Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Simple Ways To Hire The Perfect Candidate The First Time

Top quality talent can be difficult to find in any field, if you have spent any time looking for and hiring people, you know the challenge can be an especially daunting one.  There’s tremendous competition for talented folks. Given the cost of hiring and training new people, it’s something you want to get right the first time as often as possible.

The question is: how?

The good news is that there are multiple things you can do to take the guesswork out of the equation.

The most pivotal steps are these:

First, if you’re not already plugged into the best online recruiting platforms, that should be your first stop.  This is far and away superior to placing an ad in your local paper or other more traditional means of hiring.

It isn’t that you can’t find plenty of good people in most any good-sized city, but you gain access to a much broader and deeper pool of talent if you shop globally for your new hires.

In the old days, that usually meant paying a premium to try and get a new hire to relocate. However, managers are increasingly embracing the notion of letting many of their staff members work from home, wherever that might be.  If you’re willing to do that, you can find top talent anywhere in the world and put them to work for you in short order.

Second, you’ll want to hold at least three interviews.  One should be over the phone to get a general sense of the employee. Next would be a second interview where you introduce the prospective new hire to the people they’ll actually be working with to ensure that he or she is a good fit. Finally as a last step, do a written or practical interview that serves the same function as a university exam.

This last bit is key, because it gives you a chance to see how they work and how they think. That can generally tell you how efficient and effective they’ll be in the position you have in mind for them.

If you do all of these things every time you hire, you’ll almost never mis-step when bringing a new employee onboard.

0
Posted on Author Atlantic Computer Services Categories Blog

Massive Phishing Attack Scammed Millions Of Facebook Messenger Users

According to research conducted by the cybersecurity firm PIXM, there is a massive phishing campaign that peaked in April and May of this year (2022) and it is still ongoing.

The campaign has lured millions of unsuspecting users to phishing pages by abusing Facebook and Facebook Messenger and tricking users into entering their account credentials.

Worse, the hackers then used those credentials to send additional phishing messages to friends of the affected users, luring them in as well and continuing the chain.

All told, the group behind the attack has been able to generate millions of dollars in revenue using these tactics.

Worst of all is that PIXIM’s research shows that this has been a long running campaign.  Although the group has only recently discovered it, the evidence they’ve uncovered shows that the campaign has been ongoing since at least September of 2021.

The group’s research is ongoing but so far they’ve found more than four hundred Facebook accounts tied to the campaign, which contain hooks to phishing pages.  Some of these poisoned profile pages have only been viewed a few thousand times. In other cases, they boast millions of views and of course, each view represents another potential victim.

Based on what the group has been able to piece together, they determined that in 2021 a total of 2.7 million users had visited one of the phishing pages. As of today, more than 8.5 million people have been lured to the phishing pages with no clear end in sight.

While this represents a tiny fraction of the total number of Facebook users on the platform, it is nonetheless a massive campaign.  If you’re a regular Facebook user, stay vigilant.  There are groups out there right now that are actively trying to lure you in and steal your data.  Don’t let that happen to you, your family, friends, or your coworkers.

0
Posted on Author Atlantic Computer Services Categories Blog

Researchers Warn About Symbiote Malware Which Attacks Linux Machines

Are you a Linux user?  If so, be aware that there is a new kind of malware to be concerned about. The BlackBerry Threat Research and Intelligence team, in concert with Joakim Kennedy (an Intezer Analyze security researcher), have announced the discovery of a new strain of malware.

They’ve dubbed it Symbiote, and it was named because of its parasitic nature.

Actual discovery of the strain occurred a few months ago but the team has been studying it since.  It is markedly different from most of the Linux malware you see today, as it acts as a shared object library that is loaded on all running processes via LD_PRELOAD.

Once the malicious code has its hooks in a target machine, it provides the hackers controlling it with rootkit functionality.

The earliest samples of this strain date back to November 2021, and based on an analysis of its code, its primary targets were intended to be financial institutions located in Latin America.

The researchers had this to say about their recent discovery:

“When an administrator starts any packet capture tool on the infected machine, BPF bytecode is injected into the kernel that defines which packets should be captured.  In this process, Symbiote adds its bytecode first so it can filter out network traffic that it doesn’t want the packet-capturing software to see. When we first analyzed the samples with Intezer Analyze, only unique code was detected.  As no code is shared between Symbiote and Ebury/Windigo or any other known [Linux] malware, we can confidently conclude that Symbiote is a new, undiscovered Linux malware.”

The Linux ecosystem isn’t targeted as often as Apple, Windows, or Android. So the fact that this new threat has emerged is noteworthy indeed.  If you have any Linux infrastructure on your network, be sure to stay aware of this new potential threat.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Uses Word Documents To Get On Your System

Researchers at HP have discovered a new malware loader that they’ve dubbed SVCReady.  While new malware strains are common, this one is distinct for a couple of different reasons.

Like many malicious programs, this spreads primarily via phishing email campaigns.  One way that this new strain differs however, is the fact that the malware is loaded onto the target machine via specially crafted Word documents attached to the email.

The idea is that these Word documents leverage VBGA macro code to execute shellcode that’s stored in the properties of the Word document.  That’s both new and dangerous.

The HP researchers found evidence that tracks the malicious code back to its origin in April of 2022, with the developers releasing several updates just one month later in May.  The number of updates is suggestive of a large, well-organized team that is committed to continued development of their new toy.

Currently, SVCReady boasts the following capabilities:

  • Download a file to the infected client
  • Take a screenshot
  • Run a shell command
  • Check if it is running in a virtual machine
  • Collect system information (a short and a “normal” version)
  • Check the USB status, i.e., the number of devices plugged-in
  • Establish persistence through a scheduled task
  • Run a file
  • And run a file using RunPeNative in memory

In addition to these capabilities, SVCReady can also fetch additional payloads from the command-and-control server.  While the bullet points above are dangerous in their way, it is the last, recently added capability that makes the new malware strain especially dangerous.  It enables the hackers to tailor the level of destruction for each infected target.

Worse, the new strain contains bits of code that lead the HP researchers to conclude that the threat actor TA551 may be behind it.  This is a large, well-organized group with ties to multiple other hacking organizations and ransomware affiliates. That implies that SVCReady may soon become much more widely available than it is now.

You will want to be sure this one stays on your radar.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Adding Restore Apps Feature To Make Reinstalling Easier

Are you excited about Windows 11?  Many people are and in fact there are legions of beta users who are in the Windows Insiders group so they can get a sneak peek at some of the features on deck as updates are released.

One of the coolest new features making its way through the development pipeline is the “Restore Apps” feature the company is working on.

Its development came about from the realization that one of the most time-consuming tasks associated with setting up a new PC with a fresh Windows installation is the process of restoring all your previously installed apps.

This new feature aims to shortcut the process. Unfortunately, it doesn’t work with desktop applications, but any app you’ve downloaded and installed from the Microsoft Store can be put back in place via a single click, and that’s amazing.

Microsoft had this to say about the new feature:

“To make it easier for customers to transition to their new PCs quickly and seamlessly, we will soon test a new feature in the Windows Insider channel that helps customers automatically restore their apps, previously installed from the Microsoft Store, to their new Windows device.  This will also help developers retain their customers without having to remind customers to re-download their app.”

In addition to the “Restore Apps” feature, Microsoft will soon be adding the ability to install apps directly from a search in the Windows 11 Start Menu. Given that many people use the Start Menu’s search function to find new apps, this is a natural fit. By not having to access the Microsoft Store directly, it saves a step while offering a bit of added convenience.

While neither of these are available just yet, they will be soon. So if you’re a Windows Insider, be on the lookout for them.

0
1 21 22 23 24 25 236