Article | November 25, 2020
I would like to share my experience with you and talk about viruses created for Mac devices and how to deal with them. You may say that there are no Mac viruses as Apple does not allow it. However, I may say that there are plenty of nasty malware types like adware that open new tabs in your browser, redirect you to irrelevant pages and show numerous popups.
Yes, these are not real viruses. Adware like Search Marquis cannot clone itself and infect other connected devices. It cannot encrypt your files or cause any other harm. Its activity is related only to web redirects and excessive advertising. At the same time, who knows which rogue websites adware may land you on next time. It may happen that you end up on a phishing website where cyber crooks harvest personal information that leads to identity theft.
I strongly recommend removing all adware that penetrated your device. But there is a problem here. If you want to get rid of Mac adware, you cannot quickly find a solution. If you go to google and search there how to get rid of Mac malware, you will see that all top results offer you to buy and install some shady software. In reality, these Mac antiviruses do nothing, as we know that the Apple ecosystem does not allow apps to access other apps' data. No antivirus can really scan and check your files.
How to remove Mac malware
If your system is infected with adware and you do not know how to get rid of it, you may try to call Apple and ask what to do. You can find their phone number here: support.apple.com/en-gb/HT201232#us-ca.
Another option is to try your luck on Apple communities. Thousands of tech enthusiasts help uses with their problems there. Here is a sample thread: discussions.apple.com/thread/8226644.
There are other options too. Apple operating systems are not very difficult to use, and any person can remove adware manually by going through step-by-step guides posted on numerous malware removal websites. Here is a guide by BitAdvisors.com on how to remove Search Marquis malware.
Most rogue software works by exploiting bugs and vulnerabilities in your computer's operating system. And macOS has its own bugs too. To fix these vulnerabilities, Apple periodically releases operating system updates. To date, macOS has not proved attractive enough for cybercriminals and evil developers to flood it with malware.
To stays away from any surprises, it is recommended to update your OS as well as all apps installed regularly.
You should never install apps from unofficial app stores not controlled by Apple.
One of the ways for adware to penetrate your Mac computer is through bundled installs. You download and install a very useful app that is often free, but in reality, you get several apps. People never read user agreements written in small print. There it can be noted that you agree to install additional tools and provide some rights to them. Whenever you install something, be careful and read user agreements, and do not miss additional unnecessary software.
Do not install any software without urgent necessity. Any additional software widens the attack surface.
To be able to do bad things, current Mac malware requires users to perform some actions – grant rights. So, be careful with allowing any app to access your data, change settings, etc.
One more wise move is to make backups. iCloud or ordinary flash drives will help you not lose your data in case of a system glitch or malware attack.
Final advice - do use VPNs. Your connection will be encrypted, and attackers will not be able to find where you are actually located or what data your traffic consists of.
Article | March 30, 2020
A decade ago, Stuxnet pulled me into the accelerating, widening gyre of cybersecurity. I began to devote less time to global health, a topic on which I spent the previous decade developing familiarity and producing a large carbon footprint. I would frown when cybersecurity analysis borrowed concepts from public health, thinking, “if they only knew the life-and-death troubles that health practitioners face implementing those concepts.” Cybersecurity and public health are different challenges. Yet, the COVID-19 pandemic has cybersecurity relevance because it has generated sobering reminders of long-standing problems, unresolved controversies, and unheeded warnings that continue to characterize U.S. cybersecurity.
Article | February 12, 2020
On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.
Article | April 7, 2020
A new list of most and least cyber secure U.S. states shows a disturbing lack of cybersecurity best practices. According to Webroot‘s fourth annual ranking, New York, California, Texas, Alabama and Arkansas are the least cyber secure states in the country, while Nebraska, New Hampshire, Wyoming, Oregon and New Jersey are the most cyber secure. Tyler Moffitt, Webroot security analyst, tells us none of the states had an average score greater than 67%. Also, there is very little difference between the most secure and least secure states, he said. No state scored a “C” grade or higher. That underlines a lack of cybersecurity education and hygiene nationally. However, the most cyber secure state (Nebraska at 67%) did score substantially better than the least (New York at 52%). This score was calculated through a variety of action- and knowledge-based variables, including residents’ use of antivirus software, use of personal devices for work, use of default security settings, use of encrypted data backups, password sharing and reuse, social media account privacy, and understanding of key cybersecurity concepts like malware and phishing,” Moffitt said.