Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Uber Hacked Again

An unknown hacker, who claims to be eighteen years old, acquired administrative access to Uber’s corporate network and proprietary internal tools on Thursday, September 15, 2022.

On September 15, 2022, at 6:25 pm PT, Uber issued a statement on Twitter that it was “responding to a cybersecurity incident.”

An attacker gained access to the account of an Uber EXT contractor. A malware-infected personal device compromised the contractor’s credentials. The contractor accepted the multi-factor authentication through a socially engineered attack, enabling the hacker access to the contractor’s account.

The hacker then acquired access to several additional employee accounts with enhanced permissions and announced on the company-wide Slack channel:

“I announce I am a hacker, and Uber has suffered a data breach…” with the hashtag #uberunderpaisdrives.

The hacker also altered the OpenDNS for some internal Uber sites to show a graphic image.

In response to the cybersecurity attack, Uber notified the appropriate authorities and its staff. In addition, the corporation disabled several internal communication and engineering systems as a precautionary measure.

On September 16, 2022, Uber announced that its services were fully functioning and that it would restore several interrupted internal tools.

The breach exposed data from the company’s Slack and G-Suite communication systems, internal financial tools, and the bug bounty dashboard on HackerOne. Uber immediately fixed all of the vulnerabilities retained within HackerOne bug reports to stop more nefarious acts.

On September 19, 2022, at 10:45 am PT, Uber released a statement saying, “we have no evidence that the incident involved access to sensitive user data.”

According to Uber, the intruder did not gain access to the production systems that power applications, any user accounts, or the encrypted database containing sensitive user data.

Uber enlisted several digital forensics companies to examine the incident and claimed it would utilize this opportunity further to bolster its policies, practices, and technology to withstand future cyberattacks better.

This incident is not the first time that cybercriminals have attacked the corporation. In 2016, the corporation paid a $100,000 ransom to hackers to prevent them from releasing stolen data.

Hackers are constantly looking for innovative ways to breach corporate networks. Cybercriminals are concentrating their efforts more on specific individuals due to the complexity introduced by multi-factor authentication. To prevent a socially engineered cyberattack like the one that compromised Uber, it is essential to educate staff members on how to identify such attacks.

0
Posted on Author Atlantic Computer Services Categories Blog

Google Leaving IoT Services

Tech giant Google recently announced that it’s closing the doors on its IoT Core service.  Their stated reason for doing so was that their strategic partners can better manage customers’ IoT services and devices. Time will tell if the company’s decision was a good one.

Another tech giant, Microsoft, is wasting no time and is moving heavily in the opposite direction, adding to their suite of IoT services and offering increasingly tight integration with Azure. In recent years, Microsoft has bet big on IoT, and now has an impressive stable of offerings.

Microsoft’s offerings include but are not limited to:

  • The Azure IoT Hub, which serves as a central point of connection for IoT assets, allowing them to be more easily managed and monitored
  • Azure IoT Central, which gives users the capability of building edge solutions via Microsoft Tools
  • Azure Digital Twins, which models physical environments via “spatial intelligence”
  • Azure IoT Edge, which is a platform that brings analytics to edge-computing devices
  • Azure RTOS, which is a real time IoT platform
  • Windows 11 IoT and Windows 10 IoT core
  • And Azure Sphere, which is a Linux-based microcontroller OS platform

Microsoft is not alone in investing heavily in IoT services, however.  Amazon currently has a full suite comparable to what Microsoft is offering integrated with their highly popular and widely used AWS service. So even with Google pulling out of the space, consumers still have two strong and viable options to choose from.

The months ahead will be interesting indeed as the strategies these tech giants are pursuing begin to mature, creating ripple effects across the markets they serve.

For Microsoft’s part, it appears that CEO Satya Nadella’s recent statement that the company was interested in building an intelligent cloud/intelligent edge solution has changed somewhat. It is becoming an intelligent end-to-end distributed computing solution.

0
Posted on Author Atlantic Computer Services Categories Blog

Windows 11 Gets New Taskbar Overflow Option

Are you the type of person who is in the habit of keeping all their apps open?  If so, you’re going to love a recent addition to Windows 11.

In a bid to make finding your open apps easier, once you’ve run out of room on the Windows Taskbar, they’ve introduced a new “taskbar overflow” feature.  It’s a three-dot menu that appears when there’s no more space on the taskbar that hides all the other apps you are running that don’t have room to be displayed there.

This is a vast improvement over the Windows 10 overflow, which only shows the most recent app that has been used or has been opened.

If you’re not a power user, you probably won’t even notice the change. If you are, once you give the new feature a try you’ll probably wonder how you ever got along without it.  In our view, it’s right up there with tabbed browsing.  It’s something that doesn’t seem at first glance like it would make much of a difference, but its impact is profound.

There has been quite a lot of that kind of thinking going into the design of Windows 11, and we have to say we’re impressed by the way the new OS is shaping up so far.  If this and other small but important innovations are any indication (and we absolutely believe that they are) then Windows 11 is going to be an absolute game changer when it’s released.

Kudos to Microsoft for really going the extra mile both in terms of updating and modernizing the overall Windows aesthetic and also for putting their collective thinking caps on and coming up with solutions to problems that really detract from the overall user experience.  Keep up the good work, and Windows 11 is going to be amazing.

0
Posted on Author Atlantic Computer Services Categories Blog

Cyber Security Best Practices For Businesses

Smaller companies often struggle to develop and invest in robust IT security systems, which can leave them relatively more vulnerable to cyber attacks.

If that’s the situation you’re in and you’re trying to decide what to invest in and where to use the money that you have to spend on IT security, here’s a quick overview of the basics you need to have covered.

1 – Door Access Control

Believe it or not, this properly falls under the cybersecurity umbrella since magnetic door locks and swipe cards (or similar technology) are ultimately managed via a server on your company’s network.

If you don’t have such a system in place, we strongly urge you to consider one. Once it’s in place, regularly review who has what level of access.

In addition to that, most door security systems include some type of monitoring software, and it pays to set up automated alerts when an employee shows as deviating from their usual routine.

Example:  If Linda’s regular work schedule has her swiping her card and entering the office just before 8AM, and leaving a little after 5PM and suddenly you see her coming in at 3:00 in the morning, that’s a sign that something is amiss and is well worth investigating.

2 – Encryption, Encryption, Encryption

Even if a hacker breaches your network, they can’t make use of any files they get their hands on if they can’t decrypt the data.

There are three types of encryption you want to be focused on:  Encryption at rest, encryption in use, and encryption in transit.  If your files are encrypted in all three states, a hacker is going to be hard-pressed to get anything useful from your network, even if they break in.

 3 – Ongoing Security Training

The sad truth is that all the fancy hardware and software in the world can be circumvented by going after the weakest link in your security chain, which is always your people.  If someone uses a weak password for the sake of convenience, that’s a way in for a hacker.

If someone is prone to opening email attachments from unverified sources, that’s another potential inroad. The problem is that too many employees don’t fully appreciate the security risks that these seemingly innocuous activities carry with them.  Make sure they know.  Make sure everyone knows.

There’s a lot more to robust security of course, and cybersecurity is constantly evolving, but if you start here, with these three items, you’ll be miles ahead.

0
Posted on Author Atlantic Computer Services Categories Blog

Zoom Outage Reported

Recently Zoom, a popular, cloud-based communications platform used for online meetings and video conferencing, experienced an outage that impacted tens of thousands of users worldwide. The issue began shortly after 8:00 am PDT on Thursday, September 15, 2022, when users reported that they could not log in or join meetings. At 8:17 PDT, the company posted the following message on their incident status page:

“We are investigating reports of zoom.us being unavailable.

Our teams are currently investigating the service-impacting event. Our engineers are investigating.”

By 8:30 PDT, the company’s engineers had identified the issue, and the company updated the incident status page with the following:

“We have identified the issue starting and joining meetings. We will continue to investigate and provide updates as we have them.”

By 8:37 PDT, the interruption appeared resolved as the company moved to monitor the situation. Zoom posted the following update:

“We have resolved the issue causing users to be unable to start and join Zoom Meetings. We will continue to monitor and provide updates as we have them.”

Then, at 8:49 PDT, Zoom’s engineers were confident that the issue would not recur and formally closed the incident.

Zoom did not release any technical details as to what caused the outage. In any case, if you are a Zoom user and could not log in for a time yesterday morning, this was the reason.

This severe but quickly resolved issue serves as a reminder that any company is susceptible to outages. Therefore, it is crucial to have different technology avenues to switch to your backup option when a similar outage occurs without losing time in your day.

0
1 7 8 9 10 11 236