exploits

Vulnerability Found in Apple's macOS and iOS

MacBook Air, iPhone, iPad

Episode 1308

Cisco has found a vulnerability similar to the Android text exploit, which could take control of your mobile phone through a text message. Leo says that Apple has released a patch to close the hole before anyone else had discovered it. This affects iOS, watchOS, macOS, and tvOS. Mavericks and Yosemite users don't have a fix yet, though, so those users should disable iMessage until they do. If you can't get past Mavericks because your desktop is too old, turn off iMessages permanently.

Will I have any warning that I'm being infected by Cryptowall?

Episode 1233

Greg from Tampa, FL

Greg is worried he's going to be nailed by Cyptowall. If he were to be infected, would he have some warning? Leo says you can sometimes see it happening, but it doesn't give you a warning. It's not instant though, in that it takes time to encrypt the data and if he has a hot backup, always backing up, the encrypted files can infect the backup. Having an offline backup will guard against that.

New Windows Exploit Discovered by Google

Episode 1149

Google has published news of a new vulnerability in Windows 8 that will allow hackers to create an administrator account and take control of the computer. Google let Microsoft know about it months ago and told them they would announce it after three months if Redmond didn't do anything. There's been no fix, so Google leaked the story as promised. Now Microsoft says they have a fix in the works. Meanwhile, hackers all over the world not only know about it, but Google has provided them with the suspect code to use. Swell.

How can I keep my new computer secure online?

Episode 1133

James from Newberry Park, CA

James just bought a new computer and he's concerned that Microsoft Security Essentials won't be good enough. Leo says that Microsoft Security Essentials works just fine, but he will have to keep it updated and constantly patch Windows. If he's not patching Windows with updates, even Essentials won't be able to protect him completely. Other things he can do is:

New Vulnerabilities Discovered on Operating Systems

Episode 1133

Root Pipe and Wire Lurker are two new vulnerabilities hitting computers. Root Pipe is hitting OS X but Leo says it can only be activated by someone sitting at your computer, so it shouldn't really be a huge cause of concern. Meanwhile, the Nigerian scam has been reported to have caused over $12 Billion in loses last year.

Meanwhile, a new report says that consumers are reaching "breach fatigue" over all the security breaches that have happened of late.

Did my Mac get hacked?

Mac

Episode 1113

Kathleen from Yucca Valley, CA

Kathy thinks her Mac got hacked. She gave a support line remote access to her Mac and she's worried she got hacked. Leo says that if she didn't give them her credit card, chances are she's OK. But if she wants to be sure, she can download Little Snitch. It'll observe her computer activity and let her know if it does phone home or let someone remotely access it again. She should also turn on her software firewall.

'Heartbleed' Flaw in OpenSSL Exposes Passwords on Many Popular Websites

Episode 1074

OpenSSL is a widely used protocol for providing secure internet traffic. The "Heartbleed" bug takes advantage of a hole in OpenSSL to peer into the memory of SSL servers. It can allow a hacker to ping 64K of random memory repeatedly, thereby allowing them to glean usernames and passwords, and even fake a server certificate.

How can I keep using Windows XP safely after April 8?

Microsoft Windows XP

Episode 1067

Mark from Indio, CA

Mark hears that XP will stop being supported. Leo says yes, on April 8th Microsoft will release it's last security update. So what would be his options after that? He's on a budget and can't buy a new computer. Leo says that Linux is a good option, and it's often more secure. Leo says that Mark could also just continue to use XP if he takes steps and knows what he's doing.

Here's what Mark can do: