WannaCry is ransomware that can lock up your data unless you pay the hacker who created it. WannaKiwi, however, finds the crypto key in your PCs RAM to undo the damage. It only seems to work about a third of the time, however. That's why Leo says to make sure you don't get it by altering your behavior, and by making sure you have current backups of your data should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse getting installed.
Remember the legal battle that Apple fought against the US Government to prevent unlocking of the iPhone's encryption? The US Gov't ended up going to a third party company who had created a hack to do it. Now that hack is being used to unlock and peer into the mobile phones of dissidents and other undesirable elements that the government wants to keep tabs on. Even reporters. Leo says that Apple has pushed out a fix to block it, and everyone should install iOS 9.5.3 to stop it. Otherwise, you're vulnerable.
A really bad exploit in the Android OS enables the installation of malware called QuadRooter. Google is working to push security updates, and promises to have an update by September. If your manufacturer or wireless provider is slow to push out updates, then you may be vulnerable for quite some time, especially if you have an old phone. If you're looking to get a new phone, make sure you're getting it from a company that's offering monthly updates.
Rick has been getting text messages and his friends are getting text messages from him with a link to a YouTube video on phone hacking. The Apple Geniuses say that's impossible. How can that happen? Has his cellphone been hacked?
Cisco has found a vulnerability similar to the Android text exploit, which could take control of your mobile phone through a text message. Leo says that Apple has released a patch to close the hole before anyone else had discovered it. This affects iOS, watchOS, macOS, and tvOS. Mavericks and Yosemite users don't have a fix yet, though, so those users should disable iMessage until they do. If you can't get past Mavericks because your desktop is too old, turn off iMessages permanently.
Michele bought a Motorola mobile phone and she's worried about the security of it, with Stagefright and other exploits. She wants to return it. But they're resisting the return unless there's a hardware or software issue. Leo says that an opinion that it isn't secure is not a provable fact, even if it comes from an expert.
Greg is worried he's going to be nailed by Cyptowall. If he were to be infected, would he have some warning? Leo says you can sometimes see it happening, but it doesn't give you a warning. It's not instant though, in that it takes time to encrypt the data and if he has a hot backup, always backing up, the encrypted files can infect the backup. Having an offline backup will guard against that.
Google has published news of a new vulnerability in Windows 8 that will allow hackers to create an administrator account and take control of the computer. Google let Microsoft know about it months ago and told them they would announce it after three months if Redmond didn't do anything. There's been no fix, so Google leaked the story as promised. Now Microsoft says they have a fix in the works. Meanwhile, hackers all over the world not only know about it, but Google has provided them with the suspect code to use. Swell.
James just bought a new computer and he's concerned that Microsoft Security Essentials won't be good enough. Leo says that Microsoft Security Essentials works just fine, but he will have to keep it updated and constantly patch Windows. If he's not patching Windows with updates, even Essentials won't be able to protect him completely. Other things he can do is:
Root Pipe and Wire Lurker are two new vulnerabilities hitting computers. Root Pipe is hitting OS X but Leo says it can only be activated by someone sitting at your computer, so it shouldn't really be a huge cause of concern. Meanwhile, the Nigerian scam has been reported to have caused over $12 Billion in loses last year.
Meanwhile, a new report says that consumers are reaching "breach fatigue" over all the security breaches that have happened of late.