Are Macs immune to malware?

Windows computers tend to deal with an assortment of malware, but many people fail to realize that even Apple computers face similar threats. As cybercriminals have become more adept at finding exploits and other vulnerabilities, more and more Macs have also fallen prey to malware. Here are some threats you need to look out for to keep your Mac safe.

What are the threats that can affect your Mac?

There are several forms of malware that hit Apple products, and their effects can range from ones that are merely annoying to downright destructive.

  1. Adware – These are unwanted programs that bombard users with pop-up advertisements. Some malicious adware piggyback spyware like keyloggers and keyboard sniffers onto their deployment protocols, allowing them to record your typing habits and monitor your browsing behavior.
  2. Sniffers – These are usually designed to detect certain words on a web page and in a person’s typing pattern in order to trigger the keylogger. For instance, when you type your password, sniffers can activate the keylogger to copy the information you type and steal your login details.
  3. Trojan horses – These can infect both Macs and PCs, and they are often deployed through fake software installers or unsecured updates. They parade as legitimate software that actually contain a nasty surprise once installed. A notorious Trojan horse for Macs is the MacDownloader, which attempts to steal personal data stored in iCloud Keychain.
  4. Macro viruses – These attack computers by running a code that can take screenshots, format hard drives, corrupt files, deliver more malware, and access webcams and microphones. They are triggered when a user opens an infected macros-enabled file, hence the name.
  5. Ransomware – Macs managed to hold off ransomware for a while, but nowadays, even they can be vulnerable to it. KeRanger was one of the first big ransomware outbreaks in Macs. After remotely encrypting the computer and hibernating for three days, KeRanger would issue a .txt file containing instructions for decryption in return for one bitcoin.

Telltale signs your Mac is infected

Now that you know what kinds of malware your Mac could be affected with, here are some ways to tell if your computer is infected with one:

  1. Pop-up ads – If you’re seeing more pop-ups on your computer than usual, your computer is probably infected. An unusual amount of banner ads and pop-ups may mean that your computer is due for an update and/or a virus scan.
  2. Slowness – Mac users fear one thing above all: the spinning wheel of death. This little rainbow-colored spinning cursor wheel indicates that the computer is having trouble processing at usual speeds. This slowness can often be caused by overwhelming requests from simultaneous processes — likely of dubious origin — running in the background.
  3. Browser issues – Viruses sometimes do weird things to Safari or Google Chrome such as change its homepage or redirect a preset landing page to a site you’ve never seen before. If your browser starts behaving oddly, crashes regularly, or is often unresponsive, your Mac might have a virus.

Computer security is a matter of importance no matter what operating system you use. Reach out to our experts for an assessment of your network today.

This post was originally published on this site

5 Tips to combat VoIP eavesdropping

Eavesdropping is a form of cyberattack that has been around for years. Cybercriminals have been listening in on Voice over Internet Protocol (VoIP) phone calls since the technique was proven to be effective in obtaining valuable information, and they are showing no signs of stopping their malicious activities anytime soon. Fortunately, there are some things you can do to combat VoIP eavesdroppers.

Change the default configurations of your VoIP system

Using your VoIP phones without changing the default configurations can be the worst mistake you can make. These days, it’s easy for hackers to search vendor documentation for things like default usernames and passwords. Depending on your VoIP provider and phone model, you should have the option of changing the default login credentials on your handsets.

Get updates from your handset vendor

In 2015, Cisco detected vulnerabilities in their VoIP phones that enabled attackers to listen in on phone conversations. Cisco quickly released security alerts to inform their customers about these vulnerabilities, giving them enough time to address the issues. The lesson here is you must regularly monitor advisories from your hardware vendor or work with an IT provider that does so for you. Without proper monitoring, you won’t know how susceptible your corporate VoIP phones are to eavesdropping.

Update session border controllers

Another way to combat VoIP eavesdropping is to constantly update your session border controllers (SBCs). By doing so, you’ll be updating your VoIP’s antivirus software, which means your systems are better protected from constantly evolving cyberthreats. Routine SBC updates are essential for securing SIP trunking as well as responding to new threats.

Encrypt VoIP calls

If you work in a regulated industry like healthcare or finance, encrypting VoIP calls is essential to staying compliant. Work with your VoIP provider and auditors to determine the best encryption options for your communications infrastructure. Many cloud VoIP providers offer call encryption guidelines, and some even offer it as a premium service.

Build a hardened VoIP network

Make sure your VoIP network has:

  • IP private branch exchange (PBX) using minimal services, so that the hardware can only power the PBX software
  • Firewalls with access control lists set to include call control information
  • Lightweight Directory Access Protocol lookup, and signaling and management protocol
  • Reinforced endpoint security with authentication at the endpoint level

To effectively defend against VoIP eavesdropping, businesses need to take a holistic approach to cybersecurity. This includes enforcing policies, deployment, and security practices that will keep malicious agents out of your network. Feel free to contact us for further information on how to protect your business.

This post was originally published on this site

5 Tips to combat VoIP eavesdropping

Eavesdropping is a form of cyberattack that has been around for years. Cybercriminals have been listening in on Voice over Internet Protocol (VoIP) phone calls since the technique was proven to be effective in obtaining valuable information, and they are showing no signs of stopping their malicious activities anytime soon. Fortunately, there are some things you can do to combat VoIP eavesdroppers.

Change the default configurations of your VoIP system

Using your VoIP phones without changing the default configurations can be the worst mistake you can make. These days, it’s easy for hackers to search vendor documentation for things like default usernames and passwords. Depending on your VoIP provider and phone model, you should have the option of changing the default login credentials on your handsets.

Get updates from your handset vendor

In 2015, Cisco detected vulnerabilities in their VoIP phones that enabled attackers to listen in on phone conversations. Cisco quickly released security alerts to inform their customers about these vulnerabilities, giving them enough time to address the issues. The lesson here is you must regularly monitor advisories from your hardware vendor or work with an IT provider that does so for you. Without proper monitoring, you won’t know how susceptible your corporate VoIP phones are to eavesdropping.

Update session border controllers

Another way to combat VoIP eavesdropping is to constantly update your session border controllers (SBCs). By doing so, you’ll be updating your VoIP’s antivirus software, which means your systems are better protected from constantly evolving cyberthreats. Routine SBC updates are essential for securing SIP trunking as well as responding to new threats.

Encrypt VoIP calls

If you work in a regulated industry like healthcare or finance, encrypting VoIP calls is essential to staying compliant. Work with your VoIP provider and auditors to determine the best encryption options for your communications infrastructure. Many cloud VoIP providers offer call encryption guidelines, and some even offer it as a premium service.

Build a hardened VoIP network

Make sure your VoIP network has:

  • IP private branch exchange (PBX) using minimal services, so that the hardware can only power the PBX software
  • Firewalls with access control lists set to include call control information
  • Lightweight Directory Access Protocol lookup, and signaling and management protocol
  • Reinforced endpoint security with authentication at the endpoint level

To effectively defend against VoIP eavesdropping, businesses need to take a holistic approach to cybersecurity. This includes enforcing policies, deployment, and security practices that will keep malicious agents out of your network. Feel free to contact us for further information on how to protect your business.

This post was originally published on this site