Tag Archives: Technology

Posted on Author Atlantic Computer Services Categories Blog

Major Security Flaw Found In Some Cisco Routers

Recently, Cisco disclosed the existence of four serious security flaws in their routers that use iOS and iOS XE software. One of the four, CVE-2020-3227 is rated at a severity of 9.8 out of 10.

It allows a remote attacker without credentials to execute commands to the operating software without proper authorization, which in turn, allows a hacker to take complete control over the system.

One of the other security flaws announced, CVE-2020-3025 is a command-injection vulnerability in Cisco 809 and 829 Industrial Integrated Services Routers, and in Cisco 1000 Series Connected Grid Routers. Here, the vulnerability is that since the software doesn’t adequately validate signaling packets, a determined hacker could send malicious packets to the device to gain control of the Virtual Device Server (VDS). From there, they can compromise the entire system.

The third and fourth issues are being tracked under CVE-2020-3198 and CVE-2020-3258, and again targets the company’s 800 Series Industrial Routers. This allows hackers to execute commands to the device, causing it to crash and reboot. Like the first one we mentioned, this one scores a severity of 9.8 out of ten.

The fourth bug is somewhat less serious, scoring only a 5.7 out of ten. A That one allows an attacker to modify the device’s run-time memory, overwriting system memory and executing arbitrary code on an impacted device.

The good news is that the company already has a fix for all of the security flaws outlined above. So if you use any of the devices mentioned earlier, head to the company’s site to be sure you’ve got the latest security patch. Just to be safe, if you use any type of Cisco Industrial Router, now is a good time to double check to make sure you’ve got the latest security patches installed. A few minutes checking could save you thousands of dollars and spare you from a great many sleepless nights.

0
Posted on Author Atlantic Computer Services Categories Blog

Ransomware Targets Company Working On A COVID-19 Vaccine

It’s common knowledge that hackers are highly opportunistic and certainly not above targeting children, the sick and the dying if there’s money to be made.

Even so, attacking a drug company currently doing research to find a vaccine for COVID-19 has to be counted as a new low, even for hackers. Sadly, that exact scenario has happened.

Recently, Hammersmith Medicines Research LTD (HMR) sent out a notification informing their patients and clients that they had been the victim of a ransomware attack. Worse, when the company refused to pay the ransom, the hacking group published some of the data they stole on the Dark Web in a bid to pressure the company to pay up.

HMR’s statement reads, in part, as follows:

“We are sorry to report that, during 21-23 March 2020, the criminals published on their website records from some of our volunteers’ screening visits. The website is not visible on the public web, and those records have since been taken down. The records were from some of our volunteers with surnames beginning with D, G, I, or J.”

The statement goes on to detail the data that was compromised, which includes the names and dates of birth of some of their volunteers, identifying documents, their answers to health questionnaires, signed consent forms, information from doctors, and some test results.

Unfortunately, this is a sufficient body of information to steal an individual’s identity. So if you’re one of the company’s volunteers, and you haven’t been contacted by the company yet, be aware that your personal information may have been compromised.

These are dark days, and hacking groups around the world seem content to carry on as though there’s not a global pandemic raging. While HMR may have been the first to fall victim to hacking activities during the pandemic, they will almost certainly not be the last, and that is unfortunate. The hackers, after all, need the vaccine as much as the rest of us.

0
Posted on Author Atlantic Computer Services Categories Blog

Google Data Shows Impacts Of Covid-19 Shelter In Place Precaution

Google is using the massive footprint in the smartphone ecosystem to help people understand the impacts that social distancing is having in the face of the global pandemic. Their new global Community Mobility Reports are both revealing and eye-opening.

The graph was created from the first reports, which covers 131 countries and regions around the world.

The information was taken from data collected between Sunday, February 16th, 2020, through Sunday, March 29th, 2020. It shows daily movement trends at key locations including social hubs like grocery stores, pharmacies, transit stations, workplaces, retail outlets and recreational areas.

Back on February 16th, most areas had not yet urged social distancing. The starting point serves as a baseline to compare the rest of the data against, and the differences are striking. In the United States, by Sunday, March 29th, traffic to retail centers, grocery stores, pharmacies and the like had fallen by a whopping 47 percent, with traffic to parks and workplaces being down 19 percent and 38 percent respectively.

Italy was the country most impacted by the virus in Europe. There, retail traffic had declined by 94 percent by March 29th, with traffic to parks and workplaces down 90 percent and 63 percent respectively.

Things are even more dramatic in Spain, which saw traffic to both retail and recreational sites drop by 94 percent. The decline has been nearly as dramatic in the UK, with traffic rates to those types of locations down a total of 85 percent.

In addition to giving viewers a bird’s eye view of global traffic trends, the reports make it possible to view state level trends in the United states. For instance, in New York, retail traffic has declined 62 percent, while traffic to parks and workplaces are down 47 percent and 46 percent respectively.

In any case, the reports are well worth checking out and provide a number of valuable insights into who’s doing what in response to the Cornoavirus.

0
Posted on Author Atlantic Computer Services Categories Blog

Mobile Flash Storage Getting Faster To Accommodate 5G Rollout

Are you ready for the world of 5G? Even if you are, the available storage you have on your favorite devices may not be as robust as you’d like it to be.

Anticipating this problem, Western Digital has announced a new bit of technology that will be available on the next generation of devices. The new technology is a new Universal Flash Storage (UFS) device that will go a long way toward ensuring that storage isn’t the performance bottleneck on the new, more robust network.

Western Digital’s Itzik Gilboa had this to say about the new technology:

Clearly, 5G will bring on new types of very high-performance applications – from gaming to AR / VR, machine learning and AI. Yet these applications can only exist if they have the hardware to support the performance levels they require…our goal is to make sure that our part in the data path is never the limiting factor for the user experience.”

We don’t know much about the new drives, but we do know that they’ll use multi-level NAND to achieve better cost efficiencies and offer sequential write speeds of up to 800MB/s. This will be a big benefit to gamers, to people downloading high resolution (4k and 8k) media files, and to anyone who is in the habit of transferring large amounts of data from the cloud.

According to the Western Digital announcement, the new drives will be available beginning in March 2020, and will be available in your choice of 128 GB and 256 GB configurations.

This is excellent news and we’re very excited to give the new tech a test drive. If they live up to the hype, they’ll be good additions indeed. Any device outfitted with one of these will be well-positioned to take advantage of everything the world of 5G has to offer.

0
Posted on Author Atlantic Computer Services Categories Blog

Some Smart Light Bulbs Are Vulnerable To Hackers

Hackers will take any and every opportunity presented to them, even if it means hacking smart light bulbs. Recently, security researchers at Check Point discovered a bug in the Philips Hue smart bulb that makes it vulnerable.

The bug is being tracked as CVE-2020-6007 and scores an impressive 7.9 out of 10, making it the most serious security flaw in a light bulb we’ve ever seen.

It sounds funny. After all, who would want to hack a light bulb? But it’s actually got serious implications. After all, the light bulb is just the beginning. Once hackers are ‘in’ the bulb, it gives them a beach head on the network that the bulb is attached to, and from there, they can jump to any other device they can see.

Fortunately, Philips has already published a fix for this, in the form of firmware version 1935144040. If you own one or more Philips Hue bulbs, you’ll want to check the firmware version. If yours has not already been updated, take the time to do so.

This underscores the one glaring weakness of the Internet of Things. Very few of the smart products we’re connecting to our networks have any security at all. The few devices that do boast some kind of security often have flaws like the one discovered here, which are severe enough to be considered crippling.

The net effect is to make any network that incorporates smart devices much less secure. After all, your network is only as secure as the weakest device on it, and smart devices have notoriously bad security.

That’s changing, but it’s changing at an incredibly slow rate. If you’ve got smart devices on your network, consider isolating them and minimizing the amount of contact they have with other devices on your network. That way, at least you can mitigate the impact until security improves.

0
1 6 7 8 9 10