Facebook and Apple Hacked: How To Avoid it On Your Computer
by Debra N. Diener J.D. CIPP G
By now you probably have read about the latest hacks of corporate computer networks. The latest being reported were the Facebook and Apple incidents. News reports are now saying, with some level of assurance, that the companies know how this happened. Their employees visited an iPhone developers’ website that was completely infected with malware. The malware exploited a vulnerability in a Java plug-in for browsers.
You might be thinking that this kind of attack couldn’t affect individual computers. That would be comforting but, unfortunately, it would be a wrong assumption. Zack Whittaker, for Zero Day, has an excellent article about the recent hacks — how it happened and what steps individuals can, and should, take to make sure they don’t fall prey to the same malware.
His article, “Facebook, Apple Hacks could affect anyone: Here’s what you can do” (www.zdnet.com) has the key “what not to do”. Do not visit the same website that the Facebook and Apple employees did! That website is “iPhone DevSDK”. If you want to see what that site looks like, Mr. Whittaker’s article has a screen shot — and that’s as close as you should get to that site.
Mr. Whittaker offers 4 other specific steps to take to make sure your computer isn’t infected already. His recommendations include disabling or removing Java completely and running a full malware sweep.
On a related note, on February 19th, Oracle released a new Java security update. It also announced plans to speed up the release of future Java patches following these, and other, breaches related to the Java vulnerability.
Take the time to read Mr. Whittaker’s article so you’ll know how to try and avoid this particular malware trap.
_____________
Ms. Diener is now an independent consultant on privacy, identity management, information protection and risk management. She served in senior managerial, legal, policy and legislative positions in all three branches of the Federal government. In addition to her privacy expertise, Ms. Diener played a lead role on such important domestic and international issues as criminal justice/law enforcement and financial services. She speaks frequently at industry and governmental conferences and meetings.