Cyber Security Today: Fake Kaspersky anti-virus, patch your Apple devices and take care with mobile apps

There’s fake Kaspersky security software being spread, make sure your Apple devices have the latest security patches and be careful with mobile apps that control home devices.

We’re bringing you the latest cyber security news on today’s podcast with the help of our sponsor, Trend Micro. Welcome to Cyber Security Today. It’s Wednesday April 4th. I’m Howard Solomon.

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts

The people of ancient Troy learned to beware of Greeks bearing gifts. You need to beware of people offering a USB key to use. It may be infected with malware masquerading as a version of Kaspersky Internet Security 2017, according to researchers at Cybereason. The malware steals passwords and keystrokes. After a computer is infected, the malware spreads to any portable drive that’s plugged in, like a USB key. The malware uses Google Forms to pull passwords out and send them to the attacker’s inbox. Google has been notified and this hole has been closed.

The lesson here is don’t take USB keys from friends, strangers or at computer shows. The only keys to trust are ones you buy at a reputable retailer.

Got an Apple device? Make sure it’s got the just-released security patches that fix bugs in macOS, iOS, watchOS, and tvOS, as well as Windows software. The biggest fixes are part of iOS 11.3 for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. The bugs could allow an attacker to run code on your device or steal data. The fixes for macOS deal with Sierra, High Sierra and El Capitan versions of the operating system. They deal with the possible exposure of passwords, letting an attacker see encrypted email and letting an attacker gain account privileges. If you haven’t already done so make sure your device has the latest patches.

Finally, security vendor Pradeo is cautioning smartphone users to be careful downloading mobile apps that control personal connected devices like home heating and air conditioning, lights, door locks, baby monitors and security cameras. The company recently tested 100 of these Apple and Android apps and found 80 per cent had software flaws. Fifteen per cent of those tested could lead to a remote takeover of the device. Some capture user data and send it to uncertified servers. These are apps that came from the Google and Apple App stores. Usually apps from these sources don’t have malware, but that doesn’t mean they don’t have vulnerabilities. Preadeo has warned these app vendors of the flaws. Meanwhile, users should check with app makers about what data the app collects and transmits.

Cyber Security Today is produced by IT World Canada. This episode was brought to you by Trend Micro – Smart, optimized connected security solutions for your connected world. Learn more at trendmicro.com. Subscribe to our program on Apple Podcasts, Google Play, or wherever else you listen to podcasts. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast