If you have FaceTime enabled you can be evesdropped on without your consent.  A user simply calls you with FaceTime and before you answer they add themselves as a caller.  They can instantly hear your phone without you knowing or having the option to stop it.  If you attempt to it may transmit video. Simple solution though is to just go to Settings / FaceTime and disable it until the patch comes out later this week. Read about it here: https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html Or basically anyplace on the net right now.    

In this New York Times article they discuss FaceBook sharing your personal information with 3rd parties.  This is probably not a surprise to anyone in IT, but you may not realize how much data they share and with whom.  Two of the companies have links to the Russian and Chinese government.  You may not care if Microsoft has your info or Apple, but how do you feel about a Russian search engine being able to tell who & what you like, where you are and even possibly information in private messages.  All while trying to effect the outcome of a presidential election.  In their research the NYT finds that permissions were given above what was needed and they weren’t monitored or rescinded when there was no longer a need.  I encourage you to read more on the link below.

  Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed.

Source: As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants

Another Data Breach.  Just a reminder that you cannot be to careful with your data.  More information on NBC News at the link below.

The breach could potentially be one of the largest in history, behind the hacking of about 3 billion Yahoo accounts.

Source: Marriott says data breach compromised info of up to 500 million guests

The Breach didn’t compromise passwords, but was related to a secure token allowing someone to convince Facebook they were you.  It also effected some other apps that use Facebooks services. Read more on the CNet link below.

The vulnerability had to do with the social network’s “view as” feature.

Source: Facebook breach put data of 50 million users at risk

Don’t trust inbound e-mails, phone calls, texts, etc.  People will say anything to trick you out of your money.  As a rule, change your passwords often.  Protect your passwords.  Don’t share them with anyone and don’t use the same ones on different accounts.  Keep your AV up to date.  We recommend WebRoot (ask us about it).  Cover your camera when not in use as a rule of thumb too. Read more about this scam at the link below. Source: Sextortion Scam Uses Recipient’s Hacked Passwords — Krebs on Security

Time for Samsung users to switch to iPhone?  It’s a scary headline that random pics from your phone can be sent to random people in your contacts.  Still scary that you don’t know unless that person tells you.  I would consider this a HUGE security issue.  Many people keep confidential information in their phone as pics, including things like credit cards or passwords, not to mention personal pics.

  Protect the nudes

Source: Samsung phones are spontaneously texting users’ photos to random contacts without their permission – The Verge

The Hacker News reports a serious flaw in Outlook that has exited since 2016 and took about 18 months to patch is only a partial fix. Users even after the patch can still be compromised. Read more at the link below or contact us for help securing your network.

  An information disclosure vulnerability (CVE-2018-0950) has been discovered in Microsoft Outlook that could allow hackers to steal Windows users’ login credentials.

Source: Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

Teams of software experts have discovered a bug in both Intel and AMD processors that can allow malicious code access to confidential information.  Some patches are currently available, but not all aspects are fixable at the moment.  This issue is serious and effects Microsoft Windows, Apple MacOS and Linux as well as as mobile devices Apple iOS and Google ChromeBooks.  Basically anything with an Intel or AMD effected CPU. Keep up to date on your patches, Retire old Out of Service Operating systems.  Yes people are still using XP, 2003, etc. It’s time for them to go away finally.  No patches will come out for older OS making them just huge targets. Keep your OS and AV up to date or just ask us about RMM and WebRoot. Read more in the links below. https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/  

FCC chairman mocks REAL concerns shared by millions. Pushes through damaging policies that remove protections established to ensure  unobstructed access to internet resources and fair competition in the market.  Making it even easier for local monopolistic internet providers to restrict/charge or cripple the competition.  Yes, it’s that serious.  

Watchdog’s clown, er, chairman debases policymaking in the United States

Source: FCC douses America’s net neutrality in gas, tosses over a lit match

The bug affects macOS High Sierra users.

Source: Apple macOS High Sierra flaw allows admin access without password – Nov. 28, 2017