Apple’s AirTag devices have risen in popularity since their release in 2021. Though their aim is to help users track items such as their keys or bags by attaching an AirTag to them, some have found more nefarious uses for these tracking devices. There have been reported cases of AirTags being slipped into someone’s bag or car without their content. This act of secretly tracking an unsuspecting victim is a serious concern for survivors of domestic abuse, and has also been used in attempts to stalk others or steal cars.

So, what can you do if you believe someone is using an AirTag to track you? The most basic thing you can do is to manually search yourself and your belongings for places where an AirTag may have been slipped in. However, because of its small size, you may not be able to find the device. Therefore, a good next step is to use a Bluetooth tracking app to scan your area to see if there is an AirTag nearby. If you do find an AirTag nearby and want to find its serial number in case you need to alert law enforcement, you can find that number without alerting the owner by using Apple’s Find My app. First, hold the device up to your phone , tap on the name of it, and then you will be able to see its serial number. Alternatively, you can also tap and hold the top of an NFC-capable smart phone to the white side of the AirTag. The webpage that pops up will contain the serial number. To disable the device so that the owner can no longer see your location, twist it counterclockwise on the back by the Apple logo and take the battery out. When in doubt, contact law enforcement if you believe that you’re being tracked. If you’d like to discuss online safety, feel free to contact us at info@OptfinITy.com or call us at (703) 790-0400.

Cybersecurity experts and the FBI are warning Americans that there will likely be an increase in cybersecurity attacks targeting U.S. citizens and companies. This warning follows a slew of sanctions Western nations have placed on Russia following its invasion of and malware attacks against Ukraine.

Tensions have further escalated since the U.S. and allies blocked some Russian banks from the SWIFT international payment system. Experts warn that ransomware and malware attacks, data wiping and theft, and denial-of-service attacks are among types of attacks that hackers will use as a form of cyberwarfare against the U.S. and its allies.

Cyber experts warn that small- to medium-sized businesses are among the most vulnerable entities, as they typically do not have the cyberattack mitigation plans necessary to prepare for and defend against sophisticated, targeted attacks. The best forms of protection that executives and officials recommend for businesses and individuals alike is to make sure that software and anti-virus systems are up to date, two factor authentication is in place, and a crisis plan has been established. If you’d like to ensure that your organization’s cybersecurity protocols are up to date and secure, feel free to contact us at info@optfinity.com or call us at (703) 790-0400.

If you’re like millions of other Americans, you’ve probably heard of, if not already played, Wordle. This addictively simple word game has boomed in popularity due to its virality, ad-free nature, and lack of a price tag. Unfortunately, this may change soon. In late January, it was announced that the New York Times bought Wordle. The news rattled many users who fear that their favorite game may soon be put behind a paywall like many of the Times’ own games and articles. This notion was confirmed when the Times stated that the game would “initially remain free” to new and existing players.

Luckily for players, there’s a way to play this game for free should it go behind a paywall. Wordle runs on a browser, which means that all of its code is saved as plaintext on the game’s website. To grab the free  version, players only need to right click in their browser, select “save page as webpage”, and save Wordle as an HTML file. Then, the original game can be played offline. By clicking on the saved HTML file, it should then open the game in a browser, even if you’re offline. Further, because the game is based on a list of over 2,000 five-letter solution words, an offline version should (in theory) allow users to play free every day for seven years. Before dashing to download the HTML, be aware that you may not be able to save your streak, and sharing would be messy- if even possible. If you’d like to learn more about optimizing your technology and devices, feel free to reach out to us at info@optfinity.com.

In recent years, Zoom has become one of the most popular video conferencing platforms in the world, boasting over 300 million daily meeting participants- largely due to the sharp increase in remote working trends. Though many people find its interface user-friendly and convenient, it certainly comes with a host of privacy risks. Privacy experts have been concerned about Zoom since 2019, when the software disclosed its involvement in both a webcam hacking scandal along with a bug that allowed uninvited users to snoop in on video meetings- even ones protected with a password (now known as “zoom-bombing”). Since then, Zoom has cleaned up its act and disabled concerning features, such as its built-in attention-tracking features, and enabled security features like end-to-end encryption. However, there are still several privacy concerns to watch out for.

1. Non-Attendees May be Watching your Recordings: If you pay for a Zoom subscription, be mindful of who you allow to access cloud recordings. This feature, which allows hosts to record the meeting, text transcriptions, and active chats within the meeting, can be useful as a reference for meeting attendees, but can also be accessed by other authorized users at your company- including those who may have never attended the session. If you’re concerned, Zoom allows administrators to limit the recording’s accessibility to only certain preapproved IP addresses.
2. Zoom May be Sharing your Information with Third Parties: In 2020, Vice’s Motherboard conducted an analysis that found Zoom was sharing user analytics with Facebook- even if the user didn’t have a Facebook account. In March of 2020, Zoom announced the removal of this feature, but its updated privacy policy remained murky regarding its data sharing practices with third parties. Since then, Zoom has clarified that, “No data regarding user activity on the Zoom platform — including video, audio, and chat content — is ever provided to third parties for advertising purposes”. Regardless, you should probably look over your Zoom and device security settings, minimizing permissions when possible. Additionally, make sure your Zoom app is up to date to ensure that any security patches have been installed.

If you would like to discuss software security and account privacy, feel free to contact us at info@optfinity.com.

Though cookies and cached data within your mobile phone browser can improve your browsing experience by keeping you logged into websites and saving website preferences, they can also become burdensome. Cookies are used by websites to track your browsing history so that they can more easily serve you with personalized ads- which can be an annoying and intrusive experience for some. Additionally, too much cached information can slow down your browser’s speed. So, if you own an Android and are interested in clearing your cached data and browser cookies, continue reading to learn how to do so.

If You Use Google Chrome:

• Navigate to the top right corner of the browser and click the “More” button (symbolized by 3 vertical dots)
• Select “History”, then “Clear browsing data”
  • Within this setting, you can also choose whether to clear data from the last 24 hours, the last month, or all data history
• By selecting the “Advanced” option, you can also delete saved passwords, site settings, and autofill form data
• After selecting what you want to delete, click the blue “Clear data” button

If You Use Samsung Internet:

• Navigate to your phone’s settings
• Next, click on “Apps”
• Scroll down and click “Samsung Internet”, then “Storage”
• At the bottom of “Storage”, you can choose to either “Clear cache”, “Clear data”, or both
  • Clicking “Clear data” will bring up a prompt warning that all the app’s data will be deleted permanently
  • This includes files, settings, accounts, and databases

If you Use Mozilla Firefox:

• Navigate to the browser, and select the “More” button in the top right corner (symbolized by 3 vertical dots)
• Click “Settings”
• Go to the “Delete Browsing Data” menu
• Select “Delete any existing open tabs”
  • From this menu, you can also delete your browsing data, site data, site permissions, cookies, and cached images and files

Hope you found this helpful! If you have other questions about how best to secure your devices when browsing online, feel free to reach out to us at info@optfinity.com.

ZLoader is a popular malware among hackers, and has recently been used to steal user credentials and other sensitive information by exploiting a vulnerability in Microsoft’s digital signature verification.

So how does this affect you?  Microsoft’s signature verification tool Authenticode is used to ensure that a file is legitimate and trustworthy. Researchers at Check Point Research (CPR) have concluded that the cybercriminal group Malsmoke is responsible for this campaign it operates by tricking victims into running a corrupt file that appears to be signed as legitimate and safe. From there, hackers can use the ZLoader trojan banking tool to steal cookies, passwords, and other sensitive information right from your computer.

So, what can you do to avoid being hit with this malware? If you’re a Microsoft user, CPR recommends that you install Microsoft’s security patch for Authenticode verification ASAP. Fortunately, this patch has been available for installation since Microsoft first discovered this vulnerability in 2013- but downloading it has not been mandatory since 2014. This update, as well as common-sense practices like avoiding clicking on unfamiliar links or downloading attachments found in emails, are users’ best lines of defense against this malware. If you’re interested in discussing cybersecurity patches and best practices for your organization, feel free to reach out to us at info@OptfinITy.com.

On December 12^th, the Virginia General Assembly was hit by a ransomware attack. Specifically, the Legislative Automated Systems branch was attacked by currently unnamed threat actors. This department essentially acts as the information technology arm of the state legislature, dealing with affairs involving publication production and distribution, computer technology information, and legislative information collection and dissemination. When the attack was discovered, the department promptly shut down most of its servers in an attempt to put the spread to a halt. The malware was described by a top agency official as “extremely sophisticated”, though the ransom note contained no specific amount or date by which an amount needed to be sent.

Though representatives stated that the department was still functional, the cyberattack severely impacted business operations, cutting many employees off from critical systems. Primarily, it prevented legislators and staff from accessing systems that handle bills. This attack came at a critical time, as December marks a busy time for legislators attempting to request, draft, and modify bills for January’s legislative session. The Virginia Law Portal was also rendered unusable, barring those interested from viewing online versions of the state code and Constitution. Though the Capitol Police’s internal site was also taken down, communication capabilities remained functional. Virginia has since hired the cybersecurity firm Mandiant to address the root of the attack and establish recovery plans moving forward. Unfortunately, the state’s backup system may have been compromised during the attacks, so paying the ransom may be the only option to get back encrypted data. If you’ve been hit with ransomware or are interested in discussing backup and preventative measures, feel free to reach out to us at info@OptfinITy.com or call us at (703) 790-0400.

As you may have seen on the news, on December 9^th, 2021, a zero-day exploit was observed targeting Log4j, a ubiquitous open-source logging tool. In short, Log4J is a logging tool for programs to track any errors that may occur within an application. The bug (known as Log4Shell) has affected thousands of various systems across the world including vendors such as Cisco, VMware, Twitter, Amazon, Google Cloud, IBM, and Microsoft. Though the vulnerability was announced recently, experts believe that hackers have been exploiting it since the beginning of the month, with the announcement inadvertently resulting in a surge of attacks. The Cybersecurity & Infrastructure Security Agency estimates that hundreds of millions of devices are likely affected, with some officials stating that this is one of the most serious threats they’ve seen in their career.

The discovered vulnerability, which has existed for approximately 8 years, allows a hacker to remotely take over a computer using this software, and in some cases, it is as easy as posting a certain message in a chat box, as was the case with Minecraft.  Now, hundreds of attempts to exploit it are being launched every minute, as hackers attempt to gain money and sensitive data through cryptomining malware and installing Cobalt Strike. The ubiquitous nature of Log4j makes the bug much more dangerous and likely longer-lasting than other software vulnerabilities because many organizations may not even be aware that the system is part of their network.

So, what does this mean for you?  The good news is that most of the affected applications are cloud-based applications, which makes it easier for companies and developers to update the component without having to touch millions of end-users’ devices. Software vendors will be applying these patches as soon as they become available. Additionally, look out for notifications from trusted sources that inform and allow you to update potentially vulnerable systems, as these updates should include a patch.

Should you have any questions about this vulnerability, please feel free to reach out to us at info@optfinity.com.