The attack campaign, called Stegano, has been spreading from malicious ads in a “number of reputable news websites,” ESET said in a Tuesday blog post. It’s been preying on Internet Explorer users by scanning for vulnerabilities in Adobe Flash and then exploiting them.

The attack is designed to infect victims with malware that can steal email password credentials through its keylogging and screenshot grabbing features, among others.

The attack is also hard to detect. To infect their victims, the hackers were essentially poisoning the pixels used in the tainted banner ads, ESET said in a separate post.

The hackers concealed their malicious coding in the parameters controlling the pixels’ transparency on the banner ad. This allowed their attack to go unnoticed by the legitimate advertising networks.

Victims will typically see a banner ad for a product called “Browser Defense” or “Broxu.” But in reality, the ad is also designed to run Javascript that will secretly open a new browser window to a malicious website designed to exploit vulnerabilities in Flash that will help carry out the rest of the attack.

Hackers have used similar so-called malvertising tactics to secretly serve malicious coding over legitimate online advertising networks. It’s an attack method that has proven to be a successful at quickly spreading malware to potentially millions.

The makers behind the Stegano attack were also careful to create safeguards to prevent detection, ESET said. For instance, the banner ads will alternate between serving a malicious version or a clean version, depending on the settings run on the victim’s computer. It will also check for any security products or virtualization software on the machine before proceeding with the attack.

ESET declined to name the news websites that were found unknowingly displaying the malicious ads, but cautioned that the attack was widespread, and could have been hosted through other popular sites as well.

Source-http://www.thegurureview.net/aroundnet-category/stegano-malvertising-ads-expose-millions-of-online-users-to-hacking.html

Courtesy-Fud

The Society for Worldwide Interbank Financial Telecommunication (SWIFT)’s chief executive, Gottfried Leibbrandt, told a financial services conference in Brussels that SWIFT will launch a five-point plan later this week.

Banks send payment instructions to one another via SWIFT messages. In February, thieves hacked into the SWIFT system of the Bangladesh central bank, sending messages to the Federal Reserve Bank of New York allowing them to steal $81 million.

The attack follows a similar but little-noticed theft from Banco del Austro in Ecuador last year that netted thieves more than $12 million, and a previously undisclosed attack on Vietnam’s Tien Phong Bank that was not successful.

The crimes have dented the banking industry’s faith in SWIFT, a Belgium-based co-operative owned by its users.

The Bangladesh Bank hack was a “watershed event for the banking industry”, Leibbrandt said.

“There will be a before and an after Bangladesh. The Bangladesh fraud is not an isolated incident … this is a big deal. And it gets to the heart of banking.”

SWIFT wants banks to “drastically” improve information sharing, to toughen up security procedures around SWIFT and to increase their use of software that could spot fraudulent payments.

SWIFT will also provide tighter guidelines that auditors and regulators can use to assess whether banks’ SWIFT security procedures are good enough.

Leibbrandt again defended SWIFT’s role, saying the hacks happened primarily because of failures at users. “Many of the less protected banks are in countries were skills are really scarce,” he said, pointing the finger at providers of services to banks.

“We will have to create an ecosystem of providers and partners, for example by introducing certification requirements for third-party providers,” he said.

Courtesy-http://www.thegurureview.net/uncategorized/swift-to-implement-new-security-program-after-recent-hacking.html

On April 30, the House’s Technology Service Desk informed users about an increase in ransomware-related emails on third-party email services like Yahoo Mail and Gmail.

“The House Information Security Office is taking a number of steps to address this specific attack,” the Technology Service Desk said in an email obtained and published by Gizmodo. “As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice.”

The ban on Yahoo Mail access suggests that some House of Representatives workers accessed Yahoo mailboxes from their work computers. This raises questions: Are House workers using Yahoo Mail for official business, and, if they’re not, are they allowed to check their private email accounts on work devices?

If they use the same devices for both personal and work activities, one would hope that there are access controls in place to separate the work and personal data. Otherwise, if they are allowed to take those devices outside of the House’s network, they could just as easily become infected there, where the ban is not in effect.

“The recent attacks have focused on using .js files attached as ZIP files to e-mail that appear to come from known senders,” the House’s Technology Service Desk said. “The primary focus appears to be through Yahoo Mail at this time.”

The increase in ZIP and RAR attachments that contain malicious JavaScript (JS) files has been observed by multiple security companies in recent months. Microsoft offers several recommendations, like using the Windows AppLocker group policy to restrict the execution of .JS files.

The House Information Security Office also banned access to appspot.com, the domain name used by applications hosted on the Google App Engine platform, Reuters reported.

Source- http://www.thegurureview.net/aroundnet-category/u-s-house-of-representatives-block-yahoo-and-google-apps.html

Knowledge about threats is often hidden in unstructured sources such as blogs, research reports and documentation, said Kevin Skapinetz, director of strategy for IBM Security.

“Let’s say tomorrow there’s an article about a new type of malware, then a bunch of follow-up blogs,” Skapinetz explained. “Essentially what we’re doing is training Watson not just to understand that those documents exist, but to add context and make connections between them.”

Over the past year, IBM Security’s own experts have been working to teach Watson the “language of cybersecurity,” he said. That’s been accomplished largely by feeding it thousands of documents annotated to help the system understand what a threat is, what it does and what indicators are related, for example.

“You go through the process of annotating documents not just for nouns and verbs, but also what it all means together,” Skapinetz said. “Then Watson can start making associations.”

Now IBM aims to accelerate the training process. This fall, it will begin working with students at universities including California State Polytechnic University at Pomona, Penn State, MIT, New York University and the University of Maryland at Baltimore County along with Canada’s universities of New Brunswick, Ottawa and Waterloo.

Over the course of a year, the program aims to feed up to 15,000 new documents into Watson every month, including threat intelligence reports, cybercrime strategies, threat databases and materials from IBM’s own X-Force research library. X-Force represents 20 years of security research, including details on 8 million spam and phishing attacks and more than 100,000 documented vulnerabilities.

Watson’s natural language processing capabilities will help it make sense of those reams of unstructured data. Its data-mining techniques will help detect outliers, and its graphical presentation tools will help find connections among related data points in different documents, IBM said.

Ultimately, the result will be a cloud service called Watson for Cyber Security that’s designed to provide insights into emerging threats as well as recommendations on how to stop them.

Source-http://www.thegurureview.net/computing-category/ibms-watson-to-get-schooled-on-cybersecurity.html

Bernstein Research’s senior analyst Mark C. Newman said that the competitive dynamic in the memory chip industry is not as good as we thought due to Samsung’s aggressive and opportunistic behavior. This is analyst speak for Samsung is engaging in a supply and price war with the other big names in the memory chip marking business – SK hynix and Micron.

“Rather than sit back and enjoy elevated profit margins with a 40 percent market share in DRAMs, Samsung is intent on stretching their share to closer to 50 percent,” he said.

Newman said the company is gaining significant market share in the NAND sector.

“Although Samsung cares about profits, their actions have been opportunistic and more aggressive than we predicted at the expense of laggards particularly Micron Technology in DRAMs and SK hynix in NANDs,” he said.

SK hynix is expected to suffer. “In NAND, we see Samsung continuing to stretch their lead in 3D NAND, which will put continued pressure on the rest of the field. SK hynix is one of the two obvious losers.”

Newman said that Samsung’s antics have destroyed the “level of trust” among competitors, perhaps “permanently,” as demand has dropped drastically with PC sales growth down to high single digits in 2015 with this year shaping up to be the same.

“Sales of smartphones, the main savior to memory demand growth have also weakened considerably to single digit growth this year and servers with datacenters are not strong enough to absorb the excess, particularly in DRAM,” Newman said.

He is worried that Samsung could create an oversupply in the industry.

“The oversupply issue is if anything only getting worse, with higher than normal inventories now an even bigger worry. Although we were right about the shrink slowing, thus reducing supply growth, the flip side of this trend is that capital spending and R&D costs are soaring thus putting a dent in memory cost declines,” he said.

China’s potential entry into the market and new technologies will provide further worries “over the longer term.”

“Today’s oversupply situation would become infinitely worse if and when China’s XMC ramps up big amounts of capacity. New memory technologies such as 3D X-point, ReRAM and MRAM stand on the sidelines and threaten to cannibalize part of the mainstream memory market,” he said.

Courtesy-Fud

While there have been cut-down Linux implementations before the increase in numbers of smart, connected devices has made something a little more specialized more important.

Zephyr is all about minimizing the power, space, and cost budgets of IoT hardware.
For example a cut down Linux needs 200KB of RAM and 1MB of flash, IoT end points, which will often be controlled by tiny microcontrollers.

Zephyr has a small footpoint “microkernel” and an even tinier “nanokernel.” All this enables it to be CPU architecture independent, run on as little as 10KB while being scalable.

It can still support a broad range of wireless and wired technologies and of course is entirely open saucy released under the Apache v2.0 License.

It works on Bluetooth, Bluetooth Low Energy, and IEEE 802.15.4 (6LoWPAN) at the moment and supports x86, ARM, and ARC architectures.

Courtesy-Fud

The Android fork, which adds conventional desktop features such as a taskbar, start menu and support for multiple windows, has been a huge hit, overshadowing the implementation of Android revealed in Google’s recent high-end tablet the Pixel C.

The initial build, as ever, is designed to fish for bugs and aid developers. A beta will follow in the coming weeks. The Alpha doesn’t contain Google Mobile Services apps such as the Play store and Gmail, but the finished version will. In the meantime, users can sideload the gApps package or go to the Amazon Web Store.

There may also be problems with some video codecs, but we’re told this is a licensing issue which will be resolved in the final version too. In the meantime, the first release is perfectly useable.

Compatibility with most Android apps is instant, but the user community can ‘upvote’ their favourites on the Remix OS site to flag what’s working best in each category.

The company has already released a small desktop machine of its own, called the Remix Mini, the world’s first fully functioning Android PC, priced at just $70 after a successful Kickstarter campaign. It has also developed a 2-in-1 ultrabook, the Remix Ultra, and has licensed Remix OS to several Far East tablet manufacturers.

In this new move, the company has teamed up with Android-x86, a group that has been working on an executable version of Android for computers since 2009, to launch a Remix OS installer which will allow existing hardware to become Remix OS powered, or as a partition on a dual-boot machine.

A third option is to store the OS on a USB stick, meaning that you can make any computer your own. This technique has already been popular through the Keepod programme which offers Android on a stick to countries without access to high-speed computers.

The advantages of Remix OS to the developing world are significant. Bench tests have shown that Remix OS works significantly faster than Windows, which will potentially breathe new life into older machines and make modern machines run at previously impossible speeds.

Remix OS was designed by three ex-Google engineers and includes access to the full Google Apps suite and the Google Play store.

David Ko, co-founder of Jide Technology, said: “Today’s public release of Remix OS, based on Android-x86, is something that we’ve been working towards since we founded Jide Technology in 2014.

“All of us are driven by the goal of making computing a more accessible experience, and this free, public release allows us to do this. We believe Remix OS is the natural evolution of Android and we’re proud to be at the forefront of this change.”

The public Alpha will be available to download from Jide and android-x86 from 12 January, and a beta update is expected swiftly afterwards. The INQUIRER has been using a Remix Mini for over a month now, and a full review of the operating system is coming soon.

Courtesy-TheInq

This is the second bout of attacks from the group of technology tearaways, according to Motherboard, which reports on the Clapper problem and its connection to a group known as Crackas With Attitude.

A member of the group, a young chap called Cracka, told Motherboard that access to a range of Clapper accounts had been seized, and that Clapper and the CIA haven’t a clue what’s going on.

“I’m pretty sure they don’t even know they’ve been hacked. You asked why I did it. I just wanted the gov to know people aren’t fucking around, people know what they’re doing and people don’t agree #FreePalestine,” he said.

The claims were supported by the Office of the Director of National Intelligence, which confirmed that something has happened and that the authorities are looking into it.

“We’re aware of the matter and we reported it to the appropriate authorities,” said spokesman Brian Hale, before going mute.

Cracka, representing himself on Twitter as @dickreject, is less quiet. He has tweeted a number of confirmatory and celebratory messages that are not particularly flattering about the CIA and its abilities.

This is the group’s second bite at the CIA cherry. The teenagers walked into the personal email account of CIA director John Brennan last year and had a good look around. Some of the impact of this was washed away when it was discovered that Brennan used an AOL account for his communications.

“A hacker, who describes himself as an American high school student, has breached the CIA boss’s AOL email account and found a host of sensitive government files that one assumes a government official shouldn’t be sending to his personal email address,” said security comment kingpin Graham Cluley at the time.

“I’m not sure what’s more embarrassing. Being hacked or having an AOL email account.”

Courtesy-TheInq