MediaCenter Panda Security http://www.pandasecurity.com/mediacenter Just another WordPress site Mon, 26 Jan 2015 16:43:12 +0000 en-US hourly 1 http://wordpress.org/?v=4.0.1 Security tools that are safe from the NSAhttp://www.pandasecurity.com/mediacenter/security/security-tools-safe-nsa/ http://www.pandasecurity.com/mediacenter/security/security-tools-safe-nsa/#comments Mon, 26 Jan 2015 16:41:30 +0000 http://www.pandasecurity.com/mediacenter/?p=12827 U.S. Intelligence services have shown on numerous occasions how adept they are at accessing our data without permission. Nevertheless, there is still hope that you can keep your confidential information safe from the prying eyes of the NSA: Its expert spies still haven’t been able to crack all encryption systems. Encryption tools are frequently used […]

The post Security tools that are safe from the NSA appeared first on MediaCenter Panda Security.

]]>
U.S. Intelligence services have shown on numerous occasions how adept they are at accessing our data without permission. Nevertheless, there is still hope that you can keep your confidential information safe from the prying eyes of the NSA: Its expert spies still haven’t been able to crack all encryption systems.

Security tools NSA

Encryption tools are frequently used to safeguard the privacy of all types of confidential information, from simple chats to personal data. Yet no matter how careful we are with the data we transmit across the Internet, it is important to bear in mind that a supposedly private conversation may not be quite so private (whether you like it or not), particularly if your chat touches upon certain delicate issues.

Skype is a good example. Despite their reassurances that their video calls were the most secure, the documents leaked by Edward Snowden confirmed that the NSA had been accessing this tool since before 2011.

Luckily for many, or perhaps for everyone, a recent report published by Der Spiegel thanks to the Snowden leaks has revealed that, at least two years ago, there were still programs and security tools that could resist the technological weapons of the US security agency. Tools like Zoho, TOR, TrueCrypt and Off-the-Record are some of those causing headaches for the NSA, which has been unable to crack their encryption or at least encountered major problems in doing so.

zoho NSA

According to the German newspaper, US spies normally classify attempts to breach the security of a program from “trivial” to “catastrophic”. Decrypting email messages sent with Zoho is defined by the NSA as a “major” task, and users can rest assured as the agency has not yet been able to crack its security.

The US spy agency also found it difficult to break TOR encryption, the free and open source software that allows users to surf the Web through a network of thousands of linked volunteer computers. One of the benefits offered by TOR is that it is difficult to trace the location of a user visiting a specific website, making it an essential tool for activists in countries with strong censorship.

tor NSA

TrueCrypt on the other hand is a useful program for encrypting and hiding data and files. It uses algorithms like AES, Serpent and Twofish -either on their own or in combination- keeping it safe, according to Der Spiegel, from the prying eyes of the NSA.

While the NSA rated the breaking of the encryption of these tools as a “major” task, it defined as “catastrophic” its attempts to crack the combination of TOR with the CSpace secure instant messaging system, and a system for Internet telephony (voice over IP) called SRTP (a security protocol that adds confidentiality to voice messages).

Security tools that are safe from the NSA

The Pretty Good Privacy (PGP) program is also NSA-proof. This program was developed in 1991 to ensure secure conversations between its creator (Phil Zimmermann) and other intellectuals of a similar political leaning. Given it has now been twenty years since the creation of the program, it’s quite a surprise that experts from one of the world’s most advanced security agencies are yet to penetrate its defenses.

Although the information in this report talks about the data analyzed in 2012, experts believe that it is unlikely that the spies have progressed much since then, and that it is quite possible that these tools are yet to be breached.

For the moment, if you use any of these programs, you can breathe easy. If not, perhaps now is a good time to think again about your security.

The post Security tools that are safe from the NSA appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/security/security-tools-safe-nsa/feed/ 0
A new strain of ransomware is on the loose! Watch out!http://www.pandasecurity.com/mediacenter/malware/new-strain-ransomware-loose-watch/ http://www.pandasecurity.com/mediacenter/malware/new-strain-ransomware-loose-watch/#comments Fri, 23 Jan 2015 11:31:56 +0000 http://www.pandasecurity.com/mediacenter/?p=12816 Our colleagues at PandaLabs have detected a new strain of ransomware: Trj/RansomCrypt.B. Known as CTB-Locker, what is different about this example is that if you pay, you can access all the locked files. This type of malware normally reaches users via email, convincing the user that it’s a legitimate message and getting them to run the file. When run, […]

The post A new strain of ransomware is on the loose! Watch out! appeared first on MediaCenter Panda Security.

]]>
Our colleagues at PandaLabs have detected a new strain of ransomware: Trj/RansomCrypt.B. Known as CTB-Locker, what is different about this example is that if you pay, you can access all the locked files.

This type of malware normally reaches users via email, convincing the user that it’s a legitimate message and getting them to run the file. When run, the malware encrypts image files and documents on the victim’s computer and changes the desktop wallpaper for the following image. It also creates a text file with the same information.

However, if you have any of our Internet security software, you can rest assured, as Panda Security detects and blocks this threat.

RansomCryptB

The following screen then appears, demanding a ransom before the specified time. If the ransom is not paid in time, the amount of money demanded increases.

files encrypted

Clicking ‘Next’ leads to the following window informing victims that if they pay, the files will be unlocked. To demonstrate that this is true, five documents are released.

CTB Locker ransomware

personal file encrypted

How to recognize CTB-Locker?

  • This malware comes in an email with an attachment. This is either a Word file with a .doc or .rtf extension, or a compressed file (.zip) containing a .scr file.
  • Some variants, in addition to encrypting files on the computer, also steal the address book to identify new potential victims. Worse still, they fake the address of the sender so the message may appear to have been sent from a known contact.
  • You can see some examples of these emails here.

How to avoid Ransomware?

  • Keep your operating system up-to-dateto prevent security flaws.

Make sure you have antivirus software installed and up-to-date.

  • Don’t open emails or files from unknown sources.
  • Don’t browse suspect web pagesor those with unverified content.

The post A new strain of ransomware is on the loose! Watch out! appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/malware/new-strain-ransomware-loose-watch/feed/ 0
WhatsApp blocks WhatsApp Plus usershttp://www.pandasecurity.com/mediacenter/news/whatsapp-blocks-whatsapp-plus-users/ http://www.pandasecurity.com/mediacenter/news/whatsapp-blocks-whatsapp-plus-users/#comments Wed, 21 Jan 2015 13:08:09 +0000 http://www.pandasecurity.com/mediacenter/?p=12811 “You’re temporarily banned from WhatsApp because you may have violated our terms of service. You’ll be able to use WhatsApp again in:” Maybe this text sounds you familiar… WhatsApp has blocked the accounts of all WhatsApp Plus users. The reason? It cannot guarantee the security of the service. The block will last 24 hours and […]

The post WhatsApp blocks WhatsApp Plus users appeared first on MediaCenter Panda Security.

]]>
whatsapp plus

“You’re temporarily banned from WhatsApp because you may have violated our terms of service. You’ll be able to use WhatsApp again in:” Maybe this text sounds you familiar…

WhatsApp has blocked the accounts of all WhatsApp Plus users. The reason? It cannot guarantee the security of the service.

The block will last 24 hours and WhatsApp explains it as follows:

whatsapp banned

WhatsApp Plus is an Android app developed by a Spanish programmer, based on WhatsApp but unofficial and unauthorized by it. It allows users to access WhatsApp and customize the look, use other emoticons, send songs…

However, WhatsApp warned that using unauthorized apps was a violation of its Terms of Service, and those who use them will be banned and that is what has happened.

The post WhatsApp blocks WhatsApp Plus users appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/whatsapp-blocks-whatsapp-plus-users/feed/ 0
10 Tips for protecting your company’s emailhttp://www.pandasecurity.com/mediacenter/security/10-tips-protecting-companys-email/ http://www.pandasecurity.com/mediacenter/security/10-tips-protecting-companys-email/#comments Tue, 20 Jan 2015 11:45:29 +0000 http://www.pandasecurity.com/mediacenter/?p=12799 Practically all important information that we work with nowadays reaches us via corporate email. That’s why email security is so important for companies. Here we offer some advice to bear in mind to prevent unauthorized people from accessing your email – and the information it contains. 10 Tips for protecting your company’s email Many of […]

The post 10 Tips for protecting your company’s email appeared first on MediaCenter Panda Security.

]]>
Practically all important information that we work with nowadays reaches us via corporate email. That’s why email security is so important for companies. Here we offer some advice to bear in mind to prevent unauthorized people from accessing your email – and the information it contains.

keys

10 Tips for protecting your company’s email

Many of the cyber-attacks that target large companies can be traced back to email. When all’s said and done, this is the place where a company’s most useful information can be found; where employees chat; where credit card details -even passwords- are sent. Read on if you want to know how to look after this information.

  1. The first thing you should be thinking about as a company owner is training your staff in IT security, to eliminate dangerous behavior when using company email.
  2. Employees can counter risks by deleting old emails. You accumulate hundreds (even thousands) of messages in the belief that the information is really important (it could be for a cyber-criminal!). If you genuinely regard the information as vital, you could always save it to an external hard drive or data base and then delete the original emails.smartphone email
  3. Encrypt your email. One of the main features of corporate email is that it gives companies control over sensitive information, and prevents it from being circulated through employees’ personal email accounts. The best way to ensure such control and keep it from falling into the wrong hands is to encrypt it.
  4. When you have to create a password make sure it’s complex and that nobody could guess it. That said, make sure you can easily remember it too.
  5. You should also be careful when starting a corporate email session from public computers in libraries, Internet cafes and the like. Make sure you close the session before leaving the computer, though even then you can leave traces of your activity that are easily detected by cyber-criminals. Better only to access your company email on trusted networks.
  6. Don’t give your email address to everyone, and don’t post it on public Internet sites, remember that scammers are always on the lookout for new victims. inbox
  7. Careful with fake emails that try to trick you into resetting passwords as part of a supposed security check. These are normally scams designed to steal your passwords and access your email account. If you really need to change your password, go to your email provider’s website and make any changes from there, but don’t click on links sent to you via email.
  8. On a similar note: don’t even open emails sent from unknown sources.
  9. And of course don’t forget that company email is a working tool, it’s not for exchanging messages with friends and family. Remembering this will also help keep information from falling into the wrong hands.
  10. Last but not least, a good tool for protecting email from malware and other dangerous content is Panda GateDefender, which can prevent unwanted files from entering into contact with your company’s most sensitive data. This software filters spam to safeguard employee productivity, and also enables the secure and centralized storage and administration of your network’s users’ messages, ensuring flexibility and complete connectivity.

 

The post 10 Tips for protecting your company’s email appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/security/10-tips-protecting-companys-email/feed/ 0
Careful with FileZilla! There is malware that imitates it perfectlyhttp://www.pandasecurity.com/mediacenter/malware/careful-filezilla-malware-imitates-perfectly/ http://www.pandasecurity.com/mediacenter/malware/careful-filezilla-malware-imitates-perfectly/#comments Tue, 20 Jan 2015 09:36:40 +0000 http://www.pandasecurity.com/mediacenter/?p=12790 Anyone who has a website will be familiar with the term FTP (File Transfer Protocol), a protocol for transferring files over the Internet. When designing a website, you will have to use this quick method for storing the files that you want users to see (pages, pictures, documents, etc.) on a server. There are also […]

The post Careful with FileZilla! There is malware that imitates it perfectly appeared first on MediaCenter Panda Security.

]]>
filezilla

Anyone who has a website will be familiar with the term FTP (File Transfer Protocol), a protocol for transferring files over the Internet. When designing a website, you will have to use this quick method for storing the files that you want users to see (pages, pictures, documents, etc.) on a server.

There are also various types of programs for transporting data: these are called FTP clients, which connect your computer to the machine on which the information will be stored. One of the most widely-used is FileZilla, open and free software used by amateurs to professional web developers.

The first program, developed by Tim Kosse, was launched in 2001. Now it can be run on the most common operating systems (Windows, Linux and Mac OS X).

If you use this tool regularly, be on the lookout: malware has been detected in some versions (Filezilla v3.5.3 and Filezilla v3.7.3). The false application is installed in exactly the same way as the official version; it simulates the wizard interface perfectly and runs without any hitches.

The functioning of programs like FileZilla is simple: they allow web files to be arranged as if they were just another directory on your computer. In fact, you are managing a space in the memory of another computer (or several, if you work with various servers). You can save the data in different folders and arrange them as you please.

filezilla-malware

As you add more documents, they are transferred to this hard drive, which could be located in another country. This is where the activity of the malicious software comes in, which acts like a Trojan. It identifies each connection you establish with your server and communicates with another computer to which it sends the address where the information is housed and your FTP account login credentials.

Some addresses have been detected to which the malware transfers the stolen data, both with a Russian domain. These are ‘aliserv2013.ru’ and ‘go-upload.ru’, created in the domain register Naunet.ru, associated to fraudulent activity such as spamming. This platform hides its customers’ details and ignores demands to suspend its illegal domains.

Although this fraudulent version seems to work like the secure programs, certain characteristics give it away.

The main difference lies in the information in the About window in the program’s menu.

malware-filezilla

In this section you will find different references in the ‘Linked against’ option. In the malformed software, the versions of GnuTLS and SQLite are earlier versions than in the official program. In addition, you will find that the program does not allow you to update them.

GnuTLS (GNU Transport layer Security Library) and SQLite are two systems that guarantee that an application uses a secure transport layer (encrypted) to send data. These two systems are also open and free.

By using an outdated version of these programs, you risk a cybercriminal being able to monitor the login credentials used by FileZilla and decrypt the supposedly secure connections established.

Another difference with the flaw-free version is the presence of two additional libraries (ibgcc_s_dw2-1.dll and libstdc++-6.dll), although these do not seem to have any malicious effects.

Just follow these clues in order to check if the version you have installed is a spoof or the official program. In any case, make sure that you only download freeware like FileZilla from a website that offers security guarantees.

The post Careful with FileZilla! There is malware that imitates it perfectly appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/malware/careful-filezilla-malware-imitates-perfectly/feed/ 0
#XMASPANDA contest winners!http://www.pandasecurity.com/mediacenter/panda-security/xmaspanda-contest-winners/ http://www.pandasecurity.com/mediacenter/panda-security/xmaspanda-contest-winners/#comments Tue, 13 Jan 2015 14:54:54 +0000 http://www.pandasecurity.com/mediacenter/?p=12782 We finally can communicate our #XMASPANDA contest winners. If you are one of our Twitter winners, send us a Direct Message. Then if you are the one from Facebook , you can send us a Private Message too. We need the following details: Name Address Mobile Phone Email Address Panda Mobile Security License Ramon Jarque […]

The post #XMASPANDA contest winners! appeared first on MediaCenter Panda Security.

]]>
Christmas contest

We finally can communicate our #XMASPANDA contest winners.

If you are one of our Twitter winners, send us a Direct Message. Then if you are the one from Facebook , you can send us a Private Message too.

We need the following details:

  1. Name
  2. Address
  3. Mobile Phone
  4. Email Address

Panda Mobile Security License

  • Ramon Jarque Anton
  • Diana de Felipe Tenorio
  • Adrian Aguilera Quesada
  • Robert Mcdonald
  • Liz Schneider
  • Carol Foxx
  • Rob Diggle
  • Aleksey Apasov
  • Tomas Domingo Catalan
  • Francisco Dominguez Moreno
  • @javiermargarit
  • @nabil_freedom
  • @markes5d
  • @glenhilts
  • @p_sandhal
  • @_utdfan
  • @mnvikes40
  • @cathleen_ming
  • @avenue25
  • @hilbournetony

Panda Security Cup

  • Jesús Montes
  • Oscar Luis Maiso Pavia
  • David Escobar
  • Gayle L Johnson
  • Paulo Bispo
  • Iñaky Aion
  • Conceiçäo Carvalho
  • Victor Jiménez Rodríguez
  • Jamie RollerGirl Garland
  • Lisa Middleton
  • Joey Harden
  • @mariasedeo1
  • @travellermind1
  • @tannis91
  • @novairt
  • @ilorcisoft
  • @fabin_ferreira
  • @fer_cantillo
  • @iwantyourstuff
  • @dlrcorn

Panda Security Headphones

  • Ele Velasco Sastre
  • Carlos Martinez Rivero
  • Tina Loucks
  • Christine Gordon
  • Brad Belden
  • @carlosdefuentes
  • @elgrangeniofamy
  • @ybarralde
  • @aprilhaddock
  • @gasteiztarrabat

Thanks for taking part of our Christmas contest! :)

The post #XMASPANDA contest winners! appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/panda-security/xmaspanda-contest-winners/feed/ 2
Be careful if you use Linux in your company: It is not immunehttp://www.pandasecurity.com/mediacenter/malware/careful-use-linux-company-immune/ http://www.pandasecurity.com/mediacenter/malware/careful-use-linux-company-immune/#comments Mon, 12 Jan 2015 11:29:43 +0000 http://www.pandasecurity.com/mediacenter/?p=12776 The most common open operating systems are often seen, and not without its reasons, as a good option for companies. Unlike Windows, installation is free or costs very little and they do not need constant upgrading. Another benefit is security. Viruses often target Windows computers and there is no place for them on devices running […]

The post Be careful if you use Linux in your company: It is not immune appeared first on MediaCenter Panda Security.

]]>
linux malware

The most common open operating systems are often seen, and not without its reasons, as a good option for companies. Unlike Windows, installation is free or costs very little and they do not need constant upgrading.

Another benefit is security. Viruses often target Windows computers and there is no place for them on devices running this software. Therefore, many IT departments choose open operating systems. However, despite their many strong points, they are not immune (if anyone thought otherwise).

2014 was not a good year for Linux. During the year, different types of malware and vulnerabilities affecting this software were detected, ending its reputation as unbreachable and giving its followers something else to worry about; from now on, they will have to pay more attention to the security of their computers.

Linux

One of these concerns comes in the form of Turla, malicious software that is also known as Snake or Ouroboros. It is believed to have come from Russia but it has been infecting Windows computers worldwide for years. Recently, a version of this Trojan targeting Linux was also detected.

Turla uses a backdoor to give cyber-criminals access to the computer, as if they were just another user, without needing to use the ‘root’ account (the account that has all rights and permissions). As a result, the restrictions that the operating system puts on this type of entry are bypassed.

Home users, in principle, do not need to worry, but the same does not apply to companies. Those who use the aforementioned malware usually do so for corporate espionage or surveillance, not for stealing credit card numbers.

In addition, X.org, a server on which open-source graphic interfaces can be run (including Linux), is also vulnerable. Several vulnerabilities have been published that make its users an easy target for cybercriminals.

Another security flaw that has been on the operating system for years is Shellshock, which does not affect Windows. The bug lies in the program that parses the open software commands (Bash). When a Linux device connects to an insecure Wi-Fi network, this window allows a Trojan to get into the device without any problems. Fortunately, the security patches released have fixed the hole.

But security flaws and malware are not the only headaches of open operating system users. It is not always easy to get the security patches prepared by developers. Whereas access to modifications to search engines and other important programs is guaranteed, the same does not occur with other components.

Linux-firefox

An example is what happened with Owncloud, an application for storing files online in open format (an alternative to the well-known Dropbox). When installed under Ubuntu, one of the most popular Linux distributions, it did not execute any security updates. The developer had stopped working on the tool, leaving it at the mercy of cyber-criminals.

Something similar happens with other open-source programs that are not widely used or distributed, such as the user interface Manjaro, which has not received any security modification for a long time either.

Do you use Linux at home or on your computer at work?

The post Be careful if you use Linux in your company: It is not immune appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/malware/careful-use-linux-company-immune/feed/ 0
Who are the Guardians of Peace? A new hacker group is on the loosehttp://www.pandasecurity.com/mediacenter/news/guardians-peace-new-hacker-group-loose/ http://www.pandasecurity.com/mediacenter/news/guardians-peace-new-hacker-group-loose/#comments Thu, 08 Jan 2015 09:46:37 +0000 http://www.pandasecurity.com/mediacenter/?p=12770 Are you familiar with the name ‘Guardians of Peace’? This is a new hacker group that has been gaining notoriety over the last few weeks. Everything began when the hacking group sent Sony a disturbing message threatening the company with leaking large amounts of confidential data unless a series of requests were met. Shortly after […]

The post Who are the Guardians of Peace? A new hacker group is on the loose appeared first on MediaCenter Panda Security.

]]>
Are you familiar with the name ‘Guardians of Peace’? This is a new hacker group that has been gaining notoriety over the last few weeks.

Everything began when the hacking group sent Sony a disturbing message threatening the company with leaking large amounts of confidential data unless a series of requests were met.

guardians of peace

Shortly after this, the Guardians of Peace started publishing all sorts of documents, files and confidential data belonging to Sony. Unreleased movies, information about executive salaries, emails from the company’s lawyers, employee workplace complaints, movie scripts and even the phone numbers of Hollywood celebrities were among the nearly 100 terabytes of data stolen by the hacker collective through a piece of malware called Destover.

The mystery has since grown larger…  Who is behind the Sony attack? Who are the so-called Guardians of Peace and what’s their reason for attacking Sony?

North Korea, prime suspect of the attack

US authorities believe the attacks originated from North Korea. One of the group’s demands was the cancellation of the planned release of the film ‘The Interview‘, a comedy about a plot to assassinate North Korean leader Kim Jong-un.

However, North Korea has repeatedly denied any involvement in the hack attack, and the Guardians of Peace have posted new messages mocking the FBI’s investigation.

Various theories are emerging surrounding the attack. Despite North Korea is still the prime suspect, there is also speculation linking the attack to a possible Sony insider, a group of disgruntled former employees or even a marketing campaign orchestrated by Sony itself to promote ‘The Interview’.

the-interview

Some theories even claim that this is nothing but a campaign designed by the US government to find itself a new enemy and thus justify the mass spy operations carried out through agencies such as the NSA

Incidents like this, combined with the alleged hack of the Play Station and Xbox online services during Christmas, and the constant rumors of Internet leaks, certainly make you wonder if we are not really in the middle of a cyber-war between powers…

Despite the mystery surrounding the attack, the truth is that Sony decided to cancel the premiere of ‘The Interview’ for security reasons (after receiving threats against the company’s employees and their families), and the cyber-attacks have exposed the frailties of the security measures implemented by one of the largest entertainment companies in the world.

The post Who are the Guardians of Peace? A new hacker group is on the loose appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/guardians-peace-new-hacker-group-loose/feed/ 0
Tools to change and remember your passwords, this will help you!http://www.pandasecurity.com/mediacenter/tips/tools-to-change-your-passwords/ http://www.pandasecurity.com/mediacenter/tips/tools-to-change-your-passwords/#comments Fri, 02 Jan 2015 13:06:48 +0000 http://www.pandasecurity.com/mediacenter/?p=12760 Every time you sign up to a Web service, social networking site or online platform you face the same problem: What password should I use? Your passwords should be easy to remember but strong at the same time. And not only that, sometimes you are even requested to mix upper and lower case letters, numbers, […]

The post Tools to change and remember your passwords, this will help you! appeared first on MediaCenter Panda Security.

]]>
Every time you sign up to a Web service, social networking site or online platform you face the same problem: What password should I use? Your passwords should be easy to remember but strong at the same time. And not only that, sometimes you are even requested to mix upper and lower case letters, numbers, or even non-alphanumeric characters (punctuation) to make your password harder to guess by an attacker.

In fact, all these requests aim at forcing users to use a character combination strong enough to prevent it from being cracked by a hacker. However, users frequently prefer the convenience of using the same password for everything (with some variations depending on whether they need numbers or letters), which poses an important security risk.

password tools

First, avoid using passwords that are easy to figure out. It is true that memorizing more complex passwords can be more difficult, but it obviously can be done.

Better still, you don’t even need to do that! There are many applications out there that can give you a hand with managing your passwords.

That’s the case of Dashlane, a free app available for PC, Android and iOS that allows users to check the security of their passwords and store them in one place.

keyboard password

This way it is the app that remembers all passwords for you, while you only have to remember the master password that enables you to use Dashlane and its password repository.

Another excellent option, apart from memorizing all of your passwords or managing them through apps such as Dashlane, is to opt for the greater security level provided by suites such as Panda Global Protection 2015 or Panda Gold Protection 2015, which include a password manager that enables you to access all the Web services that you use by just remembering one master password. Additionally, both security suites increase computer protection with features such as file encryption and PC tuneup.

password

In any event, there are other aspects that must be taken into consideration when creating a password. Most of them are just common sense. Never write down passwords on a piece of paper; don’t use the same password over and over again; and don’t use passwords that are easy to guess, like your date of birth or your kid’s or pet’s names. Also, it is essential that you change your passwords regularly.

Why so much fuss about passwords? Well, it wouldn’t be the first time that the leak of data belonging to millions of user accounts compromises the security of popular services such as Gmail or Dropbox, for example. So, if you don’t want to be the victim of identity and data theft, we strongly recommend that you take the appropriate security measures and manage all your passwords as effectively as possible. As the saying goes, better safe than sorry!

The post Tools to change and remember your passwords, this will help you! appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/tips/tools-to-change-your-passwords/feed/ 4
Security forecast for 2015http://www.pandasecurity.com/mediacenter/news/security-forecast-2015/ http://www.pandasecurity.com/mediacenter/news/security-forecast-2015/#comments Tue, 30 Dec 2014 17:29:27 +0000 http://www.pandasecurity.com/mediacenter/?p=12754 Our colleagues at PandaLabs have been making their predictions about what will be happening in the world of IT security in 2015. Do you want to know what we will be up against next year? Security forecast for 2015 CryptoLocker This type of malware has been in the spotlight in 2014, and these attacks are […]

The post Security forecast for 2015 appeared first on MediaCenter Panda Security.

]]>
Security forecast for 2015

Our colleagues at PandaLabs have been making their predictions about what will be happening in the world of IT security in 2015. Do you want to know what we will be up against next year?

Security forecast for 2015

CryptoLocker

This type of malware has been in the spotlight in 2014, and these attacks are set to increase in 2015.

CryptoLocker operates in straightforward fashion: Once it gets into a computer, it encrypts all types of documents that could be valuable to the user (spreadsheets, documents, databases, photos, etc.) and blackmails the victim into paying a ransom to recover the files.

Payment is always demanded in bitcoins, so that it cannot be traced by the police, making this type of attack very attractive to cyber-criminals, as many users decide to pay in order to recover the hijacked information.

Targeted attacks

A small percentage of the millions of new malware strains that appear every month are specifically created to attack previously defined targets. These attacks, known as targeted attacks, are becoming more common and will be highly significant during 2015.

One of the greatest risks to tackle is that many companies are unaware that they could be the target of such attacks and therefore do not have appropriate measures for detecting or stopping them, or at least for detecting any anomaly and mitigating any damage as soon as possible.

Point-of-sale terminals

In 2014 we have seen an increase in attacks on the POS terminals used by all stores to accept and process customer payments.

Point of sale terminals

Cyber-criminals are attacking these terminals and consequently stealing the credit card details of customers. As a result, an activity that users did not think of as a risk, such as paying at a supermarket, gas station, clothes store, etc., is starting to pose a potential threat to which hundreds of millions of people around the world have already fallen victim.

APTs

APTs (Advanced Persistent Threats) are a type of targeted attack aimed at companies or strategic institutions. Behind these attacks are usually countries that invest huge sums of money in ensuring that the targeted attack goes undetected for a long time.

Although we will not see mass APT attacks in 2015, new cases will be discovered that will have probably been around for years but will only just start coming to light.

Internet of Things

The number of Internet-enabled devices is increasing dramatically, and we are not just referring to computers or cell phones but other devices.

From IP cameras to printers, all of these ‘new’ devices that form part of the Internet share a feature that makes them a highly vulnerable target for cyber-criminals: They are devices that users do not pay much attention to and consequently, for example, they are rarely updated. As a result, as soon as a security flaw is found in the software on any one of these, compromising the device will be child’s play for any cyber-criminal. To make matters worse, these devices are connected to internal networks, home or corporate, making them ideal entry points for carrying out all types of wider attacks.

Smartphones

Smartphone attacks, or more specifically attacks on devices running Android, are going to reach new heights. Not only will the attacks increase but so will their complexity, with a single goal: to steal passwords.

We store a growing amount of data on our smartphones and cyber-criminals are going to try to get it at any cost.

Although malware on cell phones was somewhat anecdotal a couple of years ago, more malware for Android has appeared in 2014 than all of the malware targeting any mobile device ever.

It seems that in 2015 these threats will skyrocket, and the number of victims will also increase.Therefore it will be essential to use antivirus products for these devices.

You can download the full report here. :)

The post Security forecast for 2015 appeared first on MediaCenter Panda Security.

]]>
http://www.pandasecurity.com/mediacenter/news/security-forecast-2015/feed/ 1