Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

iPhone Sales Edging Out Android In The US

It’s no secret that supply chain issues have impacted a variety of different industries.  Apple has been somewhat less impacted than others.

Leveraging this and their massive infrastructure and marketing budget, they have flexed their corporate muscles and gained market share.

According to statistics gathered by data analytics firm Kantar, Apple accounted for slightly more than half of all smartphone sales in the US in 2021. They claimed 51 percent of the total sales for the year which is  a 2.7 percent increase from 2020.

Apple lost ground in Australia, Japan, and Great Britain. Sales surged in Germany (up 5.6 percent to 30.9 percent of the market. Sales were also up 2.2 percent in France to 26.7 percent of the French market, up 1.3 percent in Italy to 19 percent of the market and up an impressive 9.1 percent in China, to 25.7 percent of the market.

The increase in the Chinese market alone more than made up for the losses we mentioned and the company is forecasting strong demand going forward for the iPhone 13.

Bear in mind that when looking at these figures, we’re comparing Apple’s iPhone sales to the entire Android ecosystem.  That’s how utterly dominant the company is in the smartphone market, and that’s amazing.

It gets even better for Apple because their next generation iPhone SE is generating a tremendous amount of industry buzz and excitement. It will likely allow Apple to widen their lead on the Android ecosystem.

If you’re a fan of Apple and their products, this is great news indeed.  It’s hard to believe that the company was at one time verging on bankruptcy.

Even if you’re not a fan of Apple, you must admire the company.  Their customers are more than just customers. They are diehard fans of not only the company itself, but of every product the firm makes.  Anyone in any industry would kill to have customers half as loyal as Apple’s.

0
Posted on Author Atlantic Computer Services Categories Blog

Hackers Are Using NFT Excitement To Trick Users

Researchers from Fortinet are warning of a new threat to be on the lookout for.

Right now, NFTs are all the rage.  Everyone is talking about them, and many are excited about them.  Hackers have been quick to take advantage of that fact, and the Fortinet researchers have stumbled across a poisoned spreadsheet that purports to contain information about NFTs.

The spreadsheet actually quietly deploys a malware strain called BitRAT when opened.

BitRAT is a particularly nasty strain of malware that first appeared for sale on the Dark Web back in late 2020.  It is notable because it can bypass User Account Control (UAC), which is a Windows feature designed to prevent unauthorized access to the OS.

Once installed on a target system BitRAT can steal login credentials from browsers and other applications. It can log keystrokes and upload or download files which makes it more than capable of installing other forms of malware once the beachhead has been established.

It’s too early to say yet whether NFTs are here to stay or if they’re just a flash in the blockchain pan.  Either way, if they are generating buzz and excitement around the world, hackers will continue to exploit that excitement.

As the Fortinet researchers put it:

“Be mindful that attackers often use attractive and trendy subjects as lures. As NFTs become increasingly popular, they will be used to entice victims into opening malicious files or clicking on malicious links.”

The best thing you can do is to educate your employees and inform them of the threat.  Remind everyone you know that no matter how exciting the topic might be, it’s never a good idea to open files from untrusted sources or click on links embedded in emails.  If you need to go to a website open a new browser tab and manually type in the URL.  Better safe than sorry.

0
Posted on Author Atlantic Computer Services Categories Blog

Hackers Are Breaking Into Microsoft Teams And Dropping Malware

Researchers at Avanan are a Check Point subsidiary. They have recently issued a warning that anyone who uses Microsoft Teams should be aware of. According to the latest statistics, more than 270 million people use Teams every single month.

According to Avanan, hackers are breaking into Team chats and attaching malicious files to ongoing conversations.  By all outward appearances the attached files appear to be relevant to the conversations, but anyone unfortunate enough to click on the file will be infected.

At this point, it’s not clear how the hackers are gaining access to Teams in the first place. The most likely possibilities include compromising a third-party vendor that a company does business with, phishing attacks, or stealing Microsoft 365 or email credentials.

The disturbing thing about this recent spate of attacks is the fact that it requires absolutely no sophistication.  It’s about the simplest form of attack one could imagine and made possible in no small part by virtue of the fact that Microsoft Teams is almost universally trusted by those who use it.

Very few people think anything of security once they’re entrenched in the Teams framework.

The researchers at Avanan recommend the following to limit your risk and exposure:

  • Encourage end-users to reach out to IT when seeing an unfamiliar file
  • Implement protection that downloads all files in a sandbox and inspects them for malicious content
  • Deploy robust, full-suite security that secures all lines of business communication, including Teams
  • Make sure you recognize anyone leaving files in Teams chat

Even if your employees follow all of those recommendations, it won’t provide bullet-proof protection, but it will make an infection from this vector much less likely.

Although Teams already has robust file protection protocols in place, you can bet that Microsoft will be taking another closer look at this in the weeks and months ahead.

0
Posted on Author Atlantic Computer Services Categories Blog

Hackers Are Setting Their Sights On Linux Systems

For most of the history of the internet Linux has been able to stay below the radar of hackers around the world.

While there have been some attacks that specifically targeted Linux users, they’ve managed to keep a low enough profile that it hasn’t been a major issue.

According to a group of researchers from VMware, that appears to be changing.

They warn that hackers are increasingly setting their sights on Linux-based systems. That’s a problem because to date, there has been no corresponding increase in efforts to detect and manage those threats.

Even worse is that with a growing number of hybrid systems in use today, Linux is becoming much more commonly seen in the Enterprise environment. Given the disconnect between the growing threat level and the level of preparations being made to meet that threat, Linux-based systems may well be the new weakest link in your company’s network.

If there’s a silver lining in the dire warning from the folk at VMware it lies in the fact that most of the attacks targeting Linux-based systems aren’t very sophisticated at this point.  That will change over time but in the here and now it shouldn’t take much to fend off the current generation of attacks.

As the VMware team put it:

“Focus on the basics. The fact is that most adversaries are not super advanced. They’re not looking for unique exploits, they’re looking for the general open vulnerabilities and misconfigurations. Focus on those before you start focusing on zero-day attacks and new vulnerabilities – make sure you’ve got the basics covered first.”

It’s sound advice and easy to follow.  The worst thing you can do in this case is nothing.  The threat level is rising.  That’s an indisputable fact.  Those who take no action do so at their cost.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Is Using CSV Files To Infect Users

Researchers have spotted a new phishing campaign you should be aware of.

What sets this one apart is that the hackers are using a lowly but specially crafted CSV file to infect machines. They are installing the BazarBackdoor malware. If you’re not familiar with the term CSV stands for “Comma Separated Values” and it’s a text file format that can be loaded into Excel.

If you open the file in a text editor, you’ll simply see alphanumeric values separated by commas with the first line generally being the headers for the spreadsheet. Open the same file in Excel and it will separate the data into neat rows and columns.

CSV files are popular because they make it relatively easy to export data from one application and import it into another. Since the files are text only most people consider them to be relatively harmless and are generally not all that cautious when opening them.

Microsoft Excel supports a feature called Dynamic Data Exchange (DDE) which can be used to execute commands whose output is inputted into the open spreadsheet including CSV files.

Hackers are always on the lookout for new angles to play and have naturally begun to abuse this feature. They execute commands that download malware on the devices of unsuspecting victims.

BazarBackdoor is a stealthy malware strain created by the TrickBot group. It’s main purpose as the name suggests is to provide ongoing remote access to an internal device that can be used as a springboard for further lateral movement within a network.

The current campaign is centered around emails that pretend to be “Payment Remittance Advice” emails with links to remote sites that download a CSV file with innocuous names like “document-2196t6.csv.”

If this file is opened in notepad or word pad and examined, at first glance it will appear to be nothing more than a run of the mill CSV file. Unfortunately, embedded inside of it is a WMIC call in one of the columns of data that launches a PowerShell command and that’s enough. That’s all the hackers need to install the malware.

As always vigilance is your best defense against this sort of thing. Remind your employees not to open any emails from unknown or untrusted sources and not to download or open any attachments from those emails.

0
1 48 49 50 51 52 236