Tag Archives: Technology News

Dropbox Suffers Major Breach in Phishing Attack
Posted on Author Atlantic Computer Services Categories Blog

Dropbox Suffers Major Breach in Phishing Attack

It’s no secret that cyber attacks are on the rise, and that no company is immune to them. Dropbox, a cloud storage company, was the lastest victim when their GitHub account was compromised. This allowed attackers access to 130 code repositories, which contained sensitive data.

Dropbox was notified of a potential breach on October 14th from GitHub, who observed suspicious activity coming from the account starting one day earlier.

On Tuesday, November 1, 2022, Dropbox released an announcement that said, “our investigation has found that the code accessed by this threat actor contained some credentials—primarily, API keys—used by Dropbox developers.”

The data contains the names and email addresses of a few thousand Dropbox employees, current customers, past customers, sales leads, and vendors.

A successful email phishing campaign, targeting Dropbox employees and pretending to be from CircleCI (a continuous integration and delivery platform), has been attributed to a recent data breach. The emails directed the victims to a landing page where they were asked to enter their GitHub credentials.

Dropbox states that the hackers did not manage to get access to customers’ accounts, passwords, or payment information. In addition, none of Dropbox’s core apps or infrastructure were compromised. As a result of this attack, Dropbox is taking further steps to secure its environment by using WebAuthn and hardware tokens or biometrics.

It was almost immediately after the compromise that GitHub detected the exfiltration of content from private repositories. The threat actors used VPNs and proxy services to make it more difficult to trace and identify them.

The Dropbox security breach is just one example of how even big companies are susceptible to damage by sophisticated cyber attacks. But while Dropbox was quickly mitigate the damage caused by the attack, it’s a reminder to all businesses that they’re always vulnerable to these kinds of threats. Therefore, it’s important for employers educate their staff on how identify potential cyberattacks.

0
SIM Swap Attack Targets Verizon Customers
Posted on Author Atlantic Computer Services Categories Blog

SIM Swap Attack Targets Verizon Customers

Recently, Verizon experienced a minor but significant data breach. Between October 6, 2022, and October 10, 2022, an unknown malicious actor gained access to Verizon’s prepaid wireless accounts, compromising approximately 250 individuals.

According to a letter to customers, Verizon discovered the breach after noticing “unusual activity” on its network.

Due to the data breach, a SIM swap attack has been launched. Threat actors can take over the target’s phone number by convincing their mobile carriers to switch the target’s number to a SIM card controlled by the attackers.

Verizon warned its customers that the breach exposed the last four digits of their credit card numbers, which could result in fraudulent SIM card swaps. Additional customer data such as phone numbers, mailing addresses, account plans, and credit card information has been compromised. Verizon has confirmed that the attack did not compromise bank account information, passwords, social security numbers, tax IDs, or other sensitive information.

As a result of the data breach, Verizon reset the account security codes of an unspecified number of accounts.

Verizon reported that the company had successfully blocked any further unauthorized access to its customer’s accounts. Additionally, Verizon stated that it did not find any indication that the malicious activity was still ongoing.

Verizon’s customers can protect themselves from SIM swapping attacks by activating the company’s free “Number Lock” protection feature. Once a phone number is locked, it cannot be transferred to another device or service provider. Unless the account owner removes the lock, SIM swapping will be impossible.

Verizon users are urged to reset their pin codes, update passwords, and modify security questions to protect themselves against future attacks.

Customers are encouraged to review their information by logging into their Verizon account. Those who notice anything unusual should get in touch with Verizon directly.

The Verizon data breach serves as a reminder that even well-established businesses are susceptible to attack. However, customers can take steps to protect themselves, such as utilizing the ‘Number Lock’ security feature. By taking precautions and monitoring their accounts, customers can help ensure the security of their information.

0
Posted on Author Atlantic Computer Services Categories Blog

Zoom Fixes Severe Security Vulnerability for Mac Users

There is no doubt that Zoom has become very popular in the business and academic sectors, as it is widely used for video conferencing and voice-over IP (VoIP).

Zoom issued a security bulletin at the beginning of October, informing users that an update was now available for download in response to an identified security flaw. CVE-2022-28762 has been identified as a vulnerability by Zoom and has been patched accordingly.

Specifically, this problem appears to affect the macOS Zoom client from versions 5.10.6 to 5.12.0. It is important for users to make sure they have the latest version of Zoom installed on their computers. When using the Zoom desktop client on a Mac, users can look at the current version number of the video conferencing software that is currently installed by clicking “zoom.us” in the menu bar.

It is possible for users to manually update the software by checking for updates in the “About Zoom” section of the software.

Vulnerability

The macOS Zoom client is vulnerable to local attacks by malicious users because of a vulnerability identified in the open debugging port of the client.

The vulnerability identified by Zoom was rated 7.3 out of 10 by the CVSS (common vulnerability scoring system), which indicates it is a severe issue.

Zoom recommends that all users update their software to the latest version as soon as possible to protect themselves from potential security vulnerabilities.

The safety and security of Zoom’s users are a top priority for the company. Although the CVE-2022-28762 vulnerability is severe, it can be fixed by updating Zoom to the most recent version. It is highly recommended that users check the version that they are currently using and update it accordingly.

0
Posted on Author Atlantic Computer Services Categories Blog

The Evolution of Callback Phishing Scams

Phishing is one of the oldest forms of cybercrime. It continues to grow and evolve, making it difficult for people to defend themselves.

Callback phishing scams are email campaigns that pose as expensive memberships to confuse recipients who have never signed up for these services.

The email includes a phone number the receiver may call to learn more about this “membership” and cancel it. But doing so opens the door to social engineering assaults that infect victims’ devices with malware and, in some cases, full-blown ransomware attacks.

This type of attack started with what is now known as BazarCall campaigns.

Under the alias “BazarCall,” threat actors started sending emails posing as subscriptions to popular services, along with a phone number to call so they could cancel the purchase.

When a target dialed the number, the threat actors guided them through a series of prompts that ultimately resulted in downloading an Excel file infected with the BazarLoader malware. BazarLoader allowed remote access to compromised devices, which led to ransomware assaults.

The evolution

The social engineering method has changed in recent callback phishing attacks, but the bait is still an invoice from well-known service provider companies.

Once the receiver phones the number provided, they are asked for “verification” invoice data. Next, the scammer says no matching records exist, and the victim’s email was spam.

The fake customer care worker tells the recipient that the spam email may have infected their computer with malware and offers to connect them with a technician. In the final step, the victim is connected to the fake technician to aid with the infection and takes them to a website where they download malware disguised as antivirus software.

In the security software campaigns, the scammers claim that the security package pre-installed on the victim’s laptop has expired and has been automatically renewed. Eventually, the fraudster takes the victim to a malware-dropping canceling and refund gateway.

These tactics convince victims to download malware like BazarLoader, remote access trojans, or other remote access software.

The final step is persuading the victim to access their bank account to get the reimbursement. But the victim is deceived into paying money to the con artist by locking the victim’s screen, starting a transfer-out request, then unlocking the screen when the transaction requires credentials.

After the transaction, the victim is supplied with a fake refund successful page to deceive him into believing that they have received the refund. In addition, in some cases, the threat actors send the victim an SMS stating that the money has been refunded to prevent the victim from noticing any fraud.

Of course, losing money is only one of the issues that infected users may have because the threat actors can launch new, more dangerous malware that will spy on them for a longer period and steal sensitive data.

Overall, callback phishing scams are difficult to defend against because they are constantly evolving. The best defense is to be aware of the signs of a scam, such as unexpected invoices or calls from numbers you don’t recognize. If you suspect you may be a victim of a callback phishing scam, hang up and call your bank or service provider directly to verify any suspicious activity.

0
Posted on Author Atlantic Computer Services Categories Blog

DuckDuckGo for Mac Comes with New Privacy Features

DuckDuckGo announced on October 18, 2022, that the beta version of its Mac desktop app is now available for all Mac users. 

DuckDuckGo is a browser that focuses on privacy. It has many new features designed to make web browsing more private and less cluttered, improving the user experience. DuckDuckGo generates objective results without any subjective factors or “user preferences.”

The intent of DuckDuckGo for Mac is to replace “incognito” modes in other browsers that do not fully protect against web tracking. DuckDuckGo’s app for Mac uses roughly 60% less data than Chrome because trackers are blocked before they are loaded. In addition, the app has advanced privacy protection features pre-configured and activated by default to improve the user’s experience.

What’s New

Despite being in beta, DuckDuckGo for Mac has added several updated features since it was released in April 2022. The most significant change is that version 0.30 does not leave blank spaces in place of blocked ads, allowing users to browse without distractions.

Duck Player

Duck Player is one of the exciting highlights of this announcement. The Duck player provides a more private way to watch YouTube videos. This embedded YouTube player prevents the platform from building an advertising profile for users. Using Duck Player will reduce targeted ads and distractions. However, users can switch seamlessly between Duck Player and standard YouTube.

Password Management

There’s a secure password manager in DuckDuckGo’s browser. Like most password managers, DuckDuckGo’s password manager stores and fills in login credentials automatically. However, DuckDuckGo has partnered with Bitwarden, a password manager that’s open-source. Bitwarden users can look forward to activating a new password manager integration through the browser’s settings in the coming weeks. Additionally, DuckDuckGo for Mac now works with 1Password’s universal autofill.

Email protection

DuckDuckGo’s new version of the browser also offers email protection. Users who activate DuckDuckGo’s email protection will be able to protect their email inbox with email tracker blocking and private @duck.com addresses.

Cookie Pop-Up Manager

The Cookie Consent Pop-Up Manager manages cookie pop-ups much more effectively. The pop-up manager will automatically select the most private option to minimize cookies on various websites. The pop-up manager allows users to browse the internet without being interrupted by annoying pop-ups asking about cookie permissions.

Currently, DuckDuckGo for Windows is in its early beta with testing through family and friends.  A  private waitlist for the Windows DuckDuckGo app in beta is expected to be publically released soon.

Overall, DuckDuckGo’s desktop app for Mac is an exciting new development that offers a more private and less cluttered web browsing experience. The app has several unique features that make it an appealing option for a more secure and private browsing experience. Although the application is still in its early stages of development, it has shown promise as a more privacy-conscious alternative to other web browsers.

 

0
1 2 3 188