So last year, we had, and survived viruses like Wannacry and Petya. But now this year, we have new viruses, new threats. That’s just the beginning.
So here are some new names: MasterKey, Fallout and Chimera. Those are just the ones we know of. Also, these new viruses, new threats just came out in early 2018. But these are different, because other viruses attack software. These new ones attack hardware. Yes, cyber security experts are building patches and other remedies to fight these hardware threats. However, is there something even deeper going on here?
Some IT service security journalists say yes. They talk about an ongoing cyber war between hackers and defenders. Furthermore, some speculate websites like Meltdown could be a battleground between hackers and cyber security. Here is the cat and mouse game. Hackers create a virus. Researchers catch it. Then they tell the manufactures and businesses about it so they can fix it. In the best cases, like Meltdown’s website, they give ample warning. That way, somebody can fix the problem. But if a company is warned only a day in advance, that’s when problems can start. Timing can make a world of difference between safety and destruction.
Then there is knowledge. Not only that, but what are you willing to do with that knowledge? For example, Windows XP. This piece of software has been defunct for years. But for some reason, people insists on holding onto it. And for some reason (ahem), hackers insisted on attacking it. Remember the Wannacry last year? It hit British hospitals so bad that heart disease patients couldn’t even get critical surgeries and other treatments. They still held on the XP, which was easy to infect because Windows stopped supporting it…back in 2014! So here we are now. We in IT support tried to warn the world.? New viruses, new threats: That’s just the beginning. What are you going to do about it?
So there a privacy rights group they call Liberty’s. Liberty’s has been fighting the Investigatory Powers Act since 2016. This law tells IT service companies and others in IT support to hold all activity logs for a year. Because now, the government can require this info for any and all British citizens. They can also ask it for any reason, anytime, on a whim. Some say this is a national security measure.
However, Liberty’s and others don’t buy it. First of all, they argue the government can use this for any crime, not just violent and major ones. Also, privacy groups say even a corporation can get these activity logs, then use them against anybody. For instance, they can use this to track and hound somebody who is a little late on a bill. The UK High Court (similar to our US Supreme Court) agreed. They said some parts of the Investigatory Powers Act are unlawful. They have until November 1, 2018 to change some of most evasive parts of this law.
I think it’s important to make clear what activity logs are. They are our texts, emails, social media posts and comments, etc. These are things people do all day every day, so much we take it for granted. But they want to hold all of that for a year? And for what? Just in case you do something wrong, so they can hold it against you? That’s not right. So kudos to this UK surveillance fail, and kudos to Liberty’s and other UK citizens for fighting back. But what does this have to do with the USA? Have you not been paying attention over the last five years?
So you put an ad blocker in your Google account. But now you can’t find it. There is probably a good reason for that. It could be because of a fake ad blocker. Check your Google account now!
So this warning started with a story AdGuard’s blog released. In it, they exposed fake extensions that used extra code. They feed on the info of websites you visit, almost like some monster out of a swamp that yearns to get bigger. But Google already takes action. They took off five fake ad blockers out of their store. And these were top downloading ad blockers too. You can bet they will remove some more as well.
However, this hardly seems to be new. In fact, AdGaurd’s blog warned about this starting last year. That year alone, some 37,000 people got a AdBlock Plus for their device. It turned out to be a fake ad blocker. It clones and preys on popular keywords. Then, it took real extensions and added their own malicious content they hide in the images. Instead of blocking the ad, (they may do some blocking to save face), it eats up your info. There’s no telling what they will do when they get it.
So what can we do? AdGuard suggests check the extension author. Make sure it’s somebody you trust. Why do I talk about this? As I stated before, we in IT support need to warn people of such warnings. But as for me, I think I’ll deal with the ads. Yes, they can be annoying and pestering. However, at least they’re not infecting our systems, well, most of them aren’t. This is why I urge you, and all that depend on IT support to check your Google account now! See what’s real and what’s not. And if a fake ad blocker sounds too good to be true, then it probably is. What are some real ad blockers you can trust?
So unfortunately, there is another cyber attack to tell you about. Someone compromised over 200,000 Cisco switches. But wait…it gets better. Because Iran was the one that found the attack and alerted the world. Cisco global cyberattack:? What you need to know.
So according to Iran’s tech leaders, hackers hit around 3,500 systems. But guess which nation got the worst of it? You guessed it. Because here in the USA, this Cisco global cyberattack affected over 55,000 systems. Also, over 14,000 computers in China got hit. Other victims range throughout India, Europe and Asia. The hacker left a calling card. That card is a US flag and a quote saying, “don’t mess with our elections”.
Iran said they fixed the flaw and hours, and hackers did little damage. I don’t hear much from the US or other nations about this latest attack. But I do come across some interesting news. The news came from the attackers themselves: They say it’s against Russia. You see, the attackers still think Russia interfered with the US 2016 elections. Yes, they did attack Russia, but we don’t know how many systems they got. But this latest attacks expose a huge problem in the IT service community. There are many mediocre security practices in IT support.
Hackers know it, and they’re taking advantage of it. In fact, look at what happened to the city of Atlanta several weeks back. It seems like the bad guys are getting smarter while the rest of us are slipping. Some of the bad guys reasons’ are financial, while some are political, like what we’re seeing here. Some motives are even more sinister. This is why we need to do a better job protecting ourselves. This is also why we need to do a better job finding and bring these guys to justice. What do you think needs to be done?
So when it comes to Android fighting the constant battle against malware, there is good news and bad news. The good news is that they’re doing a better job keeping malware out of the Google store. But the bad news is hackers are finding new and creative ways to invade your Droid. There is Android malware in a code app.
This new malware strain is?Andr/HiddnAd-AJ. Yes, that’s the name of it. However, what is scary is how subtle and innocent it looks. Hackers slipped it into Google Play as a QR code and compass app. This is kind of like a repair man coming to your house, but you find out that repair man is a burglar. By the time you realize he knows the way to your house, it’s too late.
This tactic is nothing new, but is is slick and tricky. They buried a hostile code in a regular Android library. And it doesn’t mess up your system right away. In fact, it can take up to six hours before this malware does any damage. There is more good news. In the last 24 hours or so, Google found and cancelled this fake app that’s causing this. Google and security experts insists it’s safe to use and buy from Google Play.
I can only hope so. Myself, and many in our Boston computer service shop, a lot of us use Android. I will give Android credit. A few years ago, all we read about is Android getting hacked, and getting hacked often. Now, you don’t hear about that as much. That’s a good sign. But this doesn’t mean the hackers are going to stop trying. In fact, it means they’re going to try even harder. Any good IT service worker will warn you of such threats because they don’t want you going through it. That’s what we try to do here. Have any of you been impacted by Android malware in a code app?
So many of us still have nightmares of WannaCry and NotPetya. Those are the malware viruses that nearly crippled British computer systems back in May 2017. But now Atlanta is under the gun. Ransomware hacks Atlanta: Is it SamSam?
Over the past 24 hours, malware crept into Atlanta’s IT service systems. Because of this, the city government can’t even do simple things. This includes processing payments and getting court case information. Then, Atlanta Mayor Keisha Bottoms addressed the attacks. She assured the Atlanta people the government will be open the next day (which is today). She also said this malware didn’t attack airports, public safety or services.
Mayor Bottoms stated she’s working with federal agencies to see who compromised what data. But here’s what we do know. SamSam ransomware sent a note. The note demanded $51,000 in Bitcoin to let go of the systems.They’re also demanding certain files. I cringe to think what those files are and what they want with them.? That’s almost six Bitcoin. SamSam is just one of malware systems that attack government and health care systems. Furthermore, SamSam has been doing this since 2015. They deliberately target these systems because they know how critical gov’t and health care are to the people. Thus, leaders are more likely to pay the ransom. These hackers also know they have better means to pay than individuals or small businesses.
But immediately after the attacks started, Atlanta tweeted the people of what’s going on. The mayor followed that with a press conference, and got federal agencies like FBI and DHS involved. Microsoft also helped out in this. So I applaud Atlanta Mayor Keisha Bottoms for how she handled Ransomware hacks Atlanta. Hopefully, all systems are normal in Atlanta. Why does what happen in Atlanta affect Boston, particularly near our Boston computer service shop? If it can happen in Atlanta, what makes you think it can’t happen in Boston?
