exploits

WannaCry Ransomware Has a Possible Solution

Episode 1391

Encryption

WannaCry is ransomware that can lock up your data unless you pay the hacker who created it. WannaKiwi, however, finds the crypto key in your PCs RAM to undo the damage. It only seems to work about a third of the time, however. That's why Leo says to make sure you don't get it by altering your behavior, and by making sure you have current backups of your data should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse getting installed.

New Exploit Gives Governments the ability to hack into iPhone

Episode 1317

Remember the legal battle that Apple fought against the US Government to prevent unlocking of the iPhone's encryption? The US Gov't ended up going to a third party company who had created a hack to do it. Now that hack is being used to unlock and peer into the mobile phones of dissidents and other undesirable elements that the government wants to keep tabs on. Even reporters. Leo says that Apple has pushed out a fix to block it, and everyone should install iOS 9.5.3 to stop it. Otherwise, you're vulnerable.

Android Has a Bad Exploit: QuadRooter

Episode 1313

A really bad exploit in the Android OS enables the installation of malware called QuadRooter. Google is working to push security updates, and promises to have an update by September. If your manufacturer or wireless provider is slow to push out updates, then you may be vulnerable for quite some time, especially if you have an old phone. If you're looking to get a new phone, make sure you're getting it from a company that's offering monthly updates.

Vulnerability Found in Apple's macOS and iOS

Episode 1308

MacBook Air, iPhone, iPad

Cisco has found a vulnerability similar to the Android text exploit, which could take control of your mobile phone through a text message. Leo says that Apple has released a patch to close the hole before anyone else had discovered it. This affects iOS, watchOS, macOS, and tvOS. Mavericks and Yosemite users don't have a fix yet, though, so those users should disable iMessage until they do. If you can't get past Mavericks because your desktop is too old, turn off iMessages permanently.

Will I have any warning that I'm being infected by Cryptowall?

Greg from Tampa, FL

Episode 1233

Greg is worried he's going to be nailed by Cyptowall. If he were to be infected, would he have some warning? Leo says you can sometimes see it happening, but it doesn't give you a warning. It's not instant though, in that it takes time to encrypt the data and if he has a hot backup, always backing up, the encrypted files can infect the backup. Having an offline backup will guard against that.

New Windows Exploit Discovered by Google

Episode 1149

Google has published news of a new vulnerability in Windows 8 that will allow hackers to create an administrator account and take control of the computer. Google let Microsoft know about it months ago and told them they would announce it after three months if Redmond didn't do anything. There's been no fix, so Google leaked the story as promised. Now Microsoft says they have a fix in the works. Meanwhile, hackers all over the world not only know about it, but Google has provided them with the suspect code to use. Swell.

How can I keep my new computer secure online?

James from Newberry Park, CA

Episode 1133

James just bought a new computer and he's concerned that Microsoft Security Essentials won't be good enough. Leo says that Microsoft Security Essentials works just fine, but he will have to keep it updated and constantly patch Windows. If he's not patching Windows with updates, even Essentials won't be able to protect him completely. Other things he can do is:

New Vulnerabilities Discovered on Operating Systems

Episode 1133

Root Pipe and Wire Lurker are two new vulnerabilities hitting computers. Root Pipe is hitting OS X but Leo says it can only be activated by someone sitting at your computer, so it shouldn't really be a huge cause of concern. Meanwhile, the Nigerian scam has been reported to have caused over $12 Billion in loses last year.

Meanwhile, a new report says that consumers are reaching "breach fatigue" over all the security breaches that have happened of late.