Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Is Russia Behind Recent US Malware Attacks?

September 30, 2015 by  
Filed under Computing

It would appear that while the US has been blaming China for all its cyber break-ins it appears to be ignoring Tsar Putin’s elite hacking team for the last seven years.

For the past seven years, a cyberespionage group operating out of Russia on the orders of Tsar Putin have been conducting a series of malware campaigns targeting governments, political think tanks and other organizations.

Researchers at F-Secure have been looking into the antics of an outfit called “the Dukes” which has been active since at least 2008. The group has evolved into a methodical developer of “zero-day” attacks, pulling together their own research with the published work of other security firms to provide a more detailed picture of the people behind a long-running family of malware.

The Dukes specialize in “smash and grab” attacks on networks, but have also used subtle, long-term intrusions that harvested massive amounts of data from their targets.

The group’s targets do include criminal organisations operating in the Russian Federation, which suggest there is some form of policing element to it. But they are mostly interested in Western governments and related organisations, such as government ministries and agencies, political think tanks and governmental subcontractors.

F-Secure team wrote. “Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organisations associated with Chechen terrorism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.”

The group was named after its earliest-detected malware, known as PinchDuke. Its targets were associated with the Chechen separatist movement. Later that year they were going after Western governments and organisations in search of information about the diplomatic activities of the United States and the NATO.

Most of the attacks used spear phishing emails as the means of injecting malware onto targeted systems, one of their attacks have spread malware through a malicious Tor exit node in Russia, targeting users of the anonymising network with malware injections into their downloads.

The targets have always followed Russian government interests. There are a number of Russian-language artifacts in some of the malware, including an error message in PinchDuke. GeminiDuke also used timestamps that were adjusted to match Moscow Standard time.

Before the beginning of the Ukraine crisis, the group began using a number of decoy documents in spear phishing attacks that were related to Ukraine. They included a letter undersigned by the First Deputy Minister for Foreign Affairs of Ukraine.

However, after the crisis happened the attacks dropped off suggesting that it was an intelligence gathering operation. It is also a big operation, which, if operating in Russia would most likely require state acknowledgement, if not outright support.

Source-http://www.thegurureview.net/computing-category/is-russia-behind-us-malware-attacks.html

September 29, 2015 by  
Filed under Computing

Apple has officially released iOS 9, but in the first hour users reported that they were unable to grab the 1GB download.

“Software Update Failed,” the message read on iPhones and iPads. “An error occurred downloading iOS 9.”Computerworld confirmed the problem, initially seeing it on multiple iOS 8 devices. But after several subsequent attempts, the download successfully started about an hour after Apple issued the upgrade.

Similar reports of early problems were posted on Apple’s own support forums and elsewhere on the Internet. “Not a very helpful error,” wrote someone identified as “yanic” on the former.

Others countered with snark. “Strangely, this is not a ‘limited time offer,’ said “stedman 1″ on the same thread, likely referring to Microsoft’s Windows 10 free upgrade offer, which is valid for one year. “The software will be available tomorrow, and the next day, and next week.”

Some advice ended up being more helpful. “You are facing an overloaded server which is pretty typical of the first day a software revision comes out,” contended “Ralph Landry1″ on a different discussion thread.

Several iPhone owners who had said that they were unable to download iOS 9 returned to the same forum threads to report they had gotten the upgrade later.

Apple’s track record with iOS releases has been mixed. Last year’s iOS 8 roll-out seemingly started off smoothly — there were few initial complaints about getting the upgrade — but many soon griped that 8′s large size forced them to wipe apps and content from their devices before they could install the new OS.

iOS 9′s size and the free space requirements for installation were both reduced to address that problem of last year. The free space demand for iOS 9 fell to 1.3GB to 1.8GB from last year’s 4.5GB to 5GB.

Source-http://www.thegurureview.net/consumer-category/users-reporting-problems-upgrading-to-apples-ios-9.html

September 28, 2015 by  
Filed under Computing

Opera Software has announced a crop of additional functionality for its desktop edition which graduates today to become Opera 32.

The Norwegian browser firm has a relatively small but very loyal market share of 1.27 percent. It has benefited in recent years from increased compatibility owing to a change to the open source Chromium base, making it the biggest Chromium browser apart from Chrome itself.

Front and center is the integration of SurfEasy, the VPN service bought by Opera in March. Customers can now run completely anonymous browsing sessions from within Opera 32.

Other browsers offer ‘anonymous browsing’, but this does not protect your browsing of robot sex doll sites from your ISP or your search engine. With a VPN you can be sure that whatever you get up to is secret.

Opera product manager Zhenis Beisekov said in the Opera Blog: “Your security online has always been our highest concern. We want to move it another step forward, because we believe that privacy online is a universal right.”

Other new features include the addition of password syncing between browsers, which joins the existing shared tabs, bookmarks and data.

Bookmarks get a new tree-view designed to make it easier to find stuff in your bookmarks, and maybe give them the tidy up they’ve needed all these years.

Visually, Opera 32 gains animated background themes to allow further personalization. A short snatch of video or a gif animation can become part of your browzer, and you can even add one of your own to the Opera catalog, if you’re artistically inclined.

Opera recently announced a major update to its Mini browser for smaller devices, which offers a data compression option that maintains the integrity of the page content for the first time, making it ideal for roaming and low bandwidth areas.

Source-http://www.thegurureview.net/computing-category/opera-browser-introduces-vpn-for-everyone.html

September 25, 2015 by  
Filed under Computing

Bittorrent and WD have teamed up to create a 1TB drive for the Raspberry Pi. The Pi Drive has been designed especially for the Raspberry Pi Model B+ and the Raspberry Pi 2 Model B, and offers a viable way to turn a Pi into a media centre, NAS and PVR all in one.

BitTorrent Sync makes it possible to sync content from all your devices straight to the drive, bypassing the cloud and making it an excellent backup device.

It differs from a standard hard drive, not least because it’s low-powered enough to be run off the USB port that charges your Pi, using a splitter cable supplied – no mean feat for a mechanical drive.

It’s not perfect. It’s a standard 2.5in drive but with a USB connection rather than a SATA which means it’s bigger than the Pi and you’ll need to create a bespoke case or let it all hang out in true maker fashion.

Essentially, it’s the same type of drive that you would see if you smashed open one of WD’s external drives, but it would take a brave soul to do so and this way you get the right cable and software to make it all work together.

The tie-up between BitTorrent and WD comes as the former announces version 2.2 of the Sync service which we have been following since inception.

The new version offers a clearer delineation between home and pro users. Home users can buy a lifetime licence for $39.99 which covers all 2.x releases. This comes in addition to the perpetual free version which will no longer be limited to 10 folders.

Instead the monetized version will come from business customers who remain on a monthly fee, and pro user subscriptions for advanced features such as collaboration and file sharing introduced in version 2.1.

The Pi Drive retails at $80 with a 35 percent discount offer through BitTorrent with the code WDPIDRIVE1TB. UK sellers are yet to be confirmed, but will form part of the newly launched BitTorrent Sync reseller programme that launches with this edition.

Source-http://www.thegurureview.net/computing-category/raspberry-pi-to-get-mass-storage.html

September 24, 2015 by  
Filed under Around The Net

Investors fear that Apple has run out of ideas after it released a version of Microsoft’s surface pro and an iPhone, which was the same as last year’s.

Apple’s Tim Cook might have thought yesterday, as he walked away from the cheering crowds of Apple employees and rabid New York Times writers, that he had won the day.

However, Apple shares fell 1.9 percent as shareholders realised that there were no transformative products that could jumpstart the company’s sales ahead of the crucial holiday season.

Apple shares usually drop an average of 0.4 percent on the day of iPhone announcements because the hype never matches the reality but this is a much bigger fall.

The big iPad received a raspberry because it was too big and similar to Microsoft’s Surface tablet and the new iPhones were too similar to those released a year ago. The Apple Surface Pro even came with a stylus, which is something that Apple fanboys mocked for years. In fact the only innovative thing about it was that it required recharging every ten hours making it the chocolate teapot of pencils.

All they had which was new was the 3D Touch which is a “so what?” technology which no one really needed or cares about. It was certainly not worth upgrading to get.

Jobs’ Mob has clearly given up on any pretence of “thinking different” and short of ideas has copied itself and others.

We expected the Apple TV announcement to be hugely disappointing. Apple has mostly dialled back its ambitions this year as it plans a bigger telly service announcement next year. But you would think that after all these years not upgrading the Apple TV, Jobs Mob could have come up with some more interesting hardware.

What we got were demonstrations showed tricks to make viewing easier voice control which can rewind a video for 15 seconds and turn on subtitles, when a viewer asks something like “What did she say?”

Oddly Cook said that Apple had worked really hard, and really long on that project. The new set-top box will include an app store and let developers create new software for Apple TV, including video games.

Again nothing that you can’t get elsewhere and probably a lot cheaper.  We expect the Tame Apple Press will go into damage control limitation exercise and try to convince the world that everything is brilliant.  Watch the comments below for statements from “Apple investors” claiming that their shares have gone up and that there was tons in yesterday’s rally to get excited about.

Source-http://www.thegurureview.net/computing-category/are-investors-losing-patience-with-apples-inventiveness.html

September 23, 2015 by  
Filed under Around The Net

Hackers have penetrated the IT systems of U.S. health insurer Excellus BlueCross BlueShield and gained access to personal, financial and medical information of more than 10 million people, the company has disclosed.

The initial attack occurred in December 2013, but the company did not learn about it until Aug. 5. Since then it has been working with the FBI and cybersecurity firm Mandiant to investigate the breach.

The hackers may have had access to customer records which include names, addresses, telephone numbers, dates of birth, Social Security numbers, member identification numbers, financial accounts and medical claims information.

Records may contain all or just some of that information, depending on the customer’s relationship with the company. The breach doesn’t affect just Excellus members, but also members of other Blue Cross Blue Shield plans who sought medical treatment in the upstate New York area serviced by the company.

The information was encrypted, but the attackers gained administrative privileges to the IT systems, allowing them to potentially access it, the company said on a website that was set up to provide information about the incident.

No evidence has been found yet that the data was copied or misused by the attackers.

Excellus will send breach notification letters via mail to all affected persons throughout the month and is offering free credit monitoring and identity protection services for two years through a partner.

The company will not contact affected individuals via email or telephone, so any emails or phone calls claiming to be from the company in regard to this attack should be ignored as they are probably scams.

The incident comes after three other Blue Cross Blue Shield health insurers — Anthem, Premera and CareFirst — announced large data breaches this year as a result of cyberattacks.

Excellus said that it doesn’t have sufficient information about the Anthem, Premera and CareFirst investigations in order to comment about possible connections between those attacks and the one against its own systems.

Source-http://www.thegurureview.net/aroundnet-category/hackers-accessed-10m-records-at-excellus.html

September 22, 2015 by  
Filed under Computing

AMD will expand its socket FM2+ chip lineup with three new parts – the A10-7890K and A8-7690K APUs, and the Athlon X4 880K CPU.

The new parts showed up on the compatibility list of socket FM2+ motherboards by BIOSTAR and it is not clear when they will be in the shops.

The architecture mentioned is “Kaveri,” but the silicon could be “Godavari” which is a Kaveri refresh.

The top of the range will be the A10-7890K, which has CPU clock speeds of 4.10 GHz out of the box. We do not know what the TurboCore frequency will be, but the current A10-7870K offers 3.90 GHz with 4.10 GHz TurboCore. The A8-7690K has a CPU clocks of 3.70 GHz. We are not sure what the iGPU clock speeds of the two chips.

The Athlon X4 880K is the most interesting. It has 4.00 GHz CPU clocks. The Athlon X4 FM2+ series lack integrated graphics that means that they are good for those who will buy discrete GPUs, on the FM2+ platform.

All three chips offer unlocked base-clock multipliers, enabling CPU overclocking.

Source-http://www.thegurureview.net/computing-category/amd-increases-fm2-lineup.html

September 21, 2015 by  
Filed under Uncategorized

LAS VEGAS — Federal Communications Commission Chairman Tom Wheeler has committed to a March 29 start date for an unprecedented auction of 600Mhz wireless spectrum currently under the control of the nation’s broadcasters.

The auction has already been delayed two years, but Wheeler was adamant it will move ahead on a timeline that allows input from broadcasters as well as from wireless providers that would be potential spectrum buyers.

The broadcast spectrum in the 600Mhz band offers the potential to wireless carriers to send data, including video and other multimedia at much faster speeds and with lower latency. Latency refers to the speed required to generate a response to a wireless signal.

“I’m supremely confident [the auction] starts March 29,” he said in keynote comments at CTIA Super Mobility Week 2015 here. Explaining the delays, he said the planned auction is like a “Swiss watch with so many moving parts.”

The FCC plans to issue a new public notice in October that will give further details on the planned schedule. Wheeler said that around Thanksgiving, broadcasters will be able to indicate whether they want to participate in offering up the spectrum they use today.

Once the FCC establishes pricing, the broadcasters can decide whether to move forward or withdraw from the process if the prices don’t meet their needs, Wheeler said. In January, wireless providers — including newcomers, possibly — will be prompted to express interest in joining the auction to buy spectrum.

Wheeler contended that the 600MHz spectrum auction shows the FCC is moving to free up spectrum that the cellular industry says it urgently needs.

Source-http://www.thegurureview.net/mobile-category/fcc-commits-to-600-mhz-wireless-spectrum-auction-in-march.html

September 18, 2015 by  
Filed under Computing

Contract chip-maker Taiwan Semiconductor Manufacturing Company (TSMC) is thinking of generating electricity in-house.

The cunning plan is to install electric generating equipment at its factories or even building its own power plant.

Apparently, the company’s electricity bill will go up by 50 per cent over the next ten years as it moves to more-advanced technologies.

Taiwan is already facing power shortage problems and TSMC is worried that its plans could be stuffed up.

TSMC has asked Taiwan’s Ministry of Economic Affairs (MOEA) and government-owned Taiwan Power Company (Taipower) about the feasibility of building its own power generators and related regulatory matters.

According to Digitimes companies can set up power generating equipment for use at their own factory sites, but the law has to be revised to allow TSMC to build its own power plant.

TSMC previously pointed out that it does not necessarily need nuclear power unless there is an alternative. We really hope that quote does not mean that TSMC is considering going nuclear.

Source-http://www.thegurureview.net/computing-category/is-electricity-in-tsmcs-future.html

September 17, 2015 by  
Filed under Computing

Security research has found a banking trojan called Shifu that is going after Japanese financial firms in a big way.

Shifu is described as “masterful” by IBM X-Force, and is named after the Japanese word for thief, according to the firm. It is also the Chinese word for skilled person, or tutor.

X-Force said in a blog post that the malware has been active since the early summer, and comprises a number of known tools like Dyre, Zeus and Dridex. It has been put together by people who know what they are doing, and sounds like a significant problem for the 20 institutions it is targeting.

“The Shifu trojan may be a new beast, but its inner workings are not entirely unfamiliar. The malware relies on a few tried-and-true trojan mechanisms from other infamous crimeware codes,” said the IBM researchers.

“It appears that Shifu’s internal makeup was composed by savvy developers who are quite familiar with other banking malware, dressing Shifu with selected features from the more nefarious of the bunch.”

The Shifu package offers a range of attack features as well as clean-up tools to cover its tracks. It reads like a Now that’s what I call … recent attacks compilation CD, and has some oldies but baddies.

“Shifu wipes the local System Restore point on infected machines in a similar way to the Conficker worm, which was popular in 2009,” added the firm as one example.

The package can wreak havoc on companies and their users. If we had a bucket of damp sand we would pour it all over Shifu and stamp on it.

“This trojan steals a large variety of information that victims use for authentication purposes. For example, it keylogs passwords, grabs credentials that users key into HTTP form data, steals private certificates and scrapes external authentication tokens used by some banking applications,” said IBM.

“These elements enable Shifu’s operators to use confidential user credentials and take over bank accounts held with a large variety of financial service providers.

“Shifu’s developers could be Russian speakers or native to countries in the former Soviet Union. It is also possible that the actual authors are obfuscating their true origin, throwing researchers off by implicating an allegedly common source of cybercrime.”

Source-http://www.thegurureview.net/computing-category/is-the-shifu-trojan-wreaking-havoc-in-japan.html

Comments