Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

‘Stegano’ Malvertising Exposes Millions To Hacking

December 13, 2016 by  
Filed under Around The Net

Comments Off on ‘Stegano’ Malvertising Exposes Millions To Hacking

Since October, millions of internet users have been exposed to malicious code embedded in the pixels from tainted banner ads designed to install Trojans and spyware, according to security firm ESET.

The attack campaign, called Stegano, has been spreading from malicious ads in a “number of reputable news websites,” ESET said in a Tuesday blog post. It’s been preying on Internet Explorer users by scanning for vulnerabilities in Adobe Flash and then exploiting them.

The attack is designed to infect victims with malware that can steal email password credentials through its keylogging and screenshot grabbing features, among others.

The attack is also hard to detect. To infect their victims, the hackers were essentially poisoning the pixels used in the tainted banner ads, ESET said in a separate post.

The hackers concealed their malicious coding in the parameters controlling the pixels’ transparency on the banner ad. This allowed their attack to go unnoticed by the legitimate advertising networks.

Victims will typically see a banner ad for a product called “Browser Defense” or “Broxu.” But in reality, the ad is also designed to run Javascript that will secretly open a new browser window to a malicious website designed to exploit vulnerabilities in Flash that will help carry out the rest of the attack.

Hackers have used similar so-called malvertising tactics to secretly serve malicious coding over legitimate online advertising networks. It’s an attack method that has proven to be a successful at quickly spreading malware to potentially millions.

The makers behind the Stegano attack were also careful to create safeguards to prevent detection, ESET said. For instance, the banner ads will alternate between serving a malicious version or a clean version, depending on the settings run on the victim’s computer. It will also check for any security products or virtualization software on the machine before proceeding with the attack.

ESET declined to name the news websites that were found unknowingly displaying the malicious ads, but cautioned that the attack was widespread, and could have been hosted through other popular sites as well.

Source-http://www.thegurureview.net/aroundnet-category/stegano-malvertising-ads-expose-millions-of-online-users-to-hacking.html

Intel Sheds McAfee

September 14, 2016 by  
Filed under Security

Comments Off on Intel Sheds McAfee

Intel has sold the Intel Security business for $3.5bn less than it paid for it six years ago.

Intel Security, previously and better known as McAfee, has been sold to private equity firm TPG for $4.2bn, despite Intel paying $7.7bn for it in 2010.

The chip firm will receive $3.1bn in cash as part of the transaction and retain a 49 per cent minority stake. TPG will take control with a 51 per cent stake, and will invest $1.1bn in the company.

Intel Security is based on the McAfee business and was renamed two years ago. The company will revert to the better known McAfee brand, despite John McAfee reportedly suing Intel over the use of his name.

The transaction is expected to close in the second quarter of 2017, and Chris Young, general manager of Intel Security Group, will become CEO of McAfee.

Young described TPG in an open letter to stakeholders as a “seasoned technology investor” that was “attracted to our current momentum and long-term potential”.

He claimed that McAfee currently protects “more than a quarter of a billion endpoints” and more than 200 million consumers, and is present in two thirds of the world’s 2,000 largest companies.

Intel CEO Brian Krzanich claimed that, despite the sale, security “remains important in everything we do at Intel”.

“We will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices,” he added.

Bryan Taylor, a partner at TPG, said that the company had “long identified the cyber security sector, which has experienced strong growth due to the increasing volume and severity of cyber attacks, as one of the most important areas in technology”.

Intel’s acquisition of McAfee Security in 2010 was intended to enable the company to beef up security around PCs and sell McAfee antivirus and other security software around its core business.

However, the combination never worked as the money to be made in the security business became increasingly focused on the data center and cloud computing.

Courtesy-TheInq

Is Changing Your Password Often A Good Idea?

August 15, 2016 by  
Filed under Security

Comments Off on Is Changing Your Password Often A Good Idea?

Carnegie Mellon University professor Lorrie Cranor, who is the US FTC’s technology guru, has debunked a myth that it is a good idea to change your password often.

Talking to Ars Technica she said that while frequent password changes can lock hackers out they make make security worse.

She told the BSides security conference in Las Vegas that frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking.

A study published in 2010 by researchers from the University of North Carolina at Chapel Hill more or less confirmed her views. The researchers obtained the cryptographic hashes to 10,000 expired accounts that once belonged to university employees, faculty, or students who had been required to change their passcodes every three months. Researchers received data not only for the last password used but also for passwords that had been changed over time.

By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1″, for instance (excluding the quotation marks) frequently became “tArheels#1″ after the first change, “taRheels#1″ on the second change and so on. Or it might be changed to “tarheels#11″ on the first change and “tarheels#111″ on the second. Another common technique was to substitute a digit to make it “tarheels#2″, “tarheels#3″, and so on.

“The UNC researchers said if people have to change their passwords every 90 days, they tend to use a pattern and they do what we call a transformation. They take their old passwords, they change it in some small way, and they come up with a new password.”

The researchers used the transformations they uncovered to develop algorithms that could predict changes with great accuracy.

A separate study from researchers at Carleton University showed that frequent password changes hamper attackers only minimally and probably not enough to offset the inconvenience to end users.

Courtesy-Fud

Facebook Goes End To End

July 18, 2016 by  
Filed under Security

Comments Off on Facebook Goes End To End

Facebook Inc announced that it began testing end-to-end encryption on its popular Messenger application to prevent snooping on digital conversations.

The limited testing on Messenger, which has more than 900 million users, comes three months after Facebook rolled out end-to-end encryption to its more popular WhatsApp, a messaging application with over 1 billion users that it acquired in October 2014.

The move comes amid widespread global debate over the extent to which technology companies should help law enforcement snoop on digital communications.

End-to-end encryption is also offered on Apple Inc’s iMessage platform as well as apps including LINE, Signal, Viber, Telegram and Wickr.

Facebook Messenger uses the same encryption technology as WhatsApp, which uses a protocol known as Signal that was developed by privately held Open Whisper Systems.

“It seems well designed,” said Matthew Green, a Johns Hopkins University cryptologist who helped review an early version of the protocol for Facebook.

While WhatsApp messages are encrypted by default, Facebook Messenger users must turn on the feature to get the extra additional security protection, which scrambles communications so they can only be read on devices at either end of a conversation.

Facebook said that it was requiring users to opt in to encryption because the extra security is not compatible with some widely used Messenger features.

“Many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone,” the company said in an announcement on its website. “Secret conversations can only be read on one device and we recognize that experience may not be right for everyone.”

Facebook also said that Messenger users cannot send videos or make payments in encrypted conversations.

Courtesy-http://www.thegurureview.net/aroundnet-category/end-to-end-encryption-comes-to-facebook-messenger.html

Is Intel Going To Dump McAfee

July 8, 2016 by  
Filed under Computing

Comments Off on Is Intel Going To Dump McAfee

Intel has run out of ideas about what it is going to do with it its security business and is apparently planning to flog it off.

Five years ago Intel bought McAfee for $7.7bn acquisition. Two years ago it re-branded it as Intel Security. There was talk about chip based security and how important this would be as the world moved to the Internet of Things.

Now the company has discussed the future of Intel Security with bankers, including potentially the outfit. The semiconductor company has been shifting its focus to higher-growth areas, such as chips for data center machines and Internet-connected devices, as the personal-computer market has declined.

The security sector has seen a lot of interest from private equity buyers. Symantec said earlier this month it was acquiring Web security provider Blue Coat for $4.65 billion in cash, in a deal that will see Silver Lake, an investor in Symantec, enhancing its investment in the merged company, and Bain Capital, majority shareholder in Blue Coat, reinvesting $750 million in the business through convertible notes.

However Intel’s move into the Internet of Things does make it difficult for it to exit the security business completely. In fact some analysts think it will only sell of part of the business and keep some key bits for itself.

Courtesy-Fud

Apple Begins Testing Of Safari 10

July 6, 2016 by  
Filed under Around The Net

Comments Off on Apple Begins Testing Of Safari 10

Apple has begun testing Safari 10 with developers running the 2014 and 2015 editions of macOS, gearing up for a fall release of the updated browser to users of Yosemite and El Capitan.

Safari 10 was introduced earlier this month as part of macOS Sierra, this year’s operating system upgrade.

Apple typically supports its newest browser on three editions of macOS: The latest version and its two predecessors. The now-current Safari 9, for example, receives updates, including security patches, on last year’s El Capitan, 2014′s Yosemite and 2013′s Mavericks.

Safari 10 will be supported on Sierra, El Capitan and Yosemite. Meanwhile, Mavericks will remain on Safari 9.

The Safari 10 preview is currently available only to registered Apple developers, who pay $99 annually for access to early builds, development tools and documentation.

The general public will get its first look at Safari 10 next month after Apple opens up its broader-based public beta program for Sierra. Those who have signed on to the beta preview will also be able to download preliminary versions of Safari 10 for El Capitan and Yosemite, running the preview browser but sticking with their older, more stable operating systems.

Some of Safari 10′s signature features will be available only within macOS Sierra, including web-based Apple Pay — where payment is authorized with an iPhone or Apple Watch — but others will be supported by older versions of the operating system. Among the most notable are the new ability for developers to distribute and sell Safari add-ons in the Mac App Store, and easy portability of iOS content blockers to macOS.

If Apple replicates last year’s beta schedule, it will release the first public preview of macOS Sierra and Safari 10 around July 14.

Courtesy http://www.thegurureview.net/aroundnet-category/apple-begins-testing-of-safari-10-browser.html

Phishing Apps Plague Google Play

May 12, 2016 by  
Filed under Computing

Comments Off on Phishing Apps Plague Google Play

Google’s attempts to safeguard the Android app store — Google Play — are far from perfect, with malicious apps routinely slipping through its review process. Such was the case for multiple phishing applications this year that posed as client apps for popular online payment services.

Researchers from security firm PhishLabs claim that they’ve found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.

The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies’ websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don’t see their actual location.

In some cases attackers registered domain names that are similar to those of the impersonated online payment services, PhishLab Security Threat Analyst Joshua Shilko said in a blog post.

More recently, attackers used domain names similar to those of cryptocurrency companies, suggesting that the cryptocurrency industry is also targeted.

PhishLabs did not name the exact payment card companies and online payment services whose users were targeted by these fake apps. However, most of those companies provide links to their official mobile applications on their websites and users should always use those links instead of manually searching for them on the Play store.

“In one case, a targeted company explicitly states on their website that no mobile application exists for their company and that users should be wary of any mobile application using their brand,” Shilko said.

The danger is that if phishers manage to routinely bypass Google’s review process and upload such apps to the Google Play store, their attacks might extend to other industries in the future.

Another problem is that even when these apps are detected by third-parties and reported, it can take several days for Google to remove them from the app store, leaving a sufficiently large window of opportunity for attackers. It’s not clear how attackers promote these fake apps or if they rely only on users finding them themselves, but in general phishing attacks are most effective during the first several hours after they’re launched.

Source- http://www.thegurureview.net/mobile-category/phishing-apps-continue-to-play-google-play.html

ARM And Nokia Want To Update The TCP/IP Stack

December 24, 2015 by  
Filed under Computing

Comments Off on ARM And Nokia Want To Update The TCP/IP Stack

Nokia and ARM want to spruce up the TCP/IP stack to make it better suited to networks that need to operate at high speed and/or low latency.

Legacy TCP/IP is seen as one of the slowing points for a lot of future IT – particularly 5G.  LTE was IP-based but it was hell on toast getting it to go and as networks get faster and more virtualised, the TCP/IP stack is failing to keep up.

At the moment Nokia and ARM are using 5G to drive other companies into looking at a
fully revamped TCP/IP stack, optimized for the massively varied use cases of the next mobile generation, for cloud services, and for virtualization and software-defined networking (SDN).

Dubbed the OpenFastPath (OFP) Foundation, founded by Nokia Networks, ARM and industrial IT services player Enea. The cunning plan is to create an open source TCP/IP stack which can accelerate the move towards SDN in carrier and enterprise networks.

AMD, Cavium, Freescale, HPE and the ARM-associated open source initiative, Linaro are all on board with it.

The cunning plan is to create open but secure network applications, which harness IP packet processing. Some want very high throughput, others ultra-low latency others want both and it is probably going to require a flexible standard to make it all go

The standard would support faster packet forwarding, via low IP latency combined with high capacity, and so reduce deployment and management costs by making networks more efficient.

This appears to be based around getting TCP/IP out of the kernel and using them for packet processing involves a number of operations (moving packets into memory, then to the kernel, then back out to the interface) which could be streamlined to reduce latency.

Courtesy-Fud

Microsoft To Block SHA-1 Hashing

November 19, 2015 by  
Filed under Computing

Comments Off on Microsoft To Block SHA-1 Hashing

Software Giant Microsoft has joined Mozilla and will consider blocking the SHA-1 hashing algorithm on Windows to keep the US spooks from using it to spy on users computers.

Redmond had earlier said that Windows would block SHA-1 signed TLS (Transport Layer Security) certificates from January 1, 2017, but is now mulling moving up the date to June.

There have been concerns about the algorithm’s security as researchers have proven that a forged digital certificate that has the same SHA-1 hash as a legitimate one can be created. Users can then be tricked into interacting with a spoofed site in what is called a hash collision.

In October, a team of cryptoanalysts warned that the SHA-1 standard should be withdrawn as the cost of breaking the encryption had dropped faster than expected to US$75,000 to $120,000 in 2015 using freely available cloud computing.

Programme manager for Microsoft Edge Kyle Pflug wrote in his blog that Redmond will coordinate with other browser vendors to evaluate the impact of this timeline based on telemetry and current projections for feasibility of SHA-1 collisions.

Mozilla said in October that in view of recent attacks it was considering a cut-off of July 1, 2016 to start rejecting all SHA-1 SSL certificates, regardless of when they were issued, ahead of an earlier scheduled date of January 1, 2017.

Courtesy- http://www.thegurureview.net/computing-category/microsoft-to-block-sha-1-hashing.html

Britain’s New Surveillance Plans Raises Privacy Concerns

November 16, 2015 by  
Filed under Around The Net

Comments Off on Britain’s New Surveillance Plans Raises Privacy Concerns

Britain has announced plans for sweeping new surveillance powers, including the right to find out which websites people visit, measures ministers say are vital to keep the country safe but which critics denounce as an assault on freedoms.

Across the West, debate about how to protect privacy while helping agencies operate in the digital age has raged since former U.S. intelligence contractor Edward Snowden leaked details of mass surveillance by British and U.S. spies in 2013.

Experts say part of the new British bill goes beyond the powers available to security services in the United States.

The draft was watered down from an earlier version dubbed a “snoopers’ charter” by critics who prevented it reaching parliament. Home Secretary Theresa May told lawmakers the new document was unprecedented in detailing what spies could do and how they would be monitored.

“It will provide the strongest safeguards and world-leading oversight arrangements,” she said. “And it will give the men and women of our security and intelligence agencies and our law enforcement agencies … the powers they need to protect our country.”

They would be able to require communication service providers (CSPs) to hold their customers’ web browsing data for a year, which experts say is not available to their U.S. counterparts.

“What the British are attempting to do, and what the French have already done post Charlie Hebdo, would never have seen the light of day in the American political system,” Michael Hayden, former director of the U.S. National Security Agency and Central Intelligence Agency, told Reuters.

May said that many of the new bill’s measures merely updated existing powers or spelled them out.

Police and spies’ access to web use would be limited to “Internet connection records” – which websites people had visited but not the particular pages – and not their full browsing history, she said.

“An Internet connection record is a record of the communications service that a person has used – not a record of every web page they have accessed,” May said. “It is simply the modern equivalent of an itemised phone bill.”

Source-http://www.thegurureview.net/aroundnet-category/britains-new-surveillance-plans-raise-ire-of-privacy-advocates.html

Next Page »