If you have FaceTime enabled you can be evesdropped on without your consent. A user simply calls you with FaceTime and before you answer they add themselves as a caller. They can instantly hear your phone without you knowing or having the option to stop it. If you attempt to it may transmit video. Simple solution though is to just go to Settings / FaceTime and disable it until the patch comes out later this week. Read about it here: https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html Or basically anyplace on the net right now.
Time for Samsung users to switch to iPhone? It’s a scary headline that random pics from your phone can be sent to random people in your contacts. Still scary that you don’t know unless that person tells you. I would consider this a HUGE security issue. Many people keep confidential information in their phone as pics, including things like credit cards or passwords, not to mention personal pics. Samsung phones are spontaneously texting users’ photos to random contacts without their permission – The Verge
Teams of software experts have discovered a bug in both Intel and AMD processors that can allow malicious code access to confidential information. Some patches are currently available, but not all aspects are fixable at the moment. This issue is serious and effects Microsoft Windows, Apple MacOS and Linux as well as as mobile devices Apple iOS and Google ChromeBooks. Basically anything with an Intel or AMD effected CPU. Keep up to date on your patches, Retire old Out of Service Operating systems. Yes people are still using XP, 2003, etc. It’s time for them to go away finally. No patches will come out for older OS making them just huge targets. Keep your OS and AV up to date or just ask us about RMM and WebRoot. Read more in the links below. https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/
The bug affects macOS High Sierra users.Source: Apple macOS High Sierra flaw allows admin access without password – Nov. 28, 2017
If you have any Eltima Software installed on your Mac, you may have some Malware along with it. This is another legitimate piece of software that Hackers have managed to sneak in some malicious code. Remember recently CCleaner suffered the same fate. Look for the existence of any of these files: /tmp/Updater.app/ /Library/LaunchAgents/com.Eltima.UpdaterAgent.plist /Library/.rand/ /Library/.rand/updateragent.app/ Read the full article on the Register (link below) http://www.theregister.co.uk/2017/10/20/mac_os_reinstall_eltima_elmedia_malware/ This proves that you can do everything as securely as possible and still get compromised from a “Trusted” source. Safe computing, and ALWAYS have a reliable trusted AntiVirus software installed. We Recommend WebRoot.
Your (Fill in name of device here) is Not immune from attack. Even the iPhone. There are many vectors for attacking an iPhone. One that uses WiFi (scary) was recently patched. Update your iOS Device now. The iPhone is still my phone of choice and is much less susceptible to attack than say Android. But it like any other platform is still subject to attack. So the saying “semper vigilans” is a good rule where technology is concerned. Don’t trust unknown sources, networks, people, devices, cables, etc. This means Don’t let people play with your phone, don’t give out your pin, don’t connect to that Free hotspot, don’t plug into some unknown charging cable/port and ALWAYS stay up to date on your patches. If you don’t patch the holes that the experts work so hard to plug just become a bullseye for those looking for a weakness. Each flaw gets published and when it’s not repaired it’s almost a road map of how to compromise your device. Here are a few articles to get you started. the Register: No one still things iOS is invulnerable to malware, right? CBSNews about the WiFi Exploit: If you use Wi-Fi on your iPhone or iPad, get this security update
Cisco Talos today warned of a flaw in the X.509 certificate validation feature of Apple macOS and iOS that could let an attacker remotely execute code and steal information.Source: Cisco Talos warns of Apple iOS and MacOS X.509 certificate flaw
A zero day hack has been used against a human rights activist. In this case it was unsuccessful because rather than clicking on the link, he did what you should do, he forwarded it to security experts that uncovered the exploit. Read more about it on Network World here: NetworkWorld iOS Zero Day Hack Found
You may already have heard about this. If not, read more below. In Any event, get ready for some serious/critical patches in the near future. Adobe Flash has a significant number of Vulnerabilities so bottom line, if you don’t need it on your computer Don’t Install it or Uninstall it and you have one less source of stress. Unless you are one of the fortunate (#Sarcasm) that needs it for some mission critical software you use. In that case. My heart felt condolences and contact us about keeping up to date.
Adobe is working on an emergency patch for its Flash Player after attackers are reportedly exploiting a critical flaw.Source: Adobe to issue emergency patch for Flash vulnerability
Wondering about Padlock? You should! It’s touted as a “Serious Flaw” in SMB variations of which are used in Linux, Windows and yes even Mac. What does the flaw exactly do? We don’t know that yet. But the company that discovered the flaw has also been writing the effected code for the last decade. So the question is… Are they just finding one of their own mistakes now and using it as a marketing tool to draw more business. Either way, we won’t know until the details are released on April 12th. No word on wether or not software manufactures will have the patch available by then though. Read more on Wired Below.
A web site and logo created to draw attention to the mysterious bug is instead drawing criticism for the people who discovered the flaw.Source: Hype Around the Mysterious ‘Badlock’ Bug Raises Criticism