Spooky IT Security Threats of 2015

Nothing can be more horrifying than finding out that hackers have intercepted you and your clients.

There had been reports on vulnerabilities on several systems that involve iOS, Windows, software applications, Androids, and routers in the past few months.

The idea of the hands of a stranger creeping into your confidential files can be terrifying, especially when you don’t understand how tedious and intricate disaster recovery can get.

So, just in case you have not received any notifications lately for password and security updates, perhaps you want to look into this list of spooky IT security threats you may have missed:

 

1. Android LTE Vulnerability

Wireless telecommunication companies AT & T and Verizon committed a blunder when they implemented LTE in Android devices without the appropriate licenses.

Subscribers using Android devices with LTE were put at risk of having strangers eavesdropping on their phone calls, or having their phone numbers spoofed to make calls. Some may even get billed for data that they have not used!

LTE is a new method of sending data through packet switching, making the transmission faster. However, this method opens the system to a vulnerability that is specifically directed against SIP (Session Initiation Protocol) commonly used for voice calls and Instant Messaging.

Google had already released a statement that they will fix the issue this month when they upgrade their systems but failed to release a list of Android devices in question.

The best thing to do is not get into any peer-to-peer network with your devices, which the hackers are looking into penetrating.

 

2. Stage Fright Malware

Stage Fright is a malware that hackers send Android users in the guise of a video sent by MMS. Android users don’t have to click on this malware to activate it. The built-in Hangouts app will automatically process the photos and videos from the malware app to show up on your gallery.

Once the malware is planted, the hacker can gain control of your device and have a field day with your photos and other data.

The best defense that subscribers have against this malware is by turning off the auto retrieve MMS function on your messaging app.

 

3. Netgear SOHO Router Vulnerability

Thousands of people rely on a small office/home office routers for their internet connections. Many of these persons are less tech-savvy consumers who are easy targets to hackers.

Researchers have discovered over 10,000 hacking vulnerabilities in routers by which hackers can use to intercept and redirect traffic going to you to their own devices.

To protect yourself, you can disable remote management over the internet, change your IP address into something more unpredictable, log out after configuring the router, turn off WPS that you use to authorize your clients to connect and use encryption methods instead, and keep your router systems updated.

Constantly changing passwords is still the most effective way to ward off cyber snoops and data thieves.

 

4. Cisco Routers SYNful Knock Attack

SYNful Knock is an implant that provides a backdoor to your confidential files.

Once implanted, hackers can control your router systems and monitor all communication coming through. It also makes it easier for them to load functional modules that infect your network devices and compromise their integrity.

The techniques used to implant SYNful knock are too intricate, making it difficult to get detected.

To protect users, Cisco has provided a step-by-step guide in monitoring and protecting your devices against a SYNful knock attack on their website.

 

5. iOS 9 Vulnerability

YouTuber, Jose Rodriguez, recently demonstrated how anyone can gain full access to another person’s gallery of photos, and a list of contact names and numbers by simply bypassing a lock screen.

Combating this is pretty simple. Just disable Siri by creating a good password combination.

 

6. Windows Vulnerability

Microsoft announced recently that a flaw was discovered in the old IE (Internet Explorer) browser wherein hackers can access any machines through websites that had been compromised.

Hackers, then, trick users into opening malicious files or by setting up booby trap websites and luring their victims to it.

Microsoft announced that they have already released a security patch to fix this bug issue, but it would be best to be wary about entering your details into suspicious websites.

 

7. Adobe Flash Vulnerabilities

Trend Micro discovered a vulnerability that affected some versions of Adobe Flash Player running on Windows, Macintosh, and Linux operating systems. The bug was found in the plug-in capabilities that opened the system to hackers if the program crashed.

Having failed in their first attempt to fix the issue, Adobe again released an update to fix this vulnerability in October and all that users need to do is to install the updates. Apple had also blocked outdated versions of the Flash player from their computers.

 

8. WinRAR vulnerability

WinRAR is probably the most widely used file compressor, and even this had not been spared from hackers using this software to get their hands into other people’s computers and stealing their data.

The bug affects WinRAR’s version 5.21. It can subject your computer to intruders planting compressed archives with malicious code that can compromise your system. There is no way to verify the validity of the files before it can be opened.

According to Malware bytes, the best way to protect yourself from the WinRAR bug is to avoid clicking on the archive twice but to extract the file instead by right-clicking. The bug can only be activated if you double click on it.

 

9. Self-Encrypting External Hard Drive

Self-encrypting external hard drives are supposed to ensure your data security but a trio of students believed otherwise.

Towards the end of September of this year, Gunner Alendal, Christian Kison, and Modg published an academic paper that confirmed that at least six Western Digital drives had vulnerabilities that can expose your data through encryption key leaks and backdoors.

To protect your data from the vulnerability, users need to reset their passwords for the second time.

 

10. Fitbit Flex Vulnerability

And just when you think a small fitness gadget is completely harmless, somehow, hackers have found a way to use the popular fitness tracking device, Fitbit Flex, to penetrate your computer and plant malware in it through the device’s Bluetooth radio. Just turn off the Bluetooth function to prevent this.

Hacking techniques seem to become creepier that even the most unlikely devices are now being utilized to get into your confidential files. And nothing can be more horrifying than to lose your data during the process.

The most advisable thing to do if this occurs is to seek the help of a reliable IT company that offers strong data recovery services. They will not only help you get your precious files back but will also be able to provide you with excellent advice on how you can secure your system further from other cyber attacks.