Cyber Security Today: Feb. 1, 2019 — Dangerous Mac malware, SuperBowl alert and protect your email

Dangerous new Mac malware is a quadruple threat, SuperBowl online alert and protect your email from this attack.

Welcome to Cyber Security Today. It’s Friday February 1st. To hear the podcast click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

Users of Macintosh devices are being warned about new malware. Security company Palo Alto Networks said this one’s a quadruple threat: It can steal web browser cookies used by some cryptocurrency exchanges and wallet service websites an infected devices goes to; it steals passwords saved in the Chrome browser; and it steals iPhone text messages from iTunes backups on a tethered Mac. With this combination there’s a risk the multi-factor authentication users depend on for security could be bypassed, allowing an attacker to steal the victim’s digital currency. And to round off the attack, this malware installs a digital currency miner on the infected device to make the attacker more money.

Cryptocurrency owners should keep an eye on their security settings and digital assets to prevent compromise and theft. And your computer should have up to date malware and anti-virus detection software.

The Super Bowl is set for Sunday, and you know what that means: Scammers are hawking phony game-related shirts, hats and other stuff online. It’s easy to fake an official logo. If these things matter to you, be careful where you shop. Remember, scammers don’t just want your money, they want your credit card number. And by the way, there’s no way to get a free Super Bowl broadcast on the Internet. Don’t do an Internet search for “free Super Bowl.” For sure you’ll be stung.

Here’s another reminder of why you need to protect your email account: According to email security company Agari, its customers recently saw a big hike in attacks coming from other people’s legitimate email accounts. The problem is the infected emails look legit because they come from someone or a company the recipient trusts. So not only after getting into someone’s email will the hacker read private mail and try to get deeper into their computer,  They’ll also use the account to mail malware to others, or try to trick others in business to wire them money. So, IT administrators, one of the best ways to protect your company is to set up a secure multi-factor authentication login system. That way if an attacker has a user name and password it isn’t enough to crack a login. And make sure your company is also using an email authentication system like DMARC to make sure your domain can’t be impersonated.

Finally, there’s a new version of the Google Chrome browser available that patches a bunch of vulnerabilities. Usually Chrome updates automatically, but just to be sure check it yourself. Do it by clicking on the three dots in the right-hand corner of the browser, go to Help, then About Google Chrome. After that it will check for the latest version.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast