Meeting Topics

7:00pm – 9pm

Subscribe to calendar in iCal

Archives

search

view by category

view by month

etc.

rss feeds

admin stuff


Archives for Category : Security

Critical macOS 10.13 “High Sierra” Security Bug

November 29th, 2017 in Apple,Security

Anyone who has upgraded their Macs to macOS 10.13 aka “High Sierra” should be aware there is a very critical security bug that an potentially allow someone sitting at the machine to login as “root” user (essentially a super administrator) without knowing your password. I’m sure Apple will be patching this ASAP but in the meantime there is a simple procedure you can follow to mitigate the risks:

As far as I know it required direct physical access to your machine and can’t be exploited remotely but it’s worth taking a few minutes to read the above article and apply the “fix”.

2017-11-29 12:30pm Update

Apple has posted Security Update 2017-001 to fix this problem. Consider installing it ASAP.

On That Transmission Ransomware

March 8th, 2016 in Security

OK, in case you missed it the Mac community has just gotten it’s first taste of RandomWare! What’s RandomWare? It’s malicious software that once executed on your computer proceeds to encrypt it’s contents and require you pay to get the decryption key to recover your data. Our induction into this club came in the form of a compromised installer for the open source Transmission BitTorrent client. Details are available here among other places:

Now the good news is that unless you explicitly downloaded and installed Transmission 2.90 you’ve got absolutely nothing to worry about. Apple has already updated it’s Gatekeeper security files to block the software so make sure you’ve installed all recent OS X updates.

If you did recently install Transmission the article linked above will tell you how to know if you’ve been compromised and how to get rid of it. If you’ve already had the misfortune of having this piece of garbage inform you it wants money you could probably still get away without paying up by restoring your data from an earlier Time machine backup (you ARE doing Time Machine backups, right?!) You’d lose work done after that backup but save about $400.

It should be noted that (brace yourself) not all ransomware authors are honest or necessarily competent enough to be able to return your data to you (I know, shocking!) so even paying up may not always guarantee the safe return of your precious bits and bytes.

As to how to protect yourself in the future, the best advice is still to only download apps and updates from the original sources and never, EVER, EVER open attachments you were not expecting even if they arrive in your in-box from someone you know.

Comments Off on On That Transmission Ransomware

The iWorm Trojan

October 6th, 2014 in Security

OK, so you might have heard about the latest security threat to the Mac called “iWorm.” There are supposdly thousands of “infected” Macs ready to rain down doom and destruction at the behest of its bot-net wrangler. The good news is: it’s not a “worm” at all in that it can’t autonomously install itself into your computer. It is in fact a “trojan horse”, requiring that you allow it into your Mac most likely by installing a compromised application. For example, it has been detected in pirated copies of popular apps (Office, Photoshop, Parallels) available on bit torrent sites. Another reason to avoid plumbing those murky depths.

It is a variation of an existing trojan already detected by anti-virus software but you can easily check if you have somehow managed to “catch” this malware by a quick Finder check:

  1. From the Finder’s Go menu choose Computer
  2. In the Finder window that opens double click your hard drive icon
  3. In the hard drive contents double click Library
  4. In the Library folder double click Application Support
  5. In the Application Support folder look for an item named JavaW

If you find it, you’ve got iWorm. You should be able to remove it via a free anti-virus app like:

NOTE: This is not an endorsement of either app, they just happen to be free options.

2014-Oct-09 Update

Apple has updated their own built-in OS X anti-virus definitions to include this new threat so if your Mac is up to date it should be protected from new instances. If you’ve already been “infected” you’ll probably have to use an anti-virus app to remove it.

Comments Off on The iWorm Trojan

iOS 6/7 & OS X 10.9 Users – Your Attention Please

February 25th, 2014 in Apple,Security,Updates

OK, anyone using iOS 6 or later on an iPad, iPhone or iPod touch or using OS X 10.9 should be applying the latest OS software updates ASAP. They contain a fix for a very serious security problem that can compromise communications with sites and online services that use SSL encrypted connections to ensure your data is not observed as it travels across the Net.

The cause of the problem is a coding error introduced in iOS 6 and OS X 10.9. Previous systems are safe (at least from this particular issue.)

Comments Off on iOS 6/7 & OS X 10.9 Users – Your Attention Please

Latest Scam Email: Fake FaceTime Notice!

February 19th, 2013 in Apple,Security

OK, just got a new bogus email titled “Your Apple ID was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5”. On the surface it looks legit and is a pretty good copy of Apple’s standard “your account has been used to ” notification email. I was ->this<- close to actually clicking the link, except the email address given is not one I’ve ever used for an Apple ID. Doesn’t mean it couldn’t be legit, some low-life scum might conceivably have managed to set to an Apple ID using my email address. But it made me suspicious.

So I took my own advice and right mouse clicked on the Learn More link, chose Copy Link, then pasted it into an empty TextEdit document. And instead of a reasonable domain ending with .apple.com I instead saw http://some-random-domain.com/promet/safe/ where some-random-domain.com was some dentist’s web site that (a) appears not to have been updated in a few years and (2) has apparently been hijacked by some bozo. It turns out the link takes you to some Russian “cheap drugs” web site but it could also have been a bone fide attempt to grab my Apple ID and password.

IF YOU RECEIVE A MESSAGE STATING THAT YOUR APPLE ID ACCOUNT HAS BEEN USED DOUBLE CHECK THAT IT IS INDEED FROM APPLE BEFORE CLICKING ANYTHING IN IT or going through the trouble of changing your Apple ID password which it also suggests as Apple’s legitimate notice does (you can change it anyway but the fake email is not in itself an indication your account has been hacked, just that someone knows your email address.)

Comments Off on Latest Scam Email: Fake FaceTime Notice!
OLDER ▶