Apple blocks Flash Player—AGAIN

Is your router using the factory default credentials (username/password)?  If it is it is important that you change them immediately.  There is a new attack that focuses on your router.  It will change the DNS on the router, and supply their own versions of pages that you think are trustworthy.

If you don’t know your router password, there is a good chance that you are vulnerable.  If the router password is Admin or password or blank – you are at risk.

If you are lost by this post, and want me to check it out for you, drop me an email at help@claytonrandall.com

Source: Krebs on Security

If you are a wordpress user, you need to be aware that there is a newly discovered vulnerability in a popular plugin.

The Slimstat web analytics plugin needs to be updated immediately.

What should I do?

If you don’t run a wordpress blog, go back to your day.  If you run a wordpress blog, immediately go log into your admin page, and run updates for all plugins.

Source: SC Magazine

The latest Android malware tricks users into thinking that their phone is off – then goes and makes calls, sends pictures, etc while it is in fake sleep.

Discovered by the researchers at AVG it fakes the user by hijacking the system shutdown command, so it can carry out its nefarious deeds without detection.

Lenovo has admitted to installing the superfish software program on all Lenovo laptops it shipped to consumers over the last several months.  The official Lenovo support page details the specific models  affected by this here.

Extreme Tech has a step by step on how to remove this from your machine if you are impacted by this.

This was a stupid move all around by Lenovo, since the encryption key that they used was out of date by 7 years:

“One final note. The public key for the Superfish certificate is encrypted in 1024-bit RSA. Security researchers began recommending a move away from 1024-bit keys back in 2007,NIST (National Institute of Standards and Technology) was recommending 2048-bit key adoption by 2010, with 1024-bit keys banned by 2013. Not only is this certificate broken, cracked, and a profound security hazaard — it’s compromised by key length on top of everything else.”

For all of my readers that think they are safe from malware because they don’t go to “questionable” websites …. you are not necessarily safe.  Malwarebytes has discovered that the website for Jamie Oliver has been compromised by hackers and infects the computers of visitors with a drive by infection.

The site has already been cleaned up, but this is a reminder that there is no such thing as a “safe” website.

Experts are predicting that 2015 will be the worst year ever for credit card fraud, as the US begins transitioning to the EMV card standard.  The US accounts for over 47% of all fraudulent card transaction losses on 23% of all fraudulent transactions.  That is primarily because we haven’t moved to the chip card standard.

So look for your bank to be issuing you a new card with a chip in it soon.

If you are thinking that Apple Pay (the secure credit card transaction method in the new iPhones) will stop this….well not so fast.  Hackers have found a way to use the iPhones as accomplices.  They buy credit card numbers on the black market, and load them into an iPhone, eliminating the need to create fake pieces of plastic.

If you are an Apple Pay using iPhone owner, your information in the phone is not being hacked, so don’t worry.

Kaspersky Labs – the one that says over and over that 20xx is “The Year of the Mac Virus” where xx=(03-15 so far) has released a study about a piece of malware that they have recently uncovered that is groundbreaking in many ways.  It is ALMOST undetectable, and they have been infecting machines for over 14 years.

If you like reading an analysis that reads more like a spy novel, the actual report is here.  A more accessible article was posted to Ars Technica on Feb 16, 2015.

“The discovery of the Equation Group is significant because this omnipotent cyber espionage entity managed to stay under the radar for almost 15 years, if not more,” Raiu said. “Their incredible skills and high tech abilities, such as infecting hard drive firmware on a dozen different brands, are unique across all the actors we have seen and second to none. As we discover more and more advanced threat actors, we understand just how little we know. It also makes us reflect about how many other things remain hidden or unknown.”

Kaspersky also claims that iOS and MacOS systems have been infected:

Redirects that sent iPhone users to unique exploit Web pages. In addition, infected machines reporting to Equation Group command servers identified themselves as Macs, an indication that the group successfully compromised both iOS and OS X devices.

It will be interesting to see if this discovery of Kaspersky Labs turns out to be something more than the active imagination of a FUD dealing protection peddler.

HelpMeClayton:

“About a year ago, my friend set me up with a netbook with Linux Mint on it for my mother.  It does all she needs to do with browsing the internet, watching videos, reading email.

Lately she has been complaining that her machine has a virus.  What do I use to clean a virus off Linux Mint?”

The fact of the matter is that Linux itself is not going to get a virus or malware, at least nothing is in the wild as of this writing.  However, the video watching and web browsing can expose her machine to cross-platform malware.  Adobe Flash and Java are the two main targets here.  To the non-techie user, it just feels like their machine has a virus.

So What do I do?

Make sure you install any updates to Flash or Java as soon as you find out about them.  Google Chrome will update itself as soon as it needs to.  For other browsers see the following page on WikiHow.

If you still want to do SOMETHING to make you feel better about the virus free status of your machine, you can use the free antivirus CLAMAV.  Look for it in your app store.  The thing is….you might get false positives instead of detecting any real problems, so you are better off just checking to make sure you are up to date, and then leaning back and enjoying computing

Microsoft Windows users:

Yesterday was Patch Tuesday, so you probably have a notification that you have updates waiting.  Please do yourself a favor and apply the updates as soon as possible.  This time Microsoft patched a problem that has been known for over 13 months.

Why is it important to apply updates immediately?

The patches that are released are for issues that only Microsoft can fix inside Windows.  Your antivirus can’t protect you from these types of problems.

Due to security issues in older versions, Apple has updated the
web plug-in blocking mechanism to disable all versions prior to
Flash Player 16.0.0.305 and 13.0.0.269.

Time to update your flash player once again.  If you have windows, you should do it too, because Microsoft is content to let you run out of date vulnerable versions for years.