Security Archives - Page 5 of 155 - IT Services & IT Support Wilmington, NC

September 21, 2022 Atlantic Computer Services Blog

Uber Hacked Again

An unknown hacker, who claims to be eighteen years old, acquired administrative access to Uber’s corporate network and proprietary internal tools on Thursday, September 15, 2022.

On September 15, 2022, at 6:25 pm PT, Uber issued a statement on Twitter that it was “responding to a cybersecurity incident.”

An attacker gained access to the account of an Uber EXT contractor. A malware-infected personal device compromised the contractor’s credentials. The contractor accepted the multi-factor authentication through a socially engineered attack, enabling the hacker access to the contractor’s account.

The hacker then acquired access to several additional employee accounts with enhanced permissions and announced on the company-wide Slack channel:

“I announce I am a hacker, and Uber has suffered a data breach…” with the hashtag #uberunderpaisdrives.

The hacker also altered the OpenDNS for some internal Uber sites to show a graphic image.

In response to the cybersecurity attack, Uber notified the appropriate authorities and its staff. In addition, the corporation disabled several internal communication and engineering systems as a precautionary measure.

On September 16, 2022, Uber announced that its services were fully functioning and that it would restore several interrupted internal tools.

The breach exposed data from the company’s Slack and G-Suite communication systems, internal financial tools, and the bug bounty dashboard on HackerOne. Uber immediately fixed all of the vulnerabilities retained within HackerOne bug reports to stop more nefarious acts.

On September 19, 2022, at 10:45 am PT, Uber released a statement saying, “we have no evidence that the incident involved access to sensitive user data.”

According to Uber, the intruder did not gain access to the production systems that power applications, any user accounts, or the encrypted database containing sensitive user data.

Uber enlisted several digital forensics companies to examine the incident and claimed it would utilize this opportunity further to bolster its policies, practices, and technology to withstand future cyberattacks better.

This incident is not the first time that cybercriminals have attacked the corporation. In 2016, the corporation paid a $100,000 ransom to hackers to prevent them from releasing stolen data.

Hackers are constantly looking for innovative ways to breach corporate networks. Cybercriminals are concentrating their efforts more on specific individuals due to the complexity introduced by multi-factor authentication. To prevent a socially engineered cyberattack like the one that compromised Uber, it is essential to educate staff members on how to identify such attacks.

September 20, 2022 Atlantic Computer Services Blog

Google Leaving IoT Services

Tech giant Google recently announced that it’s closing the doors on its IoT Core service. Their stated reason for doing so was that their strategic partners can better manage customers’ IoT services and devices. Time will tell if the company’s decision was a good one.

Another tech giant, Microsoft, is wasting no time and is moving heavily in the opposite direction, adding to their suite of IoT services and offering increasingly tight integration with Azure. In recent years, Microsoft has bet big on IoT, and now has an impressive stable of offerings.

Microsoft’s offerings include but are not limited to:

The Azure IoT Hub, which serves as a central point of connection for IoT assets, allowing them to be more easily managed and monitored
Azure IoT Central, which gives users the capability of building edge solutions via Microsoft Tools
Azure Digital Twins, which models physical environments via “spatial intelligence”
Azure IoT Edge, which is a platform that brings analytics to edge-computing devices
Azure RTOS, which is a real time IoT platform
Windows 11 IoT and Windows 10 IoT core
And Azure Sphere, which is a Linux-based microcontroller OS platform

Microsoft is not alone in investing heavily in IoT services, however. Amazon currently has a full suite comparable to what Microsoft is offering integrated with their highly popular and widely used AWS service. So even with Google pulling out of the space, consumers still have two strong and viable options to choose from.

The months ahead will be interesting indeed as the strategies these tech giants are pursuing begin to mature, creating ripple effects across the markets they serve.

For Microsoft’s part, it appears that CEO Satya Nadella’s recent statement that the company was interested in building an intelligent cloud/intelligent edge solution has changed somewhat. It is becoming an intelligent end-to-end distributed computing solution.

September 17, 2022 Atlantic Computer Services Blog

Cyber Security Best Practices For Businesses

Smaller companies often struggle to develop and invest in robust IT security systems, which can leave them relatively more vulnerable to cyber attacks.

If that’s the situation you’re in and you’re trying to decide what to invest in and where to use the money that you have to spend on IT security, here’s a quick overview of the basics you need to have covered.

1 – Door Access Control

Believe it or not, this properly falls under the cybersecurity umbrella since magnetic door locks and swipe cards (or similar technology) are ultimately managed via a server on your company’s network.

If you don’t have such a system in place, we strongly urge you to consider one. Once it’s in place, regularly review who has what level of access.

In addition to that, most door security systems include some type of monitoring software, and it pays to set up automated alerts when an employee shows as deviating from their usual routine.

Example: If Linda’s regular work schedule has her swiping her card and entering the office just before 8AM, and leaving a little after 5PM and suddenly you see her coming in at 3:00 in the morning, that’s a sign that something is amiss and is well worth investigating.

2 – Encryption, Encryption, Encryption

Even if a hacker breaches your network, they can’t make use of any files they get their hands on if they can’t decrypt the data.

There are three types of encryption you want to be focused on: Encryption at rest, encryption in use, and encryption in transit. If your files are encrypted in all three states, a hacker is going to be hard-pressed to get anything useful from your network, even if they break in.

3 – Ongoing Security Training

The sad truth is that all the fancy hardware and software in the world can be circumvented by going after the weakest link in your security chain, which is always your people. If someone uses a weak password for the sake of convenience, that’s a way in for a hacker.

If someone is prone to opening email attachments from unverified sources, that’s another potential inroad. The problem is that too many employees don’t fully appreciate the security risks that these seemingly innocuous activities carry with them. Make sure they know. Make sure everyone knows.

There’s a lot more to robust security of course, and cybersecurity is constantly evolving, but if you start here, with these three items, you’ll be miles ahead.

September 15, 2022 Atlantic Computer Services Blog

Latest Microsoft Patch Fixes Dozens of Bugs

Even if you don’t consistently install Microsoft’s security patches as soon as they’re released, the September 2022 patch released this week deserves immediate attention.

Dozens of bugs, flaws, and vulnerabilities were addressed in this iteration, including fixes for:

*30 Remote Code Execution vulnerabilities
18 Elevation of Privilege vulnerabilities
16 Edge/Chromium vulnerabilities
7 Information Disclosure vulnerabilities
7 Denial of Service (DoS) vulnerabilities
1 Security Feature Bypass vulnerability

In addition to the above, the patch also addresses two zero-day vulnerabilities. The first of these is being tracked as CVE-2022-37969.

It was discovered independently by researchers from CrowdStrike, Zscaler, Mandiant, and DBAPP Security. Described as a Windows Common Log File System Driver Elevation of Privilege Vulnerability, hackers are currently exploiting this flaw in the wild.

The other is being tracked as CVE-2022-23960 and is described as a Cache Speculation Restriction Vulnerability.

The researchers at VUSec who discovered the issue have dubbed it “Spectre-BHB” and utilize Branch History Injection to allow for speculative execution. While it is similar to the Spectre security flaws found in chipsets last year, it is only tangentially related. Furthermore, there is no evidence that hackers are currently exploiting it.

On top of the impressive bug fixes, this release also includes improvements to Microsoft Defender and enhanced IT administrators’ capabilities to make it easier to control language-related features remotely in the OS.

Patch Tuesdays are always significant, but this one is even more critical than most. If you haven’t already done so, head to Microsoft’s website and install it on all your Windows 10 devices running versions 1809, 21H1, and 21H2. Also, note that one week before Microsoft released this patch, they released Windows 10 builds KB5017308 and KB5017315, which addressed various performance issues and patched twenty bugs.

Patch Tuesday is a regularly scheduled event. Microsoft rolls them out on the second Tuesday of each month at 10:00 AM PST.

September 14, 2022 Atlantic Computer Services Blog

New Phishing Service Is Targeting Banks

Hackers are increasingly adopting practices that legitimate business owners will immediately recognize.

Recently, a new PhaaS (Phishing as a Service) operation has surfaced that specifically targets major banks. These banks include Bank of America, Wells Fargo, Citibank, Capital One, PNC, US Bank, Lloyds Bank, Santander, and the Commonwealth Bank of Australia.

Snarkily named “Robin Banks,” the service also offers templates to steal T-Mobile, Netflix, Google, and Microsoft accounts.

The group was unearthed by analysts from IronNet, whose evidence indicates that the group has been active since at least March of this year (2022).

Even though the group hasn’t been active for terribly long, they’ve already made quite a name for themselves for their high-quality phishing pages that target customers of the organizations mentioned above.

The group has two different pricing tiers to those who wish to engage their services. Their budget option is just fifty dollars a month and offers a single page and 24/7 support. Their deluxe package is available for $200 a month and it gives their customers unlimited access to their templates, along with 24/7 support.

The service even offers a professionally designed dashboard. This allows threat actors who hire them to keep an eye on every aspect of their illicit operation, create and manage the pages they have created using the offered templates, wallet management, and a variety of other advanced tools, including reCAPTCHA services to thwart bots.

If you’re in any way associated with information security, the details above should alarm you. Robin Banks has seen their popularity on the Dark Web explode. What’s perhaps most disturbing about the service they’re offering is that increasingly, hackers don’t need a broad or deep skillset to set up an effective phishing campaign. The service does all the hard work for them.

Unfortunately, that means that IT Security just got a whole lot harder. Stay vigilant out there.

Previous page 1 … 3 4 5 6 7 … 155 Next page

Tag Archives: Security