News

CEO And CFO Fraud Creates Exposures For Boards

The SEC finds two Silicon Valley company officers committed a $700 million fraud. What oversight was missing that led to this enormous fraud? We examine. Read More


Are Your IoT Devices Vulnerable To Attack?

Too often organizations and individuals forget to secure IoT devices, which hackers can breach to access network-connected computers. We examine. Read More


An Enterprise-Wide Cybersecurity Plan: A Crucial Step For Protecting Data

Not having a cybersecurity plan with human oversight left the U.S. Department of the Interior vulnerable to data breaches. We examine what this means for your organization. Read More


print   email   Share

Why iOS Does Not Solve Your Malware Risks

Four new malware exploits target Mac users. One attack changed and locked a user's DNS settings, and installed a trusted root certificate that left the user vulnerable to phishing websites. Another attack spread malware through infected links on a popular software download website.

In 2015, hackers infected apps sold on Apple's App Store with malware.

Although Mac and iOS devices do have strong cybersecurity features that make them more secure than other platforms, they are not invulnerable. New, more sophisticated malware is capable of breaching Apple's defenses, and iOS does not protect against adware or PUPs (potentially unwanted programs) at all.

According to cybersecurity vendor Malwarebytes, malware attacks against Mac users increased 270 percent in 2017. Hackers have also begun buying and selling Apple ID details for $15. Jonny Evans "Warning as Mac malware exploits climb 270%" www.computerworld.com (Mar. 12, 2018).


Commentary

Most malware is not written for iOS. Nevertheless, hackers may take advantage of Mac users’ complacency to more successfully target them.

No matter what type of device you and members of your organization use, cybersecurity best practices are essential. Install anti-virus and anti-malware software on all organizational computers and devices.

Train employees to never select on a link in an email from someone they do not know or from an email that was not expected. Require employees to always use strong passwords on all devices and accounts, and enable two-factor authentication. Teach employees to not access or share sensitive information, including financial information, over public Wi-Fi. Require employees to only use official app stores to download apps on organizational computers and devices.

Periodically scan all computers and devices for viruses. Enable privacy protection tools if your operating system provides them. Install operating system updates as soon as they become available. No matter what platform your organization uses, keeping it up-to-date is the best way to make sure your devices are protected against the latest malware threats.

Finally, your opinion is important to us. Please complete the opinion survey:

EEOC News

Dollar General Settles EEOC Sexual Harassment Lawsuit For $70,000

May 22, 2018

READ MORE

Heritage Home Group to Pay $50,000 to Settle EEOC Disability Discrimination Lawsuit

May 22, 2018

READ MORE

M.G. Oil (Happy Jack's Casino) to Pay $45,000 to Settle EEOC Disability Discrimination Case

May 18, 2018

READ MORE