Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Conduct More Effective Meetings With These Simple Tips

Do the meetings you hold tend run off the rails?

Do you find that they frequently run far longer than you intended and that very little actually comes out of them?

If those things are true and if you’re looking for ways to improve the structure of your meetings, here are some quick tips that will help make them more effective:

1 – Consider Your Attendees Carefully

Unless someone’s presence is essential at any given meeting, don’t send them an invite.  Keep the circle as small as possible.  The fewer people, the easier it is to keep the meeting on track.

2 – Laser-Like Focus

Create an agenda for the meeting and stick to it.  Don’t try to do too much.  Focus on one item or two at the most and then hammer out the details and move on.

3 – Prompt Follow-Up

The first two items on this list will practically guarantee that your meeting time is shorter but it won’t necessarily guarantee that the meeting itself was fruitful and productive.

For that, you need quick follow ups, and part of the content of the meeting should be to set aggressive timetables on when deliverables are due.

Once those timeframes are set, it’s on you to follow up and make sure that everybody’s on track and the deliverables will be wherever they need to be by the agreed upon time.

If you adopt these strategies, you may find that you’ll have relatively more meetings than you’re having right now.  The good news is that those meetings will tend to be short, tightly focused, and productive.  In other words, they’ll simply be more effective meetings and at the end of the day, that’s exactly what you want!

Try it and see for yourself.  If you put these tips in practice during your next meeting, you’ll be amazed at the difference.

0
Posted on Author Atlantic Computer Services Categories Blog

WordPress NinjaForms Plugin Was Force Updated Due To Vulnerability

Do you run a WordPress site?  Do you also use the popular forms design and management plugin called NinjaForms?  If you answered yes to both of those questions, be aware that NinjaForms was recently found to have a critical security flaw.

The flaw takes the form of a code injection vulnerability and impacts all versions of NinjaForms from 3.0 forward.  With more than a million installations to its name, that makes the newly discovered bug a problem indeed.

To their credit, the company behind the plugin moved quickly and issued an update which should have auto-installed on your system.

Chloe Chamberland is a researcher at Wordfence Threat Intelligence.

Chloe had this to say about the security flaw:

“We uncovered a code injection vulnerability that made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes, including a method that unserialized user-supplied content, resulting in Object Injection.

This could allow attackers to execute arbitrary code or delete arbitrary files on sites where a separate POP chain was present.”

The security patch was auto applied to more than 730,000 NinjaForms installations.  While that’s excellent, it’s clear that some admins don’t take kindly to auto-applied patches of any sort and have taken active countermeasures against such things.

If your company is one of those, you’ll need to install the latest version of NinjaForms as soon as possible. If you’re not sure you use it, check with your IT staff, and make them aware of the issue.

This isn’t the first time WordPress has taken away user agency in the name of security.  For instance, in 2019 the Jetpack plugin received a critical security update that corrected how the plugin processed embedded code.  The company didn’t make a fuss over it, they simply updated everyone’s Jetpack to the latest (safer) version.

Kudos to WordPress and the developers of NinjaForms for their rapid response in this instance. Kudos for keeping the web relatively safe.

0
Posted on Author Atlantic Computer Services Categories Blog

Voicemail Phishing Attacks Called Vishing Are On The Rise

While “vishing” is by no means a new threat, it’s not something that has ever happened with sufficient frequency to get most people’s attention. So, if you haven’t heard the term before, you’re not alone.

“Vishing” is short for voicemail phishing, and it is apparently on the rise based on data collected by the security firm Zscaler. Attackers are specifically targeting tech firms and US military installations.

No actual voice mails are involved, which is interesting.  What the attackers do is send emails with links that supposedly point the way to voicemail messages stored on LinkedIn, WhatsApp, or other services. The idea behind the attacks are is to trick an unsuspecting recipient into disclosing his or her Outlook or Office 365 credentials.

To make their credential capture page more convincing, the attackers have even taken to deploying a CAPTCHA system, which makes the page look just annoying enough to be legitimate.

A spokesman for Zscaler had this to say about the company’s recent discovery of the surge in vishing attacks:

“Voicemail-themed phishing campaigns continue to be a successful social engineering technique for attackers since they are able to lure the victims to open the email attachments. This combined with the usage of evasion tactics to bypass automated URL analysis solutions helps the threat actor achieve better success in stealing the users’ credentials.”

The folks at Zscaler have a point. If your employees haven’t been made aware that this kind of attack is not only possible but growing in popularity in certain sectors, make sure they know what to be on the lookout for. Kudos to the sharp-eyed folks at Zscaler for spotting the trend.

We may not be able to keep hackers from making the attempt. However, if we can warn enough people about the tricks they’re using, we can frustrate their efforts and that’s a good start.

0
Posted on Author Atlantic Computer Services Categories Blog

Simple Tips For Securing Smart Device Data

Data security isn’t something that’s at the forefront of most people’s minds, but it probably should be.  These days, we use far more than just our trusty laptops and desktops to do real, meaningful work.  Most people have a plethora of devices they tap into on a regular basis and take with them wherever they go.

From smart phones to smart watches and more, the average person has no less than four different devices they can and often do use to get stuff done.

How safe are they?  Probably not as safe and secure as you’d like.

Here are some simple ways to fix that:

1 – Software Solutions

There are a number of these, but BitDefender is a solid choice.  The great thing about BitDefender is that you can hook up to fifteen different devices to it per household, and it comes with a suite of tools designed to help keep your smart devices safe.

2 – Develop Good Password Habits

Yes, it can be easy to use the same password across multiple devices and multiple web properties you use on a regular basis.

Resist the lure of easy.  Unfortunately, easy makes you a target.  Even though it’s more trouble, take the time to develop good and robust passwords. Use a different password on every device.

Here, password vaults can be your best friend because it helps automate the process and gives you less to remember.  It’s also worth employing two-factor authentication (2FA) everywhere it’s offered. Again, it adds an extra step to your logon process, but it’s time well spent for the added security it provides.

3 – Learn to Be a Savvy Email User

Don’t click on any links embedded in any email you receive, even if you think you know the sender.  The sender’s address could be spoofed.

Similarly, don’t open an email attachment unless you’ve verified that it’s legitimate and that someone you trust has sent it to you.  Phishing emails are among the most common way that hackers gain access to systems they target.  Don’t be their next victim!

These three things do take a bit of time to set up and get working but it’s time well spent, and it will make all the smart devices you rely on significantly more secure.  That’s a very good thing.

0
Posted on Author Atlantic Computer Services Categories Blog

One Of The Largest US Banks Discloses Data Breach

Do you have an account with Michigan-based Flagstar Bank?  As one of the largest banks in the United States, it’s quite possible that you do.

If so, be aware that the company recently issued a breach disclosure notification relating to a security incident that occurred in December of 2021 when unknown attackers breached the company’s network.

The notification reads in part, as follows:

“…Upon learning of the incident, we promptly activated our incident response plan, engaged external cybersecurity professionals experienced in handling these types of incidents, and reported the matter to federal law enforcement. 

We have no evidence that any of the information has been misused. Nevertheless, out of an abundance of caution, we want to make you aware of the incident.”

The company also announced that they would be offering two free years of identity monitoring services to impacted individuals.

That’s good because based on information that Flagstar submitted to the Maine Attorney General’s office, there are a lot of impacted individuals.  More than a million and a half, in fact.

While there’s nothing outwardly wrong with the breach notification that the company sent out, there are two key pieces of information that are conspicuously absent.

First, there’s no explanation as to why it took the company half a year to realize that the breach had occurred.

Second, the notification gives no information about exactly what types of information that the attackers made off with.  Is it enough for a hacker to steal one’s identity?  Based on Flagstar’s offering identity monitoring protection, that would seem to be the case. However, there are no particulars provided, so we are left to guess.

In our view, this could have been handled better.  Here’s hoping that Flagstar is more forthcoming in the days ahead.

0
1 17 18 19 20 21 236