There is a virus for Mac named Banshee Stealer that is potentially affecting millions of Mac users.

IMMEDIATE ACTIONS REQUIRED:

– Never enter your Mac user or admin password unless you recognize the need to enter it because of an action you’re performing, such as powering on your Mac.

– Back up your critical data immediately in case you need to perform a clean MacOS install

– Because Banshee Stealer is unnoticeable, strongly consider running an anti-malware tool capable of detecting it.

What Anti-Malware Tools Work?

Intego, Malwarebytes, and Combo Cleaner are the only Mac-based anti-malware tools that I can find today that advertise that they can identify and stop the newest version of Banshee Stealer. There might be others. Combo Cleaner is available in the Mac App Store. Downloading apps from the store reduces the likelihood of getting a fake infected version. We don’t endorse any of the tools mentioned, nor do we receive any compensation. There are many online reviews about those two products. Stay current with your Mac OS updates, and hopefully, Apple’s built-in tools will soon detect and conquer the newest version of Banshee Stealer.

I realize many Mac users do not want to install anti-malware. If that’s you, please carefully understand all the information in this article to reduce your exposure. The newest variant of Banshee Stealer cleverly evades Apple’s built-in anti-malware tool, XProtect.

What is Banshee Stealer?

The sophisticated Banshee Stealer malware compromises computers and laptops running MacOS, including Intel-based Macs and those with Apple Silicon chips. Attackers use it to breach privacy, inflict financial losses, and steal identities. So far, iPhones and iPads have not been affected by Banshee Stealer. In my presentations and speeches, participants often ask if Macs are susceptible to viruses and other malware; this is an example of when they are.

Banshee Stealer is a new variant; it started as Malware-as-a-Service (MaaS). Threat actors could purchase access for $3,000 per month to attack Mac users. The new variant resurfaced in September, using encryption from Apple’s XProtect anti-virus tool, evading antivirus detection for months.

How Can Your Computer Become Infected with Banshee Stealer?

• If you click on links in email messages that take you to a site that might appear normal but will infect your computer with Banshee Stealer
• If you open attachments to email messages that contain the Banshee Stealer malware or take you to a site that downloads and installs Banshee Stealer
• Scanning QR codes in email mail or other messages for the same reason
• If you enter your username and password into what appears to be a legitimate Apple pop-up
• Downloading programs and applications that have Banshee Stealer hidden inside
• If you follow a fake prompt that tells you an update or program needs to be installed, a password needs to be reset, or some application asks to use your camera or microphone or have some other elevated privilege.

Symptoms:

Banshee Stealer is designed to be undetectable. You might not find out your Mac was infected until your finances, identity, and privacy are in shambles. Possible symptoms include:

• Your Mac computer or laptop starts behaving differently than before.
• You might receive unexpected prompts asking you to install software, reset your password, grant permission, etc.
• If you notice that your bank or other online accounts have been compromised, an attacker may have used Banshee Stealer to steal your passwords.
• If your Mac starts operating much slower than before, or if the battery life seems shorter, Banshee Stealer might upload data in the background or perform other activities on your computer.
• If you notice unexpected file changes on your computer
• If you have a Crypto Wallet that gets compromised.

What to Do to Help Prevent Infection:

Strongly consider using anti-malware capable of detecting Banshee Stealer, as discussed above.

Beware of all prompts that pop up on your screen that look like they are Apple prompts asking for your password. Banshee Stealer is great at mimicking the Apple prompts, and if you enter your username and password, Banshee Stealer captures them. It is essential that you only enter your username and password when you are actively expecting to need to, such as:

• When you power on the computer or when you log in after the screen is locked
• When you are installing new software right then
• When you are logging into Keychain
• When you told the Mac to install system updates
• Administrative tasks like when you are intentionally accessing system files
• And some of the changes to system preferences you’re making right then.

Only install programs and applications from trusted companies. Remember that attackers can sometimes infect trusted companies and install malware without the software provider’s knowledge. This is called a supply chain attack, and it can be very successful if people trust the website or tool. Getting programs from the Mac App Store helps minimize the risk of downloading malware hidden inside an otherwise functional program.

Do not double-click on a link or button on a website. Legitimate website navigation involves single-clicks. Threat actors have determined that people will follow instructions to double-click or double-click if something does not seem work the first time. During a double-click process, attackers will quickly replace the original link with a malicious one right after the first click before the second. Users do not realize what they’ve done and might have executed a script or unknowingly performed another task the threat actor wanted.

Do not click on links in email messages or other messages, and do not scan a QR code—it functions as a link. Do not click on links on services such as YouTube; threat actors will put links into the descriptions and comments. View every link everywhere as suspicious and avoid clicking.

Do not open attachments that arrive via email or another method unless you confirm with the sender that it is indeed the file they sent. Remember that attackers can compromise other companies or users and use their email addresses to send malicious files when you expect them. This is a way for even the most security-conscious people to be infected.

Update your MacOS regularly. Instead of answering a prompt on your screen telling you about an update, regularly click on the apple in the top left corner and choose System Settings, General, then Software Update.

Consider removing as many browser extensions as possible. Sometimes malware infects browser extensions or comes included when you install an extension.

Use multi-factor authentication (MFA) on all the websites, Software as a Service (SaaS) solutions, and everywhere else you can. Choosing to receive a text message for the second step of the login process is much better than having no MFA, but it is not the most secure choice due to the SIM-Swapping attackers use. They learn as much as they can about you, frequently using AI, and contact your phone provider and try to convince your provider that they are you and that you have a new SIM chip or a new phone. Recent breaches have exposed your location history gathered by companies who write apps and sell your location information. Threat Actors can use AI to combine location information with publicly available data to learn much about you and your life. If the phone provider is duped, they’ll successfully take over your account and be able to receive the text messages on their device. If you ever change your phone number, you’ll need to go to all the websites where you set up text-based MFA, disable MFA, and re-enable MFA when you get the new number.

For more secure multi-factor authentication, if the website or SaaS tool allows, set up an authenticator app on your smartphone that generates a number every thirty seconds. This Time-Based One-Time Password (TOTP) is more secure because it doesn’t rely on a text message. Popular authenticators include Google Authenticator, Microsoft Authenticator, Authy, and more. (Same disclaimers as above). Be sure to back up your authenticator app in case you lose or upgrade your phone. Otherwise, you could be locked out of everything you set up for TOTP. If you can’t generate the codes, you won’t be able to log in to the sites that require that code. There are other options that are more secure than text message-based MFA, including USB Keys, Passkeys, etc.

Be sure you use different passwords for every website or SaaS offering. When attackers compromise your password anywhere, they’ll perform credential stuffing, meaning they try the same username and password at dozens of other popular websites and SaaS platforms. It is challenging to remember passwords, and password manager software can be very helpful. Password managers remember your passwords for you and can fill them in when prompted. Although web browsers have this feature, too, many people consider password managers more secure since, if an attacker compromises your browser, the passwords are not readily available to them. Some password managers will synchronize across multiple devices, reset weak passwords for you, and offer other features. It is almost always best not to use the VPN and other services that come with password managers. 1Password, DashLane, Keeper, LastPass, and many others are common. (Same disclaimers about not endorsing these nor do we get compensation). And Apple has revamped the MacOS Keychain password manager to be more secure than it was. When you use a password manager, be sure it is backing up somewhere in case you lose your laptop. Apple Keychain automatically backs up to iCloud and synchronizes across your other devices.

If you have sensitive data, consider encrypting the files in case Banshee Stealer or other malware accesses and steals them.

Computers and devices communicate through a network, copper or WiFi. Malware can move from one computer to another. If you use your Mac at home and family members have Macs who aren’t as careful as you are, having a segmented network for you to use, separate from everyone else, helps protect you from malware spreading from their computers onto yours. Segmentation is slightly technical, and the easiest way to segment a home network might be to have all the other family members connect to the “guest” network and use the primary network.

Set up text messages for all financial transactions. Most financial institutions offer SMS or email alerts whenever transactions larger than a certain amount are processed. I have my accounts set to text me anytime a transaction of more than one dollar occurs on any account because that is the minimum amount my banks allow. Yes, I receive many alerts, but I’d prefer to receive many alerts than not knowing about an unauthorized withdrawal. Continue to monitor bank statements and other financial records.

If your company has an Extended Detection and Response (XDR) solution, contact your IT professionals to be sure they’ve installed the XDR agent on your Mac, too. If your business isn’t already using XDR, you must. This technology is designed to detect and stop malicious activity before it has time to do much, if any, harm. Examples of XDR tools include Crowd Strike, Cynet, Sentinel One, and more (we don’t endorse nor receive compensation for mentioning them).  As cybersecurity consultants, we recommend that our customers get XDR from their IT Team’s vendor. The typical approximately $20/mo/user seems expensive until after a breach. Many companies get breached even though they have XDR in place, but the most common reason is that something wasn’t implemented correctly or there is a breakdown or delay in communications. Companies engage with us to perform independent periodic vigorous red team exercises to attack and test their XDR response. Most XDR implementations fail the first exercise, but finding weaknesses before the threat actors do is the point. After the exercise and forthcoming recommendations are implemented, a company is much more prepared for a real-world attack.

This recommendation isn’t for everyone; I left it for last. Implementing this can be complicated and frustrating and is most often initiated by enterprises using Windows and Mac. Another strategy to help avoid getting malware from websites is to use a hosted browser, also known as browser isolation. This service runs a web browser on their servers, and your computer shows you their browser. Thus, all browser attacks will attack the company hosting the browser, not your computer’s browser. Sometimes, hosted browsers work better than others, but you might consider this option to further isolate and protect your computer from browser-based threats. For example, if a website wants to access your local mic and camera, it won’t work since you’ll be using the hosted browser. But this protects you from malicious websites that take over your mic and camera. My research to locate a hosted browser for the Mac was complex, and I want to rush this blog to the press due to the urgency of Banshee Stealer. Candidates for stand-alone hosted browser solutions for the Mac include Menlo Secure Cloud Browser, Authentic8, and the Puffin Browser. Zscaler and Cloudflare also offer hosted browser solutions for the Mac, but they don’t seem to be sold as a stand-alone solution but as part of a larger package. We are not endorsing or receiving any compensation for listing those products.

Proactive Steps to Take In Case You Get Infected:

There are other steps to take that will help you if you do get infected. Be sure you are backing up with Mac OS’s built-in Time Machine or another service. Using multiple external USB drives for backup and rotating them is a great idea. Mac OS will keep track of each drive and apply the backups when you plug in the specific drive. Strongly consider an online backup service. Examples of highly rated cloud backup services for Mac users include BackBlaze, iDrive, and Acronis, but there are others. We are not endorsing those, nor do we receive any compensation for recommending them. You might even copy your files to an online storage service; use multi-factor authentication and all the other industry-best cybersecurity practices for cloud storage. Some people copy their most important files to one or more external drives, leaving them disconnected except when copying files.

What to do if you think you are infected:

Turn off your Wi-Fi or disconnect your Ethernet cable to stop any more files from being stolen and uploaded.

Run an anti-malware package described above under prevention.

Continue to watch your financial accounts for any suspicious activity.

Follow all the steps above under the section on what to do to avoid infection.

Consider moving your assets to a new, secure wallet if you use cryptocurrency.

You should contact gurus at Apple or another support organization who can help you with your Mac.

Reset all of your passwords. If you are not using a password manager, now might be a good time to do so.

Decide whether to alert your business and associates that if they receive an email pretending to be from you, it is likely not from you.

If you want to feel confident you’ve removed all of the malware, consider backing up your data and performing a clean install of macOS.

Final Thoughts:

I hope you do not become infected with Banshee Stealer and are not already infected, which is tricky to detect. Following the guidance in this article can also help protect you from other Mac malware. Tell your friends.

The post Mac Users – Urgent Security Alert: Protecting Your Mac from Banshee Stealer Malware appeared first on Foster Institute.

A Real-World Example from the Workplace: Recently, a new employee at a company received a fraudulent text message on her personal phone, supposedly from the company’s president. The president had not sent any text, and the company had not stored her personal phone number. How did the threat actor know? It’s possible that a data broker linked the new employee’s private phone number with the president’s name at the new company by eavesdropping on a conversation, such as her telling a friend about her new job. Upon investigation, the employee found that some unexpected apps had access to her microphone.

A Real-Word Family Example: Last week, a husband and wife discussed dental options for their child at the breakfast table with their phones nearby. They hadn’t typed anything into a computer or searched online, yet less than an hour later, one received a text message from a company offering dental aligners. How could this happen? An app on their phone might have accessed the microphone, listened to the conversation, and shared the information with a data broker. The data broker then provided this information to a company selling dental aligners, prompting them to send a targeted text message. Have you or someone you know had similar experiences?

How It Happens: Some apps collect data, including audio data from a microphone, and sell it to data brokers, also known as Marketing Data Aggregation Warehouses. These brokers aggregate and sell data to various businesses, including marketing and advertising firms. These businesses then use the information to send targeted advertisements or, in the case of threat actors, perform sophisticated phishing attacks designed to extract sensitive information or commit fraud.

Apps are supposed to request your permission to access your microphone. However, this “user’s consent” often comes from clicking “Do you agree to the privacy policy” during installation. Most users do not read these policies and agree just to use the app. Privacy policies can be vague, stating that the user allows the app to collect information and share data with third parties.

Several types of apps can gather information for sale to data brokers and request microphone access in their privacy policies. These include:

• Social Media and Communication Apps: Use microphone access for features like voice messaging and video recording, sharing collected data for advertising.
• Virtual Assistants: Require microphone access for functionality, collecting voice queries and background noise for service improvement and advertising.
• Gaming Apps: Mobile games with voice chat request microphone access for communication, sharing user data for advertising.
• Productivity Apps: Note-taking and voice recorder apps request access for audio notes and transcriptions, collecting valuable user data.
• Health and Fitness Apps: Fitness trackers and health apps request microphone access for voice input, collecting sensitive health data.
• Utility Apps: Simple apps like flashlights and calculators sometimes request unnecessary permissions, including microphone access, to gather user data covertly.
• Marketing and Rewards Apps: Request location and microphone access to collect user data, which is then sold to data brokers.

These apps often include clauses in their privacy policies that allow microphone data collection, which users might unknowingly grant, leading to targeted advertising and other uses by data brokers.

For further reading, refer to articles like “FTC Cracks Down on Mass Data Collectors” by the Federal Trade Commission.

Protecting Your Privacy: To protect against such risks, Apple, Google, and Microsoft have all implemented ways to help ensure your microphone’s privacy even if users agree to the privacy policy. Instructions for disabling access to your mic are listed below. It’s crucial to regularly review and update app permissions on your devices, ensuring that only essential apps have access to sensitive data like the microphone.

Beyond Annoying Ads: Threat actors can use similar tactics to perform targeted attacks and commit fraud against individuals and their companies. For instance, the fraudulent text message received by the new employee could lead to more sophisticated phishing attacks intended for extracting sensitive information, transferring money, or other financial fraud.

Follow the instructions in the following draft memo you can send your workers and tell your family:

Memo to All Employees: Securing Your Microphone Privacy Settings

Dear Team,

We are committed to ensuring the privacy and security of our employees’ personal and professional information. Recent reports have highlighted the risks associated with apps accessing device microphones without explicit consent, potentially leading to targeted fraud and privacy breaches.

To protect your privacy and our organization’s security, we ask all employees to take a few moments to review and update the microphone privacy settings on their devices. Below are step-by-step instructions for various platforms:

For Apple Devices:

1. Go to Settings > Privacy > Microphone.
2. Turn off the microphone for all applications that do not need access to your mic.

For Android Devices:

1. Go to Settings > Type Microphone, Privacy, or Permission Manager in the search box. If you do not see the privacy settings, you might need to use a search engine or chatbot to find specific instructions for your device model and version of Android.
2. Turn off the microphone for all apps that do not need access to your mic.

For Windows:

1. Go to Settings > Privacy & Security > Microphone.
2. Turn off the microphone for all apps that do not need access to your mic.

For Macs:

1. Click on the Apple symbol > System Settings > Privacy & Security > Microphone.
2. Turn off the microphone for all apps that do not need access to your mic.

Practical Steps:

• Revoke Unnecessary Access: Disable microphone access for all apps that do not need it. Allow exceptions for essential apps such as video conferencing tools and browsers if you use them for meetings. If you are uncertain, restrict access; the app will request permission if it needs access in the future.
• Test Essential Apps: Before your next meeting, verify that the apps you frequently use for video conferencing and other essential functions work correctly with the microphone settings you have configured.
• Restrict Other Permissions: While adjusting your microphone settings, you’ll see other settings. To further protect your privacy, consider restricting access to your camera, location, contacts, and other sensitive data.

We live in a world where protecting our privacy is increasingly our responsibility. Threat actors are becoming more sophisticated, so it’s crucial to stay vigilant and proactive in securing our devices.

Thank you for your attention to this important matter. If you have any questions or need assistance, please ask.

(In the last sentence, you can give them more specific guidance on what to do if they have a question)

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

The post Are Threat Actors Listening to Your Phone? Secure Your Mic to Reduce Security Risks and Protect Your Privacy appeared first on Foster Institute.

The Risk: When Convenience Becomes a Liability

Imagine this: You’ve visited a coffee shop and connected your smartphone to their Wi-Fi network. Your device remembers this network to connect automatically next time. Seems harmless, right? Here’s where the risk creeps in.

Once you tell a device to automatically reconnect to a remembered network in range, your device will continuously send out “probes” or signals looking for that network, typically one to four times a minute and more often when other events can trigger a probe. A threat actor can set up a Wi-Fi access point with a common SSID name, such as “home.” And what if your device is configured to automatically connect to a network you trust named “home?” When your device, say your smartphone or laptop, is within range, it might automatically connect to this rogue Wi-Fi network without your knowledge.

The Trap: A Deceptive Doppelgänger

This rogue network, set up by the threat actor, is a doppelgänger of your trusted network but with nefarious purposes.

Remember: Your device connects to the rogue access point automatically and often without alerting you at all. (see “what about passwords” below). This attack does not need you to make any mistakes to succeed, and it can happen without your knowledge.

Ten common network names threat actors can use that will often lure devices from unsuspecting users to connect include:

• xfinitywifi
• linksys
• Marriott_Guest
• Hyatt
• hhonors
• NETGEAR
• Guest
• dlink
• FreeWifi
• Home

To make it even easier to connect, there are commercially available devices that listen for the SSID name in a probe from an unsuspecting user’s device and then broadcast that name in an effort to capture the device’s connection. In that case, it doesn’t matter how unique your SSID is, an automated device can attempt to establish a connection without your knowledge. If you are technically minded, you can read the section at the bottom of this article for a detailed explanation of how probing works.

Once connected, the attacker can intercept your device’s data. This interception could be called a “Man-in-the-Middle” attack. Thanks to encryption technology, the attacks are more complicated than they used to be, but they are still possible in some circumstances. If the attacker successfully establishes the Man-in-the-Middle connection, imagine sending confidential emails, accessing your company’s financial data, or even logging into your personal banking app, all while an unseen cybercriminal is potentially recording every keystroke and data transfer.

Another serious concern is if threat actors know of undiscovered vulnerabilities that will allow them to hack into your device. This is one of the most important reasons to always apply security updates when they are released and always keep backups for the unlikely scenario of an update causing a problem on your device. Even if you applied all of your security updates, sometimes attackers know of ways to break in that haven’t been discovered by the device’s manufacturer, operating system producer, or app developer yet. Thus, there are no updates written. Bad actors can use tools to scan your device and exploit vulnerabilities quickly. Their ultimate goal would be to take control of, or pwn, your device. This isn’t always easy if you have all your updates in place, but it isn’t impossible either.

The Consequences: A Digital Pandora’s Box

The consequences from attackers successfully tricking your device into connecting to their rogue access point and exploiting vulnerabilities can range from private information exposure to significant breaches:

1. Personal Data Theft: Sensitive personal information can be stolen.
2. Corporate Espionage: Confidential business information could be compromised.
3. Identity Theft: Your digital identity could be used for fraudulent activities.
4. Network Infiltration: Once a device is compromised, it can serve as a gateway to your business’s entire network.

Prevention: Turning Awareness into Action

As executives, instructing your workers to implement security measures is crucial. Here are some actionable steps you can take in the Wi-Fi settings of your laptops, phones, and tablets:

1. Forget Networks: In your device’s Wi-Fi settings, examine the network names identified as “remembered” or “my networks.” Tell your device to ‘forget’ networks by removing them from the ‘my networks’ list, except those you use frequently. Were any of the ten listed above remembered on your device? To establish the unauthorized connection, the threat actor would need to use the name of one of the networks you leave remembered or use the device mentioned above that responds to probes for names your device sends.
2. Avoid a False Sense of Security: If your device has the “Ask to Join Networks” setting, read the fine print. The device will still join known network names without asking. The setting is usually more about asking before joining new or unknown networks, rather than known ones.
3. Turn off Wi-Fi When You Aren’t Using it: To reduce your exposure dramatically, disable Wi-Fi when you are not using it. Your device will stop probing, stop listening for access points broadcasting their name, and won’t connect to any Wi-Fi networks. Some devices have a quick shortcut to turn off Wi-Fi from an easily accessible menu, but they might turn Wi-Fi back on again after a while or when you move to a new location. On those devices, if you go into “Settings” to disable Wi-Fi, it should stay off until you manually change the setting to “on” again.

What about Wireless Passwords?

If the original remembered network you connected to, such as the coffee shop network, had no password, your device would join the network automatically and not alert you. This is a common risk with some remembered networks. You may have noticed that many hotels and some coffee shops and restaurants now require no Wi-Fi password; this is undoubtedly to reduce guest frustration and the number of calls from hotel rooms to the front desk asking for the password. The prevalence of public networks without passwords makes it especially important for you to tell your device to forget networks and be sure to forget the ones with no passwords.

However, if the “remembered” network did have a password, then to get your device to connect automatically without warning you, the threat actor will need to set the same password on the rogue access point. It is simple for an attacker to know the password for coffee shops and other networks that share the password with guests.

Many companies will set passwords on networks and hopefully don’t write the password on dry-erase boards in the meeting room. Even if the passwords are configured at the company, and users do not know the password since the IT Professionals configure their computers, if an attacker is able to access one computer, in-person or remotely, there is a chance they can run a script to find out the wireless password for the company. This is why some companies use enterprise-level Wi-Fi authentication that does not rely on a shared password.  Or, attackers can use social engineering to successfully trick a user into providing the network password. If a user’s device doesn’t detect any anomalies between the rogue access point and the access point it is used to connecting to, the user will not be alerted they are connecting to a rogue access point, and their device will connect automatically.

An exception that might generate an alert is when there is a discrepancy between the security settings of the known network and the one to which the device is trying to connect. An example is when the rogue access point does not have a password, but the remembered network does. In this case, some devices will prompt you: “Are you sure you want to join this network?” The default button, “join,” is preselected. Unless you are on the lookout for this kind of message and know the seriousness, you might click “join” and not think anything of it. Sometimes, the device will connect and not alert the user but will quietly list the word “open” or “insecure” under the network name on the list of networks under settings. Most people do not periodically look at the Wi-Fi settings, so the label often goes unnoticed. Even if a user does notice the label, there is a good chance the attacker already probed for weaknesses and exploited any vulnerabilities they discovered.

However, if you ever see a prompt asking you to re-enter a password, that is a huge red flag, and you need to assess the situation carefully to determine if your device is attempting to connect to a rogue access point with an inaccurate password.

And to be sure you don’t have a false sense of security, remember that devices do not prompt the user if the security settings of the new network match those of the remembered network, and the device will quietly automatically connect even if it’s a rogue access point.

What about a VPN?

A Virtual Private Network (VPN) is a technology that encrypts data as it moves to and from your device. This encryption can prevent attackers from reading your data. However, it’s important to note that a VPN doesn’t protect you from attackers who scan for unpatched vulnerabilities, search for open ports, and exploit weaknesses on your device. Even if you use a VPN, you’re still vulnerable to such attacks. Follow the instructions above to help ensure your online safety.

Final Thoughts: Balancing Convenience with Caution

In today’s fast-paced digital world, convenience often beats caution. However, in the realm of cybersecurity, this trade-off can have dire consequences. As leaders, our role extends beyond making decisions; it includes understanding and mitigating the risks associated with the technology we use every day. Stay safe, stay informed, and lead your organization confidently in this digital age.

Technical Details About the Probing Process

For the more technically minded, here is more information about the probing process. When we say that devices are constantly probing, they are, and the probing might be once every 15 to 60 seconds. The probing frequency can vary, for example, if you put your device in low battery mode.

In addition to devices probing, know that Wi-Fi access points, including rogue access points attackers use, broadcast their network name, a process called beaconing, sometimes as often as ten times every second. The rate of beaconing is usually configurable by your IT Professionals.

If you look at “available networks” in “settings” on your device, you might notice that the list takes a few seconds to build because your device is cycling through multiple Wi-Fi frequencies, listening for the beacons.

An interesting setting not everyone is familiar with on wireless access points is that you can instruct the access point to be “hidden.” If you do, then the access point will not send out beacons. However, hidden networks, while not broadcasting their SSID, will still respond to direct probes that contain their SSID name. So, as soon as your device sends out a probe looking for the remembered hidden network, which it does regularly, as described above, the access point will respond, and your device will connect. Just because a network you “remembered” is hidden at your home or office doesn’t affect a threat actor’s ability to lure your device into connecting to their rogue access point, even if the hacker’s access point is not hidden.

Additionally, to reduce the delay in connecting, your device will send immediate probes in certain circumstances, such as when it wakes from sleep, when you open your laptop’s lid, or if you just disabled airplane mode. Your device will quickly find access points, even rogue ones, especially if they are “remembered.”

A significant benefit to attackers of your device probing periodically, such as every 15 to 60 seconds, is when the attacker doesn’t already know the network names your device has remembered. The attacker tools wait for the probe, then know the name, and the rogue access point automatically claims to have that network’s name. This is a very powerful way for attackers to capture as many unsuspecting users as possible without needing to predict the names of remembered networks.

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post Outsmarting the Invisible Threat: How Cyber Attackers Hijack Your Wi-Fi Connections and How to Protect Yourself appeared first on Foster Institute.

To combat this, Apple’s iOS 17.3 introduces “Stolen Device Protection”. Here’s why activating it is crucial:

1. Face ID/Touch ID Requirement: Your iPhone will require your Face ID or Touch ID to turn off lost mode or erase the phone.
2. Time-Delay Security: Changes to your Apple ID password, iPhone passcode, and key settings now have a one-hour delay.

Settings for Theft Protection:

• Quick Tip to find specific settings: Open Settings, swipe down slightly, and use the search box that appears at the top. You will find all of the settings in bold text by searching in Settings:
• Software Update: iOS 17.3 enables Stolen Device Protection.*
• Backup: Check your backup status by searching for Backup in Settings.
• Use Face ID or Touch ID so potential thieves won’t see you enter your passcode.
• Activate Stolen Device Protection:This is the new setting that spurred me to write this blog for you
  
• Ensure “Find My” is enabled on Apple devices. Use iCloud.com/find or the Find My app to be sure tracking works.

Other Essential Steps:

• Have alternate login methods for resetting passwords for apps and websites that use multi-factor and two-step logins.
• If you use authentication apps, ensure you configure ways to generate codes or recover keys if you lose or erase your phone.

If Your Phone is Stolen:

• Act Fast: Use iCloud.com/find or the Find My app to enable “lost mode” and track your phone.
• Consider Carrier Notification: They can disable phone calls and cellular data but might limit Find My functionality.
• Device Erasure: If you have backups, and ways to recover keys in authentication apps, use Find My to erase your device to help prevent data access.
• Password Resets: If not erasing your phone, consider resetting passwords for critical accounts if passwords are stored on the phone or if apps login automatically.

As always, threat actors will seek ways to bypass this protection. As of now, this feature is a huge leap forward to protect an iPhone and iPad from thieves who see the passcode. Congratulations, and thank you, Apple!

*If your phone or tablet is too old to update to iOS version 17.3 or newer, see https://fosterinstitute.com/be-prepared-know-the-impact-of-iphone-theft-and-what-to-do-right-now/. for recommendations.

Note: Testing the Stolen Device Protection feature at home may not work, as Apple devices might waive the strict requirements in familiar locations like home or work. You can read all of the details about Apple Stolen Device Protection for iPhone here: https://support.apple.com/en-us/HT212510

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post Safeguard Your Apple iPhones and iPads: Activate the Latest Theft Protection Setting Now! appeared first on Foster Institute.

The race is on. They’ll step around a corner, unlock your phone with your passcode, click on settings, Apple ID, and reset your Apple ID password. All they need to know is your passcode to the phone. Your phone asks them, “Sign out other devices using your Apple ID?” Of course, they know to say yes.

Update on January 27, 2024: Apple has a new feature called Lost Device Protection released with iOS version 17.3 that helps solve this problem. Learn more here: https://fosterinstitute.com/safeguard-your-apple-iphones-and-ipads-activate-the-latest-theft-protection-setting-now/

They know that if you put the phone in Lost Mode, they have the passcode and can unlock the phone immediately. You might have your Apple ID protected with two-factor authentication; good work! But the second step of the verification process displays a verification code on your trusted devices. Unless you set your phone otherwise, the thief has a trusted device. Unless you posses a trusted device tied to your Apple ID, you won’t see the verification code, and your attempt to log in will fail.

At this point, only they can perform any functions that require you to enter your Apple ID and password.

Strive to Intervene:

The process only took seconds. It is unlikely you can stop their next moves quickly enough.

Perhaps your friend walked up as the thief was running away. Thinking you might win the race, you grab in a friendly way, of course, any device they have with Internet access and open https://appleid.apple.com. Enter your Apple ID and your password quickly! Remember, the bad guy is around the corner racing you. Then, guess what? Unless your friend’s device is a trusted device on your Apple ID account, you won’t see the secret code you need to log in. The thief will see the code on your stolen phone’s screen, and they’re laughing but admire your trying. You never had a chance in that race. Read more below about setting up Recovery Contacts and Recovery Keys.

But a way to win and be faster than the thief is if you have your second iPhone in your pocket booted up and connected to the Internet. If so, scramble to be the first to open settings, Apple ID, scroll down through the devices, and log out the stolen device. Reset your Apple ID password. Great job! You did it! They can use the phone and most apps, but at least they cannot take over your Apple ID. Keeping two iPhones connected to your Apple account with you will help if one gets stolen.

Or, a more likely scenario than having two phones, maybe you happen to have your Mac open on the table in front of you the moment the phone is stolen. Assuming you weren’t using the phone as your hotspot, quickly click on the apple symbol in the top left corner, choose system settings, Apple ID, password & security, change password, find the stolen device in the list at the bottom of the menu, log it out, and reset your Apple ID password. Whew! They’re not going to gain control over your Apple ID. But they can still use your apps, log in to bank accounts, and access your company email, so you’ll need to reset all those passwords too.

Will you win the race, or will they? Maybe you want to practice the process a few times.

More Things the Thief Can Do to Affect You:

As you read this, do not be terrified. You can relax and remember this scenario assumes a thief has stolen your phone after watching you enter your passcode and memorized it. Hopefully, that will never happen to you, and it is good to be aware of some consequences, your response, and some preventative measures so you can educate your friends.

Since the thief knows the phone’s passcode, they can reset the Apple ID password. Then they can log in to your Apple account and affect your other Apple devices, including Mac laptops and computers connected to your account.

Then the bad actor can access your device’s Keychain, Apple Pay, Apple Cash, and other sensitive information. They can reset the Apple account’s recovery key. The thief can turn off location services so the phone cannot be tracked. They can change the Apple ID account’s trusted phone number and email address to make it even more difficult for you to regain access to your Apple account. They can change Face ID and Touch ID to their face and finger. They devastated your digital world and will start to steal your money and wreak havoc in your life. And don’t blame Apple; blame the bad guys.

Chances are that most of the apps on your phone will still work even if you log the device out of your Apple account. If the apps remember your passwords for you, then the attacker can use the apps. If you have a password manager that automatically fills in passwords without asking you to prove you are you, the password manager will also fill in passwords for the thief.

And if any of your apps, bank, email, or other services send a text message to your phone to verify your identity, and the thief has your phone, they will get the text message to authenticate and can impersonate you.

And any tools you have that rely on Apple’s Face ID or Touch ID to confirm your identity, if the thief resets Face ID or Touch ID on your phone to their face or finger, they’ll have access to those tools too.

Continue Immediate Steps:

You’d better rush to reset passwords to financial and other sensitive services. See the section on multi-factor authentication below.

Contact your phone service provider and convince them to disable your stolen phone’s ability to call or receive text messages until you buy your new phone.

Reset Passwords on all your other accounts for email, online payment tools, social media, cloud storage, and more. Apple devices, including the stolen phone, are very powerful for running apps, accessing email, using web applications, and more, even if the thief does not know the password for your Apple ID. If a thief has your phone, you have many passwords to reset quickly.

Keep trying to regain control over your Apple ID account. You can download the Apple Support App on your friend’s Apple device and initiate a process that will allow you to set a different phone number for the Apple ID verification process. Still, you must have access to the email address associated with your Apple ID to receive an emailed verification code. If you pass that verification, then endure a waiting period of at least 24 hours. The recovery process is similar to recovering your account at https://iforgot.apple.com/. The thief can cause much trouble during the day or longer wait. Read more below about the preventative step of setting up Recovery Contacts and Recovery Keys. More information about the recovery process: support.apple.com/en-us/HT204921. Apple’s guidance if someone gains control of your Apple ID: support.apple.com/en-us/HT204145.

Some people would advise you to not remove the stolen phone from your Apple ID account. If you do, you will lock yourself out of many ways to recover the phone, although the thief can block many of the protections because they know the passcode.

Multi-Factor Authentication:

An essential protection strategy is configuring multi-factor authentication, such as facial recognition, on apps and websites that support MFA. However, many two-factor authentication techniques rely on you having access to your phone.

It can be complicated to reset passwords on your sites and apps using multi-factor authentication if the second factor goes to the stolen phone’s phone number or relies on you having your phone for some other step. If you set up the MFA to send a text message to the phone, and the thief has your phone, they will see the text message, and you will not.

That might spur you to get a new phone and transfer the phone number to your new phone ASAP before the attacker logs into your apps and sites and changes the verification phone number to a number only they can access, and locks you out.

For websites or services that only support text messages for the second step, consider having text messages go to a device other than your phone.  Consider investing in an inexpensive flip phone with a different phone number to receive text messages. If the website or app supports other options for the second factor besides only text messages, consider how a phone thief could bypass them.

For example, if MFA involves an email message, if the thief can easily access your email on your stolen phone, it defeats the purpose of MFA. If you set up email as the second step, use an email address that requires some other form of authentication or is unavailable on the phone. Ensure email messages do not pop up on the preview screen when received.

Or, do everything possible to prevent an attacker from stealing your phone and knowing its passcode.

If you use passkeys, be sure to see this blog posting: https://fosterinstitute.com/the-risk-iphone-theft-poses-to-your-passkeys-and-what-to-do-now/

Prevention:

To Apple’s credit, and they deserve a lot of credit, they are taking many steps to fight this problem. They must balance the phone’s usability with security, and their multiple advanced security controls are extraordinary, and their responses are highly effective. In the constant game of cat and mouse between those who want to protect you and those who wish to harm you, there might be better defenses when you read this. As of now, here are some essential steps to protect yourself:

One of the most helpful defenses is to be cautious about where and when you enter your passcode. Hence, attackers never find out your passcode. An attacker must know the passcode to the phone as part of resetting the Apple ID password. Using an alphanumeric passcode would be more difficult for a bad actor to read from a distance than a four or six-digit passcode.

Another strategy is to use facial or fingerprint recognition to unlock the phone. That would be Face ID, or Touch ID when available, on Apple devices. If the user doesn’t type their passcode into the phone, nobody can “watch the victim type their code” into the phone. If Face ID won’t work due to lighting conditions or some other factor, rather than entering the passcode, you could move somewhere safe where Face ID works.

Even if the attacker holds the phone in front of the victim’s face and the phone unlocks, the attacker still won’t know the passcode to reset the Apple ID account password. Furthermore, Apple’s Face ID settings have an option called “Attention Detection,” so if the user is unconscious or drugged, the facial recognition will refuse to unlock the phone. Unless the thief coerces the victim to tell them the passcode, the thief cannot reset the Apple ID password.

Consider using a password manager rather than the Keychain that is tied to the Apple ID. If the user doesn’t use the Keychain to store passwords and uses a password manager such as 1Password, LastPass, NordPass, or others, then the thief knowing the phone’s passcode does not give them access to passwords stored outside of the Keychain. Ensure your password manager’s settings force you to enter a passcode and do not use the same passcode as the phone.

Before everything seems hopeless, remember this disaster starts when a thief sees you enter your passcode and steals your phone.

Be Proactive:

Erase your SSN, NI, DL, Passport, or other sensitive information anywhere you’ve stored it, whether in text, contact records, photos, and everywhere else. The thief will search for that information and use it to open accounts, take out loans, and perform other identity theft compromises.

And obviously, don’t share your passcode with anyone other than, if you are going to share it, a family member or close friend you can trust with the key to your digital world.

If you’ve not done so recently, visit appleid.apple.com to update all of your personal or security info. Look for an email address that is not yours. Be sure you recognize the devices in your account.

While you are there, consider setting up someone you trust who has an Apple device as a Recovery Contact who can vouch for you and generate a code to help you recover your Apple ID. They cannot access your data, only verify your identity if you lose access to your Apple ID. Details: support.apple.com/en-us/HT212513

You could set up a 28-character Recovery Key to print out and store in multiple secure locations to help you recover your Apple ID. But be careful. If you choose to have a Recovery Key, and lose the 28-character key, even Apple cannot help you recover your Apple ID. Details: support.apple.com/en-us/HT208072

You’ll see an option to set up a Legacy Contact who, with access to your death certificate, can access your photos and text messages but not passwords. Details: support.apple.com/en-us/HT212360.

Stay current on updates. Rarely do updates create security issues; more often they provide protection against ways attackers find to bypass security.

If you lose access to your Apple ID, you could permanently lose access to your photos of you, your friends, and your family. This underscores how important it is to keep backups of your Apple photos and videos in case someone takes over your Apple account: https://support.apple.com/en-us/HT209454.

Reality Check:

Rather than go through life fearing what could happen, reduce the damage you can suffer and the likelihood of something terrible happening. Continue to recognize and avoid dangerous situations and locations. Keep your phone secure, never enter your passcode when someone can see you, and take the preventative and proactive steps above. Now that you know the risks, your subconscious will alert you to dangers more than before.

Examine your risk tolerance. Balance the likelihood of someone stealing your phone against the damage a phone thief can cause you. If you need to be super-secure, you can reevaluate your practices based on the information contained within. Some people might take some steps to reduce the danger and accept what risk is left. Others might leave their phone locked safely at home more often when they go out.

With the advent of AI, attackers will find new ways to steal, but AI will also help develop new ways to prevent attacks. Everything is changing so quickly on both sides. When you read this, perhaps additional protections are available to help keep you, your organization, and your loved ones safe.

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post Be Prepared: Know the Impact of iPhone Theft and What to Do Right Now appeared first on Foster Institute.

If you want to know more about passkeys: https://fosterinstitute.com/the-rise-of-passkeys-a-paradigm-shift-in-authentication-technology/

To gain the most value out of the information below, first review the details about how a stolen phone creates an authentication disaster: https://fosterinstitute.com/be-prepared-know-the-impact-of-iphone-theft-and-what-to-do-right-now/

As mentioned above, if your phone with passkeys is stolen, the thief can access your accounts and deny you access. Because passkey technology and strategies are constantly evolving, there might be more solutions when you read this. As of now:

One possible solution would be storing the passkeys in a password manager, not the Keychain. Then, as long as the attacker cannot unlock the password manager, the attacker will not have access to the passkeys. And if an attacker destroys the passkeys in the Keychain or blocks access to your Apple ID and thus Keychain, you would still be able to access your passkeys since the passkeys are stored in the password manager. The password manager NordPass advertises allowing users to create, store, and share passkeys between their devices. The password managers 1Password and LastPass have announced they will support storing passkeys soon. As you read this, other password managers might support storing passkeys too.

Without using a password manager to store passkeys, another way to protect passkeys would be to set up passkeys in multiple environments. Many iPhone users have a Windows desktop or laptop too. Or they might purchase an Android device where they could configure passkeys. Even if an attacker resets the Apple ID password or deletes the passkeys from the Keychain, thus blocking the victim’s access from all their Apple devices, the victim can still access their sites protected with a passkey generated using their Windows or Android device. Then they can revoke the passkeys created in their Apple ecosystem to prevent the attacker from authenticating from the stolen phone.

But unless users have them already, it is extra trouble and expense to buy a Windows computer or Android phone and remember to set up passkeys on two different devices. Someday, the technology created for convenience might allow the same passkey to function across Apple, Windows, and Android devices. That would render this strategy ineffective, but it could be a long time before such cooperation comes to fruition. A drawback of having more than one device is it gives thieves more opportunities to steal. Thus, using a password manager to store passkeys is a better option for many unless they distrust the security of password managers.

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post The Risk iPhone Theft Poses to Your Passkeys and What to Do Now appeared first on Foster Institute.

Set a passcode on the device. Even a 4-digit code is much better than nothing. Just avoid 0000, 1111, 1234, 2580, or other easily guessed codes. Keeping the device in your possession, or in a secure place, is just as essential since is can prevent the opportunity for someone to guess your password.

Keep the device backed up, and apply security patches as soon as they are released. The patches often protect against attacks that are already happening in the wild.

Do not connect to Wi-Fi networks without weighing the risk of convenience versus your potential benefits. When you connect to any Wi-Fi network, there is a chance that attackers can exploit your device in many ways. Because bad actors can trick your device into connecting to their malicious access points without your knowledge, consider using your device’s settings to disable Wi-Fi when you are not using it. Re-enable Wi-Fi only when you are at your office, home, or in another trusted environment.

At the office, there is technology that will allow your IT team to implement MDM, Mobile Device Management, to restrict your team members’ activity on their devices. This can help protect against one of your team members accidentally becoming a vector for attackers to access, and potentially interfere with, your entire organization’s network.

For families, keep these three possibilities in mind:

First, use the internal parental controls and restrictions that are built into the device. The settings and features are very effective, and well documented on the support sites. More features can be added with security and feature updates, so review the settings periodically. The best strategy for using these restriction settings is to use steps A, B, and C.

• Step A: As you apply security and privacy restrictions to a device for a family member, keep reminding yourself that you are restricting that device for their, not your, needs. It is easy to think about how you might want to use wireless payment options, and then you avoid restricting the options accordingly. When in doubt, restrict. You can always re-enable features later.
• Step B: Before applying parental control restrictions, first configure the other settings on the device. If you apply parental control restrictions first, you may find that you’ve restricted your own ability to adjust these settings.
• Step C: Wait until you finish steps A and B before you apply the restrictions designed to protect family members. You’ll be prompted to create your own unique password so that, in theory, only you can adjust the parental controls.

Second, when protecting families, consider commercially available tools designed to enhance your ability to, not only restrict, but also monitor usage. Many reviews place a product named Qustodio at the top of the list. We receive no compensation in any way for recommending this, or any other product or service. We just want you to have a place to start. It seems that, for many of the control tools available, parents either love them or hate them, depending on their expectations. To help ensure a good outcome for you, research the features and read comments from other parents. Restrict your search to comments made in 2017. Each product’s features, and approval ratings, tend to change from year to year. Some products will even permit you to restrict laptops and desktop computers in addition to tablets and phones. Interestingly, you may find that third party software is able to restrict Android devices more than Apple devices. This is because Apple’s own internal controls are already so restrictive, they can partially block the parental control software too.

Third, consider restricting the Internet access at your home, too. For example, you may choose to set a time limit on usage duration or time of day. This can help ensure that youngsters get enough sleep. A very powerful tool is called Circle with Disney. Again, we receive no compensation for recommending products or services. This tool is widely accepted as being one of the best. If nothing else, check out its features to help you get an idea of what you may want to control. It has a feature that can restrict access even when the device uses a cellular connection or connects to a different network. That added protection can prevent family members from simply going to someone else’s house to operate without restrictions. Bear in mind that Internet filtering tools do not restrict the ability for family members to use apps, except for apps that need to connect to the Internet in order to function. The afore mentioned products can control both apps and Internet usage. But sometimes having two products can be helpful too.

When implementing family control tools, remember that all of them include privacy risks. While restricting apps and Internet usage, software is able to monitor your family members’ electronic behavior too. That information can be sold to marketing firms who already build a profile on each consumer. Do you want to contribute to what they know about your family members? What if bad actors gain access to information that helps them target a family member? You may decide the risks are worth the benefits.

Please forward this information to everyone you know who might want to place restrictions on Apple and Android based devices. Thank you for helping make the world a safer place to live and work! Happy New Year!

The post Protecting and Restricting iPads, iPhones, and Android Devices appeared first on Foster Institute.

First, see if you are vulnerable. Click on the apple symbol on the top left of your screen, then choose About This Mac. If you have macOS High Sierra, you are probably vulnerable. If you have anything else, stop here.

Second, you can protect yourself by making sure nobody other than you can get to your computer. So far, though theoretically possible, the vulnerability has not been exploited remotely unless you have enabled “Share my Screen.” If you feel confident that no bad actors will have access to your computer, you can stop here.

Third, reset the root password. Apple provides the 8 necessary steps at support.apple.com/en-us/HT204012 , Scroll down to the section entitled: Change the Root Password. In their step 7, if the option Edit > Change Root Password is grayed out on your Mac, then instead click the option Edit > Enable Root User and continue with step 8.

Please forward this to everyone you care about that has a Mac.

The post Mac Vulnerability Permits Unauthorized Login appeared first on Foster Institute.

Your iPhone and iPad will prompt you to upgrade to the new iOS 11 soon. Having the most recent version of iOS is one strategy for being secure. Like Google does with the Android OS, Apple focuses on keeping the newest iOS free from security vulnerabilities.

But, with Apple’s new iOS 11, you need to be aware of a feature that might cause you to believe you are safe from Wi-Fi attacks when you are not.

Mobile devices are vulnerable to Wi-Fi attacks, and people who are serious about the security of their phone or tablet choose to turn off Wi-Fi except when they are at their office, home, or somewhere else they know they want to use W-Fi.

In the new iOS, turning off Wi-Fi in the Control Center does not really turn off Wi-Fi. Apple says this is a feature that keeps you from losing connectivity with Wi-Fi devices like an Apple TV or a Pen. But the practice of Apple leaving Wi-Fi on without your knowledge has created some discontent in some of us who want to help you be as secure as you want to be.

If you turn off Wi-Fi in the Control Center, your device will indeed disconnect online connections to Wi-Fi networks, at least temporarily, so it appears to work.

But Apple says that, as soon as the user walks or drives to a new location, the auto-join feature will turn itself back on without notifying or asking the user’s permission. I tried that, turning off Wi-Fi in my Control Center, and then drove a few miles just to see. To my happy surprise, the Wi-Fi did not re-enable. However, a little time later in my office, I noticed that the Wi-Fi had turned itself on again on its own.

Apple also says that auto-join will come on again automatically at 5 am. Sure enough, I turned off Wi-Fi in the Control Center at night, and when I checked the icon in the Control Center at 5:15am, the Wi-Fi was re-enabled.

You can read about this unexpected feature, on Apple’s own website: https://support.apple.com/en-us/HT208086

You will be OK, as long as you know that if you want to turn off Wi-Fi, you have to go to the settings menu and turn Wi-Fi off there.

Please forward this to anyone you know who knows that turning off the Wi-Fi on their phone can increase their safety from attackers. Help them know that the only way to turn off Wi-Fi is to go to settings, not to the easy to reach control center.

The post New iPhone and iPad iOS 11 Can Quietly Override Your Attempt to Be Secure appeared first on Foster Institute.

Knowing that updates might cause a problem, please back up your computer first. You are backing up all the time already, right? Time Machine is a wonderful tool and is built in. If you want to supplement Time Machine with an additional backup, Carbon Copy Cloner from Bombich dot com is very popular and clients experience great results. You’ll need a couple of external USB drives, but the investment is worth it.

In case you are not familiar with how to apply patches, here are instructions:

On your Apple computer, even if your computer is set for automatic updates, it is good to verify that you have the most recent patches. Click on the image of the apple in the top left corner, and choose App Store. If not already selected, choose Updates inside the title bar that already contains the words: Featured, Top Charts, Categories, Purchased, and Updates. You may see many updates for your applications, and those are fine to apply, but the urgent one is the update called macOS Sierra Update and the version is 10.12.5. If you’ve not updated in a while, you may see other macOS updates too.

iPhone and iPad users, press on the Settings icon that looks like a gear. In the left-hand column, select General, and you’ll see Software Update on the right-hand column near the top. The most recent patch is for iOS 10.3.2.

If you want to configure automatic updates for your Apple computers, find instructions by searching for this phrase in Google: Automatic security updates os x site:apple.com

If you want to configure automatic updates for the iPhone and iPad, find instructions by searching for this phrase in Google: Automatic security downloads iOS site:apple.com

Please forward this to everyone you know who uses Apple devices and you want to help be more secure…

The post Get Apple’s Urgent Patches that Fix Dozens of Security Holes appeared first on Foster Institute.