Category: Apple

How to recover from ransomware in your Mac

While a vast majority of ransomware that’s been developed targets Windows computers, malware authors have begun to attack Mac devices. Recently, researchers discovered a new ransomware strain, OSX/Filecoder.E, which encrypts Mac files and keeps them locked even after the victims have paid the ransom. But don’t worry, there is still hope if you follow the security advice below.

According to ESET security researchers, even though the Filecoder ransomware was written in Apple’s programming language, the malicious code is not as potent or as skillful as other viruses. In fact, it’s so poorly written that hackers never developed a method to retrieve the encryption key once the ransom has been paid.

In any case, whether you’re dealing with Filecoder or some other ransomware, we advise against ever giving in to the hacker’s demands.

Avoid Filecoder
So far, Filecoder isn’t given out via phishing emails like most ransomware; instead, it’s distributed on Torrent sites and goes by the name “Patcher.” Therefore, it’s best to stay away from these highly unregulated (and mostly illegal) websites and stick to trusted app stores like Mac, Microsoft, and Google.

Even if the ransomware is not sent out via phishing campaigns, you should still be careful of any unsolicited emails with strange file attachments in case the malware authors decide to branch out.

Install preventive measures
Like with any other malware, being proactive with your cybersecurity solutions is the best way to defend against Filecoder. Install reliable antivirus software, intrusion prevention systems, firewalls, and update systems whenever possible.

You must also maintain backups and have a disaster recovery plan to keep your business running in the off chance that ransomware or any other cyberattack successfully infiltrated your systems.

Defeat the ransomware
Given the ransomware’s shoddy code, security researchers have found a way to decrypt files without paying. Free cracking tools like PKCRACK can recover Filecoder-encrypted data if you have one original version of the affected files. The recovery process, however, does require some programming knowledge, so contact an IT expert or a managed services provider to unlock the ransomware for you.

Filecoder may not be the strongest malware around, but this could just be the start of Mac-based attacks. To protect your business from the onslaught of cyberattacks, you need security experts. Contact us today.

Published with permission from TechAdvisory.org. Source.

New Mac malware linked to DNC hacking group

Fancy Bear, also known as APT28, is the Russian cybercriminal group responsible for hacking the Democratic National Party last year. Since then, the group has developed a host of tools to exploit Linux, Android, and Windows vulnerabilities. Last month, they spread a new strain of malware that specifically targets Apple Macbooks. If you own a Mac or an iOS device, here are some crucial details about the new malware.

According to antivirus provider Bitdefender, the new malware — named Xagent — is a Mac OS backdoor that is usually delivered via spear phishing emails.

To deploy the malware, hackers attach a Trojan software downloader in the email. If users interact with it, the program immediately creates a backdoor and connects to the cybercriminal’s network.

The malware then avoids detection by checking for antivirus software; and if it determines that cybersecurity solutions are offline or unpatched, it will begin to send system information, locally-saved passwords, iPhone backups, and desktop screenshots back to hacker headquarters.

Although security updates for the new malware are still unavailable, there are some things you can do to minimize the possibility of infection.

Approach emails with caution
Since hackers use phishing scams to distribute the Xagent malware, train your staff to be critical of email links or attachments, even if from the CEO or a close friend. And under no circumstances should you interact with any email from an unknown sender.

Keep your OS up-to-date
Always remember to install the latest operating system and application updates to make sure that Mac vulnerabilities are covered immediately.

Don’t save passwords
While it may be easier to save your passwords on your local browser, it gives hackers easy access to your accounts. If you can’t remember all your passwords, consider password management software. And while we’re on the subject, make sure you set unique passwords with a good combination of letters, numbers, and symbols.

Encrypt backups
To add another layer of protection, encrypt your iOS backups. This ensures that unauthorized users won’t be able to read the contents of your iOS data even if they do manage to gain access to your computer.

Cybersecurity is a universal issue, even for Mac users. But adopting these basic security habits will keep any hacker, whether from Russia or the US, at bay. Fortify your defenses by giving us a call today.

Published with permission from TechAdvisory.org. Source.

The latest on Microsoft Office for Mac

It’s official. Microsoft has just announced plans to bring support for add-ins to the Mac version of its Office Suite. This marks yet another step forward in Microsoft’s efforts to make the Mac version of the Office Suite more like its Windows counterpart. At the moment, this functionality is available for testing only by users enrolled in the Insider program. Read on for the latest information:

Office add-ins are applications running within the suite’s constituent programs that provide features not available by default. In terms of usage, they’re similar to browser extensions, but add-ins are tailored to the tasks users carry out in Office programs such as Word, PowerPoint, and Outlook. For example, one popular add-in allows users to look up words and phrases on Wikipedia without leaving Word. Another introduces additional chart types that can be used in Excel.

Add-ins are usually free, but some require either a one-off payment or a monthly subscription. If Microsoft wants its Office Store to flourish, it makes a lot of sense to provide support for add-ins to the Mac version of the Office Suite. According to a report from MS Power User, to access add-ins, Mac users need to be members of the Insider program and opt into its Fast Ring. From there, you should check that the installation of your Office for Mac is build 170124 or later.

You can find the “Add-ins” option from the Insert menu in Word, Excel, or PowerPoint, and then select the store. Once at the storefront, find an add-in you’re looking for and install it. Currently, there’s no word on when add-ins will be available to all Office users on the Mac platform. But if the functionality is ready for public testing, it’s safe to assume the official release is already on its way.

If you have further questions or would like to be notified of the latest advancements, feel free to get in touch with us!

Published with permission from TechAdvisory.org. Source.

Fruitfly: the latest Apple malware

For decades, Apple has enjoyed a reputation of being nearly invulnerable to threats of malware. That may be an exaggeration, but there is a bit of truth to it. However, if you’re using Apple devices in your organization, you can’t afford to take this exaggeration for granted. We’re only just easing into 2017 and we’ve already seen the first Apple malware of the year. Read on to find out more.

Where did it come from?

Dubbed ‘Fruitfly’ by the powers that be at Apple, it looks as though this relatively harmless malware has been hiding inside of OS X for several years. Fruitfly contains code that indicates it was adapted to move from a previous build of OS X to ‘Yosemite,’ which makes it at least three years old.

In fact, there are some lines of code from a library that hasn’t been used since 1998. It’s possible these were included to help hide Fruitfly, but experts have no idea how long it has been holed up inside the infected machines, or who created it.

What does it do?

So far, most of the instances of Fruitfly have been at biomedical research institutions. The administrators who discovered the malware explained that it seems to be written to grab screenshots and gain access to a computer’s webcam.

Considering the specific nature of its victims, and what it can accomplish, Fruitfly seems to be a targeted attack that won’t affect the majority of Mac users. However, Apple has yet to release a patch, and dealing with malware is not something to be put off for another day.

How should I proceed?

We’re always harping on the importance of network monitoring, and now we finally have proof that we are right. Fruitfly was first discovered by an administrator that noticed abnormal outbound network traffic from an individual workstation. Until Apple releases a patch, a better-safe-than-sorry solution is to contact your IT provider about any possible irregularities in your network traffic.

If you don’t have a managed IT services provider, this is the time to start considering one. Despite misconceptions, Apple devices need just as much care and attention as Microsoft and Linux PCs. And it’s not just security; if you want to optimize workstation performance, create a disaster recovery plan, or upgrade your database. Message today to get started.

Published with permission from TechAdvisory.org. Source.

Flaw allows thieves to open locked iPads

Have you ever worried about your tablet’s security? If not, you should. Networked gadgets are becoming increasingly interconnected every day, and just one social media account saved on a compromised iPad could lead to breaches on any number of other, more sensitive devices. If you own one of Apple’s popular tablets, you need to know about a newly discovered flaw that allows thieves to bypass security measures and access your device.

iPad owners who find themselves in the unfortunate situation of having their device stolen have the option to activate Apple’s Find My iPhone feature from icloud.com. If an iPad has this setting turned on, its GPS can be activated from any web browser to inform the owner where it is located.

Furthermore, if a user is concerned that the tablet may have been stolen, he or she can remotely lock the device. From the moment it is locked, the device can only be accessed by logging into the corresponding icloud.com account.

It’s a wonderfully intuitive feature, and tens of thousands of iPad owners have prevented data theft since it was first introduced by Apple in 2010. Unfortunately, security researchers recently announced a critical flaw that allows common thieves to totally bypass the remote lock feature simply by flooding login data fields with too many characters.

Apple is aware of the issue and has taken steps to address it with an operating system update. The latest version of iOS has fixed the issue for iPhones, but not for iPads.

Although we anticipate a patch to fix this flaw in the near future, the best way to avoid this predicament is to keep valuable data backed up separately from your iPad. One of the Find My iPhone options is to remotely wipe the device, which means as long as you aren’t permanently losing valuable data, the worst case scenario is losing nothing more than the tablet itself.

The more mobile our technology becomes, the more susceptible it is to physical security threats. It’s important to secure your devices not only from networked threats, but also from everyday ones, like someone nabbing your iPad while you step away from the table to order a coffee. For across-the-board security solutions and consulting, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Solution to eliminate iCloud calendar spam

Over the last month, users have reported spam issues plaguing their iCloud calendar. Fortunately, Apple has come up with a solution. One of its new features allows users to report and remove spam from their calendar. Hopefully this small step takes care of the problem once and for all. From what started the whole mess to how you can help end it, we have all the information you need.

The problem started in late October, and it continues today. iCloud devices continue to receive numerous calendar invites from unsolicited people. These invites typically advertise “junk” products in an attempt to exploit the increase in shopping associated with the holidays. Users who actually do click the links find themselves redirected to sites that have zero connection to what they thought they would find. But worse yet, everyone, regardless of their interest, is being completely inundated by unwanted notifications.

Denying calendar invitations alerts spammers that the email address the rejection came from is still active. This just results in more and more spam in the future. Apple apologized to customers affected by the oversight, but until now users have had no efficient way of deleting the spam from their calendar.

A “Report Junk” button has been added as Apple’s best shot at a long-awaited solution to the calendar spam problem. This reporting mechanism can be found on any calendar invitation sent by someone not listed in your contacts.

Unfortunately, it requires opening each item and selecting “Report Junk” through iCloud.com (the feature has not yet been released for iOS or macOS). However, once you have deleted an event from your calendar, the information will be deleted from all synced calendars, even those that are shown in the iOS apps.

Spam is one of the worst externalities that comes with increased connectivity. Although we’re still waiting for a more thorough solution to this problem, you can rest assured that in the meantime we’re working hard to come up with one of our own. For all the insider tips and tricks on Apple devices, contact us today.

Published with permission from TechAdvisory.org. Source.

iPhone video bug crashes Apple devices

Apple iOS users beware — there’s a five-second video that can harm your iPhone. In late November, the brief MP4 clip seemed innocent enough. But after iPhone users played the video, their iPhones began to slow down and eventually crash. Details of the iPhone-killing bug are still being investigated, but here’s what we know so far.

What is the video?
As mentioned, the MP4 video initially seems innocuous enough. It portrays a man standing by a bed with the word “honey” across the screen. After one or two minutes of viewing the video, the affected iPhone becomes sluggish. It then freezes and becomes unresponsive, ultimately requiring a reset.

It appears that the bug takes advantage of a flaw within iOS memory management. The corrupted video generates a loop that causes the affected Apple device to use more memory, leading to a temporary crash.

Reports have shown that the MP4 is hosted on a video-sharing site, Miaopai. Since then, the video has been distributed in other social media platforms, online forums, and, more commonly, as a link via iMessage.

Tests have also found that the video effects the latest iOS version (iOS 10.1 and 10.2) all the way to iOS 5. So far, the bug doesn’t seem to affect other non iOS products. But regardless, all users should be careful of the video.

Although this video’s effects may seem worrying, there is a fix to the problems caused by the corrupt clip.

How to perform a hard restart
The only way to recover from the crash is to do perform a hard restart. To do this, you simply have to hold down the power button and home button for a few seconds.

As for the iPhone 7, all you need to do is hold the power button and volume decrease buttons simultaneously to force a reset. In both cases, just hold the buttons until the Apple logo appears, and your device should restart normally.

Always be careful
Even though it’s easy enough to fix, it’s probably best to avoid the crash bug altogether. Soon, Apple will introduce a new security patch for this vulnerability, but until the update is released, you should avoid clicking on suspicious MP4 video links no matter what platform you use.

And this is the same for other videos, URLs, photos, emails, and websites you encounter on the web. When it comes to traversing online worlds, it’s imperative to develop a critical mindset for everything you see in the internet. While this particular bug only slows down your Apple device, you might not be so lucky the next time you unwittingly click on an unknown iMessage link or email attachment.

If there’s any lesson we can learn here, it’s that you can’t be complacent no matter how secure Apple platforms may be. Want to protect your Apple device from future security incidents like these? Contact us today, and we’ll provide you with sound advice and security solutions to nip these problems in the bud.

Published with permission from TechAdvisory.org. Source.

6 iPad Mini 5 rumors

Apple is known for launching its new products in September. However, some predict a new iPad launch this coming March. Although the release is long overdue, the anticipation among Apple users continues to be high.The predecessors worked well, and many recommend them, but the new iPad is being waited upon by users who are ready to give it a spin. Here are some of the speculations on the new iPad Mini 5.

Among the top rumors and speculations concerning iPad Mini 5 are:

Thinner design – There are speculations that the new iPad Mini 5 will be thinner than other models. Current iPads are already 6.1mm thin, but Apple plans to set a new record with a 5mm-thick tablet. Whether or not it will do away with the headphone jack like it did for the iPhone 7 is still unclear.

New aluminum chassis – The iPad Mini 5 will have a different chassis from the previous models. The new chassis will be made from 7000-series aluminum that has been used on iPhone 6s and iPhone 6s Plus. Because the iPad will be thinner, the new chassis will ensure it is durable and will prevent the tablet from any form of bending.

Smart Connector – It is rumored that the iPad Mini 5 will use smart connectors like the iPad Pro. The tablet will have a smart keyboard and other possibilities for connecting with other accessories.

Pricing – When it comes to pricing for the tablet, Apple is expected to keep the price of the iPad Mini 5 in line with that of its predecessors. Based on the pricing of the Mini 4, the price for the Mini 5 is not expected to be the same, but there is a possibility of a slight price increase on the new product. As always, the prices are expected to be higher for larger storage capacities.

Battery – Since the new iPad Mini 5 will be slim, the battery will be small in size and capacity. The battery will be made using improved technology, ensuring it does not affect the running of the iPad.

The iPad Mini 5 is a featured product expected to be launched in 2017. Users are eagerly waiting to see whether this iteration of the iPad will change the somewhat static smart tablet market. For additional information on Apple products and other tech-related topics, go to our website, where we can answer all your questions.

Published with permission from TechAdvisory.org. Source.

Apples latest Kitty released to the wild!

In the animal kingdom cats all share the same family, Felidae. All cats are characterized similarly  and are recognizable as felines. It may be for this reason that Apple has taken to applying code names from the Felidae family to different versions of their popular operating system OS X. Regardless of the name, the latest version is here with some interesting new features.

OS X 10.8, or Mountain Lion as it’s commonly known, was released into the wild on July 25, 2012 and will come standard on all new Macs purchased thereafter, or can be bought and downloaded from the Apple store for USD$19.99. Six features of Mountain Lion that you and your employees will definitely find really useful are:.

•              AirPlay Mirroring. Want to project your Mac’s screen onto a TV or larger screen? If you have an Apple TV you can mirror your display and audio to a TV or projector screen in HD. If your office uses Apple computers this could be a great way to give presentations, by simply setting up an HD projector to an Apple TV. Employees can then give presentations from their Macs at the press of a button, no wires required.

•              Power Nap. This is a great feature that allows newer Macs (models released after mid 2011) to receive emails, download and install updates while the computer is ‘asleep’. This should help IT install updates during non-business hours. It will also allow employees to start their day right away, with no waiting for the computer and programs to start up.

•              Gatekeeper. Gatekeeper gives the administrators of the new OS the chance to set which apps can be downloaded and installed. This should make management of systems easier, as IT departments can control what’s installed, and it should minimize malware and viruses.

•              Notification Center. Taking a page from iOS – Apple’s mobile OS – Mountain Lion now includes notifications. Available updates, upcoming calendar events, and messages, etc., will show up as a notice in the top right of the desktop and slide away in five seconds. They can be viewed again by hitting the Notification button on the top right of the screen.

•              iCloud. iCloud was introduced a few months before the release of Mountain Lion and is Apple’s answer to integrating all their different devices. With the update, documents stored on iCloud can now be accessed and modified by all devices, with changes showing up in the docs. stored on your Mac.

•              Reminders. If your employees are involved in one or more projects, or need a way to manage their tasks, Reminders can help. Essentially a to-do list that is integrated across all Apple devices that will pop up when a scheduled task needs to be done, or provide a reminder about meetings or whatever.

There are a number of other features that users may find useful, and we encourage you to explore the new OS.

\