exploits

REvil is Latest Ransomware

REvil

Episode 1810

REvil is the latest ransomware to hit the world. Leo says that the exploit uses the Cassea remote management supply chain to infect thousands of MSP computers. REvil disables your AVS and deploys a fake Windows Defender app to infect and encrypt computers. So far, it's hit several grocery and convenience stores, forcing them to shut down. If stores are using Cassea, then they are advised to go offline and shut down their remote access.

Reminder: Western Digital Hacked

Western Digital NAS

Episode 1809

Western Digital's My Book Live Network Attached Storage has been hacked due to an exploit discovered in 2018 and was never patched. Hackers can run a program of their own making taking advantage of it. A hacker has searched for numerous My Book Lives and executed a script to erase them, leaving many without the backups they were relying on. Western Digital's solution is to have users unplug their MBL from the Internet while they research the hack. Will WD issue a fix?

Western Digital Gets Hacked

Western Digital

Episode 1808

Western Digital's My Book Live hard drives were compromised this week using a remote code exploit that had been left unfixed since 2018. Leo says it's important that devices get updated for security reasons regularly, and when it goes out of service, to think about replacing it. Leo also says it's important to adopt a 3-2-1 backup strategy. Three copies, on two different kinds of medium, and one off-site. Just in case. 

Did I download a virus from an app?

Amazon Kindle Fire

Episode 1702

RIchard from Windsor, CA

Richard put Facebook Messenger onto his wife's Kindle tablet. Since then, he's had nothing but trouble with his network. He didn't get it from the Kindle store, so he's worried he's been hacked. Leo says that Richard probably was since he googled and clicked on the first link he found. Leo says that's why its important to go to the official source like the Kindle app store. If bad guys can steer you to a website, they can infect you. But it may not be the Kindle that's been infected. It could be the router or modem. But Leo says it's not likely.

iOS Bug Crashes Leo's Phone

iOS

Episode 1689

A zero-day bug prompted a text message to Leo that caused his iPhone to crash. It's officially known as a "remote zero click." Apple is aware of the issue and is working out a fix for the next update to iOS 13. It was discovered by a security company in San Francisco this week, along with two other zero-day exploits. Leo advises updating to the latest iOS as soon as it comes out.

Should I install the Spectre bug fix?

Episode 1454

Irwin from The Bronx

Irwin is concerned that the Spectre bug fix will slow down his computer. Leo says it's possible, but it's unlikely to have a noticeable impact on a modern machine. Experts say the bug fix will greatly affect slower, older machines. A newer machine will get the least performance hit. He should just make sure to update his AVS and all of his drivers.

VMware or really heavy applications are where the performance hit will most likely be affected.

Why can't I download the Meltdown fix for Windows?

Windows Update

Episode 1453

Travis from Oklahoma

Travis is having trouble getting the Windows update that will fix the Meltdown/Spectre exploit. Leo says he should make sure to update his antivirus first, because the fix will break the AVS and crash the machine, forcing a reinstall of the OS. He may also need to do a BIOS update. In fact, the entire machine may need to be updated to prevent the Windows OS update from breaking the machine.

Processor Flaws Give Hackers Access to Your Data

Processor

Episode 1452

2018 brought about the news that every processor built in the last ten years have a flaw in them that could give hackers access to sensitive data. Initially believed to affect just Intel processors, the latest is that this affects every single processor made, regardless of platform.

The flaws utilizes a technique called "processor speculation," which enables the processor to speculate what the user will do next in order to accelerate performance. But the feature also gives hackers access to sensitive L2 cache data like passwords. It's especially true for networks.