Category Archives: malware
Apple launched OS X Yosemite and El Capitan with a little known security feature called ‘Stealth Mode’. This feature was added to the Firewall and would be useful to enable if you use your Mac on unsecured or public networks.
When you enable Stealth Mode, your Mac’s firewall will hide your OS X Yosemite and OS X El Capitan computer from ping scans that attempt to discover system information or look for open ports which might have vulnerabilities. Stealth Mode protects both Yosemite and El Capitan Mac OS X users from packet requests from a closed TCP and UDP network as well as from hackers and malware.
How to enable Stealth Mode
- Navigate to > System Preferences
- Click > Security & Privacy > Firewall
- Click the lock to make changes – enter your OS X password
- Click > Turn On Firewall
- Click Firewall Options… > Click the ‘Enable stealth mode’ checkbox
Alternatively you might want to use Terminal to enable Stealth Mode:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
Turn off Stealth Mode as follows:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode off
My suggestion is only enable Stealth Mode when you use unsecured or public networks, as it’s not required for use (and can cause problems) on private networks.
Our Android research, based on over 18 months of App and SDK analysis for leading NASDAQ and NYSE companies, uncovered a low malware threat to end users. The major global threats we were identifying were not necessary malcode-related, although leading security vendors will have you thinking otherwise.
To support this finding, our data analytics platform found most malicious Apps and SDKs were repackaged (not re-engineered); required Unknown sources option to be checked and in most cases were found in third-party markets in China with some Android malcode Apps found in India, Brazil and Indonesia.
The fingerprints we flagged also hinted at Russia and China being a primary location for development of new mobile malware, but our research found that the malcode threat vector was actually very narrow i.e. your device would have to be rooted and/or Unknown sources checked.
Most used spear phishing (email) or drive-by download (specific web pages) paths to infection but there is also some ransomware in circulation. Ask your friends who use Android and they will tell you they have never been infected by a virus or ransomware. This isn’t always the case, but it is from our research, more the norm.
Startup processes are responsible for loading your Windows software. In some instances your Windows PC may fail to load or performance starts to degrade. Startup process can sometimes remain when you have uninstalled a program. Malware inhibits this type of behaviour, so it’s a good idea to be vigilant with startup processes. So how can you manage your startup processes?
I’d suggest using a free tool called Autoruns developed by SysInternals, but now owned by Microsoft. Once downloaded and installed, you should run it as administrator. It will open on the ‘Everything’ tab and will take some time to populate the listing. Once the list is populated I’d suggest you do the following:
- Click > Options > Check Hide Microsoft Entries – this will reduce the list and only present third-party startup items
- Next Click > Options > Hide VirusTotal Clean Entries > Click the OK prompt – this will allow you to see items that are listed as suspicious or malicious from the VirusTotal database
- Scroll through each item and untick any item you don’t want to run at startup. Not allowing an app to run at startup, will stop an app from running in the background, which should improve the performance of your Windows PC
Phishing threats are developing in sophistication and with that they are targeting the popular browsers such as Chrome and Firefox. Google has developed a useful Chrome extension called Password Alert.
Password Alert warns you when you are about to type your Gmail password in a non-Google site. If this happens you will be presented with the following message “Your Gmail password was just exposed to a non-Gmail login page.” This is the warning message you will see:
Reset your Gmail password
Your Gmail password was just exposed to a non-Gmail login page. You should immediately reset your password to keep your Gmail account secure. Also, please make sure your Gmail password is not reused on other services. Learn more
Providing a security prompt as above, will remind users that they should always be vigilant. The main reason for Google developing this extension is to encourage people to never use a login password on more than one website or mobile app.
How to install the Password Alert extension:
- Click > ADD TO CHROME > Add
- You will see a slide notification (top right) > then sign in with a Google account
Privacy Guard is a built-in privacy management tool for use on CyanogenMod 11>12 versions (CM11 & CM12), which aims to help you control the privacy and security of apps installed on your device. You can set preferences for each and every app you have installed.
Here is how you setup Privacy Guard:
- Next go to > Settings > Privacy > Privacy Guard – you will see your apps listed – tap on the app name to enable/disable Privacy Guard (Padlock shield changes to green colour when enabled)
- Tick an option at the top of a list. You should enable this by default as this will stop ALL app permissions – giving you total control on what permissions your apps are allowed to access
- TIP: Don’t forget to check the > Settings menu for the option to reveal the built-in apps (not all built-in apps allow access to their permissions)
- Permissions – long press an app name > list of apps permissions will be shown. You can control each permission individually, including whether an app is ‘Keep awake’ or ‘Wake up’ (starts from boot up). There is also an app option that allows you to see the last time that permission was requested.