If you have FaceTime enabled you can be evesdropped on without your consent. A user simply calls you with FaceTime and before you answer they add themselves as a caller. They can instantly hear your phone without you knowing or having the option to stop it. If you attempt to it may transmit video. Simple solution though is to just go to Settings / FaceTime and disable it until the patch comes out later this week. Read about it here: https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html Or basically anyplace on the net right now.
As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants
In this New York Times article they discuss FaceBook sharing your personal information with 3rd parties. This is probably not a surprise to anyone in IT, but you may not realize how much data they share and with whom. Two of the companies have links to the Russian and Chinese government. You may not care if Microsoft has your info or Apple, but how do you feel about a Russian search engine being able to tell who & what you like, where you are and even possibly information in private messages. All while trying to effect the outcome of a presidential election. In their research the NYT finds that permissions were given above what was needed and they weren’t monitored or rescinded when there was no longer a need. I encourage you to read more on the link below.
Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed.Source: As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants
Facebook breach put data of 50 million users at risk
The Breach didn’t compromise passwords, but was related to a secure token allowing someone to convince Facebook they were you. It also effected some other apps that use Facebooks services. Read more on the CNet link below.
The vulnerability had to do with the social network’s “view as” feature.Source: Facebook breach put data of 50 million users at risk
Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
The Hacker News reports a serious flaw in Outlook that has exited since 2016 and took about 18 months to patch is only a partial fix. Users even after the patch can still be compromised. Read more at the link below or contact us for help securing your network.
An information disclosure vulnerability (CVE-2018-0950) has been discovered in Microsoft Outlook that could allow hackers to steal Windows users’ login credentials.Source: Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
Intel and AMD CPU Vulnerability / Meltdown and Spectre
Teams of software experts have discovered a bug in both Intel and AMD processors that can allow malicious code access to confidential information. Some patches are currently available, but not all aspects are fixable at the moment. This issue is serious and effects Microsoft Windows, Apple MacOS and Linux as well as as mobile devices Apple iOS and Google ChromeBooks. Basically anything with an Intel or AMD effected CPU. Keep up to date on your patches, Retire old Out of Service Operating systems. Yes people are still using XP, 2003, etc. It’s time for them to go away finally. No patches will come out for older OS making them just huge targets. Keep your OS and AV up to date or just ask us about RMM and WebRoot. Read more in the links below. https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/
FCC douses America’s net neutrality in gas, tosses over a lit match
FCC chairman mocks REAL concerns shared by millions. Pushes through damaging policies that remove protections established to ensure unobstructed access to internet resources and fair competition in the market. Making it even easier for local monopolistic internet providers to restrict/charge or cripple the competition. Yes, it’s that serious.
Watchdog’s clown, er, chairman debases policymaking in the United StatesSource: FCC douses America’s net neutrality in gas, tosses over a lit match
AIM will be discontinued on December 15, 2017
A long used service to be shutdown in less than 2 weeks. AIM or AOL Instant Messenger is closing down after about 20 years. You can read more about it at the link below. There are many other options now including SMS or Text messages. Still, it will be missed…
Read more about the shutdown of AIM and what it means for you.Source: AIM will be discontinued on December 15, 2017
Apple macOS High Sierra flaw allows admin access without password – Nov. 28, 2017
The bug affects macOS High Sierra users.Source: Apple macOS High Sierra flaw allows admin access without password – Nov. 28, 2017
Some new Mac Malware found in Eltima Software
If you have any Eltima Software installed on your Mac, you may have some Malware along with it. This is another legitimate piece of software that Hackers have managed to sneak in some malicious code. Remember recently CCleaner suffered the same fate. Look for the existence of any of these files: /tmp/Updater.app/ /Library/LaunchAgents/com.Eltima.UpdaterAgent.plist /Library/.rand/ /Library/.rand/updateragent.app/ Read the full article on the Register (link below) http://www.theregister.co.uk/2017/10/20/mac_os_reinstall_eltima_elmedia_malware/ This proves that you can do everything as securely as possible and still get compromised from a “Trusted” source. Safe computing, and ALWAYS have a reliable trusted AntiVirus software installed. We Recommend WebRoot.
Think your Apple iPhone is immune from Attack?
Your (Fill in name of device here) is Not immune from attack. Even the iPhone. There are many vectors for attacking an iPhone. One that uses WiFi (scary) was recently patched. Update your iOS Device now. The iPhone is still my phone of choice and is much less susceptible to attack than say Android. But it like any other platform is still subject to attack. So the saying “semper vigilans” is a good rule where technology is concerned. Don’t trust unknown sources, networks, people, devices, cables, etc. This means Don’t let people play with your phone, don’t give out your pin, don’t connect to that Free hotspot, don’t plug into some unknown charging cable/port and ALWAYS stay up to date on your patches. If you don’t patch the holes that the experts work so hard to plug just become a bullseye for those looking for a weakness. Each flaw gets published and when it’s not repaired it’s almost a road map of how to compromise your device. Here are a few articles to get you started. the Register: No one still things iOS is invulnerable to malware, right? CBSNews about the WiFi Exploit: If you use Wi-Fi on your iPhone or iPad, get this security update