Computer Security is hard…unless you learn these rules.

There is a new attempt to compromise your iPhone or iPad.  It attempts to load a rogue application onto your phone using a method used by developers to test their software before it is approved by the Apple App Store Process.

There may be other methods of infection that are used to install this particular malware. One possible scenario is infecting an iPhone after connecting it to a compromised or infected Windows laptop via a USB cable.

However, in order to do this, you have to help the hackers.  The attempt will pop a number of dialog boxes asking for your confirmation to install an app.

What should I do?

Make sure you are running the most recent version of the operating system for your device.  If you have an older device that cannot run iOS8, be sure not to just click allow.

For more information see the Trend Micro Blog

Trend Micro has identified a new Flash ZeroDay exploit.

ZeroDay? Whatchootalkinaboutwillis?

A ZeroDay Exploit is when a new bug is found in an application like Adobe Flash that is discovered, but no protective or ameliorative patch is available yet.  This means “YOU ARE AT HIGH RISK OF BEING COMPROMISED”.  This one is a real problem, because the attack vector relies on infected ads on otherwise trusted sites.

What can you do?

Install the latest patch whenever Adobe releases it.  Limit your web browsing, and don’t think you are impervious to exploit.

You can read more about the exploit here on Trend-Micro’s blog

Infoworld has an excellent article on computer security.

To summarize it for you:

1- Patch the popular software first – and do it as soon as the patch is announced

2 – Don’t fall prey to the scams (social engineering) You are more likely to get scammed from sites you “trust” than those you don’t.  Don’t EVER give information to unsolicited callers.  Know what programs you have installed and ignore threat warnings from software you don’t recognize.

3-Don’t use the same password in multiple locations.  If one site gets hacked, that password is added to the dictionary so it can be used to try to hack other locations.

4 – 2 Factor authentication has its benefits.  Sure it is a pain in the butt, but if you are concerned about the security of your information/accounts, then the additional inconvenience is worth it.