• iPhones and iPads can be attacked by malware, but risk is still low
    Recently I was contacted by a reader named Bob who owns an iPhone and an iPad, and is concerned about “malware or other nefarious schemes” showing up in iOS. The good news, for Bob and most iPhone and iPad owners, is that malware on iOS is practically nonexistent. There are always bugs that are found and exploited, which Apple has been quick to patch (so make sure your devices are running the latest security updates; go to Settings > General > Software Update to check). So far, the performance hit on Macs and iOS devices seems to be negligible. The play/pause that refreshes If you listen to music on your Mac, you may have run into an annoyance after installing macOS High Sierra: pressing a media key on the keyboard, such as the Play/Pause button, would not, in fact, play or pause the music playing from iTunes or Spotify. A friend who needed to just find the pixel dimensions of an image was surprised when I told her she could open it in Preview and choose Tools > Show Inspector (or press Command-I) to reveal that and other information about the file.Read More
  • Congressional emails could be the next target for hacks, time to bolster defenses
    While the election infrastructure is getting attention from the Department of Homeland Security, communication security remains the weak link and also something our elected officials have the power to improve today with minimal effort. Despite a remarkable laundry list of email-based attacks in just the recent years — the 2016 presidential campaign included — email still remains the primary means for distributing sensitive messages and documents, making congressional inboxes a target while also being the most difficult to secure. Modern cryptography and the increased power of our phones make it now possible for any high-target organization to rely on end-to-end encryption, once only accessible to security professionals, to protect communications. Unlike email, secure messaging tools ensure that the content of the message is protected between the trusted parties among congressional staff and never touches servers unencrypted. This means that high-value sensitive communications do not live on a central server, waiting to be hacked, but instead on the devices sending and receiving the information, with each message protected with a unique encryption key.Read More
  • Small businesses in Texas at rising risk of cyberattacks
    Photo: Bob Owen /San Antonio Express-News Image 1 of / 1 Caption Close Image 1 of 1 Large companies like Equifax, which suffered a massive data breach that exposed sensitive data on almost half of all U.S. consumers in July, are constantly at risk for cyberattacks. Large companies like Equifax, which suffered a massive data breach that exposed sensitive data on almost half of all U.S. consumers in July, are constantly at risk for cyberattacks. Photo: Bob Owen /San Antonio Express-News Small businesses in Texas at rising risk of cyberattacks 1 / 1 Back to Gallery The San Antonio obstetrics practices, both under the same parent company Consultants in Women’s Health, said a so-called keylogger virus was installed on their networks on June 5. The increasing threat has given rise to the need for cyber insurance for small companies — a type of protection once reserved for big corporations with significant IT budgets. Large companies like Equifax, which suffered a massive data breach that exposed sensitive data on almost half of all U.S. consumers in July, are constantly at risk for cyberattacks.Read More
  • Next gen aircraft ID system vulnerable, watchdog finds
    The public version of the report released by GAO didn't go into detail about those specifics, but since the technology -- known as Automatic Dependent Surveillance-Broadcast (ADS-B) Out -- uses an aircraft's avionics equipment to broadcast the aircraft's position, altitude and velocity to ground, air or space-based receivers, the potential for pirating those signals remains an unsolved problem, said the report. Since the technology's promise is in having it in all aircraft using domestic airspace, military aircraft have to be equipped also, which has for years concerned the Department of Defense and other agencies about the capabilities. With current technology, according to GAO, the public can track individual aircraft by receiving aircraft's ICAO address (which can include different codes such as aircraft type, as well as an aircraft's 24-bit electronic identification code), transponder or "Squawk" code as well as altitude though networked receivers that can use the data to calculate and identify the latitude and longitude of an aircraft's position.Read More
  • Forget viruses or spyware—your biggest cyberthreat is greedy currency miners
    Mr. Tech The practice of surreptitiously mining cryptocurrency on other people’s hardware is becoming pervasive, overtaking ransomware as a tool of choice for extorting money online. It shows that Coinhive, a piece of software that uses processing power on someone’s device in order to mine cryptocurrency, has become the most prevalent form of malware on the Internet. Steal enough, and you can make a lot (see “Hijacking Computers to Mine Cryptocurrency Is All the Rage”). “The problem,” explains Lotem Finkelstein, a threat intelligence analysis team leader at Check Point, “is that [cryptojacking is] simply everywhere—on websites, servers, PCs, and mobile.” Check Point says that it’s affected as many as 55 percent of organizations globally, while security researchers at Wandera claim instances on mobile devices increased by 287 percent between October and November of last year.Read More
  • Better Thermostat Passwords May Deter Cyber Attacks on Grid
    A key to preventing cyber attacks from crippling U.S. power grids could be changing passwords on Internet routers, wifi-connected thermostats and smart lawn-sprinklers. “A significant share” of Internet attacks result from unchanged factory default passwords on web-connected devices that allow hackers to break in and and install malware, according to a Jan. 18 report by the Advanced Energy Economy Institute. The institute, which pushes to make energy systems more secure, says manufacturers should program devices them so people are forced to change default passwords when they connect to the grid. Utilities also could deter attacks by requiring and issuing software keys to protect connected device.Read More
  • NSA deleted surveillance data it pledged to preserve
    However, the NSA told U.S. District Court Judge Jeffrey White in a filing on Thursday night and another little-noticed submission last year that the agency did not preserve the content of internet communications intercepted between 2001 and 2007 under the program Bush ordered. “The NSA sincerely regrets its failure to prevent the deletion of this data,” NSA’s deputy director of capabilities, identified publicly as “Elizabeth B.,” wrote in a declaration filed in October. “NSA senior management is fully aware of this failure, and the Agency is committed to taking swift action to respond to the loss of this data.” In the update Thursday, another NSA official said the data were deleted during a broad, housecleaning effort aimed at making space for incoming information.Read More
  • DHS Contract Aims To Make Sharing Cyber Threat Data Easier Than Ever
    The Homeland Security Department wants to make it easier for cybersecurity researchers around the world to track down the information they need to solve emerging threats. The DHS Science and Technology Directorate awarded California-based tech firm Inferlink a $750,000 contract to build advanced search functions into one of the agency’s key cyber research databases. Researchers from government, academia and the private sector use the Information Marketplace for Policy and Analysis of Cyber-risk & Trust portal to share resources and work together to solve the latest online security issues. “Ensuring researchers have the most relevant information and data will greatly strengthen their ability to pinpoint emerging cybersecurity issues and speed development of new solutions,” said Douglas Maughan, director of S&T’s cybersecurity division, in a statement. “With an enhanced search function, IMPACT will deliver to these researchers more relevant data and timely informational resources they can use to make key decisions in all phases of their research.”Read More
  • British hacker arrested for cyberattacks against Pokemon, Google, and Skype.
    January 19, 2018 British hacker arrested for selling malware and launching cyberattacks against Pokemon, Google, and Skype. A British computer hacker was arrested on charges stemming from launching thousands of cyber-attacks against firms, including Pokemon, Google and Skype. Alex Bessell, 21, of Aigburth, Liverpool, U.K., was convicted at Birmingham Crown Court of other offenses, including money laundering after police raided his home and found that Bessell had seized remote control of at least 9,083 computers, without their owner's permission, to create a massive botnet, according to the BBC. Bessell reportedly admitted to nine charges at an earlier court appearance. Bessell reportedly created a company, called Aiobuy, on the dark web to sell malware that would allow its users to conduct their own attacks and steal data all under the guise of a false address to give his company a legitimate status. Authorities said he made more than £50,000 in proceeds from selling the malware and that his site advertised 9,077 items, had 1,000,000 recorded visitors, and more than 34,000 sales.Read More
  • Traps Prevents Microsoft Office Equation Editor Zero-Day CVE-2017-11882
    Last November, Microsoft manually patched a remotely exploitable vulnerability (CVE-2017-11882) in Equation Editor, which is a program that lets you write a mathematical equation into a document. Since then, Microsoft has received additional reports from multiple security vendors that turned out to be related to another vulnerability that was successfully exploited after applying Microsoft’s update – Microsoft assigned it as CVE-2018-0802 and released a fix for it in the January 2018 monthly security updates. In this blog, we look at an RTF document which we found in the wild that exploits the new FONT record vulnerability. This means that attackers were actively exploiting the CVE-2018-0802 in a zero-day attack scenario prior to Microsoft’s patch which was only available on January 9. It first prevents the malicious shellcode running in ‘EQNEDT32.exe’ using Traps exploit prevention capabilities. Learn more about how Traps prevents zero-day vulnerabilities and unknown threats.Read More