If you have FaceTime enabled you can be evesdropped on without your consent. A user simply calls you with FaceTime and before you answer they add themselves as a caller. They can instantly hear your phone without you knowing or having the option to stop it. If you attempt to it may transmit video. Simple solution though is to just go to Settings / FaceTime and disable it until the patch comes out later this week. Read about it here: https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html Or basically anyplace on the net right now.
AIM will be discontinued on December 15, 2017
A long used service to be shutdown in less than 2 weeks. AIM or AOL Instant Messenger is closing down after about 20 years. You can read more about it at the link below. There are many other options now including SMS or Text messages. Still, it will be missed…
Read more about the shutdown of AIM and what it means for you.Source: AIM will be discontinued on December 15, 2017
Apple macOS High Sierra flaw allows admin access without password – Nov. 28, 2017
The bug affects macOS High Sierra users.Source: Apple macOS High Sierra flaw allows admin access without password – Nov. 28, 2017
Think your Apple iPhone is immune from Attack?
Your (Fill in name of device here) is Not immune from attack. Even the iPhone. There are many vectors for attacking an iPhone. One that uses WiFi (scary) was recently patched. Update your iOS Device now. The iPhone is still my phone of choice and is much less susceptible to attack than say Android. But it like any other platform is still subject to attack. So the saying “semper vigilans” is a good rule where technology is concerned. Don’t trust unknown sources, networks, people, devices, cables, etc. This means Don’t let people play with your phone, don’t give out your pin, don’t connect to that Free hotspot, don’t plug into some unknown charging cable/port and ALWAYS stay up to date on your patches. If you don’t patch the holes that the experts work so hard to plug just become a bullseye for those looking for a weakness. Each flaw gets published and when it’s not repaired it’s almost a road map of how to compromise your device. Here are a few articles to get you started. the Register: No one still things iOS is invulnerable to malware, right? CBSNews about the WiFi Exploit: If you use Wi-Fi on your iPhone or iPad, get this security update
Stand up for your Right to Repair.
New(ish) Facebook Phishing Scam
If you are viewing a post from a mobile device pay close attention to the URL. A new(ish) exploit method simply uses a bunch of — (Dashes) to obscure part of the address. The article specifies Facebook but this same technique would work with other sites as well. The key is to be ever vigilant. Read more here: https://www.techworm.net/2017/06/facebooks-new-phishing-scam-pads-urls-hyphens.html
Exploit of Microsoft Master File Table
A Bug allows a malicious website or link to crash Windows 7 and 8.1 computers. The Temporary Solution? Use Chrome to Browse the net, not Internet Explorer (IE) or FireFox as both are susceptible. Read more below on the Register. Master File Table Exploit
WannaCry? If you get hit with this Ransomware you might want to.
In case you haven’t heard (if you follow our Blog or Facebook page you should have) there is some fallout from the NSA hacking tools being leaked. At least allegedly. Our WebRoot customers are covered and our IDMax customers have been updated. Are you one? If not contact us and stay protected. The ‘new’ Ransomware has been wreaking havoc, causing outages, effecting Hospitals, telecoms and business in the UK, Russia, Tiawan and elsewhere. Microsoft has put out patches for it’s operating systems as well as offering some patches for it’s older XP and 2003 OS even though it discontinued support for them sometime ago. Read More: Here on NetworkWorld, Here on ZDNet.com, More here on ZDNet.com including links to the Patches for Older OS (XP/2003)
NSA Toolkit is now in the wild.
As I have said many times undisclosed vulnerabilities make EVERYONE susceptible to exploits. In an attempt to extort money, a group know as Shadow Brokers has acquired a bunch of hacking tools used by the NSA (and others?). These are a bit dated, but still very effective on Windows 7 to 2012. When no one would pay the hush money they demanded they decided to just start releasing them to the public. So now unpatched systems or ones with no current patch available can be fairly easily exploited. In layman terms someone you don’t like could have complete access to your computer. Install or run any software they wanted including key loggers, monitoring software, viruses or just download or delete your files. That’s not all either. Think you’re safe behind your firewall? There are also exploits for Cisco and VPN technologies. Read more on The Register. Remember to patch your systems or have us do it for you.
Device infected within minutes of plugging it in.
I remember way back to the Nimda virus. I had a client get infected within a minute of connecting it to the internet. He had an unpatched system and was connecting it to download the service pack that eliminated this particular exploit. Rather than download the patch to a system that was already safe, he thought he’d save time and download it directly to the unpatched system. The issue in his case was he was leaving shiny new bike unlocked while going into the store to buy a lock. You might be lucky, but on the internet everywhere is a bad neighborhood. In short, DO NOT connect ANY device to the internet before you at least change it’s default password. DO NOT connect it directly unless it itself is a firewall/router, do it behind a firewall and if you are unfamiliar with any of this call the company’s toll free support number just to be safe. Or call us of course. Read more on this story on NetworkWorld below: IoT security camera infected within 98 seconds of plugging it in