Cyber-security Highlights

Every Monday we’ll be bringing you a review of the pervious week’s hottest cyber-security and on-line privacy news articles.

Here at IronSocket, we work to continually raise awareness of the threats that we as individuals face in our connected lives. We are 100% committed to helping our customers stay safe and secure while on-line, both through our VPN and proxy services as well as through education.

Here are the top articles we have gleaned from last week’s news avalanche.

 

Malware on macOS

It used to be that, security-wise, us Mac users didn’t have anything to worry about. That has changed now. This new strain of the OSX/Dok malware will infect your Mac, pretend to be a bank website, and capture your bank account user name and password. And, to protect itself from being discovered, it will disable security updates and block traffic from being sent to Apple’s servers. How does it do this? Read the article to find out.

http://www.techrepublic.com/article/macos-users-beware-a-new-and-nearly-undetectable-malware-is-on-the-rise/

 

A Password Thief for Chrome

Anyone who has 13 bucks U.S. and the chutzpah to venture into the dark web can buy the Ovidiy Stealer. It will help if you can read Russian but other than that, that’s all you need. This malware runs on Chrome and Opera and it steals passwords. Purchasing it gives you a dashboard where you can monitor your victims’ activities and even get technical support from the author of the malware.

Malware distribution and use as a business is a real thing.

https://www.forbes.com/sites/leemathews/2017/07/17/new-password-stealing-malware-spreads-rapidly-thanks-to-rock-bottom-pricing/#7c1aaf886f16

 

Phishing Attacks are Getting More Sophisticated

Let’s say you’re a hacker who wants to target a specific organization. This organization has pretty good cyber security. So, what do you do? You get someone on the inside to unknowingly do your work for you. Think U.S. presidential campaigns and the Democratic National Committee. Phishing scams attack people, not computer systems. Find someone who works for your target organization and who also has a good chunk of personal information on social media. Once you know some details about this person, you can tailor your phishing attack so it seems completely legit.

http://www.freep.com/story/money/personal-finance/susan-tompor/2017/07/16/phishing-attempt-work/475151001/

 

The Gaping Security Chasm that is the Internet of Things

People who write software hate to “reinvent the wheel.” So, if there is a collection of resources (a library) that contains bits of ready-to-use software (functions, objects, classes, etc.) that you need for the application you’re developing, you’ll want to go with that, rather than writing your own from scratch. And if it’s open-source and freely available on a public software repository, it’s a no-brainer.

The problem is, if there is a bug in one of these resources, and companies all over the globe are integrating this flawed resource into their products, well, you get the picture.

http://www.zdnet.com/article/millions-of-iot-devices-hit-by-devils-ivy-bug-in-open-source-code-library/

 

Speaking of the IoT – Think of the children!

Does your child’s connected device have a camera and/or a microphone? Did you read the user agreement that came with the device? Do you know what the manufacture’s privacy policy is? Do you know what data they collect and where that data is stored? Do you know what they do to protect the security and privacy of your child’s data? Do you know if they’ve ever been hacked? When they do get hacked, do you know how they will contact you and how they will manage the problem?

We know it sounds cliché, but cyber-security and on-line privacy begin with you.

http://www.darkreading.com/cloud/fbi-issues-warning-on-iot-toy-security/d/d-id/1329373?

 

That’s all for this week. As usual, if you have any questions or comments, don’t hesitate to write to us. We’re here to help you stay safe, secure, and protected while online.

Save Net Neutrality

Internet freedoms are being threatened globally.  This is true for even the United States.  If you’re a U.S. citizen, living at home or abroad, this is relevant to you.

Currently, the FCC is required to ensure that all Internet traffic is treated equally.  Internet service providers are not allowed to favor traffic from some websites over others.

The FCC, under the direction of the current administration, is proposing to reverse these net neutrality guidelines.  This would allow ISPs to control what passes through their networks.   They can speed up traffic from favored websites and from websites that pay for high-speed channels, slow down traffic from websites that don’t or can’t pay for high-speed, and even block any website they want for any reason.

The Electronic Frontier Foundation has called for July 12th to be a day of protest.  Hundreds of websites for non-profit organizations, artists, small businesses, tech companies large and small will be taking action to defend net neutrality and an open Internet.  The goal is to send a strong message to Congress and the FCC:  Preserve Title II of the Communications Act and net neutrality.

You can help too.  The EFF has a web form for submitting comments to the FCC.  It’s quick, easy, and every bit helps.  Add your voice to the call to preserve Title II, net neutrality, and Internet freedom.  Visit the EFF’s Save Net Neutrality website and submit your comments today.

 

Happy Independence from Snooping Day! Save 40% on an Annual IronSocket Subscription

 

We are pleased to announce that we are extending our first annual Independence from Snooping Day sale to the end of July!

Existing subscribers and new users can now save 40% on the already discounted annual subscription rate. Existing subscribers need to be logged into their account and go to https://ironsocket.com/pricing, then pay like you normally would using the coupon “2017IDSALE” on Step 3 of the payment process. Once you have paid, please contact customer support and they will manually update your current subscription.

Use the coupon code “2017IDSALE” to save big (just click the link or the banner and the coupon will be applied automatically.)

This sale will end on July 31, 2017.

P.S.

We are continuing to improve and refine our all-in-one custom application for Microsoft Windows systems.  We’ll be releasing a new version of the beta soon.  We’ve fixed the bugs we’ve discovered since the previous release and we’ve added some extra features that have been requested by subscribers testing the application.

If you have a Windows system and you haven’t yet tried it, you should have a go at it.  Log in to your account on ironsocket.com and click on the Windows Beta button.  Follow the prompts and instructions and you’ll be all set.

Downloading IronSocket Software and Products

We want to remind everyone that the only safe place to download IronSocket products from is the IronSocket website, https://ironsocket.com

We have made no distribution arrangements with any other websites to offer our products.  Any IronSocket installation programs you find outside of our website are not authorized and most likely contain malware that will be installed on your system.

It is common for free software download websites to take installation programs for legitimate software and repackage them with malware.  Always play it safe and only download products from legitimate sources.

Feel free to contact us if you have any questions or concerns.
https://ironsocket.com/support

PayPal Recurring Payments

Today, PayPal reported a technical issue that made it necessary for them to reverse subscription payments to some customers who have pre-approved (recurring) payments configured for IronSocket in their PayPal accounts.

If you automatically make payments with PayPal pre-approved payments, please check you PayPal account to make sure that this has not affected your most recent payment or your automatic payment configuration.

If you pay with credit/debit card, Bitcoin, gift card, or manually make your subscription payments with PayPal, this issue will not affect your subscription.