Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

This Malware Can Take Control Of Facebook Accounts

Do you have a Facebook account? Even if it has been a while since you last logged on there is a new threat you should be aware of. A new strain of malware called FlyTrap was used recently to take control of thousands of Facebook accounts. Yours could be next if it hasn’t been compromised already.

FlyTrap is an Android based malware strain that works by stealing cookies. It relies on a few basic social engineering tricks to lure unsuspecting victims to using their Facebook credentials to log into a malicious app. The app harvests the login data allowing the hackers to reuse it later.

This malware strain so dangerous because of the fact that many people make regular use of their Facebook login credentials as a quick and convenient way to log into a variety of other sites. That is even if they haven’t actually been on Facebook in a very long time.

Essentially that means that those users are reusing the same password across a great many sites on the web and once the hackers have your Facebook credentials they can, of course, log into any site you’ve used them on.

According to security researchers, the hackers controlling FlyTrap have been running campaigns since at least March of this year (2021). They’re offering highly attractive incentives like Netflix coupons to lure unsuspecting victims to hand over their credentials.

If you see an offer that looks too good to be true (“Login here with Facebook to claim 3 free months of Netflix!” for example) then steer clear. It’s entirely possible to find legitimate and completely safe offers like that on the web. All too often it’s a trap with means to deny you control over your account. Don’t fall for it.

0
Posted on Author Atlantic Computer Services Categories Blog

New Mac Device Malware Is Bypassing Apple Security

Apple is generally very good about providing its users with a safe and secure computing environment. For many years the company was able to rightly claim that Microsoft had a far worse problem with malware than Apple did. That is still true but the gap has now virtually disappeared. As Apple products surged in popularity hackers took note and began finding ways around Apple’s impressive security measures.

Researchers at Trend Micro have recently discovered a malware strain they’ve dubbed XCSSET which is especially good at bypassing Apple’s security measures.

Most applications are run in an Apple Sandbox so that their ability to gain access to system information or compromise a component in some way is sorely limited. Hackers have discovered at least a partial workaround that gives them access to some of a user’s sensitive data where certain apps are concerned.

XCSSET works by creating a simple text file on a victim’s computer.

This text file is keyed to certain apps, including:

  • Telegram
  • Google Chrome
  • Contacts
  • Opera
  • Skype
  • WeChat
  • Evernote
  • And others

The text file is created in the sandbox and simply logs everything that happens in it. All a hacker needs to do to gain access to a user’s Telegram account is to copy and paste the log file onto their own computer and all of the relevant login information is right there.

The same holds true for all of the software listed above. Note too that in the case of Google the log file will contain any passwords that Chrome saves inside the browser. If you use Chrome as your primary browser and log into your bank, make credit card payments, and the like, then all of those accounts would be at risk.

XCSSET is a genuine threat. Stay on your guard against it and make sure your employees are aware of the risks.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Teams Fend Off Phishing Attacks With Link Protection

Microsoft Defender has long included “Safe Links” protection as part of its overall function. The company recently announced that it would be extending Safe Link functionality so that it provides protection from inside Microsoft Teams as well.

Safe Links is a powerful safety feature that scans a web link in real time as a user clicks on it. Many users share useful links inside Teams. Most of the shared links are fine but some point back to poisoned websites that contain malicious code. That could potentially infect a user’s computer or other device. Microsoft aims to limit this risk by extending the protection that Safe Links provides to include Teams.

The company had this to say about the change in a recent blog post:

“With today’s announcement, organizations with Microsoft Defender for Office 365 can further protect Microsoft Teams users from malicious phishing attacks that are often orchestrated using weaponized URLs.

Safe Links in Defender for Office 365 scans URLs at the time of click to ensure that users are protected with the latest intelligence from Microsoft Defender.”

It’s a very good and very timely change. Teams has seen explosive growth over the last year and a half. Some of that growth would have occurred even without the pandemic but Covid-19 is undoubtedly the reason for most of the surge.

In light of the fact that so many more people are using teams the decision to extend Safe Links protection to the platform was an easy one to make.

Kudos to Microsoft for taking an active stance here and providing even better and more robust protections to one of the company’s most popular products. This will by no means completely prevent poisoned links from being shared because no system is perfect. It will dramatically reduce the number though and that’s a very good thing.

0
Posted on Author Atlantic Computer Services Categories Blog

Latest Security Update For Apple Devices Is Critical

Do you have an Apple device? If so then you should be aware that the company recently issued an OS update that includes Macs, iPads, and iPhones.

You’ll want to update to iOS 14.7.1 or iPadOS 14.7.1 immediately if you have not already done so because this version includes a patch for a high severity security flaw that hackers are actively exploiting in the wild.

The security issue is being tracked as CVE-2021-30807. It allows a hacker to execute arbitrary code with kernel privileges. This is a memory issue at the root. Apple addressed it in the patch referenced above via improved memory handling routines.

The latest OS version provides a raft of other enhancements and useful features in addition to resolving the security issue. The new features make it well worth getting. However it’s the bug fix that makes this one essential.

This is an update you’ll want to prioritize even if you’re normally not big on grabbing the latest bug fixes and patches as soon as they are available. The fact that hackers are already actively exploiting the flaw referenced above makes upgrading as soon as possible absolutely essential.

If your company has a fairly permissive “Bring Your Own Device” policy you may want to consider requiring all Apple devices to have the latest patch applied before they connect to your network in order to minimize your risk. Even if you don’t use Apple equipment in your office but you’ve got some of the company’s products at home you will want this update and you’ll want to make it a priority.

Kudos to the unnamed researcher who discovered the issue and to Apple for their rapid response in updating the OS’s in their ecosystem to make them safer and more secure.

0
Posted on Author Atlantic Computer Services Categories Blog

Google Improving Security And Transparency For Android Apps

Google recently announced some additional details relating to their “Safety Section” feature of the Google Play store. This is part of an ongoing effort to make the Play Store a safer and more transparent place.

At the center of this plan is a new requirement that app developers must share details about what information their apps collect, how the collected data is being utilized, what privacy and security features the app in question offers, and what features of the device that the app resides on gains access to. Google has now announced a firm date for when that information must be made available to the consuming public: April 2022.

At that time the Google Play Store will be updated to include a new “Safety Section” where all of the information described above will be listed. This will increase transparency on the Play Store, give users added peace of mind, and play an important role in holding app developers accountable. It will also allow users to make better and more informed choices about what apps they install on their devices.

Google shared an overview of the types of questions that app developers will be required to answer in order to comply with the new policy.

These include:

  • Is data collected or shared by your app encrypted in transit? You’ll have the opportunity to disclose this on your label.
  • Do you provide a way for users to request deletion of their data? You’ll have the opportunity to disclose this on your label.
  • Does your app’s data collection practices comply with Google Play’s Families Policy?
  • Are you interested in taking your app through an external security review based on a global standard? You’ll have the opportunity to have this displayed on your label.
  • Is data collection optional or required to use the app?

Privacy advocates around the world have come out strongly in favor of the changes Google is making. This is very good news indeed. The Play Store will be safer than ever when the new policy is fully implemented.

0
1 82 83 84 85 86 236