was never in doubt that the first confirmed case of Ebola in Spain would give rise to these types of scams.

The Spanish Civil Guard have asked users to help avoid generating panic by not distributing these messages. They also encourage people to get their information through what they refer to as “serious channels of communication.”

The post The Ebola virus becomes the latest bait used by fraudsters appeared first on MediaCenter Panda Security.

Parental Control. What is it? How is it installed?

parental control

The safety of children on the Internet is one of the greatest concerns for adults when their kids use computers.

The content they can access, the Web pages they can see or the people who can contact them is a serious worry for parents.

How can you protect your kids on the Web? No doubt you have heard of ‘parental control’, but do you know how it works? Are you aware of all that you can do with this feature?

What is parental control?

Parental control lets the administrator user of a computer, in this case the parents, deny access to inappropriate content. In addition to this, the new Panda 2015 products also include the option to monitor kids’ Internet activity.

They offer a summary of the pages and categories that the children have visited most, along with a detailed report of all the pages accessed (page, category, date/time).

The technology used in this parental control feature is independent of the Web browser, so simply deleting the history or changing browsers won’t affect the monitoring of kids’ online activity.

Similarly, parental control lets you block pages according to content by using categories or blacklists.

Sounds useful, doesn’t it? Well, you’ll find this feature in the most comprehensive antivirus solutions: Panda Internet Security 2015, Panda Global Protection 2015 and Panda Gold.

Are you concerned about activating it? Here you have the instructions how to install parental control on your computer.

The post Parental Control. What is it? How is it installed? appeared first on MediaCenter Panda Security.

LinkedIn: How to avoid being scammed

secure linkedin

Nowadays, practically everyone has a profile on LinkedIn. This is a useful tool for letting companies know who you are, your work experience, your present position and the best way to contact you. Along with other personal details, it is common to include an email address.

Yet despite these benefits, the platform also has its drawbacks, at least when it comes to security. The tool is not only useful for human resources managers, but also for spammers and cyber-criminals on the lookout for email addresses to which to send fraudulent messages.

More often than not, the real target of these attacks is not the owner of the email account, but the company where they work, and its data. For a cyber-criminal, this social network is like an address book containing the company email addresses of thousands of users, who use these addresses instead of their personal ones for any professional business.

Once they have found several accounts with the same company name, they make a note of the address structure (usually [email protected]). Then, with a slightly more refined search, they can get a list of all employees’ email addresses.

linkedin panda security profile

 

If the hacker knows the structure of the network that the company uses, they can access the system by sending an email to the employees in their address book. This mail might include, say, a link to a page where the recipients are asked to enter the username and password to access the organization’s platform. Once they have them, they have free reign to spy on internal information.

Those often excluded from the attack are the IT department, as they might rumble what’s going on. However, customer services, marketing, accounts, and human resources are much more attractive targets for hackers.

If the criminals manage to enter the systems, this is just the first step to getting other type of information: personal details, account numbers, passwords and databases can all be compromised.

linkedin profile

Companies often encourage employees to have a presence on Linkedin. Yet saying where they work, looking for new customers and employees and increasing brand visibility on the Internet has its risks.

How to keep unwanted messages out of your professional inbox

  • Stay up-to-speed on IT security. It’s a good idea to go on courses or for companies to organize workshops. If employees can recognize scams it can help prevent them from falling into the traps set by criminals.
  • Employees should be clear about what kind of data they will be asked for on the company’s ICT platforms so as not to enter personal information on external websites. Recognizing the email account used for internal memos is also a useful aid for distinguishing suspicious messages.
  • Another thing you should consider when protecting your company (and also yourself) is to understand the mechanisms that are available to alert technicians to any strange items. IT managers can also play their part, warning about the importance of these actions. A timely warning can prevent someone from clicking a fraudulent link or revealing personal data.
  • Use a personal email account in LinkedIn. This makes it more difficult to identify, although the same advice still applies: don’t open emails from unknown senders, don’t click on the links to unknown content and be careful where you enter your data.

The post LinkedIn: How to avoid being scammed appeared first on MediaCenter Panda Security.

Presentation of the 2015 Consumer Antivirus Solutions

Today is not just another Monday! Aching muscles, photos in red jumpsuits, exciting stories… What are we talking about? About the presentation of our 2015 product line, of course!

Unashamedly proud of our new XMT scan engine, on Friday we decided to launch the new range in style at Carlos Sainz Karts in Madrid. We brought together representatives from the media to present our new antivirus and explain all the new features they would find in this new product line.

But before we tell you all about them, let’s tell you their names: Panda Global Protection 2015 Multi-Device, Panda Internet Security 2015 Multi-Device, Panda Antivirus Pro 2015 and Panda Mobile Security 2.0.

New Antivirus Panda 2015

What better place to talk about engines than a go-kart track? So we had our Global Retail Director, Alvaro Elorriaga, tell everyone about the revolutionary power of our new XMT™ engine. “Threats have changed and this means we have to change the way we scan, detect and disinfect.”

Panda 2015 Alvaro Elorriaga

The XMTâ„¢ engine, which is in all the new Panda products, includes a new protection system, new heuristic technologies, new behavior analysis features and new anti-exploit technologies.

What’s more, Herve Lambert, Product Marketing Manager, explains that “the latest independent industry tests”, carried out by AV-Comparatives, AV-TEST and Virus Bulletin, “demonstrate the power of the new engine included in Panda Security’s latest solutions.”

2015 Consumer Product Line Features

During the presentation, our colleague Herve explained in more depth our product features, including the Data Shield, a layer of data protection that prevents one of the fastest-growing threats: ransomware. This dangerous malware infects computers and locks them until the user (or company) pays a ransom.

Herve also talked about other new features, such as the Wi-Fi Monitor, which lets you know what devices are connected to your network; and Application Control, which lets you set run permissions for the programs installed on your computer.

Finally, Pablo Alonso, Consumer Sales Director for Spain, praised “the effort made by Panda Security in terms of pricing and licensing.”

The Panda Security race

Given that we were at the go-kart track, what other way to end the day than racing karts!? So, journalists and our Panda Security colleagues donned suits and helmets to organize our very own Grand Prix. Needless to say, some fared better than others. ;)

Karts Panda 2015

It was soon apparent who had driven a kart before and who was a first-timer. After some warm-up races and two semi-finals, the winner was our friend and colleague Pablo Alonso (thanks Pablo for flying the flag for Panda!).

Panda 2015 team

Many thanks to all of you who joined us on the day!

The post Presentation of the 2015 Consumer Antivirus Solutions appeared first on MediaCenter Panda Security.

What is Phishing?  

No doubt you have wondered and asked yourself on more than one occasion, what is phishing and how can it affect you.

All of us know that it is some type of scam, although perhaps there are many who don’t know exactly what it is or the techniques used by hackers and cyber-criminals.

So, exactly what is phishing? Basically, also known as email phishing, it involves sending emails, which appear to come from trusted sources, such as banks etc, though really they are aimed at stealing confidential information from users.

These emails usually include a link which when clicked, takes you to a spoof Web page. These pages appear genuine though they are really like a mirror that hides the criminals whose sole aim is to steal your personal data.

The problem is that users think they are in a trusted site and therefore enter the requested data. However, this confidential data will fall straight into the hands of the scammers and can then be used for some type of fraud.

That’s why it is always best to access web pages by typing the address directly in the browser.

what is phishing

How to recognize a phishing message

It’s not always easy to recognize phishing messages, particularly if you are a client of the company from which the message has supposedly been sent.

  • Even though the ‘From:’ field of the message shows the address of the company, it is not difficult for a criminal to alter the source address of the email in any mail client.
  • The email may have the logos and trademarks of the organization, yet these can easily be lifted from the company’s website.
  • The link in the email seems to point to the company’s website, though really it takes you to a fake page which will ask you for your user name, password, etc.
  • Very often these messages contain spelling or grammatical errors that you would not normally expect in official communications from the genuine company.

It’s also important to bear in mind that although phishing has traditionally used email, now, with the increasing popularity of smartphones and social networks, there are new channels of attack.

Another thing to be aware of is that although we normally talk about phishing in the context of banks, cyber-criminals often use any popular website or platform (Ebay, Facebook, Paypal, etc) as bait for stealing personal data.

But remember, no company will ever ask you to send them your personal details via email. If they do, be very suspicious!

Moreover, as a stich in time saves nine, you can always add an extra layer of protection by installing one of our new 2015 antivirus solutions. To do this, all you have to do is visit our free antivirus page and select the one that best adapts to your ideal level of protection.

The post What is Phishing?   appeared first on MediaCenter Panda Security.

5 million Gmail passwords leaked

gmail

Do you have a Gmail account? This may interest you! A Russian cybersecurity forum has published a file containing more than 5 million Gmail accounts.

According to several experts, more than 60% of the username and password combinations were valid. However, Google says that the information is “outdated“, that is, these accounts have been suspended or the users no longer access them.

In a statement, Google said that it has no evidence that its systems have been compromised, but explains that “whenever we become aware that accounts may have been compromised, we take steps to help those users secure their accounts.“

The file published mainly contains British, Spanish and Russian accounts. If you want to know whether your account is on the list of those affected, you can do so here.

Panda Security recommends you increase the security of your passwords and use two-step verification of your Gmail account.

More | How to increase the privacy of your Gmail account

The post 5 million Gmail passwords leaked appeared first on MediaCenter Panda Security.

Jennifer Lawrence: Victim of a security hole in iCloud?

jennifer lawrence oscar

If you are on Twitter you may have noticed the actress Jennifer Lawrence has been ‘Trending Topic’ since yesterday afternoon.

jennifer lawrence twitter

 

The reason? The leak of nude photos of the 2013 Academy Award winner on the /b/ forum of 4Chan.

She has confirmed the story, although she is apparently not the only victim.

jennifer lawrence spokeman

 

Other models and actresses such as Kirsten Dunst, Kate Upton or Ariana Grande have also allegedly had pictures leaked, although not all these cases have been confirmed. Meanwhile, Mary E. Winstead has acknowledged the authenticity of the pictures that have been circulated, while Victoria Justice has denied that some photos allegedly of her are authentic.

It is still not clear how ‘Celebgate’ (as some are referring to this massive hacking) was carried out. Some sources have suggested a possible security breach in iCloud, Apple’s virtual data storage platform, though the company has yet to confirm this.

Until it is known how these images were stolen, the best anyone can do is apply common sense and ensure they use strong passwords to access their services. We also recommend that users check their Apple ID account.

 

 

 

The post Jennifer Lawrence: Victim of a security hole in iCloud? appeared first on MediaCenter Panda Security.