Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

‘Stegano’ Malvertising Exposes Millions To Hacking

December 13, 2016 by  
Filed under Around The Net

Comments Off on ‘Stegano’ Malvertising Exposes Millions To Hacking

Since October, millions of internet users have been exposed to malicious code embedded in the pixels from tainted banner ads designed to install Trojans and spyware, according to security firm ESET.

The attack campaign, called Stegano, has been spreading from malicious ads in a “number of reputable news websites,” ESET said in a Tuesday blog post. It’s been preying on Internet Explorer users by scanning for vulnerabilities in Adobe Flash and then exploiting them.

The attack is designed to infect victims with malware that can steal email password credentials through its keylogging and screenshot grabbing features, among others.

The attack is also hard to detect. To infect their victims, the hackers were essentially poisoning the pixels used in the tainted banner ads, ESET said in a separate post.

The hackers concealed their malicious coding in the parameters controlling the pixels’ transparency on the banner ad. This allowed their attack to go unnoticed by the legitimate advertising networks.

Victims will typically see a banner ad for a product called “Browser Defense” or “Broxu.” But in reality, the ad is also designed to run Javascript that will secretly open a new browser window to a malicious website designed to exploit vulnerabilities in Flash that will help carry out the rest of the attack.

Hackers have used similar so-called malvertising tactics to secretly serve malicious coding over legitimate online advertising networks. It’s an attack method that has proven to be a successful at quickly spreading malware to potentially millions.

The makers behind the Stegano attack were also careful to create safeguards to prevent detection, ESET said. For instance, the banner ads will alternate between serving a malicious version or a clean version, depending on the settings run on the victim’s computer. It will also check for any security products or virtualization software on the machine before proceeding with the attack.

ESET declined to name the news websites that were found unknowingly displaying the malicious ads, but cautioned that the attack was widespread, and could have been hosted through other popular sites as well.

Source-http://www.thegurureview.net/aroundnet-category/stegano-malvertising-ads-expose-millions-of-online-users-to-hacking.html

nVidia NVLINK 2.0 Going In IBM Servers

August 31, 2016 by  
Filed under Computing

Comments Off on nVidia NVLINK 2.0 Going In IBM Servers

On Monday, PCWorld reported that the first servers expected to use Nvidia’s second-generation NVLINK 2.0 technology will be arriving sometime next year using IBM’s upcoming Power9 chip family.

IBM launched its Power8 lineup of superscalar symmetric multiprocessors back in August 2013 at the Hot Chips conference, and the first systems became available in August 2014. The announcement was significant because it signaled the beginning of a continuing partnership between IBM and Nvidia to develop GPU-accelerated IBM server systems, beginning with the Tesla K40 GPU.

The result was an HPC “tag-team” where IBM’s Power8 architecture, a 12-core chip with 96MB of embedded memory, would eventually go on to power Nvidia’s next-generation Pascal architecture which debuted in April 2016 at the company’s GPU Technology Conference.

NVLINK, first announced in March 2014, uses a proprietary High-Speed Signaling interconnect (NVHS) developed by Nvidia. The company says NVHS transmits data over a differential pair running at up to 20Gbps, so eight of these differential 20Gbps connections will form a 160Gbps “Sub-Link” that sends data in one direction. Two sub-links—one for each direction—will form a 320Gbps, or 40GB/s bi-directional “Link” that connects processors together in a mesh framework (GPU-to-GPU or GPU-to-CPU).

NVLINK lanes upgrade from 20Gbps to 25Gbps

IBM is projecting its Power9 servers to be available beginning in the middle of 2017, with PCWorld reporting that the new processor lineup will include support for NVLINK 2.0 technology. Each NVLINK lane will communicate at 25Gbps, up from 20Gbps in the first iteration. With eight differential lanes, this translates to a 400Gbps (50GB/s) bi-directional link between CPUs and GPUs, or about 25 percent more performance if the information is correct.

NVLINK 2.0 capable servers arriving next year

Meanwhile, Nvidia has yet to release any NVLINK 2.0-capable GPUs, but a company presentation slide in Korean language suggests that the technology will first appear in Volta GPUs which are also scheduled for release sometime next year. We were originally under the impression that the new GPU architecture would release in 2018, as per Nvidia’s roadmap. But a source hinted last month that Volta would be getting 16nm FinFET treatment and may show up in roughly the same timeframe as AMD’s HBM 2.0-powered Vega sometime in 2017. After all, it is easier for Nvidia to launch sooner if the new architecture is built on the same node as the Pascal lineup.

Still ahead of PCI-Express 4.0

Nvidia claims that PCI-Express 3.0 (32GB/s with x16 bandwidth) significantly limits a GPU’s ability to access a CPU’s memory system and is about “four to five times slower” than its proprietary standard. Even PCI-Express 4.0, releasing later in 2017, is limited to 64GB/s on a slot with x16 bandwidth.

To put this in perspective, Nvidia’s Tesla P100 Accelerator uses four 40GB/s NVLINK ports to connect clusters of GPUs and CPUs, for a total of 160GB/s of bandwidth.

With a generational NVLINK upgrade from 40GB/s to 50GB/s bi-directional links, the company could release a future Volta-based GPU with four 50GB/s NVLINK ports totaling of 200GB/s of bandwidth, well above and beyond the specifications of the new PCI-Express standard.

Courtesy-Fud

Is Changing Your Password Often A Good Idea?

August 15, 2016 by  
Filed under Security

Comments Off on Is Changing Your Password Often A Good Idea?

Carnegie Mellon University professor Lorrie Cranor, who is the US FTC’s technology guru, has debunked a myth that it is a good idea to change your password often.

Talking to Ars Technica she said that while frequent password changes can lock hackers out they make make security worse.

She told the BSides security conference in Las Vegas that frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking.

A study published in 2010 by researchers from the University of North Carolina at Chapel Hill more or less confirmed her views. The researchers obtained the cryptographic hashes to 10,000 expired accounts that once belonged to university employees, faculty, or students who had been required to change their passcodes every three months. Researchers received data not only for the last password used but also for passwords that had been changed over time.

By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1″, for instance (excluding the quotation marks) frequently became “tArheels#1″ after the first change, “taRheels#1″ on the second change and so on. Or it might be changed to “tarheels#11″ on the first change and “tarheels#111″ on the second. Another common technique was to substitute a digit to make it “tarheels#2″, “tarheels#3″, and so on.

“The UNC researchers said if people have to change their passwords every 90 days, they tend to use a pattern and they do what we call a transformation. They take their old passwords, they change it in some small way, and they come up with a new password.”

The researchers used the transformations they uncovered to develop algorithms that could predict changes with great accuracy.

A separate study from researchers at Carleton University showed that frequent password changes hamper attackers only minimally and probably not enough to offset the inconvenience to end users.

Courtesy-Fud

Does M$ Have A Strategy For Windows?

July 27, 2016 by  
Filed under Computing

Comments Off on Does M$ Have A Strategy For Windows?

As we reported earlier today, Microsoft CEO Satya Nadella proclaimed the virtues of its cloud computing platform.

But he didn’t say very much about Windows at all.

And, according to Seeking Alpha financial analyst Mark Hibben in a note to his clients, it’s almost as if Nadella has given up the ghost on the now long in the tooth operating system.

He didn’t say much about smartphones either but admitted that Windows 10 won’t hit the one billion user mark.

But there are another billion and a bit people out there who are using previous versions of Windows and Hibben thinks that that’s Microsoft should really take advantage of that opportunity.

Hibben thinks that while Nadella is practically creaming himself about the cloud the same sort of urges don’t seem to apply to Windows.

Windows phone revenues have fallen 71 percent compared to the same period last year and Microsoft seems to lack a strategy for smartphones in the future.

So has Microsoft given up on Windows? That, surely, can’t be the case.

Courtesy-Fud

AMD Goes 16 Core Snowy Owl

July 22, 2016 by  
Filed under Computing

Comments Off on AMD Goes 16 Core Snowy Owl

Naples is a 32 Zen core Opteron with 64 threads. The 16 core Zen version with a BGA socket is codenamed Snowy Owl. AMD thinks that Snowy Owl will be a great match for the communication and network markets that needs a high performance 64-bit X86 CPU.

Snowy Owl has 16 cores and 32 threads, all based on 14nm FinFET Zen transistors. The processor supports up to 32MB of shared L3 cache. We also mentioned a processor cluster codenamed Zeppelin. This seems to be the key to the Zen architecture as more Zeppelin clusters are creating more core Opterons.

Each Zeppelin has eight Zen cores and each Zen core has 512KB dedicated L2 cache memory. Four Zen cores share 8MB of L3 memory making the total L3 cache size  16MB.  Zeppelin (ZP) comes with PCIe Gen 3, SATA 3, 10GbE, sever controller Hub, AMD secure processor as well as the DDR4 Memory controller. AMD is using a super-fast coherent interconnect to create more than one Zeppelin core.

One Zeppelin cluster would make an 8 core, 16 thread CPU with 4MB L2 and 16MB L3 cache and in our case product codenamed Snowy owl has 16 cores, 32 threads 8MB of L2 (512KB x 16) and 32MB L3 (4x8MB).

The Snowy Owl with 16 cores uses a SP4 Multi Chip Module (MCM) BGA socket, while the Naples uses MCM based SP3. These two are not pin compatible but 16 and 8 core Zen based Opterons will fit in the same socket.

Snowy Owl has four independent memory channels and up to 64 lanes of PCIe Gen3. When it comes to storage, it supports up to 16 SATA or NVME storage channels and 8x10GbE for some super-fast networking solutions.

As you see, there will be plenty of Zen based Opteron possibilities and most of them will start showing up by mid-2017.  The TDP Range for Snowy Owl is sub 100W and capable of sinking the TDP down to 35W. Yes, we do mean that there may well be a quad core Zen Opteron too.

Courtesy-Fud

Was The Omni Hotel Chain Hacked?

July 21, 2016 by  
Filed under Security

Comments Off on Was The Omni Hotel Chain Hacked?

Omni Hotels & Resorts has reported that point-of-sale systems at some of its hotel locations were attacked by malware targeting payment card information.

The hacking of the systems of the luxury hotel chain follows similar breaches of point-of-sale systems at various hotels and retailers like Hyatt Hotels, Target, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings.

Omni — in Dallas, Texas — said in a statement Friday that on May 30 this year, it discovered it was hit by malware attacks on its network, affecting specific POS systems on-site at some of its properties. “The malware was designed to collect certain payment card information, including cardholder name, credit/debit card number, security code and expiration date,” Omni said. There isn’t evidence that other customer information, such as contact information, Social Security numbers or PINs, was compromised, it added.

The chain did not disclose how many of its 60 properties were affected and the likely number of cardholders that could have been affected. As there is no indication that reservation or select guest membership systems were affected, users were unlikely to be affected unless they physically presented their payment card at a POS system at one of the affected locations. The malware may have been in operation between Dec. 23 last year and June 14 this year, although most of the systems were affected during a shorter timeframe, according to the hotel.

The hotel chain, which operates hotels and resorts in the U.S., Canada and Mexico, could not be immediately reached for comment over the weekend for further details.

Omni said after discovering the malware attack, it had immediately hired IT investigation and security firms and has now contained the intrusion. It did not specify why it had delayed to inform customers.

Courtesy-http://www.thegurureview.net/aroundnet-category/omni-hotels-reports-hacking.html

Intel And Nokia Joining Forces

July 7, 2016 by  
Filed under Around The Net

Comments Off on Intel And Nokia Joining Forces

Nokia is teaming up with Intel to make its carrier-grade AirFrame Data Center Solution hardware available for an Open Platform Network Functions Virtualization (OPNFV) Lab.

Basically this means that the hardware can be used by the OPNFV collaborative open source community to accelerate the delivery of cloud-enabled networks and applications.

Nokia said the OPNFV Lab will be a testbed for NFV developers and accelerates the introduction of commercial open source NFV products and services. Developers can test carrier-grade NFV applications for performance and availability.

Nokia is making its AirFrame Data Center Solution available as a public OPNFV Lab with the support of Intel, which is providing Intel Xeon processors and solid state drives to give communications service providers the advantage of testing OPNFV projects on the latest and greatest server and storage technologies.

The Nokia AirFrame Data Center Solution is 5G-ready and Nokia said it was the first to combine the benefits of cloud computing technologies to meet the stringent requirements of the telco world. It’s capable of delivering ultra-low latency and supporting the kinds of massive data processing requirements that will be required in 5G.

Morgan Richomme, NFV network architect for Innovative Services at Orange Labs, OPNFV Functest PTL, in a release. “NFV interoperability testing is challenging, so the more labs we have, the better it will be collectively for the industry.”

AT&T has officially added Nokia to its list of 5G lab partners working to define 5G features and capabilities. It’s also working with Intel and Ericsson.

Courtesy-Fud

Apple Begins Testing Of Safari 10

July 6, 2016 by  
Filed under Around The Net

Comments Off on Apple Begins Testing Of Safari 10

Apple has begun testing Safari 10 with developers running the 2014 and 2015 editions of macOS, gearing up for a fall release of the updated browser to users of Yosemite and El Capitan.

Safari 10 was introduced earlier this month as part of macOS Sierra, this year’s operating system upgrade.

Apple typically supports its newest browser on three editions of macOS: The latest version and its two predecessors. The now-current Safari 9, for example, receives updates, including security patches, on last year’s El Capitan, 2014′s Yosemite and 2013′s Mavericks.

Safari 10 will be supported on Sierra, El Capitan and Yosemite. Meanwhile, Mavericks will remain on Safari 9.

The Safari 10 preview is currently available only to registered Apple developers, who pay $99 annually for access to early builds, development tools and documentation.

The general public will get its first look at Safari 10 next month after Apple opens up its broader-based public beta program for Sierra. Those who have signed on to the beta preview will also be able to download preliminary versions of Safari 10 for El Capitan and Yosemite, running the preview browser but sticking with their older, more stable operating systems.

Some of Safari 10′s signature features will be available only within macOS Sierra, including web-based Apple Pay — where payment is authorized with an iPhone or Apple Watch — but others will be supported by older versions of the operating system. Among the most notable are the new ability for developers to distribute and sell Safari add-ons in the Mac App Store, and easy portability of iOS content blockers to macOS.

If Apple replicates last year’s beta schedule, it will release the first public preview of macOS Sierra and Safari 10 around July 14.

Courtesy http://www.thegurureview.net/aroundnet-category/apple-begins-testing-of-safari-10-browser.html

IBM Acquires EZSource

June 14, 2016 by  
Filed under Computing

Comments Off on IBM Acquires EZSource

The digital transformation revolution is already in full swing, but for companies with legacy mainframe applications, it’s not always clear how to get in the game. IBM announced an acquisition that could help.

The company will acquire Israel-based EZSource, it said, in the hopes of helping developers “quickly and easily understand and change mainframe code.”

EZSource offers a visual dashboard that’s designed to ease the process of modernizing applications. Essentially, it exposes application programming interfaces (APIs) so that developers can focus their efforts accordingly.

Developers must often manually check thousands or millions of lines of code, but EZSource’s software instead alerts them to the number of sections of code that access a particular entity, such as a database table, so they can check them to see if updates are needed.

IBM’s purchase is expected to close in the second quarter of 2016. Terms of the deal were not disclosed.

Sixty-eight percent of the world’s production IT workloads run on mainframes, IBM said, amounting to roughly 30 billion business transactions processed each day.

“The mainframe is the backbone of today’s businesses,” said Ross Mauri, general manager for IBM z Systems. “As clients drive their digital transformation, they are seeking the innovation and business value from new applications while leveraging their existing assets and processes.”

EZSource will bring an important capability to the IBM ecosystem, said Patrick Moorhead, president and principal analyst with Moor Insights & Strategy.

“While IBM takes advantage of a legacy architecture with z Systems, it’s important that the software modernizes, and that’s exactly what EZSource does,” Moorhead said.

Large organizations still run a lot of mainframe systems, particularly within the financial-services sector, noted analyst Frank Scavo, president of Computer Economics.

“As these organizations roll out new mobile, social and other digital business experiences, they have no choice but to expose these mainframe systems via APIs,” Scavo said.

But in many large organizations, skilled mainframe developers are in short supply — especially those who really understand these legacy systems, he added.

“Anything to increase the productivity of these developers will go a long way to ensuring the success of their digital business initiatives,” Scavo said. “Automation tools to discover, expose and analyze the inner workings of these legacy apps are really needed.”

It’s a smart move for IBM, he added.

Source- http://www.thegurureview.net/computing-category/looking-to-transform-mainframe-business-ibm-acquires-ezsource.html

AMD Goes After Intel’s Skylake With Bristol Ridge

June 9, 2016 by  
Filed under Computing

Comments Off on AMD Goes After Intel’s Skylake With Bristol Ridge

AMD has revealed the firm’s seventh-generation system-on-a-chip accelerated processing units (APUs).

Bristol Ridge and Stoney Ridge sound a little like locations in a Somerset version of Game of Thrones, but they both feature AMD’s Excavator x86 processor cores and Radeon R7 graphics, which AMD sees powering e-sports gaming on laptops.

Bristol Ridge is the more powerful of the two coming in 35W and 15W versions of AMD FX, A12 and A10 processors, offering up to 3.7GHz of processing power. The former two processors are paired with up to eight Graphics Core Next (GCN) cores in the R7 to provide a decent pool of graphics processing power.

Stoney Bridge offers less in the way of processor power, topping out at 3.5GHz, and versions include 15W A9, A6 and E2 processor configurations coupled with lower powered graphics accelerators.

AMD claimed that the new APUs offer a 50 per cent hike in performance over the previous generation Carrizo APUs. However, this rise is over APUs from the early part of Carrizo’s lifecycle, so performance gains over the most recent Carrizo APUs are likely to be 10 to 20 per cent.

AMD also said that its silicon is faster than rival chips from Intel, including the i3-6100U found in several ultraportable laptops.

Many of these tests are subjective and depend on how a hardware manufacture configures and sets up the APUs in a laptop or tablet, but AMD does have its graphics tech to draw on, such as the GCN architecture, which could give it the edge over Intel’s chips when it comes to pushing pixels.

The APUs will be aimed primarily at slim laptops that need low-power consumption chips, much like Intel’s Skylake line.

Bristol Ridge is currently available to end users only in the form of HP’s latest Envy laptop. But now that AMD has debuted the full range of the seventh-generation APUs we can expect to see them in other ultraportable machines before too long.

Courtesy-TheInq

 

Next Page »