Learning Center

ACS will provide all your IT services in Wilmington, North Carolina

Posted on Author Atlantic Computer Services Categories Blog

Apple Safari Bug May Leak Personal Information And History

There was a recently discovered issue with the way the IndexedDB API was implemented in Safari’s WebKit engine.

This is giving IT professionals who work in an environment dominated by Apple products heartburn. The faulty implementation allows or could allow an attacker to intercept leaking browser activity in real time including the user IDs associated with vulnerable machines.

Indexed DB is a commonly used API that has a robust client-side storage system with no capacity limits.  Normally it is used for caching web application data so users can view it offline at a later date but of course, it can also be used to store sensitive information.

To prevent data leaks IndexedDB developers followed the “same-origin” policy which controls which resources are allowed to access each piece of data.

Unfortunately, researchers at FingerprintJS discovered that the IndexedDB API doesn’t follow the same-origin policy used by Safari 15 on macOS and the difference in policy could lead to the disclosure of sensitive information.

In order to be impacted by this issue a user has to log onto websites like YouTube and Facebook or visit service portals like Google Keep or Google Calendar.  Doing so creates a new IndexedDB database and appends the Google Username.

According to the researchers who first discovered the bug:

“We checked the homepages of Alexa’s Top 1000 most visited websites to understand how many websites use IndexedDB and can be uniquely identified by the databases they interact with. 

The results show that more than 30 websites interact with indexed databases directly on their homepage, without any additional user interaction or the need to authenticate.  We suspect this number to be significantly higher in real-world scenarios as websites can interact with databases on subpages, after specific user actions, or on authenticated parts of the page.”

Worst of all is there’s no good mitigation strategy here.  Disabling all JavaScripts would work but would almost certainly cause other applications to fail that your organization relies on. So we’re waiting on Apple to provide a fix.  The good news is that they’ve got a solid reputation for responsiveness so we should not have to wait long.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Can Infect Linux, Mac, Or Windows Users

There’s a new strain of malware called SysJoker to be mindful of. It’s especially dangerous because it can target Windows, Mac or Linux systems.  That makes it an equal opportunity strain.

Researchers at Intezer are credited with discovering the malware in the wild in December of 2021 during an investigation of an attack on a Linux server.  The group was able to obtain samples of the virus for analysis and have concluded that SysJoker is a nasty piece of work indeed.

Written in C++, the malware strain is cunningly constructed to evade detection on all three Operating Systems.  In fact, it’s so good at evading detection that none of the 57 antivirus programs the Intezer researchers tested were able to detect the presence of the malware.

SysJoker is harmless by itself but that is by design.  It is a first-stage dropper and its only job is to gain a foothold in a target network.

Once there it will sleep for two minutes before creating a new directory and then copy itself to that directory all while disguised as an Intel Graphics Common User Interface Service (“igfxCUIService.exe”).

According to the Intezer report, this is what happens next:

“…SysJoker will gather information about the machine using Living off the Land (LOtL) commands. SysJoker uses different temporary text files to log the results of the commands,” explains Intezer’s report.

These text files are deleted immediately, stored in a JSON object and then encoded and written to a file named “microsoft_Windows.dll”.”

When that is done, the malware creates persistence by adding a new registry key (HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun). Random sleep times are interposed between all functions leading to this point.

Finally, it will reach out to the actor-controlled command and control server using a hardcoded Google Drive link.  Once that connection has been established, the hackers can install whatever payload they wish onto the infected system.

None of the major AV programs can detect SysJoker at present. Given that it can infect Windows, Mac and Linux systems, this is one to keep a watchful eye out for.

0
Posted on Author Atlantic Computer Services Categories Blog

Report Says PC Sales Went Up Ten Percent In 2021

According to the latest Gartner’s statistics, a total of 339.8 million personal computers were shipped in 2021. That was up from 309.1 million in 2020 which amounts to about 10 percent growth in the market.

The company noted that the fourth quarter of 2021 saw a 5 percent drop compared to last year, which may be signaling the end of the pandemic-fueled growth in sales.

Lenovo is the PC maker that has been top of the charts in recent years and they were once again in the top spot accounting for nearly a quarter (24.7 million) of PCs shipped in the year that just ended.  HP was not far behind them with a 21.8 percent share, or 74.2 million units shipped. Then we have Dell bringing up the top three scoring 17.6 percent of the market with 59.7 million PCs shipped.

Apple was at the top of the second tier with a 7.6 percent share of the market and shipping 24.3 million units. Acer and Asus rounded out the top six.

The interesting thing about the Gartner analysis is that it stands in stark contrast to rival Canalys’ projection that 2022 will be another year of record PC sales.

As Gartner sees it, the pandemic fueled a one-off, not-to-be-repeated surge in demand and points specifically to the 4th quarter data point as a sign that demand is slowing.

Canalys sees it differently and cites supply chain issues as the main driver behind the 4th quarter slowdown. Canalys insists that demand will remain strong throughout this new year.

Both companies have a very good record when it comes to predicting market moves but only one of them can be right.  All we can say is that we currently don’t have enough data to say for sure.  Whatever way it shakes out though 2022 is bound to be another interesting year.

0
Posted on Author Atlantic Computer Services Categories Blog

Ransomware Attack Wreaks Havoc On Prison Employees And Inmates

Chalk up another first for the hackers.  For the first time that we know of, a successful hacking attack caused prisoners in New Mexico to be confined to their cells for a time.

The Metropolitan Detention Center in Bernalillo County, New Mexico went into lockdown on January 5th of this year (2022) when hackers infiltrated the prison system’s network and deployed a malware payload.

For the duration of the system outage the prison cells could not be opened.

While the incident was not reported at the time, details came to light indirectly when the attack and its effects were referenced in court documents. One public defender representing the inmates suggested that their Constitutional rights had been violated due to the incident, which meant that visitations were cancelled.

In addition to the uproar it caused among the prison population, a number of the local government’s databases appear to have been corrupted. Until functionality was restored the employees of the prison could not access camera feeds or access any inmate data.

Of course, the physical keys carried by the guards still worked. However, given the situation, the Warden placed the entire facility on lockdown for the duration of the incident.  Full functionality was restored by the afternoon of January 5th.

Few additional details have been revealed about the attack.  We don’t even know what sort of malware was deployed.  Only that the system is “still being repaired,” according to country officials, and that certain systems are still being impacted.

Unfortunately, the issue has prompted Federal Law Enforcement’s involvement as the prison was already under fire for poor conditions.  What happens next is anyone’s guess.

It’s understandable that the county is being somewhat tight-lipped about the incident. That’s especially considering the court case. At least some additional transparency would be appreciated.

0
Posted on Author Atlantic Computer Services Categories Blog

4 Lesser-known benefits of hiring an MSP

You are probably aware of the most common benefits of signing up with an MSP such as

  • On-demand IT support: Having an MSP ensures that you get priority IT support when you need it.
  • Scalable IT infrastructure: With an MSP by your side, you can scale your staff structure up or down without worrying about the IT aspect of it. Need to add 20 people to your workforce? You focus on the hiring, while your MSP will work out the IT logistics
  • Lower IT costs: Overall, having an MSP gives you a lot of cost savings vis-a-vis having an IT team in-house. Even if you have an IT team in-house, you can have them work in tandem with your MSP for the best results. Or, have them focus on research and optimization of your IT environment instead of focusing on mundane tasks like backups or software updates.

But, here are a few more benefits that are often overlooked.

IT analysis

An MSP has the expertise needed to analyze your IT infrastructure and identify problems that impact your workforce’s productivity negatively. Whether you sign up with an MSP or not, you should definitely hire one to analyze your existing IT infrastructure. They will be able to identify possible IT glitches, security lapses and hardware or software problems that can trigger a breakdown of your IT architecture.

Better deals on IT purchases

MSPs often have agreements with software or hardware vendors and will be able to get you a better quote on your IT purchases. Plus, with their knowledge and expertise, they are in a good position to help you choose the hardware or software that will work best for you.

Hassle-free compliance

As a business, you have certain IT rules and regulations to adhere to. An MSP can help you meet these effectively. With an MSP on board, you can focus on running your business without worrying about meeting regulatory requirements.

Staying ahead of the curve

An MSP is an expert at what they do. They are in the industry, working closely with hi-tech companies, analysts and vendors. They are more likely than your internal IT team to be aware of newer technology and tech-related market trends. By making them a part of your business, you benefit from their knowledge and your business stays ahead of the curve from the technological point of view.

Working with an MSP offers numerous benefits to an organization, especially, to an SMB as it allows them to divert their resource investments to more productive assignments.

Learn more

If you want to find out how outsourcing your IT support can give you the competitive edge, contact us HERE. We’re happy to talk through options that you may not have considered and what opportunities might present themselves.
0
1 53 54 55 56 57 238