Tag Archives: Uncategorized

Posted on Author Atlantic Computer Services Categories Blog

Private Twitter Files May Have Been Cached In Firefox

Are you a regular Twitter user? More specifically, are you a regular Twitter user who also prefers the Firefox web browser? If so, be advised that Twitter recently disclosed a new bug with potentially dire implications for you.

Apparently, a flaw in the design of the platform itself caused it to store private files inside Firefox’s browser cache.

The cache is a folder normally reserved for temporary storage of website files. Unfortunately, even after a user logged off of Twitter’s service, the files would remain in the browser cache, often for as long as a week,. This enables anyone with access to that machine to view them.

The files stored in this manner include files received via Direct Messages (DMs) and any downloaded files.

There are two potential points of concern here. First is the fact that if you make regular use of a shared machine and access Twitter from it, then whomever you are sharing the machine with would have easy access to files you assumed to be private.

Second, if malware were to infect the machine you access Twitter from, then the malware may wind up scraping that data and sending it to its controllers’ command and control server. That gives them a copy of information you assumed was private.

A spokesman for Twitter summarized as follows:

If you use, or have used a public or shared computer to access Twitter, we encourage you to clear the browser cache before logging out, and to be cautious about the personal information you download on a computer that other people use.”

From inside Firefox, follow these steps to clear your browser cache:

Go to “tools” then “Options.” From there, select “Privacy & Security” and then “Cookie and Site Data.”

Once there, you’ll see an option labeled “Clear Data.” Click that, give the machine a minute, and you’re all set.

Twitter reports that it has fixed now fixed the bug and reiterated that it was not an issue for people who used Chrome or Safari.

0
Posted on Author Atlantic Computer Services Categories Blog

Over 1 Billion Android Devices No Longer Get Security Updates

According to the latest statistics, there are more than 2.5 billion Android devices in use around the world. That’s a lot of devices by any reckoning. According to statistics gathered by Consumer Watchdog Which?, more than a billion of those devices are no longer receiving security updates.

That is scary. That puts an awful lot of devices at grave risk.

The reason is much simpler than you might expect. According to Google’s data, some 40 percent of the Android devices in use today are running Android 6 or earlier. Those versions of the operating system are out of support and no longer getting security updates at all.

It begs the question then, what version of the Android OS are you running.? If you don’t know, it pays to pull your phone out right now, go into your system settings and find out. If you’re running 6.0 or earlier, it’s well past time for an upgrade.

When smartphones first came out, people traded up to the latest and greatest model every year. These days, that’s much less common. People are simply holding onto their phones for significantly longer periods of time than they used to. That’s having the side effect that long before they upgrade, their phone stops getting security updates, which puts them and their data at increased risk.

It’s something most people just don’t think much about, sadly. If you’re in that camp, we urge you to check your phone right now while you’re still thinking about it. If you’re running an older version of the operating system, download the latest and greatest, which is Android 10.

Nobody thinks they’ll ever be the victim of identity theft until it happens, and by then, of course, it’s much too late. Check your phone. You’ll be glad you did.

0
Posted on Author Atlantic Computer Services Categories Blog

People Are Moving From Windows 7 To Windows 10 For Security

Despite the age of the OS, Windows 7 has enjoyed a surprisingly large and loyal user base. That changed suddenly when Microsoft finally pulled the plug on Windows 7 support.

It couldn’t have come as a surprise to many people. After all, the company has been sounding the alarm and has announced the end of support date for more than a year.

Even so, most Windows 7 users greeted the looming end of support with little more than a yawn.

Then, January came and Microsoft did exactly as they said they’d do. Support ended, and suddenly, broad swaths of the Windows 7 user base woke from their slumber and finally transitioned to Windows 10.

Statistics show that in January, the Windows 7 install base took a significant hit, dropping by some 4.2 percent, while the ranks of Windows 10 users swelled considerably, growing by almost the same amount. Based on the number of machines running Windows 7, that means that in January alone, some 50 million machines were moved off of the old OS.

In some respects, the sluggish response and then the sudden surge aren’t too much of a surprise. Most people tend to put off doing unpleasant things until they simply have to. As long as Microsoft was content to keep issuing security patches to keep the venerable OS secure, the Windows 7 user base was content to trundle along as they always had. The moment that changed, it suddenly made a lot more sense to jump on the Windows 10 bandwagon.

If you’re one of the Windows 7 holdouts, understand that every day you remain on the old OS, you’re putting your network at risk. If you don’t already have plans to upgrade, it’s well past time to make them.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Sends Offensive Texts From Your Phone

Malware tends to be at its most effective when it exists in secret. Under the radar. This is what allows malicious code to burrow deep into an infected system and capture a wide range of data. It’s what allows cryptojacking software to quietly siphon off computer power to mine for various forms of cryptocurrency. That makes money for the malicious code’s owners. Secrecy is typically seen as a very big deal.

Then there’s the malware called Faketoken, which has recently been upgraded with enhanced capabilities that throws all that out the window. The latest version of the malware adds insult to injury by sending out offensive, expensive, or overseas text messages after milking as much money out of an infected system as it can. It’s such a departure from hacking norms that it caught researchers at Kaspersky Lab by surprise when they saw it.

Researchers have been tracking Faketoken’s ongoing development since it first made the “Top 20 Most Dangerous Banking Trojans” list in 2014.

Since that time, the code’s owners have added a raft of capabilities to the malware, including:

  • The ability to steal funds directly, rather than relying on other Trojans bundled with it to do the heavy lifting
  • Using phishing login screens and overlaid windows designed to dupe mobile users into entering their account credentials, handing them straight to the hackers
  • The ability to act as ransomware, encrypting files and demanding payment

Sending out offensive texts is an oddly amusing addition to malicious code like this. However, there may be a method to the apparent madness of the people behind the code. It is, after all, a fantastic way to advertise the code’s effectiveness.

Ultimately, the only people who know the true purpose behind this new functionality are the hackers themselves, but we may well be looking at the leading edge of a new trend in malware. Stay tuned.

0
Posted on Author Atlantic Computer Services Categories Blog

Twitter Making Changes To Their Political Ad Rules

Social media has been at the center of several high-profile political dramas of late. The major platforms came under fire for not doing enough to monitor political ads and other content.  The major players on the social media landscape are all responding in different ways to the backlash. Recently, Twitter announced some new policies that will likely be in place before the time you read these words.

Beginning on November 22nd on Twitter, the company’s new political content and cause-based advertising policies will forbid the paid promotion of certain content. This includes any content that references government officials, ballot measures, referendums, regulations, legislation, candidates, political parties, or government officials.  This change essentially renders it pointless for candidates for political office, or for PACs and Super PACs that may be supporting them to purchase Twitter ads.

As details about the company’s new policies came to light, even supporters of the idea were quick to criticize. They pointed out that issue-based advertisers would also be punished by the changes. Twitter’s CEO Jack Dorsey clarified. He said that issue-based advertisers will be restricted, rather than banned outright. He also said going forward, they will be unable to target users based on demographic factors like race, age, or specific location. Although general location (state and province-level) would still be allowed.

This is a decent compromise position that doesn’t leave issue-based advertisers thrilled. However it is broadly seen as a step in the right direction.  One thing the new policy change doesn’t address though, is the matter of disinformation on the platform, which tends to spread like wildfire.

All in all, the changes are generally positive, but they should be seen as a first step only.  Social media has unfortunately become a cesspool of misinformation, and no one seems to have any good ideas on how to go about changing that.

 

0
1 2 3 4