One App Causes 50% of Mac Malware

By -- 2023-01-9 in Blog

While Macs have a good reputation against malware, they are still vulnerable. What may be relieving to hear, however, is that there is a way you can better protect your Mac. You can do this by removing the largest malware app of them all, MacKeeper

MacKeeper was originally designed to protect Macs from malware through cleaning, security, and performance tools. Ironically, 48% of Macs end up with malware infections though MacKeeper. The app is designed with good intentions but can be easily abused by hackers as a vehicle for malware. This is due to the app’s extensive permissions and access to various files and processes. It’s too risky to keep MacKeeper on your Mac and we strongly recommend removing it.

 

If you wish to remove MacKeeper, this is how:

  • Go to your Finder app
  • Click Applications
  • Search for MacKeeper
  • Select This Mac and click the plus sign
  • Choose Name to open the dropdown menu
  • Select Other
  • Scroll to System Files, click the checkbox
  • Click Name (again), select System Files
  • Switch ‘aren’t included’ to ‘are included’
  • Delete all files in folder (Right-click and select Move to Trash)
  • Empty your trash (Right-click the Trash icon in the bottom right screen corner, select Empty Trash)

 

The best way to prevent malware on your Mac is through good cyber security practices and protection. Look into installing top-rated security software if you haven’t already. For more information on how to protect your devices from malware or any general IT questions, feel free to reach out to us at info@optfinity.com.

Security Concerns with LastPass

By -- 2023-01-5 in Uncategorized

In general, it’s a good thing to be using a password manager to generate a strong, unique password and to keep track of all of your passwords. For many of OptfinITy’s clients, the password manager that has been used has been LastPass – something we ourselves have been using since 2013.

Over the past 6 months, however, there have been reports coming out about a security incident which occurred in August and then again in November at LastPass, about a potential hack. On December 22nd, LastPass clarified a previous security incident they had reported in November as being much more concerning, where the hacker’s data breach actually exposed encrypted password vaults—the crown jewels of any password manager—along with other potential user data.

The details, or more specifically, the lack of details that LastPass provided about the situation a week ago were worrying enough that security professionals quickly started calling for users to switch to other services. While some people have been making those suggestions, OptfinITy does not want to make a knee jerk reaction and is currently doing our own research into the situation.  This is what we know so far:

  • Sometime over the last 3-4 months, the encrypted vaults of all or some of the users were stolen.
  • These vaults which contain all of the usernames and passwords are encrypted with a master password which only the end user knows.
  • The encryption that is used is extremely difficult to hack without massive computer capabilities, something that very few people in the world have access to.
  • Although encryption is great for making it hard to decode what a password is, it does not stop hackers from using other tools to guess passwords on the vaults.  For example, if you utilize a password that is a common dictionary word followed by a number, those passwords will be easier to crack and the usernames and passwords will become available to the hackers.  For those with complex passwords (i.e.  C@nUGu3$$Th~sPw), your data will be much harder to access.

So what should you do?  

We are still investigating the issue and do not feel that it makes sense to switch to another provider today. The reason for this is that there is no 100% secure software or cloud-based solution and it is imperative that the solution you switch to is in fact a better option than the current one, or as the adage goes, the “devil you know is better than the devil you don’t”.

That being said, we are recommending that all LastPass users do the following immediately:

  • ALL LastPass users must change their MASTER password to login to LastPass and that the password should be complex in nature, containing a mixture of letters, numbers and symbols and without spelling a dictionary word.
  • All users should enable multi factor authentication on their vaults.
  • Whether you do use LastPass or not, we are recommending all users create an account on Have I been Pwned? (https://haveibeenpwned.com/) to ensure they learn of any breaches affecting them as soon as possible.
  • While the vaults were encrypted, the meta data about the users of the vaults was not.  As a result, hackers will have access to potential contact info, which means customers should be on extra alert for phishing emails and phone calls purportedly from LastPass or other services seeking sensitive data and other scams that exploit their compromised personal data.  Nobody will ever need your master password for any reason.
  • If you were an end-user who used a simple master password, it is our recommendation that you go through and change all of the passwords within your vault.

At this moment, OptfinITy is evaluating the situation while also testing out two potential replacement products for password management and will be in touch with our clients about their concerns and any potential changes.  Should you have any questions in the meantime, please don’t hesitate to reach out to us at info@optfinity.com.

Why you need a Mac Update Immediately

By -- 2023-01-3 in Blog

A major security flaw has been discovered in macOS that can be exploited by hackers to install malware. This vulnerability has been dubbed “Achilles” and was first found in July 2022. Apple patched this vulnerability earlier this December (which is why we’re now hearing about it) but your Apple products could still be in danger. You should approve the latest Mac update on your Macbook, iMac, Mac mini, or any other Apple computer you may have as soon as possible. Hackers like to target vulnerable machines, so the sooner you update the better.

About “Achilles”

Apple includes Gatekeeper and XProtect in every version of macOS. Gatekeeper ensures all new software is verified before it’s installed, while XProtect scans for malware. The Achilles flaw was abusing a logic issue in Gatekeeper’s security protections, allowing malicious apps to be installed on Macs. The latest version of macOS fixes this vulnerability and should be installed as soon as possible. You may also want to consider installing a well-rated Mac antivirus software as an additional measure.

While this “Achilles” flaw is resolved through the latest update, hackers will continue to look for ways to exploit operating systems. For more information on cyber threats or if you have any general IT questions, feel free to reach out to us at info@optfinity.com.

One iPhone Setting Worth Changing

By -- 2022-12-30 in Blog

Thieves love to steal iPhones. They’re easy to target and sell for quick cash. However, changing one iPhone setting can stop thieves in their tracks. Smart thieves will look to instantly turn on airplane mode once they swipe a phone. They do this so the phone can’t be located from the Find My app. Fortunately, there’s an easy way to prevent them from doing this.

Disabling Control Center When iPhone is Locked

  • Go to your iPhone’s settings
  • Find Face ID & Passcode
  • Enter your passcode
  • Scroll to Allow Access When Locked
  • Turn off Control Center

Now, thieves won’t be able to access your iPhone’s control center from the home screen. This will allow you to still track your iPhone using the Find My app. This can scare thieves off, as they’ll be aware that they can be tracked. Thus, many will opt to ditch the phone somewhere, allowing you to safely retrieve it using the Find My app. This setting change will have minimal impact on your phone’s ease of use as well. This is because your phone will still unlock with Face ID, allowing you to access the Control Center as usual. For more information on phone security or any general IT inquiries, feel free to reach out to us at info@optfinity.com.

TikTok Making Algorithm More Transparent

By -- 2022-12-23 in Blog

TikTok, the latest social media titan, recently announced a new feature called “Why this video”. This feature is being rolled out in the “For You” section and will be accessible through a question mark icon. Users will be able to review why each video is selected for their feed. There will be several different listed reasons, such as previous interactions, accounts followed, user posted content, and regional content.

TikTok said in a press release that “Looking ahead, we’ll continue to expand this feature to bring more granularity and transparency to content recommendations.” TikTok has also made additional strides towards safety, such as customized content recommendations, parental controls, and improved content moderation systems.

However, there are still some major security concerns despite TikTok’s strides towards transparency. The video-based app has an algorithm that can be concerningly good, leading to questions about how much data is being accessed. Some states have banned the app from government devices and it is going through a national security review with the US Committee on Foreign Investment.

So, while TikTok can be a great source of entertainment, it’s wise to be cautious of it. Lots of data can be collected from the app, and it’s also important to make sure minors aren’t exposed to inappropriate content. For more information on best internet safety practices or any other general IT questions, feel free to reach out to us at info@optfinity.com.

Apple Announces Innovative Security Features

By -- 2022-12-16 in Blog

Apple announced on December 7th that expanded end-to-end encryption is coming to iCloud. While this feature is already available for some data in Apple’s cloud platform, such as passwords and credit card data, it will now be available for other information including photos, notes, and iCloud backups. This new feature will be called Advanced Data Protection and rolls out globally in early 2023.

Advanced Data Protection will be optional, as users will have to elect to enable it. Expanded end-to-end encryption would protect customer data even in the event of Apple being breached. Contacts, emails, and calendar data will unfortunately still not be end-to-end encrypted.

This announcement is just one piece of Apple’s security puzzle, as hardware key two-factor authentication and iMessage Contact Key Verification will also roll out in the upcoming year. These new features are coming “as threats to user data become increasingly sophisticated and complex”, according to Apple.

Physical authentication keys are going to be supported by Apple, a feature long requested by consumers. Hardware tokens are particularly strong for two-factor authentication, as hackers can’t obtain access in the ways they can with virtual codes.

iMessage Contact Key Verification will be another layer of protection users can enable. This feature provides users with a Contact Verification Code that they can compare with their digital contact through another channel of communication. This will allow users to verify that they’re talking to the right contact, and not an impersonator.

These new features from Apple are great steps towards more secure data. However, there are still many other measures that can be taken to improve your cybersecurity. If you have any questions about Apple’s upcoming features or how OptfinITy can meet your IT needs, feel free to reach out to us at info@optfinity.com.

Rackspace Confirms Ransomware Attack

By -- 2022-12-7 in Blog

In a Tuesday morning press release, cloud computing giant Rackspace confirmed that the recent outages for its hosted Microsoft Exchange service were caused by a ransomware attack. These outages are ongoing (as of December 6, 2022) so Rackspace is moving all of its Hosted Exchange customers over to Microsoft 365 to limit disruption to the clients.  Rackspace believes the breach was limited to only its Hosted Exchange environment, and they immediately isolated the environment once the compromise was detected. Rackspace has yet to determine “what, if any data was affected” and will notify customers “as appropriate” if their sensitive information was affected.

Ransomware attacks are becoming commonplace, and it’s important to be prepared, even if you have outsourced your service to a provider.   For example, were you aware that Microsoft does not provide backups beyond a month or two?   What would happen if all of your data was missing, and you didn’t realize until a couple months later?

You can protect yourself by backing up your Office 365 data (SharePoint, OneDrive, Microsoft Teams, etc.) to an external cloud, which is one of many services OptfinITy provides.

Backing up your Office 365 data can protect you from security threats such as:

  • Accidental deletion
  • Internal/external security threats
  • Legal and compliance requirements
  • Team data structure
  • Retention policy gaps and confusion

 

It’s important to ensure that in the event of a ransomware attack or other security breach, you’ll be able to retain your data. If you have any questions about how OptfinITy can protect your data or any general IT questions, feel free to reach out to us at info@optfinity.com.

Have You Cleared Your iPhone Cache Recently?

By -- 2022-12-6 in Blog

Just like every piece of technology, your iPhone needs routine maintenance. While physical maintenance such as screen cleaning is important, some of the processes should also happen digitally. One of the easiest pieces of upkeep is clearing your iPhone cache monthly.

What is my cache?

Your browser cache is like a digital closet. Over time, your iPhone stores website data in this digital closet so that it can easily retrieve the data when you visit each site. In the short run, this speeds up your browsing experience. However, your cache may begin to clutter with data you no longer need. Before long, your browser’s cache becomes outdated and slows down your phone. Clearing your cache gives your browser a fresh start, which can noticeably increase your browsing speed.

Clearing your cache

Safari:

  • Open your iPhone’s Settings app
  • Select Safari
  • Select Advanced and then Website Data
  • Select Remove All Website Data
  • Select Remove Now

Chrome:

  • Open the Chrome app
  • Select the three dots in the bottom right corner
  • Select Settings
  • Select Privacy and Security
  • Select Clear Browsing Data
  • Choose the intended time range
  • Ensure Cookies, Site Data is selected as well as Cached Images and Files
  • Lastly, tap Clear Browsing Data

If you use a different browser, a quick search should bring up the steps you need to follow.

In general, it’s a good idea to clear your cache once every month or two. This will ensure your browser isn’t getting bogged down by unnecessary stored data. If you have any questions about technology maintenance or general IT inquiries, feel free to reach out to us at info@optfinity.com.

The Latest Social Engineering Scam

By -- 2022-12-1 in Uncategorized

Phone call spam has slowly transitioned towards text message scams over the years. One of the latest texting scams has become known as “Pig Butchering”. The method involves “finding a target, fattening up the target, building trust with them, and then taking advantage of them and slaughtering the pig,” according to John Haraburda, director of product management at Transaction Network Services.

These message sequences begin with a simple introduction such as “sorry I’m running late” or a simple “hey”. A response opens the door for these scammers, and they’ll then follow up by asking a seemingly innocent question or favor. Once the relationship has been built up through friendly (or sometimes even romantic) texts, the scammer will look to exploit the developed trust by asking for something like a money transfer or crypto investment.

Even savvy phone users are getting caught up in these scams, as social engineering continues to become more refined.  The more believable the spam texts seem, the more likely the scammers are to be successful. It’s important to be especially cautious these days in handing out personal information and we would recommend ignoring emails from people you do not know.

If you have any concerns about texting scams, cybersecurity, or just general IT questions, feel free to reach out to us at info@optfinity.com.

Best Cybersecurity Practices for Remote Work

By -- 2022-11-28 in Blog

The holidays are right around the corner, which means many will be working remotely while traveling. Remote work already increases cybersecurity risks and traveling adds another dimension of threats. It’s important to keep your guard up and avoid taking security shortcuts while working remotely. According to venturebeat.com, here are a few cybersecurity practices you should consider implementing this holiday season:

  • Backup all your devices. If traveling, leave the backup in the cloud or at home.
  • Use a password protected, WPA-enabled Wi-Fi network
  • Create strong and different passwords for each account
  • Avoid storing passwords on your person or on your phone
  • Update all devices, applications, and browsers

If you’re leaving the home office to work, whether at your local café or in another country, here are further security measures you can take:

  • Leave unneeded devices at home
  • Bring a laptop lock and invest in a physical one-time password authenticator
  • Avoid taking devices that contain confidential company documents and information
  • Use an RFID blocker(basically a card sleeve) to protect payment cards, room keys, and passports
  • Use password-protected hotspot instead of hotel or public Wi-Fi
  • Turn off Wi-Fi, Bluetooth, and Near Field Communications (NFC) on your phone when in public areas such as airports or coffee shops
  • Use a VPN

There are many cybersecurity improvements to consider making, whether you have big traveling plans or just like to work from outside the office on occasion. For more information on how to protect personal and company data, or for any other IT needs or questions you may have, please feel free to reach out to us at info@optfinity.com.