If you have FaceTime enabled you can be evesdropped on without your consent.  A user simply calls you with FaceTime and before you answer they add themselves as a caller.  They can instantly hear your phone without you knowing or having the option to stop it.  If you attempt to it may transmit video. Simple solution though is to just go to Settings / FaceTime and disable it until the patch comes out later this week. Read about it here: https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html Or basically anyplace on the net right now.    

Another Data Breach.  Just a reminder that you cannot be to careful with your data.  More information on NBC News at the link below.

The breach could potentially be one of the largest in history, behind the hacking of about 3 billion Yahoo accounts.

Source: Marriott says data breach compromised info of up to 500 million guests

Time for Samsung users to switch to iPhone?  It’s a scary headline that random pics from your phone can be sent to random people in your contacts.  Still scary that you don’t know unless that person tells you.  I would consider this a HUGE security issue.  Many people keep confidential information in their phone as pics, including things like credit cards or passwords, not to mention personal pics.

  Protect the nudes

Source: Samsung phones are spontaneously texting users’ photos to random contacts without their permission – The Verge

Teams of software experts have discovered a bug in both Intel and AMD processors that can allow malicious code access to confidential information.  Some patches are currently available, but not all aspects are fixable at the moment.  This issue is serious and effects Microsoft Windows, Apple MacOS and Linux as well as as mobile devices Apple iOS and Google ChromeBooks.  Basically anything with an Intel or AMD effected CPU. Keep up to date on your patches, Retire old Out of Service Operating systems.  Yes people are still using XP, 2003, etc. It’s time for them to go away finally.  No patches will come out for older OS making them just huge targets. Keep your OS and AV up to date or just ask us about RMM and WebRoot. Read more in the links below. https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/  

If you have any Eltima Software installed on your Mac, you may have some Malware along with it.  This is another legitimate piece of software that Hackers have managed to sneak in some malicious code.  Remember recently CCleaner suffered the same fate. Look for the existence of any of these files: /tmp/Updater.app/ /Library/LaunchAgents/com.Eltima.UpdaterAgent.plist /Library/.rand/ /Library/.rand/updateragent.app/ Read the full article on the Register (link below) http://www.theregister.co.uk/2017/10/20/mac_os_reinstall_eltima_elmedia_malware/ This proves that you can do everything as securely as possible and still get compromised from a “Trusted” source. Safe computing, and ALWAYS have a reliable trusted AntiVirus software installed.  We Recommend WebRoot.

CCleaner a widely used utility was hacked opening a backdoor and allowing Malware to be attached to some seemingly legitimate versions of the software. As a precaution to our clients (Those under our IDMax protection) we set a global removal of any older versions. There are updated versions that are not susceptible and the 64Bit versions are not effected by this specific issue.   If you would like more info read below: Forbes – Hackers Hid Backdoor Avast Blog Response / Update  

Your (Fill in name of device here) is Not immune from attack.  Even the iPhone.  There are many vectors for attacking an iPhone.  One that uses WiFi (scary) was recently patched.  Update your iOS Device now.  The iPhone is still my phone of choice and is much less susceptible to attack than say Android.  But it like any other platform is still subject to attack.  So the saying “semper vigilans” is a good rule where technology is concerned.  Don’t trust unknown sources, networks, people, devices, cables, etc.   This means Don’t let people play with your phone, don’t give out your pin, don’t connect to that Free hotspot, don’t plug into some unknown charging cable/port and ALWAYS stay up to date on your patches.  If you don’t patch the holes that the experts work so hard to plug just become a bullseye for those looking for a weakness.  Each flaw gets published and when it’s not repaired it’s almost a road map of how to compromise your device. Here are a few articles to get you started. the Register: No one still things iOS is invulnerable to malware, right? CBSNews about the WiFi Exploit: If you use Wi-Fi on your iPhone or iPad, get this security update

A Bug allows a malicious website or link to crash Windows 7 and 8.1 computers. The Temporary Solution? Use Chrome to Browse the net, not Internet Explorer (IE) or FireFox as both are susceptible. Read more below on the Register. Master File Table Exploit

In case you haven’t heard (if you follow our Blog or Facebook page you should have) there is some fallout from the NSA hacking tools being leaked.  At least allegedly.   Our  WebRoot customers are covered and our IDMax customers have been updated.  Are you one?  If not contact us and stay protected. The ‘new’ Ransomware has been wreaking havoc, causing outages, effecting Hospitals, telecoms and business in the UK, Russia, Tiawan and elsewhere. Microsoft has put out patches for it’s operating systems as well as offering some patches for it’s older XP and 2003 OS even though it discontinued support for them sometime ago.   Read More: Here on NetworkWorld, Here on ZDNet.com, More here on ZDNet.com including links to the Patches for Older OS (XP/2003)  

A zero day hack has been used against a human rights activist.  In this case it was unsuccessful because rather than clicking on the link, he did what you should do, he forwarded it to security experts that uncovered the exploit. Read more about it on Network World here:  NetworkWorld iOS Zero Day Hack Found