Forward Your Phishing Emails Here…

Well, not here, exactly. (see link below)

reportphishing@apwg.org

These would be emails specifically targeting you or your company, not SPAM or typical unsolicited emails. Examples would be, messages with questionable attachments sent to multiple addresses within the company, strangers asking for info and similarly suspicious content.

Let us know if you have any questions regarding phishing emails, how to block them or any other cyber security matters.

https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

Cloud Data, Mobile Devices and Data Vulnerability

They would have lost several days of financial transactions if not for the local on-site backup we installed.

Fortunately we had set up an on-site backup of a customer’s DropBox (and other) data, as they came across sync issues and their company financial data was overwritten by older data. Syncing had been turned off for some reason and only the local data was modified, for days. When syncing was turned back on, the older data on DropBox overwrote the newer local data. Perhaps by customer error? Confusing user interface?

They would have lost several days of financial transactions if not for the local on-site backup we installed, taking care of their user directory (including the DropBox sync folder). We were able to restore the file to the time just before it was overwritten by the old DropBox data, viola! Hours upon hours of reentering data, maybe even losing data, all resolved in minutes.

We’ve long wondered when DropBox will get hit by something and Adobe has now proven a catastrophic loss is possible on a cloud platform. The link below describes how Adobe customers using Lightroom on iOS had all of their images and settings permanently erased. For iOS users not backing up regularly, the data is gone forever.

https://helpx.adobe.com/lightroom-cc/kb/lightroom_mobile_5_4.html?red=a

Adobe users lost data and Adobe had no way to restore from a backup. This was, apparently, due to bad programming. No company is immune from this, DropBox could experience something similar.

Because of this we strongly suggest having your DropBox data (and all other cloud data) backed up by your own local system. Bad programming aside, heaven forbid DropBox suffer a hack. We’re sure they work very hard at preventing this, being a super tasty target and treasure trove of data that every foreign state must be drooling over.

Disk Encryption – Speed versus Security

Unless you encrypt your computer’s hard drive, it’s simply an external drive for anyone to plug into their machine and copy. If your laptop is stolen, the thief does not need your password to get most or all of your data.

Down side of encryption for content creators and other speed freaks, it slows down the hard drive. We posted some pics of a 2016 MacBook Pro before and after Apple’s FileVault was applied to the internal drive. Note the significant, write speed, decrease.

Best to encrypt your operating system drive and keep sensitive files there. An unencrypted, external, USB3 or Thunderbolt drive is best for content creation anyway.

Did you know that the SSD in your computer has a limited lifespan? SSDs wear (like tires) over time. They have dedicated space set aside to replace the worn parts. Once that reserve is used up the drive is no good. The more you use the drive, the faster it can wear out. So moving all that audio and video data back and forth on your internal drive is not a great idea, it’s the most expensive one to replace.

TechTool Pro showing SMART status of 2016 MacBook Pro internal SSD.

Macs impervious to Malware? Think again.

Computers showing malware and virus warnings

In the past, before the rise of Apple that began at the turning of the Millennium, it was quite rare for Apple’s computers to be the targets of viruses, trojans, worms, and other types of malware. Those were usually reserved for the Microsoft Windows platform, more popular at the time and less controlled than the MacOS.

However, in today’s times of the internet and the popularity of Apple, there’s greater risk of being susceptible to attacks from malware. These attacks usually occur when accessing links or files, such as clicking on ad banners online, downloading software from crowd-sharing means such as through torrent files, and clicking on attachments in emails, even if those emails are from known sources.

One recent malware called “Searchmine.net” is an example of malware that infects the MacOS. It targets web browsers such as Chrome, Safari and Firefox. The malware has the ability to change the browser’s homepage, new tab page or default search and take measures to prevent users from changing those settings back. This can allow the malware designers to track users’ browsing habits, and target them with customized ads, or sell this information to 3rd parties.

Unfortunately, accessing the location where the application is installed and removing it will not cure the issue, as this malware is persistent. Scanning with an application like Malwarebytes, frequently used to assist in detection and removal of items such as this, will be fruitless as well, as Malwarebytes has difficulty detecting the application. With Malwarebytes being ineffective, the next step of researching online for other tools to remove Searchmine can reveal potential solutions. However, some of these “solutions” could actually be additional malware that cause additional problems. And they are not inexpensive to use, even if they don’t have bad intentions and actually solve the problem.

For users of the Chrome browser, a recent tool developed by a product expert appears to remove the malware through the running of a script in the MacOS Terminal application. The Terminal application is a way to run processes and navigate the Macintosh file structure through a text command line interface. This script method has been shown to work. Instructions on its use can be seen at this link. If you have questions on its use or need assistance, don’t hesitate to contact us.

As for users of Safari and Firefox, the solutions don’t appear to be as clear. It is best to contact us to ask questions or have us address the issue . As a general tip for users, it is a smart move to not download files from sources that are not trustworthy. Also avoid clicking on banners on sketchy websites, and beware of clicking on email attachments, especially from untrustworthy sources.

For users with recent versions of the MacOS, you can read this site on how to take some steps to protect your Mac from malware. For Safari users, this page on Apple’s site explains how to block pop-ups in Safari, and gives tips on dealing with pop-ups in general to protect the user’s system from potential infections.

Tips on protecting your online personal data while using Facebook apps

Thumbprint providing access to online accounts

In today’s always-on connected world, most people know not to give away too many personal details of themselves on Social Media sites like Facebook, Twitter, etc., as online details can be easily harvested by innocent actors as well as those who have more devious intentions. However, one area most people neglect to protect is when answering nostalgic questionnaires or playing games on sites such as Facebook. The information gained from these items is exactly what bad actors desire in pursuit of a user’s personal assets.

As this article describes, people that play games, answer questionnaires, or otherwise reminisce with people online about personal details may inadvertently give away answers to online accounts’ security questions. The purpose of these security questions is to assist in preventing unauthorized access to sites such as online bank accounts or credit card accounts. Unfortunately, it has been revealed over the years that security questions are a vulnerable method for secondary authorization.

An example of a type of game where a user might provide personal details would be when there’s a word game that gives them a chance to come up with a DJ (disc jockey) name by using their first pet’s name combined with the street that they grew up on. Or it combines the first name of their best friend from high school and the city they were born in. These answers would all be examples to popular security questions for online accounts. In addition, posting an answer to this online can also potentially cause a reaction from others to post their answers as well.

If a user does take part in these questionnaires or games, it’s a good tip to make the security questions for online accounts not truthful (and write down these fake answers for ease of remembering later on). Or better yet, make another password as the answer for the security questions, as in reality, the answer to security questions is just another password. Using another password for the answer to security questions navigates around the issue of having the same answers as provided with these questionnaires and games.

Other secondary authorization methods like text messages to a user’s mobile phone can present additional vulnerabilities, like being susceptible to mobile phone SIM swapping. A better way to secure an account versus using security questions or text messages is to use 2fa (Two factor authorization) through an app like Authy or Google Authenticator, both which are installed on the user’s mobile device. These 2fa apps provide a one-time-use key as a secondary authorization for online accounts. When a user logs in to an online account, they input the number generated by the 2fa app for the secondary authorization, thereby allowing access to their online accounts in a more secure manner. It’s best to setup the 2fa app for all online accounts (bank accounts, credit card accounts, Facebook, Gmail, etc.) where it’s an option.

Tips for resolving iCloud password issues

Person holding iCloud picture with Blue Sky in the background

On July 4th, Apple experienced issues with most of its iCloud services, per this site. End-users were having trouble signing into iCloud and accessing their accounts, along with Photos, Mail, Backup, Find My Friends, Contacts, Calendars, and more seeing downtime. Apple Stores were also reportedly affected by the outage and were not able to process transactions.

While this issue was eventually resolved by Apple, there could be other times where iCloud has issues and end-users are asked for a password. End-users will tend to try their known password, which in these times will not work. After trying multiple times, end-users will then think they have the wrong password and try another password, which gets saved in the keychain and is wrong. 

This will result in the following scenario for the end-user: 

  • Lost access to their account.
  • Not understanding why they lost access.
  • Not knowing what password is the truly correct password.

This can lead to all sorts of issues. For example, Denial of Service attacks can be leveraged to get end-users to use side channels, and these side channels can be loaded with spam and other undesirable internet materials. In the event there are issues with iCloud and passwords, it is recommended to do the following procedure:

  • At the first prompt for a password for an account that has been working fine up to that point, just ignore for a few minutes. 
  • After this, the first move should be to power cycle the computer (shut it down (not restarting), giving the computer 5-10 seconds to rest, and then powering it back on). 
  • If it is still asking for a password that worked previously, check for service interruptions and/or contact tech support. 
  • If the account is of security concern, consider logging into the account via a different method and reset the account password. 
  • Make sure you didn’t get locked out by a hacker. It is important that you determine this ASAP because the longer you wait after they log you out, the more time they have to get into other accounts and lock you out. 
    • If you find you have been locked out of your account, change passwords in your other accounts, starting from highest priority to lowest.

If you have any questions, or would like to discuss further, let us know!

IMPORTANT: Voluntary Recall/Replacement Program for certain MacBook Pro laptops

Apple MacBook Pro sitting on a wood desk

Per this notice on Apple’s website on June 20th, Apple announced a voluntary recall of a limited number of older generation 15-inch MacBook Pro units which contain a battery that may overheat and pose a safety risk. The units were sold primarily between September 2015 and February 2017 and can be identified by their product serial number. The recall does not affect any other 15-inch MacBook Pro units or other Mac notebooks.

This article details that users who have MacBook Pros that were manufactured should check to see if their computer is involved. Instructions are given on how to check for this in the linked website above. This is vitally important due to the potential safety hazard involved with affected computers.

Please let us know if you have any questions or would like to discuss further.

Beware Applications requesting a plug-in be downloaded

Computer displaying directory computer code

As noted in this article, “a security researcher has disclosed a new flaw that undermines a core macOS security feature designed to prevent apps, or malware, from accessing a user’s private data, webcam or microphone without their explicit permission.” Recent privacy protections, expanded in the Mojave version of the Macintosh operating system, were meant to make it more difficult for malicious apps to get access to the user’s private information, unless the user allows access through a pop-up dialog.

However, these protections weren’t as good as Apple previously believed. This bug is the result of a whitelist of approved applications that are allowed to create “synthetic clicks” to prevent them from breaking. This includes the popular video playing application VLC, which the researcher showed could access a user’s camera, microphone, and other Macintosh computer services, through a plug-in that performed malicious actions.

This is a reminder that users should be aware anytime an application asks for permission to download and/or load additional software. In this case, any application that requires a download and installation of a plug-in would require closer scrutiny. This is especially true for anyone who attempts to access files through something like torrent services, which could potentially request to download a plug-in to view the downloaded file (or else the file that is downloaded through the torrent file could also be a payload with malicious intent, even if not requiring a plug-in).

If you’d like to discuss further, please let us know!

New Apple update against Intel CPU attacks imposes 40% performance penalty

Intel CPU chip shown on computer's internal motherboard

As mentioned in this article, Apple has posted a new article on its website that details how a user can implement Full Mitigation for a “theoretical” speculative attack that targets Intel CPUs (central processing units). Full Mitigation is mostly for users that are at heightened risk for an attack, such as government workers or high-ranking business executives.

Enabling this mitigation results in an approximate 40% drop in performance. However, as previously mentioned, most users won’t need to enable this level of mitigation, as the attack is theoretical at this point and there are no known attacks in the wild for this.

macOS 10.14.5 includes the most relevant patches for users, although there have been reported issues from Mac users with some methods of file sharing over macOS. As always, it is the best practice to only download trusted software from the Apple App Store.

If you have further questions or would like to discuss, let us know!

Did you know: Easy way to add items to the Mac Dock

Apple Macintosh Desktop with Dock displayed

Most users know that it’s possible to add items to the macOS dock by dragging and dropping an icon onto the Dock. However, there’s another way that you can add anything instantly to the Dock on macOS with a keyboard shortcut.

Here’s the process:

  • Navigate to the item you want to add to the Dock in the Finder
  • Select the item to add to the Dock in Finder
  • Now hit the keyboard shortcut: Control+Shift+Command+T

If you’d like to know other time-saving tips, let us know!