Category: Blog

The Mac operating system (MacOs) has frequently been hailed as one of the best systems for its resiliency to malware and typical viruses. But the days of MacOs standing strong and tall with no worries have really always been a misconception. Mac systems are just as vulnerable to the beefed-up, intelligent malware threats that are out there today.

SentinelOne published a lengthy review of the MacOs malware at the end of 2018, but in a new release, SentinelOne also stated that there has actually been an uptick in the numbers of new types out there attacking users. Here is a look at some of 2019’s biggest MacOs malware threats that every Mac-reliant business owner should know.

1.OSX.Siggen: A Malware Download from a Malicious Domain

Masquerading as a helpful app called WhatsApp, OSX.Siggen is actually a latched-on malware that slips in during a regular app download. WhatsApp is a fake social media platform, and the download looks super enticing when users come across it. However, once added to MacOs, the app runs with a backdoor designed to take administrative control over the system.

2. KeyStealDaemon: Password Hijacker

This dirty malware showed up in February of 2019, but by June it was still running strong. Apple allowed a patch several years ago designed for another purpose, but KeyStealDaemon can create administrative privileges for itself by slipping through. Unfortunately, this malware allows the person behind the scenes to get into the system and steal pretty much any password you have stored. The good news is, if you have properly updated your system, KeyStealDaemon can be booted out because it cannot break through.

3. CookieMiner Slips In and Steals Credentials

Toward the end of January 2019, a cryptominer showed up with its own installed backdoor to induce a threatening combination of technologies to steal cryptocurrency exchange cookies and passwords for Google Chrome. The worrisome thing about CookieMiner is this: experts believe that the malware could potentially have the rare ability to bypass things like authentication processes that involve multiple factors. If CookieMiner is capable of gathering enough cookies and credentials, cryptocurrency wallets can be virtually pickpocketed right in plain sight.

4. Mokes.B Puts On a Good Act

Persistence agents running amuck on your MacOs with familiar names may never be spotted, especially if they are calling themselves things like Firefox, Skype, or Chrome. This is precisely how Mokes.B avoids suspicion when it latches onto the operating system in application support folders and tracking files. Mokes.B is super-scary because it can gain the ability to take actual screenshots whole you are on pertinent screens, but it can also record keystrokes to steal date you are keying in.

5. A Variant of OSX.Pirrit Has Shown Up

OSX.Pirrit caused a lot of problems a few years ago, but this malware never really disappeared altogether. Instead, new family members under the old parent app are still being found on MacOs, and they are not being detected as they would otherwise be when acting as OSX.Pirrit. The aim of this malware is to make money from redirect actions that occur as a result of a browser infection, but there are rumors that PIRRIT is potentially capable of stealing data as well.

6. OSX.Dok Reroutes User Traffic

OSX.Dok gets into a system and installs a securely tucked-away Tor version location on a Mac system. User traffic hitting a site gets sent to an onion server instead of where it should be, which is a major problem for business owners needing to protect sensitive customer actions when they think they are on an e-commerce website. One of the scariest things about OSX.Dok is the fact that it can steal even SSL encrypted internet traffic maneuvers. Older versions of this software were thought to be banished, but new versions continually pop up.

Even though there are so many Mac users who think they are covered by some unseen immunity from malicious software, these risks are there and the growing list of 2019 proves that fact. Attackers deploying these software programs are targeting those easy-to-break barriers, so something like an improperly updated computer or even an unsuspecting employee can leave a business computer wide-open for an attack.

Microsoft’s Hyper-V Server 2019 Finally Released

After being plagued with everything from data loss issues to a lack of available hardware, Microsoft finally released their long-awaited Hyper-V Server 2019 to their Evaluation Center approximately eight months after the expected release date of October 2, 2018. This is even after the Microsoft team skipped the crucial RTM (“release-to-manufacturing”) stage that allowed hardware developers to deploy and test adequately, forcing a holdup before organizations could even utilize the update. The mysterious delays of this free enterprise-class server virtualization solution may make users a little wary, but the functionality offered may simply be too tempting to overlook the release.

What Is Microsoft Hyper-V Server 2019?

Microsoft’s Hyper-V Server 2019 is a free product that is meant to compete directly with VMWare, providing enterprise-class virtualization for your datacenter and hybrid cloud, according to Microsoft’s Evaluation Center website. Essentially, you’re able to quickly scale and balance workloads to meet the demanding performance requirements of today’s data-heavy businesses. The release contains the Windows hypervisor technology as well as a simple and reliable virtualization component and a Windows Server driver model. The product is intended to help reduce costs and improve overall server utilization. You can easily compare Windows Server versions in this free online tool from Microsoft.

“We Found Some Issues with the Media”

Microsoft’s bland explanation of why they quickly pulled Windows Hyper-V Server 2019 from the Evaluation Center almost immediately included this note on their blog: “As we were getting ready to publish Microsoft Hyper-V Server 2019 in the Evaluation Center, we found some issues with the media. We are actively working on resolving it”. This was after the software giant released the Windows Server 2019 evaluation media, minus the Hyper-V Server portion of the package. While it’s fortunate that Microsoft immediately discovered these issues before the software was widely implemented, there were still some critical features that users had been anxiously awaiting for many months. It appears there were some issues with Remote Desktop Protocol and media installation problems, too.

While it seems that all of the glitches have been safely ironed from Microsoft’s latest release, wary users may want to give the platform a few months before launching into full utilization. After more than seven months of delays, Microsoft has left fans wondering if they’re preparing to phase out the popular — and free — tool in the future.

Windows 10 comes a step closer to preventing cyberattacks and privacy threats facing users. It’s a next-generation solution that helps you fight threats from hackers and criminals who target your business. This is a big plus for cybersecurity managers. The past several years have brought some of the worst and most frequent cyberattacks in history. Security professionals are constantly on the lookout for new ways to prevent network breaches and safeguard the data of clients and the enterprise. Let’s take a closer look at how Windows 10 can help.

What Are the Security Advantages of Window 10?

Microsoft introduces Windows as a service in this version of their OS. It includes a unique way of creating, implementing and maintaining Windows. Each update adds new features to protect the security and privacy of users. The idea is that protection is layered into the functionality so that it doesn’t affect performance or distract users.

Windows; Core Services Engineering and Operations is thus better able to protect data and privacy. Built-in features identify suspicious activity that can put your business in jeopardy. This helps your security team detect and block sophisticated attacks faster. Releases focus on adding new features that combat new or anticipated risks. This is all possible thanks to the software giant’s finger on the pulse of the latest ransomware and malware hitting around the globe.

Windows 10 is considered to be the most secure version yet released. Because Microsoft has addressed cyberattacks during the engineering phase, improved security itself becomes a major bulwark, protecting your system from files and executables sent by hackers.

How Does Windows 10 Protect Your Data Better?

Here are some of the ways that Windows 10 improves its protection, including the new tools that can detect threats:

• Windows 10 disrupts malware and thwarts hackers by changing the playing field. Bad actors can’t attack systems in the same old ways.
• Device Guard acts as a shield against malware by allowing you to block unwanted apps. This gives users a proactive way to prevent ransomware and malware attacks as well as spyware.
• Windows Defender uses machine learning, the cloud and behavior analysis to respond to new threats. This is like having a smart guard dog that not only prevents intruders from entering but smells them coming a mile away.
• Microsoft Edge systemically disrupts malware, phishing and hacking attacks so that fewer threats make it through the system to trick users.
• Windows 10 has aggressive data protection that meets compliance requirements without slowing down users, who expect the same solid performance Windows has always offered.
• Windows Information Protection contains business data so it cannot be leaked to unauthorized users via apps, docs and the web.
• BitLocker helps your security team protect sensitive data from prying eyes. Military-grade encryption takes over when a device is lost, stolen or otherwise compromised.
• Azure Information Protection partners with Windows Information Protection to assign permissions that govern how certain data is shared.

What Ways Does Windows 10 Protect User Identify?

Windows 10 has built-in identity and access management protocols. This advanced technology safeguards user identities. For example, Windows Hello presents an alternative to passwords. It uses many factors to achieve solid security, such as a PIN, biometrics and a companion device.

Credential Guard uses NTLM-based authentication protocols, while Windows pass the hash (PtH) method authenticates without displaying the user’s text when a password is being entered. There’s also a hardware-based component that also limits access.

What Does This Additional Protection Mean for Security Teams?

While 57% of organizations offer training and incentives to security recruits, it’s hard to keep these resources for very long. This is due mainly to the high demand for qualified candidates. With additional protection built into applications themselves, busy cybersecurity teams can concentrate on other crucial tasks to protect the company’s data and reputation.

Just about nothing is more frustrating when using a smartphone than connecting to a sluggish or broken Wi-Fi network. In most places, mobile data is so effective and speedy these days that we just can’t accept a Wi-Fi network performing worse than our mobile networks can.

If you’re dealing with obnoxiously slow speeds on your mobile phone, here are some tips to try.

1. Isolate the Problem

Your first step is to isolate the problem. First, toggle off Wi-Fi altogether. Does your phone respond quickly with Wi-Fi turned off? If so, you’ve determined that Wi-Fi is the problem. You can skip to step 2.

If your phone is still sluggish with Wi-Fi turned off, it’s time to check whether the problem is your connection or the device itself. Use a speed tester, like the app from speedtest.net, to see how fast or slow your cellular connection is. If you get a bad result, you’re likely in a bad coverage area. If you get a good result, though, then your phone’s sluggishness isn’t related to your internet speed. Chances are there is something wrong with the device itself, or perhaps it’s just too old and needs to be replaced.

2. Check Your Router Location

Next, check your router location. Wireless routers have range limits, too. If you’re far away from your router or if there are thick walls or furniture between you and your router, your speed will be diminished. Try operating right next to the router and see if your speeds improve.

The best location for your wireless router is the center of your home or office, away from any walls or furniture. Of course, this is rarely practical. Get creative and find an inventive way to place your router in a good location.

3. Check Router Strength

All routers have limits, and some have a stronger broadcast strength than others. If improving your router’s location doesn’t do enough, you may need to upgrade to a model with a greater range.

4. Watch Out for Noise and Competing Networks

Certain electronic devices create noise that can weaken your Wi-Fi network’s performance. Anything that emits wireless signals or even electromagnetic radiation can interfere. Cordless landline phones, walkie-talkies, and even microwaves can interfere. Position your router away from devices like these.

You also want to watch out for competing networks. The more wireless networks are competing for the same spectrum space, the worse the performance. In a high-density situation like an apartment complex, you may encounter this kind of network crowding. Your wireless router has the ability to change which portion of the wireless spectrum it uses. Review the documentation that came with your router to learn how to do this. You may want to download a Wi-Fi analyzer app to help determine the best spectrum space for you.

5. Consider Network Congestion

Another reason for slow Wi-Fi is network congestion. Your home or business internet bandwidth has its limits. So does public Wi-Fi.

On a lower speed home network, consider who else is using your connection and what they are doing with it. Gaming and streaming can eat up a lot of bandwidth. Perhaps your Wi-Fi is slow because others are using up all your bandwidth. The same principle is in play with public Wi-Fi networks.

If you’ve tried all these steps and still aren’t getting the performance you need, give us a call. We can help you solve your connection issues!