Wednesday, October 16, 2019
Bluehost has an advisory article for its customers, dated Oct 1, encouraging website hosts to run WordPress security scans at least monthly, as well as their own backups.
There are some plugins that do this (if you look), but I prefer to use a third party service, like Sitelock, which does very specialized scans for malware as well as smart scans, and application vulnerabilities (the “1=1” problem which usually gets fixed by reloading a new upgrade of Wordpress).
Saturday, October 05, 2019
Iran attacks US presidential candidates, officials; may spill over to average citizens; watch for email and sms phishing
A group in Iran called Phosphorus has targeted at least one Democratic presidential campaign as well as former US officials, Engadget reports, here. The method of attack was phishing by email and SMS.
I recently got another SMS phish pretending to be Wells Fargo.
I am seeing more phishing attacks, some of which AOL doesn’t catch as spam, claiming I have committed terms of service violations. Be careful with these. They are likely foreign.
Seven years ago Iranian hackers locked some US users out of their bank accounts.
Tuesday, September 24, 2019
Today I found a fake boarding pass PDF and fake survey for a trip between Kansas City MO and Portland OR Sept 18-19 which I did not make or order.
These appeared in Gmail and I’m surprised Google didn’t catch this. Obviously these were attempts to send malware.
Mouseovers of the sender showed fake websites as senders.
No unauthorized charges had shown up in my credit cards.
Was I supposed to be an Antifa sympathizer?
The Daily Scam has a link.
Friday, September 20, 2019
What happens when massive software updates are rolled out when you have to travel with your devices? iOS 13?
I’m getting advice that you should wait until Tuesday to install IOS 13 on your phone – when it will be IOS 13.1.
I also don’t know why they advised everyone to back up their phones first – I think mine is done automatically, just photos and videos. No real stuff on the phone.
Thursday, September 12, 2019
I received a request to consider a paper on the vaccination controversy for publication on one of my Wordpress blogs.'
I found that the article had been published on a few other places, and one of them (“wnd”), marked green (OK) by Trend Micro, the site loaded a driver that Trend Micro blocked. It was called “agensloaddiffs at xyz” with a search argument.
I don’t know if the article could have been targeted because of its content, but I haven’t seen this before. Trend’s own reputation checker says it has not reviewed that site. Maybe it just loads ads.
I still get very transparent phishing by email, such as a complaint that I blocked a date on Whatsapp and I don’t even use it, and claims that my AOL account is deleted, and also claims that my Netflix is deleted.
Sunday, September 08, 2019
Today, in a hotel bar, I was on my iPhone, tried to go to abcnews and I got a popup warning me that my iPhone was infected with eight viruses. Several people at the event got the same warning.
A site called iPhoneLife says these are common. You should put the iPhone in airplane mode, go to Safari settings, remove the history, turn off airplane mode. Don’t touch the message.
If you did get infected, I wonder if a virus could pick up your Google password even if you aren’t signed in to Google but allow YouTube to be synced automatically.
Sunday, September 01, 2019
Google reported recently that iPhone’s still have security flaws that allow hackers to steal information from users merely by visiting certain websites.
Alfred Ng and Sean Keane report in CNet Aug. 30, link.
This differs from other hacks that are more likely to be threats to Windows systems.
This could be another reason Apple should try to take more manufacturing out of China.