Smart wearables are nothing new – an Apple Watch barely attracts attention these days. And now smart glasses represent the latest frontier in wearable technology, blending digital convenience with everyday eyewear. 

The newly released Meta Ray-Ban Display glasses, feature an in-lens screen and gesture controls, showing how close these devices are to mainstream adoption. However, as sleek and cool as this technology appears, mounting privacy and safety concerns raise important questions about what they mean for society in general. Smart glasses demonstrate exciting capabilities – and raise serious questions about potential privacy risks.

Key takeaways

• Smart glasses like Meta Ray-Ban Display offer discreet access to messages, navigation and multimedia without pulling out your phone.
• The near-invisible display and discreet recording features raise concerns about unnoticeable surveillance and data privacy.
• Social etiquette and legal frameworks around smart glasses are still evolving, with calls for clear consent and transparency.
• Privacy advocates warn about new risks with facial recognition and data storage tied to smart glasses.
• Users must weigh the benefits of augmented convenience against the ethical responsibilities of wearable tech use.

What are smart glasses?

Smart glasses are eyewear embedded with digital displays and connectivity features that relay information directly to the wearer. Unlike traditional smartphones or smartwatches, they offer a hands-free, discreet interface — often overlaying data in the user’s line of sight. The latest Meta Ray-Ban Display glasses incorporate a nearly invisible heads-up display and gesture controls for messaging, media playback, and turn-by-turn navigation.

Why smart glasses are exciting

Smart glasses unlock new ways to interact with digital content without interrupting real-world activities. They enable users to read texts, take calls, view social media, record video and even get real-time transcription of conversations. The Meta Ray-Ban Display’s subtle design makes it look like regular glasses, removing previous stigma and “Glasshole” backlash seen with earlier bulky wearables like Google Glass.

Privacy and safety concerns

Despite their benefits, smart glasses introduce serious privacy dilemmas. The unobtrusive screen and camera can record or stream without others noticing, potentially infringing on bystanders’ rights. Most smart glasses are fitted with LEDs to indicate the camera is in use, but in reality this offers little or no protection to the general public.

Facial recognition technology under consideration for future versions makes these concerns more urgent, threatening pervasive surveillance and misuse of personal data. The fact that voice commands and visual data sent to cloud servers are saved without opt-out options intensifies worries about data control and security. It is also unclear how companies like Meta will use this data.

Driving safety is yet another debate, as some glasses offer navigation displays. This technology could distract drivers in the same way using a phone does. Regulation is currently sparse, with policymakers still catching up to the technology’s rapid development.

Practicing responsible use

Industry experts and ethicists recommend adopting clear social etiquette for smart glasses use: always ask consent before recording, use visible indicators when capturing footage, and remain aware of your surroundings. 

Smart glasses wearers should also prioritize protecting their own and others’ data by configuring privacy settings and understanding device data policies. Manufacturers must also build transparency and ethical responsibility into their products to build trust in this new category of wearable technology.

Conclusion

Smart glasses stand at a crossroads between transformative convenience and profound privacy challenges. While devices like Meta’s Ray-Ban Display make the technology appealing and accessible, careful consideration of ethical use and robust privacy protections is essential to prevent misuse. 

For consumers, the key will be embracing this innovation with awareness and respect for social norms. Smart glasses should enhance their lives without undermining the privacy of others. The future may indeed be wearable, but it must also be responsible.

The post Smart Glasses: Cool Tech or a Privacy Threat? appeared first on Panda Security Mediacenter.

Google has partnered with UK nonprofit StopNCII to enhance its defenses against non-consensual intimate imagery (NCII), commonly known as revenge porn. This collaboration uses digital fingerprinting technology to help victims proactively protect their privacy. The system blocks images and videos from appearing in Google Search results and across other major platforms, all while ensuring the actual image never leaves the user’s device.

The technology relies on user-submitted image hashes, empowering individuals to take control before abuse occurs. This article explains how the system works, who can benefit, and its limitations.

Key takeaways

• Google and StopNCII have partnered to detect and block revenge porn using hash technology
• The system is user-controlled – individuals must proactively upload image hashes to protect themselves
• Your actual photo never leaves your device; only a unique digital fingerprint (hash) is shared
• Protection now extends to Google Search, joining platforms like Meta, Bing, TikTok, and Reddit
• The system works only for images you possess and does not cover AI-generated content or audio

How can I stop revenge porn from spreading?

StopNCII allows individuals to create a private case where they can select intimate images they wish to protect. Their system generates a unique digital fingerprint, known as a hash, from each image. This hash is mathematically derived from the image’s data but cannot be reversed to recreate the original photo. In the unlikely event a hacker intercepts and decrypts your hash, all they will see is a long string of letters and numbers which don’t actually “do” anything.

The hash is uploaded to StopNCII’s database and shared with partner platforms, including Google. When a matching image is uploaded online, the websites and services partnered with StopNCII will detect the hash and block or remove the picture automatically.

Protected images never leave your device and StopNCII never actually “sees” your photographs.

How do image hashes work?

You can think of a hash being like a digital fingerprint for your photo. Each image produces a unique hash through a cryptographic process. If even one pixel changes, the hash changes completely. This ensures precise identification without storing or sharing the actual image. 

StopNCII uses this technology to protect privacy while enabling effective detection across platforms.

Who can use StopNCII hash protections?

Any individual aged 18 or older who possesses nude, semi-nude, or sexually explicit images and videos they fear might be shared non-consensually can use StopNCII. The service is free and available to anyone, anywhere in the world. 

Since 2015, StopNCII’s partner, the Revenge Porn Helpline, has removed over 300,000 NCII items using image hashing with a 90% success rate.

What are the limitations?

Unfortunately, protection is not universal. The system only works for images you have in your possession. AI-generated nudes, audio recordings, or text messages are not covered. 

StopNCII’s image hashing only works with partner platforms like Google, Bing, Meta, X, and TikTok. This means that non-partner sites may not detect or remove flagged content. However, registering sensitive images with StopNCII will help to limit or prevent spread – particularly across the most popular online services.

Take control of your digital privacy now

Google’s integration with StopNCII marks a major step in proactive online protection. By turning image protection into a user-controlled process, the system empowers individuals to safeguard their dignity before harm occurs.

As regulators step up efforts to combat sexual abuse material, StopNCII offers a powerful, user-centric solution that does not rely on invasive content scanning alternatives. You can start protecting your sensitive images with the StopNCII service right now by creating a case.

The post Google Partners with StopNCII to Block Revenge Porn appeared first on Panda Security Mediacenter.

The fall of the world’s leading cloud infrastructure platform has caused a blackout across websites, apps, and social networks without contingency plans. Lacking a plan B can trigger a total paralysis — and even invisibility — multiplying the risk of intrusions.

The engine stopped

On the morning of Monday, October 20, 2025, numerous websites, applications, and social networks went dark due to a global outage of Amazon Web Services (AWS), the world’s largest cloud infrastructure platform. In the United States, users were unable to access Amazon, Alexa, Prime Video, Crunchyroll, Canva, Perplexity, and Duolingo; social networks like Snapchat or Goodreads; and games such as Fortnite, Roblox, or Clash Royale. In Europe, several services experienced similar accessibility issues.

“This happens because many invisible pieces of the internet live on AWS,” explains Hervé Lambert, Global Consumer Operations Manager at Panda Security. “When this platform fails, it’s not just a server that goes down — entire basic services collapse, affecting websites, apps, and social networks that rely on them.” In short, “they stop working because they share the same infrastructure and base services — computing, storage, DNS, authentication, and CDN — either directly in AWS or in third-parties that depend on it. Without multi-region architecture or contingency plans, the entire user experience — loading, logging in, paying, or posting — falls apart.”

“When an outage of this magnitude occurs,” continues Lambert, “some apps can’t serve pages, APIs, or feeds because their compute layer — EC2, EKS, or Lambda — fails at the nodes or control plane. If there’s nowhere to read or store data, the site can’t load or authenticate; logins break because authentication systems like Cognito, STS/AssumeRole, or AWS SSO stop issuing tokens; DNS fails to resolve, or the CDN can’t fetch origin data, so domains respond erratically. Even if an app isn’t hosted on AWS, it still suffers if its providers are — the whole chain behaves like a house of cards.”

Why AWS Failures Ripple Across Services and Apps

Moreover, when AWS fails or degrades, “some companies go blind because their observability depends on that same platform,” warns Lambert. “If tools like CloudWatch, CloudTrail, GuardDuty, SIEMs, dashboards, SNS/SES alerts, or SSO are hosted in the same region, they too go down — leaving websites without metrics, logs, or valid credentials, and therefore exposed.” All of this is preventable “if monitoring, logging, and identity have an emergency exit outside the failure zone.”

Many companies, however, centralise everything in a single region and account — “including backups and KMS keys,” notes Lambert. “Without multi-region failover, unavailability is total. Under pressure, some teams open security groups, disable WAFs, or expand IAM permissions to keep systems running — often breaking more things or leaving apps vulnerable.”

The importance of having a “Plan B”

Why are there no contingency plans if outages are so risky?

“Because they aren’t incentivised — they seem expensive and technically tedious,” summarises Lambert. “Many websites and apps lack a Plan B because their priorities are misaligned: business rewards speed, not resilience; there’s a false sense of security — people believe these things won’t happen to them. Multi-region or multi-account setups, data replication, redundant identities, runbooks, and drills all sound like cost doubling. And many assume AWS won’t fail or that the SLA will cover the loss — which is not true.”

At this point, the role of security by design becomes crucial. Many organisations still don’t integrate cybersecurity from the earliest stages of product or infrastructure development. They often react later with patches instead of building resilient systems from the start — a less effective and ultimately more expensive approach.

To break that cycle, Lambert suggests: “build resilience into KPIs, separate accounts and regions, automate backups and guardrails, and run failover drills. That will always be cheaper than explaining to thousands of users why your service has disappeared.”

The post AWS outage: what it reveals about the fragility of cloud cybersecurity appeared first on Panda Security Mediacenter.

Yes, it does. Although there is no exact number of how many U.S. citizens are affected, the number is likely enormous. Every year, Australia welcomes more than half a million tourists from the USA, and Qantas is one of the major airlines operating flights from numerous major U.S. cities, including Los Angeles, San Francisco, New York, and Dallas. The breach occurred in July 2025, and although the FBI reported some successes in dealing with the hacker organization that claimed responsibility, the stolen information belonging to Qantas was subsequently leaked on the dark web. Qantas has begun notifying the affected travelers, which includes U.S. persons, about the cybersecurity breach that affected nearly six million customers worldwide.

Key takeaways

• U.S. travelers are among the victims of the Qantas hack from July 2025
• The details of 5.7 million Qantas customers have been leaked online 
• The leaked information consists predominantly of names, addresses, DOBs, and phone numbers. 
• The number of affected Americans is unknown, but it is likely in the thousands
• Qantas has begun informing affected customers, but does not offer free identity theft monitoring services to the victims

When did Qantas experience the hack, and who is responsible for the attack?

Earlier this year, hackers belonging to a cybercriminal collective known as Scattered Lapsus$ Hunters deployed social engineering tactics to gain unauthorized access to the Salesforce environments of numerous high-profile companies, including the Australian airline Qantas. The incident occurred in the summer of 2025 and resulted in the theft of over 5 million travelers’ personal records, which included sensitive information. 

Has the stolen information been leaked on the dark web?

Although global law enforcement agencies, including the FBI, managed to disrupt the operations of the Scattered Lapsus$ Hunters cyber gang, records of approximately 5.7 million travelers have been exposed. After the initial confirmation of the Salesforce-related cyber incidents, multiple law enforcement agencies collaborated. They worked together to shut down the website of the crime gang that claimed responsibility for the attack. Law enforcement also took down a dark web forum used by the gang members.

What info was leaked in the Qantas cyber incident?

The hackers managed to obtain sensitive information, including names, email addresses, physical addresses, date of birth details, and phone numbers. The stolen data does not contain Social Security Numbers (SSN) or passport information of U.S. citizens.  

How many U.S. citizens have been affected by the Qantas hack?

The number of U.S. citizens affected by the data breach is unknown. However, Australia receives more than half a million tourists every year. So the number of affected travelers is likely in the thousands.

How to know if a person is included in the Qantas data breach?

Qantas customers whose details have been leaked are now receiving emails from Qantas with more information about the breach. The airline has begun notifying its affected customers. Qantas advises its customers to remain alert and always use two-step authentication when possible. 

The Australian airline is not alone. The company is just one of many organizations globally that have been affected by the social engineering attacks on Salesforce customers. The same hacker organization used the same tactic on other high-profile organizations, including Cisco, Allianz Life, and Coca-Cola. Scattered Lapsus$ Hunters claims to have more than one billion personally identifiable records. With the increasing number of cyber incidents, the likelihood of personal information being exposed is substantial, and having antivirus protection on all connected devices has never been more critical than it is now. 

The post Does the Qantas hack include U.S. citizens? appeared first on Panda Security Mediacenter.

It is close to impossible to keep AI out of your personal life, and a recent report by PEW research confirms that the majority of Americans admit they do not have much control over how AI is used in their lives. And they are correct – it is particularly challenging to stay hidden, especially for people living in the Western world.

Artificial Intelligence is virtually everywhere, and its automated programs constantly scour the internet and other sources for data. Nowadays, internet users leave numerous digital footprints that are useful for AI crawlers, which collect information about everything, including aspects of people’s personal lives. Data brokers do not help the situation, as people who tend to leave fewer digital footprints still end up on databases around the internet because of their presence on public and private lists. AI is being utilized in various fields, including but not limited to video surveillance, finance, healthcare, and transportation. Different generative artificial intelligence automated programs, which include chatbots, are trained on specific parts of data fed to them, which includes social media content and the public internet.

Key takeaways

• AI is deeply rooted in digital life, and it is close to impossible to avoid its influence on people’s personal lives 
• Mainstream chatbots try to avoid personal information, but AI still has access to personal info that is accessible to organizations such as law enforcement and intelligence agencies 
• Mainstream AI chatbots such as Grok, Meta AI, Gemini, and ChatGPT train on public data
• When trying to avoid AI, VPNs are helpful but come with limitations 

How is AI being used, and why is it hard to keep it away?

AI tools are already being deployed almost everywhere, from dating websites to science research and entertainment, as well as in private and government law enforcement organizations. AI-powered assistants are helping people find better matches on platforms such as Facebook Dating. High-profile individuals, including Elon Musk, have predicted that soon we will have AI-generated games and movies, and AI will accelerate and generate new scientific discoveries. 

Do chatbots train on info from data brokers such as White Pages?

White Pages is considered the largest online directory provider in the USA and has approximately 200 million user records. Publicly available AI-powered chatbots, such as those offered by OpenAI and Google, do not utilize White Pages data for training their large language models (LLMs). People’s private and sensitive information is excluded or anonymized. Users’ privacy is often protected to some extent by various legal frameworks, such as California’s CCPA and Europe’s GDPR. However, law-enforcement-specific offerings, such as SoundThinking’s CrimeTracer, don’t have such limitations. They provide a Google-like search engine for government agents. Everyone hopes that law enforcement does not misuse those powerful tools for personal or political gain.  

Where do AI chatbots train?

Different types of chatbots focus on specific areas of the internet. For example, xAI’s Grok is heavily trained on data from the social media platform X. In contrast, Facebook’s Meta AI trains on information available in public posts on Facebook. It also uses other details shared with the app, such as location and public profile information. Even though Meta has confirmed on multiple occasions that it does not train on private messages, it admits to using public data. The company does not offer a direct opt-out feature for US users. This means users cannot prevent their public posts from training its AI. Google’s Gemini and OpenAI’s ChatGPT train on everything that includes the public internet. 

Does VPN prevent AI from training on your online activity?

It does to some extent, but it is not entirely bulletproof. A VPN can block AI-powered behavioral profiling. It is particularly helpful as it encrypts internet traffic and masks a person’s IP address. However, VPN services also come with a range of limitations. They have almost no impact on account-level surveillance and tracking through local identifiers, such as cookies and browser fingerprinting. If a user is connected to the same social media profile or email account, the service provider still tracks their behaviour and possibly uses it for AI training. The same applies to cookies and other digital identifiers. These are used to build profiles for targeted advertising or personalized experiences.

Apart from using a VPN, which often comes with quality antivirus solutions, individuals who wish to limit AI’s training on them. They can also consider using privacy-focused browsers. They should also adjust their privacy settings on social media platforms and search engines. Taking a look at the privacy settings on apps, consoles, and even government and public services is also advisable. This includes requesting that data brokers and mortgage providers not share/publish/train AI on personal information. When it comes to privacy, the less you agree to share, the better.

The post Is it possible to keep AI out of your personal life? appeared first on Panda Security Mediacenter.

In a world where artificial intelligence tools are becoming as common as smartphones, parents face a critical challenge: teaching children to interact with AI safely while harnessing its educational potential. Research shows that 78% of children have discussed AI with their parents, yet only 34% of those conversations address crucial concerns like information accuracy.

The key lies not in avoiding AI altogether, but in building children’s digital literacy and critical thinking skills from an early age.

Key takeaways

• Start conversations early: 78% of children have discussed AI with parents, but only 34% of these conversations address critical concerns like information accuracy and emotional attachment – make these discussions comprehensive and ongoing
• Build healthy skepticism: Children trust AI responses more than adult sources, with 40% expressing no concerns about following AI advice – teach them to verify all AI information through multiple reliable sources
• Set clear boundaries: Establish family rules including never sharing personal information with AI, discussing confusing responses with adults, and using AI as a learning tool rather than human replacement
• Choose safe platforms: Select kid-focused AI tools with robust parental controls and content filtering rather than general-purpose chatbots

Understanding the AI landscape for children

Studies reveal that 58% of children who use AI chatbots believe these tools provide better information than traditional searches. This trust, while concerning, presents an opportunity for parents to guide responsible usage.

AI tools present both tremendous opportunities and significant risks for young users. On the positive side, they can enhance creativity, support learning, and provide quick access to information. However, research also shows concerning trends: children may develop emotional attachments to AI companions, encounter inappropriate content despite safety measures, and struggle to distinguish AI-generated information from reliable sources.

Building critical thinking skills

Protecting your kids begins with smart, transparent conversations. Asking your kids how they use AI and sharing tips on safe use will prepare them to interact with these systems safely.

Question everything

Encourage children to approach AI-generated content with healthy skepticism. When they receive an AI response, teach them to ask: “Is this information accurate? What sources support this?” Show them the basics of fact checking so they learn to confirm AI statements are accurate.

Understand AI limitations

Help children recognize that AI systems can produce biased or incomplete answers because they’re trained on datasets that may contain inaccuracies or reflect societal biases. Use age-appropriate examples to show how AI might favor certain viewpoints or provide outdated information.

Practice source verification

Implement a family rule that important information from AI sources must be confirmed through at least two reliable, human-authored sources before being accepted as fact. This builds essential media literacy skills that extend beyond AI use.

AI rules to protect your family

Here are some suggested guidelines that will help better protect kids as they interact with AI: 

Establish clear boundaries

Consider implementing rules such as never sharing personal information with AI systems, always discussing concerning or confusing AI responses with a trusted adult, and using AI as a learning tool rather than a replacement for human guidance.

Choose safe platforms

Not all AI platforms are suitable for children. Specialized kid-focused AI tools like PinwheelGPT offer better safety features than general-purpose chatbots. These platforms typically include robust parental controls, content filtering, and educational focus rather than pure entertainment.

Monitor for over-reliance

Watch for warning signs that your child may be developing an unhealthy relationship with AI tools. These include withdrawing from real-world friendships, preferring AI conversations to human interaction, or becoming distressed when AI access is limited. If these addictive behavior patterns emerge, consider reducing AI exposure and increasing opportunities for human social interaction.

Teach healthy skepticism

Help children understand that AI responses, while often helpful, can be manipulated to seem more credible. Explain how AI systems, like social media, are designed to maintain engagement, which may not always align with providing accurate or appropriate information.

Emphasize human connection

Regularly remind children that AI cannot replicate human knowledge and emotions. Encourage them to seek advice from trusted adults for important decisions and to maintain strong relationships with family and friends.

Putting AI rules into practice

As a parent, you are the most qualified to decide what is best for your family. Here are some ideas for putting AI rules into place.

Start small

Begin with simple, supervised AI activities like creative writing prompts or basic homework assistance. As children demonstrate responsible usage and critical thinking skills, gradually increase their independence.

Use technology tools wisely

Consider implementing parental control software that can monitor AI interactions while respecting your child’s developing autonomy. Tools like Panda Dome Family can alert parents to concerning conversations while allowing educational exploration.

Create learning opportunities

Transform AI mistakes into teachable moments. When AI provides incorrect information, use it as an opportunity to practice fact-checking skills and discuss why verification is important.

Empowering your kids in the age of AI

By focusing on critical thinking, emotional intelligence, and digital literacy, parents can help their children harness AI’s benefits while avoiding its pitfalls. The goal isn’t to shield children from AI entirely, but to empower them with the skills and judgment needed to navigate an AI-integrated future confidently and safely.

The post How Parents Can Train Their Children to Use AI Responsibly appeared first on Panda Security Mediacenter.

Yes, Facebook does have a dating AI assistant that helps users be more efficient when searching for matches on the company’s online dating service, Facebook Dating. The new AI tool comes in the form of a chatbot, and it began rolling out to some Facebook Dating users in Canada and the USA last month. This innovative AI dating helper is designed to reduce users’ swipe fatigue, which, according to a recent Forbes Health Survey, is a real issue, as users admitted to spending approximately fifty minutes a day swiping through dating apps. The new chatbot is not the only new feature from the world’s biggest social media platform. Facebook has also introduced Meet Cute, a feature that aims to eliminate indecision in online dating by automatically matching users with a surprise match based on their personalized matching algorithm. Similar AI-powered features have already been introduced at other meeting apps. 

Key takeaways

• Facebook Dating added a couple of new features to its arsenal of dating tools in an effort to expand its presence in the dating app market.
• The new chatbot can help users find matches without needing to swipe, but by just conversing with a chatbot. The other new feature, Meet Cute, offers surprise matches based on a matchmaking algorithm.
• Unlike tools at other dating apps, the new Facebook Dating match features are offered free of charge.
• Romance scams are rising. Fraudsters use AI tools to create fake profiles and gain victims´ trust with emotional manipulation tactics.   

What is Facebook Dating?

Meta’s Facebook has billions of users, but despite its significant size, it is not known as the go-to place when individuals are looking for a new partner. The folks at Meta have been trying to change that over the last six years since Facebook Dating was first launched. Meta markets its dating services as a space within Facebook designed to facilitate meeting and initiating new conversations with like-minded people who share similar interests.

However, despite having hundreds of thousands of users, Facebook Dating has not taken off as well as other dating apps, whose active user numbers are in the millions. Meta is taking a step forward. Its new AI chatbot and Meet Cute aim to capture part of the dating crowd. Last month, the new features started rolling out in Canada and the USA. 

Facebook’s new dating assistant and Meet Cute explained

The dating assistant is presented as a chatbot that guides love seekers through their dating journey. It offers better matches, and just by conversing with the bot, it can make suggestions. Meta is hoping to alleviate the swipe fatigue that has left dating app users frustrated.

A recent Forbes Health Survey disclosed that users spend approximately 50 minutes swiping per day.  Instead of swiping, Meta wants users to request more unique traits from the dating assistant. For example, they can ask it to “find a handsome engineer from Los Angeles” or a “Kathrin Zeta Jones lookalike”. On the other hand, Meet Cute pairs users automatically based on algorithmic predictions of mutual interest. The feature is optional and delivers matches weekly, but it is not mandatory, and users can easily opt out. Neither feature is yet available worldwide, but both have started rolling out gradually to users in North America.

How does Facebook Dating compare to other dating apps?

While Facebook Dating garners the attention of hundreds of thousands of users, this represents only a tiny portion of the overall Facebook user base. The numbers are small compared to daily users of popular dating apps like Tinder and Bumble, with millions active.

Do other apps have similar AI features?

Yes, they do. Trendy dating apps such as Tinder, Hinge, and Bumble have introduced similar chatbots. While some of them are behind paywalls, AI is widely adopted by the most popular online dating platforms, including Bumble, Tinder, and Hinge. 

Are romance scams on the rise?

Yes, romance scams continue rising, powered by AI chatbots that help fraudsters appear more plausible and trustworthy. The new tools make it hard to spot fake requests. AI attacks are especially effective against non-tech-savvy users. Criminals use AI to create fake profiles and images. It also helps them sound convincing and gain trust. Once the trust is established, criminals typically attempt to defraud their targets by imposing urgent requests and financial demands. The AI and crypto revolutions have made it easy for scammers to thrive. 

Facebook Dating introduced new features last month. They´re rolling out slowly in North America and  expanding globally next year. AI is certainly helping companies deliver better tools, but cybercriminals are also utilizing it. While it is tempting to take advantage of the new tools, social media users need to keep in mind that the latest improvements in AI have also made it possible for fraudsters to become more creative when targeting new victims and executing malicious campaigns. Having adequate cyber protection can help fight back against bad actors trying to scam you.

The post Does Facebook have a Dating AI assistant? appeared first on Panda Security Mediacenter.

A sophisticated cyberattack has brought Jaguar Land Rover (JLR) to a complete standstill for over a month, creating one of the most devastating corporate cyber incidents in UK history. The attack demonstrates how modern manufacturers remain vulnerable to digital threats that can instantly halt multi-billion-dollar operations and threaten hundreds of thousands of jobs.

Key takeaways

• JLR has been shut down since August 31, losing up to £500 million per week
• Over 200,000 workers across the supply chain face job losses
• The UK government intervened with unprecedented £1.5 billion loan guarantee  
• Scattered Spider cybercrime group claimed responsibility for the attack
• Production restart planned for October 6, but full recovery may take months

What happened in the JLR cyberattack?

The devastating attack began on August 31, 2025, when hackers infiltrated JLR’s IT systems, forcing the company to immediately shut down all operations. The notorious Scattered Lapsus$ Hunters group, linked to Scattered Spider cybercriminals who previously targeted major UK retailers including Marks & Spencer and Co-op, claimed responsibility for the breach.

JLR responded by proactively shutting down its entire global IT network to prevent further damage, bringing production to a complete halt across all facilities in the UK, China, Slovakia, India, and Brazil. The company’s three UK manufacturing plants in Solihull, Wolverhampton, and Halewood have produced zero vehicles since September 1, despite normally manufacturing approximately 1,000 cars every day.

How much is the cyberattack costing JLR?

The financial devastation has been unprecedented. Industry experts estimate JLR is losing between £50 million to £500 million per week, with some analysts suggesting daily losses of up to £7.1 million.

What makes this particularly catastrophic is that JLR reportedly had no active cyber insurance coverage at the time of the attack. Unlike Marks & Spencer, which recovered much of its £300 million cyber incident losses through insurance, JLR must bear the full financial burden of this attack. Some industry sources suggest total losses could reach £4.7 billion if the shutdown extends into November.

Supply chain devastation

The true human cost extends far beyond JLR’s factory gates. The company sits at the center of the UK’s largest automotive supply chain, directly employing 30,000 workers while supporting an estimated 120,000 to 200,000 additional jobs across hundreds of supplier companies.

Many suppliers are small and medium-sized enterprises heavily dependent on JLR orders. Industry surveys reveal that one in six businesses in JLR’s supply chain have already implemented redundancies, while others placed workers on zero-hour contracts. One smaller supplier has already laid off 40 employees, nearly half its workforce, directly due to the production halt.

What is JLR doing to recover?

JLR is implementing a cautious, phased recovery approach prioritizing security over speed. The company announced that the Wolverhampton engine facility is expected to restart on October 6, followed by other locations in subsequent weeks.

The recovery process involves collaboration with cybersecurity specialists, the UK’s National Cyber Security Centre (NCSC), and law enforcement agencies to ensure systems are fully secure before resuming operations.

How did the UK Government respond?

Recognizing the catastrophic economic implications, the UK government took the unprecedented step of guaranteeing a £1.5 billion emergency loan to JLR. This is the first time a UK company has received direct government financial support specifically due to a cyberattack.

The loan, provided by commercial banks including HSBC, MUFG, and NatWest but underwritten by the government, will be repaid over five years.

What this means for British manufacturing

The JLR cyberattack serves as a stark wake-up call for British industry about the vulnerability of modern manufacturing to cyber threats. As one expert noted, the incident demonstrates how “a single IT system attack can halt a multi-billion-pound physical production line”.

The attack highlights the interconnected nature of today’s automotive industry, where disruption to one major player cascades through hundreds of suppliers, distributors, and partners. For JLR, full recovery may take months even after production resumes, with industry sources suggesting it could take three to four weeks to ramp up to normal production levels.

As manufacturers increasingly rely on interconnected digital systems, the JLR incident stands as a powerful reminder that cybersecurity (and cybersecurity insurance) is no longer just an IT issue – it’s a fundamental business resilience requirement that can determine corporate survival.

The post JLR cyberattack: How one hack devastated Britain’s Biggest carmaker appeared first on Panda Security Mediacenter.

Guest Wi-Fi refers to a separate wireless network that provides internet access for guests or visitors while keeping them isolated from the host’s primary network. It’s commonly used in homes, businesses and public places to enhance security, manage network resources and provide a convenient way for guests to access the internet without compromising the main network.

Imagine your friend is visiting you and they ask for the Wi-Fi password. Seems harmless, right? You know this person and you trust them on your network. Even so, this piece of shared information could cause a data breach and compromise all of the devices connected to the network, unbeknownst to both of you.

The easiest way to avoid this misstep is by setting up a guest Wi-Fi network. Providing a different access point to guests and vulnerable devices can prevent accidental cyberattacks. Explore what a guest network is, why it matters and how to set one up manually in five simple steps.

What Is a Guest Wi-Fi Network?

A guest Wi-Fi network is a wireless network intended for use by guests or visitors. For enhanced security and network resource management, it’s kept separate from the primary Wi-Fi network in a home, business or public space. It also creates an easy way for visitors to access the internet in public or as temporary guests without compromising the main network.

Devices connected to the guest Wi-Fi network are typically isolated from the devices on the host’s primary network. This isolation helps prevent unauthorized access to sensitive information and resources.

Why Do You Need a Guest Wi-Fi?

Guests may unintentionally access shared files, printers or other devices if they connect to your primary Wi-Fi network. This can lead to unauthorized access to confidential information.

You can isolate your guests from your primary network by creating a separate Wi-Fi guest network. The two different networks ensure guests can’t unintentionally introduce malware or compromise your devices or data in any manner. 

Plus, with a dedicated guest network, you can control and limit bandwidth to avoid any overages on your account.

How to Set Up a Guest Wi-Fi Network

Often, creating a guest Wi-Fi network or free public Wi-Fi network is as simple as changing your preferences. Most Wi-Fi routers allow you to add networks simply by logging into the administrator settings. Let’s look at the steps to set up guest Wi-Fi.

Manually Access Router Settings

Modern routers have options to customize guest Wi-Fi access, like setting how many guests can access the network, what times they can be connected and network broadcasting for automatic connection. Follow the steps below to update your router settings to add a guest network.

1. Step 1: Find the router in your browser. Find your router’s IP address in the user manual or on the back of the router and enter it into your browser’s search bar.
2. Step 2: Log in to your router with administrator access.
3. Step 3: Change the existing network settings. Find your wireless settings or router settings and choose the option to allow a guest network or access.
4. Step 4: Set the network name. Once guest Wi-Fi is enabled, set the name of the network in the SSID field. By default, most routers add “-guest” at the end of the existing network name.
5. Step 5: Configure the guest network settings. Add a new strong password and network security method (WPA or WPA2). Ensure you disallow guests from being able to access the primary network and settings.
   

Guest Wi-Fi FAQ

Now that you know how to enable guest Wi-Fi, how can you keep an eye on who is connected? Below you’ll find the answers to this and other common questions about guest Wi-Fi.

Is Guest Wi-Fi Safe?

Guest Wi-Fi is the safest way to give visitors access to the internet through your existing network. When you set up a guest Wi-Fi network, you create a separate segment or subnet within your overall home network. Your primary home network and the guest network exist as distinct entities, each with its own set of IP addresses.

When you set it up right, guest Wi-Fi security is unmatched. If your guests log on to the primary network with a compromised or malware-infected device, the virus can spread to your home devices connected to Wi-Fi. However, if the compromised device is connected to guest Wi-Fi, the virus or malware can’t penetrate your home network.

Additionally, the Wi-Fi guest network provides another layer of protection for IoT appliances, including smart TVs, which are more susceptible to security vulnerabilities.

What Are the Disadvantages of Guest Wi-Fi?

Potential drawbacks and risks of setting up guest Wi-Fi include:

• Data breaches or unauthorized use: If guest Wi-Fi is incorrectly configured, devices on the guest network may still be able to gain access to sensitive areas or resources of the primary network.
• Malware or cyberattacks: Guest Wi-Fi networks can sometimes lack the advanced security protections and monitoring found on internal networks, making them a potential entry point for malware or cyberattacks brought in by compromised guest devices. 
• Bandwidth consumption: Guests using the network may affect overall internet performance for primary users, especially if bandwidth limits are not properly set.
• Liability: If a guest uses the Wi-Fi for illegal activity, the network owner could be implicated and potentially face consequences.

How Can You Manually Connect to Wi-Fi?

To manually sign into a Wi-Fi network, go to your device’s Wi-Fi settings, find and select the network name (SSID) you want to join, then enter the password if it’s secured. On Windows, this is under “Network & Internet” settings; on Mac, it’s in the Wi-Fi menu in the top bar. Once connected, your device should remember the network for future use.

Do You Need a Password for Guest Wi-Fi?

For secure guest internet access, all Wi-Fi networks should have a password to prohibit unknown devices from connecting. While your primary network should have a more complicated password, your guest Wi-Fi password can be simple — something that’s easy to share and change if needed.

How to See What Devices Are Connected to My Wi-Fi?

You can see what devices have found your Wi-Fi and connected by using your router’s web interface. If you suspect unknown devices have accessed your network, you can remove them through the interface.

If you don’t recognize the devices listed on your router’s web interface, change the Wi-Fi password. This will require all connections to re-enter the new password before they are allowed network access again.

How Do You Remove Devices From Wi-Fi Without Changing the Password?

To remove devices from your Wi-Fi without changing the password, access your router’s administration page via its IP address in a web browser. Log in with your router’s credentials and navigate to sections like “Connected Devices” or “Access Control.”

Identify the unwanted devices by their MAC addresses and add them to a “blocklist” or “denied” list. Save your changes to disconnect them. Some routers also offer companion apps for easier device management.

Can I Control Bandwidth and Access Limits on My Guest Wi-Fi Network?

Yes, most modern routers let you control bandwidth and access limits on your guest Wi-Fi network. You can usually set speed caps, limit the number of connected devices and block access to certain websites or services. These settings are typically found in your router’s admin panel under the “Guest Network” or “QoS (Quality of Service)” section.

Keep Connections Secure With Panda Dome Antivirus

Setting up Wi-Fi for guests and vulnerable smart devices adds an extra layer of security to your primary network. Viruses often go undetected, with the primary goal of infecting as many devices as possible. By creating a different access point for Wi-Fi, you’re being proactive against possible cyberattacks on your network. It also protects valued guests and visitors from the potential risks of using public Wi-Fi set up by others.

For the continued safety of all your connected devices, invest in reliable antivirus software. With Panda’s free antivirus, you can set up comprehensive protection against viruses.

The post Guest Wi-Fi Explained + How to Set It Up in 5 Simple Steps appeared first on Panda Security Mediacenter.

Targeting devices/networks	Attacks aimed at damaging or gaining unauthorized access to systems	Viruses Malware DoS attacks
Using devices for crimes	Devices used as tools to commit other illegal activities	Phishing emails Cyberstalking Identity theft
Financial cybercrime	Crimes that target financial assets and transactions	Credit card fraud Ransomware
Invasion of privacy	Crimes focused on unauthorized access to personal data or spying on individuals	Data breaches Spyware

Types of Cybercrime

Cybercrime is a broad category that covers everything from identity theft to ransomware attacks. Here are the main types of cybercrimes you should watch out for.

1. DDoS Attacks

A distributed denial-of-service (DDoS) attack is a type of cyberattack that uses multiple compromised devices (often part of a botnet) to overwhelm a target server, network or website with excessive traffic. A denial-of-service (DoS) attack operates on a smaller scale, using a single source to flood the target with traffic. 

The goal of these attacks is to exhaust the target’s resources, causing it to slow down, crash or become completely unavailable. It’s similar to a crowd blocking the entrance to a building, making it impossible for anyone to get in or out, shutting down operations. 

DDoS attacks are often used to disrupt businesses, websites or entire networks for various reasons, including extortion, protest or sabotage. These attacks can have significant financial and reputational consequences for businesses and service providers.

2. Domain Squatting

Domain squatting, also known as cybersquatting, happens when someone registers a domain name that’s identical or very similar to a well-known brand, business or person, with no intention of using it for legitimate purposes. Instead, the squatter typically tries to sell it back at an inflated price or uses it to mislead visitors.

Domain squatting is illegal in the U.S. under the Anticybersquatting Consumer Protection Act (ACPA) of 1999 because it exploits the reputation of others and can trick users into scams, fake sites or phishing attempts. Think of it like someone stealing your house number and putting it on their front door to confuse visitors — it’s deceptive and risky..

3. Botnets

Botnets are networks of compromised computers that are controlled by remote hackers. The hackers use botnets to send spam or attack other computers. Botnets can also function as malware and perform malicious tasks.

4. Identity Theft

Identity theft occurs when a cybercriminal gains access to your personal information to steal funds, access confidential information or commit tax or health insurance fraud. They can also use your name to open a phone or internet account, perform a criminal activity or claim government benefits. 

Cybercriminals may accomplish identity theft by hacking to uncover your passwords, retrieving personal information from social media or sending phishing emails.

5. Cyberstalking/Cyberbullying

Cyberstalking is the use of the internet, social media, email or other digital platforms to persistently harass, threaten or intimidate someone. Unlike traditional stalking, cyberstalking allows the perpetrator to invade someone’s life remotely, often anonymously, making it harder to track or stop.

Cyberstalkers may engage in various harmful behaviors, such as:

• Sending threatening or abusive messages
• Spreading false information or rumors about you
• Hacking into personal accounts or devices to gather information
• Tracking your online activity or using social media to monitor your whereabouts

The intent is usually to cause emotional distress, fear or embarrassment. In some cases, cyberstalking can escalate to physical stalking, making it a serious crime. Many countries have laws in place to protect individuals from this type of online harassment.

Cyberbullying, on the other hand, typically targets children or teenagers and involves repeated insults, humiliation or exclusion online. While it may not always include threats, it can still have severe emotional effects. Sometimes cyberbullying crosses into criminal behavior, but laws vary by state, and the U.S. has no federal law against it.

6. Social Engineering

Social engineering involves cybercriminals making direct contact with you, often by phone or email, to gain your trust. They usually pose as a customer service agent so you’ll divulge sensitive information, such as a password, your employer or banking details. 

Cybercriminals may research you online and attempt to add you as a friend on social media. Once they access an account, they can sell your information or secure accounts in your name.

7. PUPs

PUPs are a type of malware, but they are generally less dangerous than other cybercrimes. Instead of stealing sensitive data or locking your files, PUPs typically slow down your device, display unwanted ads or modify system settings, such as changing your default search engine or uninstalling preinstalled apps. 

That said, some PUPs can include spyware or adware, so it’s wise to use antivirus software and carefully review downloads to avoid accidentally installing them.

8. Trojans

Trojans are a type of malware that disguise themselves as harmless files, apps or software to trick you into installing them. Once inside your system, they can steal data, give hackers access or download more malicious programs.

Often mistakenly called “viruses,” Trojans don’t spread on their own — they rely on tricking you into letting them in. Think of them like a delivery package that looks normal but hides a burglar inside.

9. Phishing

Phishing is a type of cybercrime where attackers pose as legitimate organizations or individuals to trick you into revealing sensitive information, such as passwords, credit card numbers or personal identification details. This is often done through deceptive emails, text messages or fake websites that appear trustworthy.

10. Cryptojacking

Cryptojacking occurs when hackers secretly use your computer, phone or smart device to mine cryptocurrency without your consent. They do this by running hidden code that drains your processing power and electricity.

The biggest threat isn’t stolen data but stolen resources — your system slows down and overheats, and your energy bills can rise while criminals pocket the profits. It’s like someone plugging their electric car into your outlet every night without asking.

11. Prohibited/Illegal Content

This cybercrime involves cybercriminals sharing and distributing inappropriate, highly distressing and offensive content. 

• Offensive content includes sexual activity between adults, videos depicting intense violence and recordings of criminal activity. 
• Illegal content includes materials advocating terrorism-related acts and child exploitation. 

This type of content exists both on the everyday internet and on the dark web. These threats underscore the importance of internet safety for kids, especially with more children using TikTok and other social platforms at a young age.

12. Online Scams

Online scams usually appear in the form of ads or spam emails offering rewards or unrealistic amounts of money. They are designed to entice users into clicking, which can lead to malware infections that compromise personal information.

13. Exploit Kits

Exploit kits need a vulnerability — essentially a bug in the software code — to gain control of your computer. They are ready-made tools that cybercriminals can buy online and use against anyone with a computer. Exploit kits are regularly upgraded, much like standard software, and are available on dark web hacking forums.

14. Ransomware Attacks

Ransomware attacks are a form of cybercrime where malicious software encrypts files or entire systems, rendering them inaccessible. The attackers then demand a ransom, usually in cryptocurrency, in exchange for the decryption key that will allow the victim to regain access to their data.

These attacks can have severe consequences, including substantial financial loss, permanent data loss and reputational damage for businesses. 

Cybercrime Statistics

Cybercrime has significantly impacted the economies of many nations. According to  IBM’s Cost of a Data Breach Report 2025, the global average cost of a data breach is $4.4 million. 

Here are some other notable statistics from the FBI’s recent Internet Crime Report:

• • In 2024, the FBI’s Internet Crime Complaint Center (IC3) received 859,532 complaints of internet crime, highlighting the increasing scale of online threats.
  • Reported financial losses from cybercrime exceeded $16.5 billion in 2024, marking a 33% increase compared to 2023.
  • The most frequently reported cybercrimes were phishing and spoofing, extortion and personal data breaches, showing the prevalence of social engineering and data theft.
  • Victims aged 60 and older experienced the highest financial losses — totaling nearly $5 billion — and also filed the most complaints of any age group.
  • The states with the highest number of cybercrime complaints were California, Texas and Florida, demonstrating the widespread impact of these issues across large populations.
  • Since its establishment in 2000, the IC3 has compiled over 9 million complaints from the public, providing valuable data that law enforcement uses to track and fight internet-enabled crimes.

Emerging Cybercrime Trends for 2025

Cybercrime is evolving rapidly, fueled by new technologies, shifting tactics and changing motivations among criminals. Attackers are finding new ways to exploit vulnerabilities in businesses, governments and individuals. Here are some critical trends shaping the landscape in 2025.

The Rise of AI-Powered Attacks

Criminals are using AI to generate convincing phishing emails, create deepfake videos and carry out synthetic identity theft. Adaptive malware can even adjust in real time to evade detection. Compared to just a few years ago, AI-driven attacks have surged, making them one of the fastest-growing cybercrime tactics.

Double Extortion and Multi-Stage Ransomware 

Modern ransomware now goes beyond encrypting data. Attackers also steal sensitive files and threaten to leak them, forcing victims to pay for both decryption and privacy. Some campaigns even involve multiple ransom demands at different stages of the attack.

Supply Chain and Remote Work Risks

Weaknesses in third-party vendors and remote work infrastructure are prime targets. High-profile attacks on software providers demonstrate how one breach can ripple across thousands of businesses. Remote endpoints, which are often less secure, remain a favorite entry point for criminals.

Expansion of IoT/Edge Attacks, 5G and Quantum Threats

Every internet-connected device — from smart home gadgets to medical equipment — can be a target for hackers. Even devices like cameras, thermostats or wearables could be exploited if they’re not properly secured. The rollout of 5G networks makes it easier for billions more devices to connect at high speed, but this also creates a much larger attack surface for cybercriminals.

Looking ahead, quantum computers could one day crack the encryption that safeguards our online data today. To prepare for this, experts are developing post-quantum cryptography, which aims to provide stronger encryption that can withstand attacks from these future supercomputers.

Insider Threats and Hybrid Work Vulnerabilities

Employees, contractors and remote workers are an increasing source of data breaches — sometimes by accident, sometimes intentionally. Behavioral analytics, data loss prevention (DLP) tools and zero-trust security frameworks are becoming essential defenses.

Cybercrime-as-a-Service (CaaS)

Cybercrime-as-a-Service (CaaS) is an underground business model where criminals sell ready-made attack tools — like ransomware kits, phishing kits, exploit bundles and botnets — often on a subscription or pay-per-use basis. This crime economy democratizes cybercrime, letting even low-skilled attackers launch sophisticated campaigns for a fee.

Real-world CaaS examples:

• LockBit: Responsible for 10% of all publicly reported ransomware attacks in 2024, earning over $200 million in ransom payments
• BlackCat/ALPHV: Carried out the Change Healthcare attack in early 2024, exposing data from 192+ million Americans and collecting a $22 million ransom

How to Protect Yourself Against Cybercrimes

Protecting yourself against cybercrimes can feel daunting, but it’s quite simple. By taking proactive steps, you can significantly reduce your risk of falling victim to these attacks.

1

Be vigilant when browsing websites: Always pay attention to the website’s URL and look for indicators of security, such as “https://” and a padlock icon. This can help you avoid phishing sites and other malicious platforms.

2

Flag and report suspicious emails: If you receive emails that seem unusual or ask for personal information, report them to your email provider. Taking this action helps protect you and others from potential scams.

3

Never click on unfamiliar links or ads: Unknown links can lead to malware infections or phishing attempts. Always hover over links to check their legitimacy before clicking, and avoid clicking on anything that looks suspicious.

4

Use a VPN whenever possible: A virtual private network (VPN) encrypts your internet connection, making it harder for cybercriminals to intercept your data, especially on public Wi-Fi networks.

5

Ensure websites are legitimate before sharing information: Before entering any personal information, verify the website’s credibility. Look for reviews or use reputable sources to confirm its legitimacy.

6

Keep antivirus software up-to-date: Regular updates to your antivirus software help protect your devices from the latest threats by detecting and removing malware before it causes harm.

7

Use strong passwords and 2FA authentication: Create complex passwords that are hard to guess, and enable two-factor authentication (2FA) wherever possible for an added layer of security. This makes it more difficult for attackers to gain access to your accounts.

 

 

Staying vigilant and implementing protective measures is essential to safeguard against cybercrimes. For comprehensive security, consider using Panda Dome antivirus, which offers robust protection against various threats.

Cybercrime Prevention FAQ

What Are the Most Common Types of Cybercrime to Watch For?

Some of the most common examples of cybercrime include:

• Phishing scams (fake emails or messages intended to steal data)
• Malware and ransomware (malicious software that infects devices)
• Identity theft (using stolen personal info to commit fraud)
• Online fraud (like fake shopping sites or job scams)
• Social engineering attacks (tricking people into revealing sensitive info)

If you’re online, you’re a potential target, so staying alert matters.

How Does Social Engineering Differ From Hacking in Cybercrime?

Social engineering relies on manipulating people, not technology. Think of it as psychological trickery, like pretending to be tech support to get your password. Hacking, on the other hand, involves exploiting technical flaws in systems or software to gain unauthorized access, steal data or cause damage. 

Why Is Ransomware Considered One of the Most Dangerous Cyber Threats?

Ransomware locks down your files and holds them hostage, often without any guarantee you’ll get them back — even if you pay the ransom. Ransomware can paralyze hospitals, shut down businesses and cause massive financial damage in minutes. It’s fast, costly and ruthless, which makes it one of the most dangerous cyber threats out there.

What Is the Fastest-Growing Type of Cybercrime?

Ransomware is currently the fastest-growing type of cybercrime. Experts predict it could cost victims around $275 billion annually by 2031, with a new attack occurring roughly every two seconds as criminals continually refine their malware and extortion tactics.

What Role Does AI Play in Cybercrime?

Cybercriminals are increasingly using AI to make attacks more convincing and scalable, from generating deepfakes to crafting highly personalized phishing messages. AI can also assist in automating reconnaissance, vulnerability scanning and even writing malicious code, lowering the skill level needed to launch complex attacks.

Are Remote Workers More Vulnerable to Certain Types of Cybercrime?

Yes, remote workers tend to be more exposed to risks like phishing, account takeovers and malware infections. Contributing factors include weaker device security, the use of unsecured home or public Wi-Fi and unvetted personal devices. Additionally, remote workers usually lack immediate oversight or corporate-grade network protections, making it easier for attackers to exploit security gaps.

The post 14 Types of Cybercrime + How to Prevent Them appeared first on Panda Security Mediacenter.