exploits

Did I download a virus from an app?

Amazon Kindle Fire

Episode 1702

RIchard from Windsor, CA

Richard put Facebook Messenger onto his wife's Kindle tablet. Since then, he's had nothing but trouble with his network. He didn't get it from the Kindle store, so he's worried he's been hacked. Leo says that Richard probably was since he googled and clicked on the first link he found. Leo says that's why its important to go to the official source like the Kindle app store. If bad guys can steer you to a website, they can infect you. But it may not be the Kindle that's been infected. It could be the router or modem. But Leo says it's not likely.

iOS Bug Crashes Leo's Phone

iOS

Episode 1689

A zero-day bug prompted a text message to Leo that caused his iPhone to crash. It's officially known as a "remote zero click." Apple is aware of the issue and is working out a fix for the next update to iOS 13. It was discovered by a security company in San Francisco this week, along with two other zero-day exploits. Leo advises updating to the latest iOS as soon as it comes out.

Should I install the Spectre bug fix?

Episode 1454

Irwin from The Bronx

Irwin is concerned that the Spectre bug fix will slow down his computer. Leo says it's possible, but it's unlikely to have a noticeable impact on a modern machine. Experts say the bug fix will greatly affect slower, older machines. A newer machine will get the least performance hit. He should just make sure to update his AVS and all of his drivers.

VMware or really heavy applications are where the performance hit will most likely be affected.

Why can't I download the Meltdown fix for Windows?

Windows Update

Episode 1453

Travis from Oklahoma

Travis is having trouble getting the Windows update that will fix the Meltdown/Spectre exploit. Leo says he should make sure to update his antivirus first, because the fix will break the AVS and crash the machine, forcing a reinstall of the OS. He may also need to do a BIOS update. In fact, the entire machine may need to be updated to prevent the Windows OS update from breaking the machine.

Processor Flaws Give Hackers Access to Your Data

Processor

Episode 1452

2018 brought about the news that every processor built in the last ten years have a flaw in them that could give hackers access to sensitive data. Initially believed to affect just Intel processors, the latest is that this affects every single processor made, regardless of platform.

The flaws utilizes a technique called "processor speculation," which enables the processor to speculate what the user will do next in order to accelerate performance. But the feature also gives hackers access to sensitive L2 cache data like passwords. It's especially true for networks.

Processor Hack Affects All Computers Made in Last Ten Years

Processor

Episode 1451

The latest exploit "Spectre" affects every single chip made in the last ten years. At first, security researchers thought that the exploit only affected Intel processors, but it turns out this hack also effects ARM, AMD, and any other processor that uses speculative prediction. The white hat hackers who found the flaw discovered that you can use it to access valuable data including passwords and other information. Leo says that Microsoft has already pushed out a fix, and Apple's High Sierra has patched the vulnerability with a recent fix. Apple has also patched the iPhone and iPad.

WannaCry Ransomware Has a Possible Solution

Encryption

Episode 1391

WannaCry is ransomware that can lock up your data unless you pay the hacker who created it. WannaKiwi, however, finds the crypto key in your PCs RAM to undo the damage. It only seems to work about a third of the time, however. That's why Leo says to make sure you don't get it by altering your behavior, and by making sure you have current backups of your data should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse getting installed.

New Exploit Gives Governments the ability to hack into iPhone

Episode 1317

Remember the legal battle that Apple fought against the US Government to prevent unlocking of the iPhone's encryption? The US Gov't ended up going to a third party company who had created a hack to do it. Now that hack is being used to unlock and peer into the mobile phones of dissidents and other undesirable elements that the government wants to keep tabs on. Even reporters. Leo says that Apple has pushed out a fix to block it, and everyone should install iOS 9.5.3 to stop it. Otherwise, you're vulnerable.

Android Has a Bad Exploit: QuadRooter

Episode 1313

A really bad exploit in the Android OS enables the installation of malware called QuadRooter. Google is working to push security updates, and promises to have an update by September. If your manufacturer or wireless provider is slow to push out updates, then you may be vulnerable for quite some time, especially if you have an old phone. If you're looking to get a new phone, make sure you're getting it from a company that's offering monthly updates.