MediaCenter Panda Security http://www.pandasecurity.com/mediacenter Just another WordPress site Thu, 27 Nov 2014 15:56:57 +0000 en-US hourly 1 http://wordpress.org/?v=4.0.1 Panda Internet Security 2015 achieves Virus Bulletin certificationhttp://www.pandasecurity.com/mediacenter/news/panda-internet-security-2015-achieves-virus-bulletin-certification/ http://www.pandasecurity.com/mediacenter/news/panda-internet-security-2015-achieves-virus-bulletin-certification/#comments Thu, 27 Nov 2014 15:55:44 +0000 http://www.pandasecurity.com/mediacenter/?p=12618 Congratulations are in order! Panda Internet Security 2015 has achieved Virus Bulletin certification! In addition to this good news in itself, we also achieved it the first time that we presented this product. This proves its consistency and confirms what we have been saying for the last few months: the effectiveness of the XMT™ Smart […]

The post Panda Internet Security 2015 achieves Virus Bulletin certification appeared first on MediaCenter Panda Security.

]]>
Virus Bulletin

Congratulations are in order! Panda Internet Security 2015 has achieved Virus Bulletin certification!

In addition to this good news in itself, we also achieved it the first time that we presented this product. This proves its consistency and confirms what we have been saying for the last few months: the effectiveness of the XMT™ Smart Engineering engine included throughout our 2015 Consumer line.

Panda Internet Security 2015

This engine allows each technology to interact with the rest to reach higher detection and disinfection levels. With it we have achieved the best protection and resource consumption rates on the market, which reflect its excellent capabilities.

Have you tried any of our products? Choose the best antivirus for you!

The post Panda Internet Security 2015 achieves Virus Bulletin certification appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/panda-internet-security-2015-achieves-virus-bulletin-certification/feed/ 0
Panda Security launches Panda Cloud Office Protection 7.1http://www.pandasecurity.com/mediacenter/press-releases/panda-security-launches-panda-cloud-office-protection-7-1/ http://www.pandasecurity.com/mediacenter/press-releases/panda-security-launches-panda-cloud-office-protection-7-1/#comments Wed, 26 Nov 2014 15:47:00 +0000 http://www.pandasecurity.com/mediacenter/?p=12614 Panda Security, The Cloud Security Company, announces the new features of version 7.1 of Panda Cloud Office Protection (PCOP), Panda Security’s cross-platform solution that offers the best cloud-based protection rapidly, easily and efficiently. In addition to the features included in the previous version, such as the ability for the user to act independently in the […]

The post Panda Security launches Panda Cloud Office Protection 7.1 appeared first on MediaCenter Panda Security.

]]>
Panda Security, The Cloud Security Company, announces the new features of version 7.1 of Panda Cloud Office Protection (PCOP), Panda Security’s cross-platform solution that offers the best cloud-based protection rapidly, easily and efficiently. In addition to the features included in the previous version, such as the ability for the user to act independently in the event of infections or problems detected, this version also includes improvements aimed at meeting the requirements of medium-sized and large customers who need greater control.

 Panda Cloud Office Protection 7.1 incorporates various technological and functional innovations compared to the previous version of the solution, with special emphasis on giving the user greater control and management. These new features include:

  • Content filtering for the Exchange protection, which allows emails to be filtered by the extension of the attachment, neutralizing dangerous attachments or attachments with a multiple file extension.
  • Whitelists included in device control. This feature allows different exclusions to be applied to different groups of computers selected by profile. In addition, whitelisted devices can be used without any restrictions, regardless of the settings.
  • Mobile device control. This option allows the user to block access to mobile devices.
  • New local console on the endpoint. This console provides PCOP administrators and partners with a tool to enable or disable the endpoint protection in a rapid and timely manner, without having to use the PCOP Web console.
  • Ability to upgrade to new versions from the PCOP Web console. Notifications will appear in the console to indicate that a new version is available.

PCOP 7.1_EN

 

“With Panda Cloud Office Protection 7.1 we want to foster independence of the network administrator, easing management of the solution, including whitelists and offering reports that help give the user greater control”, says Roberto Fernandez, Product Manager at Panda Security. “The goal of this new version is to offer PCOP administrators and our partners a tool that allows them to quickly secure their corporate environments,” he concludes.

The post Panda Security launches Panda Cloud Office Protection 7.1 appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/press-releases/panda-security-launches-panda-cloud-office-protection-7-1/feed/ 0
Rootpipe, WireLurker and Masque Attack, the latest vulnerabilities on Apple deviceshttp://www.pandasecurity.com/mediacenter/malware/rootpipe-wirelurker-masque-attack-latest-vulnerabilities-apple-devices/ http://www.pandasecurity.com/mediacenter/malware/rootpipe-wirelurker-masque-attack-latest-vulnerabilities-apple-devices/#comments Wed, 26 Nov 2014 11:18:37 +0000 http://www.pandasecurity.com/mediacenter/?p=12609 You have heard it more than once but it is a myth. It always has been. It does not matter how many times you have been told, Macs do have viruses. It is true that, until not too long ago, Apple computers were not a major target for cyber-crooks, but things are changing. However, the […]

The post Rootpipe, WireLurker and Masque Attack, the latest vulnerabilities on Apple devices appeared first on MediaCenter Panda Security.

]]>
You have heard it more than once but it is a myth. It always has been. It does not matter how many times you have been told, Macs do have viruses. It is true that, until not too long ago, Apple computers were not a major target for cyber-crooks, but things are changing.

However, the fact that viruses do affect Macs is nothing new. Back in 1982 malware swarmed the old Apple II. That distant beginning of viruses on Apple machines was just an experiment but it already reflected the harsh reality. Gradually, at a much slower pace than PCs, Macs are also suffering the effects of some infection or other.

mac-viruses

The myth that there are no Mac viruses does have a basis, as malware has not roamed freely around Apple computers for various reasons. The main reason is that as Macs were not as widely-used, they were dismissed by cyber-crooks for developing malicious software targeting these machines.

However, the increasing presence of Macs on the market has changed this trend. They are popular and cyber-crooks do not want to miss the opportunity to spread their seeds of evil through these machines.

So, there are a few threats to bear in mind if you have a Mac and the dangers are increasing. In recent months quite a few vulnerabilities have been discovered that put the computers of the company managed by Tim Cook in the firing line.

Rootpipe and WireLurker, Mac vulnerabilities

One of them is Rootpipe. Discovered by a Swedish hacker just a few days ago, it is a critical security hole in OS X Yosemite, the latest version of Apple’s operating system. The flaw, for which a patch is not expected until the beginning of next year, allows cyber-crooks to act as the software administrator on third-party computers. In other words, get into your Mac without your consent.

The vulnerability and Apple’s delay in releasing a patch are very worrying but they are not the only security problem facing Mac users recently. A few days after Rootpipe was discovered, WireLurker came to light, a new malware family affecting Apple devices created in China and which has come to be considered the largest threat to them so far.

In this case, Mac users and the company can rest easier, as the Cupertino firm, which has identified 146 infected apps, has stopped the virus from spreading any further by blocking the apps responsible.

If you want to block Mac OS X malware as well as Windows malware, try the best antivirus for Mac.

padlock

Masque Attack, security flaw on iPads and iPhones

The cherry on this cake, which in just a few weeks brought the Apple device security myth crashing down, came with Masque Attack. A security hole in the majority of iPads and iPhones that makes them vulnerable to cyber-attacks.

Masque Attack allows cyber-crooks to access users’ personal data, even managing to get control of their devices. In this case, the Cupertino firm did react rapidly, but not fixing the threat but by releasing a statement down playing the importance of Masque Attack and insisting that iOS and OS X have various measures that warn users against installing potentially malicious software.

In any case, the best thing you can do to make sure that your iPad and iPhone are kept secure is to download apps from trusted sites only, such as the App Store, as the door cyber-crooks use to access your device is no other than making you download a malicious app. So remember, only download things from reliable sites and of course, forget about Apple not having any viruses.

The post Rootpipe, WireLurker and Masque Attack, the latest vulnerabilities on Apple devices appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/malware/rootpipe-wirelurker-masque-attack-latest-vulnerabilities-apple-devices/feed/ 0
Electronic voting may not be 100% secure (but neither is traditional voting)http://www.pandasecurity.com/mediacenter/news/electronic-voting-may-not-be-100-secure-but-neither-traditional-voting/ http://www.pandasecurity.com/mediacenter/news/electronic-voting-may-not-be-100-secure-but-neither-traditional-voting/#comments Mon, 24 Nov 2014 17:26:49 +0000 http://www.pandasecurity.com/mediacenter/?p=12601 You must start from a base: no voting system is 100% secure. Neither traditional nor electronic. Ballot stuffing is a practice as old as elections themselves and it refers to one of the multiple techniques used throughout history to tamper with election results: submitting multiple ballots per person. There is also the personation technique, deceased […]

The post Electronic voting may not be 100% secure (but neither is traditional voting) appeared first on MediaCenter Panda Security.

]]>
urn

You must start from a base: no voting system is 100% secure. Neither traditional nor electronic. Ballot stuffing is a practice as old as elections themselves and it refers to one of the multiple techniques used throughout history to tamper with election results: submitting multiple ballots per person.

There is also the personation technique, deceased voters who come back to life for one day to vote; and electoral registration fraud, voters registering illegally in a constituency that does not correspond to them. That is not to speak of the buses that pick up people from the villages to take them to the capital to vote, the party obviously covering the expense.

Electronic voting, the essence of so-called “cyber-democracy”, is not safe from fraud. In fact, there is a perception that it is even less secure, easier to tamper with than methacrylate ballot boxes.

For example, a recent study by researchers Dan Zimmerman and Joe Kiniry analyzes the risks of voting via email, one of the methods already being used in various countries, and advise against using it. And quite a few European countries have gone back on their decision to use online voting, due to the controversy that has arisen.

world-electronic-voting

The Netherlands, pioneer in implementing electronic voting (a legal provision being put in place in 1965), decided to go back to using ballot papers in 2008, two years after the publication of a study that revealed a serious security problem in the system.

In 2009, following a long legal battle, the German Federal Constitutional Court ruled electronic voting unconstitutional, as it considered that it did not allow citizens without technical knowledge to supervise the election process. In the same year, Ireland scrapped the online voting system. Finland halted its program in 2010, after invalidating the results of the first pilot test, which was carried out in 2008.

The United Kingdom carried out more than thirty pilot tests between 2002 and 2007, but none of them returned sufficient guarantees for authorities. The Electoral Commission suspended the implementation of electronic voting in 2008.

In Spain, the surprise political party that was successful in the European elections, Podemos, is using an electronic voting system to make internal decisions. It is called Agora Voting and involves three phases: One, the party’s responsibility is to make sure that the person voting is who they say they are; the second and third, registration and counting of the votes, are the shared responsibility of the so-called “voting authorities” (independent observers who certify that no personal interests contaminate the process). All of the software used is free software and after voting, each voter can check the integrity of the vote using an identifier.

podemos-voting

In this case, the largest crack in the system is in the Podemos registration or membership system, which only asks for a national identity card number and phone number. Both of these things, as already proved, can be faked.

To sum up, as Eduardo Robles, cofounder of Agora Voting, said, there is not a big difference between the traditional voting system and the electronic. “Can ballot papers get lost? Of course, but it is very difficult because they are kept guarded. Can ballot boxes be tampered with? Yes.” And the same happens with the virtual ones.

Security mechanisms improve very quickly but so do the techniques used by the attacker. While there is interest in changing the results, ballot stuffing will continue to evolve.

The post Electronic voting may not be 100% secure (but neither is traditional voting) appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/electronic-voting-may-not-be-100-secure-but-neither-traditional-voting/feed/ 0
Malware figures beat records with more than 20 million new samples identified in the third quarter of the yearhttp://www.pandasecurity.com/mediacenter/press-releases/las-cifras-de-malware-baten-records-con-mas-de-20-millones-de-nuevos-ejemplares-identificados-en-el-tercer-trimestre-del-ano/ http://www.pandasecurity.com/mediacenter/press-releases/las-cifras-de-malware-baten-records-con-mas-de-20-millones-de-nuevos-ejemplares-identificados-en-el-tercer-trimestre-del-ano/#comments Mon, 24 Nov 2014 11:29:25 +0000 http://www.pandasecurity.com/mediacenter/?p=12587 Panda Security, The Cloud Security Company, has released the latest data from the PandaLabs Quarterly Report for the third quarter of the year. The main conclusions of the study include an increase in the malware created compared to the previous quarter, with a total of 20 million new samples created worldwide, and at an average […]

The post Malware figures beat records with more than 20 million new samples identified in the third quarter of the year appeared first on MediaCenter Panda Security.

]]>
Panda Security, The Cloud Security Company, has released the latest data from the PandaLabs Quarterly Report for the third quarter of the year. The main conclusions of the study include an increase in the malware created compared to the previous quarter, with a total of 20 million new samples created worldwide, and at an average rate of 227,747 new samples every day.

The global infection rate was 37.93%, compared to 36.87% the previous quarter.

 

Trojans are increasing

Trojans are still the most common malware type (78.08%), increasing compared to the second quarter of the year. In second place, and a long way behind, are viruses (8.89%) and worms (3.92%).

“Over recent months cyber-crime has continued growing. Cyber-crooks are still creating malware in order to infect as many computers as possible and access confidential data”, says Luis Corrons, Technical Director of PandaLabs at Panda Security. “But corporate environments have also come under attack. For example, over the last three months large companies have been the subjects of some scandals, such as the infamous “Celebgate”, in which photos of actresses and models hosted on Apple’s iCloud service were leaked, or the theft of Gmail and Dropbox passwords”.

 

Trojan infections are up while PUPs are dow

Furthermore, Trojans were again the most malware prolific threat during the period, accounting for 75% of infections, compared to 62.80% in the previous quarter. PUPs are still second in the ranking, representing 14.55% of the total, which is a lower rate than in the second quarter when infections that used this technique amounted to 24.77%. These are followed by adware/spyware (6.88%), worms (2.09%) and viruses (1.48%).

01_ENInfections by country

The data recorded for each country shows that China is still at the top, reaching an infection rate of 49.83%, falling for the first time in a long time from 50% of computers infected. China is followed by Peru (42.38%) and Bolivia (42.12%).

 

As you can see the ranking of countries with the highest infection rate is dominated by Asia and Latin America.

The full report is available here.

The post Malware figures beat records with more than 20 million new samples identified in the third quarter of the year appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/press-releases/las-cifras-de-malware-baten-records-con-mas-de-20-millones-de-nuevos-ejemplares-identificados-en-el-tercer-trimestre-del-ano/feed/ 0
Access control for companies: Which system is the most secure?http://www.pandasecurity.com/mediacenter/security/access-control-companies-system-secure/ http://www.pandasecurity.com/mediacenter/security/access-control-companies-system-secure/#comments Fri, 21 Nov 2014 12:39:10 +0000 http://www.pandasecurity.com/mediacenter/?p=12577 Some time ago, the most common mechanism for getting into an office was a simple key. Simple but vulnerable. Conventional locks do not identify people and can be used by anyone. In addition, it is impossible to control the number of hours worked. Technology has provided a solution to this issue. There are now different […]

The post Access control for companies: Which system is the most secure? appeared first on MediaCenter Panda Security.

]]>
finger-control-companies

Some time ago, the most common mechanism for getting into an office was a simple key. Simple but vulnerable. Conventional locks do not identify people and can be used by anyone. In addition, it is impossible to control the number of hours worked.

Technology has provided a solution to this issue. There are now different techniques not just for opening doors but also for identifying staff and recording the time they enter and leave the premises. From a card to the voice, through the flash on a phone. There are many alternatives, but are these systems secure?

Using radio frequency-based methods -such as Bluetooth, NFC (Near Field Communication) or RFID- is simple. In the first two cases, all you need is a cell phone with this technology that can be recognized by a sensor. RFID chips are inserted in cards or even wristbands that open turnstiles and provide the employee’s details.

fingerprint-control-companies

However, wireless malware exists. Attacks can compromise the company’s computers and users’ phones. Criminals with enough skill can remotely access the handset and take control of its functions, listen to calls or intercept messages.

There is also a risk of traditional robbery. If the smartphone is stolen from the employee’s pocket, the thief could access the premises without any problems. The same applies to cards.

But nobody can steal a part of our body (and get it to still work). Biometric techniques are gaining importance in identification systems. The most widely used today are digital fingerprint scanners and, to a less extent, iris, voice and facial recognition sensors.

Voice recognition is based on comparing the unique mouth patterns and linguistic habits of each person. Something similar happens with the geometric variants of the face. The processing difficulty and the amount of patterns that the system must store mean that they are still minority systems.

Biometrics also has its drawbacks in terms of security. Remember that the fingerprint sensor on the iPhone (Touch ID) is vulnerable to certain types of attack. Criminals could make a replica of your finger or manipulate the sensors.

chip-control-companies

Other solutions admitted by phones are based on photonics or light recognition. The user simply needs to move the phone towards the lock, point the camera flash at the corresponding receiver and enter a password in an application. The door opens when the device detects the light signals, which form a regulated communication protocol and can transmit encrypted information.

One advantage of this technology is that only the receiver is placed at the entrance to the facilities. The data processing unit can be located inside, in a strategic place. Criminals will have to manipulate both devices in order to take total control of the system.

The majority of these techniques are still under development and they still have a long way to go before they become more widely used. The ideal solution would be to combine several of these to take advantage of the benefits of each one and reach a higher level of security.

 

The post Access control for companies: Which system is the most secure? appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/security/access-control-companies-system-secure/feed/ 0
WhatsApp encrypts messages for Android usershttp://www.pandasecurity.com/mediacenter/news/whatsapp-encrypts-messages-android-users/ http://www.pandasecurity.com/mediacenter/news/whatsapp-encrypts-messages-android-users/#comments Thu, 20 Nov 2014 09:29:19 +0000 http://www.pandasecurity.com/mediacenter/?p=12573 After the arrival of the blue double-check to confirm that the message has been read, WhatsApp has set out to clean up their image and transmit the idea that they too safeguard user privacy. To do this, they have just announced a latest update through which they will start encrypting all messages and protecting them against intruders. At the […]

The post WhatsApp encrypts messages for Android users appeared first on MediaCenter Panda Security.

]]>
encrypted-code

After the arrival of the blue double-check to confirm that the message has been read, WhatsApp has set out to clean up their image and transmit the idea that they too safeguard user privacy. To do this, they have just announced a latest update through which they will start encrypting all messages and protecting them against intruders.

At the moment this version is only available to Android users but WhatsApp plans to implement it for the other operating systems.

With this code the messages are encrypted when they leave the sender’s phone. Therefore, the content of these messages passes through the application servers encrypted and cannot be accessed by anyone, except those holding the conversation.

With this move, WhatsApp is trying to make its customers forget its reputation for an unsecure app and recover some of the ground lost to other apps, such as Telegram, which stand out for higher levels of security and privacy of the service.

The post WhatsApp encrypts messages for Android users appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/whatsapp-encrypts-messages-android-users/feed/ 0
Update to Lollipop as soon as you can: These are the security improvements included in Android 5.0http://www.pandasecurity.com/mediacenter/news/update-lollipop-soon-can-security-improvements-included-android-5-0/ http://www.pandasecurity.com/mediacenter/news/update-lollipop-soon-can-security-improvements-included-android-5-0/#comments Wed, 19 Nov 2014 12:28:17 +0000 http://www.pandasecurity.com/mediacenter/?p=12569 Google has now launched the long-awaited Android 5.0, the new version of its mobile operating system. Do you want to know why you should update your smartphone’s software? We give you the first clues here. Adrian Ludwig, security engineer at Google, says in the official Android blog that their goal is to “stay two steps […]

The post Update to Lollipop as soon as you can: These are the security improvements included in Android 5.0 appeared first on MediaCenter Panda Security.

]]>
Google has now launched the long-awaited Android 5.0, the new version of its mobile operating system. Do you want to know why you should update your smartphone’s software? We give you the first clues here.

lollipop-android

Adrian Ludwig, security engineer at Google, says in the official Android blog that their goal is to “stay two steps ahead of the bad guys” and this is Lollipop’s intention too. “Not only is Lollipop the sweetest update of Android to date, we also built in a rigid (security) Lollipop stick for the core and Kevlar wrapping on the outside—to keep you safe from the bad guys, inside and out.”

One of the most secure ways of keeping data safe is to use the screen lock or pattern. However, Google is aware that many users do not use this measure because, among other reasons, it makes it difficult to use the phone when it is connected to another device.

For this reason, the new operating system includes Smart Lock, which unlocks the phone when it is paired with a wearable or a hands-free device in the car via Bluetooth or NFC.

The phone can also be unlocked using facial expressions. Although this feature was available in version 4.0, in the new version of the Android operating system this application has been improved by constantly analyzing the user’s expressions.

Finally, in order to encourage users to install phone lock patterns and make them more secure, Android has included the option to receive on-screen notifications, even though the phone is locked, and access them more quickly.

Another security measure in Lollipop is related to encryption, which is no longer optional and will be really useful for less experienced users. Device encryption will be automatically enabled when the device is switched on. It uses a unique key that never leaves the device.

However, Google acknowledges that users with older devices that update their version of Android will have to enable the encryption feature manually themselves, which will not happen in devices shipped with this operating system.

Android has always tried to make sure that its apps access as little data on the phone as possible but in this respect its software has never been without its problems. Version 4.2 included Security Enhanced Linux, known as SELinux, which audited and monitored every action and left less room for attack.

SELinux defines the permissions of every user, app, process and file on the system and controls their actions and interactions following a strict security policy. This prevents any file – not even those downloaded from Google Play – from modifying the phone’s essential parameters.

lollipop-screen

Although this service was offered in previous versions, it has now been boosted to respond particularly to enterprise and government environment as, according to Ludwig, the majority of the members of different governments use Android. SELinux currently runs in enforcing mode, that is, all of the security policies are loaded and enabled on the device. It was not the same in previous versions, where the user could choose to use enforcing mode, permissive mode – where the security policies were loaded but not applied – or even turn it off.

Have you ever had your phone stolen? Having Lollipop installed could help you. It has the Factory Reset Protection feature, which disables stolen phones, only requiring the Google password to wipe the phone’s data remotely.

The new version of Android also keeps the device away from malicious websites when the user performs searches in the browser. In addition, it seems that everyone can create multiple user accounts to securely share the device with a friend or do so using guest user mode.

The heads of security at Android claim that the probability of a cyber-crook attacking the device using malicious software is 1 in 1,000. But the main dangers facing users is when the phone is lost or stolen. It is for these cases that the new security measures are designed. What are you waiting for to update your operating system?

 

The post Update to Lollipop as soon as you can: These are the security improvements included in Android 5.0 appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/update-lollipop-soon-can-security-improvements-included-android-5-0/feed/ 0
Nigerian scam on Skype. Beware of it!http://www.pandasecurity.com/mediacenter/security/nigerian-scam-on-skype-beware-it/ http://www.pandasecurity.com/mediacenter/security/nigerian-scam-on-skype-beware-it/#comments Tue, 18 Nov 2014 15:08:19 +0000 http://www.pandasecurity.com/mediacenter/?p=12564 It seems that the notorious Nigerian scam is not only carried out via email. As we have been able to confirm, Skype is also being used to trick us into believing that someone with a ton of money wants to share their fortune and that we are the recipients of it. This is the message that “reputable banker”, Abdul […]

The post Nigerian scam on Skype. Beware of it! appeared first on MediaCenter Panda Security.

]]>
It seems that the notorious Nigerian scam is not only carried out via email. As we have been able to confirm, Skype is also being used to trick us into believing that someone with a ton of money wants to share their fortune and that we are the recipients of it.

This is the message that “reputable banker”, Abdul Iddrisu, sent to one of our colleagues on Skype.

skype-scam

In it he says that his bank has $17.5 million to give out, after the owner of this fortune died in an earthquake in China in 2008 and as our colleague has the same last name as the deceased, they have decided to give the money to him.

What does he have to do in exchange? Send his bank account number so that they can deposit it. As easy as that, and as unbelievable, right?

Indeed, it is neither believable nor true. Obviously nobody is going to contact you to give you $17.5 million, so never give out your personal data over the Internet. Neither should you deposit any money in exchange for an alleged prize or inheritance. Do not fall for this type of scam!

The post Nigerian scam on Skype. Beware of it! appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/security/nigerian-scam-on-skype-beware-it/feed/ 0
If you have a flashlight app on your phone, be very careful!http://www.pandasecurity.com/mediacenter/security/flashlight-app-phone-careful/ http://www.pandasecurity.com/mediacenter/security/flashlight-app-phone-careful/#comments Mon, 17 Nov 2014 17:08:10 +0000 http://www.pandasecurity.com/mediacenter/?p=12557 The smartphone you keep in your pocket is amazing. It does everything. Despite all of the innovative things it does, one of the best features of smartphones is something as simple as it is old: the flashlight. Useful –in its own way– when taking pictures and even more so when you need to light up […]

The post If you have a flashlight app on your phone, be very careful! appeared first on MediaCenter Panda Security.

]]>
The smartphone you keep in your pocket is amazing. It does everything. Despite all of the innovative things it does, one of the best features of smartphones is something as simple as it is old: the flashlight. Useful –in its own way– when taking pictures and even more so when you need to light up a dark corner.

There is no denying it. We have all used the flashlight on our phone to shake off the uneasiness (not to say fear) caused by the dark. However, and surprising as it may seem, perhaps we should not be so much afraid of the lack of light as of the app that we use on your phone to shed light.

mobile-flashlight

Apps that control the flashlight on the phone – there are thousands in the app stores – are not as harmless as they may seem. It is true that you do not have to register or provide any data in order to use them but the flashlight on your phone knows a lot about you, which makes it an interesting target for cyber-crooks.

Flashlight 007, with a license for everything

As already mentioned, you do not tell your flashlight app anything but it is capable of shedding light on a good handful of conclusions about your movements. The worst thing is that if it does this, it is because you have allowed it to.

Before downloading any app you have to give it certain permissions. This gives many of the apps installed on smartphones permission to know your location using GPS data, to take pictures, record sounds and even read your text messages. This is particularly true of phones running Android as the operating system, because Windows and Apple restrict the capability of apps to spy on us (always with your permission, of course).

According to a report from SnoopWall, a company dedicated to smartphone security, flashlight apps are surprisingly quite demanding as regards permissions. A simple glance at the table compiled by SnoopWall could make your hair stand on end:

flashlights-for-mobile

The apps included in the table are not selected at random. There is no need to rummage through tons of apps available on Google Play to find flashlights that want to find out everything about you. In fact, these ones in particular make up the top 10 flashlight apps for Android.

Of these, the least demanding asks for permission to read the phone status, take pictures and videos, view Internet connections and full network access. Other flashlight apps ask for permission for everything they can think of, GPS location included.

The problem, of course, is that we usually download and install apps in a hurry, accepting whatever the app asks for without thinking twice about it. By doing this you are practically handing the keys to your life – your digital life at least–  to any stranger.

android

The key lies in advertising

The time has come to answer the big question. Why does a flashlight want so many permissions? Firstly, in general there is no need to worry: if these apps ask for so much it is because of advertising.

Another thing flashlight apps have in common is that they are free. Therefore, developers seek to monetize every download through advertising. Flashlight apps need an Internet connection and know your location and other data that allows advertising to be adapted to your habits.

Consequently, downloading and using these apps is not necessarily dangerous, but it is better to err on the side of caution. To prevent a cyber-crook from tricking you into installing one of these apps and stealing your data, it is better to use trusted apps.

Even though the most trusted apps ask for information and control of some of the tools on the phone, it is better to use those with the best statistics: the most downloaded and the highest rated are the most trustworthy. However, now you know that for these flashlights to provide light, first of all you will have to give them permission to shed some light on the inside of your phone (and they take everything of interest to them).

The post If you have a flashlight app on your phone, be very careful! appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/security/flashlight-app-phone-careful/feed/ 0