New Trojan Malware Spreads via Word Document

There’s a new trojan malware spreading through malicious Word documents, and cybercriminals are using this virus to steal personal information and sensitive banking details. The malware, Ursnif trojan, attacks Windows operating systems and is popular with hackers since its main source code was leaked, becoming a more widely available option for cybercriminals to take advantage of. This type of trojan has existed in different forms over the years, starting in 2007 when the code first surfaced in the Gozi banking trojan. 

Since the code was leaked, hackers have customized it to their liking, stealing banking account information and other valuable account details. Cybersecurity firm Fortinet has identified a new version of the trojan that spreads through Word documents, it’s file format name: “info_[date].doc.” The hacker attaches a malicious macro script to launch once the document’s macros (a series of operations done through a single command) have been enabled.  

The macros can be enabled by clicking “Enable Content” which releases a VBA code that drops a version of the Ursnif malware onto the victim’s computer. This malware then runs “iexplorer.exe” processes to connect to a command and control server on the hacker’s end. In an effort to sway user suspicion, the host list for the server refers to security companies as well as Microsoft. 

Researchers have stated that the campaign is still operating. Even though these techniques might seem a little basic, an easy phishing email attack could give these cybercriminals a chance to invade networks and initiate an extensive cyberattack. 

As always, be mindful of the emails you receive, especially those with unsolicited document attachments, and check the sender email address to verify if the email is spam. When in doubt, directly contact the company referenced in the email using a phone number provided on the actual website.

iPhone Settings Changes That Will Help Your Battery Life Last Longer

Our iPhone batteries never last long enough because we rely on it for nearly everything. From searching up places to eat, to ordering an Uber, to relying on our device for hours of scrolling through social media – we never have enough battery life that lasts for an entire day. To combat quick battery drainage, there are small adjustments you can make to your phone just from a few Settings adjustments! Switching to Low Power Mode, turning off your location services, turning off automatic downloads, lowering your screen brightness and disabling push notifications all help you save more power to get the most use out of your phone. 

Another modification you can make to your iPhone is limiting the Background Refresh feature. With this feature you have the option to turn it off or only use Wi-Fi. To do this you would first go into your Settings, and then tap on General, and click on Background App Refresh. You could also pick and choose which apps you want to refresh instead of having all of them refresh automatically. To do this, just follow the same steps as above, but instead of clicking the Background App Refresh, start scrolling down to see the apps that are on your iPhone and turn off/on the ones you want!

To check which apps take up most of your battery life, you would go to your Settings app, then click on Battery, and then scroll down to the subsection where it states Battery usage by app. This shows you the percentage of the apps you use and how much of your battery life each app is eating up.

A few other small tips to help with your phone’s battery are: 

  • Enabling airplane mode in areas with poor reception
  • Using Wi-Fi instead of cellular internet when you have access to it (However, be wary of Unsecured Wi-Fi networks. Avoid conducting online business that involves inputting personal or sensitive information when on public Wi-Fi).
  • Turning off Wi-Fi and Bluetooth when you are not using it 
  • Turning off your Location Services

Hackers Gained Access to Sprint Customer Accounts via Samsung Site

Image Source: iStock.com/TennesseePhotographer

As reported on Tuesday, July 16, Sprint has confirmed that a data breach took place through  Samsung’s website, in which hackers were able to access customers’ accounts. There is no detail on how many of such accounts were breached through this occurrence.

The data breach took place on June 22nd, to which Sprint had notified consumers that information such as first and last names, billing addresses, phone numbers, account numbers and more were compromised. According to a statement provided through their website, Sprint stated how the information collected by hackers does not allot for the possibility of fraud or identity theft to occur. After the breach, Sprint had “taken appropriate action” in securing customer accounts to avoid another mishap such as this from happening again. The carrier company also noted how fraudulent activity has yet to be detected. 

On June 25th, Sprint had reset its customers’ Personal Identification Numbers (PINs) in case hackers had breached consumer accounts through PIN. Hackers could have likely gained access to account PINs via a Boost Mobile breach that occurred back in March (Boost Mobile uses Sprint’s network). 

Sprint’s spokesperson emailed CNET stating that “credit card and social security numbers are encrypted and were not compromised” when the data breach happened. Another spokesperson from Samsung had stated that fraudulent activity was detected through hackers using Sprint account information on Samsung’s main website. The spokesperson continues: “We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts.”

Zoom Conference App Vulnerability Allowed Unauthorized Access to Mac Users’ Video Cameras

 

A researcher, Jonathan Leitschuh, claimed that Zoom users that use Apple’s Mac computers were left unprotected and could have had their computer camera hacked. This application glitch allowed any user to force other users into joining Zoom calls, turning on their camera without permission. Leitschuh, the one who discovered this flaw, stated in his blog, “This vulnerability leverages the amazingly simple Zoom feature where you can just send anyone a meeting link… and when they open that link in their browser their Zoom client is magically opened on their local machine.”

Leitschuh discovered how to expose the flaw by switching the Participants option from “Off” to “On.” When he notified the public about this vulnerability, users on social media put it to the test – and it was a frightening success. In addition, even if a user deletes Zoom from their Mac, a hacker could reinstall it. As a quick and temporary fix to this issue, users can go into their Zoom settings and click on “Turn off my video when joining a meeting.” 

Leitschuh gave Zoom a 90 day window to repair this issue. Over 40 million people who use Zoom are exposed to potential invasion of privacy. He was not convinced with the quick fix Zoom came up with. The company commented that the issue is still ongoing, however, on Tuesday, they stated that had begun to fix this matter. 

Apple recently released a silent update to patch the vulnerability on users’ Zoom apps. The update is deployed without the need for user interaction and effectively stops the possibility of web servers activating a user’s video camera without permission.

Cybercriminals Are Using Domain Fraud to Trick Victims into Using Forged Websites

Cybercriminals are using top level domains (TLD) to their advantage, performing domain fraud in the hopes of directing user traffic towards their own registered sites. Domain fraud happens when hackers register a domain that is made to look legitimate by using, for example, typos in the site name. The domains are meant to imitate real company names.  

In the instance of typo use, these lookalike domains replace letters that are easy to go unnoticed without a second glance. For example, cybercriminals can replace “m” with  “r” and “n” combined and easily trick site visitors into thinking the domain is legitimate. These illegitimate sites with typo-registered domains can be used for phishing schemes in which a hacker may attach their domain link to an email made to look like it came from a real company source. After clicking on the link, victims would be directed to a fake site that asks for users to log in, thereby allowing hackers to steal sensitive credentials. Cybercriminals also use their fake sites for other means like selling counterfeit products of a well-recognized brand. 

Researchers at Proofpoint noted how there has been an 11% increase in malicious domain registrations in 2018, with retail brand sites the main target for such domain fraud. 96% of organizations as part of Proofpoint’s customer base had noticed that their domains were copied as is, with the only exception being the domain name extension change (i.e. .net, .co, .info). 

Due to the extensive variety in domain name extensions, cybercriminals have found it much easier to register domains that copy actual business sites or brand names. Alongside this, the European Union’s General Data Protection Regulation allows privacy for domain registrars thereby making it much more difficult to track cybercriminals. 

Cybersecurity experts warn users to always check the URL for a safety certificate – in which HTTPS is used rather than HTTP – to ensure a fraudulent site isn’t used. However, hackers can always use safety certificates to their advantage, posing their site as one that is legitimate. In this case, it’s always best to double-check the URL spelling or do a quick search on Google to find the actual company site. 

Walmart’s New AI-Camera Technology Can Prevent Theft at Checkout

Image Source: iStock.com/artran

Computer vision technology has been implemented in over 1,000 Walmart stores. This type of technology is called the Missed Scan Detection which helps checkout registers recognize if items have passed by the scanner without being scanned and immediately notifies the attendant. Walmart’s surveillance system is being upgraded by applying this new technology at their kiosk stations and their registers. 

AI is surely becoming a part of our everyday lives as large retailers like Walmart begin to rely on these systems for daily operations. The ultimate goal of computer vision technology is to prevent revenue loss and theft, which, in 2017, turned out to be a big problem for many U.S. retailers who lost up to $47 billion. Since the system was installed, Walmart stated that they have had decreased theft, losses, and errors.

Walmart hasn’t been the only large retailer to use AI. Amazon has been investing in Artificial Intelligence as well, however, the approach is a little different. They have produced a smooth and cashier-less experience for their customers in their own Go stores. 

Aside from it’s anti-theft technology, Walmart also recently opened an AI-powered store to supervise their large inventory. This makes it easier for employees to keep track of when stocks are running low and order items on time before supply runs out.

Instagram is Testing New Feature That Can Help Users Combat Hackers Stealing Accounts

Image Source: iStock.com/bigtunaonline

Instagram is working on putting user account security at a high priority by making it more difficult for hackers to steal accounts to hold them hostage for ransom or sell for high profit.  

Hackers are after big influencer accounts in a scheme reported by Motherboard which involves cybercriminals targeting big name Instagrammers. The attack works through an email link that – once clicked – directs users towards a fake Instagram login page. Once a hacker steals the login credentials and has access to the account, victims are unable to sign-back in or regain access to their own profiles, as hackers change both the recovery email address and phone numbers associated with the account.

Instagram had previously acknowledged the problem of users having difficulty in accessing their accounts, to which the company had advised in setting up two-factor authentication as well as implementation of stronger passwords, but adding these extra steps of security doesn’t exactly help when a cybercriminal has already accessed an account. Phishing links have been used as a primary means of tricking influencers into signing into bogus login pages made to look authentic. Furthermore, if an influencer has used the same account credentials that were previously involved in a data breach elsewhere, cybercriminals can use this information to their advantage to gain access to an account

After users have long complained about Instagram’s lack of responsibility and initiative in taking care of the hacker issue, the company recently announced new ways of combating this ransom tactic.

If a user can’t log in to his/her page, Instagram gives one the option of sending a six-digit authentication code to the account’s original phone number or email address that was used when the account was first created. Any other devices used by hackers that are logged in will be logged out, allowing a user to recover their page by resetting their email and password. This feature is currently under testing. 

Image Source: Instagram

 

Instagram has also promised to bring another feature – one already available for Android users – to iOS. The feature allows a user to change their Instagram handle while also allowing one to maintain their previous handle for 14 days. This upcoming update is meant to deter any hackers from taking popular usernames to sell for profit. After the 14 day period is over, the username becomes available for anyone to use.

Overnight Phone Charges Could Be Harmful for Your Device’s Longevity

Image Source: iStock.com / beer5020

Charging our phones overnight is a lot more harmful than we thought. It could actually shorten the lifespan of your phone instead of extending it or helping it. Most phones nowadays have a system in place that stops your phone from overcharging. Many smartphones do not stay at one hundred percent for too long.

Leaving your phone charging after it has hit 100% could impact your phone negatively. Business Insider’s Antonio Villas-Boas stated, “As a lithium-ion battery ages, the chemistry within changes and becomes less efficient at storing and delivering power to your device.” As batteries age and since we use our phones daily, their batteries begin to decay due to these reasons.

Phone companies don’t see overcharging your phone as an issue. Apple talks about their lithium-ion batteries in their iPhones, but has never really mentioned overcharging effects on its devices. Google claimed that overcharging is a dated issue. Since technologies are constantly updated, overcharging should not be an issue since their phone’s battery stops charging when it hits 100%.

Phone makers claim that phone’s battery should not be at 100% when you plan on not using them and store them away. If you plan on not using your phone for a while, it is recommended to store your phone away at 30% to 50% because that is when it ages the slowest. Samsung and Apple both stated to keep your phone around 50% for such purposes.

If you’ve been noticing your phone’s battery life deteriorating much quicker than its aging, it’s a good idea to set aside those overnight charges. Accumulated damage from such charges may cause shorter battery life span on a phone you plan to keep for a while. However, it does not matter how careful you are with your phone charger, it will deteriorate overtime regardless. Many phone makers now give you the option to replace your battery for a small price.

Father’s Day Tech Gift Guide 2019

Finding the perfect gift for Dad this Father’s Day doesn’t have to be a challenge. Our 2019 Father’s Day Tech Gift Guide can help you make the right gift choice he’ll surely appreciate! We’ve compiled a list of tech tools from headphones to smart gadgets Dad will love to use at home or on-the-go!

Check out these cool tech products below! Each product has been linked to make ordering Dad’s gift a breeze. 

Image Source: Amazon

ANKER PowerWave Wireless Charger

Price: $22.79

Does Dad need a power up for his phone? Why not get him the ANKER Wireless Charger stand? With this gift, he can recharge his phone while making sure his phone screen is in clear sight so he’s not missing a message from you.

Image Source: Amazon

DJI Spark Portable Mini Drone

Price: $335.00

Who wouldn’t want to fly a drone? This cool DJI Spark Portable mini drone will allow Dad to take aerial photos and videos and get creative using the products app!

Image Source: Amazon

Sony Alpha a6000 Mirrorless Digital Camera

Price: $498.00

Want to help Dad capture memorable moments? Get him the Sony Alpha Mirrorless Digital Camera to take photos in high resolution and full HD quality.

Image Source: Amazon

Sony Noise Cancelling Headphones WH1000XM3

Price: $298.00

Set aside the Beats and get Dad these Sony Noise Cancelling Headphones to make sure he doesn’t miss one one beat of his favorite music. These headphones are said to have a “virtually soundproof experience”.

Image Source: Amazon

Sennheiser Momentum True Wireless Bluetooth Earbuds

Price: $299.94

Want to get Dad something smaller but just as powerful for listening quality? Check out these Sennheiser Wireless earbuds that promise exceptional clarity in music sound.

Image Source: Amazon

VANKYO Leisure 3 Mini Projector

Price: $89.99

If Dad loves to watch is movies, this Vankyo Mini Projector is the right gift for him. This Father’s Day relax with Dad outdoors or indoors by easily connecting your device to this projector to play all his favorite films.

Image Source: Amazon

Fitbit Ionic Watch

Price: $199.95

If Dad loves to get fit and keep track of it, get him the Fitbit Ionic Watch! The Fitbit Ionic can track your heart rate, activity, and sleep patterns.

Image Source: Amazon

Pocketalk Language Translator Device

Price: $299.00

Does Dad do a lot of travelling? The Pocketalk can help him break down the language barrier. This onscreen device can translate up to 74 languages and offers real-time translation.

Image Source: Amazon

Logitech Keys-to-Go Ultra-Portable, Stand-Alone Keyboard

Price: $45.99

This keyboard is perfect if Dad needs to do a quick type-up with any of his iOS devices. This Bluetooth keyboard is both dirt resistant and portable.

Image Source: Amazon

Echo Show 5 – Compact Smart Display with Alexa

Price: $89.99

If Dad needs a screen assistant, why not get him the Echo Show 5? This device comes with smart home controls, can help Dad stay updated on the latest weather, news, and game reports, and video call you when he can.

Image Source: Amazon

Eufy Smart Scale

Price: $44.99

This scale does more than just measure weight – it can give Dad a full insight on his BMI, Muscle Mass, Bone Mass, and more! He can even keep track of things using Apple Health, Google Fit, or his Fitbit.

Image Source: Amazon

Apple iPad Pro (11-inch, 64GB)

Price: $749

Help Dad get creative with the latest iPad Pro from Apple. With complete Liquid Retina display and a device that allows for multitasking, Dad can get all his work done and still have time to catch the game with you.

5 Ways to Help Improve Your Mac’s Performance

 

Image Source: iStock.com / Emevil

Overtime, the chances your Apple Mac computer is running slow is very high. This tends to happen overtime with Mac computers due to multiple reasons, one of which could be information overload. Here are five possible reasons and ways you can improve your computer’s speed.

  • Not updating often

If you don’t update your computer for a long period of time, then your computer might get slower. By clicking on the App Store application and checking for updates once or twice a week, you can help improve your computer’s speed.

  • Full hard-drive

Another reason your computer could be running slow is if your hard-drive is nearly full. Using too much storage slows down a Mac computer and could also cause other issues as well. To help prevent this, you could click on the About the Mac that is an option when clicking on the Apple icon on the top left corner. Then, click on Storage. If you notice your hard-drive is nearly full, then click on Manage and it will help you clear out space by giving you the tools and information on you which applications take up the most room on your disk. Another solution would be using an external hard drive.

  • Mac has not been restarted in a while

We tend to leave our Macs on with multiple tabs open and we don’t turn them off for a long time. Restarting your computer will help with this, but don’t forget to save everything. You can give your computer restart by clicking the Restart under the Apple icon on the top left corner.

  • Multiple apps open at once

Having too many apps open and using them all at once could be one of the reasons your computer is slowing down. To close unnecessary apps, just right click on the icon on the bottom of the screen and click Quit. You could also use your Mac’s Activity Monitor, which will let you know what’s using the most memory. However, if you are unsure of what some of the tools/applications in there are, then you should probably leave it alone.

  • Overloaded cache

Having your cache pile up could also slow down your Mac. Even if it gives you faster internet, it begins to gather files and slows down your computer completely. To help clear your cache, here is an article on it.

If none of these work for you, then you might need to take it to Apple’s Genius Bar or have a professional look at it. There are many reasons as to why your Mac will slow down. It could even be just from age.