Archive for February 17, 2017

#PSA: Update Adobe Flash NOW To Mitigate Security Flaws

Posted in Commentary with tags on February 17, 2017 by itnerd

If you are still running Adobe Flash for whatever reason, you need to upgrade it now. As in right now. The version that you need to be running 24.0.0.221 as it “address critical vulnerabilities that could potentially allow an attacker to take control of the affected system”. These holes are on Mac, Windows and Linux.

So, if I were you I would run to the Adobe Flash Player Download Center and update away. Or better yet, dump Flash and make your system a whole lot more secure.

Advertisements

#PSA: Get 5GB Data & Unlimited Canadian Talk/Text For $50/Month At Fido

Posted in Commentary with tags on February 17, 2017 by itnerd

Cell phone bills are far too expensive in Canada. Thus in the interest in helping to get the most for your hard earned money, I am going to point Fido users towards this Red Flag Deals post where you can score the following for $50 a month:

  • 5GB of data
  • Mini Voicemail
  • Call Display
  • Unlimited text, picture and video messages from Canada to Canadian, US and International wireless numbers
  • Canada-wide long distance calls
  • Circle Calling
  • Call Waiting

A couple of notes. One, you have to bring your own device or you have to be out of contract. The second thing to note is that you will likely have to mention that you have seen something similar from Freedom Mobile. I am guessing that they are causing Fido some grief. I just assisted someone in making this switch via their chat service and the process was largely quick and painless. If you want to take advantage of this, you should hurry as the deal expires on February 22nd.

Macs Targeted By Malware Made By 2016 US Election Hackers

Posted in Commentary with tags on February 17, 2017 by itnerd

Mac users need to read this and take precautions.  Bitdefender has shared on a new form of malware that targets macOS devices. Apparently it can monitor everything that happens on the infected machine. It can log keys strokes, harvest passwords, see running lists of active processes, index files, take screenshots, and even copy iPhone backups. The malware isn’t entirely new however. It is apparently based on the X Agent malware that targets iPhones and Android phones. For that reason, Bitdefender believes it was created by APT28, also known as Fancy Bear, the same Russian government-affiliated group behind the 2016 election hacking and leaks. That shouldn’t make you sleep well tonight if you are a Mac user.

So… how do you protect yourself. Here’s my suggestions:

  1. macOS machines should be prevented from downloading and executing programs that don’t come from the App Store or another approved source.
  2. The malware is usually distributed through “Spear Phishing” attacks. That is a social engineering attack targeted at a specific individual. This article from CSO can help you mitigate these kinds of attacks.
  3. Make sure you run some sort of anti-virus on your Mac. These days, it’s not optional. It’s a requirement.

Yahoo Pwned By Hackers AGAIN

Posted in Commentary with tags on February 17, 2017 by itnerd

It is clear that Yahoo can’t keep its infrastructure secure as the company has had to admit that they’ve been hacked once again. The Hacker News has details on the hack which apparently doesn’t require require your password for hackers to pwn you. What’s even worse, the report says that “state sponsored attackers” are behind this. Affected users are being notified by Yahoo and there is no clear indication of how many users have been pwned.

Thus it’s no shock that Verizon who still wants to buy Yahoo despite all of this, wants a $250 million haircut to close the deal.  Personally if I were Verizon, I’d scrap the deal entirely. There’s nothing of value here given that Yahoo is a complete disaster from everything that I see here.

In the meantime, I will be visiting a client who apparently can’t get into her Yahoo e-mail in the last few days. I am hoping that this is not related to this hack. But anything is possible. Update to come.

UPDATE: The customer was one of the people affected by this. She had Yahoo force a password change which locked her account until she made the change. I helped her do that on her computer and iPad and now she’s back in business.

Samsung Chief Busted For Bribes

Posted in Commentary with tags on February 17, 2017 by itnerd

I mentioned that this was likely to happen a month ago and now it has. Samsung Electronics Vice Chairman Lee Jae-yong has been arrested an part of a influence-peddling scandal that reaches to the highest levels of the South Korean government. Reuters has the details:

The special prosecutor’s office accuses Lee of bribing a close friend of President Park Geun-hye to gain government favors related to leadership succession at the conglomerate. It said on Friday it will indict him on charges including bribery, embezzlement, hiding assets overseas and perjury.

The 48-year-old Lee, scion of the country’s richest family, was taken into custody at the Seoul Detention Centre early on Friday after waiting there overnight for the decision. He was being held in a single cell with a TV and desk, a jail official said.

Lee is a suspect in an influence-peddling scandal that led parliament to impeach Park in December, a decision that if upheld by the Constitutional Court would make her the country’s first democratically elected leader forced from office.

Samsung and Lee have denied wrongdoing in the case.

The cops have 10 days to actually indict him or seek an extension. Thus this is a story that is likely to evolve over the next few days. But the optics for Samsung have to suck becuase now exploding phones are not their only problem.