Learning Center

ACS will provide all your IT services in Wilmington, North Carolina

Posted on Author Atlantic Computer Services Categories Blog

Tech agility: A must-have for crisis survival

Tech agility: A must-have for crisis survival

It is a known fact that survival of any species depends on its ability to adapt to change. One major change for businesses in 2020 was the need to switch to the work-from-home model to keep things running during the time of pandemic. When countries all over the world started imposing lockdown restrictions, companies had no choice but to switch to remote operations if their line of business allowed them to do so. This blog post discusses the key challenges faced by businesses that had failed to adopt the latest technology on time.

Access to critical data and applications

For businesses that didn’t store their key data and applications in the cloud, this was a huge challenge. How do you ensure each of your employees have access to all the business data, programs and apps they need to operate efficiently? Companies that had already adopted the cloud as their core data storage means they didn’t face this challenge: everything was cloud-based and accessible from anywhere, using any internet enabled device (laptops/PCs/tablets/smartphones, etc., )

Cybersecurity concerns

With employees working from home, businesses’ fears of cybersecurity incidents were increased. Cybercriminals, on the other hand, knew full well all the security lacunae that existed in a hurried remote working environment setup and exploited them to the fullest. Industry reports showed that the initial few months of the pandemic saw an increase in cybercrime and related attacks on businesses.

Data loss

For businesses that didn’t operate in the cloud, data loss was another angle to look into. How do you ensure data backup and recovery when your staff is using their personal devices for work? Also, how to ensure they are taking all the precautions necessary to keep the data they are storing on their devices, safe?

Hardware issues

Some businesses provided their employees with work devices at home. For example, employees in some companies were allowed to take their office computers home for work use. But, that still didn’t solve the backup and recovery or cybersecurity challenges entirely, because the management still lacked ways to maintain control over the devices.

Phones

With employees working from home, it was a challenge for many businesses to manage their phone numbers–especially for client facing employees. Businesses with VoIP phone systems could make this transition easily, whereas those still relying on the traditional phone setup had to resort to cell phones and couldn’t use their business numbers for a while.

Key lesson: Move with the times, adopt new technologies, adapt to newer ways of working

0
Posted on Author Atlantic Computer Services Categories Blog

Some Windows 11 Upgrade Links Could Be Malware

There’s a new hacking campaign underway that you need to be aware of especially if you or anyone you know is interested in upgrading to Windows 11.

The campaign appears to be a legitimate offer from Microsoft and it gives users the opportunity to upgrade to Windows 11 for free.

Unlike many campaigns of this type, this one distinguishes itself in that it does not rely on emails that spoof the Microsoft brand.  Rather, it leverages “poisoned” search results that leads a surfer to a site controlled by the hackers.

This page is a convincing replica of the official Microsoft promo page for Windows 11. Of course, it’s got malicious code embedded in it and when the site visitor enters their personal information in order to receive a code for their free upgrade, all they’re doing is handing that information straight to the hackers.

What’s really going on here is that the hackers are taking advantage of the fact that the average user isn’t aware of many of the details surrounding Windows 11.

For example, most end users are unaware of the fact that Windows 11 must meet certain very specific (and demanding) specifications. These include the fact that all legitimate upgrade tools will check to see if the user’s machine supports TPM or Trusted Platform Mode (version 2.0) which is built into machines no older than four years of age.

Naturally, the poisoned installer makes no such distinction and will happily allow the user to install the malicious code on whatever machine they happen to be using.

The hackers behind this campaign are using a piece of malware dubbed “Inno Stealer” which does not have any code similarities to other strains of malware in the wild today. So apparently, it is custom work built either by or for the hackers currently using it.

The best and surest way to avoid being taken in by this campaign is to navigate to Microsoft’s site direct by typing in the URL.  Don’t rely on search result links to get you there and you should be fine.

0
Posted on Author Atlantic Computer Services Categories Blog

Netflix Will Soon Crack Down On Password Sharing

Netflix has been talking about cracking down on password sharing for years.  So far, it’s been just talk. Recently, the company suffered its first decrease in subscribers in recent memory. They lost more than 200,000 in the first quarter of 2022. That is a fact which sent their stock price reeling.

According to the company’s estimates, some 100 million households are currently sharing their passwords. It’s a safe bet that now the company is serious about it, so you can expect the crackdown to begin pretty much any time.

It was great while it lasted but Netflix is understandably eager to monetize those accounts and it’s under increasing pressure to do so.  With industry giants like Amazon Prime, Apple TV, YouTube, Disney+, Hulu, and others nipping at their heels, the company almost has to take decisive action.

Here’s what the company had to say on the matter:

“Our relatively high household penetration – when including the large number of households sharing accounts – combined with competition, is creating revenue growth headwinds. The big COVID boost to streaming obscured the picture until recently.

Account sharing as a percentage of our paying membership hasn’t changed much over the years, but coupled with the first factor, means it’s harder to grow membership in many markets – an issue that was obscured by our COVID growth.

While we work to reaccelerate our revenue growth – through improvements to our service and more effective monetization of multi-household sharing – we’ll be holding our operating margin at around 20 percent.”

Interestingly, the company’s lax policy with regards to account sharing likely contributed to its earlier growth.  Now the equation has changed, and the company is studying a few different approaches to help them recapture revenue lost to account sharing.

The most popular idea to date was “Paid Account Sharing.”  They charged a nominal fee that’s still less than a full monthly membership, so that at least they’re getting something from it.

That approach is likely so sufficiently light handed that the company’s massive user base won’t rebel, and it may prove to be an acceptable middle ground for everyone.  Time will tell.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Exchange Servers Targeted By Hackers

If you rely on a Microsoft Exchange server to handle email for your company, there is something you should be aware of. Recent research by security and analytics company Varonis has discovered that an affiliate of Hive ransomware has begun targeting Exchange servers that are vulnerable to ProxyShell security issues.

If the group in question finds a vulnerable server, they’ll install a variety of backdoors including Cobalt Strike beacon. That allows them to come back later and snoop around in your network for anything of value, steal administrator account credentials, make off with your company’s proprietary data, or encrypt your files and demand payment from you to get them back.

The exploited flaws are being tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31297. All 3 range in severity from 7.2 (high) to 9.8 (critical).

This group is hardly unique in exploiting these flaws.  They’ve been used by other hacker groups including Cuba, Babuk, BlackByte, Conti, and others.  The fact that the exploits seem to be growing in popularity among the hacking community is the most troubling aspect of the recent discovery.

Hive has been around since at least June of last year (2021) and the group has evolved considerably since they first appeared. That prompted the FBI to release a report detailing their activities and tactics to better prepare IT professionals for attacks the group might make against their organizations.

In October 2021, the Hive gang added Linus and Free BSD variants to their growing bank of tricks and they became one of the most active ransomware operations as measured by the frequency of their attacks.

Just last month, researchers operating out of Sentinel Labs discovered that the group is utilizing a new obfuscation technique in a bid to better mask the malicious payloads they introduce to infected networks.

All of this points to the fact that the Hive group is actively working to improve the efficiency and effectiveness of their attacks.  Stay vigilant and be on the alert for this group.  They’ve got a well deserved reputation for being dangerous.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft May Have A Fix For Windows 10 Freezing Issue

Has your Windows 10 machine been mysteriously freezing up on you lately?  If it has, you’re not alone.  Fortunately, Microsoft’s engineers have identified the root cause of that issue and have released a patch that fixes it.

The patch you’re looking for is KB5012636. Be aware that this is a cumulative update preview patch for both Windows 10 (1809) and Windows Server 2019.  It is part of the company’s scheduled April 2022 “Schedule C” update, which does not contain security fixes. The security fixes will be released on May 10th on Patch Tuesday.

Since the Schedule C patches don’t contain security updates, they are entirely optional. Although in this case, if you’ve been suffering through system freezes, you’ll probably want to make it a priority to grab and install this one.

If you’re not accustomed to installing Schedule C patches, the process is straightforward.  Just go to “Settings” and then “Windows Update.”  Once there, you’ll need to manually select “Check for Updates” since it’s optional and note that Windows won’t actually start installing it until you click the “Download Now” button.

In addition to addressing the mysterious freezing issue, this update does the following:

  • Adds improvements for servicing the Secure Boot component of Windows
  • Addresses an issue that caused VCO (Virtual Computer Object) password settings failure on a distributed network name resource
  • Addresses an issue that causes the KDC (Key Distribution |Center) code to incorrectly return the error message “KDC_ERR_TGT_REVOKED” during domain controller shutdown

Unless you’re a system admin, those changes may mean nothing to you, In fairness, they’re not earthshaking changes in any event.  The biggest reason you might want this patch is to address the freezing problem. So again, if you’ve been experiencing that and want to be rid of the headache and hassle, get the update today.

0
1 32 33 34 35 36 238