They would have lost several days of financial transactions if not for the local on-site backup we installed.
Fortunately we had set up an on-site backup of a customer’s DropBox (and other) data, as they came across sync issues and their company financial data was overwritten by older data. Syncing had been turned off for some reason and only the local data was modified, for days. When syncing was turned back on, the older data on DropBox overwrote the newer local data. Perhaps by customer error? Confusing user interface?
They would have lost several days of financial transactions if not for the local on-site backup we installed, taking care of their user directory (including the DropBox sync folder). We were able to restore the file to the time just before it was overwritten by the old DropBox data, viola! Hours upon hours of reentering data, maybe even losing data, all resolved in minutes.
We’ve long wondered when DropBox will get hit by something and Adobe has now proven a catastrophic loss is possible on a cloud platform. The link below describes how Adobe customers using Lightroom on iOS had all of their images and settings permanently erased. For iOS users not backing up regularly, the data is gone forever.
Adobe users lost data and Adobe had no way to restore from a backup. This was, apparently, due to bad programming. No company is immune from this, DropBox could experience something similar.
Because of this we strongly suggest having your DropBox data (and all other cloud data) backed up by your own local system. Bad programming aside, heaven forbid DropBox suffer a hack. We’re sure they work very hard at preventing this, being a super tasty target and treasure trove of data that every foreign state must be drooling over.
As noted in this article, “a security researcher has disclosed a new flaw that undermines a core macOS security feature designed to prevent apps, or malware, from accessing a user’s private data, webcam or microphone without their explicit permission.” Recent privacy protections, expanded in the Mojave version of the Macintosh operating system, were meant to make it more difficult for malicious apps to get access to the user’s private information, unless the user allows access through a pop-up dialog.
However, these protections weren’t as good as Apple previously believed. This bug is the result of a whitelist of approved applications that are allowed to create “synthetic clicks” to prevent them from breaking. This includes the popular video playing application VLC, which the researcher showed could access a user’s camera, microphone, and other Macintosh computer services, through a plug-in that performed malicious actions.
This is a reminder that users should be aware anytime an application asks for permission to download and/or load additional software. In this case, any application that requires a download and installation of a plug-in would require closer scrutiny. This is especially true for anyone who attempts to access files through something like torrent services, which could potentially request to download a plug-in to view the downloaded file (or else the file that is downloaded through the torrent file could also be a payload with malicious intent, even if not requiring a plug-in).
If you’d like to discuss further, please let us know!
We previously notified our readers of a breach involving Microsoft Outlook email. Users of Cryptocurrency are now coming forward to indicate that this Outlook breach led to a theft by hackers of their Cryptocurrency from various Cryptocurrency Exchanges, as detailed in this follow-up article.
Keeping anything online, whether it be email or items like Cryptocurrency, leaves a user open to potential hacks. It is wise to copy email to a folder on the user’s computer vs. leaving it online in an inbox or the like for hackers to gain access to. When stored in a folder on a personal computer, it’s much harder to access.
Also, enabling verification items like 2fa (Two-factor authorization), where a user is required to verify log-ins and other procedures using an application on their phone, are wise to use to prevent access to user accounts. As one user indicated in the article, they did not have 2fa enabled on their account, so it allowed the hackers easier access.
If you’d like to discuss further on ways you can protect yourself online, please let us know!
Yes, it’s true: Mac malware, viruses and other security flaws do exist. However, they are very rarely found in the wild. This article details the current known threats to the Mac related ecosystem, while also providing current status and ways that you can alleviate possible threats before they affect your computer.
As always, it’s a good idea to not buy electronics from untrusted sources, as you can open yourself up to various threats, as we’ve blogged about previously.
If you have any questions or would like to discuss further, please let us know!
Facebook stored passwords for hundreds of millions of users, exposing them for years to any person who had internal access to these password files. Passwords are usually encrypted, but errors led to some 200 million to 600 millions passwords being exposed. Passwords that were affected were for Facebook, Facebook Lite and Instagram. More information can be found here.
This is a good reminder of the importance of:
Changing passwords often, while making them not easily guessable
Using 2fa (Two Factor Authorization) applications on your mobile phone, such as Authy
Configuring Facebook to send you alerts in the event an unauthorized computer or mobile device logs into your account
Using Facebook to audit your account to see what devices are currently logged into your account, to determine if there are any that may look suspicious
If you’d like assistance with setting up any of these items, or have questions, let us know!