Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

HTTPS Becomes Default For Google Chrome For Added Security

For the last month or so, Google has been testing the notion of using HTTPS as the default protocol for all URLs a user types into the address bar. Those who have been experimenting with Chrome’s latest Canary build have already seen the new feature in action, and the company has decided to forge ahead.

In the next stable release, it will be formally incorporated into Chrome’s browser experience. Android users can expect to see it when they update to version 90, which is slated to be released on April 13. The iOS rollout is scheduled for an unspecified date later this year.

This is all a part of Google’s ongoing effort to bolster safety on the internet. In this specific instance, the goal is to attempt to thwart “man in the middle” attacks that see hackers intercept un-encrypted web traffic and either steal data or inject malicious code into the data stream.

Chrome team members Shweta Panditrao and Mustafa Emre Acer explain further:

“Chrome will now default to HTTPS for most typed navigations that don’t specify a protocol. For sites that don’t yet support HTTPS, Chrome will fall back to HTTP when the HTTPS attempt fails (including when there are certificate errors, such as name mismatch or untrusted self-signed certificate, or connection errors, such as DNS resolution failure).”

If you’re interested in testing the upcoming feature before it reaches the stable channel, you can do so by enabling the ‘experimental’ flag. Just go to:

chrome://flags/#omnibox-default-typed-navigations-to-https

And enable the option to have HTTPS as the default navigation protocol. Once there, you’ll also have the option to choose either a 3-second or a 10-second timeout to give the browser enough time to determine the availability of the HTTPS URL.

This is an unquestionably good change. Kudos to Google. We’re looking forward to seeing it in the stable release.

0
Posted on Author Atlantic Computer Services Categories Blog

Facebook Adding Physical Security Key Support For Mobile Devices

Many industry insiders consider physical security keys used in the context of two-factor authentication login schemes to be the final word in digital security. That is because even if your password is compromised, if you’re using a physical piece of hardware that has to be inserted when prompted for to complete the process, a hacker can’t breach the account in question without first having physical access to the key.

Facebook has supported physical security key 2FA for desktop environments since 2017, but until quite recently, iOS and Android users simply didn’t have that option. That has now changed, thanks to a recent announcement by Facebook that they were expanding their physical security key 2FA offering to support both product ecosystems.

Almost universally, privacy and security experts applaud this move. Far and away the most common form of two-factor authentication in use today is the text code. You enter your password as you normally would, and then the site you’re logging into send you a six or eight digit code to your phone. You enter that code to complete the login process.

The problem with that approach, however, is that text messages can be intercepted by determined hackers, which makes that form of 2FA not as robust or secure as a physical key. Granted, it’s still heads and shoulders better than not having 2FA enabled at all. However, if you’re looking for maximum security with a minimally intrusive process, then a physical security key will make your organization and the sensitive data you’re trying to protect that much more secure.

Kudos to Facebook for expanding their physical security key offering, and here’s hoping that other companies in the space follow their example in short order. Anything we can do to reduce the number of data breachers has to be counted as a win.

0
Posted on Author Atlantic Computer Services Categories Blog

Be Careful Downloading Clubhouse App On Android

Clubhouse has taken the internet by storm. Or rather, it has taken the iOS ecosystem by storm, since the company has yet to release an Android version of their increasingly popular app.

If you’re not sure what all the fuss is about, Clubhouse is an audio chat app that is invitation only. If you get an invite, you can listen in on and participate in audio chats in real time.

Elon Musk is personally responsible for at least some of the hype surrounding the app, having sung its praises recently in a tweet.

As mentioned, the catch is that the app is only available to iOS users at this point, and there’s a growing demand for it in the Android sphere. Naturally, hackers and scammers, who seldom miss an opportunity, have been flocking to at least pretend to fill the gap, offering what they claim is the long-awaited Android version of Clubhouse.

Naturally, it is no such thing. In fact, those who fall for the hype and install it without doing a bit of due diligence will soon discover that they have, in fact, downloaded the BlackRock Trojan.

If there’s a silver lining to these recent events, it lies in the fact that to this point, the hackers and scammers haven’t managed to get their poisoned wares passed Google’s security, which means that the app isn’t on the Play Store.

Those who download it are getting it from less trustworthy sources. Although security researchers note that the hooks scattered about the web attempting to lure people into downloading it invariably use some variant of “Get it on Google Play” as their hypertext. If a user isn’t paying close attention, that may be sufficient to lull him or her into a false sense of security.

All that to say, there is no Android version of the app yet. Don’t fall for the hype!

0
Posted on Author Atlantic Computer Services Categories Blog

Another Malware Evolves To Gain Access To More Systems

One of the more disturbing trends this year is that worms are becoming popular among the hackers of the world again.

We’ve seen a handful of new malware strains introduced in recent months with worm modules added to their code, allowing them to scan and infect Windows systems connected to the initial source of the infection.

That’s bad news for IT Security professionals around the globe. In the early days of the internet, some of the most devastating attacks were worm-based and caused no end of trouble to organizations of all shapes and sizes. Now, it seems that today’s hackers are dusting off one of yesteryear’s favorite tactics and giving it a new lease on life. Purple Fox malware is the latest strain spotted with a worm module attacked.

Purple Fox has been around a while as malware goes, being first spotted in the wild in 2018, when it infected in excess of 30,000 devices during the first campaign known to utilize it. As was the case then, Purple Fox isn’t terribly damaging in and of itself, but is primarily used as a dropper, to deploy other, more devastating forms of malware once it has gained a foothold on a target system.

Given that, and its new worm-like capabilities that allow it to spread like wildfire once it gets a toehold somewhere, it should be considered dangerous indeed.

Even more worrisome is the fact that after the initial spate of infections in 2018, the controllers of the code went relatively quiet until May of this year (2020), when Purple Fox attacks suddenly intensified, with more than 90,000 separate attacks in April and May of this year alone.

As if busy IT managers didn’t have enough to worry about, now they can add yet another item. Purple Fox looks like it’s here to stay.

0
Posted on Author Atlantic Computer Services Categories Blog

Memory Savings Improvements Makes Windows 10 Google Chrome Faster

If you’re a Google Chrome user, and you’re interested in maximizing the overall performance of your system, then Google’s recent announcement about their browser is sure to make you smile.

The release of Chrome 89 includes enhancements design to make it run notably faster on Windows 10 and use significantly fewer resources on both Android and macOS-driven devices.

According to the company’s most recent claims, in testing, in the Windows 10 environment, they saw up to 22 percent percent memory savings when measuring the browser process. They saw another 8 percent percent reduction thanks to improvements in the renderer, and a further 3 percent percent reduction in the GPU thanks to improved memory allocation. If those numbers even come close to being replicated in real world conditions, that represents a significant improvement indeed.

If you’re a macOS user, then the newest version of Chrome will give you a more modest memory savings. Even so, an 8 percent improvement is nothing to sneeze at, and version 89 will also include a new tool designed to help you keep your Mac cooler, courtesy of its tab throttling feature. Again, based on the research from Google’s engineering team, they’re reporting up to a 65 percent improvement on the Apple Energy Impact score in the macOS Activity Monitor for background tabs when employing this feature. That’s certainly impressive in its own right.

Finally, if you’re an Android user, you can expect to see a 5 percent reduction in memory usage, a 7.5 percent faster browser startup and 2 percent faster page loads. That might not make a big difference on any particular page, but over the course of an entire work day, it amounts to a substantial improvement.

Also note that the latest version of Chrome for Android comes with a new feature called ‘Freeze-Dried Tabs, which helps the browser start up 13 percent faster. All things considered then, Chrome 89 should be high on just about everyone’s wish list.

0
1 105 106 107 108 109 236