SHELL SHOCKED...

CAN YOU BE "BASHED"?

Yup, the word is out - there's a bug, possibly worse than websites with "Heartbleed". This affects computers running Linux, UNIX, which include web-servers running that OS as well as Mac's, and the bug is called "Shellshock".

PHOTO CREDIT: B.WOODBURY/SECURITYDAZE

 

 

This comes from a part of the Linux/UNIX code called "Bash", and according to Kaspersky labs there is a computer "worm" already "In the wild" trying to take advantage of this.

 

You may not own a MAC of Linux computer and feel pretty safe, but do you have a website? Unless you specifically picked "Windows Server" to host your website then it's probably on a Linux or Unix server.

 

And it's not just your servers, or computers you have to worry about - most wireless routers and webcams run a version of Linux as well.

 

While you'll find many articles about this on the web, here is a link to one from PC World's website, HERE.

 

Red Hat issued some patches late yesterday but according to those who looked at them, they were incomplete and still left you vulnerable. I guess we'll see how this plays out in the coming weeks...

 

'Nuff Said,

Brian

 



IS IT AS SIMPLE AS AN iPHONE 6 VS. SAMSUNG?

"Umm....NO"

In recent "corners" of the computer world, some folks are knocking the iPhone 6 as not going as far as it could, thus being thumped by Samsung's latest model. I suppose if you were comparing feature-by-feature it could be true, but when you get down to it the OS [Operating System] has a lot to do with your choice in choosing your next smartphone.

First, I'd like to briefly touch on the features of the new camera in the iPhone 6. Yes, it's still an 8mp camera, but mega pixels aren't everything. On my photography Blog, I offered a quick analogy about this saying -

"While working at Compaq HQ [circa 1990] there was buzz about the new video graphics coming from the new line of computers and monitors. At that time manufacturers were in a race to beat their competition with higher screen resolution, but the word around our cubicles was that there wasn't an increase in resolution,  just in colors.

This new setup would offer 256 colors, but none of us were really excited by this news - until we got to see it for ourselves. It blew the competition away, so while Apple's changes may not be as radical as that, nonetheless, the internal camera has new features added to it that makes a difference in the end result while maintaining the same mega-pixel count..."

[You'll find a link to that Blog post that has a review of the camera features by someone who got a chance to check the iPhone 6 series camera, including photos taken by it as well].

And camera and other things aside, with IOS8, the iPhone 6 will have deep integration with MAC's that are able to run the new OS "Yosemite".

But enough about that...

The glaring fact remains that the Android OS is still plagued by security issues that open your phone to all sorts of Malware when compared to Apple's IOS [which doesn't, mostly having to do with Apple's firm grip on the App's which are found on their App store vs. the sloppy manor taken by Android based operating system App store security measures].

Even several years ago anti-virus companies were saying that their were more attacks on the Android OS phone/tablets vs. Apple's IOS, like Symantec in a yearly report:

"Android has a 72 percent market share with Apple® iOS a distant second with 14 percent,

according to Gartner.

As a result of its market share and more

open development environment, Android is the main target for mobile threats."

 

Adding:

 

"Android dominates the malware landscape with 97 percent of new threats"

 

 

 

It is not the market share alone which accounts for the huge disproportionate ratio of Malware between Android's OS and Apple's IOS, but because Android App's were available from websites other than the official Android App website, as well as the fact [apparently] App's weren't screened as thoroughly as IOS App's - which can only come through Apple's iTunes official App store.

 

You can do the legwork for the rest of this [I've reported about steady/huge yearly increases in Android Malware vs. Apple for years. I may be incorrect, but I don't believe that since I've been tracking this, the increase in Android OS Malware has never been less than 200% each year, and close to 400% in 2013 vs. under 30% each year for Apple's IOS] by checking my previous posts during the last few years, but while comparing an Android smartphone vs. the Apple smartphone you really have to take into consideration the amount of threats you are opening yourself up to as well.

 

I'm not saying the iPhone's IOS is perfect [far from it], but they (Apple) do run a tighter rein on the App's that make it into the App Store.

 

Recent Android Malware news:

 

Android bug lets apps make rogue phone calls

 

Android, Bitcoin top malware targets, McAfee reports

 

Rare text message worm targets Android devices

 

File-encrypting Android ransomware's extortion attempts mimic FBI-themed alerts typically found on Windows computers.

 

F-Secure's report on Android based Malware

 

New crimeware tool Dendroid makes it easier to create Android malware

 

 

There is more to find, some of which I may have already posted about, but it took about 5 minutes to do a search and find the articles above. Once again, Apple's IOS is NOT bullet-proof, but thanks to [so far, at this point] Apple's stringent App-checking, Android users [phone, tablet, phablet] continue to be easy marks, and no matter which phone/OS you choose, make sure that you have a anti-virus program running on it -

 

'Nuff Said,

Brian

 

 

 

 

 

 

 

LONG OVERDUE UPDATES AND NEWS

SORRY FOR THE DELAY...

Yeah, I know, it's been awhile and I've been occupied by non-Blog issues but felt it was time to let you in on things you probably already know - so let's start off with the latest:

By now everyone has heard about Home Depot's data breach [much like Target], and it being the biggest breach yet.

This may or may not be true. It's the biggest one we've been told about, but who knows about the ones that are still secret?

One thing is clear - this isn't the last BIG data breach we'll hear about in the future and I don't see an end to this type of hack soon, so be careful and keep an eye on your bank accounts and credit reports!

Apple had some unwanted press about popular people having private photos taken from their iCloud accounts, and let's be honest - if you have some publicly embarrassing photos around the last thing in the world you'd want to ever do is upload them to any cloud, PERIOD.

PC WORLD's website had an interesting article about lax security and sloppy coding on some popular Android Apps, which if you own something "Android" you should take a look at [ed. - just an FYI, turn your speaker down or mute it as like many other websites, this one has a real annoying commercial that starts playing].

FireEye's blog has a nice bit about "Mass-producing Cyber Attacks", picture [credit: FireEye] below:

But don't leave that blog yet, because there's more...

If you scroll down a little further in their blog you'll see a post about how Mac's aren't as bullet-proof as their owner's believe them to be.

You hardly ever heard of a MAC-Attack in the past was do to the low percentage of MAC users in the world. With the MAC and it's OS becoming more broadly accepted, and adding to the wild popularity of the iPhone/iPad IOS, you'll read or hear about more virus/malware attacks against them. Please - BUY SOME ANTI-VIRUS PROTECTION!

NETFLIX

NETFLIX is dealing with a phishing scam via email that lures their customers to a fake Netflix site in hopes of stealing your credentials and other information [mind you, it's nothing to do with their website, but your gullibility to click on a suspicious email link] - BEWARE! This information came from the friendly folks that write the Malwarebytes Blog!

'Nuff Said,

Brian