Hackers gain access to Microsoft Teams chats to distribute malware

Published on Thursday 14th April 2022

Security researchers have recently warned that hackers are compromising Microsoft Teams accounts to access chats and spread malicious executable files and programmes to participants in the conversation.

Over a quarter of a million users rely on Microsoft Teams every month with many of these trusting the platform implicitly, despite the absence of protections against malicious files.

Simple but efficient method

Researchers found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform. The attacks started in January and there has been thousands of them. From the data available, most attacks were recorded at organisations in the Great Lakes region in the U.S., with local media outlets being a particular target.

The perpetrator inserts an executable file called “User Centric” into the chat to trick the user into running it. Once executed, the malware writes data into the system registry installs Dynamic Link Libraries (DLLs) and establishes a presence on the Windows machine. Basically, it takes over the computer. Continue reading

Owned vs Cloud – A pragmatic guide for SME management teams

Published on Thursday 14th April 2022

When your on-site server comes to the end of its life or it no longer suits your business needs, you face a choice.

1) Invest in an upgraded owned server

2) Migrate to the cloud with a server free solution

3) Take a ‘hybrid’ approach, with a mix of cloud and locally hosted systems or services.

In this guide we’ll walk you though the decision-making process and suggest key questions the management team should ask before making a decision.

Request our free eBook

Should the team still work from home now Covid restrictions are being removed?

Published on Friday 11th March 2022

Many businesses have been encouraging staff to work from home (at least some of the time) during the pandemic, and for many people this has become ‘the new norm’.

Can hybrid working (office and remote working) be ‘the new norm’ once Covid restrictions have been fully removed?

There are pros and cons with both office and home/remote working. (Photo by Glenn Carstens-Peters)

 

Working from home has some benefits:

  1. Studies have found that people can be more productive when working from home.
  2. Less travel to work means cost savings, less congestion, and less air pollution.
  3. Empty offices don’t need heating.

This needs to be balanced with some of the downsides: Continue reading

Commonly used computer related TLAs (Three Letter Acronyms), FLAs (Four Letter Acronyms) and other IT jargon to help anyone in a business communicate with their IT department

Published on Sunday 16th January 2022

Here at Trichromic we prefer not to use too many computer-related TLAs (Three Letter Acronyms), FLAs (Four Letter Acronyms) and unnecessary IT jargon when communicating with our clients’.

However, these can’t always be avoided (and some like to use them when they shouldn’t) so here you’ll find a categorised glossary of the most commonly used abbreviations which could be useful to anyone talking to IT departments or even an outsourced IT managed service provider like Trichromic. We’ll keep expanding this list and adding descriptions when time permits so please keep visiting to view the latest updates. You can contact us for more information on any of the descriptions below or even to find out how Trichromic can help improve the efficiency of your business processes by harnessing the latest technology. ~ Lloyd Reid

Systems, Standards and Common Terms

AD — Active Directory
ADSL – Asymmetric Digital Subscriber Line
AI — Artificial Intelligence
ASCII — American Standard Code for Information Interchange
B2B — Business-to-Business
B2C — Business-to-Consumer
BYOD — Bring Your Own Device
CAD — Computer-Aided Design Continue reading

Technical support operations during Christmas and New Year

Published on Monday 22nd November 2021

Merry Christmas from all of us at Trichromic! We would like to take the opportunity to thank you for your business in 2021 and we wish you a very Happy New Year.

Our telephone help desk will be closed from 17:30 on Friday the 24th December and will re-open at 09:00 on Tuesday the 4th of January 2022.

When open, our help desk be contacted on 020-3327-0310 (option 1) and by email at support@trichromic.co.uk.

Those companies with a fully managed service contract should email or leave a voicemail on our help desk during the holiday season and we’ll respond as soon as possible.

Our Sapphire CloudDESKTOP, CloudAERO and CloudEXCHANGE services will be continually operating and monitored during the break and we have no current plans for any periods of scheduled maintenance on our hosting or Topaz CloudBACKUP systems.

Did you know it’s Cybersecurity Awareness Month?

Published on Sunday 10th October 2021

Cybersecurity Awareness Month

Have you noticed the rapid pace of change in technology these days? Technology component costs appear to be lower than ever and the ability to connect individuals around the globe has dramatically accelerated the capacity for innovation, and businesses need to constantly adapt or fall behind.

This is a two edged sword. Whilst our businesses have the opportunity to use this new and exciting technology, our people, systems, and processes can’t always keep up with such rapid change. These gaps together with outside problems such as staff using technology from home, ransomware, and supply chain attacks have led to Cybersecurity becoming increasingly important for all businesses.

Recent ransomware attacks on Colonial Pipeline and JBS Foods have shown that targeting IT systems is a really effective way to damage our businesses and extort money from corporations.

Very often the weakest link in cybersecurity is humans. Rather than using purely technical methods to crack into a business, hackers use social engineering tactics such as phishing to get information from our employees. These attacks prey on the soft spots of human psychology, and an event such as a global pandemic makes those soft spots even more pronounced.

Throughout October, Trichromic will be sharing resources such as blogs, webinars and podcasts focusing on the cybersecurity issues that we feel are most important to our customers and contacts. If any of this communication hits a nerve and you would like to speak with one of our team to better understand the threats or what you can do to mitigate them or you would like a complementary review of your systems, please call us on: 020 3327 0310

Or send us an enquiry via our website at:

https://www.trichromic.co.uk/contact

How did cyber-attackers shut off an oil pipeline?

Published on Sunday 9th May 2021

Investigators at the largest fuel pipeline in the US are working to recover from a devastating cyber-attack that cut the flow of oil. The hack on Colonial Pipeline is being seen as one of the most significant attacks on critical national infrastructure in history.

How can a pipeline be hacked?

Colonial Pipeline relies on digital technology to control the flow of diesel, petrol, and jet fuel across hundreds of miles of piping. It even has a robot that scurries through its pipes that checks for anomalies. All this technology is connected to a central system, and where there is connectivity, there is risk of cyber-attack.

How did the hackers break in?

Direct attacks on operational technology are rare because these systems are usually better protected. So it’s more likely the hackers gained access to Colonial’s computer system through the administrative side of the business.

Continue reading

Trichromic renews their Cyber Essentials certification

Published on Wednesday 24th February 2021

Trichromic has proudly renewed their Cyber Essentials certification.

The standard is part of the UK Government’s National Cyber Security Strategy and demonstrates our commitment to cyber security, our ability to safeguard our own systems, the hosting services we deliver to clients, and it reinforces our capabilities as a managed services provider.

Launched in 2014, the Cyber Essentials scheme focuses on promoting the essential security controls that organisations need to have in place in order to reduce the risk posed by threats on the Internet. The scheme addresses five key controls that, when implemented correctly according to the government, could prevent around 80% of cyber attacks:

Continue reading

Problems with Windows 7 networking after the January 2019 update (KB4480970)

Published on Thursday 10th January 2019

Unable to access data in numerous Windows shares today after the (KB4480970) update.

https://support.microsoft.com/en-gb/help/4480970/windows-7-update-kb4480970

When trying to access shares the error “The handle is invalid” is displayed.

Microsoft has suggested various work-arounds but the only fix we have discovered is to completely remove the KB4480970 update.

Update: Microsoft have now released an update to resolve this issue which can be download from here

Microsoft have also explained this only affected users who in the local administrators group which is often the case in a Windows Workgroup environment.

Trichromic has been awarded the 3CX Gold Partner status

Published on Saturday 1st December 2018

The Gold Partner status is awarded to companies who prove their competency installing and supporting the 3CX phone system.

3CX supports many VoIP open standards including SIP and Trichromic is proud to be a 3CX Gold Partner with certified 3CX engineers who have many years of experience installing and supporting the platform. We also provide and support a range of compatible handsets from high quality manufacturers including Yealink.

3CX delivers a flexible and feature-rich telephone solution that ensures cost-savings over traditional ISDN systems. Please contact us for more information.