Symantec Has Some Flaws With SEP
Symantec has warned of three serious vulnerabilities in its Endpoint Protection (SEP) software, and is advising users to update their systems.
The bugs affect all builds of the 12.1 version of the SEP software, with the first two flaws allowing authorised but low privilege users of the software to gain elevated and administrative access to the management console, which can be accessed either locally or through a web-based portal.
The third bug is in the sysplant driver and enables users to bypass the SEP’s security controls and run malware and other malicious code on a targeted client machines.
“Exploitation attempts of this type generally use known methods of trust exploitation requiring enticing a currently authenticated user to access a malicious link or open a malicious document in a context such as a website or in an email,” said the security firm.
There have been no recorded exploits of the flaws, so it would appear that Symantec has squashed the bugs before they became a real-world problem for its customers.
The first two bugs were discovered by security researcher Anatoly Katyushin from rival firm Kaspersky Labs, which is a little embarrassing. Discovery of the third bug was credited to the enSilo Research Team.
Symantec advises SEP users to update their software to the 12.1 RU6 MP4 version. It also recommends that users should take precautions and restrict remote access to the management console in order to prevent hackers from attacking client systems through the web portal.
While hackers can direct sophisticated malware at even the most robustly secured systems, exploiting flaws in software offers an easier route into machines and networks, providing hackers get in before the bugs are discovered and patched.
Recent examples can be seen with the discovery of iOS malware which threatens iPhones through an Apple DRM flaw, and an error on Code.org’s website which saw the emails of its volunteers exposed.
Courtesy-TheInq
Microsoft Updates Yammer
August 28, 2015 by admin
Filed under Around The Net
Comments Off on Microsoft Updates Yammer
Microsoft unveiled a bevy of improvements to its Yammer enterprise social network, focused on helping people connect more easily with their teams.
By default, people who access Yammer via their web browser will be taken to a new “Discovery” feed on the service’s home page that is supposed to better show them relevant content from their groups along with other public teams across their company’s network. It’s supposed to help keep people in closer touch with important discussions they may be missing on Yammer.
After users finish reviewing new content in one group, Yammer will display a pop up banner with a link to the next group they’re subscribed to that has new content. Yammer’s mobile apps will get similar functionality through a new Group Updates feed that lets users see a list of different conversations in various groups all on one screen. That way, they won’t have to look through individual groups to get the same information. That feature will begin rolling out on Android first before making it to Yammer’s iOS app.
In addition, Yammer is also tweaking the design of individual groups’ pages. Now, each group will have a full-width banner at the top of its page, and discussions within the group can now take up a wider space on the page to aid in lengthier discussions. The whole page has also been redesigned to focus users’ attention on important content.
Icons in the left-hand sidebar will show the users that are active in groups they are a part of, so they can stay up-to-date on where conversations are happening in real time. It’s a move that could make Yammer more competitive with popular chat solutions like Slack, which has been growing incredibly rapidly and was recently valued at $2.8 billion.
Yammer’s mobile app also gained support for attaching files from external storage services like OneDrive and Dropbox, inviting coworkers to a user’s network by email and mentioning people in comments.
There’s even more up Yammer’s sleeve on top of all these updates. The social network’s iPhone app will soon have a companion version for the Apple Watch that will let people interact with content from their coworkers.
The updates come at a time when Microsoft is putting more effort into improving its workplace collaboration tools.
Will Cortana Impact Windows 10 Battery Life?
Comments Off on Will Cortana Impact Windows 10 Battery Life?
It is just over a month until Microsoft introduces Windows 10, and as you should know by now, Cortana is one of the key elements of the new OS.
Cortana always listens in order to hear its name and be a smart digital assistant. This is Microsoft answer to Siri and Google Now that is making its way to Windows 10.
Unfortunately, this will affect your notebook battery life. We have spoken with a few industry sources and we can definitely confirm that Windows 10 with enabled Cortana will have an impact on the battery life. We are testing this as we speak to check how big the impact is.
We don’t know how significant the battery life decrease will be, but the good thing is that you will be able to switch Cortana off in case you don’t need it. We heard that many new Toshiba notebooks will come with a dedicated Cortana button, as this is the easiest way to save battery life. Cortana on Toshiba won’t listen until you press the button.
It would be smart if Microsoft would come up with Cortana enable / disable keyboard shortcut. Win + Q will enable Cortana news while Win + S will bring you directly to the Cortana search engine.
Windows 10 seems to be a logical upgrade for anyone who has Windows 8.1 on their notebooks and misses the options from Windows 7, and some familiar UI elements. We use Windows 8.1 on some devices, while most of our computers still have Windows 7 and nothing more. Microsoft DirectX 12 will force us to Windows 10 but from what awe can tell from Preview release, the upgrade to Windows 10 from with 7 seems like quite seamless and logical step.
Just make sure to be aware that your notebook battery life might suffer because of Cortana. Have in mind that this “talk to your PC and expect a smart answer” option can be disabled.
Symantec Uncovers Advanced Spying Malware
Comments Off on Symantec Uncovers Advanced Spying Malware
An advanced malicious software application has been discovered that since 2008 was used to spy on private companies, governments, research institutes and individuals in 10 countries, anti virus software maker Symantec Corp said in a report on Sunday.
The Mountain View, California-based maker of Norton anti virus products said its research showed that a “nation state” was likely the developer of the malware called Regin, or Backdoor. Regin, but Symantec did not identify any countries or victims.
Symantec said Regin’s design “makes it highly suited for persistent, long-term surveillance operations against targets,” and was withdrawn in 2011 but resurfaced from 2013 onward.
The malware uses several “stealth” features “and even when its presence is detected, it is very difficult to ascertain what it is doing,” according to Symantec. It said “many components of Regin remain undiscovered and additional functionality and versions may exist.”
Almost half of all infections occurred at addresses of Internet service providers, the report said. It said the targets were customers of the companies rather than the companies themselves. About 28 percent of targets were in telecoms while other victims were in the energy, airline, hospitality and research sectors, Symantec said.
Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage.” It said “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.”
Regin also uses what is called a modular approach that allows it to load custom features tailored to targets, the same method applied in other malware, such as Flamer and Weevil (The Mask), the anti virus company said. Some of its features were also similar to Duqu malware, uncovered in September 2011 and related to a computer worm called Stuxnet, discovered the previous year.
Symantec said Russia and Saudi Arabia accounted for about half of the confirmed infections of the Regin malware and the other countries were Mexico, Ireland, India, Iran,Afghanistan, Belgium, Austria and Pakistan.
FCC Mandates Text-To-911
August 19, 2014 by admin
Filed under Around The Net
Comments Off on FCC Mandates Text-To-911
The U.S. Federal Communications Commission voted last week to require U.S. mobile carriers and many text-messaging apps to support functionality that allows texting emergency dispatch centers, even after questions about whether the centers will be ready by the deadline.
The commission’s vote requires U.S. mobile carriers and some texting apps to put emergency text-to-911 functionality in place by the end of the year.
Even though the nation’s four largest mobile carriers have all added text-to-911 functionality this year, less than 2 percent of the nation’s 6,800 emergency dispatch centers are ready to receive texts, said Commissioner Ajit Pai. The commission’s action will give smartphone users the impression they can send text to emergency responders, when many will not be able to, he said.
The FCC’s action “encourages the public to dive into text-to-911 functionality, when in reality, there’s hardly any water in the pool,” Pai said. “The order is sure to result in massive consumer confusion, and therefore will endanger, rather than advance, public safety.”
FCC Chairman Tom Wheeler applauded the largest mobile carriers — Verizon Wireless, AT&T, Sprint and T-Mobile USA — for adding text-to-911 functionality. The agency needs to push other carriers and emergency dispatch centers, called public-safety answering points or PSAPs, to do the same, he added.
“A lot of time of has passed since [the four largest] carriers stepped up and did something voluntarily, and the other carriers serving the consumers of America did not,” he said. “If you don’t step up to your responsibility, we will.”
Smartphone users should still call 911 if possible, but text-to-911 services need to be more widely available, Wheeler said.
The adoption of text-to-911 will let smartphone users contact police and other emergency responders when it’s not safe to talk on the phone, Wheeler said. It will also aid people with hearing or speech disabilities, he noted.
“Texting is now as important a function on a mobile device as talking,” Wheeler said. “Some of those text messages are cries for help.”
Microsoft Updates Office Online
April 28, 2014 by admin
Filed under Around The Net
Comments Off on Microsoft Updates Office Online
Microsoft is updating its Web-based Office Online suite, closing the features gap with the main Office 365 and Office 2013 suites installed on users’ devices.
“We know you want features that allow you to move as seamlessly as possible between Office Online and the desktop,” wrote Kaberi Chowdhury, an Office Online technical product manager, in a blog post Monday.
Improvements to Excel Online include the ability to insert new comments, edit and delete existing comments, and properly open and edit spreadsheets that contain Visual Basic for Applications (VBA) code.
Meanwhile, Word Online has a new “pane” where users can see all comments in a document, and reply to them or mark them as completed. It also has a refined lists feature that is better able to recognize whether users are continuing a list or starting one. In addition, footnotes and end notes can now be added more conveniently inline.
PowerPoint Online has a revamped text editor that offers a layout view that more closely resembles the look of finished slides, according to Microsoft. It also has improved performance and video functionality, including the ability to play back embedded YouTube videos.
For users of OneNote Online, Microsoft is now adding the ability to print out the notes they’ve created with the application.
Microsoft is also making Word Online, PowerPoint Online and OneNote Online available via Google’s Chrome Web Store so that Chrome browser users can add them to their Chrome App launcher. Excel Online will be added later.
The improvements in Office Online will be rolled out to users this week, starting Monday.
Office Online, which used to be called Office Web Apps, competes directly against Google Docs and other browser-based office productivity suites. It’s meant to offer users a free, lightweight, Web-based version of these four applications if they don’t have the desktop editions on the device they’re using at that moment.
Google Expands Malware Blocker
Google has expanded malware blocking in an early development build of Chrome to sniff out a wider range of threats than the browser already recognizes.
Chrome’s current “Canary” build — the label for very-early versions of the browser, earlier than even Chrome’s Dev channel — will post a warning at the bottom of the window when it detects an attempted download of malicious code.
Features added to the Canary build usually, although not always, eventually make it into the Dev channel — the roughest-edged of the three distributed to users — and from there into the Beta and Stable channels. Google did not spell out a timetable for the expanded malware blocking.
Chrome has included malware blocking for more than two years, since version 12 launched in June 2011, and the functionality was extended in February 2012with Chrome 17.
Chrome is now at version 30.
Canary’s blocking, however, is more aggressive on two fronts: It is more assertive in its alerts and detects more malware forms, including threats that pose as legitimate software and monkey with the browser’s settings.
“Content.exe is malicious, and Chrome has blocked it,” the message in Canary reads. The sole visible option is to click the “Dismiss” button, which makes the warning vanish. The only additional option, and that only after another click, is to “Learn more,” which leads to yet another warning.
In Canary, there is no way for the user to contradict the malware blocking.
That’s different than in the current Stable build of Chrome, which relies on a message that says, “This file is malicious. Are you sure you want to continue?” and gives the user a choice between tossing the downloaded file or saving it anyway.
As it has for some time, Chrome will show such warnings on select file extensions, primarily “.exe,” which in Windows denotes an executable file, and “.msi,” an installation package for Windows applications. Canary’s expansion, said Google, also warns when the user tries to download some less obvious threats, including payloads masquerading as legitimate software — it cited screen savers and video plug-ins in a blog posting — that hijack browser settings to silently change the home page or insert ads into websites to monetize the malware.
Google’s malware blocking is part of its Safe Browsing API (application programming interface) and service, which Chrome, Apple’s Safari and Mozilla’s Firefox all access to warn customers of potentially dangerous websites before they reach them.
In Chrome’s case, the malware warning stems not only from the Safe Browsing “blacklist” of dodgy websites, but according to NSS Labs, a security software testing company, also from the Content Agnostic Malware Protection (CAMP) technology that Google has baked into its implementation of Safe Browsing.
AT&T Gets GM
March 5, 2013 by admin
Filed under Around The Net
Comments Off on AT&T Gets GM
AT&T Monday said it will provide LTE wireless services to most General Motors automobiles starting in 2014 in the U.S. and Canada.
A multi-year agreement between AT&T and GM subsidiary OnStar calls for vehicles to continue getting OnStar’s safety and security services while adding information and entertainment services for backseat drivers, AT&T said.
Millions of vehicles will be affected, as AT&T rolls out LTE to reach 300 million people in the U.S. by the end of 2014.
The AT&T-GM announcement is part of an explosion in the number of devices connected to the Internet, many of them wirelessly, in what some have termed the “Internet of Things.”
“The is a big announcement for connected devices,” Glenn Lurie, president of emerging enterprises and partnerships at AT&T, said in an interview at Mobile World Congress here.
Was Apple’s Victory, Really A Victory?
September 2, 2011 by admin
Filed under Smartphones
Comments Off on Was Apple’s Victory, Really A Victory?
As we heard this week Apple had won an injunction barring Samsung from selling some of its Galaxy smartphones in Europe.
However, it is likely that an update from Android 2.x to Android 3.0 will resolve the patent issue, which concerns the way photos are viewed on a touchscreen.
According to OS news, only the Gallery application infringes the patent in question, and Samsung has confirmed it will update the software to get around the problem.
“The injunction has been granted due to the method of scrolling in the Gallery. If that’s replaced, there is no more reason to uphold the injunction,” said Bas Berghuis van Woortman, one of Samsung’s lawyers.
The injunction doesn’t come into effect until mid-October, giving the Korean phone maker plenty of time to change the software. OS news points to evidence showing that although Apple entered into battle with three patents and a community design, all but the Gallery patent were thrown out by the judge.
The swipe-to-unlock patent will likely be declared invalid, the judge wrote, specifically referring to the Neonode N1m mobile phone as prior art, which has the exact same unlock method as the Iphone.
Apple’s complaint about the design of Galaxy smartphones was also thrown out, with the judge citing numerous cases of prior art, including the LG Prada. And in the case of the Android GUI patent, the judge cited the Nokia 7710 as prior art.
Although Samsung’s PR firm in the UK hadn’t heard anything about an Android update, Samsung said that it expects only the Netherlands to be affected by the ruling. It said, “[The] ruling is an affirmation that the GALAXY range of products is innovative and distinctive. With regard to the single infringement cited in the ruling, we will take all possible measures including legal action to ensure that there is no disruption in the availability of our GALAXY smartphones to Dutch consumers.
“This ruling is not expected to affect sales in other European markets. We will continue our plans to introduce new products and technologies that meet and exceed consumer expectations. And we will defend our intellectual property rights through the ongoing legal proceedings around the world.”
August 23, 2011 by admin
Filed under Consumer Electronics
Comments Off on
Beetel Teletech, part of India’s Bharti Enterprises that controls top mobile carrier Bharti Airtel (BRTI.NS), unveiled a tablet computer priced at 9,999 rupees ($220) on Wednesday.
The 7-inch tablet, branded Beetel Magiq, uses Google’s (GOOG.O) Android operating system and supports both 3G and Wi-Fi networks, Beetel said in a statement.
Beetel is one of the largest makers of fixed-line phones in India. A company spokesman said China’s Huawei HWT.UL was their manufacturing partner for the tablet.
India is the world’s second-biggest and the fastest-growing market for mobile phones, although computer penetration is still low.
Apple Inc (AAPL.O) began iPad sales in India in January this year, while Samsung Electronics (005930.KS) launched its Galaxy Tab in India in November last year.