By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

FBI and CISA officials said it was impossible to predict when the telecommunications companies would be fully safe from interlopers. Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers. The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers. A spokesperson for the Chinese Embassy in Washington did not immediately respond to a request for comment. In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China’s intercepting their communications. “Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” Greene said. The FBI official said, “People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant” multi-factor authentication for email, social media and collaboration tool accounts. The scope of the telecom compromise is so significant, Greene said, that it was “impossible” for the agencies “to predict a time frame on when we’ll have full eviction.” The hackers generally accessed three types of information, the FBI official said. One type has been call records, or metadata, showing the numbers that phones called and when. The hackers focused on records around the Washington, D.C., area, and the FBI does not plan to alert people whose phone metadata was accessed. The second type has been live phone calls of some specific targets. The FBI official declined to say how many alerts it had sent out to targets of that campaign; the presidential campaigns of Donald Trump and Kamala Harris, as well as the office of Senate Majority Leader Chuck Schumer, D-N.Y., told NBC News in October that the FBI had informed that they had been targeted. The third has been systems that telecommunications companies use in compliance with the Commission on Accreditation for Law Enforcement Agencies (CALEA), which allows law enforcement and intelligence agencies with court orders to track people’s communications. CALEA systems can include classified court orders from the Foreign Intelligence Surveillance Court, which processes some U.S. intelligence court orders. The FBI official declined to say whether any classified material was accessed. Privacy advocates have long advocated using end-to-end encrypted apps. Signal and WhatsApp automatically implement end-to-end encryption in both calls and messages. Google Messages and iMessage also can encrypt calls and texts end to end. The FBI and other federal law enforcement agencies have a complicated relationship with encryption technology, historically advocating against full end-to-end encryption that does not allow law enforcement access to digital material even with warrants. But the FBI has also supported forms of encryption that do allow some law enforcement access in certain circumstances. Even though the hacking campaign was first publicly disclosed in the lead-up to the election, the U.S. believes it was not an attempt to sway results, the FBI official said, but instead a massive but traditional espionage operation by China to gather intelligence on American politics and government. “We see this as a cyberespionage campaign, not dissimilar to any other approaches. Certainly the way they went about it was very, very specific about the telcos and the ISPs, but it fits into the cyberespionage bucket,” the FBI official said. For this and more visit OUR FORUM.

Apple is warning billions of Mac and MacBook users worldwide to update macOS as a matter of priority. The latest version of macOS Sequoia was released earlier this week as macOS 15.1.1. It comes less than a month after the major 15.1 release that addressed several small bugs and security fixes alongside the first wave of generative AI software in the Apple Intelligence suite. What Issues Face Apple’s Mac And MacBook Pro Laptops? Release notes for macOS Sequoia 15.1.1 list two issues addressed. The first is a fix to the JavaScriptCore (concerning “maliciously crafted web content”), the second fixes an issue with WebKit (concerning “Processing maliciously crafted web content may lead to a cross site scripting attack”). These are recorded as CVE-2024-44308 and CVE-2024-44309. Forbes contributor Kate O’Flahery has delved into the technical issues of these attacks. The importance of applying this update has been reinforced thanks to an intervention by the U.S. Cybersecurity and Infrastructure Agency" "Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates:" Update More Than Your Apple MacBook Pro The macOS update was launched simultaneously with iOS (18.1.1) and iPadOS (18.1.1) updates. Forbes’ contributor David Phelan has taken a closer look at the iPhone update—as well as the update to iOS 18 for the current range, Apple is providing an update to iOS 17 to ensure the fixes are available for the broadest range of iPhones as possible. macOS Sequoia supports every Mac and MacBook that runs on Apple Silicon. In addition to any Mac with these M-series chipsets, macOS Sequoia also supports several Intel-powered Macs—namely those with the Xeon W and Coffee Lake or later chipset. Effectively that means the iMac Pros released since 2017, iMacs released since 2019, MacBook Pros since 2018, Mac Minis since 2018, and Mac Pros since 2019 are also supported and should be upgraded as soon as possible. How To Update Your Apple Mac And MacBook Pro To start a manual update to macOS 15.1.1, go to the System Settings / General / Software Update and click Update Now. This is in a different location on older Mac hardware,, go to System Preferences and click Software Update. For more visit OUR FORUM.

Two unrelated stories have caught the imagination in recent days, both presenting a stark warning as to the risks in what you type into your Google search bar. Safe browsing is becoming ever more critical, as seen with Google’s new AI-powered security update coming to Chrome. But some of the dangers will surprise you. First let’s deal with a serious cyber threat caught by the security team at Sophos, which warned last week that “the internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.” It turns out that the latest trick to lure users into installing malware relies on niche search engine terms to push malicious links on those awaiting the results. This so-called SEO-poisoning needs fairly specialist terms, otherwise it would not be able to command headline top-of-the-page results. “In this case,” Sophos says, “we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: Are Bengal Cats legal in Australia?” Is that niche enough for you? “Our investigation,” the team reports, “revealed the threat actor was using SEO poisoning through an easily accessed online forum found via a simple Google search, initiated by the user for ‘Do you need a license to own a Bengal cat in Australia’… Immediately after the user clicks the link, a suspicious .zip file was downloaded to C:\Users\<Username>\Downloads\Are_bengal_cats_legal_in_australia_33924.zip onto the victim’s machine, and the user’s browser was directed to the URL hxxps:[//]www[.]chanderbhushan[.]com/doc[.]php.” Suffice to say, opening this compromised forum post would download a malicious ZIP-archive payload that would start the staged installation of dangerous malware. “Once used exclusively by the cybercriminals behind REVil ransomware and the Gootkit banking trojan,” GootLoader, Sophos warns, has now “evolved into an initial access as a service platform—with Gootkit providing information stealing capabilities as well as the capability to deploy post-exploitation tools and ransomware.” Clearly if you have an interest Bengal cats and you live in Australia, then you’ll need to be extra careful. I’m not sure if they’re legal in the country, and I don’t plan to Google to find out. I’ll leave you to do your own non-Google research. For everyone else, bear this attack in mind. If your search is particularly niche then you may be more susceptible to malicious links in search than more generic hunts. As ESET’s cyber guru Jake Moore warns, “criminals are clever with how they operate and often people will put a huge dose of trust in search engines assuming results are vetted prior to being ranked. Unfortunately, malicious actors are becoming more creative meaning people need to be vigilant across all parts of the internet.” The fundamentals don’t change though—be wary of links and installs. Usually this applies most to socially engineered attacks via social media, email or messaging platforms. This just adds search results into that heady mix. The second “be careful what you Google” story is very different. Just a few days before the Sophos report was published, a story appeared in several media outlets, warning that “a woman has revealed the four words you should avoid Googling to ensure the police do not pay an unexpected visit to your house.” As reported, a couple in Long Island “were browsing for everyday household items” when they inadvertently entered just the right combination to trigger a terrorism profiling flag, prompting law enforcement to pay them a visit. “So, if you don't want police to show up at your door, don't search the four words - 'pressure cooker bomb' along with the word 'backpack'.” The story was a little stretched given that this wasn’t a direct flag from an all-seeing computer system in DC analyzing Google searches, it was in fact the IT department at the husband’s employer who flagged the search and reported it to the local police. This was back in 2013, with the Boston Marathon fresh in people’s minds. “Following the couple's unintentional internet search, several black SUVs pulled up at the couple's house to ensure they were not a terrorist threat.” While the story has captured the imagination, it’s not the searches that will catch you out but the content returned by those searches. Accessing websites and links flagged as dangerous is more likely to see your browsing behaviour traced back to you than a search itself. That said, if you fall foul of law enforcement then a review of the search history on your devices or linked to your accounts is almost certain. As per The Hill, “the search history of Thomas Matthew Crooks, identified as the 20-year-old gunman who attempted to assassinate former President Trump at a rally outside Pittsburgh last weekend, includes photos of Trump and President Biden, among other things. Crooks, who was killed after opening fire at the campaign event, had searched dates of Trump’s appearances and the upcoming Democratic National Convention, FBI officials told members of Congress.” Unless you’re exceptionally careful with clean devices and no account logins, especially not a Google account login, and you use a VPN or even connect from a location unconnected to you, internet activity has a habit of coming back to bite. And that’s before the inevitable new threats from AI search engines start to appear. Learn more by visiting OUR FORUM.