I am refering to the recently wide-spread “Flashback Trojan” that has infected an estimated 600,000 Apple brand PC’s and laptops in recent weeks.  Yes, Apple has been forthcoming in its information releases and has issued 3 Java updates in the past 9 days in order to combat and remove this threat.  Flashback as of today has been reduced to an estimated 140,000 active infections through these measures, but some variants of the Trojan are not so easily removed.

Flashback works through Java scripting; some variants have the ability to create a counterfeit signed Apple certificate, prompting the user to install it.  But once installed, Flashback works to capture personal data including passwords to banking and e-commerce sites, and transmit its findings to the cloud.

Like most security issues, the most basic flaw is a false sense of security.

Bad things, man.

Apple has released several fixes to help users remove and block Flashback.  Some include Java Plugin updates that turn off Java as a Plugin in the Apple browser Safari, restricting the ability to run any Java scripts automatically.  A setting that can be manually changed by the user later.  Other Java patches are designed to identify and remove the malicious code Flashback is created by, and close the security holes that allow the code to be executed.

But if there is one thing we have learned from the Microsoft experience with viruses it is, those that write the malicious code are a persistent bunch.  Why?  Because writing a small amount of code is not too time consuming and if it gets them the right information, it can be incredibly, although very illegally, profitable.  The bad-guys are also usually a few steps ahead of the good-guys as well.  As Apple releases these fixes, you can bet new malicious code is being created and tested to subvert these fixes and possibly even disable or modify them.  So is this the end of the road for Flashback and other Mac designated viruses?  Personally I believe it is only the beginning.

What made Flashback a quick success?  One contributing factor is undoubtedly so much of the Apple user population maintaining a, “It can’t happen to me,” attitude about viruses and security.  After all, we’ve been hearing it for years: viruses are a Microsoft thing, and Macs CAN’T get viruses.  Not that there just aren’t viruses written for Macs.  Those that stand far to the Apple side of the Mac vs. PC debate have literally been lulled into the misconception that Mac O/S has some magical, you can’t execute malicious code on me, properties that no other software designers have found the fairy dust to.

Now we see just what a falacy that is, and I’m sure 600,000 Apple users can relate their frustrations.

As I pointed out before in my article (link)about virus proliferation through out the technology community almost a year ago, a lot of the lack of viruses in the Apple side of the community is just a numbers game.  But now as those numbers are increasing toward more and more home and business users using Apple products for business utilities beyond video and graphics, there will no doubt be an increasing interest by would-be cyber criminals to target unsuspecting and unprepared Mac users.  It is estimated that in the United States as of 2011, Apple now owns approximately 11% of the desktop and laptop market-share, and globally they have eclipsed 5% world wide for the first time.  But that still means that almost 95% of the world runs Windows as their primary desktop platform.

Are the cyber theives going to go after 5% or 95%?  You know the answer.  But as that Apple number grows it will become more and more attractive of a target, even being the minority.  Especially considering most Apple users will still operate under the false assumption that they don’t need real security as long as they’re sitting behind the glowing white logo on the lid.

A better policy would be to be proactive, install a reliable security software on your Apple Mac device and make sure your own network is secured from external attacks.  Be prepared before the bad-guys get one step ahead of the Apple developers again.

I can assure you, they will.

Fool Me Once… is a post from: @ Blog

How do you make sure you're protected online?

Last week, Epsilon, a Dallas, Texas based company that handles mass-email marketing and communications for some of the world’s largest banks and corporations, sent out a notification and press release explaining that they had experienced a security breech into their customer database which exposed millions of personal records to a unauthorized entity.  Many of you may have already received notifications from the companies you work with on a daily basis explaining this issue. 

Although these companies send out very nice and calming notifications with verbiage such as:

“We have been informed by Epsilon Interactive, a vendor based in Dallas, Texas, that files containing your email address were accessed by unauthorized entry into their computer system. Epsilon helps us send you emails about products and services that may be of interest to you.

We want to assure you that (financial institution) has never provided Epsilon with financial information about you. For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails.” 

This was not a very finite event.  Although Epsilon is downplaying it stating it was only email addresses and names, and they only exposed 2% of all of their records, realize that Epsilon handles marketing information on a massive scale for companies such as: 

1800-Flowers
Best Buy
Capitol One
Chase
CitiBank
Hilton Honors
JP Morgan
Marriott Rewards
US Bank
Walgreens

And that is just a small sample of the dozens of their clients that were affected.

Or should I say, of their clients’ clients that are affected?  Ultimately this lands on each and every one of us that has done business with these companies and provided our names and email addresses in the course of doing business with them. 

What does this mean for you?

Obviously, first and foremost this means your security online has been compromised.  Perhaps not in a way that directly can lead to identity theft, but as an end result, it is a possibility.  Expect increased spam, phishing emails and virus attacks as a result of this.

At best you’ll get a letter acknowledging there was a problem – neither Epsilon nor their clients are offering any solutions or remediation and seem to be doing nothing more than analyzing the scope of the damage.  In essence, they are making this your problem to deal with as they work at fixing the security issue that caused the exposure.

Your security, as always, is your responsibility!

What should you do?

Epsilon and their clients can assure you all they want that nothing really important was stolen – just your name and email address – but for those that stole the information, you can bet their intentions are to get as much personal information as they can.

Act with extra caution when clicking links in emails or opening any emails from unrecognized sources.  If you receive and email from someone you know that looks suspicious but you’re not sure, pick up the phone and call them to verify what it is, or simply send an email to their address in return (not a reply!) asking them what it is and if they did indeed send it.

Be sure you are using a good quality desktop security software that offers aggressive spam and phishing filtering, web threat prevention and proactive internet security features – and make sure you keep it updated and the subscription active!  Our recommendation is Trend Micro Internet Security.  It is a lightweight but robust security platform that you can trust.

Change your passwords.  According to Epsilon passwords weren’t stolen, but do you really want to take the chance that they’re 100% accurate regarding that?  Besides, most of us use the same passwords for email, bank accounts, on-line shopping, etc. and our email address is almost always our login ID.  If the bad guys can get one of your passwords either through a phishing scam or Trojan download, it could expose much more than just your email address to them.

And as always, if you have questions call us.  We are indeed concerned about your security and are more than willing to answer your questions or inspect any suspicious emails you receive.  If you already suspect you may have a Trojan, spyware or other malware on your system, bring it in to us for our flat-rate PC Tune-Up service.  We’ll diagnose any issues your system may have and make security recommendations to keep you safe.

If you’re concerned about your network security or have multiple systems, schedule an on-site appointment with one of our technicians and we’ll come to you!

Remember, security is your responsibility – trust the professionals to make sure YOU are as secure as you need to be!

Security Alert is a post from: @ Blog

But with it come the inevitable problems and dangers of any new platform.  Problems that iPad users should keep in a mind and also consider while looking at the iPad as a solution.

Is iPad leaving users with a false sense of security?

For years part of Apple’s marketing campaign included the underlying message, “No Windows, no viruses.”  While this may be true to an extent, it doesn’t mean that there are no security flaws in their products.  And while the ultra-mobile iPad may not be vulnerable to such issues right now, that doesn’t mean that it never will be.

Part of Microsoft’s problem with security through the years is simply the breadth of their products usage in the business and government sector.  While approximately 98% of all desktops in these markets run a Windows O/S, the odds are good for the bad guys that they will find an open port or a vulnerable system somewhere.  As the iPad becomes more popular it too will become more frequently targeted, and more frequently hit by the bad guys.  Think of it as a numbers game; the more of them there are out there, the more attractive of a target it becomes.

Since it runs a very similar operating environment as the iPhone and the iPod Touch, distribution of malware that can exploit browser based vulnerabilities in these devices are equally effective, and all of these devices are currently vulnerable to numerous web kit attacks.

Along with that is Apple’s attempt to keep applications on these devices proprietary – meaning you have to go to Apple to get their officially licensed software for them.  Jailbreak attacks have grown in popularity as users and hackers alike attempt to open their iDevices to applications and software other than those sold by Apple.  As always with these applications it is, “buyer beware,” and you can bet not all of them are designed to be the user’s friend.

You might be asking, “So, some security software should cover these problems, right?”  Well, that would be the case, except there are no anti-virus or firewall options for the iPad.  With the ability to access public WiF and hotspots, the iPad is touted as a convenient mobile internet device.

But, would you consider doing internet banking on public network on a Windows laptop without having a firewall or encrypted connection?  I hope not – unfortunately without any built-in firewalls, that is exactly what you would be doing using an iPad for these purposes.  Lacking this feature will inevitably make for easy access for mobile hackers looking to steal personal information.

Compounding that is iPad’s lack of any comprehensive encryption and password protection.  A serious concern for a device designed to be used for mobile e-mail and internet capabilities.

Apple has marketed iPad as a robust media device, which also offers hackers a varied platform for attacks.  Just prior to the release of the iPad, Apple distributed patches to address 88 different vulnerabilities for Mac OS X, Quicktime and iTunes.  However, there are still security issues and known vulnerabilities in Quicktime, which is embedded as OS X’s default media player, as well as known exploits found in iTunes, CoreAudio and ImageIO. 

The media capabilities and security issues present can also allow malicious code to be embedded into media sent through e-mail via video CODECS or into phishing e-mails with fraudulent web links.

So with advancement and possibilities, the warnings should also be noted.  Identity theft continues to rise – and the best defense against it is being aware of where the threats can come from.  The iPad is a great device in concept, but my road-tested ThinkPad is still a durable platform and I’ll be waiting for the release of iPad 2.0 before jumping on this bandwagon!

iPad: Anything But Leak Free is a post from: @ Blog