Pawn Storm Hacking Develops New Tools For Cyberespionage
Comments Off on Pawn Storm Hacking Develops New Tools For Cyberespionage
A Russian cyberespionage group known as Pawn Storm has made use of new tools in an ongoing attack campaign against defense contractors with the goal of defeating network isolation policies.
Since August, the group has been engaged in an attack campaign focused on defense contractors, according to security researchers from Kaspersky Lab.
During this operation, the group has used a new version of a backdoor program called AZZY and a new set of data-stealing modules. One of those modules monitors for USB storage devices plugged into the computer and steals files from them based on rules defined by the attackers.
The Kaspersky Lab researchers believe that this module’s goal is to defeat so-called network air gaps, network segments where sensitive data is stored and which are not connected to the Internet to limit their risk of compromise.
However, it’s fairly common for employees in organizations that use such network isolation policies to move data from air-gapped computers to their workstations using USB thumb drives.
Pawn Storm joins other sophisticated cyberespionage groups, like Equation and Flame, that are known to have used malware designed to defeat network air gaps.
“Over the last year, the Sofacy group has increased its activity almost tenfold when compared to previous years, becoming one of the most prolific, agile and dynamic threat actors in the arena,” the Kaspersky researchers said in a blog post. “This activity spiked in July 2015, when the group dropped two completely new exploits, an Office and Java zero-day.”
Source- http://www.thegurureview.net/aroundnet-category/pawn-storm-hacking-group-develops-new-tools-for-cyberespionage.html
Qualcomm Has A Plethora Of Automobile Modems
Comments Off on Qualcomm Has A Plethora Of Automobile Modems
Qualcomm had an IoT event in San Francisco yesterday and the company wanted to talk a bit more about IoT, also known as Internet of Things. They started off with a catchy phrase – Internet of Hype to Internet of Everything.
Dave Aberle said that up to a billion dollars in revenue is coming from the non-mobile market. More than 10 pecent of Qualcomm revenue will come from the non-headset market. They call this market Internet of Everything, but we believe that not all of that market should be called IoT.
IoT is not just the wearable market; it is car modems, connected speakers, action cameras, some smart SanDisk storage solutions, home automation kit and more. Aberle mentioned that Qualcomm has 40 car design wins in the market with 15 different OEMs. We saw some names including Audi on the slide, but the list of obviously much longer.
Qualcomm is the leader in connected car and 4G LTE market, while Nvidia is the leader in Infotainment car systems, having some huge customers behind it, including the Volkswagen Group.
Qualcomm wants to expand its presence in IoT, including automotive solutions, and we expect more IoT designs from them in the near future.
Medical Data Becoming Valuable To Hackers
Comments Off on Medical Data Becoming Valuable To Hackers
The personal information stored in health care records fetches increasingly impressive sums on underground markets, making any company that stores such data a very attractive target for attackers.
“Hackers will go after anyone with health care information,” said John Pescatore, director of emerging security trends at the SANS Institute, adding that in recent years hackers have increasingly set their sights on EHRs (electronic health records).
With medical data, “there’s a bunch of ways you can turn that into cash,” he said. For example, Social Security numbers and mailing addresses can be used to apply for credit cards or get around corporate antifraud measures.
This could explain why attackers have recently targeted U.S. health insurance providers. Last Tuesday, Premera Blue Cross disclosed that the personal details of 11 million customers had been exposed in a hack that was discovered in January. Last month, Anthem, another health insurance provider, said that 78.8 million customer and employee records were accessed in an attack.
Both attacks exposed similar data, including names, Social Security numbers, birth dates, telephone numbers, member identification numbers, email addresses and mailing addresses. In the Premera breach, medical claims information was also accessed.
If the attackers try to monetize this information, the payout could prove lucrative.
Credentials that include Social Security numbers can sell for a couple of hundred dollars since the data’s lifetime is much longer compared to pilfered credit card numbers, said Matt Little, vice president of product development at PKWARE, an encryption software company with clients that include health care providers. Credit card numbers, which go for a few dollars, tend to work only for a handful of days after being reported stolen.
Can Android AT Work Entice The Enterprise?
March 9, 2015 by admin
Filed under Around The Net
Comments Off on Can Android AT Work Entice The Enterprise?
Google Inc rolled out an initiative to make smartphones running its Android software more appealing to corporations, a move that could help extend the Internet technology giant reach into workplaces.
Google said on its official blog that its Android for Work program will provide improved security and management features for corporations that want to give their employees Android smartphones. Smartphones supported by the new initiative will be able to keep an employee’s work and personal apps separate, and a special Android for Work app will allow businesses to oversee key tools such as email, calendar and contacts.
Google said it is partnering with more than two dozen companies including Blackberry Ltd, Citrix Systems Inc, Box Inc.
Google’s Android software is the world’s most popular mobile operating system, but many corporations, which have significant security and device management requirements, give their employees smartphones made by Blackberry or Apple Inc.
Can The USPS Win At E-commerce?
January 8, 2015 by admin
Filed under Around The Net
Comments Off on Can The USPS Win At E-commerce?
Dealing with a decline in the mail it has been delivering since the days of America’s Revolutionary War, in 2012 the U.S. Postal Service began aggressively targeting e-commerce and lapsed customers as the way to salvage its slumping business.
“Really it started almost at the level of cold-calling, talking to people who really hadn’t spoken to us in a long time,” said Nagisa Manabe, who joined the USPS in May 2012 as chief marketing and sales officer from Coca-Cola Co after a career in the private sector. “And really trying to persuade them to consider us as a very viable alternative in the shipping market.”
With further drops in its traditional bread-and-butter products ahead, the USPS wants to capitalize on e-commerce, which consulting firm Detroit LLP has predicted should grow 14 percent this holiday season alone. But industry experts question whether the USPS has enough space in its delivery vans and whether its unionized work force can handle a greater proportion of the e-commerce market.
Over the past two years the USPS has rolled out real-time scanning for packages, a vital tool for online retailers and consumers alike to track their packages. It is also upgrading all of its delivery workers’ handheld scanners.
The rise of the Internet has taken a heavy toll on first-class mail, the USPS’s most profitable product. That falling business played a significant role in the USPS’s fiscal 2014 loss of $5.5 billion, its eighth consecutive year in the red.
From 2009 to 2013, the volume of first-class mail deliveries dropped more than 20 percent. In the fiscal year ending Sept. 30, USPS deliveries declined to 155.4 billion pieces from 158.2 billion. First-class deliveries accounted for 2.2 billion pieces of that decline.
But package deliveries rose to more than 4 billion pieces from 3.7 billion, accounting for $1.1 billion of the USPS’s revenue growth of $1.9 billion. In the run-up to Christmas, the USPS has been doing Sunday deliveries for Amazon.com Inc in a number of cities. Manabe adds that the agency will handle the online retailer’s push into same-day and next-day deliveries “in many markets.”
EBay Inc is another major customer and Manabe says “pretty much anyone who’s in the e-commerce space at least does some volume with us.”
Ericsson Goes After Xiaomi
December 22, 2014 by admin
Filed under Smartphones
Comments Off on Ericsson Goes After Xiaomi
Ericsson has thrown a spanner into Chinese firm Xiaomi’s expansion plans, and has reportedly stopped it from selling handsets in India.
According to reports, this is already happening. We have asked Ericsson to confirm its role and what it wants to say about it. It told us that the reports are true and that it is ready to defend itself.
“It is unfair for Xiaomi to benefit from our substantial R&D investment without paying a reasonable licensee fee for our technology. After more than 3 years of attempts to engage in a licensing conversation in good faith for products compliant with the GSM, EDGE, and UMTS/WCDMA standards, Xiaomi continues to refuse to respond in any way regarding a fair license to Ericsson’s intellectual property on fair, reasonable and non-discriminatory (FRAND) terms,” it said in a statement.
“Ericsson, as a last resort, had to take legal action. To continue investing in research and enabling the development of new ideas, new standards and new platforms to the industry, we must obtain a fair return on our R&D investments. We look forward to working with Xiaomi to reach a mutually fair and reasonable conclusion, just as we do with all of our licensees.”
Xiaomi has responded to Bloomberg but it declined to say too much until it has access too all of the information.
“Our legal team is currently evaluating the situation based on the information we have,” said the spokesperson. “India is a very important market for Xiaomi and we will respond promptly as needed and in full compliance with India laws.”
The banning on the sale of devices was approved by a court in Delhi India, according to reports, and is based on an Ericsson claim on eight patents that it owns.
Xiaomi has bold plans for its own future and sees itself competing against rivals like Samsung and Apple. It has given itself between five and 10 years to do this, and will presumably want to include the Indian market in those plans.
Cisco Files Suit Against Rivals
Network equipment maker Cisco Systems Inc filed several lawsuits on Friday against Arista Networks Inc, alleging the smaller rival of copying its networking technologies.
The lawsuits, filed in a federal court in California, accuse Arista of infringing on 14 patents on networks and also on related copyrights, Cisco General Counsel Mark Chandler said in a blog post.
Arista was formed by former Cisco employees, including Chief Development Officer Andreas Bechtolsheim, Chief Technology Officer Kenneth Duda, and Chief Executive Officer Jayshree Ullal.
“Rather than building its products and services based on new technologies developed by Arista, however, and providing legitimate competition to Cisco, Arista took a shortcut by blatantly and extensively copying the innovative networking technologies designed and developed by Cisco,” one of the complaints said.
Cisco is a leader in the networking world, with revenue of $12.2 billion in the third quarter. Arista, in contrast, reported sales of $155.5 million for the period, although it is growing fast.
Arista said it had not yet been able to evaluate the lawsuits.
“While we have respect for Cisco as a fierce competitor and the dominant player in the market, we are disappointed that they have to resort to litigation rather than simply compete with us in products,” Arista said in an emailed statement.
Cisco filed the lawsuits on the same day the U.S. Supreme Court agreed to review a $64 million patent infringement verdict that Commil USA LLC won against the company.
Office 365 Goes Video Streaming
December 3, 2014 by admin
Filed under Around The Net
Comments Off on Office 365 Goes Video Streaming
Microsoft unveiled Office 365 Video, a YouTube-like streaming service where enterprises and large organizations can post in-house video content for communication and training.
“Office 365 Video provides organizations with a secure, company-wide destination for posting, sharing and discovering video content,” said Mark Kashman, a senior product manager with the Office 365 team, in a blog posting.
Kashman touted Video as a tool for internal communications, citing the examples of new-employee orientation, management messaging and worker training. Employees will also be able to contribute to a “Community” section, though most companies will probably frown on cat antic clips.
The service rolls out over the next few days to companies that have registered for Office 365′s First Release early distribution program, then through early 2015 to others.
Video will be available only to subscribers of Office 365′s plans for enterprises — E1 through E4 — and universities (A2 through A4). It will not be offered to consumer subscribers or firms with small business-oriented plans like Business Essentials, Business and Business Premium.
Kashman also said Office 365 plans for government agencies will get Video at some point, but he did not proffer a timeline.
The other requirement is SharePoint Online, an off-premises component of the enterprise and academic plans, but missing from the increasingly popular Office 365 ProPlus, the rent-not-buy plan used by organizations that have decided to retain their back-end services, like SharePoint and Exchange, on premises.
Although Office 365 Video has elements of consumer streaming services like Google’s YouTube, it’s strictly an in-house affair: It will be available only to employees, and then only those whom IT administrators have assigned access rights.
Will Sprint Cut It’s Staff?
August 26, 2014 by admin
Filed under Around The Net
Comments Off on Will Sprint Cut It’s Staff?
Sprint’s new CEO Marcelo Claure addressed employees for the first time and promised price reductions are coming very soon, according to a report.
Sprint didn’t deny the report of Marcelo’s comments. A spokesman also confirmed Friday that Sprint is “focusing on providing the best value in the market.”
According to the account of Claure’s comments, he told workers, “We’re going to change our plans to make sure every customer in America thinks twice about signing up to a competitor.” The report, which first appeared in LightReading.com, also said that “very disruptive” rate plans are coming this week.
Sprint didn’t dispute Light Reading’s report, but a spokesman said Sprint is not commenting on “any potential pricing plans before they are announced.”
The spokesman, Doug Duvall, said Marcelo held his first all-employee town hall meeting before a standing-room-only crowd. He added: “He shared his passion for his family, work and soccer team and his commitment to leading Sprint. He discussed Sprint’s challenges and pledged to get Sprint ‘back in the game’ by focusing on providing the best value in the market, completing our network build and optimizing Sprint’s cost structure.”
By confirming Sprint wants to offer the “best value in the market,” it’s pretty clear that Sprint, the third-largest U.S. carrier, will soon wage a price war with the T-Mobile, the fourth-largest U.S. carrier that has quickly been gaining on Sprint.
Analysts recently said Sprint’s recent “Framily plan” isn’t competitive in the market, which former CEO Dan Hesse acknowledged in late July before his departure on Monday.
The Sprint Framily plans costs $160 a month for 4GB of data, but comes with overage charges and won’t allow tethering. Meanwhile, T-Mobile has a family plan offered through September that costs $100 a month for four lines and 10GB of data, although each line is limited to 2.5GB.
Hesse had earlier described subscriber plans Sprint was testing that have tiers of data and unlimited data.
According to Light Reading, Claure also told employees that price cuts are needed because Sprint’s network isn’t at the level of performance and reach that it should be. “When you have a great network, you don’t have to compete on price,” he reportedly said. “When your network is behind, unfortunately you have to compete on value and price.”
Judge Rejects Silicon Valley Settlement
August 18, 2014 by admin
Filed under Around The Net
Comments Off on Judge Rejects Silicon Valley Settlement
A California judge has rejected the proposed settlement in a lawsuit over no-hire agreements used by top Silicon Valley tech firms, saying the amount being offered to compensate workers is too low.
The remaining defendants in the case — Apple, Google, Intel and Adobe Systems — had reached a deal with the worker’s lawyers to settle the case for US$324.5 million, but Judge Lucy Koh of the federal district court in San Jose, California, said that amount is too low.
After subtracting the fees for the workers’ lawyers — they’re allowed to keep up to a quarter of the award, or $81 million, as well as other money — each worker would be left with an average of only $3,750.
“The Court finds the total settlement amount falls below the range of reasonableness,” Koh wrote in her order, issued Friday.
She said she was troubled that the workers would get less money than under a previous settlement with companies that settled earlier in the case, even though the case has been progressing in the workers’ favor since then.
Last year, Intuit, Lucasfilm and Pixar settled with the workers before the case came to trial.
All of the companies were accused of striking secret deals to not poach each others’ workers, a violation of the Sherman Antitrust Act that reduced the workers’ potential to earn higher wages.
An expert hired for the case has estimated that the workers’ should receive damages of $3 billion, for wages they could have earned if the no-hire agreements hadn’t been in place.