Checklist 153: Grades and Zeroes and Dumb Shoes

On this edition of The Checklist: Grading the Siri “grading” situation, Project Zero’s “iPhone Hack”, and Making the case for shoes that aren’t that smart

5 Ways to Improve Cybersecurity in Schools

As we talked about in part 1 of this piece, the issue of cybersecurity in schools is significant—and doesn’t seem to be getting better.

So what steps can individual parents and concerned adults take to address such a huge problem? 

Here are 5 things you can do to help make schools more secure:

article span.backnum { font-family:”Open Sans”, sans-serif; font-size: 10rem; opacity: 0.3; line-height: 1; position:absolute; left: 1rem; top: 0;}
article ol.lg{list-style-type: none;}
article ol.lg li {padding-left: 9rem; position: relative; margin-left: 0;}
@media screen and (max-width: 39.9875em){
article ol.lg li {padding-left: 5rem;}
article span.backnum { font-family:”Open Sans”, sans-serif; …

CrescentCore

Type:
Malware

Platform:
Mac OS X

Last updated:
07/01/19 7:45 pm

Threat Level:
High

Description

CrescentCore is a trojan horse disguised as an Adobe Flash Player installer. The installer comes on a .dmg file: the same kind of disk image file that can be used to install a legitimate application. The malicious file is served to unsuspecting users as a download on infected websites. First discovered in June 2019, researchers have found CrescentCore on illegal filesharing sites as well as on websites appearing in high-ranking Google search results.

CrescentCore is notable for its sophisticated anti-detection features. Once downloaded, the malware …

KeyStealDaemon

• • Type:
  • Malware
• • Platform:
  • Mac OS X
• • Last updated:
  • 07/01/19 7:40 pm
• • Threat Level:
  • High

Description

KeyStealDaemon is malware that tries to steal passwords stored in Keychain in unpatched versions of macOS.

KeyStealDaemon Threat Removal

MacScan can detect and remove KeyStealDaemon Malware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

A teacher’s guide to cybersecurity in the classroom

It seems like cybersecurity issues are in the news all the time. From data breaches at major financial institutions to ransomware attacks on city governments, scarcely a week goes by without another disturbing story of digital disaster.

Checklist 152: Sharing is Scaring

On this edition of The Checklist: Convenience versus privacy on Yelp, Tips for staying digitally safe on campus, and Everybody needs to update their everything!

Do schools have a cybersecurity problem?

We often think of financial institutions, corporations, and governments as the primary targets of cyberattacks. But are schools at risk as well?

The answer, unfortunately, is yes—and the problem is growing.

In this two-part article, we’ll provide you with an overview of the problem, as well as some actionable ideas for dealing with it.

The changing face of education

With state and local education budgets stretched thin, and faced with the challenges of preparing students for an increasingly tech-centric job market, school districts across the country have embraced technological solutions that promise to do …

7 Cybersecurity Tips for College Freshmen

Each fall, millions of college freshmen hit the nation’s campuses to begin some of the most important years of their lives.

The Great iOS Jailbreak of 2019—and why you should update to 12.4.1 right now!

Apple has just released a patch to fix the issue discussed below. If you don’t have automatic updates enabled, take a second to update to iOS 12.4.1 now.

Apple AirDrop Vulnerability Broadcasts User Phone Numbers to Potential Attackers

iPhone users who frequently use the AirDrop feature to share images, videos, or other files may unwittingly be broadcasting their phone numbers to people nearby. According to a recent Ars Technica report, a hacker would need to have a laptop and a “wireless packet sniffer” dongle to exploit the vulnerability. Armed with those components, a security researcher testing the proof-of-concept software designed to exploit the vulnerability was able to see “details of more than a dozen iPhones and Apple Watches that were within radio range” and use this information to …

Checklist 151: Too Close for Security Comfort

This week on the Checklist podcast, we’ll talk about how to deal with security risks that come from those closest to you (literally). We’ll take you through some bad iOS news from the past week, and also discuss how it relates to a larger issue related to mobile security. And finally, we revisit a familiar topic—passwords—and tell you about some newly released Google research that probably means we’ll have to keep talking about passwords for the foreseeable future. Here’s our weekly Checklist:

Protecting your data from the people – literally – …

Careers In Cybersecurity

In the first part of this two-part series, we made the case for cybersecurity as a career path with excellent short and long-term growth prospects.

But what, exactly, do folks who work in cybersecurity do all day?

That’s what we’ll cover in this article. 

While the list of jobs won’t be exhaustive—cybersecurity, like any complex and growing field, has a wide array of opportunities—it will cover some of the most in-demand specializations and give a representative sampling of the kinds of jobs out there (along with a general idea of how much they …

Checklist 150: Trust Issues

On this edition of The Checklist: The Siri Sessions, O.MG: A Cable Hack, and 15 Apps to Watch for on Kids’ Phones.

Should you post pictures of your kids on social media?

Parents are proud of their kids, and it’s natural to want to share special moments from their lives with friends and family on social media. But a growing chorus of experts is warning that sharing too much of our children’s private lives can do real harm.

What you decide to put on social media is a personal decision…but it should be an informed decision. Here are five things to consider before posting those baby bathtime photos—along with some tips to protect your children’s privacy and help keep them safe.

article span.backnum { …

Sign in with Apple: Digital privacy at last?

At this year’s Worldwide Developers Conference, Apple announced several forthcoming changes aimed at improving privacy and security for its users. Perhaps the most important of these was “Sign in with Apple”, slated for widespread release later this year.

In this post, we’ll talk about what Sign in with Apple is, why it matters…and whether or not it’s all it’s cracked up to be.

What is Sign in with Apple?

Many apps ask users to sign-in with a social media account, ostensibly in order to offer a more personalized experience. You’ve probably seen or …

Are Cybersecurity Skills In Demand?

As millions of students head back to university this fall, a substantial chunk of them will do so without knowing what they’re actually going to end up studying.

For most undeclared majors, the final decision is going to come down to career prospects: whether or not they’ll be able to find a job after graduation.

Of course, nobody knows exactly what the economy is going to be doing (or not doing) in four years, but the best hedge against uncertainty has always been to figure out what skills are in demand—and learn …

Black Hat 2019: Apple’s $1 million prize, new vulnerabilities revealed, and a keynote to remember

The 22nd annual Black Hat USA conference was held this week in Las Vegas. Black Hat is one of the most important events in cybersecurity, bringing together researchers, developers, and hackers from all over the world for a week of training sessions and briefings. As such, it’s often the stage for major announcements affecting security professionals as well as the general public.

This year’s Black Hat did not disappoint, and featured significant new developments that will interest both macOS and iOS users.

Read on for our roundup of Black Hat 2019…

The macOS …

Checklist 149: Security Tripping with The Checklist

This week, we say hello to August with a groan as news of more big data breaches that could affect our financial lives comes out. Then we’ll pivot to talk about how you can stay safe when you squeeze in one last summer vacation before autumn arrives, and we’ll round things out with a follow-up to a follow-up. It’s in the name of the show — so here’s this week’s checklist of stories:

The Bad/Worse Breach7 Tips for TripsA Stronger Little Snitch

Let’s not waste any time as we embark on a …

The DataSpii Privacy Disaster: How Browser Extensions Resulted in a Huge Sensitive Data Leak

If you use Google Chrome or Mozilla Firefox as your go-to web browser, and you regularly make use of browser extensions, then some of your browsing data may have been compromised. According to a detailed Ars Technica report on the matter—which is being referred to as “DataSpii’—more than four million users have likely been affected. 

The fault lies with eight different browser extensions, meant for everything from getting past paywalls to zooming in on web content. The way these extensions were set up allowed them to access and collect a wide …

Flaw in Bluetooth Protocols Could Allow Tracking of iPhone, MacBook Users

Bluetooth is one of the most common wireless protocols in the world, allowing a vast range of devices to connect together for shared functionality. From playing music in your car to controlling the temperature of your flatiron, Bluetooth enables us to do many things — and as a result, Bluetooth protocols are standard on iPhones, in MacBooks, and in many other products, too. According to a new study published by researchers from Boston University, though, almost all those devices currently contain a Bluetooth flaw that can erase a user’s privacy.

Bluetooth’s …