Article | November 25, 2020
I would like to share my experience with you and talk about viruses created for Mac devices and how to deal with them. You may say that there are no Mac viruses as Apple does not allow it. However, I may say that there are plenty of nasty malware types like adware that open new tabs in your browser, redirect you to irrelevant pages and show numerous popups.
Yes, these are not real viruses. Adware like Search Marquis cannot clone itself and infect other connected devices. It cannot encrypt your files or cause any other harm. Its activity is related only to web redirects and excessive advertising. At the same time, who knows which rogue websites adware may land you on next time. It may happen that you end up on a phishing website where cyber crooks harvest personal information that leads to identity theft.
I strongly recommend removing all adware that penetrated your device. But there is a problem here. If you want to get rid of Mac adware, you cannot quickly find a solution. If you go to google and search there how to get rid of Mac malware, you will see that all top results offer you to buy and install some shady software. In reality, these Mac antiviruses do nothing, as we know that the Apple ecosystem does not allow apps to access other apps' data. No antivirus can really scan and check your files.
How to remove Mac malware
If your system is infected with adware and you do not know how to get rid of it, you may try to call Apple and ask what to do. You can find their phone number here: support.apple.com/en-gb/HT201232#us-ca.
Another option is to try your luck on Apple communities. Thousands of tech enthusiasts help uses with their problems there. Here is a sample thread: discussions.apple.com/thread/8226644.
There are other options too. Apple operating systems are not very difficult to use, and any person can remove adware manually by going through step-by-step guides posted on numerous malware removal websites. Here is a guide by BitAdvisors.com on how to remove Search Marquis malware.
Most rogue software works by exploiting bugs and vulnerabilities in your computer's operating system. And macOS has its own bugs too. To fix these vulnerabilities, Apple periodically releases operating system updates. To date, macOS has not proved attractive enough for cybercriminals and evil developers to flood it with malware.
To stays away from any surprises, it is recommended to update your OS as well as all apps installed regularly.
You should never install apps from unofficial app stores not controlled by Apple.
One of the ways for adware to penetrate your Mac computer is through bundled installs. You download and install a very useful app that is often free, but in reality, you get several apps. People never read user agreements written in small print. There it can be noted that you agree to install additional tools and provide some rights to them. Whenever you install something, be careful and read user agreements, and do not miss additional unnecessary software.
Do not install any software without urgent necessity. Any additional software widens the attack surface.
To be able to do bad things, current Mac malware requires users to perform some actions – grant rights. So, be careful with allowing any app to access your data, change settings, etc.
One more wise move is to make backups. iCloud or ordinary flash drives will help you not lose your data in case of a system glitch or malware attack.
Final advice - do use VPNs. Your connection will be encrypted, and attackers will not be able to find where you are actually located or what data your traffic consists of.
Article | March 20, 2020
The Cybersecurity Solarium Commission's recently released report outlines a strategy to fundamentally reshape the U.S.’s approach to cybersecurity and prepare for resiliency and response before a major cyber incident occurs, not after. Unlike the original Solarium Commission, which operated in a classified environment, the Cybersecurity Solarium Commission chose to release its report publicly out of recognition that cybersecurity involves everyone. “In studying this issue,” begins the letter from Sen. Angus King and Rep. Mike Gallagher, the chairmen of the commission, “it is easy to descend into a morass of classification, acronyms, jargon, and obscure government organization charts. To avoid that, we tried something different: an unclassified report that we hope will be found readable by the very people who are affected by the very people who are affected by cyber insecurity – everyone. This report is also aimed squarely at action; it has numerous recommendations addressing organizational, policy, and technical issues, and we included an appendix with draft bills that Congress can rapidly act upon to put these ideas into practice and make America more secure.”
Article | March 13, 2020
While the U.S. military is the most effective fighting force in the modern era, it struggles with the cybersecurity of its most advanced weapons systems. In times of crisis and conflict, it is critical that the United States preserve its ability to defend and surge when adversaries employ cyber capabilities to attack weapons systems and functions. Today, the very thing that makes these weapons so lethal is what makes them vulnerable to cyberattacks: an interconnected system of software and networks. Continued automation and connectivity are the backbone of the Department of Defense’s warfighting capabilities, with almost every weapons system connected in some capacity. Today, these interdependent networks are directly linked to the U.S. military’s ability to carry out missions successfully, allowing it to gain informational advantage, exercise global command and control, and conduct long-range strikes. An example of such a networked system is the F-35 Joint Strike Fighter, which the Air Force chief of staff, Gen. David Goldfein, once called “a computer that happens to fly.” Underpinning this platform’s unrivaled capability is more than 8 million lines of software code.
Article | February 10, 2020
Researchers at security firms including Sentinel One and Drago’s have been mystified by a piece of code named Ekans or Snake, over the last month. Drago’s publically released its full report on Ekans Ransomware that has recently inflicted Industrial Control Systems and these are some of the most high-value systems that bridge the gap between digital and physical systems. In the history of hacking, only a few times a piece of malicious code has been marked attempting to intrude Industrial Control Systems. Ekans is supposed to be the first Ransomware with real primitive capability against the Industrial Control Systems, software, and hardware used in everything from oil refineries to power grids. Researchers say this ransomware holds the capability to attack ICS by Honeywell and GE as well.