Another Ransomware Attack Spreads Around the Globe

At the end of June, the world awoke to another widespread ransomware attack locking down machines across the globe. This time, the bulk of the attack centered on Ukraine, although countries such as Germany, the UK, and the USA also saw infections. Initially, the media reported that this was an attack executed by ransomware known as “Petya.” Petya was originally discovered and detailed back in 2016, spreading through infected emails and employing the typical demand of a ransom paid in Bitcoin.

The attacks of June 27, however, were very …

WannaCry Locked Down Australian Traffic Cameras, Caused Voided Citations

Do you think that ransomware attacks only affect personal computers and business systems? Think again — the recent widespread infections caused by the WannaCry ransomware touched more than just hospitals in the UK and unpatched Windows PCs. In the Australian state of Victoria, hundreds of traffic cameras, meant to enforce speed limits, were knocked offline after the malware infected the system. Instead of encrypting data for ransom, the system instead became locked in a continuous cycle of rebooting.

Because of the infection, police in Victoria announced that they would …

Ransomware on the Rise: What Should You Know?

After the massive outbreak of the WannaCry malware that took down hospitals in the UK and spread around the world, we knew it was only a matter of time before similar attacks took place. With the recent outbreak of new ransomware, dubbed Petya, affecting computers in Ukraine and spreading to other countries, it’s a good time to take a step back and look at some hard facts about ransomware. What do Mac users need to know about this rising threat?

Who does ransomware affect?

Windows users are the ones who …

Checklist 45: Social Engineering; The Human Element of Hacking

In the world of security, deception is as big a threat as any malware you might find. From spear phishing to scary sounding phone calls, these threats all fall into the same category: social engineering.

Apple Announces Transition to New File System at WWDC

Last year, Apple announced that it was in the final stages of development for a new file system to replace the current architecture, which has begun showing its age. At this year’s WWDC, one of Apple’s major announcements was that this new “Apple File System” (or APFS) is finally ready. It’s coming to users soon with the release of macOS High Sierra, and it brings with it a host of improvements in both performance and security.

On the performance side, we can expect to see much faster disk …

MacRansom

• • Type:
  • Ransomware
• • Platform:
  • Mac OS X
• • Last updated:
  • 07/01/17 9:47 pm
• • Threat Level:
  • High

Description

MacRansom is ransomware that encrypts files on an infected computer and holds them for ransom.

MacRansom Threat Removal

MacScan can detect and remove MacRansom Ransomware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

MacSpy

• • Type:
  • Spyware
• • Platform:
  • Mac OS X
• • Last updated:
  • 07/01/17 9:52 pm
• • Threat Level:
  • High

Description

MacSpy is spyware.

MacSpy Threat Removal

MacScan can detect and remove MacSpy Spyware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

Checklist 44: A look at encryption, past and present.

Today’s episode is all about encryption. We’ll look at encryption across time – from ancient history, to encountering it today on the web.

Malware from Compromised Handbrake Servers Leads to Stolen Source Code

Back at the end of May, we reported on a story about a malware threat to Mac users delivered via the popular DVD ripping software Handbrake. In that incident, hackers broke in to one of the download servers Handbrake used to serve installers to users. They replaced the genuine Mac installer with one that would drop a backdoor onto your machine, allowing the authors free reign to crawl through your data. The infected server was serving up this malware for four days, and now we know that it actually …

Apple Covers All the Bases with Over 100 Security Updates in May

In mid-May, while the world was waking up to deal with the chaos caused by the WannaCry ransomware spreading over the web, Apple was making its users safer again. Released on May 15th, a new set of patches dropped for iOS, macOS Sierra, and both the El Capitan and Yosemite version of OS X. So many different fixes were implemented that  it would be difficult to cover exactly what each of them accomplishes. However, of particular note in this update is the fact that ethical hackers previously identified more …

Checklist 43: 5 Things to Know About Spam

Today’s episode is all about spam! No, not the mystery meat, but rather those mountains of junk email that clog up your inbox and take up your time.

Darkweb Hackers Begin Offering Functional Mac Malware and Ransomware as a Service

With the popularity of both ransomware and the creation of macOS malware on the rise with hackers, Apple users face a growing number of threats. It now appears that others have turned their attention to the creation of new malware to spy on Mac users — but these programmers have gone a step further. Rather than developing a tool and deploying it personally, they have taken to the dark web to offer their products for sale. Known respectively as MacSpy and MacRansom, the hackers provide the malware to users …

New Version of iOS Makes Quiet Changes to How Apps Use Your Location

At Apple’s annual WWDC event this year, the company made a host of big announcements. Chief among them was the unveiling of the next iteration of iOS, version 11. While they highlighted many of iOS 11’s new features during the conference, some other changes flew under the radar. One of those is a big tweak to the way apps on your phone can use your GPS location information. If you have ever used Uber, you may have encountered problems with its functionality if you’ve disabled location services. Uber is …

Apple Adds New Password Rules to Secure iCloud Accounts

iCloud users will soon need to abide by a new set of password requirements, put in place by Apple to fight against account breaches. In mid-May, Apple sent out a support email to iCloud customers, explaining the new requirements. The new requirements went into effect on June 15th.

The new policy concerns third party apps that need to access iCloud data to function. Such apps include Microsoft Outlook and other similar programs used for email, calendar management, and contacts. Apple will require app-specific passwords for such programs, instead …

Apple Retains Notes Synced to iCloud after Deletion

Apple may be retaining deleted notes in iCloud without user knowledge or consent, according to a recent blog post from security software company Elcomsoft. If you use the Notes app on your Apple device and sync the notes to iCloud, there’s a chance that Apple is holding onto the notes indefinitely—even after you delete them.

Apple has a history of holding onto iCloud data past its deletion date. In the past, Elcomsoft has been instrumental in discovering these iCloud flaws. Last year, the company found that the iCloud Photo …

Checklist 42: The Internet of Things: New Devices, New Concerns

Today, Internet connectivity doesn’t just include computers and phones. It’s lights, cameras, thermostats, and more. It’s called the Internet of Things, and it’s the topic of today’s show! In this episode we’ll be taking a closer look at security concerns that come with all these new IoT devices.

Checklist 41: Open Sesame: Authentication and Online Security

When it comes to online security, there are all sorts of ways to prove we are who we say we are. On this week’s Checklist, we’re talking authentication, authorization, and the difference between the two.

Apple Reveals That Government Security Requests Are Becoming More Common

The government is getting more comfortable asking tech companies to hand over user data. At least, that’s the conclusion that you might draw after reading Apple’s recent “Report on Government and Private Party Requests for Customer Information” from the second half of 2016.

According to the report, Apple received about twice as many United States Government National Security Requests between July 1 and December 31, 2016, as it did from January 1 to June 30. In the first half of the year, Apple received 2,999 national security requests …

Checklist 40: Apple’s Hacker History

Ransomware, malware, DDoS attacks… Those are the kinds of things we tend to think of when someone says the work “hacker” today. That’s not what the word used to mean, though. We’re doing a bit of hacker history on today’s checklist, looking at Apple’s hacker roots and how that led to the ever growing Apple ecosystem.

Siri Voice Command Bug Could Let Thieves Hide from Find My iPhone

The theft of smartphones is a large problem, especially with high-value items like iPhones. Whether a thief takes a phone to use or to resell, they’ll need to wipe the device first. Normally, the iPhone passcode and access control restrictions prevent that from happening. Meanwhile, a user can activate Find My iPhone to uncover its location or remotely wipe a device—a useful anti-theft mechanism, as it renders the phone useless to a thief intent on stealing your private information.

However, a freshly discovered bug in iOS versions 10.1 …