Learning Center

ACS will provide all your IT services in Wilmington, North Carolina

Posted on Author Atlantic Computer Services Categories Blog

Intel Confirms Leak of Alder Lake BIOS Source Code

After a source code leak was posted by an unidentified third party on 4chan and GitHub last week, the technology giant Intel has confirmed that confidential source code related to its Alder Lake CPUs has been leaked.

The disclosed information comprises UEFI (Unified Extensible Firmware Interface) code for the company’s 12th-generation CPUs that were released in November 2021.

It is believed that the leaked data also contained multiple references to Lenovo, including code used for integration with Lenovo String Service, Lenovo Cloud Service, and Lenovo Secure Suite.

According to Intel, the source code is genuine and is their “exclusive UEFI code.” Furthermore, the technology giant stated that it doesn’t believe this exposes any new security vulnerabilities as it does not rely on the obfuscation of information as a security measure.

Sources from Hardened Vault noted that attackers can still gain significantly from the breaches even if the disclosed OEM implementation is only partially deployed in production.

According to other sources, a private encryption key called KeyManifest, which is used to protect Intel’s Boot Guard platform, was also exposed in the breach.

It is unknown whether or not the compromised private key is used in production. Still, if it is, it might allow hackers to alter the boot policy of Intel’s firmware and bypass the company’s hardware-level security measures.

Despite the fact that the source of the leak remains unknown, it’s clear that sensitive information about Intel’s Alder Lake CPUs has been exposed. This breach might allow attackers to exploit security measures put in place by Intel. If you have discovered a vulnerability in the source code, you can report it to Intel’s Project Circuit Breaker bug reward program. Depending on the severity of the issue, you could be eligible for a reward of up to $100,000.

 

0
Posted on Author Atlantic Computer Services Categories Blog

New AI Upgrades to Adobe Photoshop and Premiere Elements

While Premiere Elements 2023 is receiving a couple of new features and a considerable speed boost, Photoshop Elements 2023 adds some powerful new features and enhanced performance. Along with these enhancements, both editors have been given a boost from Adobe Sensei, the company’s universal AI.

While Premiere Elements 2023 is receiving a couple of new features and a considerable speed boost, Photoshop Elements 2023 adds some powerful new features and enhanced performance. Along with these enhancements, both editors have been given a boost from Adobe Sensei, the company’s universal AI.

Adobe’s mission is to make video and photo editing more efficient, regardless of the user’s skill level.

The latest editions of the Elements software rely heavily on artificial intelligence. For example, thanks to the new AI implementations, one of the most eye-catching editing features in the new Photoshop Elements 2023 is the ability to convert still images into moving photos.

Adobe demonstrated how easy it is to add movement elements to still pictures. This demonstration showed how you could quickly add animation to bring a waterfall picture to life. All you have to do is select the Moving Elements tool, choose the region to be animated, and specify the movement’s direction. The newly released Photoshop Elements also includes an excellent range of overlays, patterns, backgrounds, and other features.

As for the video editing software, Premiere Elements 2023 will automatically recognize faces and tag videos, making it easier to find friends and family for compilation videos. Another handy feature is auto-reframe; this feature lets you switch between portrait and landscape modes without sacrificing any of the crucial details of the scene. The last features worth mentioning are the different aesthetic effects that can be applied to a video clip and the Auto-Creations feature that automates editing.

The introduction of a three-way “connected experience” has also been announced by Adobe. With the release of web and mobile apps for iOS and Android, users can now view and share media on their mobile devices. In addition, users can make basic edits from a browser.

In addition to the new features, Adobe claims that these new versions are lighter than last year’s versions and that the software launches 50% faster. They also claim that installs are now 35% faster.

Each application is priced at $100 or $80 if upgrading from a previous version. The two applications can be purchased in a bundle for $150 or upgraded for $120.

 

0
Posted on Author Atlantic Computer Services Categories Blog

Cloudflare Revolutionizes CAPTCHAs

Turnstile, an ambitious new project from Cloudflare, aims to do away with the CAPTCHAs that are now being used on the internet to confirm users are not robots.

Turnstile utilizes a revolving set of “browser challenges” to verify that visits to a website are not, in fact, bots. This service is free for all website owners, whether they are Cloudflare clients or not. The company stated that their CAPTCHA replacement would also increase user privacy on the web since sites that use it won’t need to submit user data to Cloudflare.

Back in June 2022, Cloudflare stated that iOS and macOS users would be the first to receive the technology’s benefits while accessing webpages hosted on the company’s network.

It remains to be seen if website owners will opt for Turnstile instead of the current CAPTCHA. However, according to statistics, 97.7% of the top million websites utilize Google’s reCAPTCHA, the market’s most popular CAPTCHA tool. To make Turnstile more accessible, Cloudflare is developing plugins for popular platforms like WordPress.

Turnstile appears to be a more fair CAPTCHA system for several reasons.

According to security researchers, Google’s most recent iteration of reCAPTCHA violates users’ privacy by weighing the presence of a proprietary cookie in a browser to determine whether or not a user is malicious. Cloudflare claims that Turnstile avoids this problem for all users.

It’s worth noting that users that utilize firewalls to defend against cookie hijacking attacks may experience issues with cookies weighting verification. In addition, users that constantly remove their cookies to avoid being tracked around the internet also have problems with reCAPTCHA.

Turnstyle provides an alternative to Google’s stronghold on CAPTCHA services for website owners.

It’s not easy to consider Cloudflare’s Turnstile as anything other than a good thing right now because it’s a privacy-focused solution that aims to enhance user experience. Still, only time will tell if Turnstile manages to replace the Captcha functionality.

0
Posted on Author Atlantic Computer Services Categories Blog

DDoS Attacks Target Major U.S. Airports

Some major U.S. airports’ websites were inaccessible early on Monday, October 10, 2022, due to a coordinated denial-of-service assault orchestrated by professional hackers. However, officials said flights were unaffected.

The assaults, in which participants bombard sites with garbage data, were planned by a mysterious organization named Killnet. The group posted a target list on its Telegram channel the day before the attacks.

Even though DDoS attacks are highly visible and meant to have the most psychological impact possible, they are mostly a nuisance. This differs from hacking, which involves breaking into networks and can cause severe damage.

John Hultquist, vice president of intelligence analysis at Mandiant, tweeted on Monday that both the state government and airport assaults “are what we make of them,” describing the DDoS impact as superficial, brief, but highly noticeable. However, the post added that he is concerned that we may be entering a new phase of increased targeting in the U.S. that might include more severe incidents.

Hultquist also stated, “These are not the serious impacts that have kept us awake.” Most of the time, these attacks show that webmasters aren’t doing enough to protect their sites, which now includes using a DDoS protection service.

The Los Angeles International Airport has issued a statement saying that flylax.com had some difficulties early this morning. However, the outage was restricted to their website alone, and no internal airport systems were affected. LAX added that it had contacted the Transportation Security Administration and the FBI.

The Atlanta International Airport said that following the DDoS assault, its atl.com website is back operational and that airport operations were never affected.

According to a CISA spokesperson, the agency is aware of reports of DDoS assaults targeting numerous U.S. airport websites and is coordinating with possibly impacted entities and giving help as needed.

One hour before the first airport, Chicago O’Hare, was hit, Killnet announced the assaults on the airports via the Killnet Telegram account at 6:50 a.m. EST.

DDoS attacks are mostly a nuisance but can be disruptive. A group or organization usually carries them out, and target websites are chosen ahead of time. Unfortunately, the U.S. is not the only country to fall victim to these attacks, as they have been happening worldwide. While most of the time, these attacks are not severe, it is essential to be aware of them and take steps to protect websites from being attacked.

 

0
Posted on Author Atlantic Computer Services Categories Blog

Cybersecurity Attack Hits U.S. Healthcare System

On October 4th, 2022 a cybersecurity incident has disrupted CommonSpirit Hospitals. With more than 150,000 employees, 20,000 physicians, and serving 21 million patients, CommonSpirit Hospitals is the second-largest nonprofit hospital system in the nation. In 21 states, CommonSpirit operates more than 1,000 care sites and 140 hospitals.

CommonSpirit Hospitals announced it is investigating an “IT security issue.” While the full extent of the attack is unknown, it has already caused significant disruptions for patients and staff at CommonSpirit Hospitals.

Some of MercyOne Des Moines Medical Center’s IT systems, including access to electronic health records, have been shut down. In addition, CHI Health, a subsidiary of CommonSpirit based in Nebraska, reported outages across its Omaha hospitals.

Although it is not entirely clear how the incident occurred or what kind of information was compromised, it does illustrate the vulnerability of the U.S. healthcare system to cyberattacks.

The healthcare system in the United States has been the target of numerous high-profile attacks, including University Medical Center Southern Nevada, Eskenazi Health, and Kaiser Permanente. In 2022, at least 15 U.S. health systems were affected by ransomware, and 12 of those incidents involved compromising personal health information.

Cybersecurity attacks on healthcare facilities can seriously affect patients, staff, and the hospital’s operations. These incidents can lead to the loss of essential data, disruptions in care, and financial damages.

Healthcare organizations can prevent cyberattacks by adopting strong security policies, investing in robust security technologies, and training employees to identify and respond to threats. As a result of these measures, healthcare organizations can reduce the harmful effects of cyberattacks on patients, staff, and facilities.

0
1 2 3 4 5 6 238