Recent Blog Posts

Twitch Creator Information Exposed After Hack

ZDNet reports that, ?A hacker leaked the entirety of Twitch’s source code alongside a 128GB trove of data that included creator payouts going back to 2019, proprietary SDKs and internal AWS services used by Twitch, as well as all of the company’s internal cybersecurity red teaming tools.? Most users simply focused on the earnings of high-profile streamers, but as time has passed, more folks are looking at the event as something that can be learned from, particularly in regards to data privacy and security. Twitch?s official response was that users should protect their bank accounts and other affected credentials, resetting the stream keys that are used to connect Twitch to various streaming platforms and broadcasting systems. At this time of writing, there has been no indication that credit card information or login credentials were exposed, but when it comes to network security, one can never be too careful. This issue stems from a configuration error that left certain information exposed to the Internet. Several of these errors have popped up for various software developers, whether they are actual errors or negligence on the service side of things, and these errors have led to data breaches for other services. In any case, there isn?t much to be done besides taking the appropriate precautions yourself. The biggest issue that comes from this event is that the Twitch application?s source code was leaked online, meaning that hackers can now use this information to discover more flaws in the source code and release it online. Plus, considering that Twitch is far from the only video streaming service out there, imagine the intellectual property complications of other streaming services getting their hands on this source code. Ultimately, you must always remain vigilant; even if you do everything right, one muck-up on the service provider?s end, like a configuration issue, could spell trouble for your organization. You should only work with providers whom you know you can trust. White Mountain IT Services wants to be one such provider for your technology management needs. You can count on us to honor your security expectations. To learn more, reach out to us at (603) 889-0800.

MosaicLoader Malware Uses Cracked Software to Steal Your Credentials

Cybersecurity company BitDefender discovered MosaicLoader, a malware that is capable of stealing passwords, mining cryptocurrency, and installing trojan malware on infected computers. This malware specifically targets the Windows operating system. MosaicLoader is somewhat of an oddity among malware, as it is distributed in a much different way from other types of malware. Most forms are distributed through phishing attacks or unpatched software vulnerabilities, while MosaicLoader spreads through advertisements. These advertisements appear when users search for cracked versions of software. When we talk about cracked software, what we mean are versions of software where a license is not needed. Typically whenever you purchase a copy of a software, you are also purchasing a license that gives you permission to use it. Without that license, the software may not operate, leading to operational issues. Sometimes employees might choose to download cracked software, particularly if they do not want to pay for the license or if the license has expired on their copy of the software. MosaicLoader works by infecting machines that download these cracked versions of software. The malware then starts to steal passwords, mine cryptocurrency, and install trojan backdoors on the devices to allow hackers to remotely access the machine. The ultimate goal of MosaicLoader seems to be to sell compromised Windows machines to the highest bidder. Since the goal seems to be to install on as many devices as possible, these hackers? plans should in theory be foiled if the malware fails to install on enough devices. Therefore, it?s your responsibility as a business owner to protect this fate from befalling your own organization?for both yourself and your employees, as well as others. Due to the unique way that this malware spreads, you can do two things to keep your company safe. The first is to make sure that all of your employees have access to the tools they need to be productive throughout the workday. Since this malware spreads through advertisements for cracked software, ensuring that your workers have properly licensed software will keep them from searching for new software. The second is through comprehensive security solutions and thorough network monitoring. By keeping your defenses shored up and a close watch on your network traffic, you can be sure to prevent the majority of threats and identify when anything suspicious has manifested on your infrastructure. White Mountain IT Services can most certainly help in this regard. To learn how we can help you keep your business safe, reach out to us at (603) 889-0800.

Windows Suffering from MSHTML Exploit

What is MSHTML? MSHTML is the browser engine that is found within the personal computer and server unit versions of Windows. The vulnerability itself can be found in just about any device that runs most versions of the Windows operating system. Industries most impacted by this vulnerability include telecommunications, medical technology, industry, energy, banking, and research and development. How Does the Exploit Work? The vulnerability itself is easy to exploit, as all it needs is for someone to send an infected Office file to a user. Once the file is downloaded, it runs code and executes the payload, infecting the target machine. Kaspersky claims that attackers can then use ActiveX to perform even more attacks, like downloading backdoors onto the infected system. This is particularly devastating if the hacker can gain administrative privileges by attacking, say, the network or system administrator for your systems. What Can Be Done About It? MSHTML has been patched by Microsoft, but if you have yet to download the patch, you can simply not download the infected Microsoft Office document. Plus, you should never download a suspicious or unknown file in the first place. Now, applying patches and not downloading suspicious files might sound like best practices?and they are?so make sure that you are following them and not putting your company at unnecessary risk. By working with White Mountain IT Services, you can ensure that patches get applied in a timely manner. Furthermore, you can get all of the security solutions and training needed to maximize network security. To learn more, reach out to us at (603) 889-0800.

New Update Brings Windows 11 to Chrome

If you are interested in matching your Chrome browser?s look to your new Windows 11 desktop, here is how to do it: First you will want to check to ensure that your Chrome browser is on version 96 or higher. You can do this by clicking on the three-dot menu in Chrome and go to Help > About Google Chrome. Once you?ve determined you have the Chrome version to continue you?ll want to type in chrome://flags in the address bar and hit Enter. Once the Experiments page opens, type ?Windows 11? in the search bar. You will then click the drop-down menu for Windows 11 Style Menus and set it to enabled. Relaunch the browser and it should update.  The current design is subtle, but you can notice a change in the style and menu configurations. Edge, Microsoft 11?s default browser?which is also a Chromium-based browser platform?has been updated by default with these design cues and menu configurations. Windows 11 is here, and it will soon be time for many businesses to make the switch. If you would like to talk to one of our IT professionals about updating to Windows 11 or simply to have a conversation to determine the best way forward for your business? software, give White Mountain IT Services a call at (603) 889-0800.

Learning Telltale Signs of a Phishing Email Can Save Your Business

To illustrate our point, let?s look at an example. You might receive emails claiming that you have won some wild prizes, but you don?t remember putting your name into the running for them. The message is delivered in a way that makes you think it?s from someone who doesn?t speak proper English, and it certainly doesn?t sound like a professional message. Plus, the email makes you want to pull the trigger immediately by claiming that the prizes are time-sensitive. These are all common tactics used in phishing messages. They often come in the form of fake invoices or from those higher up in the chain of command. You might receive a message that appears to come from your boss asking for a wire transfer, for example. It?s safe to say that this is troublesome at best. Essentially, the majority of phishing emails will showcase the following characteristics: Something that appears too good (or too wild) to be true (winning prizes, receiving awards) Spelling and grammar errors; many phishing campaigns originate outside of the United States A sense of urgency that pushes the user to act a certain way, such as paying an invoice or clicking on a link to enter contact/financial information Links to click on or attachments to download; these are often infected with malware or give hackers alternative methods of infiltrating your systems. The email comes from a strange email address that does not coincide with the sender?s supposed identity. It?s always important to check the sender. These are far from the only warning signs, but they are the ones that you should be particularly aware of. Phishing messages often look so convincing that the recipient might not even think twice before downloading an attachment or clicking on a link. It?s important that you treat all messages with the same level of scrutiny at the minimum. Be sure to try to identify the identities of the senders if possible through some type of external communication, like a phone number or, you know, walking to their office. White Mountain IT Services wants to help your business train employees to identify threats from phishing scams and emails. If you can train your staff to leverage a certain level of scrutiny against messages like these, then you naturally make them more resilient to falling for them. To learn more about how you can make this happen, give us a call at (603) 889-0800.