Skip to main content

Featured Post

News Scan for Jun 29, 2020 | CIDRAP - CIDRAP

Image
News Scan for Jun 29, 2020 | CIDRAP - CIDRAPNews Scan for Jun 29, 2020 | CIDRAP - CIDRAPViruses: Breaking new grounds in research | Results Pack | CORDIS | European Commission - Cordis NewsHelping Others Make Healthy Choices - Texas A&M Today - Texas A&M University Today"How Contagion Works" author Paolo Giordano on the environmental, social and political factors impacting coronavirus and future threats - Sydney Morning HeraldPandemic Outbreaks in the Past Decade: A Research Overview - ResearchAndMarkets.com - Business WireNews Scan for Jun 29, 2020 | CIDRAP - CIDRAPPosted: 29 Jun 2020 12:00 AM PDT Ebola infects 4 more in DRC's Equateur province outbreakOfficials have reported 4 more confirmed cases in the Democratic Republic of the Congo (DRC) Equateur province Ebola outbreak, raising the total to 28, the World Health Organization (WHO) African regional office said today on Twitter.So far, no details on the latest cases in the DRC's 11th Ebola outbreak are no…

Can Macs get viruses? - Tech Advisor

Can Macs get viruses? - Tech Advisor


Can Macs get viruses? - Tech Advisor

Posted: 23 Mar 2020 08:59 AM PDT

A few years ago, you'd have been right if your hunch was that you probably don't need to bother with antivirus software on your iMac or MacBook. Windows was still the primary target, with Android rapidly increasing as a platform for criminals to exploit.

However, a recent report from Malwarebytes shows that you can't be complacent in 2020. It found there was an increase in Mac threats of over 400 percent in 2019, compared to the previous year.

It also found that the number of threats detected by its software running on Macs rose from an average of 4.8 in 2018 to 11 in 2019, which is almost twice as many as on Windows.

Macs are now a prime target for cybercriminals, and although macOS has built-in security, it is not so effective against adware and PUPs - potentially unwanted programs.

When you consider that Macs are expensive, and so their owners tend to be wealthier than the average PC users, they start to look like an attractive target.

Do you need virus protection on a Mac?

There are no technical reasons why Mac users cannot be exploited. The operating system might be inherently more secure than Windows, but it is worth remembering that the end-user is always the weakest link. Unfortunately, unlike a machine, you can be fooled by a phishing email that cons you out of precious login details or a scam that tricks you into installing malware.

In many ways, security software exists to save you from bad decisions - installing apps that appear to offer something for nothing, but turn out to be spyware or viruses.

So for the price of a cup of coffee each week, it makes sense to install security software and then forget all about it. 

Let's take some advice from the experts. Our colleagues over at Macworld have the definitive guide to the best antivirus for Mac. It is regularly updated, and is worth checking out as some of the best Mac antivirus products are free. Right now the number one recommended product is Intego's Mac Internet Security X9 (with a free trial), with BitDefender Antivirus a close second.

Do Macs have built-in virus scanner?

No. But there are security features. Gatekeeper is one, and it verifies any downloaded app before allowing it to run. This helps to ensure that apps are safe to use, but it doesn't replace antivirus software.

If you use Safari as your web browser, then you're automatically protected from dangerous and fraudulent websites as well. However, this is not a cast-iron guarantee that malware won't get past the defences.

What type of malware can Macs get?

Mainly it's adware and 'unwanted' programs which misbehave. An example is NewTab. This redirects searches in a web browser to earn the criminals money from affiliate schemes. It usually arrives on your Mac in apps with embedded Safari extensions.

How do these apps get installed? Mainly from fake and fraudulent websites. For example, Malwarebytes found a fake package tracking website which would accept any number entered and then download a PackagesTracker app when you click the 'Track' button. Naturally, this does not track packages, or even pretend to.

Mac antivirus software is not prohibitively expensive - for 20 or so pounds or dollars, it will put your mind at rest and your valuable data in a much safer place.

You may also consider using antivirus on your Mac if for some reason you could be targeted individually - if you have access to sensitive or high-value data, for instance. If you do choose to buy Mac antivirus, take a look at the best Mac antivirus software roundup put together by our colleagues on Macworld.

What follows is the counter-argument as to why Macs don't need antivirus, but we still think it's better to be safe than sorry.

Why Macs don't need antivirus (but aren't immune)

All the evidence suggests they don't. Anecdotally, I've had an unprotected Mac connected to the web for more than 15 years, and I have never had a problem. Why this is the case is worth investigating, however.

The argument most often put forward is a simple one of market economics: because Apple's global market share is in single figures, criminals go after the bigger shoals of fish in the Windows and Android worlds.

There is something in this - virtually all current malware exists to generate cash for criminals. Crooks are not known for their application or invention, so the biggest, easiest target gets all the attention.

However, as we've seen, Mac malware is indeed increasing at a rapid rate. Yet, as a Unix-based operating system, macOS is by its very nature sandboxed. It's like having a series of fire doors - even if malware gains access to your Mac, it is unable to spread to the heart of the machine.

Macs are not unhackable, but they are more difficult to exploit than are Windows PCs. So just as a burglar could break into a house with an alarm system but will probably choose the unprotected dwelling next door, a Mac makes a less attractive target in a world in which only attractive targets tend to be attacked.

And if you are savvy and can avoid all the usual traps of opening dodgy email attachments and clicking on fake websites, then you are likely to keep your Mac free of nasty adware and PUPs.

As I've said, the latest versions of macOS - actually everything since OS X 10.8 Mountain Lion - take this even further. They include the GateKeeper function that by default prevents you from installing anything other than Apple-approved software.

Do Macs get slower over time?

Like all computers, they can slow down as you install and use more and more apps. The resources available remain the same, so you are using up storage, RAM and processing power, especially if you run a lot of apps at the same time.

If your Mac is running slow, it's unlikely to be a virus. But here are 7 tips for speeding up macOS.

Can My iPhone or iPad Get a Virus? - How-To Geek

Posted: 06 Dec 2019 12:00 AM PST

A smartphone with a malware alert.
Vladwel/Shutterstock

Your iPhone isn't as susceptible to viruses as a PC or Mac, but iOS malware does exist. Here's what protects your iPhone from viruses, and how you can avoid other types of malware and threats on your iPhone or iPad.

What Protects iPhones and iPads From Viruses?

The iPhone and iPad are protected from viruses by design. This is because you simply cannot install software from just anywhere on your iPhone (unless you jailbreak it). There are a few ways you can install software on your iPhone, but most people only ever encounter one of them: The App Store.

The App Store is Apple's curated storefront. Developers must submit their apps to be tested, checked for potential malware, and effectively given a clean bill of health from Apple before they're made available. Therefore, you should be able to trust any app that's available in the App Store on your device.

Developers and businesses have ways you can bypass the App Store and install their custom apps, but most people with iPhones and iPads get their software from the App Store.

On iOS, all apps are "sandboxed" by design. This term means the apps are only given access to the resources they require for normal operation. This prevents apps from changing settings, accessing parts of the file system that contain sensitive data, and other devious behavior.

A robust permissions system also provides granular control over exactly which services and information your apps can access. Apps have to ask before they can access your location, contacts, files, photos, camera, or other resources.

The Location Services Permission Prompt on iOS.

Restricted multitasking is another way iOS hinders potentially harmful applications from wreaking havoc. Most apps don't run in the background on iOS, but when one is, you see a bar (usually red or blue) at the top of the screen. This means any running apps can't fly under the radar on iOS. Unless they're the currently active app, they can do very little in the background.

Curious about the other ways you can install software on an iPhone? People who need custom apps (like the point-of-sale software used at every Apple Store) can install pre-signed versions. These require a valid developer license, provided the correct configuration profile is installed on your iPhone.

If you know how to do it, you can also compile your own apps and push them to your device with Xcode for testing. Apps you install this way expire because this feature is intended for developers who are testing apps.

What About Malware on the App Store?

In October 2019, Apple removed 18 apps from the App Store because they were driving up advertising revenue by clicking adverts in the background. This wasn't the first time apps were removed from the App Store due to malware.

While Trojans and worms relate to specific types of malware, the term "malware" is also a catch-all term for rogue apps. In the case of the rogue advertisement clicker, the app in question would have likely reduced your battery life and possibly consumed more mobile data than you would've liked.

Apart from that, the apps were fairly benign. This is a good example of why iOS is regarded as the most secure smartphone platform. Apple can also delete any apps from your device remotely that it detects as malware. This might seem overbearing, but the intention is good.

Do You Need an iPhone Antivirus?

The Avast Mobile Security app for iOS in the App Store.

You don't need an antivirus app for your iPhone, iPad, or iPod Touch. Despite many attempts to market security suites for the iPhone, it would be largely pointless. This is because Apple simply doesn't allow Windows-like viruses to run rampant on its platform.

Antivirus software has to scan your device to function and app sandboxing prevents this. An antivirus app cannot check running processes, scan system files, or look at other app data. Apps are only given access to their own files and any services or data you have granted permission, like GPS data or camera access.

In short, the permissions necessary for an antivirus to function would render iOS more vulnerable to attack. Android phones and devices also use app sandboxing, but that platform gives apps much more freedom to interact with each other and different parts of the operating system.

If you own an Android phone, you should definitely consider installing a good antivirus.

Safari Might Be iPhone's Weakest Point

In August 2019, researchers from Google's Project Zero revealed iPhone malware was spreading via a handful of compromised websites. In total, 14 vulnerabilities were discovered, with seven of them affecting Safari. Two of them allowed malware to escape the app sandbox and get unhindered access to iOS.

These websites were able to install spyware on affected devices and look for passwords and authentication tokens stored in the iCloud Keychain. Messages from services like iMessage, Skype, and WhatsApp, as well as email in Gmail, Outlook, and Yahoo, were also targeted. Other user information like call history, current GPS location, photos, notes, and voice memos were also of interest to the malware.

This spyware reported information back to the server once per minute. The information was transmitted unencrypted, in plain text format. The exploit affected users from iOS 10 to 12. Apple resolved these exploits with the iOS 12.1.4 patch in early February 2018. It's unknown how many devices were affected.

This was a good old fashioned zero-day exploit. Cybercriminals relied on unchecked security vulnerabilities in iOS to prey on their victims. Apple issued a patch and the vulnerabilities have been closed, but not before potentially thousands of devices were affected. To remove the spyware, you just had to update your device.

Although this was the first exploit of its kind in the wild, this discovery changed what many thought they knew about iPhone security. It's further proof that no device is completely immune from potentially damaging zero-day exploits—even the iPhone.

Beware of Rogue Configuration Profiles

The "Install Profile" option for iOS 13 and iPadOS 13 Beta Software.

Configuration profiles install a ".mobileconfig" file that allows you to configure a device quickly. Normally, these contain network settings, like wireless access point credentials, proxy settings, and email server login information. IT departments use them to rapidly deploy up-to-date settings to new employees or an entire staff.

These files can be distributed both via email and the web, which means they present a major opportunity for misuse. If you install a profile from someone you don't trust, an attacker could route your web traffic to a rogue VPN or proxy. He could then conduct a man-in-the-middle attack and attempt to snoop through your browsing data, including passwords and usernames.

Configuration profiles can also install certificates like those enterprise users need to enable bespoke app installs—for example, software that doesn't appear on the App Store. A more sinister use for a certificate might be to dupe a target into thinking he's using a trustworthy website (like a financial institution) when he's not.

If you're browsing the web or reading an email and a popup informs you a profile is being installed, reject it unless you specifically requested it.

To manage your installed profiles, head to Settings > General > Profile. If you don't see the "Profile" option, you don't have any installed.

iPhone Malware Exists, But You Can Avoid It

Install iOS Updates to Keep Your iPhone Secure

There are a few things you can do to stay safe while you use your iPhone. The first is to always install updates as soon as they're available. The only exception here is for major iOS upgrades (for example, going from iOS 12 to iOS 13). Understandably, you might want to hold off for a week or so on those to see if any stability or performance issues are reported. You can also turn on automatic updates.

The second thing you can do is avoid clicking links from strangers, particularly those on sketchy websites or hidden behind shortened URLs. In general, you shouldn't be afraid to open links on iOS, but rogue actors might target your device if an unpatched exploit appears. This is good advice regardless of the device you use.

"Jailbreaking" is the practice of removing protections on Apple devices, so you can install apps from anywhere. Root access allows you (or third-party software) to modify how the operating system works. You should avoid jailbreaking your device if you want to maintain a high level of security.

Common sense also keeps you safe. If an app doesn't look trustworthy, don't trust it. Many scam apps attempt to trick people into making in-app purchases. Others have been caught prompting people for their Apple ID and login credentials. Never authorize any purchases from sketchy apps and only type your login credentials in the Settings app.

Regardless the device you use, you should always be wary of phishing attacks on the web and in email. For these scams, actors pose as a legitimate service to steal your login info and other personal credentials.

Also, watch out for social engineering techniques scammers use over the phone. It's unlikely your bank will ever call and ask you to confirm information like your date of birth or account number. If they do, ask them for a number you can use to call them back. You can then search that number and make sure it's legit.

iOS Is Still Secure

Despite Safari's vulnerabilities, rogue advertisement clicker apps, and the lack of a functional antivirus for iOS, the platform is still well-regarded from a security standpoint. Apple baked security into iOS at its inception and has gradually improved its permissions system over the years, further demonstrating the company's mission to create a secure, private platform.

No platform is immune from vulnerabilities, but that doesn't mean you should avoid using that platform altogether. Windows and Android are the two most popular operating systems in the world, and, as a result, they experience more security issues than any other. We don't recommend you avoid those platforms; just exercise a sensible level of caution when appropriate.

In the meantime, save your money—you don't need to shell out for an iOS antivirus. You've already got everything you need to stay secure.

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US