SecurityThe 2020 U.S. elections are just days away, and cybercriminals — some motivated by politics, others by financial gain — are stepping up their attacks. We’ll let you know what’s happening on this edition of the Checklist.
Voter intimidation emails attributed to Iran
We’ve talked before about the issue of foreign adversaries attempting to interfere with the upcoming U.S. elections, but this week a disturbing new development came to light.
According to the FBI and Director of National Intelligence John Ratcliffe, Russia and Iran have obtained the voter registration data of American citizens, …
October 22, 2020 •
8 min read
MalwareSecurity researchers have just announced the discovery of Android and macOS variants of GravityRAT, a Windows spyware threat that’s been around since at least 2016.
October 20, 2020 •
4 min read
SecurityOn this week’s Checklist, we’ll cover:
How Macs are perceived in the enterpriseAn addendum to last week’s T2 storyA checklist of security tips from the NCSA
Survey says…
Do you feel like your Mac is the best choice for security? You’re not alone.
A recent survey conducted by enterprise software management platform Jamf asked businesses—both ones that used Macs and ones that didn’t—what they thought about the Mac in terms of security.
Across the board, 77% of all organizations polled said that they believed the Mac to be more secure “out of the box”, though …
October 15, 2020 •
10 min read
AppleTuesday’s Apple Special Event introduced the iPhone 12 line and some cool new accessories as well. Here’s an overview of the new and upcoming product releases announced at the event:
iPhone 12 and iPhone 12 mini
The look of the new iPhone is reminiscent of past models: flat sides and a boxier appearance overall.
Technically speaking, probably the biggest change is compatibility with 5G wireless networks, which are currently being rolled out around the world. The 5G standard has two basic flavors: sub-6 5G and millimeter wave 5G. Apple says that the new …
October 14, 2020 •
5 min read
BlogAmid growing concern about foreign interference in the November elections, military hackers at the United States Cyber Command have started attacking the Trickbot botnet. In this short article, we’ll tell you what’s happening and why it matters for the elections.
What is the Trickbot botnet?
Trickbot is botnet malware: malware that can be used to create networks of infected computers and then coordinate their activity. Originally a banking Trojan, the malware has evolved over the past several years and can now be used to spread ransomware and other forms of malware. It …
October 12, 2020 •
4 min read
BlogThe annual Virus Bulletin security conference was held last week; as has been the case with so many other events this year, the proceedings were fully remote, leading the organizers to call the 2020 instalment of the conference “VB2020 localhost”.
October 8, 2020 •
7 min read
SecurityThis week’s big news: an “unpatchable” hardware vulnerability affecting Apple’s T2 security chip! But how serious is it, really? We spoke with Mac security expert Patrick Wardle to separate the facts from the clickbait headlines. We’ll cover:
the technical backgroundwho’s impacted (and what they can do)
Parsing the T2 story
The Apple security community was abuzz this week with news of an unpatchable vulnerability in the T2 security chip found in newer Macs.
To begin with, a quick refresher: The T2 chip is essentially a co-processor that handles much of the Mac’s security functionality, …
October 8, 2020 •
5 min read
SecurityAn unnamed U.S. federal agency has been breached, according to a recent report by the Cybersecurity and Infrastructure Security Agency (CISA), and third-party analysts now believe that Fancy Bear, the notorious Russian Advanced Persistent Threat (APT) group, is the likely culprit.
In this short article, we’ll provide some details about the incident, give you some more background to the story, and share some of CISA’s security recommendations for organizations.
What happened?
The CISA report did not disclose the date of the hack or the name of the agency affected. But it did describe …
October 6, 2020 •
6 min read
BlogIn this short article, we’ll introduce you to this emerging phenomenon, tell you how it works, and offer some thoughts about the future of privacy.
October 5, 2020 •
6 min read
BlogOctober is National Cybersecurity Awareness Month, and the National Cybersecurity Alliance has kicked things off by releasing some timely recommendations for 2020.
October 2, 2020 •
8 min read
MalwareResearchers at Amnesty International have just announced the discovery of FinSpy spyware variants that target macOS and Linux users. In this article, we’ll tell you what they found, share some technical details uncovered by Amnesty’s malware analysts, and explain what it means for security and privacy.
What is FinSpy?
FinSpy is commercial spyware, produced by a private company and sold to law enforcement and intelligence agencies around the world. There are (arguably) legitimate uses of such monitoring software, for example in criminal and anti-terrorism investigations; however, FinSpy’s manufacturers have come under fire …
October 2, 2020 •
6 min read
SecurityOn this week’s Checklist, we discuss a rapidly changing App Store story, we talk about streaming services and privacy, and we show you how to keep your wits in a cybersecurity emergency.
September 28, 2020 •
7 min read