Forward Your Phishing Emails Here…

Well, not here, exactly. (see link below)

reportphishing@apwg.org

These would be emails specifically targeting you or your company, not SPAM or typical unsolicited emails. Examples would be, messages with questionable attachments sent to multiple addresses within the company, strangers asking for info and similarly suspicious content.

Let us know if you have any questions regarding phishing emails, how to block them or any other cyber security matters.

https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

Cloud Data, Mobile Devices and Data Vulnerability

They would have lost several days of financial transactions if not for the local on-site backup we installed.

Fortunately we had set up an on-site backup of a customer’s DropBox (and other) data, as they came across sync issues and their company financial data was overwritten by older data. Syncing had been turned off for some reason and only the local data was modified, for days. When syncing was turned back on, the older data on DropBox overwrote the newer local data. Perhaps by customer error? Confusing user interface?

They would have lost several days of financial transactions if not for the local on-site backup we installed, taking care of their user directory (including the DropBox sync folder). We were able to restore the file to the time just before it was overwritten by the old DropBox data, viola! Hours upon hours of reentering data, maybe even losing data, all resolved in minutes.

We’ve long wondered when DropBox will get hit by something and Adobe has now proven a catastrophic loss is possible on a cloud platform. The link below describes how Adobe customers using Lightroom on iOS had all of their images and settings permanently erased. For iOS users not backing up regularly, the data is gone forever.

https://helpx.adobe.com/lightroom-cc/kb/lightroom_mobile_5_4.html?red=a

Adobe users lost data and Adobe had no way to restore from a backup. This was, apparently, due to bad programming. No company is immune from this, DropBox could experience something similar.

Because of this we strongly suggest having your DropBox data (and all other cloud data) backed up by your own local system. Bad programming aside, heaven forbid DropBox suffer a hack. We’re sure they work very hard at preventing this, being a super tasty target and treasure trove of data that every foreign state must be drooling over.

Disk Encryption – Speed versus Security

Unless you encrypt your computer’s hard drive, it’s simply an external drive for anyone to plug into their machine and copy. If your laptop is stolen, the thief does not need your password to get most or all of your data.

Down side of encryption for content creators and other speed freaks, it slows down the hard drive. We posted some pics of a 2016 MacBook Pro before and after Apple’s FileVault was applied to the internal drive. Note the significant, write speed, decrease.

Best to encrypt your operating system drive and keep sensitive files there. An unencrypted, external, USB3 or Thunderbolt drive is best for content creation anyway.

Did you know that the SSD in your computer has a limited lifespan? SSDs wear (like tires) over time. They have dedicated space set aside to replace the worn parts. Once that reserve is used up the drive is no good. The more you use the drive, the faster it can wear out. So moving all that audio and video data back and forth on your internal drive is not a great idea, it’s the most expensive one to replace.

TechTool Pro showing SMART status of 2016 MacBook Pro internal SSD.

Apple Watch provides potentially life-saving benefits

Doctor in lab coat with stethoscope writing on medical chart in clipboard

The Apple Watch can provide monitoring of various health markers, during rest, exercise and even sleep. This can provide various clues to potential health issues.

As the below linked article indicates, this is exactly what the Watch provided. An “Apple Watch user in Washington has credited his Apple Watch with alerting him that his atrial fibrillation had returned.” Because of this history of health markers that the Watch provided, his doctor was then able to put him on blood thinners to prevent a possible stroke.

Wrongful death lawsuit brought after fire allegedly caused by iPad

Firefighter using fire extinguisher on large fire

“A wrongful death lawsuit has been filed against Apple in New Jersey after a man died in an apartment fire which allegedly began when his iPad burst into flames.” As has been seen in the past, especially in the recall of Samsung phones due to higher propensity for them to catch fire, it is important to understand the risks (while fairly rare) that a Lithium Ion battery could catch fire.

Here are a few user tips to practice when charging your mobile device:

  • When charging your device, do so in an area away from flammable materials. Best to charge on a fireproof tray or other fireproof item.
  • Don’t charge your device in bed while sleeping, and don’t put it under the bed covers or pillows.
  • It is wise to not leave a device charging when you’re not near it. In the event of any issues, you want to be able to address what’s occurring as soon as possible.
  • Be aware of how hot your phone gets while in use or especially when charging. Refrain from charging for long periods of time in areas of direct sunlight or other hot places, such as on the dashboard of a car on a hot day.

Doing the above things will assist in keeping you safe. Below is the link to the article on the lawsuit for further review.

Multi-level hack on email provider destroys almost two decades of data

Group of four people holding message bubbles above their heads

“Email provider VFEmail said it has suffered a catastrophic destruction of all of its servers by an unknown assailant who wiped out almost two decades’ worth of data and backups in a matter of hours.” The hacker (or hackers) acquired multiple passwords related to the service, and formatted all hard drives related to the serving of email. They were discovered in the middle of formatting the backup server. The email is “effectively gone” as stated in the article.

This is a good reminder that it’s important to have a backup of your IMAP mail or other online email (such as Yahoo Mail or Gmail) to your local computer, which also has a backup. Backups are a good idea always, in all circumstances.

https://arstechnica.com/information-technology/2019/02/catastrophic-hack-on-email-provider-destroys-almost-two-decades-of-data/

Hackers use malicious Windows file to access MacOS

Mouse pointer hovering over the word "Security"

Hackers are utilizing the file type “.exe” to unload malicious software onto MacOS powered computers. As the article linked below mentions, by default, .exe files won’t run on a Mac. The malicious download worked around this limitation by bundling the .exe file with a free framework known as Mono. Mono allows Windows executables to run on MacOS, Android, and a variety of other operating systems.

Users should be cautious of downloading any software from insecure resources such as Torrent sites. Torrent sites provide users with the ability to download any type of software, movies, games, etc, which leads to a “Wild West” scenario, where all bets are off with the type of files that you’re actually downloading.

It’s also wise to ensure children are not accessing these sites either, and to block access to Torrent resources on company networks.

https://arstechnica.com/information-technology/2019/02/clever-trick-uses-windows-executable-file-to-install-malicious-payload-on-macs/

8 Tips to keep your Cell Phone charged when the power goes out

Apple white iPhone connected to MacBook Pro via USB cable

Whether you’re going to be away from a typical power source for a while, or suddenly fall victim to a long-lasting power outage, there are several things you can do to make sure your cell phone continues to be available. Cell phone power can be ironic: always charged when you don’t need it but when you need it most, the battery dies!

Here are a few tips…

  • Always ensure your phone is charged, especially if it has an older battery (and consider getting a new battery installed if possible, if you don’t plan on getting a new phone in the near future).
  • Make sure that a device such as a laptop, which has an internal battery, is fully charged. In an emergency, you can use the laptop to charge the phone.
  • A separate fully-powered USB storage bank can provide peace of mind. In the event of long-lasting power outages, there are also chargers with solar and hand crank capabilities to keep phones available for emergency calls.
  • Another inexpensive piece of hardware is an adapter for the power port (“cigarette lighter”) in most automobiles, for those older vehicles that don’t have built-in USB ports.
  • Enabling Low Power Mode on an iPhone, by going through the Settings App and selecting the Battery setting, will help conserve power. Further, turning on “Auto Lock” in the Settings can also help with power consumption, locking the screen automatically after a user-defined time.
  • Of course, not excessively using the phone, especially with watching videos or surfing the Internet, is a wise choice.
  • Double-clicking the Home button on the iPhone, and swiping up on any applications currently open in the background that you are no longer using, will prevent them from causing further battery drain.
  • Finally, if you have the ability, you can visit a local coffee shop, restaurant or grocery store for power charging and WIFI use. If using WIFI, it is wise to put your phone on a Virtual Private Network (VPN) to beef up the security, as most public places do not have adequate computer network security to protect the data that you are sending and receiving (we’ll save that discussion for another blog post). Just expect that wherever you may visit, seating (and power outlets) may be at a premium!

Beware Malicious Internet Browser extensions

Apple iPhone showing Google Chrome logo

A quick summary from the article of steps to take in regards to browser extensions that can be installed for Chrome and other similar Web browsers:

  • Don’t install software that you cannot read and asks for intrusive permissions.
  • If something seems off, it probably is. Evaluate what might cause your user journey to change.
  • Periodically evaluate what extensions you have on your browser — remove those you don’t use anymore.
  • If you have an extension on your browser that you use, seek an open-source version/alternative or disable automatic updates from the Chrome store — make sure you audit the code or find someone reliable and trustworthy to.

https://medium.com/mycrypto/the-dangers-of-malicious-browser-extensions-ef9c10f0128f