Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Things to consider before switching to the Cloud

Things to consider before switching to the Cloud

More and more businesses are switching to the Cloud to store their data and rightly so. The Cloud offers numerous benefits over the traditional, physical on site server. For example,

  • Anytime, anywhere access to your data: Information in the Cloud can be accessed from anywhere using an internet connection, unlike in the case of traditional servers, where you need a physical connection to the servers
  • Significant cost savings: You cut hardware costs, because the Cloud follows a ‘pay-as-you-use’ approach to data storage
  • SaaS compatibility and support: The Cloud allows the use of Software-as-a-Service since the software can be hosted in the Cloud
  • Scalability: The Cloud lets you scale up and down as your business needs change
  • 24/7 monitoring, support, and greater access reliability: When your data is in the Cloud, the Cloud service provider is responsible for keeping it safe and ensuring it is securely accessible at all times. They monitor the Cloud’s performance and in the event of any performance issues, they provide immediate tech support to resolve the problem

Your big Cloud move: What to consider

If you are considering moving to the Cloud, you will find it helpful to sign-up with an MSP who is well-versed with the Cloud. They can advise you on the benefits and risks of the Cloud and also offer the Cloud solution that’s right for you. In any case, before you migrate to the Cloud, make sure you are dealing with a reputed Cloud service provider who has strong data security measures in place. You can even explicitly ask them what security mechanisms they have invested in to manage data access and security.

Yes, moving to the Cloud has it benefits, but it also has its challenges including security risks. Learn more in our next blog, “Is the Cloud really risk-free?”

0
Posted on Author Atlantic Computer Services Categories Blog

Zero Day Bug Found In MacOS

A new Zero Day vulnerability in macOS has been discovered. The flaw impacts all macOS versions up to the latest release Big Sur. The bug was found by Park Minchan an independent security researcher and is tied to the way that macOS processes inteloc files. The processing methodology allows an attacker to embed malicious commands which the system will execute without any warnings or prompts visible to the user of the targeted machine.

Interloc is short for “internet location files” and have the extension “*.interloc”

A recently published SSD Secure Disclosure advisory had this to say about the newly discovered flaw:

“A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands. These files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user.”

In this particular instance Apple botched the fix quietly patching the issue without assigning it a CVE identification number.

Unfortunately the fix was only partial and at present the bug can still be exploited in some instances as described below:

“Newer versions of macOS (from Big Sur) have blocked the file:// prefix (in the com.apple.generic-internet-location) however they did a case matching causing File:// or fIle:// to bypass the check. We have notified Apple that FiLe:// (just mangling the value) doesn’t appear to be blocked, but have not received any response from them since the report has been made. As far as we know, at the moment, the vulnerability has not been patched.”

Park Minchan developed a proof of concept that demonstrates how the bug could be exploited but to date no threat actors have been discovered exploiting the flaw in the wild. It is just a matter of time however. A flaw like this represents a serious weakness in the security of the OS.

Be aware that the easiest way to exploit the bug is via malicious links embedded in emails so make sure your employees are aware of the risks.

0
Posted on Author Atlantic Computer Services Categories Blog

Youtube Video Downloads May Be Coming To Computers

If you use the YouTube app on your phone and you’re a premium subscriber you’ve currently got the ability to download videos from the service. As of this date however those are the only people who have the ability to download videos.

Even if you’ve subscribed to the premium service there is no download function. That’s even if you access your account from your PC.

Recently YouTube decided to change that by adding the download function to the desktop experience so that it mirrors the app-based experience.

The new feature is already in place. So if you are a premium subscriber all you’ve got to do is to click on the share options below the video. Another option is alongside the “three dot” menu and you’ll see the new download option. Any videos you download from YouTube will be stored in your offline library where you can organize and sort them as you see fit.

Note that you’ll also be able to specify the resolution of the downloaded video and choose between 144p to 1080p. Significantly there is no 4k download option available. The good news is that there doesn’t appear to be any file size limitations beyond the available space you have on your hard drive.

The new feature is not browser specific. So whatever browser you use you should be able to download YouTube videos without difficulty. Again assuming that you’re a premium subscriber.

It may not be a feature you use terribly often but it is handy and convenient and when you need it you’ll probably really need it. Kudos to Google for continuing the good work of improving overall user experience and for making that experience seamless across multiple platforms.

It may not be something that will be sufficient to prompt most people to pay for the subscription service. However if you’re already paying the monthly fee it’s a nice perk that hasn’t been available to desktop users until now.

0
Posted on Author Atlantic Computer Services Categories Blog

Recent Study Shows Alarming Insights On People And Passwords

A new study recently published by the digital identity firm Beyond Identity contains a number of surprises relating to passwords and password security. This is information that IT professionals and small or medium-sized business owners should be aware of.

While it is not a rigorous and scientific study the results of the company’s survey are beyond surprising.

Here’s a quick overview:

First fully one in ten people surveyed felt confident that they could guess a co-worker’s password by browsing through their social media accounts. Second and nearly as surprising is the fact that just over half of those surveyed (50.1 percent) share at least some of their passwords with others with video streaming accounts leading the pack here.

Nearly as many people (44.9 percent) share passwords to their music streaming platforms. The thing that is somewhat disturbing about this is that more than one in four of those surveyed (25.7 percent) share their banking passwords.

A surprising percentage of people (22 percent) try at least occasionally to guess a co-worker’s password. Nearly as many people (19.9 percent) try to guess their boss’ password.

When these attempts are made 39.2 percent of the time the person attempting the guess uses personal information they know about the person. In addition 18.4 percent of the time the person attempting to guess will check the other person’s social media pages and use the information there to inform their password guesses.

43.7 percent of these attempts are made to try and get into the target’s email system while 32.6 percent are attempts to guess phone passwords.

We find these statistics to be as stunning as they are illuminating and they serve to highlight areas of weaknesses that likely exist in your own organization.

The good news is that there are a number of easy things you can do to better secure your passwords including the use of two-factor authentication and strong password generation apps. You should absolutely take steps like these because as this report shows your passwords probably aren’t nearly as secure as you imagine them to be.

0
Posted on Author Atlantic Computer Services Categories Blog

Increasing Online Love Scams Are Costing Victims Big Money

Since the start of the Covid-19 pandemic online dating sites have seen a tremendous surge in memberships. People are seeking romance online since in person dating was sharply curtailed by lock downs. Naturally this proved to be an irresistible lure to scammers around the world. So much so that the FBI has recently issued a warning concerning confidence fraud which are increasingly targeting people who are looking for love online.

The surge in these types of scams have very real costs that impact those who fall victim to them in two main ways:

According to FBI statistics these scams have cost their victims more than $113 million since the start of 2021 but the financial cost is just the beginning. Since these scams are designed to play with the emotions of their victims there’s a very real emotional cost as well.

To execute the scam the scammers begin by creating fake profiles on online dating websites and begin conversing with potential matches in the dating site’s ecosystem.

Once a potential victim is on the hook and lured by the prospect of romance the scammer will invent a story about a sudden crisis. This inevitably moves the conversation to asking for money to help a sick family member or to help cover travel expenses to facilitate an in-person face to face meeting. Naturally there is no crisis and no meeting will ever take place. The entire point of the story is to try and convince the victim to part with his or her money.

In terms of protecting yourself against such scams the FIB Advisory recommends the following:

  • Never send money, trade, or invest per the advice of someone you have solely met online.
  • Do not disclose your current financial status to unknown and un-trusted individuals.
  • Do not provide your banking information, Social Security Number, copies of your identification or passport, or any other sensitive information to anyone online or to a site you do not know is legitimate.
  • If an online investment or trading site is promoting unbelievable profits, it is most likely that–unbelievable.
  • Be cautious of individuals who claim to have exclusive investment opportunities and urge you to act fast.

It’s excellent advice. Be sure your employees are aware of the current trend and on their guard against it.

0
1 72 73 74 75 76 236