Tag Archives: Security

Posted on Author Atlantic Computer Services Categories Blog

Voicemail Phishing Attacks Called Vishing Are On The Rise

While “vishing” is by no means a new threat, it’s not something that has ever happened with sufficient frequency to get most people’s attention. So, if you haven’t heard the term before, you’re not alone.

“Vishing” is short for voicemail phishing, and it is apparently on the rise based on data collected by the security firm Zscaler. Attackers are specifically targeting tech firms and US military installations.

No actual voice mails are involved, which is interesting.  What the attackers do is send emails with links that supposedly point the way to voicemail messages stored on LinkedIn, WhatsApp, or other services. The idea behind the attacks are is to trick an unsuspecting recipient into disclosing his or her Outlook or Office 365 credentials.

To make their credential capture page more convincing, the attackers have even taken to deploying a CAPTCHA system, which makes the page look just annoying enough to be legitimate.

A spokesman for Zscaler had this to say about the company’s recent discovery of the surge in vishing attacks:

“Voicemail-themed phishing campaigns continue to be a successful social engineering technique for attackers since they are able to lure the victims to open the email attachments. This combined with the usage of evasion tactics to bypass automated URL analysis solutions helps the threat actor achieve better success in stealing the users’ credentials.”

The folks at Zscaler have a point. If your employees haven’t been made aware that this kind of attack is not only possible but growing in popularity in certain sectors, make sure they know what to be on the lookout for. Kudos to the sharp-eyed folks at Zscaler for spotting the trend.

We may not be able to keep hackers from making the attempt. However, if we can warn enough people about the tricks they’re using, we can frustrate their efforts and that’s a good start.

0
Posted on Author Atlantic Computer Services Categories Blog

Simple Tips For Securing Smart Device Data

Data security isn’t something that’s at the forefront of most people’s minds, but it probably should be.  These days, we use far more than just our trusty laptops and desktops to do real, meaningful work.  Most people have a plethora of devices they tap into on a regular basis and take with them wherever they go.

From smart phones to smart watches and more, the average person has no less than four different devices they can and often do use to get stuff done.

How safe are they?  Probably not as safe and secure as you’d like.

Here are some simple ways to fix that:

1 – Software Solutions

There are a number of these, but BitDefender is a solid choice.  The great thing about BitDefender is that you can hook up to fifteen different devices to it per household, and it comes with a suite of tools designed to help keep your smart devices safe.

2 – Develop Good Password Habits

Yes, it can be easy to use the same password across multiple devices and multiple web properties you use on a regular basis.

Resist the lure of easy.  Unfortunately, easy makes you a target.  Even though it’s more trouble, take the time to develop good and robust passwords. Use a different password on every device.

Here, password vaults can be your best friend because it helps automate the process and gives you less to remember.  It’s also worth employing two-factor authentication (2FA) everywhere it’s offered. Again, it adds an extra step to your logon process, but it’s time well spent for the added security it provides.

3 – Learn to Be a Savvy Email User

Don’t click on any links embedded in any email you receive, even if you think you know the sender.  The sender’s address could be spoofed.

Similarly, don’t open an email attachment unless you’ve verified that it’s legitimate and that someone you trust has sent it to you.  Phishing emails are among the most common way that hackers gain access to systems they target.  Don’t be their next victim!

These three things do take a bit of time to set up and get working but it’s time well spent, and it will make all the smart devices you rely on significantly more secure.  That’s a very good thing.

0
Posted on Author Atlantic Computer Services Categories Blog

One Of The Largest US Banks Discloses Data Breach

Do you have an account with Michigan-based Flagstar Bank?  As one of the largest banks in the United States, it’s quite possible that you do.

If so, be aware that the company recently issued a breach disclosure notification relating to a security incident that occurred in December of 2021 when unknown attackers breached the company’s network.

The notification reads in part, as follows:

“…Upon learning of the incident, we promptly activated our incident response plan, engaged external cybersecurity professionals experienced in handling these types of incidents, and reported the matter to federal law enforcement. 

We have no evidence that any of the information has been misused. Nevertheless, out of an abundance of caution, we want to make you aware of the incident.”

The company also announced that they would be offering two free years of identity monitoring services to impacted individuals.

That’s good because based on information that Flagstar submitted to the Maine Attorney General’s office, there are a lot of impacted individuals.  More than a million and a half, in fact.

While there’s nothing outwardly wrong with the breach notification that the company sent out, there are two key pieces of information that are conspicuously absent.

First, there’s no explanation as to why it took the company half a year to realize that the breach had occurred.

Second, the notification gives no information about exactly what types of information that the attackers made off with.  Is it enough for a hacker to steal one’s identity?  Based on Flagstar’s offering identity monitoring protection, that would seem to be the case. However, there are no particulars provided, so we are left to guess.

In our view, this could have been handled better.  Here’s hoping that Flagstar is more forthcoming in the days ahead.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Believes AI Can Help Prevent Ransomware In The Future

Recently, Microsoft published a fascinating blog post. In the blog post, they said they were experimenting with “novel approaches” when it comes to harnessing the power of AI to spot threats on the threat landscape before they become a problem.

In particular, the company is focused on stopping ransomware attacks while they’re still in their earliest stages.

To get even more fine-grained than that, they are specifically targeting human-operated ransomware campaigns. They note that there are certain indicators in common where human-operated ransomware campaigns are concerned, and these commonalities can be used to stop future attacks.

The example that Microsoft gives in their blog post is that of a hacker who has stolen the network credentials of a company.  They will first log in to test those credentials, and once inside, will almost certainly move about inside the network in ways that the proper owner of those credentials would not.

This creates specific data points that the AI can be on the alert for.

Broadly speaking, these fall into three categories:  Time based, Graph based, and device-based.

An example of a time-based data point would be if the hacker logged in to test the credentials at 3:00 in the morning and the owner of those credentials historically logs in at 8am.

Graph-based patterns are the graphical representation of physical moves across a network space, plotted against expected moves.

And device-based data points are exactly what they sound like.  The AI would expect that the owner of the stolen credentials would log in from his or her workstation and not a laptop hidden behind layers of proxies, which is suspicious in and of itself.

It’s a great idea, though Microsoft is quick to point out that it is still very much in its infancy.  Even so, it’s easy to see how this could become an indispensable tool.

0
Posted on Author Atlantic Computer Services Categories Blog

You May Need To Replace Old Cisco VPN Routers

Do you own one or more of the following products made by Cisco?

  • The RV110W Wireless-N VPN Firewall
  • The RV130 VPN Router
  • The RV130W Wireless-N Multifunction VPN Router
  • The RV215W Wireless-N VPN Router

If so, be advised that a new and critical security vulnerability has been found that impacts your equipment.  It is being tracked as CVE-2022-20825.  With a severity rating of 9.8 out of a possible 10, it’s about as serious an issue as it’s possible to have.

What is worse is that because the equipment referenced above is older and at the end of its service life, Cisco announced that there will be no patches to address this recently discovered security vulnerability.

Per a recent Cisco security advisory, the flaw exists because of insufficient user input validation of incoming HTTP packets on impacted devices.

It should be noted that this flaw only impacts devices that have their web-based remote management interface enabled on WAN connections.  If you’re not doing that, then even if you have an older piece of Cisco equipment, you’ve got nothing to worry about.

If you’re not sure whether remote management is enabled or not, just use the following steps. Log into the web management interface and make your way to “Basic Settings” and then “Remote Management.”  From there, just verify whether the box is checked or not and you’re all set.

In cases like these, we do wish companies were willing to be a bit more flexible. However, on the other hand, it’s easy to see how an offer of more time would be abused. So while we feel your pain if you own one of the impacted devices and we also understand why Cisco is taking a hard line and not granting any wiggle room.

All that to say, if you’re still using one of the devices referenced above, upgrade to a newer piece of equipment as soon as possible.

0
1 9 10 11 12 13 155