Apple iPhone iPad iPod Ransomware - Device Locked Messsage?

"My device has been hacked" Cybercriminals have targeted a large number of users of Apple's iCloud connected devices with a sophisticated Ransomware in Australia.

The owners of iPhone, Mac and iPads are finding their devices locked remotely through iCloud and a message originating in Apple's find my device service that states "Device hacked by Oleg Pliss".

One user wrote on Apple Support Forum, "I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me."

The Locked Devices are prompting to send up to US$100 to a Paypal account of the suspected hacker in order to have them unlocked. But we urge our users not to send money to the given account, as PayPal spokesman confirmed that, ‘There's no PayPal account linked to hacker email addr and any customer who has sent money will be refunded’

Continue to get updates for Windows XP?

Still running Windows XP? While it is advised to switch over to Windows 7 or 8.1 for many reasons, a technique is being used to continue to get security patches for Windows XP, while this will not protect the system as a whole, it will provide more security for your Windows XP than without.

A relatively simple method has emerged as a trick for the XP users which makes it possible to receive Windows XP security updates for the next five years i.e. until April 2019.

It makes use of updates for Windows Embedded POSReady 2009 based on Windows XP Service Pack 3, because the security updates which are being released for POSReady 2009 are inevitably the same updates Microsoft would have rolled out for its Windows XP, if it was still supporting XP Operating System.

Windows Embedded POSReady 2009 is the operating system installed in "point-of-sale" (POS) systems such as restaurant machine, ticket machines or other customized version of Windows Embedded systems. POS machine most likely uses the XP operating system, therefore receives the same updates that are delivered by Microsoft for the officially unsupported version of Windows XP.

You are not allowed to directly install these Windows updates for your OS. In order to download new security updates for your Windows XP, you just need to perform a simple intervention into the Windows registration database.

STEPS TO FOLLOW:

*Open Notepad and create a new file.

*Copy and Paste the text below:


    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
    "Installed"=dword:00000001

*Save file as .reg extension and run it by double clicking it.
   

Once executed, you will find lots of pending updates in your Windows Action Center.

Because the extended support for Windows Embedded POSReady 2009 systems ends after 5 years, Microsoft will continue to deliver new security updates and patches for this version of its embedded operating system till April 9th, 2019, so users can use this trick to get security updates of Windows XP for another five years.

WordPress Vulnerability Contributes to DDOS Attacks

Are running a WordPress site? A recent vulnerability, actively being used to perform DDOS attacks, is making its rounds. Basically, a “pingback” function that is built into WordPress (enabled by default), allows an "attacker" to target a specific site and use the built in feature "pingback" of another site, to take a targeted site down. This means that a vulnerable WordPress site is used to attack another site, multiply that by thousands, and the "target" is unable to handle the vast amount of requests.  While this isn't a direct threat to your site, by leaving this vulnerability enabled, your allowing your site to be used as a weapon. While the WordPress team is aware of the issue, they are not likely to release a "patch" because this is considered a "feature" and one that many other plugins use.

A plugin exists that will mitigate this vulnerablity on your WordPress site, download/install this highly rated plugin (disable XML-RPC).

How secure is your WordPress site? With WordPress becoming increasingly popular as the platform for many websites, mostly due to the "ease of use" factor, we continue to find that many of these sites lack any "best practice". High Desert Technology can help assess and implement "best practice".   

More information regarding this "vulnerability" can be found at SECURI.

Stolen Coca-Cola laptops contained personal data

The question for us at High Desert Technology is why such a large company has not adopted encryption policies for ALL mobile devices/laptops. This and so many other news items should serve as a wake up call for all business, small or large. Does your current IT provider or staff have any encryption policies in place?  This is a standard for us, we employ encryption policies for ALL clients, big or small.  Safeguard your data today! Contact High Desert Technology

Coca-Cola said Friday that laptop computers stolen from its Atlanta headquarters held the personal information of up to 74,000 people.

The company has recovered the laptops and spokeswoman Ann Moore said Coca-Cola has no indication that the information on the stolen computers was misused.

Moore confirmed that the personal information on the laptops belonged mostly to employees or former employees of Coca-Cola Co.

Coke is sending letters to about 18,000 people whose names and Social Security numbers were found on the laptops.

Moore said the company cannot provide further details on the thefts because there is an ongoing law enforcement investigation.

To Protect and Infect - Jacob Appelbaum Discussion

NSA Spyware Gives Backdoor Access to iPhones 100% Success Rate

DROPOUT JEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.

 

What is perhaps more alarming than the hack itself is the NSA’s claim that it will always succeed with installing the spyware on any iPhone. Physical access is needed now to install the spyware, but a version that can be remotely installed is in the works.

 

Subscribe to our Newsletter

Search ALL Articles

Managed V. Non-Managed

 
NON-MANAGED=REACTIVE
MANAGED=PROACTIVE
 
 

ourprivacy.org

US-CERT Latest Warnings

Latest US-CERT Released Warnings

Posted Articles