Two New MacOS Virus Found in the Wild and Google’s New CSI Facial Recognition Tech

 

Was MacOS been hacked? With the new Windows-like macros that sends virus over MacOS, how can we stay safe from it and what to do when you encounter one.

Also, how real and how useful can Google’s new Artificial Intelligence (AI) system be?

Related articles:

Real life CSI: Google’s new AI system unscrambles pixelated faces

http://CraigPeterson.com/news/real-life-csi-googles-new-ai-system-unscrambles-pixelated-faces/11683

New MacOS virus uses old Windows tricks to get into your laptop

http://CraigPeterson.com/news/new-macos-virus-uses-old-windows-tricks-to-get-into-your-laptop/11680

More stories and tech updates at:
www.craigpeterson.com

Don’t miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Transcript

TTWCP-DAILY-31_2017-02-13_ Two-New-MacOS-Viruses-Found-in-the-Wild

Below is a rush transcript of this segment, it might contain errors.

 

Airing date: 02/13/2017

Two New MacOS Viruses Found in the Wild – Google’s New CSI Facial Recognition Tech

 

Craig Peterson: HI, Craig Peterson here. We are going to do a couple of quick hits today. I’ve got this cold. Had the flu. Wow it is definitely that time of the year. We’re going to talk about a new vector attacking your Mac and it’s kind of an old vector frankly. It’s something that’s been used in the past in the Windows world and we are also going to spend just a couple minutes here talking about some real life CSI. These are things I talked a little bit about over the weekend on my Clear Channel radio show over on iHeart, also on the iHeart app. But we’re going to get a little more detail take it from a different angle today. Stick around.

 

(TTWCP EARWORM)

 

Hey welcome back. Boy, you know, the more time goes on the more, the more frustrated I get because these attacks just keep rearing their ugly heads. And what I’m referring to right now is a macro attack. You probably remember these. These have been around forever. Microsoft Word, of course, a huge attack, vector over the years. Something many, many people have used to write malware. And the whole idea is you get a Microsoft file like a word doc or you get an Excel doc and Microsoft lets you put macros in there. Now the whole idea is wow, you know, if you’re more advanced you can write macros and these macros can do almost anything. So you can pull in data from a little table that you might have, from a database you might have. You could write out special reports. We have one client that uses Word macros to talk to their mainframe in order to pull data, then it munches it in order to make some special reports, bids, proposals. All kinds of neat stuff. And you know that’s kind of cool isn’t it. But on the other hand, macros don’t have the security checking in them. They probably should. Remember most of the people writing code, if you will, leave macros. People writing spreadsheets, like Excel spreadsheets, are not IT professionals. They’re not considering all of the security implications of what they’re doing because they have no idea, right? They don’t know how the network is really working, how different ports communicate with different devices on different services and kind of on and on and on. And how an external hacker might use them. Or how about if they’re macro got compromise? How about if their Word document or Excel spreadsheet was leaked outside the organization? And now it has access to your organization’s database because they set it up so they could run it from home on their laptop in case they were out sick. Kind of like what I should probably be doing today.

 

So how do you keep control of that? And the bottom line is, you know what, you don’t. You can’t. There are more and more parts of your business that are doing these types of things. Writing these types of macros. Doing this type of code. As their tying now in to cloud services more and more. So what used to be in that glass house, back down in the IT computer space is now in the lines of business. So we see more and more problems, frankly, not fewer and fewer. Microsoft, sure they’ve done a few things to tighten it up and done a lot of stuff in some ways to tighten up the security but it just isn’t tight enough, yet. Not even close. And people are using it more and more which means what? It means there’s going to be more vulnerabilities. Now many people have learned that if you get a word doc, or you get an Excel spreadsheet and it pops up and says hey, can we run the macros? You want to run the macros? Most people know, no, I’m not going to do the thing because it could be very dangerous. It could lead to security breaches. It could cause my home machine to become corrupt, etc. etc. right? So they don’t do it.

 

Well, how about on the Mac side, right? One of my biggest frustrations on, in the Apple side and with Macs and with iOS’s, businesses think that they just work. There’s nothing to do, right? So, yeah, I’ve been offering Mac services now forever and we are heavily involved with Apple, as you probably know if you listened for a long time. I’ve been on Apple’s ACN Advisory Council now for, I think going on 3 years. So I meet with Cupertino. So, you know, full disclosure here. But I get very, very frustrated at the users who just grab them and run. And they expect it to work, just work properly, interact properly with everything else that’s out there on the network and they expect it to be safe. So people are using that. People are taking advantage. The bad guys are taking advantage of these people that think Apple is a Panacea. And they are using the old tricks that work great in the Windows world and unfortunately are still working pretty well. In the Windows world, they are putting macros into Microsoft documents and they’re sending along the document, right. They’re emailing them to people. People are opening them up and what appears? What appears right there on your screen? This document contains macros? Do you want to disable the macros before opening the file, right? Now that’s something that you probably are aware of. Probably should be aware of. How about this other one, Install updates to Adobe Flash Player. This tool finds and updates Flash Player from your Mac.

 

Now in both of these cases, the spelling’s a little wrong, okay? So if you’re really, really paying attention, you’ll notice the spelling mistake. But remember too that they’re going to get better. They’re going to get smarter. They’re not going to have those types of spelling mistakes in the future. So should you enable macros? Obviously the answer is no. Do not enable the macros. There are some pieces of software out there that can help protect you against this. I can help you with that. If you have questions, send me a note. You can just text me or you can email me. You can just find it there at http://CraigPeterson.com. I’d be glad to point you in the right direction. You can find a little bit about this also on my website at http://CraigPeterson.com. I’ve got pictures. I got links to some articles about this whole thing. The next web has it as well. But you’ll find it right there at http://CraigPeterson.com.

 

So be very careful. Don’t open these things up. Ars Technica is saying that there are now reports that security researchers have found two separate new MacOS viruses that rely on these old Windows tricks. Okay, the next thing is something that is very concerning to me. If you heard me on Saturday, you know I’m concerned about it. Google has a new artificial intelligence system and this AI system is designed to take an extremely pixelated picture. An 8 x 8 pixel picture. Full color of a face and unpixelate it if you will. So you take that 8 x 8 and turn it into a 32 x 32 face. And I’m looking at examples here that really concern me because they use a neural network. The network is learning. It has examined thousands upon thousands of pictures to figure out, given this combination of pixels, 8 x 8 pixels, and the colors within those pixels, what might the original picture look like, right? So it’s doing this with the total of 64 pixels with probably 255 different colors in each one of those pictures which would come to a total of about 16,000 different pictures it could become if you will. But they’re kind of, as Google said, they’re kind of hallucinating.

 

The pictures of faces look pretty darn good. Pictures of other things like rooms, not as good. But it’s amazing. But they’re also need to use some of this technology to slow down, excuse me, speeds up the download rate of pictures. So it compresses the pictures. It sends them. And then on the other side, it interpolates the picture putting in details that were lost in the compression process. That is very, very cool. So they’re able to take an original picture. Reduce by 2 or excuse me, 3/4 and then use their software to restore the detail on the device. Now, remember most pictures don’t necessarily have to be exact? You’ve got a picture of a guy on a surfboard and that obviously get a lot of ocean in it. It’s got some water spraying. It’s got the guy. That doesn’t need the detail. So loss of detail there. The lossiness of the picture is not terribly bad. But I get concerned when I see this. I know that the CSI fans are going to jump all over this. Obviously, law enforcement has a need for it because we can’t. We can’t do what they do on TV where they take this pixelated picture and say enhance it for us and lo and behold it’s enhanced. It just doesn’t work that way. Until now.

So we’ll see how this works out. And going forward, I’m a little bit concerned but who knows? Hopefully, hopefully it won’t be a bad thing. It’ll just be good thing. You’ll find these two articles up on my site http://CraigPeterson.com. Make sure you subscribe to my podcast. http://CraigPeterson.com/ iTunes. And as I found out last week from a friend of mine, he was having nothing but trouble on his Android device. So if you’re on Android and you want listen to the podcast just download the TuneIn app and search for Craig Peterson. You’ll find me and you’ll get every one of the podcast. Have a great day and will talk to you tomorrow.

—-

Don’t miss any episode from Craig. Visit http://CraigPeterson.com/itunes Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We’re really hitting it out of the park. This will be a great year!

Malcare WordPress Security