Category Archives: Blog

Posted on Author Atlantic Computer Services Categories Blog

Google Adding Additional Security Feature To Chrome On iOS

Recently, Google made a small but significant change to Chrome for iOS.

If you use the browser in that environment, it now allows you to lock your incognito tabs behind a FaceID protection wall, giving you an added layer of security. This new feature makes it much more difficult for people to snoop around on your device and see what you’ve been up to on the web.

If you’ve never used incognito mode before, you should. It’s a superb feature that allows you to visit sensitive sites without having them appear in your browser history, and of interest, it also prevents cookies generated by those sites from being saved. Of course, this protection only extends so far. If you surf your way to a sensitive site and then walk away, leaving your device unlocked, there’s nothing to prevent someone from simply picking your device up and seeing what you’re doing, but as long as you take sensible precautions, incognito mode, especially with the new FaceID protection, provides some pretty solid protection.

If you’re interested in giving the new feature a go, simply open Chrome on your iOS device and enter “Chrome//flags” in the address bar, then press Go on the virtual keyboard. This will open the Chrome Experiments page. Once there, search for “Device Authentication for Incognito” and enable it. That done, close and reopen your browser, then go to Settings and Privacy to actually enable the feature and you’re all set.

If, after playing around with it, you decide you don’t want or need it, simply go back to the Settings and Privacy section and disable it.

It’s a very good addition, and if you value your privacy, then once you’ve tried it on for size, you’ll probably wonder how you ever got along without it. Kudos to Google for the addition. Try it. You’ll love it.

0
Posted on Author Atlantic Computer Services Categories Blog

ChaiChi Malware Is Spreading Ransomware In The Education Sector

If your business has regular dealings with the Education sector of the market, be aware that the PYSA ransomware gang has a new trick up their sleeves.

Recently, they’ve been using a RAT called ChaChi to create back doors in a wide range of education-oriented organizations and steal data or mass lock files with ransomware then try to extort those organizations.

ChaChi was developed by PYSA sometime in early 2020. When it was first observed in the wild, researchers noted that it was rather crudely designed, lacking any way of hiding from software-based security protocols. They couldn’t even do some of the basics, like port forwarding or tunneling.

Unfortunately, the ransomware gang didn’t stop at version 1.0. In fact, since it was first spotted, the malware has been in a near constant state of flux, receiving regular updates that have dramatically increased its capabilities.

The ChaChi threat is serious enough that it has even attracted the attention of the FBI. The agency began tracking ChaChi campaigned in March of this year (2020), and has noted a recent increase in the number of PYSA ransomware targets in both the US and the UK.

The gang seems to preferentially target organizations in education and healthcare, and it’s not difficult to understand why. Both types of organizations regularly deal with vast amounts of incredibly sensitive data, which has far more value on the Dark Web than a simple collection of credit card numbers.

If you do business in either the education or healthcare spaces, be careful. Especially if the organizations you do business with are using older, legacy systems and/or don’t have a robust backup process, you could be placing yourself at risk, as a breach of their system could lead to a breach of your own.

Stay vigilant. ChaChi isn’t the only threat out there.

0
Posted on Author Atlantic Computer Services Categories Blog

Some TurboTax Accounts Were Hacked Due To Poor Passwords

Hackers around the world have been busy this year, with Intuit being the latest company to fall victim to their attacks.

The TurboTax company recently announced that their network was breached following a series of account takeover attacks, and that as a consequence, an undisclosed number of Turbo Tax customers had their personal data compromised.

The company stressed that this breach was not a consequence of failed network security on their part, but rather, bad password practices in use by some of their customers.

The way an ATO (Account Take Over) attack works is this: A customer is in the habit of using the same password on multiple sites. A hack occurs on another site that the customer uses, and his password there is exposed.

Knowing that many people reuse passwords, hackers attempt to use the passwords they glean from one breach on accounts for other sites, hoping to get lucky. In many cases, they do. That’s what happened here.

Although the number of impacted accounts seems disturbingly large, the reality is that Turbo Tax serves over 100 million customers a year. So the impacted accounts represent a tiny fraction of the total. Granted, that’s small consolation for those who have had their data compromised, but understanding how it happened and the context of the scope and scale is still important.

Now for the bad news: If your account was compromised, the hackers likely made off with information like your tax returns for prior years, your current tax return, your social security number, date of birth, driver’s license number, and a wide range of financial information. Put another way, the hackers now have in their possession, everything they need to steal your identity and/or make your life a living hell. Be careful and check your credit report regularly for the next few months.

0
Posted on Author Atlantic Computer Services Categories Blog

Support Ending For Windows 7 And 8 Nvidia Graphics Drivers

Does your PC have an NVIDIA graphics card?

If so, be aware that the company recently announced that as of October, 2021, they’re suspending support for drivers designed for use with Windows 7, Windows 8, and Windows 8.1. If you want to keep getting security fixes and updates, you’ll need to upgrade your OS to Windows 10.

Feature improvements will be stopped for the Operating Systems listed above immediately, but critical security updates will continue through the end of September.

While somewhat disappointing, especially if you have an older PC, it’s not exactly a surprise. Microsoft has already ended support for those older Operating Systems, and the vast majority of the company’s GeForce customers have already upgraded to Windows 10, so NVIDIA’s move will only impact a tiny segment of the company’s customers.

In fact, according to the Steam Hardware and Software survey conducted in May of this year (2021), only 2.13 percent of users worldwide are still running Windows 7, only 0.07 percent are running Windows 8, and only 0.98 percent are running Windows 8.1. So again, this is a problem that will only impact a handful of users. Even so, if you’re one of them, that’s small consolation.

In any case, the change is coming, so if you haven’t upgraded to Windows 10, now you have one more reason to do so.

If there’s a bright spot to be found in the recent announcement, it lies in the fact that Microsoft is still offering a free upgrade to Windows 10 for the few remaining Windows 7 users. So if that’s what you’ve got on your rig, you can save money by taking advantage of the free upgrade offer.

Although there are sure to be a few grumbles of displeasure, NVIDIA’s announcement is a good thing overall. Embrace the change.

0
Posted on Author Atlantic Computer Services Categories Blog

SolarMarker Malware Stealing User Information Through PDFs

The hackers behind the malware called SolarMarker have begun using an innovative and unexpected means of distributing their poisoned code.

They’ve started publishing PDF documents filled with SEO (Search Engine Optimization) keywords in a bid to boost the visibility of malicious websites that pose as Google Drive, but in fact, are simply repositories for the malware itself.

A potential victim may get an email containing a PDF promising detailed information on attractive insurance rates or attractive credit card deals. Clicking on the links in the PDF will redirect the victim to a site designed to look like Google Drive, with instructions to download a different file on the drive. It is the act of clicking the file on the drive that dooms the user.

SEO is a tried and true marketing tactic used by legitimate business owners to drive traffic to their sites, co-opted, in this case, for a nefarious purpose. Unfortunately, it has proven to be a wildly effective thus far.

As to the malware itself, SolarMarker is a backdoor malware that steals login credentials and other data from web browsers. So it’s not harmful on its own, but it makes it easier for the hackers controlling it to introduce damaging malware down the road and/or steal a victim’s identity.

Crowdstrike was the first company to sound the alarm when researchers at the company first discovered the unusual marketing campaign for the malware. Note that thus far, at least, SolarMarker’s makers seem to have focused the bulk of their attention on North America.

PDFs have been used for a very long time to deliver malicious payloads, but the unusual methodology used here makes this attack noteworthy. Be on your guard against any PDFs you or your staff receive from unknown, un-trusted sources. Clicking links embedded in those files may net you much more than you bargained for, and not in a good way.

0
1 89 90 91 92 93 236