A few items for your Friday
Here are a few items for your consideration:
First up, yesterday I alerted iPhone users to the fact that Apple is urging all owners to ‘upgrade’ to the latest version of iOS. Here’s more on why that’s a really good idea:
[ NOTE: “zero-day” is Geekspeak for “an attack for which we currently have no defense”.]
* Three zero-days found in iOS, Apple suggests users update their iPhone
“Pegasus is highly advanced in its use of zero-days, obfuscation, encryption and kernel-level exploitation and the malware has been active for some time..” Read more..
And a couple more..
“Whether you’ve got a brand-new Galaxy Note 7 or an older Android phone or tablet you just want to spruce up, these are the apps that matter.” Read more..
* The Best Laptops for College
“Need a light, affordable laptop you can carry all over campus? These 10 affordable picks make the grade.” Read more..
And last but certainly NOT least…
* WhatsApp to Share Your Data with Facebook — You have 30 Days to Stop It
“Nothing comes for Free, as “Free” is just a relative term used by companies to develop a strong user base and then use it for their own benefits. The same has been done by the secure messaging app WhatsApp, which has now made it crystal clear that the popular messaging service will begin sharing … ” Read more..
[ NOTE: that “sharing” includes your phone number.. but sheeze, you don’t think FB doesn’t already know your phone number?? ]
* * *
Today’s quote: “Your time is limited, so don’t waste it living someone else’s life. Don’t be trapped by dogma – which is living with the results of other people’s thinking. Don’t let the noise of others’ opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition.” ~ Steve Jobs
Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
More happy news for your Friday
(I hope you didn’t eat at a Wendy’s recently..)
Absolutely none of this should surprise you.
First up:
* Hackers Can Steal Your ATM PIN from Your Smartwatch Or Fitness Tracker
“As your day-to-day apparel and accessories are turning into networked mobile electronic devices that attach to your body like smartwatch or fitness band, the threat to our personal data these devices collect has risen exponentially.” Read more..
(There are Privacy concerns with those dang things too, BTW.)
And..
* Flaw Allows Attackers to Remotely Tamper with BMW’s In-Car Infotainment System
“The Internet of things or connected devices are the next big concerns, as more Internet connectivity means more access points which mean more opportunities for hackers. When it comes to the threat to Internet of Things, Car Hacking is a hot topic. Since many automobiles companies are offering..” Read more..
* This Android Hacking Group is making $500,000 per day
“The bad news for affected Android users is that Hummer is extremely difficult if not impossible to get rid of, because the Trojan takes control of the phone at admin level, making it impossible for traditional antivirus tools to uninstall Hummer.
The dangerous part: It is impossible to delete the Trojan through a factory reset due to the fact Hummer comes equipped with up to 18 different separate rooting exploits that allow it to root itself on a phone..” Read more..
( Infecting a million phones each day…!!! )
And last but not least..
* Over 1000 Wendy’s Restaurants Hit by Credit Card Hackers
“The Popular fast-food restaurant chain Wendy’s on Thursday admitted that a massive cyber attack had hit more than 1,000 of its restaurants across the country. The burger chain did not speculate how many people may have been affected, though it did confirm that the hackers were able to steal its …” Read more..
So.. let’s see if I can come up with a good quote after all that news..
Today’s quote: “Life is a mirror and will reflect back to the thinker what he thinks into it.” ~ Ernest Holmes
(And I’m thinkin’ it’s time to Just Say No to our current tech… All of us.)
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Attn Norton Users!
Folks, this just in:
* Vulnerabilities in Symantec products create worst-case scenario; users urged to update
“Using ominous turns of phrase like “As bad as it gets” and “100 percent reliable exploit,” Google Project Zero researcher Tavis Ormandy yesterday issued an at-times scathing analysis of eight vulnerabilities he discovered across the entire Symantec-Norton security product line.” Read more..
Act now, guys.
Windows 10, and your privacy
Folks, I think everyone should read this…
* Microsoft’s Remarkable Pivot: Windows 10 Abandons Privacy
“You can read all you want about Windows 10 powerful new privacy features, but that doesn’t mean you have them.” Read more..
More like it..
* Baby Monitors Expose Home — And Business — Networks
“Researchers find major security flaws in popular networked video baby monitor products that could allow attackers to snoop on babies and businesses.” Read more..
Today’s quote: “Once you replace negative thoughts with positive ones, you’ll start having positive results.” ~ Willie Nelson
Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Warning: It’s an F for Flash security
Folks, if you haven’t done so already, you need to act now to protect yourself.
| * Block or update Adobe Flash | ||
 |
“Apple notoriously hates it. Firefox is currently blocking it, and Facebook is calling for its demise. Three zero-day vulnerabilities have been exposed in Adobe Flash in the past week, and the company has been speedily patching its vulnerable app. You should either update it right away or shut it down. Find out how to block Flash in Chrome, Firefox, Safari, and IE, and how to keep watching your YouTube videos without it.” Read more.. | |
My two cents: Adobe Reader and Adobe Flash have – for as long as I can remember – consistently topped the Most Vulnerable and Most Exploited lists. They’re *crud*. And Adobe should be taken to task. Remove them if you can.
* * *
Today’s quote: “I have a low tolerance for people who complain about things but never do anything to change them. This led me to conclude that the single largest pool of untapped natural resources in this world is human good intentions that are never translated into actions.” ~ Cindy Gallop
Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Another “Uh oh” (Scary)
Well, I can’t say I didn’t see this coming, but… uh oh.
* U.S. government warns of hack threat to network gear
(Reuters) – “The Department of Homeland Security urged computer users on Tuesday to disable a common networking technology feature, after researchers warned that hackers could exploit flaws to gain access to tens of millions ¹ of vulnerable devices.
The U.S. government’s Computer Emergency Readiness Team, on its website, advised consumers and businesses to disable a feature known as Universal Plug and Play or UPnP, and some other related features that make devices from computers to printers accessible over the open Internet.” Read more..
It’s kind of what happens when you think about security after you design and build something.. Like we’ve done with this “tech”.
Rapid 7’s free “are you vulnerable?” scanner: ScanNow for Universal Plug and Play (UPnP)
¹ emphasis: mine
Unrelated reading reco: 100 Wars
Today’s quote: “Often people attempt to live their lives backwards; they try to have more things, or more money, in order to do more of what they want, so they will be happier. The way it actually works is the reverse. You must first be who you really are, then do what you need to do, in order to have what you want.” ~ Margaret Young
Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Next Great App for Android, iPhone –> Rootkit
Rootkit, SMS text messages used to build a botnet of smartphones
The “hot” tech items to own these days are the (not inexpensive) iPhone and Android “smart phone” devices. (If you doubt that, ask yourself why does the news infotainment departments send reporters and camera crews to film lines of people standing outside the Apple Store when a new model comes out?)
These phones are really not phones anymore, but mini-computers – which happen to make cellular phones calls. They are Internet-connected, so they can send/receive e-mail, text and ‘chat’, and download files.. such as movies. They contain address books of your friends and family… In short, they have everything a cyber-criminal wants to target.
In the interest of making the world a better place, “a researcher at ShmooCon DC this weekend will demonstrate a smartphone botnet spewing spam, and unleash proof-of-concept code that builds a botnet out of Android and iPhone smartphones.”
Yes, that’s right. A “researcher” will show us all how it’s done, and provide the code.
Georgia Weidman, an independent researcher, says her botnet attack evolved out of work she did on making an Android application send SMS text messages transparently such that the user didn’t even know it was happening from his or her smartphone. “As I did more research, I [realized] if I did this in the base operating system instead of in ‘userspace’ where most apps are, it would be a better way to do it,” she says. “If I can remotely control someone’s phone, it can be part of a botnet.”
While there has been plenty of smartphone research that pits one smartphone against another in an attack, she says, a more likely attack scenario would be a user unknowingly downloading an app that contains malicious code. “I think the majority of malware installations will come from a user downloading infected apps,” which can easily be rigged with rootkits given the lack of sufficient vetting of most smartphone apps, she says.
Well.. now that all someone has to do is copy>paste the code, yeah, she’s right. Invisible viruses that turn your smart phone into relay stations for spammers — sending us come on’s for V1@gra and C1al1s, and virus-laden links and attachments are only, I estimate, weeks away.
… and before you get too angry at this particular person, there is a whole industry of people doing this “research”, and several conventions have been going on for years. I believe that (some of) these people actually believe they are doing a good thing.
And maybe they would be.. if they only released the code to the affected device (or software) manufacturers and developers. But you don’t get rich or famous for that. (Maybe you heard about the “teen hacker” who got hired after writing viruses that attacked Twitter? There’s a lot of that kind of idiocy in tech..)
Here is the entire Dark Reading article, Researcher To Release Smartphone Botnet Proof-Of-Concept Code. I suggest you read it. Particularly if you own a smart phone.
In case you don’t know what a “botnet” is, http://en.wikipedia.org/wiki/Botnet…
Or why a “rootkit” is the worst kind of virus, http://en.wikipedia.org/wiki/Rootkit
Does your smart phone have an antivirus? A firewall? Maybe you want those things?
Maybe it’s important to know that the apps at the app store are not checked (aka “vetted”) for malware? Doesn’t that *smell*?
IMHO, there is something wrong with this whole deal. Top to bottom.
Related:
* iPhone Users Are About to Be Screwed Over. The addition of the NFC chip to the iPhone isn’t for easy credit card purchases, but so the phone companies can control your financial transactions. Be warned. ~ By John C. Dvorak
“There has been a lot of talk about the addition of an NFC (near field communication) chip to the next-gen iPhone. This will allow the phone to be used as a swipe-it-yourself credit card. I consider this technology to be the most onerous ever.”
* CNet’s roundup of security apps for Android.
Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 