Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

It’s National Cyber Security Month 2021!

 It’s like Christmas time for us in the IT world, because…

October is National Cyber Security Awareness Month!

This is the time of year we get out the megaphone and shout the importance of protecting your company, your clients, your employees, and yourself.

Businesses face significant financial loss when a cyber-attack occurs. In 2020, a sharp increase was reported in cyberattacks that target businesses using stolen logins and passwords.

Cybercriminals often rely on human error—employees failing to install software patches or clicking on malicious links—to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of everyone to keep data, customers, and capital safe and secure.

Here are some tips you can use to support a culture of cybersecurity at your organization.

Some Simple Tips

  1. Treat business information as personal information. Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.
  2. Don’t make passwords easy to guess. As “smart” or data-driven technology evolves, it is important to remember that security measures only work if used correctly by employees. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers, and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches.
  3. Stay up to date. Keep your software updated to the latest version available. Maintain your security settings to keep your information safe by turning on automatic updates so you don’t have to think about it and set your security software to run regular scans.
  4. Social media is part of the fraud tool set. By searching Google and scanning your organization’s social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment, or share PII on social media platforms.
  5. It only takes one time. Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt, or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links, and delete suspicious messages after reporting or forwarding all phishing attempts to a supervisor, so that any necessary organizational updates, alerts, or changes can be put into place.

 

For anyone working from home

  1. Only use approved tools. Only use organization-approved software and tools for business, including company provided or approved video conferencing and collaboration tools to initiate and schedule meetings.
  2. Secure your meeting. Tailor security precautions to be appropriate for the intended audience. Plan for what to do if a public meeting is disrupted. Take precautions to ensure your meeting is only attended by intended individuals.
  3. Secure your information. Tailor your security precautions appropriately to the sensitivity of your data. Only share data necessary to accomplish the goals of your meeting.
  4. Secure yourself. Take precautions to avoid unintentionally revealing information. Ensure home networks are secured.

 

Take these tips and look for ways you can be proactive about how you put them into practice in your business. It could make the difference between being safe and being the victim.

Be #cybersmart this month and every month!

 

For more information about Cyber Security services for Wilmington businesses, click HERE and learn what Atlantic Computer Services can do to protect you.

 

Information courtesy of cisa.gov.

0
Posted on Author Atlantic Computer Services Categories Blog

Apple Has Released iOS 15 With New Features

Apple recently released iOS 15 and iPadOS 15 for its phone/pad products. The latest update brings a number of new features to Apple users.

Here’s a quick overview:

Improvements to Do Not Disturb

This feature has been re-branded as “Focus” and it silences your phone or tablet in a bid to help limit interruptions when you’re in a meeting, busy focused on a particular task or while you’re sleeping.

The difference is that Focus introduces modes that are auto-enabled based on different actions. It syncs between all your Apple devices provided that they’re all running the latest version of the OS. When Focus state is activated on your phone it will auto-activate on your Watch, your desktop PC, and your iPad. Very handy.

Best of all is that you can set exemptions that allow certain contacts to get through so you can be interrupted but only by the contacts you choose.

Live Text

This is a really cool feature. It allows you to pull text from a photo and make it actionable. If you see a flyer on a store window you can take a picture of it and then tap the phone number on the flyer to make a call for instance.

Improved Facetime

Once you upgrade you’ll be able to FaceTime with anyone including Windows and Android users. This works even though there is no FaceTime app for Android or Windows. To use the new feature you’ll send a link to Android/Windows users that will open a FaceTime session in a browser window.

To do this just open your FaceTime app and select “Create Link.” The iOS share sheet will appear and from there you can send the link to whomever you like.

There are plenty of other new features in the latest update but in our view these are the biggest and most exciting. Update to the latest version and check them out at your earliest convenience. This update is well worth prioritizing.

0
Posted on Author Atlantic Computer Services Categories Blog

Don’t Fall For This Cryptocurrency Giveaway Scam

You know you’ve hit the Big Time when you get a scam named after you. That’s exactly what has happened to Elon Musk. The latest scam that’s making the rounds is called the “Elon Musk Mutual Aid Club” or the “Elon Musk Club” for short.

If you’re an experienced IT professional it is easy to be dismissive of things like this. Few seasoned professionals ever fall for these scams after all.

The truth is that the scammers running these plays have made hundreds of thousands of dollars a day doing it. There are enough people on the web who are susceptible to the social engineering tricks they employ that the scammers can count on regular paydays.

Most scams of this variety have played out in something close to real time on a variety of social media channels. The drama of the Elon Musk Club however is playing out in email accounts around the world.

Although this scam invokes the name of Elon Musk and leverages his cult of personality to entice recipients the scam itself is pretty straightforward. It begins with a phishing email that includes a descriptive and enticing tag line. It reads something to the effect of “Get Free Bitcoin via the Elon Musk Club” or “Join the Elon Musk Club” or similar.

The scammers didn’t waste any time trying to come up with a convincing message for the body of the email. It simply contains a link that points the way to a poisoned website.

This page promises to give you 0.055 to all users who participate. The page contains an “Accept an Invitation” button which brings you to an information capture page. Just give your information away (including a photo of yourself) to sign up!

Except of course when you do you’re just handing personal details to the hackers. What is worse is that before you can get your 0.055 you’ve got to donate 0.001 Bitcoin to another member of the club (supposedly chosen at random).

Naturally when you give the Bitcoin away you never get anything back and the scammers walk away with a tidy sum. Don’t fall for it.

0
Posted on Author Atlantic Computer Services Categories Blog

Android Users Will Get Additional Gmail Features

If you access your Gmail account via your PC it currently has features that simply don’t exist on the Android Gmail app. Specifically with regards to its email search options.

These make it easy to find the exact email you’re looking for no matter where it might be buried in your inbox.

The good news is that Google has recently upgraded the Android app.

They gave it the same email search functionality you have access to when switching from your PC to your Android device. This includes the same feature set and a seamless experience.

The latest Android update adds the new functionality by way of four buttons below the search box.

These four buttons are:

  • From
  • Sent To
  • Date
  • And Attachments

These new search filters may be used either pre or post search. This would allow you to quickly drill down and filter your way toward a short list of emails to find exactly the message you’re looking for. That is no matter how many messages are in your inbox.

The company began rolling out the change on September 20th. So by the time you read this the new functionality may already be available to you. If not upgrade your Android Gmail at your next convenience and give the new more robust search a try.

Note that the feature is being rolled out to all Gmail users and there’s no way for Workspace or G Suite admins to disable it. Although in fairness only a few people would want to. If you decided you didn’t want to make use of the new feature it’s as simple as not taking advantage of it.

The bottom line is that it is a handy time saving feature that will make your life easier. Kudos to Google for constantly striving to improve the products in the Google ecosystem and for working tirelessly to create a seamless user experience.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Is Targeting Linux And WordPress Users

A new strain of malware which has been dubbed ‘Capoae’ has been spotted in the wild. It was written in Go and this strain targets Linux systems and WordPress installations. It was discovered by Larry Cashdollar. Larry is a senior security researcher at Akamai. Capoae is quickly becoming a favorite among threat actors because of its cross-platform capabilities. It also spreads via the exploitation of known bugs and weak admin login credentials.

Among others Capoae exploits CVE-2020-14882 which is a remote code execution bug in the Oracle WebLogic Server. CVE-2018-20062 is another RCE and this one was found in ThinkPHP.

Cashdollar had this to say about the new strain:

“After the Capoae malware is executed, it has a pretty clever means of persistence. The malware first chooses a legitimate-looking system path from a small list of locations on a disk where you’d likely find system binaries. It then generates a random six-character filename, and uses these two pieces to copy itself into the new location on the disk and deletes itself. Once this is done, it injects/updates a Crontab entry that will trigger the execution of this newly created binary.”

Capoae will also attempt to brute-force attack WordPress installations to spread. It may also utilize CVE-2019-1003029 and CVE-2019-1003030. Both of those are additional RCE flaws that impact Jenkins and both have been used in attacks against Linux servers.

So far Capoae has been used to install cryptocurrency miners which is relatively harmless compared to some other payloads like ransomware. Even so there’s nothing preventing the hackers currently using Capoae from injecting a more devastating payload. Even if they don’t do that cryptocurrency miners are bad enough on their own.

The most notable outward sign of a Capoae infection is an unusual spike in system resource load or unrecognizable system processes in operation. Admins may also notice strange log entries or artifacts such as SSH keys and files.

Although this is not the most dangerous malware strain we’ve ever seen it’s still one that bears worth keeping a watchful eye out for.

0
1 73 74 75 76 77 236