Tag Archives: Business & Finance

Posted on Author Atlantic Computer Services Categories Blog

Hackers Are Using Resumes To Deliver Malicious Software

Hackers have used poisoned documents to deliver malware payloads for years. Recently though, researchers at the security company Cofense have spotted a new twist to the ploy, aimed squarely at HR departments. The recently detected campaign uses fake resume attachments to deliver Quasar Remote Administration Tool. It is affectionately known as RAT to any unsuspecting Windows user who can be tricked into jumping through a few hoops.

Here’s how it works:

An email containing a document that appears to be a resume is sent to someone in a given company.  The document is password protected, but the password is politely included in the body of the email, and is usually something simple like ‘123.’ If the user enters the password, a popup box will appear, asking the user if he/she wants to enable macros.

Up to this point, the attack is fairly standard, but here’s where it gets interesting:

If the macros are allowed to run, they’ll display a series of images and a message announcing that content is loading.  What it’s actually doing is throwing out garbage code that’s designed to crash analysis and detection tools while RAT is installed quietly in the background.

At that point, the system is compromised. RAT’s capabilities give the hackers the ability to open remote desktop connections, log keystrokes and steal passwords, record any webcams in use, download files, and capture screenshots of the infected machine.

Worst of all, the first part of the infection process knocks out most detection programs. So, the hackers generally have a large window of time to take advantage of the newly created beach head. That can cause all manner of havoc in your network or simply choose to quietly siphon proprietary data from your systems.

Be on the alert and make sure your HR staff is aware.  This is a nasty campaign and it’s just hitting stride.

 

 

0
Posted on Author Atlantic Computer Services Categories Blog

Another IRS Phishing Campaign To Watch Out For

The Internal Revenue Service recently issued a warning that all taxpayers should be aware of.

The agency has received a growing number of reports concerning unsolicited email messages bearing the subject lines:

  • Electronic Tax Return Reminder
  • Automatic Income Tax Reminder

These messages are not from the IRS, but rather, from spammers trying to steal your information.

According to a spokesman for the IRS:

“The emails have links that show an IRS.gov-like website with details pretending to be about the taxpayer’s refund, electronic return or tax account.  The emails contain a ‘temporary password’ or ‘one-time password’ to ‘access’ the files to submit the refund.  But when taxpayers try to access these, it turns out to be a malicious file. The IRS does not send emails about your tax refund or sensitive information.  This latest scheme is yet another reminder that tax scams are a year-round business for thieves.  We urge you to be on-guard at all times.”

These are wise words, and a warning that absolutely should be heeded.  Unfortunately, this most recent scam utilizes dozens of different compromised websites to mimic IRS.gov, and this far flung network of sites makes it very difficult to shut down in its entirety.

What’s most unfortunate about scams like these is that they seem to disproportionately impact the elderly. Many of the elderly have slowly begun adopting basic technologies like email, but don’t have the tech skills to spot scams when they appear in their inboxes.

We all know at least a few people who fall into that category, so be sure to spread the word about this issue to anyone you know who may be especially susceptible to falling for scams like these.  The more people we can protect, the less profitable the attack becomes. Perhaps we can even gain enough ground to make it more trouble than it’s worth to the scammers, forcing them to look elsewhere.

 

0
Posted on Author Atlantic Computer Services Categories Blog

Gmail Users Will Get Updated Spelling and Grammar Assistance

There are changes afoot in Gmail designed to help improve the quality of your writing using new AI features.

These features will auto correct simple spelling errors and offer suggestions to improve your grammar.

As the company notes in a recent blog post on the matter:

“If you’re working against deadlines to write a lot of emails daily, correct spelling and grammar probably isn’t top of the mind.  These capabilities can also help you write and edit with more confidence if you’re a non-native speaker.”

Currently, the new system only supports English, but that’s almost certain to change in the months ahead.  Google plans to roll out the enhanced features beginning on August 20th for G Suite users who are on rapid-release domains.  Anyone on a scheduled release domain will start seeing the new features on September 12th.

Here’s a quick summary of what you can expect:

  • Common spelling mistakes will simply be auto corrected.
  • Words that are auto corrected will feature a dashed line beneath the correction so you’re aware of it.
  • Grammar mistakes will feature a blue squiggly line beneath the words to call your attention to them.
  • Less common spelling mistakes will feature both a blue squiggly line and a red line beneath the word in question.

Google is undoubtedly correct that their changes will be most beneficial to harried office workers facing tight deadlines and non-native English speakers. However, there aren’t many people who won’t see at least some benefit from the new features.

These are good changes that will no doubt prompt other companies selling competing products to follow suit, which will slowly and steadily raise the bar.  Kudos to Google for the coming developments.  If you’re anxious to try them out, you won’t have long to wait.

0
Posted on Author Atlantic Computer Services Categories Blog

Devices Attached To Corporate Networks Are Being Targeted

Grim news comes out of Russia, as reported by Microsoft.  The tech giant has been tracking the activities of a Russian hacking group that goes by the name of Strontium. Their other names include APT28 and Fancy Bear.

Microsoft has confirmed that the group was behind a new attack that took place in April of this year (2019).

This is the group that claimed responsibility for both the attack on the Democratic National Committee during the run up to the 2016 election and the NotPeya attacks against the Ukraine in 2017.

In addition to targeting political groups in Europe and North America, Strontium members have been upping the stakes by compromising large numbers of popular IoT devices such as VOIP phones, printers, security cameras and the like. They have been using those devices to breach corporate networks.

The company had this to say about their recent findings:

“The investigation uncovered that an actor had used these devices to gain initial access to corporate networks.  In two of the cases, the passwords for the devices were deployed without changing the default manufacturer’s passwords, and in the third instance the latest security update had not been applied to the device.

Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network in search of higher-privileged accounts that would grant access to higher-value data.”

Fortunately, Microsoft was able to stop this attack in its tracks early on, but the motives behind it remain cloudy and uncertain.  Even so, Microsoft has committed itself to closely monitoring the activity of this group in particular. In the past year, they have sent out more than 1,400 notifications to global corporations and nation states about the activities of the group.

It is incredibly likely that this group will be at the forefront of whatever attacks the Russians have planned to influence the outcome of the 2020 US Presidential election.

 

0
Posted on Author Atlantic Computer Services Categories Blog

Survey Shows Employees Would Compromise Company Data

A recent report published by nCipher confirms what many business owners have known for a long time.  Their employees are the weakest link when it comes to data security.

The nCipher report, however, adds a disturbing exclamation point to the data with a few details you’re likely to find shocking.

First, fully 71 percent of C-Suite employees surveyed in the UK would knowingly and willingly cover up a data breach if doing so meant escaping the fines associated with it.  This, contrasted with just 57 percent of managers and directions.  The latter number is still distressingly high, but nothing compared with the C-suite.

Second, don’t make the mistake of thinking that it’s just the people you have installed in the corner office that are willing to put your business at risk. A disappointing 25 percent of office employees indicated that they’d be willing to sell corporate information for as little as £1000, with 5 percent of office employees saying that they’d simply give it away for free.  10 percent said they’d need at least £250 to make it worth their while.

Dan Turner, the CEO of Deep Secure, had this to say on reading the report:

“The cost of employee loyalty is staggeringly low.  With nearly half of all office workers admitting they would sell their company’s and clients’ most sensitive and valuable information, the business risk is not only undisputable, but immense in the age of GDPR and where customers no longer tolerate data breaches.

Given the prevalent use of digital and cyber tactics to exfiltrate this information, it’s critical that businesses invest in a security posture that will help them both detect and prevent company information from leaving the network.”

Wise words indeed. Unfortunately, given the realities above, that means keeping a closer eye on your own people.

 

0
1 17 18 19 20 21