News

Lessons Learned From The Equifax Data Breach

Recent large data breaches like Equifax, Capital One, and American Medical Collection Agency illustrate the risks of storing confidential and personal information. We examine. Read More


Not All Search Engine Sites Are Safe: The Fallibility Of Blacklisting

Blacklisting helps users avoid malware-infected sites, but there are flaws. We examine. Read More


Ransomware: Still A Risk For All Organizations

Cybercriminals often spread ransomware and other malware through phishing emails. Learn why employee training should not be your only protection. Read More


print   email   Share

Why iOS Does Not Solve Your Malware Risks

Four new malware exploits target Mac users. One attack changed and locked a user's DNS settings, and installed a trusted root certificate that left the user vulnerable to phishing websites. Another attack spread malware through infected links on a popular software download website.

In 2015, hackers infected apps sold on Apple's App Store with malware.

Although Mac and iOS devices do have strong cybersecurity features that make them more secure than other platforms, they are not invulnerable. New, more sophisticated malware is capable of breaching Apple's defenses, and iOS does not protect against adware or PUPs (potentially unwanted programs) at all.

According to cybersecurity vendor Malwarebytes, malware attacks against Mac users increased 270 percent in 2017. Hackers have also begun buying and selling Apple ID details for $15. Jonny Evans "Warning as Mac malware exploits climb 270%" www.computerworld.com (Mar. 12, 2018).


Commentary

Most malware is not written for iOS. Nevertheless, hackers may take advantage of Mac users’ complacency to more successfully target them.

No matter what type of device you and members of your organization use, cybersecurity best practices are essential. Install anti-virus and anti-malware software on all organizational computers and devices.

Train employees to never select on a link in an email from someone they do not know or from an email that was not expected. Require employees to always use strong passwords on all devices and accounts, and enable two-factor authentication. Teach employees to not access or share sensitive information, including financial information, over public Wi-Fi. Require employees to only use official app stores to download apps on organizational computers and devices.

Periodically scan all computers and devices for viruses. Enable privacy protection tools if your operating system provides them. Install operating system updates as soon as they become available. No matter what platform your organization uses, keeping it up-to-date is the best way to make sure your devices are protected against the latest malware threats.

Finally, your opinion is important to us. Please complete the opinion survey:

EEOC News

EEOC Sues Lancaster's BBG& Wings for Racial Harassment And Constructive Discharge

November 7, 2018

READ MORE

Whole Foods Market to Pay $65,000 To Settle EEOC Disability Suit

November 5, 2018

READ MORE

Court Reaffirms Imposition of Order Preventing UPS Freight from Paying Disabled Drivers Less

November 2, 2018

READ MORE