Showing posts from December, 2019

Security Bulletin: Undervoltages in Intel Processors can lead to possible security flaws.

"Undervoltages" in Intel Processors can lead to possible security flaws. A security bulletin released recently by Sophos disclosed a flaw in Intel Processors whereby an attacker could take advantage of the voltage control mechanism of a computer.  By slightly lowering the voltage the computer processor would start to generate small, undetectable errors in mathematical computations.  This would allow the attacker to bypass certain security features built into Intel processors.  The new exploit has been dubbed "Plundervolt" (an exploit is defined as getting a program to do something the author did NOT intend). Considerable details about the flaw (including technical jargon) are provided [ here ] at  Videos regarding the exploit are also available [ here ] at the official "Plundervolt" website. Intel has released a security advisory regarding the exploit [ here ].  Their recommendation is to update the BIOS of your computer.  The BIOS

Security Bulletin: Apple troubles with malware and location privacy

Nerd Cave Security News for December 9th, 2019 A newly discovered Mac malware uses a "fileless" technique to avoid anti-virus detection. Although not entirely "fileless", this malware is disguised as a crypto-currency app called "UnionCryptoTrader.dmg".  Once executed, it creates an executable file in memory, without ever touching the hard disk, thus avoiding detection by anti-virus programs. For more information about this virus and a means to detect it, go to . The iPhone 11 still makes location requests even when the user has disabled this feature. In an article on it was pointed out that the location icon occasionally appears on the iPhone 11 even when the location feature has been disabled.  Apple explained the behavior was tied to short-range technology that allows users to share files locally (i.e. AirDrop).  Apple stated it plans to include an option to disable this behavior, it just hasn&#

Security Bulletin: Steam Users beware of new [phishing] scams

Nerd Cave Security News for December 5th, 2019  posted a new security warning regarding a new Steam "phishing" scam. Steam  is a video game digital distribution service (not to be confused with  STEAM Education ) which allows users to purchase their favorite game titles online.  Once a title is purchased, it remains in their library for the life of the their account. "Phishing" is an attempt by hackers to recreate a web service login, such as an online bank or other service that requires login credentials.  When the user enters their information and submits the form, the hackers then have their login credentials (more information  [here] ). Apparently hackers went to considerable trouble to perfectly re-create the Steam login page, right down to the two-factor-authentication (2FA) used by  2FA is a means of extra-verification when you log into certain web services.  It usually consists of answering a special question or (in Ste

Security Bulletin: Microsoft Patch Tuesday and Netflix Freeze scam

Nerd Cave Security News for December 1st, 2019. If you use Netflix, don't fall for this scam.   Emails are being sent indicating your Netflix account has been frozen.  You are offered a link to log into your Netflix account.  If you log in you'll inadvertently hand over your Netflix username and password.  For more information, click  [here] .  Microsoft Patch Tuesday has come and gone.  There are security flaws in Internet Explorer as well as bug fixes for Office for Mac. There are also a number of other security bulletins listed here, including Adobe Flash Player and Google Chrome.  Users of Windows 7 are also being reminded that security updates for Windows 7 will cease after January 2020.  For more information, click  [here] . Remember, if you need computer service, web development or application development be sure to contact us  [here] . The Nerd Cave Tech Support and Web Development ‪(747) 248-7790‬

Nerd Cave website updates

The Nerd Cave website has recently been updated . Security bulletins, updates and special offers will now be posted regularly on the website home page. An easier means to request quotes for service is also available from the website home page. Since a number of requests have been made for the link to pay for services, the  Paypal  link has been added to the  Hours and Rates  page.  It is also included in every invoice that is emailed to customers. It should also be noted for smart phone users that any phone number displayed on the website can be touched and dialed automatically.  Desktop computer users can use this if they have  Skype  or another compatible program installed on their computer. If you have any questions or any need for Nerd Cave services feel free to  contact us . Best, Jeffrey Cobb The Nerd Cave Tech Support and Web Development ‪(747) 248-7790‬