Tag: General Interest

Fake Symantec Blog Post Is Spreading Mac Malware

Sometimes hackers opt for a stealthy approach. Other times, their attempts are downright brazen.  That’s definitely the case with a newly launched malware campaign that seeks to spread “Proton Mac,” a strain of malware designed to steal passwords from Mac users.

The hackers registered a domain very similar to Symantec’s blog, mirrored its content and then created a fake post about a new version of CoinThief, which was moderately successful back in 2014.

After going into a bit of faux analysis about this nonexistent threat, the post recommended downloading a nonexistent piece of software called “Symantec Malware Detector” which it claimed was the best means of protecting against the new version of CoinThief. Unfortunately, “Symantec Malware Detector” is actually Proton Mac in disguise.

It’s a good scam, and it’s proven to be highly effective thus far. Its effectiveness is due in no small part to the fact that references to the post have been tweeted, initially by fake Twitter accounts, and later, by a growing number of legitimate ones.

Although the fake blog is quite good, it doesn’t stand up to intense scrutiny. For one thing, the email address used to register the domain isn’t a Symantec address. For another, their SSL certificate comes from Comodo, rather than Symantec’s own certificate authority. Unfortunately, the overwhelming majority of users don’t look that closely at websites they visit, so they are unlikely to recognize the fake for what it is.

If you have downloaded “Symantec Malware Detector,’ then you’ve got Proton Mac running on your machine right now.

It’s designed to log your username and password in plain text, sending this and any other PII (Personally Identifiable Information) on your machine to a hidden file. It will also capture browser auto-fill data, keychain files and the like, and send all of this to the hackers controlling the software.

If you have been infected, you should treat all online passwords as having been compromised and change them immediately, once you have verified that the malware has been completely removed from your system. Enabling two-factor authentication will also help make you more secure.

Look And Feel May Change In Future Windows 10 Update

Microsoft is experimenting with a new feature that may change the look and feel of Windows 10 in some future update.

The new approach is referred to as “Sets,” which borrows from the playbook of modern web browsers and groups related applications into tabbed sets, with the groupings defined by project type. The applications you need to make use of on any given project will be grouped together, even if the last time you used a given app was several weeks prior.

Essentially, this approach is a combination of the Windows Explorer “Task View,” “Pick up where you left off” and “timeline.” They are wrapped into a single-window experience complete with an “application history” feature, which works a lot like a web browser’s history, so you won’t have to remember which application you were using a few weeks earlier to work on your current project.

It’s a good idea in theory, and it should streamline the user experience. If, for example, you need to use your email, Microsoft Word, Photoshop and Excel to complete a given project, all of these will be organized as tabs across a single window.

While there’s been no word from Microsoft on exactly when we can expect to see the new feature, if the past is any guide, it will first be available to Windows Insiders for an initial evaluation. In the meantime, Microsoft will be seeking support for the new concept from a wide range of third party developers.

Another clear sign that the company is committed to the new idea is that Stardock, a company which has provided some intriguing UI tweaks to Windows for several years now, has released a new product called “Groupy,” which reproduces some of the basic features planned for Sets.

So far, Microsoft hasn’t released a firm time table, so there’s no clear indication when we might be seeing the change. We’ll have more information on this topic as it becomes available.

Bill Gates’ One Windows Regret: CTRL, ALT, DELETE

Control-Alt-Delete.

It’s a series of keystrokes that pretty much everyone who has ever used a Windows PC knows well. It is, after all, your escape hatch. When the program starts misbehaving, it’s a user’s go-to keystroke command to force-quit the issue, and surprisingly, Bill Gates said in a recent interview that it’s one of his few regrets.

While that might surprise some, it’s important to note that he wasn’t saying he wished the keystroke command had never been offered – it would be difficult to imagine Windows without it, or something like it!—but merely that he wished it had been included as a single-key function, rather than a three-key function that made it difficult to issue.

Part of the blame for its current form, though, lies with IBM, which initially implemented the function as an interrupt command. Their goal, back in the 80’s, was to make it an inconvenient function that required two hands to issue, so that users wouldn’t execute it accidentally, and it stuck. We’ve had Control-Alt-Delete ever since.

When Gates sat down with Bloomberg recently, he was asked a lot of questions about the arc of his life and the role he played in making Windows the dominant OS in the computing world. Part of the reason Gates said he doesn’t have many regrets is that to change even one minor detail about the way things developed would have an enormous butterfly effect that would ripple throughout the entire industry with unpredictable consequences.

Still, the relative inconvenience of the three-key interrupt command sticks out in his mind as something that he’d change if he could get a do-over today. By introducing it in Windows 3.x, it became an enduring fixture in the computing world, one that remains with us to this very day.

It’s an interesting interview, and well worth the time to read. Check it out on the Bloomberg site.

2012 Disqus Hack Exposed More Than 17 Million Users

The hits just keep coming, with Disqus being the latest company to issue a breach disclosure. If you’ve never heard of it, Disqus is an incredibly popular, plugin-based comment service for blogs.

Although the breach was only just discovered, it occurred five years ago in July 2012, and impacted more than 17.5 million users.

Evidence of the breach was initially discovered by an independent security researcher named Troy Hunt. It was then reported to the company and disclosed 24 hours later by Jason Yan, the CTO of the company, who had this to say:

“No plain text passwords were exposed, but it is possible for this data to be decrypted (even if unlikely). As a security precaution, we have reset the passwords for all affected users. We recommend that all users change passwords on other services if they are shared.”

Mr. Yan’s advice is excellent, but unfortunately, it highlights a persistent, ongoing problem. Far too many people are still in the habit of using the same password across multiple websites, which means that when one site is breached, it potentially gives the hackers access to all your other accounts that have passwords in common.

It should be noted that since the breach, Disqus has made several upgrades to their security, including implementing even more robust encryption than they’d formerly been using. Again, per Mr. Yan:

“Since 2012, as part of normal security enhancements, we have made significant upgrades to our database and encryption to prevent breaches and increase password security. Specifically, at the end of 2012, we changed our password hashing algorithm from SHA1 to bcrypt.”

The problem is solved for now, but the damage has been done. The best thing you can do at this point is change your password immediately, stop using the same password across multiple websites and be on the alert for phishing emails designed to get you to give up even more information.

Fake Symantec Blog Post Is Spreading Mac Malware

Sometimes hackers opt for a stealthy approach. Other times, their attempts are downright brazen.  That’s definitely the case with a newly launched malware campaign that seeks to spread “Proton Mac,” a strain of malware designed to steal passwords from Mac users.

The hackers registered a domain very similar to Symantec’s blog, mirrored its content and then created a fake post about a new version of CoinThief, which was moderately successful back in 2014.

After going into a bit of faux analysis about this nonexistent threat, the post recommended downloading a nonexistent piece of software called “Symantec Malware Detector” which it claimed was the best means of protecting against the new version of CoinThief. Unfortunately, “Symantec Malware Detector” is actually Proton Mac in disguise.

It’s a good scam, and it’s proven to be highly effective thus far. Its effectiveness is due in no small part to the fact that references to the post have been tweeted, initially by fake Twitter accounts, and later, by a growing number of legitimate ones.

Although the fake blog is quite good, it doesn’t stand up to intense scrutiny. For one thing, the email address used to register the domain isn’t a Symantec address. For another, their SSL certificate comes from Comodo, rather than Symantec’s own certificate authority. Unfortunately, the overwhelming majority of users don’t look that closely at websites they visit, so they are unlikely to recognize the fake for what it is.

If you have downloaded “Symantec Malware Detector,’ then you’ve got Proton Mac running on your machine right now.

It’s designed to log your username and password in plain text, sending this and any other PII (Personally Identifiable Information) on your machine to a hidden file. It will also capture browser auto-fill data, keychain files and the like, and send all of this to the hackers controlling the software.

If you have been infected, you should treat all online passwords as having been compromised and change them immediately, once you have verified that the malware has been completely removed from your system. Enabling two-factor authentication will also help make you more secure.

Look And Feel May Change In Future Windows 10 Update

Microsoft is experimenting with a new feature that may change the look and feel of Windows 10 in some future update.

The new approach is referred to as “Sets,” which borrows from the playbook of modern web browsers and groups related applications into tabbed sets, with the groupings defined by project type. The applications you need to make use of on any given project will be grouped together, even if the last time you used a given app was several weeks prior.

Essentially, this approach is a combination of the Windows Explorer “Task View,” “Pick up where you left off” and “timeline.” They are wrapped into a single-window experience complete with an “application history” feature, which works a lot like a web browser’s history, so you won’t have to remember which application you were using a few weeks earlier to work on your current project.

It’s a good idea in theory, and it should streamline the user experience. If, for example, you need to use your email, Microsoft Word, Photoshop and Excel to complete a given project, all of these will be organized as tabs across a single window.

While there’s been no word from Microsoft on exactly when we can expect to see the new feature, if the past is any guide, it will first be available to Windows Insiders for an initial evaluation. In the meantime, Microsoft will be seeking support for the new concept from a wide range of third party developers.

Another clear sign that the company is committed to the new idea is that Stardock, a company which has provided some intriguing UI tweaks to Windows for several years now, has released a new product called “Groupy,” which reproduces some of the basic features planned for Sets.

So far, Microsoft hasn’t released a firm time table, so there’s no clear indication when we might be seeing the change. We’ll have more information on this topic as it becomes available.

Many Consumers Would Withdraw Business From Companies If Data Breached

You’ve probably heard the phrase “the customer is always right” a thousand times. It’s a truism in the business world, except when it isn’t. A recent survey released by Gemalto reveals a dismaying dichotomy that’s costing businesses around the world big money.

Only 27 percent of consumers surveyed feel that businesses do enough to protect customer data, and an overwhelming 70 percent of them say that they’d take their business elsewhere if a company suffered a data breach.

Unfortunately, most consumers have exceedingly poor data security habits, with 56 percent admitting to using the same password across multiple web properties and 41 percent failing to take advantage of stronger security measures like two-factor authentication, even when offered by companies.

That puts businesses, rather unfairly, in the crosshairs. They cannot make their customers take advantage of the added security offered, and given the statistics above, they are forced to have to spend even more money since most consumers won’t take significant action to protect themselves or their own data.

Jason Hart, Gemalto’s CTO, had this to say on the matter:

“In the face of upcoming data regulations such as GDPR, it’s now up to businesses to ensure they are forcing security protocols on their customers to keep data secure. It’s no longer enough to offer these solutions as an option. These protocols must be mandatory from the start – otherwise, businesses will face not only financial consequences, but also potentially legal action from consumers.”

Digging more deeply into the details of the survey, we find that consumers trust social media sites the least when it comes to safeguarding their data, with 58 percent of respondents citing these companies as their biggest worry in terms of data security.

Curiously, 33 percent of those surveyed say they trust banks with their personal data, in spite of the fact that banks and other financial institutions are frequent targets and have suffered a number of high profile breaches in recent years.

Regardless, no matter what industry you’re in, if you get breached, your customers are likely to punish you for it, even if you offer them means to make their data more secure.

After Yet Another Equifax Hack, IRS Suspends Contract Worth $7.5M

Equifax just can’t seem to get out of its own way.

Not long ago, the company suffered a massive data breach which saw the sensitive information of more than 145 million consumers exposed.

As a result, congressional hearings were convened, and the CEO resigned in disgrace. Amazingly, though, despite these events, the IRS opted to award the company a contract worth $7.5 million for its help and expertise in verifying taxpayer identification to prevent identity theft.

The irony did not escape the notice of security professionals around the world, who wrote literally hundreds of Op-ed and protest pieces.

Then, Equifax got hacked again. The company’s website was found to have been hacked, redirecting users to a malicious site that sent them to download adware.

Almost as soon as the issue was discovered, Equifax took the page down, insisting that this latest hack was due to a third-party contractor and did not constitute another breach of their network. However, that explanation was insufficient to the IRS, which suspended the recently awarded contract in response.

The decision has real and immediate impact on the nation’s tax payers because it will prevent them from creating new accounts through the IRS’s “Secure Access” program, which provides taxpayer access to transcripts and other records. If you already have an account set up, you will not be impacted.

The decision to pull the contract was seen as a positive development by the congressional committee convened to hold hearings on the matter, which concluded that, given the company’s recent track record, there was no real way to argue that this somehow increased user security.

On the other hand, as was pointed out by IRS Commissioner John Koskinen, the move would prevent literally thousands of recent hurricane victims from accessing their tax information.

Both points are true, but it’s hard to see how it could be argued that pulling the contract was the wrong move, even if it temporarily inconveniences a small percentage of taxpayers.

Paypal-Owned Company Sees Breach Of 1.6 Million Customers

TIO Networks, a cloud-based, multi-channel bill payment platform purchased by Paypal for $233 million in 2017, was breached earlier this year, exposing PII (Personally Identifiable Information) for an estimated 1.6 million of the service’s users.

TIO Networks primarily does payment processing and accounts receivables for cable, utility, wireless and telecom companies in North America. If you do business with TIO, it’s possible that your company or personal information may have been compromised.

So far, neither Paypal nor TIO Networks has released any significant details about the breach, so we do not yet have any indication of how it happened, who was responsible or exactly which of their customers had their information exposed. Paypal did release a brief statement concerning the incident, which said, in part:

“The PayPal platform is not impacted in any way, as the TIO systems are completely separate from the PayPal network, and PayPal’s customers’ data remains secure.”

The statement went on to say that as soon as PayPal identified the breach, they took action by “initiating an internal investigation of TIO and bringing in additional third-party cybersecurity expertise to review TIO’s bill payment platform.”

For their part, TIO Networks has suspended all operations until the investigation into the matter has been completed, and has begun notifying impacted customers. In addition to that, as is common with situations like these, they’re also working with Experian to provide a year’s worth of free credit monitoring for people who were affected.

A part of TIO’s statement about the incident reads as follows: “At this point, TIO cannot provide a timeline for restoring bill pay services, and continues to recommend that you contact your biller to identify alternative ways to pay your bills….We sincerely apologize for any inconvenience caused to you by the disruption of TIO’s service.”

Apple Is On Track To Become A Trillion Dollar Company

Recently, Apple’s stock closed at $175.88, giving it a market valuation slightly above $900 billion. A Drexel Hamilton analyst named Brian White predicts that over the course of the next twelve months, the company’s stock could be trading as high as $235 per share, and at that price, Apple’s market valuation would be over one trillion dollars, making it the only trillion-dollar company on the planet.

“With a market cap of over $900 billion, we believe Apple is on its way to becoming a ‘trillion dollar baby’ as reflected in our price target. We were the first on Wall Street to project that Apple would reach a $1 trillion market cap as reflected by a price target; our current price target of $235 equates to approximately a $1.2 trillion market cap.”

Mr. White is not alone. Another analyst, Amit Daryanani, working for RBC Capital Markets, has made a similar prediction, stating:

“In our view, Apple’s quarterly results will be less important this summer as investors are focused on the iPhone 8 this fall, along with the company’s raised capital distribution initiative, depressed valuation and potential new innovations. We believe Apple remains among the most underappreciated stocks in the world.”

If you don’t yet own stock in the company, now would probably be a great time to buy. As Apple edges closer to the one trillion-dollar threshold, it’s sure to generate an increasing number of headlines, which will increase interest in the company and push the stock price higher still, hastening the day when it hits the mark.

If you already own a stake in the company, hold onto it, and if you concur with Daryanani’s assessment, add to it as you’re able. You could soon be the proud owner of a tiny slice of investment history.