Tag Archives: Security

Posted on Author Atlantic Computer Services Categories Blog

Millions Of Toyota Customers Possibly Affected By Data Breach

In recent months, Japan is a nation under cyber-siege, with several high-profile attacks having been made against the country.  The most recent attack targeted Toyota.  If you own a Toyota or Lexus, it’s possible that at least some of the information you gave to the company has been compromised.

Although an investigation into the matter is ongoing, Toyota wasted no time letting its massive customer base know.

Their official statement reads in part, as follows:

“We have not confirmed the fact that customer information has been leaked at this time, but we will continue to conduct detailed surveys, placing top priority on customer safety and security.”

Later in the statement the company stressed that if customer information was, in fact compromised, that information did not contain credit card or other payment numbers.

Early indications point to a well-organized hacking group calling themselves the OceanLotus Group. Although even this cannot be confirmed at this point.

The details surrounding the attack are murky at this point. What we do know with certainty is that on March 21st, the company detected an unauthorized intrusion into its corporate networks across a staggering 8 company divisions, marking it as an extremely well organized and sophisticated attack.

Considering the other attacks made against Japanese companies and government agencies, it seems that for reasons that are not yet clear, one or more big hacker organizations filled with top-tier talent has decided to put the nation under the virtual gun.

Only time will tell exactly who’s behind the attacks and what their ultimate purpose might be. For now, the key thing to know is that if you own a Toyota or Lexus, it’s possible that at least some of your personally identifiable information was compromised.  Be on the lookout for additional information from Toyota as it becomes available.

0
Posted on Author Atlantic Computer Services Categories Blog

Malware In Documents Is Latest Hacker Trend

There is a new Threat Spotlight released by Barracuda Networks.

One of the biggest trends in 2019 (where threats against businesses of all sizes are concerned) now takes the form of poisoned documents attached to emails.

The company analyzed more than 300,000 email samples collected over the past twelve months.

They discovered that the frequency of document-based malware attacks increased markedly during the first quarter of 2019, with nearly sixty percent of poisoned files taking the form of documents.

As Jonathan Tanner of Barracuda Networks put it:

“For the past couple of years, script files were a very popular attack method.  The percentage of these sort of files declined drastically, however, and was a significant source of the increase of documents as an infection method…

Documents are a natural evolution from script files, since the languages used are also the ones used for documents – namely VBScript and JavaScript.  The same attacks could be converted to the document-based ones with only slight modifications.  The script authors had already become very adept at obfuscation techniques, so these could contribute greatly to document-based malware where scripting is already more common and thus deeper inspection of the script itself is required.”

The good news is that most antivirus software is quite good at detecting malicious files.  Of course, the weakest link in the equation isn’t detection software, it’s users.  In light of the evolving threat, education is more important than ever. Although to date, the majority of employees have been stubbornly resistant to educational measures designed to reduce the rate at which employees will click on and open documents received from un-trusted or even unknown sources.

As a business owner, that will likely be one of your great challenges in the year ahead.  The more wary you can make your employees about opening files from people they don’t know, the safer your network is bound to be.

0
Posted on Author Atlantic Computer Services Categories Blog

Breach At Georgia Tech University Exposes Personal Info

If you’ve ever been a student or employee of the Georgia Institute of Technology, be advised that any personally identifiable information the university had on you may have been compromised.

Recently, the university reported an instance of unauthorized access into databases connected to its web app.

They first discovered evidence of the unauthorized access in mid-December of 2018 and have been investigating since.  To date, however, it remains unclear exactly how long a time the unidentified hackers had access to their databases or what specific information may have been taken.

The formal statement issued by the university says, in part:

“The information illegally accessed by an unknown outside entity was located on a central database.  Georgia Tech’s cyber security team is conducting a thorough forensic investigation to determine precisely what information was extracted from the system, which may include names, addresses, social security numbers and birth dates.”

The fact that the university’s investigation is now several months old indicates that the hackers were quite skilled. Given the information that the University fears was compromised, it’s more than enough to create a false identity.

If you have ever been employed at Georgia Tech, or if you’ve ever taken classes there, be mindful that enough of your personal information may have been compromised to steal your identity.  If you haven’t yet used a service that helps protect you against such things, it may be time to consider doing so.  In any case, vigilance is the order of the day.

We don’t yet know how many records may have been compromised, but it’s better to be safe than sorry.  If you’ve been fortunate enough to have avoided having your identity compromised, count yourself lucky indeed.  It’s something that can take years to fully recover from.  Stay on your guard.

0
Posted on Author Atlantic Computer Services Categories Blog

Several Popular Restaurants Had Credit Cards Stolen

If you frequent any of the following restaurants and paid them a visit between May 23, 2018 through March 18, 2019, your credit card data may have been compromised.

The parent company of these chains, Earl Enterprise, recently announced that an unspecified number of store locations were found to have been infected by PoS malware.

When taken together, they managed to harvest more than two million credit card numbers nationwide.  These were later found for sale on the Dark Web.

The list of restaurants includes:

  • Chicken Guy!
  • Mixology
  • Tequila Taqueria
  • Earl of Sandwich
  • Planet Hollywood
  • Buca di Beppo

If you’ve been to any of the restaurants named above in that range of time, you may have already received a notification from the company.  If you want to confirm whether the location near you was one that was compromised, Earl Enterprise has a lookup tool on their website allowing you to drill down and find out definitively.

The company was made aware of the issue in late February when they were contacted by private security researcher Brian Krebs. He discovered a large cache of credit card numbers on the Dark Web that belonged to the company’s customers.

Once they were informed, they launched their own internal investigation, duly notified law enforcement, and brought in a third-party firm to assist them with the investigation.  Upon confirming Krebs’ findings, they made a public announcement to their customers.

Exercising an abundance of caution, Earl Enterprise is encouraging all its customers to keep a watchful eye on their credit and debit card statements and to stay alert for any suspicious activity. If you notice any, report it to the company that issued your credit card immediately.  If you see something and don’t report it right away, you may wind up having to pay for charges you didn’t make.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Hidden In Emails About Flu Protection

Fear is a fantastic way to spread malware, which is why hackers around the world are using the fear of a flu pandemic as a hook to install a nasty strain of ransomware.

Researchers at MyOnlineSecurity have detected a cunning email campaign which spoofs the Centers for Disease Control and bears headlines warning of a Flu Pandemic.

The message is short and to the point, explaining that a flu pandemic has been detected and urges recipients to read the attached document for further instructions to protect their families and help keep it from spreading.  The instructions also helpfully include the note that in order to view the document properly you’ll need to click the ‘Enable Editing’ button.

The attachment bears the name “Flu Pandemic Warning,” which reinforces the message itself. It’s an excellent choice from the perspective of the hackers, because they know that a relatively high percentage of those who receive this message from what appears to be a trusted agency will open it.

Unfortunately, the moment they open the file and click to enable editing, they doom themselves.  The word document is poisoned and contains scripts that will install the GrandCrab v5.2 ransomware on the victim’s machine, which will promptly lock their files and demand a hefty payment.

While this is a nasty and especially effective campaign, it’s not the only one that the creators of Grand Crab are engaged in.  Recently, the Chinese government issued their own alert, stating that beginning on March 11, various government departments were bombarded with phishing-style emails intent on installing ransomware on their servers.

All that to say, vigilance is more important now than ever.  There’s no telling how long this campaign will run, or what may come after it, but one thing you can be sure of.  They’re not going to stop.

 

0
1 149 150 151 152 153 155