Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Instagram Will Require Age Verification Soon

More and more social media platforms are taking steps to improve protections for younger folk. Instagram is the latest company to take steps in that direction with the recent announcement that the platform will soon require users to provide their date of birth if they have not already done so.

The DOB prompts are already present and if you’re an Instagram user you may have already seen them. As of now those prompts are opt-in. If you don’t want to provide your date of birth you can simply close the window. The day is coming however when you won’t have a choice. If you want to keep using Instagram you’ll have to report your DOB.

The change is part of a broader effort which seeks to make it harder for adults to contact teens or pre-teens on Instagram. The company is also monitoring user contacts and flagging certain adults as “potentially suspicious” if they have a habit of reaching out minors on the platform.

These are good changes and long overdue. Even most privacy advocates who are usually wary about providing more information to service providers of any type generally applaud the recent announcement.

In any case it’s very good to see more and more social media platforms taking solid steps to see to the protection of minors. The internet is (or can be) a wild and dangerous place. Anything we can do to make it even marginally safer for our children has to be counted as a good thing.

Kudos to Instagram for joining the ever-growing chorus of social media companies to embrace changes like this. A list that currently includes social media and technology giants like TikTok, YouTube and Google. While it will take some time yet to measure their full impact and overall effectiveness, these are undoubtedly moves in the right direction that will make our kids safer.

0
Posted on Author Atlantic Computer Services Categories Blog

Has Your Bandwidth Slowed Down? It Could Be Proxyware

There’s a lot of money to be made by selling things that don’t belong to you. That’s a lesson hackers around the world have learned very well. Their latest venture is selling other people’s internet bandwidth.

You may not have heard the term Proxyware before just now. If not it’s a new way hackers and cybercriminals have devised to make money. The idea discovered by researchers from Cisco Talos is simplicity itself.

Hackers penetrate a target system and install something called Proxyware which is a catch all phrase to describe any number of internet-sharing applications. A great many proxyware applications are perfectly legitimate and used by millions every day.

Hackers are perverting this and creating an internet hotspot on the victim’s machine. It is used as a host and the proxyware portions out their available bandwidth to those who pay for access to it. The end result is that the hackers make money and your internet connection slows to an annoying crawl.

It’s devious but this is by no means the first time that hackers have figured out how to abuse perfectly legitimate software. After all many people install and run cryptocurrency miners in hopes of making a bit of extra money. Naturally hackers have co-opted this too and have created a wide range of cryptojacking software. It functions just like “regular” cryptomining software except that it’s designed to give any payouts to the hackers and not the person who actually owns the machine.

Right now proxyware is in its infancy. There aren’t many active campaigns and none of them are widespread or have a global reach. You can expect that to change however as hackers find their footing in this new market and maximize its moneymaking potential.

As Cisco Talos puts it:

“This is a recent trend, but the potential to grow is enormous. We are already seeing serious abuse by threat actors that stand to make a significant amount of money off these attacks. These platforms also pose new challenges for researchers, since there is no way to identify a connection through these kinds of networks — the origin IP becomes even less meaningful in an investigation.”

Ready or not large scale proxyware attacks are coming.

0
Posted on Author Atlantic Computer Services Categories Blog

Exchange Servers Are The Target Of This New Ransomware

A new ransomware gang known as “LockFile” has recently burst onto the scene. They specifically target Microsoft Exchange servers to gain access then proceed to encrypt everything they can find.

LockFile employs a trio of vulnerabilities that are collectively known as ProxyShell to gain access to a targeted exchange server.

ProxyShell was given its name by Orange Tsai. Tsai is the Devcore Principal Security Researcher who initially chained them together to create the attack. All three issues had been known previously but it was Tsai who first thought to daisy chain them to create a new attack vector.

The issues are being tracked separately as follows:

  • CVE-2021-34473 – Pre-auth Path Confusion leads to ACL Bypass (Patched in April by KB5001779)
  • CVE-2021-34523 – Elevation of Privilege on Exchange PowerShell Backend (Patched in April by KB5001779)
  • CVE-2021-31207 – Post-auth Arbitrary-File-Write leads to RCE (Patched in May by KB5003435)

All of these issues have already been patched per the notes above but of course there is no guarantee that they’re patched on your network. Your IT staff may or may not have gotten around to applying the patches referenced above. If not then your network is at risk.

It should also be noted that hackers are actively scanning for Exchange servers vulnerable to ProxyShell attacks. So if your network is at risk then it’s just a matter of time until LockFile finds you.

Bookmark this article to serve as a reference and have your IT staff double check to be sure that the patches referenced above have indeed been applied on your network. If they haven’t then make sure they are as soon as possible in order to minimize your risk.

Very little is known about the LockFile gang and their motivations. It should be known that their ransomware is incredibly dangerous. Lack of action to protect vulnerable systems could have tragic consequences.

0
Posted on Author Atlantic Computer Services Categories Blog

WhatsApp Mods On Android Devices May Contain Malware

Are you a WhatsApp user? If you are you may have heard of the FMWhatsApp mod.

It promises to improve the WhatsApp user experience by improving user privacy, giving access to custom chat themes, emoji packs from other social networking sites, app locking via a customizable PIN, and more.

Hackers have hijacked this legitimate and helpful mod. It’s somewhat hard to detect because the poisoned mod does what it promises. In addition to providing the promised features, it also installs the Triadatrojan malware.

Triadatrojan isn’t harmful in and of itself but the hackers have seen fit to bundle the XHelper trojan with the malware. Triadatrojan plants seeds in any Android device it infects that allow the hackers to install other malware as well.

The poisoned version of FMWhatsapp was found by researchers at Kaspersky. They discovered that FMWhatsapp 16.80-.0 will install the following additional malware (taken from a recent Kaspersky post on the topic).

According to the Kaspersky post:

  • Trojan-Downloader.AndroidOS.Agent.ic, which downloads and launches other malicious modules.
  • Trojan-Downloader.AndroidOS.Gapac.e, which installs other malicious modules and displays full-screen ads.
  • Trojan-Downloader.AndroidOS.Helper.a installs the xHelper Trojan installer module and runs invisible ads in the background.
  • Trojan.AndroidOS.MobOk.i signs the Android device owner up for paid subscriptions.
  • Trojan.AndroidOS.Subscriber.l also signs up victims up for premium subscriptions.
  • And Trojan.AndroidOS.Whatreg.b harvests the info and requests the verification code to sign into the victims’ WhatsApp accounts.

The best way to avoid the poisoned version of the app is to be sure you’re getting it from the Google Play Store. So far it has not made it past Google’s stringent checks but the Kaspersky researchers did discover it on a number of popular WhatsApp mod distribution sites.

The FMWhatsApp mod is excellent. Just be sure you’re getting the non-poisoned version of it.

0
Posted on Author Atlantic Computer Services Categories Blog

Recent Android App Update Caused Calling And Answering Issues

Google’s Android app is the most installed app of all time with more than 5 billion installations. That matters because recently the company reported the existence of a serious bug in the app’s latest update.

The company had this to say about the issue:

“After the latest update to the Google Search App on Android, the users of certain mobile phones are experiencing difficulty in receiving and making calls. We are currently looking into the matter and have released a new version of the app which should address the issue.”

Fortunately the issue only affects a relatively small percentage of Android phones. The bad news is that given the sheer number of Android devices there are on the market today, even a tiny slice amounts to a lot of impacted users.

If you’re currently using an Android device and recently you’ve discovered that you can’t make or answer calls this may well be the reason why.

If you’re like most users you probably have automatic updates turned on. Assuming that you do have them turned on you won’t have to do anything when the new version becomes available. You’ll simply wake up one morning in the near future to find it installed and your call functionality restored.

If you do not have automatic updates turned on you will definitely want to watch Google’s blog and keep an ear to the ground so you know when the new update is available.

Needless to say this has caused quite an uproar in the Android ecosystem. Users have been taking to a variety of social media platforms to express their displeasure and to demand that Google do better.

The company is by no means perfect but they have a solid reputation when it comes to improving user experience. We can expect that this issue will be resolved soon if there isn’t already a fix available by the time you read these words.

0
1 77 78 79 80 81 236