Sign up for our Technology Newsletter 
Can Android AT Work Entice The Enterprise?
March 9, 2015 by admin
Filed under Around The Net
Comments Off on Can Android AT Work Entice The Enterprise?
Google Inc rolled out an initiative to make smartphones running its Android software more appealing to corporations, a move that could help extend the Internet technology giant reach into workplaces.
Google said on its official blog that its Android for Work program will provide improved security and management features for corporations that want to give their employees Android smartphones. Smartphones supported by the new initiative will be able to keep an employee’s work and personal apps separate, and a special Android for Work app will allow businesses to oversee key tools such as email, calendar and contacts.
Google said it is partnering with more than two dozen companies including Blackberry Ltd, Citrix Systems Inc, Box Inc.
Google’s Android software is the world’s most popular mobile operating system, but many corporations, which have significant security and device management requirements, give their employees smartphones made by Blackberry or Apple Inc.
Is Epic Turla Exploiting Windows XP?
Kaspersky Lab has discovered an espionage network that successfully attacked government institutions, intelligence agencies and European companies.
The firm has dubbed the spy operation Epic Turla, and said that it is in no doubt about its capabilities.
“Over the last 10 months, Kaspersky Lab researchers have analyzed a massive cyber-espionage operation which we call ‘Epic Turla’,” it said.
“The attackers behind Epic Turla have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies.”
Kaspersky said that Epic Turla used two zero-day exploits that affected Adobe and Microsoft software, along with some backdoor and social engineering tricks.
In particular, Kaspersky said a vulnerability in Windows XP and Windows 2003 – CVE-2013-5065 – termed a “privilege escalation vulnerability” is being used. “The CVE-2013-5065 exploit allows the backdoor to achieve administrator privileges on the system and run unrestricted. This exploit only works on unpatched Microsoft Windows XP systems.”
The use of this Windows XP flaw underlines the risk that the unsupported Windows XP OS poses. Kaspersky went on to explain that, once inside, attackers install their own rootkits and other malware tools and begin their surveillance.
“Once the attackers obtain the necessary credentials without the victim noticing, they deploy the rootkit and other extreme persistence mechanisms,” it said. “The attacks are still ongoing as of July 2014, actively targeting users in Europe and the Middle East.”
The attacks are just the latest in a long line of incidents that businesses need to be aware of as cyber attacks continue at an alarming rate.
In June the security firm Crowdstrike alerted the industry to Putter Panda, a cute-sounding but nasty piece of malware. That firm pointed an accusatory finger at China and charged it with espionage on the US and Europe.
Crowdstrike CEO George Kurtz said at the time, “China’s decade-long economic espionage campaign is massive and unrelenting. Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe.” Chinese authorities disputed this.
The report comes in the same week Hold Security reported uncovering a huge trove of 1.2 billion web passwords and login details that have been gathered by Russian cyber criminals.
Is Malware Wreaking Havoc On XP?
One of the top three malware programs affecting businesses in the second quarter is a worm that takes advantage of the large number of companies still using Windows XP, Trend Micro has warned.
The worm, dubbed DOWNAD, also known as Conficker, can infect an entire network via a malicious URL, spam email, or removable drive. Windows XP is particularly susceptible to this threat because it is known to exploit the MS08-067 Server service vulnerability in order to execute arbitrary code.
DOWNAD also has its own domain generation algorithm (DGA) that allows it to create randomly-generated URLs. It then connects to these created URLs to download files to the system. Trend Micro said that around 175 IP addresses are found to be related to the DOWNAD worm and that these IP addresses use various ports and are randomly generated via the DGA capability of DOWNAD.
“During our monitoring of the spam landscape, we observed that in Q2, more than 40 percent of malware related spam mails are delivered by machines infected by DOWNAD worm,” said Trend Micro anti-spam research engineer Maria Manly in a blog post.
“A number of machines are still infected by this threat and leveraged to send the spammed messages to further increase the number of infected systems. And with Microsoft ending the support for Windows XP this year, we can expect that systems with this OS can be infected by threats like DOWNAD.”
The security company warned that spam campaigns delivering FAREIT, MYTOB, and LOVGATE payloads in email attachments are attributed to DOWNAD infected machines. FAREIT is a malware family of information stealers that download variants of the Zeus Trojan, while MYTOB is an old family of worms known for sending a copy of itself in spam attachments.
The other top sources of spam with malware are the CUTWAIL botnet, together with Gameover ZeuS (GoZ). Manly said CUTWAIL was actually previously used to download GoZ malware but now a malware called UPATRE employs GoZ malware or variants of ZBOT which have peer-to-peer functionality.
“In the last few weeks we have reported various spam runs that abused Dropbox links to host malware like UPATRE,” Manly said. “We also spotted a spammed message in the guise of voice mail that contains a Cryptolocker variant. The latest we have seen is a spam campaign with links that leveraged CUBBY, a file storage service, this time carrying a banking malware detected as TSPY_BANKER.WSTA.”
According to Manly, cybercriminals and threat actors are probably abusing file storage platforms to mask their malicious activities and go undetected in the system and network.
“As spam with malware attachment continues to proliferate, so is spam with links carrying malicious files. The continuous abuse of file hosting services to spread malware appears to have become a favoured infection vector of cyber criminals most likely because this makes it more effective given that the URLs are legitimate thereby increasing the chance of bypassing anti-spam filters,” she added.
Can Malwarebytes Protect XP?
Malwarebytes has launched anti-exploit services to protect Windows users from hacking attacks on vulnerabilities in popular targets including Microsoft Office, Adobe software products and Java, a service which even offers protection for Windows XP users.
Consumer, Premium and Corporate versions of the service are available, and are designed to pre-emptively stop hackers from infecting Windows machines with malware.
“An exploit will typically first corrupt the memory of an application process, take control, then execute code,” said Malwarebytes director of special projects Pedro Bustamante.
“From the shell code it executes a payload that tells the exploit what to do and that in turn usually downloads malware from the internet and executes it. The final stage is usually where antivirus kicks in, when it’s being downloaded from the internet, and starts doing things like behavioural analysis to see if it’s malicious.
“We don’t care about that, what we do comes before then. We just look for exploit-like behaviour and block anything that looks like it at the shellcode or payload stages. We come into play before the malware even appears on the scene.”
The Consumer version of the anti-exploit service is free and offers basic browser and Java protection.
The Premium version costs $37.00 per user and adds Office and Adobe protection services as well as the ability to add custom shields to other internet-facing applications, like Messenger or Netflix.
The Corporate version costs$40.00 person user and offers complete anti-exploit protection and comes with Malwarebytes’ Anti-malware service and a toolkit for IT managers.
Bustamante explained that the technology is designed to help businesses and general web users defend against the new wave of exploit-based cyber attacks.
“Traditional security can’t deal with exploits. Every day we see people getting infected, even if they have the latest up-to-date antivirus readers, because of exploits,” he said. “This is why we care about the applications you run – Firefox, Chrome, Internet Explorer, Java, Acrobat [and Microsoft] Word, Excel [and] Powerpoint.”
Bustamante added that the service is doubly important for Windows XP users since Microsoft officially ceased support for the OS in April.
“We’re still seeing over 25 percent of our users running XP. For them this product is even more important,” he said.
“We see new zero-days if not every week, every month, and for XP users who are not getting any more patches from Microsoft this product will be essential.
“Every month Microsoft will be releasing security patches for newer versions of Windows. Every time Microsoft does this it’ll be a treasure map for hackers to find exploits on Windows XP.
“It’ll show them exactly where the vulnerabilities are, so every month will see an influx of new exploits targeting Windows XP.”
Google Moves into Conerencing
February 18, 2014 by admin
Filed under Around The Net
Comments Off on Google Moves into Conerencing
Google Inc introduced a videoconferencing system for businesses on Thursday, the Internet search company’s latest attempt to generate revenue from corporate customers.
Google said it was partnering with Asus, Hewlett-Packard Co and Dell to offer a specialized version of its Chromebox PC that comes with videoconferencing gear, including a video camera and speakers.
The first Chromebox for meetings to be available is made by Asus and goes on sale in the U.S. on Thursday for $999, Google said. Customers can also pay a $250 annual service and management fee, though the first year is included in the product’s sales price.
The product uses Google’s free Hangouts video chat technology to connect up to 15 separate video streams from users in different locations.
The product will put Google in competition against Cisco Systems Inc and Polycom Inc, which make the video conferencing systems used by many corporations.
The world’s largest Internet search engine, Google makes the vast majority of its revenue from advertising. But Google also sells services to corporate customers, including special versions of its online apps such as email and word processing, as well as Chromebook laptops aimed at business users.
SOA’s New API Goes To The Cloud
SOA Software has launched an application programming interface (API) gateway today that allows businesses to expose their API’s with a built-in cloud based developer community, helping to grow their services and make it quicker for them to get up and running.
The firm’s CTO Alistair Farquharson said the API Gateway is unique due to it being a new concept in API and SOA management, aiming to “deliver new advantages in the application-level security space”.
“The new API Gateway provides monitory, security, and more uniquely, a developer community as well, so kind of a turnkey approach to an API gateway where a customer can buy that product, get it up and running, expose their API and expose the developer community to the outside world,” Farquharson said.
“[It will] support and manage the porting of mobile applications or web apps or B2B partnerships.”
Farquharson explained that there are three main components within the Gateway, which SOA Software has termed a “unified services gateway”, including a runtime component, a policy manager, and a developer community.
The runtime component handles the message traffic, whereas the policy manager component is capable of managing a range of different policies, such as threat protection, authentication, authorisation, anti-virus, monitorin, auditing, logging, for example.
“The whole objective here is to get a customer up and running with API’s as quickly as possible to meet some kind of a business need that they have, whether that’s mobile an application initiative or a web application, integration or syndication,” Farquharson added.
The third component is the API’s cloud-based “developer community”, which exposes an organisation to the outside world so developers can come take a look at its API, read its documentation, and see what APIs it has to figure out how to interact with them.
It’s this component that sets SOA Software’s Gateway apart form other firms doing similar appliances on the market, claims Farquharson.
“It essentially becomes the developer site for your organisation, with it all running on a single appliance which is rather unique,” he added.
“The interesting thing about the gateway is that it does API’s as well as services [that are] needed for mobile devices so you have old and the new encapsulated in the single appliance, which is very important to our customers.”
The developer community is offered through the API as a service, “like the Salesforce of APIs”, Farquharson said.
“Developers can go there and build their community and it provides them with high level service and availability and saglobla infrastructure and leverage the strength of their community to get themselves going.”
AMD And Oracle Join Forces
AMD is taking part in the OpenJDK project “Sumatra” in collaboration with Oracle.
The project aims to bring heterogeneous computing capabilities to Java for servers and clouds. It will look at how the Java virtual machine, language and APIs, can be spruced up to allow applications to take advantage of GPU acceleration, either in discrete graphics cards or in high-performance graphics processor cores such as those found in AMD APUs.
Manju Hegde, corporate vice president heterogeneous applications and developer solutions at AMD said that the OpenJDK Project represents the next step towards bringing heterogeneous computing to millions of Java developers. AMD has an established track record of collaboration with open-software development communities from OpenCL to the heterogeneous system architecture (HSA) foundation, and with this initiative we will help further the development of graphics acceleration within the Java community, he said.
Do Work-At-Home People Work Hard?
July 4, 2012 by admin
Filed under Around The Net
Comments Off on Do Work-At-Home People Work Hard?
A new survey by Citrix shows that many people sneak in other activities while working from home.
Based on a survey of 1,013 American office workers, conducted in June by Wakefield Research, 43 percent watch TV or a movie and 20 percent play video games while officially working from home. Parents are more likely than those without children to partake in these two activities, which aren’t work-related.
Nearly a quarter admit that they have a drink or two and another quarter admit to falling asleep. Another 35 percent do household chores; 28 percent cook dinner. Strangely however telecommuters are actually more productive than their peers in the office, according to preliminary findings from Stanford University’s study of a Chinese travel agency.
Seagate Gobbles Up Lacie
Seagate has signed a deal to buy consumer storage vendor Lacie that values the firm at $186m.
Seagate, which recently completed the acquisition of Samsung’s hard disk unit and swiftly cut warranties on most of its drives to just one year, has now announced that it will buy hard drive packager Lacie. Seagate has signed an agreement with Philippe Spruch, Lacie’s chairman and CEO, to purchase his 63.5 percent stake in the company at $7.05 per share in cash, which values the firm at $186m.
According to Seagate the purchase should help the firm grow in Europe and Japan. The firm also announced that Spruch will be employed by Seagate and run its consumer products division.
Steve Luczo, Seagate chairman, CEO and president said, “Lacie has built an exceptional consumer brand by delivering exciting and innovative high end products for many years. This transaction would bring a highly complementary set of capabilities to Seagate, significantly expand our consumer product offerings, add a premium branded direct attached storage line, strengthen our network-attached storage business line and enhance our capabilities in software development.”
Lacie’s fancy portable hard drives are popular among those who like fancy cases wrapped around bog-standard consumer hard disks. Seagate’s purchase of Lacie should see the firm not only become the sole supplier of hard drives in Lacie products but make a renewed push in the consumer portable hard drive market following last year’s floods in Thailand that affected the three big hard drive manufacturers.
Seagate said the deal should be completed by the third quarter of 2012 pending regulatory approval in the US, France and Germany.
.
Oracle Vs. Google Gets Postponed
The US Court has postponed the trial that could see an agreement reached between Oracle and Google over the use of Java in the Android operating system.
The case has been in court for over a year and was expected to finish at the end of October, but yesterday US District Judge William Alsup put it on hold.
According to Reuters the decision had been expected, but perhaps less likely was the judge’s other bit of news, that he might hand the case over to another judge.
Perhaps no one expected the case to go on this long, or perhaps it was just whoever controls Alsup’s diary, as he explained that he has another criminal trial to deal with, one that might last until February next year.
“Your case is huge and needs the attention of somebody who can give it more time than I can,” Alsup said, despite his familiarity with the case.