Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

‘Stegano’ Malvertising Exposes Millions To Hacking

December 13, 2016 by  
Filed under Around The Net

Comments Off on ‘Stegano’ Malvertising Exposes Millions To Hacking

Since October, millions of internet users have been exposed to malicious code embedded in the pixels from tainted banner ads designed to install Trojans and spyware, according to security firm ESET.

The attack campaign, called Stegano, has been spreading from malicious ads in a “number of reputable news websites,” ESET said in a Tuesday blog post. It’s been preying on Internet Explorer users by scanning for vulnerabilities in Adobe Flash and then exploiting them.

The attack is designed to infect victims with malware that can steal email password credentials through its keylogging and screenshot grabbing features, among others.

The attack is also hard to detect. To infect their victims, the hackers were essentially poisoning the pixels used in the tainted banner ads, ESET said in a separate post.

The hackers concealed their malicious coding in the parameters controlling the pixels’ transparency on the banner ad. This allowed their attack to go unnoticed by the legitimate advertising networks.

Victims will typically see a banner ad for a product called “Browser Defense” or “Broxu.” But in reality, the ad is also designed to run Javascript that will secretly open a new browser window to a malicious website designed to exploit vulnerabilities in Flash that will help carry out the rest of the attack.

Hackers have used similar so-called malvertising tactics to secretly serve malicious coding over legitimate online advertising networks. It’s an attack method that has proven to be a successful at quickly spreading malware to potentially millions.

The makers behind the Stegano attack were also careful to create safeguards to prevent detection, ESET said. For instance, the banner ads will alternate between serving a malicious version or a clean version, depending on the settings run on the victim’s computer. It will also check for any security products or virtualization software on the machine before proceeding with the attack.

ESET declined to name the news websites that were found unknowingly displaying the malicious ads, but cautioned that the attack was widespread, and could have been hosted through other popular sites as well.

Source-http://www.thegurureview.net/aroundnet-category/stegano-malvertising-ads-expose-millions-of-online-users-to-hacking.html

Can iOS Activation Lock Be Bypassed?

December 7, 2016 by  
Filed under Around The Net

Comments Off on Can iOS Activation Lock Be Bypassed?

Two researchers report that they have discovered a way to bypass the activation lock feature in iOS that’s supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.

The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.

The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.

One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.

The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it. This is supposed to restore the state of the tablet from where it was left off, in this case, loading the WPA2 screen again with the long strings of characters filled in.

“After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock,” he said in a blog post.

Hemanth said he reported the issue to Apple on Nov. 4, and the company is investigating it. He tested the bypass on iOS 10.1, which was released on Oct. 24.

Last week, a researcher named Benjamin Kunz Mejri, from German outfit Vulnerability Lab, posted a video showing the same bypass, but on the newer iOS 10.1.1 version.

Kunz Mejri’s method is similar and also involves overflowing the Add Wi-Fi form fields with long strings of characters but also requires rotating the tablet’s screen in order to trigger the crash after the smart cover trick.

Apple has not yet confirmed that issue and did not immediately respond to a request for comment.

Source- http://www.thegurureview.net/mobile-category/researcher-prove-ios-activation-lock-can-be-bypassed.html

Intel Sheds McAfee

September 14, 2016 by  
Filed under Security

Comments Off on Intel Sheds McAfee

Intel has sold the Intel Security business for $3.5bn less than it paid for it six years ago.

Intel Security, previously and better known as McAfee, has been sold to private equity firm TPG for $4.2bn, despite Intel paying $7.7bn for it in 2010.

The chip firm will receive $3.1bn in cash as part of the transaction and retain a 49 per cent minority stake. TPG will take control with a 51 per cent stake, and will invest $1.1bn in the company.

Intel Security is based on the McAfee business and was renamed two years ago. The company will revert to the better known McAfee brand, despite John McAfee reportedly suing Intel over the use of his name.

The transaction is expected to close in the second quarter of 2017, and Chris Young, general manager of Intel Security Group, will become CEO of McAfee.

Young described TPG in an open letter to stakeholders as a “seasoned technology investor” that was “attracted to our current momentum and long-term potential”.

He claimed that McAfee currently protects “more than a quarter of a billion endpoints” and more than 200 million consumers, and is present in two thirds of the world’s 2,000 largest companies.

Intel CEO Brian Krzanich claimed that, despite the sale, security “remains important in everything we do at Intel”.

“We will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices,” he added.

Bryan Taylor, a partner at TPG, said that the company had “long identified the cyber security sector, which has experienced strong growth due to the increasing volume and severity of cyber attacks, as one of the most important areas in technology”.

Intel’s acquisition of McAfee Security in 2010 was intended to enable the company to beef up security around PCs and sell McAfee antivirus and other security software around its core business.

However, the combination never worked as the money to be made in the security business became increasingly focused on the data center and cloud computing.

Courtesy-TheInq

nVidia NVLINK 2.0 Going In IBM Servers

August 31, 2016 by  
Filed under Computing

Comments Off on nVidia NVLINK 2.0 Going In IBM Servers

On Monday, PCWorld reported that the first servers expected to use Nvidia’s second-generation NVLINK 2.0 technology will be arriving sometime next year using IBM’s upcoming Power9 chip family.

IBM launched its Power8 lineup of superscalar symmetric multiprocessors back in August 2013 at the Hot Chips conference, and the first systems became available in August 2014. The announcement was significant because it signaled the beginning of a continuing partnership between IBM and Nvidia to develop GPU-accelerated IBM server systems, beginning with the Tesla K40 GPU.

The result was an HPC “tag-team” where IBM’s Power8 architecture, a 12-core chip with 96MB of embedded memory, would eventually go on to power Nvidia’s next-generation Pascal architecture which debuted in April 2016 at the company’s GPU Technology Conference.

NVLINK, first announced in March 2014, uses a proprietary High-Speed Signaling interconnect (NVHS) developed by Nvidia. The company says NVHS transmits data over a differential pair running at up to 20Gbps, so eight of these differential 20Gbps connections will form a 160Gbps “Sub-Link” that sends data in one direction. Two sub-links—one for each direction—will form a 320Gbps, or 40GB/s bi-directional “Link” that connects processors together in a mesh framework (GPU-to-GPU or GPU-to-CPU).

NVLINK lanes upgrade from 20Gbps to 25Gbps

IBM is projecting its Power9 servers to be available beginning in the middle of 2017, with PCWorld reporting that the new processor lineup will include support for NVLINK 2.0 technology. Each NVLINK lane will communicate at 25Gbps, up from 20Gbps in the first iteration. With eight differential lanes, this translates to a 400Gbps (50GB/s) bi-directional link between CPUs and GPUs, or about 25 percent more performance if the information is correct.

NVLINK 2.0 capable servers arriving next year

Meanwhile, Nvidia has yet to release any NVLINK 2.0-capable GPUs, but a company presentation slide in Korean language suggests that the technology will first appear in Volta GPUs which are also scheduled for release sometime next year. We were originally under the impression that the new GPU architecture would release in 2018, as per Nvidia’s roadmap. But a source hinted last month that Volta would be getting 16nm FinFET treatment and may show up in roughly the same timeframe as AMD’s HBM 2.0-powered Vega sometime in 2017. After all, it is easier for Nvidia to launch sooner if the new architecture is built on the same node as the Pascal lineup.

Still ahead of PCI-Express 4.0

Nvidia claims that PCI-Express 3.0 (32GB/s with x16 bandwidth) significantly limits a GPU’s ability to access a CPU’s memory system and is about “four to five times slower” than its proprietary standard. Even PCI-Express 4.0, releasing later in 2017, is limited to 64GB/s on a slot with x16 bandwidth.

To put this in perspective, Nvidia’s Tesla P100 Accelerator uses four 40GB/s NVLINK ports to connect clusters of GPUs and CPUs, for a total of 160GB/s of bandwidth.

With a generational NVLINK upgrade from 40GB/s to 50GB/s bi-directional links, the company could release a future Volta-based GPU with four 50GB/s NVLINK ports totaling of 200GB/s of bandwidth, well above and beyond the specifications of the new PCI-Express standard.

Courtesy-Fud

Is nVidia’s Auto Venture Paying Off?

August 17, 2016 by  
Filed under Consumer Electronics

Comments Off on Is nVidia’s Auto Venture Paying Off?

The driverless car market is expected to grow to $42 billion by 2025 and Nvidia has a cunning plan to grab as much of that market as possible with its current automotive partnerships.

The company started to take in more cash from its car business recently. The company earned $113 million from its automotive segment in fiscal Q1 2017. While that is not much it represents a 47 percent increase over the year before. Automotive revenue up to about 8.6 percent of total revenue and it is set to get higher.

BMW, Tesla, Honda and Volkswagen are all using Nvidia gear in one way or another.

BMW’s been using Nvidia infotainment systems for years and seems to have been Nvidia’s way into the industry. Tesla has a 17 inch touchscreen display of which is powered by Nvidia. You can see Tesla’s all-digital 12.3-inch instrument cluster display uses Nvidia GPUs. Honda has Tegra processors for its Honda Connect infotainment system.

But rumors are that Nvidia is hoping to make a killing from the move to driverless cars. The company is already on the second version of its Drive PX self-driving platform. Nvidia claims that Drive PX recently learned how to navigate 3,000 miles of road in just 72 hours.

BMW, Ford, and Daimler are testing Drive PX and Audi used Nvidia’s GPUs to help pilot some of its self-driving vehicles in the past. In fact Audi has claimed that it can be used to help normal car driving.

It said that the deep learning capabilities of Drive PX allowed its vehicles to learn certain self-driving capabilities in four hours instead of the two years that it took on competing systems.

According to Automotive News Europe Nvidia is working closely with Audi as its primary brand for Drive PX but then it will move to Volkswagen, Seat, Skoda, Lamborghini, and Bentley.
Tesla also appears to think that Nvida is a key element for driverless car technology. At the 2015 GPU Technology Conference last year, the company said that Tegra GPU’s will prove “really important for self-driving in the future.” Tesla does not use the Drive PX system yet, but it could go that way.

Courtesy-Fud

 

Is Changing Your Password Often A Good Idea?

August 15, 2016 by  
Filed under Security

Comments Off on Is Changing Your Password Often A Good Idea?

Carnegie Mellon University professor Lorrie Cranor, who is the US FTC’s technology guru, has debunked a myth that it is a good idea to change your password often.

Talking to Ars Technica she said that while frequent password changes can lock hackers out they make make security worse.

She told the BSides security conference in Las Vegas that frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking.

A study published in 2010 by researchers from the University of North Carolina at Chapel Hill more or less confirmed her views. The researchers obtained the cryptographic hashes to 10,000 expired accounts that once belonged to university employees, faculty, or students who had been required to change their passcodes every three months. Researchers received data not only for the last password used but also for passwords that had been changed over time.

By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1″, for instance (excluding the quotation marks) frequently became “tArheels#1″ after the first change, “taRheels#1″ on the second change and so on. Or it might be changed to “tarheels#11″ on the first change and “tarheels#111″ on the second. Another common technique was to substitute a digit to make it “tarheels#2″, “tarheels#3″, and so on.

“The UNC researchers said if people have to change their passwords every 90 days, they tend to use a pattern and they do what we call a transformation. They take their old passwords, they change it in some small way, and they come up with a new password.”

The researchers used the transformations they uncovered to develop algorithms that could predict changes with great accuracy.

A separate study from researchers at Carleton University showed that frequent password changes hamper attackers only minimally and probably not enough to offset the inconvenience to end users.

Courtesy-Fud

NFC For ATM Transactions Catching On

August 3, 2016 by  
Filed under Around The Net

Comments Off on NFC For ATM Transactions Catching On

Several of the nation’s biggest banks in the U.S. now support the use of a smartphone to withdraw cash from an ATM — many by way of Near Field Communication (NFC) technology — instead of requiring customers to use a bank card.

One of the early adopters, Bank of America, said this week it currently supports cardless technology at 2,800 of its ATMs. That number will reach 8,000 ATMs by year’s end that rely on NFC and other technology. Bank of America, which has about 15,000 ATMs nationwide, created a video to show how a smartphone loaded with the bank’s mobile app can now withdraw cash from some ATMs.

Wells Fargo said it has a “handful” of ATMs that are NFC-ready and working to deliver cash and other transactions and is planning to reach 5,000 by the end of 2016. A total of 12,000 ATMs will be enabled in 2017.

JPMorgan Chase said it also will have many cardless ATMs available this year, but didn’t specify how many or when. Initially at Chase, customers will show up at an ATM and type in a numerical code they acquired wirelessly through use of the Chase smartphone app to get their cash. That numerical code verification process will be an early step in rolling out cardless technology at the bank’s nearly 15,000 ATMs.

In addition to using NFC or a numerical code to authenticate a transaction, some bank ATMs are expected to rely on scanning a QR code displayed on a phone.

The number of ATMs supporting cardless cash remains a small portion of the estimated 500,000 ATMs in the U.S. Crone Consulting, which monitors the mobile payment industry, recently said it expects about 95,000 ATMs in the U.S. to support cardless cash by year’s end.

Courtesy-http://www.thegurureview.net/mobile-category/nfc-for-atm-transactions-catching-on.html

Facebook Goes End To End

July 18, 2016 by  
Filed under Security

Comments Off on Facebook Goes End To End

Facebook Inc announced that it began testing end-to-end encryption on its popular Messenger application to prevent snooping on digital conversations.

The limited testing on Messenger, which has more than 900 million users, comes three months after Facebook rolled out end-to-end encryption to its more popular WhatsApp, a messaging application with over 1 billion users that it acquired in October 2014.

The move comes amid widespread global debate over the extent to which technology companies should help law enforcement snoop on digital communications.

End-to-end encryption is also offered on Apple Inc’s iMessage platform as well as apps including LINE, Signal, Viber, Telegram and Wickr.

Facebook Messenger uses the same encryption technology as WhatsApp, which uses a protocol known as Signal that was developed by privately held Open Whisper Systems.

“It seems well designed,” said Matthew Green, a Johns Hopkins University cryptologist who helped review an early version of the protocol for Facebook.

While WhatsApp messages are encrypted by default, Facebook Messenger users must turn on the feature to get the extra additional security protection, which scrambles communications so they can only be read on devices at either end of a conversation.

Facebook said that it was requiring users to opt in to encryption because the extra security is not compatible with some widely used Messenger features.

“Many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone,” the company said in an announcement on its website. “Secret conversations can only be read on one device and we recognize that experience may not be right for everyone.”

Facebook also said that Messenger users cannot send videos or make payments in encrypted conversations.

Courtesy-http://www.thegurureview.net/aroundnet-category/end-to-end-encryption-comes-to-facebook-messenger.html

Is Intel Going To Dump McAfee

July 8, 2016 by  
Filed under Computing

Comments Off on Is Intel Going To Dump McAfee

Intel has run out of ideas about what it is going to do with it its security business and is apparently planning to flog it off.

Five years ago Intel bought McAfee for $7.7bn acquisition. Two years ago it re-branded it as Intel Security. There was talk about chip based security and how important this would be as the world moved to the Internet of Things.

Now the company has discussed the future of Intel Security with bankers, including potentially the outfit. The semiconductor company has been shifting its focus to higher-growth areas, such as chips for data center machines and Internet-connected devices, as the personal-computer market has declined.

The security sector has seen a lot of interest from private equity buyers. Symantec said earlier this month it was acquiring Web security provider Blue Coat for $4.65 billion in cash, in a deal that will see Silver Lake, an investor in Symantec, enhancing its investment in the merged company, and Bain Capital, majority shareholder in Blue Coat, reinvesting $750 million in the business through convertible notes.

However Intel’s move into the Internet of Things does make it difficult for it to exit the security business completely. In fact some analysts think it will only sell of part of the business and keep some key bits for itself.

Courtesy-Fud

Is AMD Outpacing nVidia

June 24, 2016 by  
Filed under Computing

Comments Off on Is AMD Outpacing nVidia

MKM analyst Ian Ing claims that AMD’s recent gaming refresh was better done than Nvidia’s.

Writing in a research report, Ing said that both GPU suppliers continue to benefit from strong core gaming plus emerging applications for new GPU processing.

However, AMD’s transition to the RX series from the R9 this month is proving smoother than Nvidia’s switch to Pascal architecture from Maxwell.

Nvidia is doing well from new GPU applications such as virtual reality and autonomous driving.

He said that pricing was holding despite a steady availability of SKUs from board manufacturers. Ing wrote that he expected a steeper ramp of RX availability compared to last year’s R9 launch, as the new architecture is lower-risk, given that HBM memory was implemented last year.

Ing upped his price target on Advanced Micro Devices stock to 5 from 4, and on Nvidia stock to 52 from 43. On the stock market today, AMD stock rose 0.9 per cent to 4.51. Nvidia climbed 0.2 per cent to 46.33.

Nvidia unveiled its new GeForce GTX 1080, using the Pascal architecture, on 27 May and while Maxwell inventory was running out, Nvidia customers were experiencing Pascal shortages.

“We would grow concerned if the present availability pattern persists in the coming weeks, which would imply supply issues/shortages,” Ing said.

Courtesy-Fud

Next Page »