Tag Archives: Office 365

Posted on Author Atlantic Computer Services Categories Blog

New Malware Is Using CSV Files To Infect Users

Researchers have spotted a new phishing campaign you should be aware of.

What sets this one apart is that the hackers are using a lowly but specially crafted CSV file to infect machines. They are installing the BazarBackdoor malware. If you’re not familiar with the term CSV stands for “Comma Separated Values” and it’s a text file format that can be loaded into Excel.

If you open the file in a text editor, you’ll simply see alphanumeric values separated by commas with the first line generally being the headers for the spreadsheet. Open the same file in Excel and it will separate the data into neat rows and columns.

CSV files are popular because they make it relatively easy to export data from one application and import it into another. Since the files are text only most people consider them to be relatively harmless and are generally not all that cautious when opening them.

Microsoft Excel supports a feature called Dynamic Data Exchange (DDE) which can be used to execute commands whose output is inputted into the open spreadsheet including CSV files.

Hackers are always on the lookout for new angles to play and have naturally begun to abuse this feature. They execute commands that download malware on the devices of unsuspecting victims.

BazarBackdoor is a stealthy malware strain created by the TrickBot group. It’s main purpose as the name suggests is to provide ongoing remote access to an internal device that can be used as a springboard for further lateral movement within a network.

The current campaign is centered around emails that pretend to be “Payment Remittance Advice” emails with links to remote sites that download a CSV file with innocuous names like “document-2196t6.csv.”

If this file is opened in notepad or word pad and examined, at first glance it will appear to be nothing more than a run of the mill CSV file. Unfortunately, embedded inside of it is a WMIC call in one of the columns of data that launches a PowerShell command and that’s enough. That’s all the hackers need to install the malware.

As always vigilance is your best defense against this sort of thing. Remind your employees not to open any emails from unknown or untrusted sources and not to download or open any attachments from those emails.

0
Posted on Author Atlantic Computer Services Categories Blog

Last Year Microsoft Blocked More Than 25 Billion Hacker Attacks

Individual users often don’t have a good sense of the scope and scale of hacking attacks around the world.  The numbers may shock you.

According to Microsoft, in 2021 the company blocked more than 25.6 billion brute force authentication attacks against Azure AD users. They also and intercepted a staggering 35.7 billion phishing emails with Microsoft Defender for Office 365.

Vasu Jakkal is Microsoft’s Corporate Vice President for Security, Compliance, and Identity. Jakkal is both passionate and concerned about this subject.  The increase in the total number of attempts since the pandemic began has been breathtaking.

Unfortunately, Jakkal says that so far only a minority of Azure AD and Microsoft 365 users seem interested in taking steps to bolster their own security. Based on statistics gathered by Microsoft, only 22 percent of Azure AD users have activated MFA (multi-factor authentication) protocols. MFA  would keep their accounts safer and make it significantly more difficult for hackers to force their way in.

Here is how much more difficult it can be:

Google combined forces with researchers at New York University and the University of California to study that very topic. They discovered that MFA implementation can block up to 100 percent of automated bot attacks, 99 percent of bulk phishing attacks, and up to 66 percent of targeted attacks. That is an impressive level of protection for something that’s so simple to implement and make use of!

The two big takeaways here are:

  1. The total number of hacking attacks is increasing dramatically.
  2. Although automated tools are getting progressively better at preventing many of them, end users have an important role to play too. Unfortunately, as of right now they’re not.

Depressingly few users are taking even the most basic steps to better secure their accounts.  If you set one major IT security goal for the year, a very good one would be to do all you can to increase the percent of users at your firm who are taking advantage of MFA everywhere they can.

0
Posted on Author Atlantic Computer Services Categories Blog

Additional Security Recently Added To Office 365

Back in September of 2020 Microsoft announced that it was experimenting with the addition of SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online. This was done in a bid to ensure the email communication and security of their Office 365 customers.

In a recent statement by the company the Exchange Online Transport Team said:

“We have been validating our implementation and are now pleased to announce support for MTA-STS for all outgoing messages from Exchange Online.”

While it may not sound like a terribly exciting change, it truly is a big step forward.  Now that the feature is in place in Office 365, any emails sent by users via Exchange Online will be delivered using connections with both authentication and encryption protocols. This is for protecting them from interception and attack attempts and includes both man-in-the-middle and downgrade attacks.

Again, per the Exchange Online Transport Team:

“Downgrade attacks are possible where the STARTTLS response can be deleted, thus rendering the message in cleartext. Man-in-the-middle (MITM) attacks are also possible, whereby the message can be rerouted to an attacker’s server. 

MTA-STS (RFC8461) helps thwart such attacks by providing a mechanism for setting domain policies that specify whether the receiving domain supports TLS and what to do when TLS can’t be negotiated, for example stop the transmission.”

In addition to the feature addition Microsoft has also provided guidance on how to adopt MTA-STS. This includes where to host the policy file on your domain’s web infrastructure.

Additionally, the Exchange Team announced that they’re in the process of rolling out SANE for SMPT (with DNSSEC support). That provides better protection for SMTP connections than MTA-STS does.

The company’s plan is to proceed slowly and in two phases. Phase I is to be completed by March 2022 and phase II is to be completed by year end 2022.  The team stressed that admins would be able to use both standards on the same domain at the same time, allowing them to account for senders who may exclusively use one or the other.

Great news indeed.  Kudos to Microsoft for their continuing efforts.

0
Posted on Author Atlantic Computer Services Categories Blog

Voice Commands Getting New Attention In Windows 11

For a few years now Microsoft has been experimenting with voice commands.  Their early experiments were limited to contexts that resided wholly inside specific applications however.

For example, once you opened Word you could use voice commands to activate a few of the software’s features.

Recently the company decided to take voice controls to a whole different level and by the time you read these words you’ll be able to download the latest Windows 11 update and play with the new feature.  Consider it to be a sneak peek of the shape of things to come.

As of Windows 11 preview build 22518 users can utilize voice commands to open and close applications, switch to Desktop view, minimize or maximize specific windows, select items, edit text, and more.

There are two important caveats to bear in mind though:

First at present only US English is supported.  Second the feature isn’t enabled by default so if you want to play around with it you’ll need to turn it on manually.

To do that go to Settings > Accessibility > Speech

Once there you’ll see an on/off switch to either enable or disable the Voice Access feature.  When you enable it for the first time there will be a slight delay as the OS will need to download a language pack.  Once that’s done you’ll be treated to a brief tutorial that will guide you through the basics of using the feature.  After that you’re all set.

In its current form the Voice Access feature supports more than 80 different commands. If the company’s massive user base embraces the feature you can bet that plenty of others will be added in the weeks and months ahead.

It’s a good feature and well worth taking the time to check out.  Kudos to Microsoft for bringing us one step closer to our Star Trek future!

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Office Is Rolling Out A New User Interface

Microsoft is making a few UI changes across its entire product line in anticipation of rolling out Windows 11.  Early this year (2021) the company announced that they were updating the UI for Office 365 and Office 2021.

Over the summer small groups of users participated in an open beta and began playing with the updated versions of those app suites.

Now the company is ready for the big reveal and is rolling the new UI out to all Office 365 and Officer 2021 users. The changes don’t add anything in the way of new functionality but offer a different look and feel that brings the ubiquitous office suite into aesthetic alignment with what’s planned for Windows 11.

If you haven’t already started to see the changes you will soon. Primarily you’ll notice that icons and menu buttons have a softer more rounded appearance in keeping with the company’s slowly evolving aesthetic. Also note that the update will “remember” if you selected the light or dark theme you set inside Windows and your office suite will match that selection.

Users can toggle the new look on or off via the “megaphone” icon visible in the right-hand corner of Word Excel PowerPoint and OneNote. All Windows 11 users should see it the next time they open any of those apps.

Similar changes are planned for the Web and Mobile versions of the office suite. However, shifting those versions of the suite into alignment with what’s planned for Windows 11 is a significantly larger project that the company says will take at least another year to complete and possibly closer to two.

In the end though Windows will offer a single seamless aesthetic across its products which should improve and enhance the overall user experience and that’s good stuff.

0
1 2 3 4 8