Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Some Carrier Embedded Android Apps May Have Security Vulnerabilities

Recently, Microsoft reported high severity security vulnerabilities in multiple apps offered by large international mobile service providers.  What makes this especially noteworthy is the fact that these vulnerabilities aren’t app specific, but framework specific.  Many carriers use the same basic framework to construct their apps and now all have been found to contain vulnerabilities.

The vulnerabilities discovered to this point are being tracked as CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601, respectively.

The framework is owned by a company called mce Systems.  All vulnerabilities center around command injection and privilege escalation type attacks.  Carriers with apps that are impacted include AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile.

Members of the Microsoft 365 Defender team had this to say about the issue:

“The apps were embedded in the devices’ system image, suggesting that they were default applications installed by phone providers.

All of the apps are available on the Google Play Store where they go through Google Play Protect’s automatic safety checks, but these checks previously did not scan for these types of issues.

As it is with many of pre-installed or default applications that most Android devices come with these days, some of the affected apps cannot be fully uninstalled or disabled without gaining root access to the device.”

This is a problem with a truly vast scope.  Just counting the number of downloads from the Google Play Store, the number runs into the millions.  Add to that the number of installed instances that were pre-installed on phones sold by the vendors above, and the scope and scale is simply mindboggling.

If there’s a silver lining to be found, it lies in the fact that all the vendors who have had apps impacted by this issue have already issued updates to fix the problem.

If you have a phone sold to you by any of the providers above, check all your installed apps and make sure you’re running the latest versions.  Better safe than sorry.

0
Posted on Author Atlantic Computer Services Categories Blog

Millions Of MySQL Server Users’ Data Found On The Internet

Do you maintain a MySQL server?  If so, you’re certainly not alone.  What you may not know is that according to research conducted by The Shadowserver Foundation, (a cybersecurity research group) there are literally millions of MySQL servers visible on the internet that shouldn’t be. In all, the group found more than 3.6 million MySQL servers visible on the web and using the default port, TCP port 3306.

The company noted that they did not check for the level of access possible, or the exposure of specific data. The fact remained that the server itself was visible and that alone was a security risk, regardless of any other factors.

The United States led the world in terms of total number of exposed servers, with just over 1.2 million, but there were also substantial numbers to be found in Germany, Singapore, the Netherlands, and China.

The company broke their scan down in much more detail and granularity in their report.

Here are the highlights:

  • Total exposed population on IPv4: 3,957,457
  • Total exposed population on IPv6: 1,421,010
  • Total “Server Greeting” responses on IPv4: 2,279,908
  • Total “Server Greeting” responses on IPv6: 1,343,993
  • 67 percent of all MySQL services found are accessible from the internet

And here’s the bottom line:  An exposed MySQL server has serious security implications that can lead to a catastrophic data breach that sees a company lose control of proprietary data or sensitive customer data.

In addition to that, it can give hackers an easy inroad to mine your network with a wide range of malware, allowing them to siphon data from you in real time and over an extended period. They can also wholesale encrypt your files and demand a hefty ransom to regain access.

None of those outcomes are good for your company, so if you’ve got a MySQL server, check to be sure it’s properly secured today.

0
Posted on Author Atlantic Computer Services Categories Blog

How the Coronavirus crisis is the gateway to the other kind of virus

How the Coronavirus crisis is the gateway to the other kind of virus

To say the COVID-19 pandemic gave the whole world a tough time would be an understatement. Economies collapsed, joblessness rose, people lost their loved ones and livelihoods to the disease. Adding to this situation was the need for social distancing and self-isolation which took a toll on mental health of millions across the world. 10 months into the pandemic or perhaps even before, people started growing tired of it and just when it seemed like humankind will give up collectively, there was a light at the end of the tunnel–Vaccines.

While the news of the first vaccine being approved and then administered in December 2020, was a huge victory for humankind and rightly welcomed with claps and cheers, cybercriminals were cheering too. For cybercriminals, this was a great opportunity to exploit the eager, mentally fatigued and vulnerable populace. Emails were sent with phishing links disguised as genuine which urged the recipients to fill a form to access their vaccination schedule and vaccine information. Some emails were made to look like it came from the FDA, United States CDC or the NHS (UK). Some had attachments that required recipients to download them and run exe (executable) files that planted malware into their systems. “E-commerce” sites were created overnight on the dark web and enticed people into ‘placing orders for vaccines’ at $250 each, in the ‘Black market’.

The point is, this is not the first organized cybercrime modus operandi and certainly won’t be the last. So, how do you protect yourself? Here are a couple of tips.

  • Do not download or open attachments or click on links from unknown, unverified sources or a source that you don’t trust.
  • Sometimes, the email or message may seem to be from someone you trust, but their account may have been compromised and used to send out the malicious link or attachment to you. Or, there may be a slight variation in the email ID (spelling), so while you get the impression it is a genuine email, the reality is different.
  • If something doesn’t add up, or if it doesn’t feel like the message was in fact written by the person you know, either ignore or call and verify if they did indeed send it to you.
  • Install firewalls that have the capability to identify and block dangerous sites, so you will be alerted of possible security threats and inadvertent clicks won’t take you to dubious clone sites
  • Make sure your antivirus software is up-to-date

From a business perspective, discuss a strong cybersecurity plan of action with an MSP. This includes investing in the right anti-malware tools, ensuring all your software programs are updated, and updating security patches released by your software vendors as soon as they are available. Educate your staff on common cybercrime tactics so they don’t accidentally expose your IT network to cybercriminals.

0
Posted on Author Atlantic Computer Services Categories Blog

Hackers Are Using Personal Messages On WhatsApp To Attack

Are you a WhatsApp user?  If so, be aware that hackers have worked out a means of hijacking a user’s WhatsApp account and gaining access to a user’s contact list and personal messages.

The attack relies on mobile carriers’ automated service to forward calls to different phone numbers, which is a service every major mobile carrier offers.

Unfortunately, it can be exploited by hackers by tricking users into forwarding their calls to a number that the hackers control. So when WhatsApp sends a one-time password (OTP) verification via voice call, the hackers wind up with the code.

Rahul Sasi is the CEO and founder of CloudSEK which is a digital risk protection company.

Sasi had this to say about the attack:

“First, you receive a call from the attacker who will convince you to make a call to the following number **67* or *405*. Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account.”

Once the hackers have tricked a user into forwarding their calls, they initiate the WhatsApp registration process on their device, naturally choosing the option to receive the OTP via voice call.

There are a few caveats here, and this methodology is by no means fool proof.  For example, the victim does get a text message stating that his/her WhatsApp account is being registered on another device.  When there’s a lot going on that’s easy to miss, but an observant user won’t.

Also, if call forwarding has already been activated on the victim’s device, then the attacker must use a different phone number than the one used for the redirection.  This usually won’t stop a determined attacker, but it will take a bit more social engineering and moxie to pull off.

The bottom line is, if you’re a WhatsApp user, someone may try this on you. So be on the alert for it.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Releases Multiple New Features For Teams

Teams was “just another Microsoft application” before the pandemic.  Thanks to Covid-19 though, demand for video conferencing solutions shot through the roof, and suddenly Teams found its groove.

Microsoft had been gamely trying to bolster its popularity and the pandemic certainly helped. For more than two years, the Redmond giant has been pouring an increasing number of resources into polishing Teams and really making it shine.

Recently (May of this year), Microsoft made a significant update to Teams which introduced a whole raft of new features.  If it’s been a while since you’ve been on Teams, it’s well worth taking a bit of time to check out the latest features.

Until you get that chance, here’s a quick overview of what’s new:

May 2022 was the first time that the Teams app made an appearance on the Microsoft Store, which makes it easier and more convenient than ever for Windows 10 users to grab a copy and install.

Windows 11 users can download the Teams app for work and school accounts from the store. Note that Windows 11 users do not have access to personal accounts for Teams.  That’s because Windows 11 includes a built-in Teams chat app for individual consumers.

This has created a situation that Microsoft had hoped to avoid where there are now two different Teams apps.  It is uncertain at this point whether Microsoft will eventually combine the two or just live with the different variants.

In addition to easier availability, Microsoft added two new filters to improve video quality. Meeting organizers get a new “Together Mode” which places all meeting participant faces in the same virtual room (like an auditorium).  Just select the mode and choose a theme/scene.

For VDI users, there’s the new pop-out chat function and a new feature that allows users to give or take control, which allows other users to share content.

Teams has come a very long way in a relatively short amount of time.  Check out the latest it has to offer today!

0
1 23 24 25 26 27 236