The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.

The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.

One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.

The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it. This is supposed to restore the state of the tablet from where it was left off, in this case, loading the WPA2 screen again with the long strings of characters filled in.

“After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock,” he said in a blog post.

Hemanth said he reported the issue to Apple on Nov. 4, and the company is investigating it. He tested the bypass on iOS 10.1, which was released on Oct. 24.

Last week, a researcher named Benjamin Kunz Mejri, from German outfit Vulnerability Lab, posted a video showing the same bypass, but on the newer iOS 10.1.1 version.

Kunz Mejri’s method is similar and also involves overflowing the Add Wi-Fi form fields with long strings of characters but also requires rotating the tablet’s screen in order to trigger the crash after the smart cover trick.

Apple has not yet confirmed that issue and did not immediately respond to a request for comment.

Source- http://www.thegurureview.net/mobile-category/researcher-prove-ios-activation-lock-can-be-bypassed.html

The Redmond, Wash. company regularly talks up the latest subscription numbers for the consumer-grade Office 365 plans — the $100 a year Home and the $70 Personal — and did so again this week during an earnings call with Wall Street analysts.

“We also see momentum amongst consumers, with now more than 23 million Office 365 subscribers,” CEO Satya Nadella said Tuesday.

But analysis of Microsoft’s consumer Office 365 numbers showed that the rate of growth — or as Nadella put it, “momentum” — has slowed.

For the June quarter, the 23.1 million cited by Microsoft in its filing with the U.S. Securities & Exchange Commission (SEC) represented a 52% increase over the same period the year prior. Although most companies would give their eye teeth — or maybe a few executives — to boast of a rate of increase that size, it was the smallest since Microsoft began providing subscription data in early 2013.

A year before, the June 2015 quarter sported a consumer Office 365 subscription growth rate of 171% over the same three-month span in 2014.

The subscription increase also was small in absolute terms: Microsoft added approximately 900,000 to the rolls during the June quarter, down from 2.8 million the year before and also less than the 1.6 million accumulated in 2016′s March quarter.

The 900,000 additional subscribers added in the June quarter were the smallest number in more than two years.

While Microsoft did not directly address the slowing of growth in the consumer Office 365 market, it did attribute a similar trend among corporate subscriptions to the difficulty of maintaining huge year-over-year percentage gains as the raw numbers of subscriptions increased.

Courtesy-http://www.thegurureview.net/aroundnet-category/microsofts-office-365-subscription-slows-signficantly.html

The hacking of the systems of the luxury hotel chain follows similar breaches of point-of-sale systems at various hotels and retailers like Hyatt Hotels, Target, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings.

Omni — in Dallas, Texas — said in a statement Friday that on May 30 this year, it discovered it was hit by malware attacks on its network, affecting specific POS systems on-site at some of its properties. “The malware was designed to collect certain payment card information, including cardholder name, credit/debit card number, security code and expiration date,” Omni said. There isn’t evidence that other customer information, such as contact information, Social Security numbers or PINs, was compromised, it added.

The chain did not disclose how many of its 60 properties were affected and the likely number of cardholders that could have been affected. As there is no indication that reservation or select guest membership systems were affected, users were unlikely to be affected unless they physically presented their payment card at a POS system at one of the affected locations. The malware may have been in operation between Dec. 23 last year and June 14 this year, although most of the systems were affected during a shorter timeframe, according to the hotel.

The hotel chain, which operates hotels and resorts in the U.S., Canada and Mexico, could not be immediately reached for comment over the weekend for further details.

Omni said after discovering the malware attack, it had immediately hired IT investigation and security firms and has now contained the intrusion. It did not specify why it had delayed to inform customers.

Courtesy-http://www.thegurureview.net/aroundnet-category/omni-hotels-reports-hacking.html

Collaborative robots, or “cobots”, tend to be inexpensive, easy to use and safe to be around. They can easily be adapted to new tasks, making them well-suited to small-batch manufacturing and ever-shortening product cycles.

Cobots can typically lift loads of up 10 kilograms (22 lb) and can be small enough to put on top of a workbench. They can help with repetitive tasks like picking and placing, packaging or gluing and welding.

Some can repeat a task after being guided once through the process by a worker and recording it. The price of a cobot can be as little as $10,000, although typically they cost two to three times that.

The global cobot market is set to grow from $116 million last year to $11.5 billion by 2025, capital goods analysts at Barclays estimate. That would be roughly equal to the size of the entire industrial robotics market today.

“By 2020 it will be a game-changer,” said Stefan Lampa, head of robotics of Germany’s Kuka, during a panel discussion organized by the International Federation of Robotics (IFR) at the Automatica trade fair in Munich.

Growth in industrial robot unit sales slowed to 12 percent last year from 29 percent in 2014, the IFR said on Wednesday, weighed by a sharp fall in top buyer China.

The world’s top industrial robot makers – Japan’s Fanuc and Yaskawa, Swiss ABB and Kuka – all have collaborative robots on the market, although sales are not yet significant for them.

But the market leader and pioneer is Denmark’s Universal Robots, a start-up that sold its first cobot in 2009 and was acquired by U.S. automatic test equipment maker Teradyne for $285 million last year.

Source-http://www.thegurureview.net/aroundnet-category/interest-grows-in-collaborative-robots.html

The service, which is currently available in 17 cities around the world including Paris, will compete with rivals such as Deliveroo and Just Eat, which have advertised heavily in the capital in recent months.

Britons will be able to download the app on their iPhone or Android handset from midday on Thursday and order meals from restaurants which will be delivered by Uber drivers.

Deliveries will be made to customers in central London from over 150 eateries between 11 a.m. and 11 p.m. with plans to expand further away from the center in the coming weeks.

Uber has faced months of protests from drivers of the capital’s long-dominant black cabs but earlier this year transport bosses rejected options which could have imposed strict new restrictions on how it operates.

http://www.thegurureview.net/aroundnet-category/ubereats-launches-in-london.html

The service is available in six countries and among a limited range of banks, though in recent weeks Apple has added four banks to its sole Singapore partner American Express; Australia and New Zealand Banking Group in Australia; and Canada’s five big banks.

Apple Pay usage totaled $10.9 billion last year, the vast majority of that in the United States. That is less than the annual volume of transactions in Kenya, a mobile payments pioneer, according to research firm Timetric.

And its global turnover is a drop in the bucket in China, where Internet giants Alibaba and Tencent dominate the world’s biggest mobile payments market – with an estimated $1 trillion worth of mobile transactions last year, according to iResearch data.

Anecdotal evidence from Britain, China and Australia suggests Apple Pay is popular with core Apple followers, but the quality of service, and interest in it, varies significantly.

To use Apple Pay, consumers tap their iPhone over payment terminals to buy coffee, train tickets and other services. It can be also used at vending machines that accept contactless payments.

Apple Pay transactions were a fraction of the $84.5 billion in iPhone sales for the six months to March, which accounted for two-thirds of Apple’s total revenue.

Apple has leveraged its huge U.S. user base to push Pay, but has met resistance in Australia, Britain and Canada where banks are building their own products.

“Payments in general is such a complicated system with so many incumbent providers that revolutionary change like this was not going to happen very quickly,” said Joshua Gilbert, an analyst at First Annapolis Consulting.

The upshot: Apple has rolled out Pay in a dribble, adding countries and partners where it can – Hong Kong is expected to be added next – resulting in an uneven banking landscape with users and retail staff not always sure what will work and how.

Source- http://www.thegurureview.net/mobile-category/apple-pay-struggling-to-gain-traction-outside-u-s.html

Researchers from security firm PhishLabs claim that they’ve found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.

The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies’ websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don’t see their actual location.

In some cases attackers registered domain names that are similar to those of the impersonated online payment services, PhishLab Security Threat Analyst Joshua Shilko said in a blog post.

More recently, attackers used domain names similar to those of cryptocurrency companies, suggesting that the cryptocurrency industry is also targeted.

PhishLabs did not name the exact payment card companies and online payment services whose users were targeted by these fake apps. However, most of those companies provide links to their official mobile applications on their websites and users should always use those links instead of manually searching for them on the Play store.

“In one case, a targeted company explicitly states on their website that no mobile application exists for their company and that users should be wary of any mobile application using their brand,” Shilko said.

The danger is that if phishers manage to routinely bypass Google’s review process and upload such apps to the Google Play store, their attacks might extend to other industries in the future.

Another problem is that even when these apps are detected by third-parties and reported, it can take several days for Google to remove them from the app store, leaving a sufficiently large window of opportunity for attackers. It’s not clear how attackers promote these fake apps or if they rely only on users finding them themselves, but in general phishing attacks are most effective during the first several hours after they’re launched.

Source- http://www.thegurureview.net/mobile-category/phishing-apps-continue-to-play-google-play.html

“Microsoft has agreed to withdraw its regulatory complaints against Google, reflecting our changing legal priorities. We will continue to focus on competing vigorously for business and for customers,” a Microsoft spokesperson said in an email.

Google, in a separate email, said the companies would want to compete vigorously based on the merits of their products, not in “legal proceedings”.

The companies in September agreed to bury all patent infringement litigations against each other, settling 18 cases in the United States and Germany.

“… Following our patent agreement, we’ve now agreed to withdraw regulatory complaints against one another,” Google said on Friday.

Google’s rivals had reached out to U.S. regulators alleging that the Internet services company unfairly uses its Android system to win online advertising, people with knowledge of matter told Reuters last year.

The European Commission also accused Google last year of distorting internet search results to favor its shopping service, harming both rivals and consumers.

Source-http://www.thegurureview.net/aroundnet-category/google-microsoft-drop-regulatory-complaints-against-each-other.html

The Health Information Trust Alliance conducted a study of some 30 mid-sized U.S. hospitals late last year and found that 52 percent of them were infected with malicious software, HITRUST Chief Executive Daniel Nutkis told Reuters.

The most common type of malware was ransomware, Nutkis said, which was present in 35 percent of the hospitals included in the study of network traffic conducted by security software maker Trend Micro Inc.

Ransomware is malicious software that locks up data in computers and leaves messages demanding payment to recover the data. Last month, Hollywood Presbyterian Hospital in Los Angeles paid a ransom of $17,000 to regain access to its systems.

This week, an attack on MedStar Health forced the largest healthcare provider in Washington, D.C., to shut down much of its computer network. The Baltimore Sun reported a ransom of $18,500 was sought. MedStar declined to comment.

HITRUST said it expects such attacks to become more frequent because ransomware has turned into a profitable business for cyber criminals.

The results of the study, which HITRUST has yet to share with the public, demonstrate that hackers have moved away from focusing on stealing patient data, Nutkis said.

“If stuff isn’t working, they move on. If stuff is working, they keep doing it,” said Nutkis. “Organizations that are paying have considered their options, and unfortunately they don’t have a lot of options.”

Extortion has become more popular with cyber criminals because it is seen as a way to generate fast money, said Larry Whiteside, a healthcare expert with cyber security firm Optiv.

Stealing healthcare data is far more labor intensive, requiring attackers to keep their presence in a victim’s network undetected for months as they steal data, then they need to find buyers, he added.

“With ransomware I’m going to get paid immediately,” Whiteside said.

Courtesy- http://www.thegurureview.net/aroundnet-category/hospitals-should-brace-for-surge-in-ransomware-attacks.html