Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

‘Stegano’ Malvertising Exposes Millions To Hacking

December 13, 2016 by  
Filed under Around The Net

Comments Off on ‘Stegano’ Malvertising Exposes Millions To Hacking

Since October, millions of internet users have been exposed to malicious code embedded in the pixels from tainted banner ads designed to install Trojans and spyware, according to security firm ESET.

The attack campaign, called Stegano, has been spreading from malicious ads in a “number of reputable news websites,” ESET said in a Tuesday blog post. It’s been preying on Internet Explorer users by scanning for vulnerabilities in Adobe Flash and then exploiting them.

The attack is designed to infect victims with malware that can steal email password credentials through its keylogging and screenshot grabbing features, among others.

The attack is also hard to detect. To infect their victims, the hackers were essentially poisoning the pixels used in the tainted banner ads, ESET said in a separate post.

The hackers concealed their malicious coding in the parameters controlling the pixels’ transparency on the banner ad. This allowed their attack to go unnoticed by the legitimate advertising networks.

Victims will typically see a banner ad for a product called “Browser Defense” or “Broxu.” But in reality, the ad is also designed to run Javascript that will secretly open a new browser window to a malicious website designed to exploit vulnerabilities in Flash that will help carry out the rest of the attack.

Hackers have used similar so-called malvertising tactics to secretly serve malicious coding over legitimate online advertising networks. It’s an attack method that has proven to be a successful at quickly spreading malware to potentially millions.

The makers behind the Stegano attack were also careful to create safeguards to prevent detection, ESET said. For instance, the banner ads will alternate between serving a malicious version or a clean version, depending on the settings run on the victim’s computer. It will also check for any security products or virtualization software on the machine before proceeding with the attack.

ESET declined to name the news websites that were found unknowingly displaying the malicious ads, but cautioned that the attack was widespread, and could have been hosted through other popular sites as well.

Source-http://www.thegurureview.net/aroundnet-category/stegano-malvertising-ads-expose-millions-of-online-users-to-hacking.html

Can iOS Activation Lock Be Bypassed?

December 7, 2016 by  
Filed under Around The Net

Comments Off on Can iOS Activation Lock Be Bypassed?

Two researchers report that they have discovered a way to bypass the activation lock feature in iOS that’s supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.

The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.

The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.

One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.

The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it. This is supposed to restore the state of the tablet from where it was left off, in this case, loading the WPA2 screen again with the long strings of characters filled in.

“After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock,” he said in a blog post.

Hemanth said he reported the issue to Apple on Nov. 4, and the company is investigating it. He tested the bypass on iOS 10.1, which was released on Oct. 24.

Last week, a researcher named Benjamin Kunz Mejri, from German outfit Vulnerability Lab, posted a video showing the same bypass, but on the newer iOS 10.1.1 version.

Kunz Mejri’s method is similar and also involves overflowing the Add Wi-Fi form fields with long strings of characters but also requires rotating the tablet’s screen in order to trigger the crash after the smart cover trick.

Apple has not yet confirmed that issue and did not immediately respond to a request for comment.

Source- http://www.thegurureview.net/mobile-category/researcher-prove-ios-activation-lock-can-be-bypassed.html

PC Market Showing Signs Of Life

September 23, 2016 by  
Filed under Computing

Comments Off on PC Market Showing Signs Of Life

The PC market is showing some signs of growth, with Intel boosting its revenue guidance based on improved chip shipments.

The chip maker has raised its revenue guidance for the third quarter to $15.6 billion, plus or minus $300 million, an improvement from $14.9 million, plus or minus $500 million.

That’s due to PC makers replenishing laptop and desktop inventory, which means Intel is shipping out more chips. It’s likely in anticipation of the holiday season, when PC shipments rocket.

“The company is also seeing some signs of improving PC demand,” Intel said in a statement.

In the second quarter of the year, PC makers slowed down chip orders and were clearing out existing stock of laptops and desktops. PC shipments declined by 4.5 percent during that period, according to IDC.

Shipments of gaming PCs, 2-in-1s and Chromebooks are driving PC shipments. Microsoft’s free upgrade offer to Windows 10 has also ended, which means users are more likely to buy new PCs to get Windows 10.

Meanwhile, new laptops with Intel’s Kaby Lake chips are now available. All the top PC makers have announced new 2-in-1s and laptops with Intel’s new chips. New Kaby Lake chips for gaming PCs will be announced in January.

Intel also has started shipping Pentium and Celeron chips, both aimed at low-cost laptops, based on the same architecture and code-named Apollo Lake. Many Chromebooks are based on Apollo Lake chips.

Courtesy- http://www.thegurureview.net/computing-category/pc-market-showing-signs-of-life.html

Intel Sheds McAfee

September 14, 2016 by  
Filed under Security

Comments Off on Intel Sheds McAfee

Intel has sold the Intel Security business for $3.5bn less than it paid for it six years ago.

Intel Security, previously and better known as McAfee, has been sold to private equity firm TPG for $4.2bn, despite Intel paying $7.7bn for it in 2010.

The chip firm will receive $3.1bn in cash as part of the transaction and retain a 49 per cent minority stake. TPG will take control with a 51 per cent stake, and will invest $1.1bn in the company.

Intel Security is based on the McAfee business and was renamed two years ago. The company will revert to the better known McAfee brand, despite John McAfee reportedly suing Intel over the use of his name.

The transaction is expected to close in the second quarter of 2017, and Chris Young, general manager of Intel Security Group, will become CEO of McAfee.

Young described TPG in an open letter to stakeholders as a “seasoned technology investor” that was “attracted to our current momentum and long-term potential”.

He claimed that McAfee currently protects “more than a quarter of a billion endpoints” and more than 200 million consumers, and is present in two thirds of the world’s 2,000 largest companies.

Intel CEO Brian Krzanich claimed that, despite the sale, security “remains important in everything we do at Intel”.

“We will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices,” he added.

Bryan Taylor, a partner at TPG, said that the company had “long identified the cyber security sector, which has experienced strong growth due to the increasing volume and severity of cyber attacks, as one of the most important areas in technology”.

Intel’s acquisition of McAfee Security in 2010 was intended to enable the company to beef up security around PCs and sell McAfee antivirus and other security software around its core business.

However, the combination never worked as the money to be made in the security business became increasingly focused on the data center and cloud computing.

Courtesy-TheInq

Is Changing Your Password Often A Good Idea?

August 15, 2016 by  
Filed under Security

Comments Off on Is Changing Your Password Often A Good Idea?

Carnegie Mellon University professor Lorrie Cranor, who is the US FTC’s technology guru, has debunked a myth that it is a good idea to change your password often.

Talking to Ars Technica she said that while frequent password changes can lock hackers out they make make security worse.

She told the BSides security conference in Las Vegas that frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking.

A study published in 2010 by researchers from the University of North Carolina at Chapel Hill more or less confirmed her views. The researchers obtained the cryptographic hashes to 10,000 expired accounts that once belonged to university employees, faculty, or students who had been required to change their passcodes every three months. Researchers received data not only for the last password used but also for passwords that had been changed over time.

By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1″, for instance (excluding the quotation marks) frequently became “tArheels#1″ after the first change, “taRheels#1″ on the second change and so on. Or it might be changed to “tarheels#11″ on the first change and “tarheels#111″ on the second. Another common technique was to substitute a digit to make it “tarheels#2″, “tarheels#3″, and so on.

“The UNC researchers said if people have to change their passwords every 90 days, they tend to use a pattern and they do what we call a transformation. They take their old passwords, they change it in some small way, and they come up with a new password.”

The researchers used the transformations they uncovered to develop algorithms that could predict changes with great accuracy.

A separate study from researchers at Carleton University showed that frequent password changes hamper attackers only minimally and probably not enough to offset the inconvenience to end users.

Courtesy-Fud

PC Monitors Vulnerable To Hacking

August 12, 2016 by  
Filed under Security

Comments Off on PC Monitors Vulnerable To Hacking

You should probably be leery of what you see since, apparently, your computer monitor can be hacked.

Researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.

Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.

They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.

During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.

It wasn’t exactly an easy hack to pull off. To discover the vulnerability, both Cui and Kataria spent their spare time over two years, conducting research and understanding the technology inside the Dell monitor.

However, they also looked at monitors from other brands, including Samsung, Acer and Hewlett Packard, and noticed that it was theoretically possible to hack them in the same manner as well.

The key problem lies in the monitors’ firmware, or the software embedded inside. “There’s no security in the way they update their firmware, and it’s very open,” said Cui, who is also CEO of Red Balloon.

The exploit requires gaining access to the monitor itself, through the HDMI or USB port. Once done, the hack could potentially open the door for other malicious attacks, including ransomware.

For instance, cyber criminals could emblazon a permanent message on the display, and ask for payment to remove it, Kataria said. Or they could even spy on users’ monitors, by logging the pixels generated.

However, the two researchers said they made their presentation to raise awareness about computer monitor security. They’ve posted the code to their research online.

“Is monitor security important? I think it is,” Cui said.

Dell couldn’t be reached for immediate comment.

Source- http://www.thegurureview.net/computing-category/computer-monitors-are-also-vulnerable-to-hacking.html

Is Intel Going To Dump McAfee

July 8, 2016 by  
Filed under Computing

Comments Off on Is Intel Going To Dump McAfee

Intel has run out of ideas about what it is going to do with it its security business and is apparently planning to flog it off.

Five years ago Intel bought McAfee for $7.7bn acquisition. Two years ago it re-branded it as Intel Security. There was talk about chip based security and how important this would be as the world moved to the Internet of Things.

Now the company has discussed the future of Intel Security with bankers, including potentially the outfit. The semiconductor company has been shifting its focus to higher-growth areas, such as chips for data center machines and Internet-connected devices, as the personal-computer market has declined.

The security sector has seen a lot of interest from private equity buyers. Symantec said earlier this month it was acquiring Web security provider Blue Coat for $4.65 billion in cash, in a deal that will see Silver Lake, an investor in Symantec, enhancing its investment in the merged company, and Bain Capital, majority shareholder in Blue Coat, reinvesting $750 million in the business through convertible notes.

However Intel’s move into the Internet of Things does make it difficult for it to exit the security business completely. In fact some analysts think it will only sell of part of the business and keep some key bits for itself.

Courtesy-Fud

UberEATS Launches In London

June 27, 2016 by  
Filed under Around The Net

Comments Off on UberEATS Launches In London

Ride-hailing company Uber debuted its meal delivery service app UberEATS in London on Thursday, the second European city where users will be able to order food to their home, entering a burgeoning British market.

The service, which is currently available in 17 cities around the world including Paris, will compete with rivals such as Deliveroo and Just Eat, which have advertised heavily in the capital in recent months.

Britons will be able to download the app on their iPhone or Android handset from midday on Thursday and order meals from restaurants which will be delivered by Uber drivers.

Deliveries will be made to customers in central London from over 150 eateries between 11 a.m. and 11 p.m. with plans to expand further away from the center in the coming weeks.

Uber has faced months of protests from drivers of the capital’s long-dominant black cabs but earlier this year transport bosses rejected options which could have imposed strict new restrictions on how it operates.

http://www.thegurureview.net/aroundnet-category/ubereats-launches-in-london.html

Google And Yahoo Get Blocked

May 24, 2016 by  
Filed under Around The Net

Comments Off on Google And Yahoo Get Blocked

The IT department of the U.S. House of Representatives is prohibiting access to Yahoo Mail and the Google App Engine platform due to malware threats.

On April 30, the House’s Technology Service Desk informed users about an increase in ransomware-related emails on third-party email services like Yahoo Mail and Gmail.

“The House Information Security Office is taking a number of steps to address this specific attack,” the Technology Service Desk said in an email obtained and published by Gizmodo. “As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice.”

The ban on Yahoo Mail access suggests that some House of Representatives workers accessed Yahoo mailboxes from their work computers. This raises questions: Are House workers using Yahoo Mail for official business, and, if they’re not, are they allowed to check their private email accounts on work devices?

If they use the same devices for both personal and work activities, one would hope that there are access controls in place to separate the work and personal data. Otherwise, if they are allowed to take those devices outside of the House’s network, they could just as easily become infected there, where the ban is not in effect.

“The recent attacks have focused on using .js files attached as ZIP files to e-mail that appear to come from known senders,” the House’s Technology Service Desk said. “The primary focus appears to be through Yahoo Mail at this time.”

The increase in ZIP and RAR attachments that contain malicious JavaScript (JS) files has been observed by multiple security companies in recent months. Microsoft offers several recommendations, like using the Windows AppLocker group policy to restrict the execution of .JS files.

The House Information Security Office also banned access to appspot.com, the domain name used by applications hosted on the Google App Engine platform, Reuters reported.

Source- http://www.thegurureview.net/aroundnet-category/u-s-house-of-representatives-block-yahoo-and-google-apps.html

Is Qualcomm Facing Another Security Flaw?

May 19, 2016 by  
Filed under Computing

Comments Off on Is Qualcomm Facing Another Security Flaw?

FireEye has found a vulnerability in Qualcomm software packages which are under the bonnet of hundreds of Android phone models.

Google announced this week that it released an Android update to patch shedloads of vulnerabilities, but the advisory mentioned an information disclosure vulnerability in the Qualcomm tethering controller (CVE-2016-2060) that allows a malicious application to access user information.

FireEye said that this vulnerablity is “high severity,” but Google noted that it does not affect Nexus devices. The patch for the issue is not in the Android Open Source Project (AOSP) repository but might make it in the  latest driver updates for affected devices.

The security outfit said that researchers informed Qualcomm about the vulnerability in January and the vendor developed a fix by early March, when it started reaching out to OEMs to let them know about the issue. Now it’s up to the device manufacturers to push out the patch to customers. So probably a long time then.

The flaw exists in an open source software package maintained by Qualcomm and is related to the Android network daemon (netd).

“The vulnerability was introduced when Qualcomm provided new APIs as part of the ‘network_manager’ system service, and subsequently the ‘netd’ daemon, that allow additional tethering capabilities, possibly among other things,” FireEye said.

The flaw has been confirmed to affect devices running Android 5.0 Lollipop and earlier, which currently account for roughly three-quarters of Android devices. Researchers noted that the affected Qualcomm software package is used in a variety of projects, including the popular CyanogenMod, and the vulnerable APIs appear to have been around since at least 2011.

The vulnerability can be exploited to escalate privileges to the built-in “radio” user, which has permissions that are normally not available to a third-party app. The most efficient way to exploit CVE-2016-2060 is via a malicious application that is granted the “ACCESS_NETWORK_STATE” permission.

Courtesy-Fud

Next Page »