Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Security Vulnerability Found In Wyze Security Cameras

Do you have a Wyze Cam?  If you’re not sure what that is, it’s an internet camera that offers a low-cost solution to those who are interested in playing around with video and not willing to spend a ton of money on it.

Unfortunately, in this instance it’s a budget option with a bite and a significant drawback.  The camera has a bug in its firmware which allows for unauthenticated remote access to videos and images stored on the camera’s local memory cards.

Even worse, although this bug has never been assigned a CVE ID, it has been a known issue for more than three years.  Any remote user listening on port 80 can access the contents of the SD card in the camera.

The issue is that upon inserting an SD card into the WyzeCam, the camera automatically creates a symlink to it in the www directory which is served by the WyzeCam webserver without any access restrictions whatsoever.

So basically, if you have one of these be very careful about what images and videos you store on it because literally anyone who wants to can snoop around your camera and see what you’ve been taking videos and pictures of.

Worst of all is that most of the people who use this type of equipment tend to use a “set and forget” philosophy, so you may have purchased one of these months or even years ago and not given the matter another thought.

If that’s the case, it pays to do some housekeeping.  Review the contents of the SD card and possibly disconnect the camera. If that fails, relocate it and only turn it on when you’re sure you want to record something.

This is going to continue to be a problem with most of the equipment on the “Internet of Things” until we hold manufacturers to account.  Not only should this not be an issue at all, but it also shouldn’t have lingered for so long without being attended to.  That’s unfortunate.

0
Posted on Author Atlantic Computer Services Categories Blog

One Click Default Browser Choice Coming To Windows 11

One of the latest revelations to come from the Windows 11 development team is that Microsoft is working on streamlining the process of setting a default web browser for Windows 11 users.

The new paradigm under development will allow the selection to be made with a single click!

The new change was rolled out on March 28th as part of the company’s “C Week” Windows 11 update preview. The plan is to make the new option available to all Windows 11 insiders as of the next Patch Tuesday update on April 12th.

Microsoft has been aggressive in its efforts to force Windows 11 users to stick with their Edge browser by default. A big part of how they’ve been doing that has been to make the process of switching away from Edge a cumbersome, multi-step process, That has been quite frankly, annoying.

At the end of 2021 however, the company finally decided to change that. No doubt after legions of Windows 11 Insiders complained loudly about the issue and finally we’re beginning to see those changes in action.

If you’re currently using Windows 11 and you don’t want to wait, you can manually download the KB5011563 build preview.  Once it is installed go to “Default App” and you can select your default browser with a single click like Windows 10 users can do currently.

We totally understand why Microsoft wants everybody to use their Edge browser.  Unfortunately, if that’s what they really want then the solution is to make the Edge browser good enough and compelling enough that users will want to voluntarily switch to it.  By forcing the issue, Microsoft is hurting their own case and driving people away from Edge.

It seems that the company is finally on that page, and that’s great news for everyone.

0
Posted on Author Atlantic Computer Services Categories Blog

Chromebook Users Will Get New Tools And Features Soon

Do you own a Chromebook?  If so, be aware that version 100 of the Chrome OS and Chrome Browser boasts a new launcher.  Simply press the “Everything” button which is located on the left-hand corner of your screen to open the Chrome OS launcher.

Like the Windows Start button and the macOS “Spotlight” feature, the new launcher helps users search for files, system settings, and apps.

Just so it doesn’t take you by surprise also be aware that the new launcher opens on the side of your screen rather than from the bottom.

The re-vamped launcher displays more information inside the Launcher context, and it has an appearance that will remind you of ‘Snippets’ in Google Search results.  The old launcher only showed a sometimes-cryptic summary when displaying web search results.  With more information at the user’s fingertips, fewer actions should be required when searching for people, places, or weather updates from the launcher. So the overall user experience should be improved.

We like the left-side launcher placement because it gives more screen real estate to apps you’ve already got opened. It boasts another cool improvement.  Users can now organize apps by name or color or if neither of those options are exactly what you’re looking for you can manually organize them as you see fit.

On top of that, Chromebooks are also getting a new GIF-creation tools that allows users to create custom GIFs from inside the Camera app.  Just select “Video” and toggle the “GIF” setting to the on position to create a five-second video that is automatically converted to GIF format for sharing on social media.

Finally, Google has also made changes to the Chromebook Dictation feature, which legions of Chromebook users rely on to dictate emails or other documents.  Now, you can also edit text with voice commands which is beyond handy.

Great news all around for Chromebook users.  If you don’t have one yet, you may want to consider investing in one if for no other reason than to have a cool backup device.

0
Posted on Author Atlantic Computer Services Categories Blog

Mobile Devices Connected To Windows Known As Phone Link

Microsoft recently announced that it was doing a bit of re-branding.

The company’s apps that connect Android and iPhones to your Windows PC were formally called “Your Phone.” Under the new re-naming scheme, those apps will now be called “Phone Link.”

Hand in hand with that change, Microsoft is also re-naming the mobile companion app, which you now know as “Your Phone Companion.”  That’s going away and it will be restyled as simply “Link to Windows.”

The “Your Phone” app was launched just three years ago which doesn’t seem like enough time to warrant a rebrand. However, the company hasn’t shed any light on the thinking that lies behind the decision.

In any case, when it was originally launched, Microsoft envisioned it as a means for users to access the texts, photos, and apps on their phones from the comfort of their PCs. With that original vision in mind, the newly re-styled apps will get an updated interface that looks a bit more like Windows 11.

Support for previous iterations was somewhat limited, but the original “Your Phone” app worked seamlessly with most Samsung devices and was compatible with Microsoft’s own Surface Duo dual-screen.

With the recent changes, Microsoft is also adding support for several Honor phones to Phone Link. All that’s fine as far as it goes but in some ways this feels a bit like a solution looking for a problem. That is, at least for Google Pixel users.

Pixel users are likely already accessing their text messages from their PCs (which is probably the single biggest draw in terms of functionality) via Google Messages. Given the less than seamless experience with the former “Your Phone” app, there’s little incentive to change even with the improvements to the user experience. Although the company may have more luck drawing in non-Pixel users.

In any case, if you’re not a Pixel user and you’re looking for a way to access the messages and apps from your phone on your desktop, you may want to check out Microsoft’s latest on that front.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Help Files Are Being Used To Distribute This Spyware

Diana Lopera is a researcher for Trustwave Cybersecurity and has stumbled across something that’s one part interesting and one part disturbing.

Apparently, a group of hackers are trying a new approach to distribute their malicious code which is leveraging Microsoft’s HTML help files.

Yes, you read that correctly.  It’s an innovative technique that’s not only proving to be surprisingly effective, it is also proving to be notoriously difficult to detect. Even worse is that it’s not even a terribly sophisticated attack.

Here’s an overview of how it works:

Naturally, it begins with an email.  The email contains a generic subject line and an attachment, often entitled “Reques.doc” or similar.

This file is not a doc, but an .iso file.  A disk image.  The image contains a pair of files.  One of them is a Microsoft Compiled HTML Help file (CHM) and the other is an executable.

By exploiting the capabilities of the help file, the executable can install its malicious payload. In this case it is a malware strain called Vidar.

Vidar then establishes a link to its command-and-control server via Mastodon, which is a multi-platform open-source social networking system.  Once that connection has been established, Vidar goes to work harvesting user data from the infected system and exfiltrating it to the command-and-control server.

In at least one confirmed instance, Vidar was also spotted downloading and executing additional malware payloads.

Sophisticated or not, this new campaign has proved to be highly effective. Given that Vidar can serve as how other malware payloads wind up on an infected machine, this should be regarded as a serious threat.  Those “other payloads” could be anything from ransomware which will lock all the files on your network, to malicious code that has been optimized to steal banking information and everything in between.

Be sure your employees, friends, and family are aware and on their guard.  This is a nasty piece of code.

0
1 38 39 40 41 42 236