Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

This New Malware Wants To Steal Your Data

A nasty new malware strain has recently been spotted in the wilds by researchers at zScaler.

Dubbed “BlackGuard” the malicious code has been found on a variety of Russian underground Blackhat forums.  It is offered as a service and anyone criminally minded can access the code for the bargain price of just $200 a month.

Because the malware is quite new the yet unknown authors are also selling lifetime subscriptions for just $700 in a bid to rapidly grow the code’s user base and get their name circulating in the global hacking community.

BlackGuard isn’t an inherently destructive form of malware. It is classified as an Infostealer and its main purpose is to harvest as much valuable information as possible when it lands on a target system.

Most Infostealers tend to be somewhat generalized while siphoning up data ranging from OS details, network traffic statistics, users’ contact lists and of course, harvesting various login credentials (with a preference for account details users use to log into various financial institutions). BlackGuard’s focus is a bit different.

zScaler reports that this code steals any login credentials stored in whatever web browser the user has along with that user’s browsing history, email client data, any autofill content, and all conversations in messenger software.

In addition to that, it also targets login credentials and other account information for popular Messengers including Tox, Element, Discord, Signal, and Telegram.  If that wasn’t bad enough, BlackGuard is also designed to pilfer cryptocurrency wallet information including wallet browser extensions for both Microsoft Edge and Google Chrome.

The zScaler team remarked that although BlackGuard’s capabilities are not yet as broad based as many Infostealers, the malicious code is extremely well-designed. It’s clear that the developers know what they’re doing, and they seem to have a well-crafted plan to grow the popularity of their new creation.

Keep an eye on this one.  We’re almost certain to hear more about it in the months ahead.

0
Posted on Author Atlantic Computer Services Categories Blog

This Android Malware Will Steal Your Facebook Credentials

Do you have an Android device?  Even if you don’t, you know someone who does.

Google is incredibly good at spotting poisoned copies of apps on its Play Store and getting rid of them before they can spread to the devices of users who rely on the safety and security offered by the Play Store.

As good as they are, they’re not perfect and sometimes malicious code masquerading as a legitimate app can slip through the company’s impressive filtering system.

Recently, the company discovered that an Android app that has more than 100k installs contains a trojan called “FaceStealer” which displays a Facebook login screen that requires users to log in before they can make use of the app.

Although the Facebook login prompt looks official, it is not and all a user accomplishes by entering their login credentials is to give those credentials to the hackers that control the code.  Given that millions of people around the world use their Facebook login details to connect to a host of other websites, this essentially gives the hackers the keys to your digital kingdom. From that point there’s really no end to the amount of damage they can do.

In addition to making the discovery itself, the researchers who originally brought the poisoned app to Google’s attention did a deep dive into the malicious code and discovered that the author has apparently automated the repackaging process. This means that it’s a trivial matter to turn almost any legitimate app into a carrier of this trojan.

Given that fact, it’s worth asking the question, “How many other poisoned apps might there be on the Play Store right now?”

It’s a fair question with no easy answer.  Your best bet is to practice extreme caution when downloading any app, only get them from the Google Play store and do as much due diligence as possible before committing to an installation.

0
Posted on Author Atlantic Computer Services Categories Blog

Some Microsoft’s Source Code Was Stolen By Hacker Group

Microsoft recently confirmed that an account belonging to one of their employees was compromised by the Lapsus$ hacking group, which allowed them to abscond with portions of the company’s source code.

Yes, you read that correctly.  Microsoft got hacked.  They now join the latest in a seemingly unending parade of large tech companies to have been hacked by well-organized hackers.

In this case, the attackers made off with a head-spinning 37 GB of data. Most of it was in the form of source code for a wide range of internal Microsoft projects including those for Bing, Cortana, and Bing Maps.

The company had this to say about the incident:

“No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.

Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk. The tactics DEV-0537 used in this intrusion reflect the tactics and techniques discussed in this blog.

Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.”

An investigation into the matter is ongoing but already the company has assessed its own processes and is making changes to further bolster their security.

They recommend doing the following:

  • Strengthen MFA implementation
  • Require Healthy and Trusted Endpoints
  • Leverage modern authentication options for VPNs
  • Strengthen and monitor your cloud security posture
  • Improve awareness of social engineering attacks
  • Establish operational security processes in response to DEV-0537 (Lapsus$) intrusions

No one is safe, but kudos to Microsoft for their transparency here and for publishing specific steps that others can take to help minimize their risks.

0
Posted on Author Atlantic Computer Services Categories Blog

Some Microsoft Servers Are Experiencing DNS Problems After Update

Do you use Windows Server 2019?  If so, then you may be experiencing some issues as of the latest update. According to details published on the Windows Health Dashboard, customers who installed updates released on January 25th or later may experience DNS issues relating to DNS stub zones.

The company had this to say about the matter:

“After installing updates released January 25, 2022 (KB5009616) and later on affected versions of Windows Server running the DNS Server role, DNS stub zones might not load correctly, which might cause DNS name resolution to fail.”

In addition to the update referenced above, there are two other updates which may cause the issue.  These are KB5010427 which was released on February 15th and KB5011551 which was released on March 22nd.

The good news is that Microsoft has fixed the issue via the Known Issue Rollback (KIR) feature, but it should be noted that it will not propagate to impacted devices automatically.

To make sure the fix lands on the servers you need it to Admins will need to download and configure a pair of new group policies.  Details on which files to download and how to configure them can be found on a Microsoft blog post entitled “Group Policy to Deploy a Known Issue Rollback.”

It’s also worth mentioning that the January update for Server 2019 was especially problematic and Microsoft has previously fixed several issues related to that update. These issues include but are not limited to a Bluetooth issue that was causing the dreaded “Blue Screen of Death,” random Windows Domain Controller Restarts caused by LSASS crashes, a Windows Active Directory bug, and Netlogon issues.

Here’s hoping this is the last of the issues related to the January update and that the company’s updates going forward won’t be quite so problematic!

0
Posted on Author Atlantic Computer Services Categories Blog

Equip your business with the IT foundation it needs to compete and win

Equip your business with the IT foundation it needs to compete and win

In a recent industry survey, it was found that one of the biggest factors holding back small and mid-sized firms from achieving their business goals was IT. One may argue that smaller businesses lack the capital that the bigger players have to invest in their business, but even with all other aspects being more or less equal, the difference brought about by their lack of investment in IT was found to be a key differentiating factor–far more than other elements such as marketing, human resources and even industry expertise.

There’s no denying that IT plays an important role in keeping any business running. Ignoring your IT infrastructure can prove disastrous, but maintaining an in-house IT team to take care of it can be expensive–especially for SMBs. By outsourcing IT to a trusted MSP, businesses can benefit from significant cost savings that arise from not having to hire an entire IT team in-house.

The second instance where having an Service level agreement (SLA) with an MSP helps is where you don’t have an in-house IT team. Calling on an IT service provider when there is a crisis or a there is a one-off event may mean significant surcharges

When businesses have SLAs, the MSP will be regularly monitoring their IT infrastructure. A typical service agreement will cover regular backups, periodic network monitoring for latency issues, timely security updates and patch application, etc., This means the chances of severe IT issues will be drastically reduced. Most of the time, the problem can be identified much sooner before it becomes a full-blown issue. And, in the event of an IT emergency, a client having a service agreement will be prioritized by the MSP. One time emergency requests fall to the end of the line.

Irrespective of the size of business, MSPs can add tremendous value by bringing scalability, flexibility and innovation to the standard IT set-up and help build the IT foundation it needs to compete effectively and efficiently in the industry.

0
1 37 38 39 40 41 236