Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

‘Stegano’ Malvertising Exposes Millions To Hacking

December 13, 2016 by  
Filed under Around The Net

Comments Off on ‘Stegano’ Malvertising Exposes Millions To Hacking

Since October, millions of internet users have been exposed to malicious code embedded in the pixels from tainted banner ads designed to install Trojans and spyware, according to security firm ESET.

The attack campaign, called Stegano, has been spreading from malicious ads in a “number of reputable news websites,” ESET said in a Tuesday blog post. It’s been preying on Internet Explorer users by scanning for vulnerabilities in Adobe Flash and then exploiting them.

The attack is designed to infect victims with malware that can steal email password credentials through its keylogging and screenshot grabbing features, among others.

The attack is also hard to detect. To infect their victims, the hackers were essentially poisoning the pixels used in the tainted banner ads, ESET said in a separate post.

The hackers concealed their malicious coding in the parameters controlling the pixels’ transparency on the banner ad. This allowed their attack to go unnoticed by the legitimate advertising networks.

Victims will typically see a banner ad for a product called “Browser Defense” or “Broxu.” But in reality, the ad is also designed to run Javascript that will secretly open a new browser window to a malicious website designed to exploit vulnerabilities in Flash that will help carry out the rest of the attack.

Hackers have used similar so-called malvertising tactics to secretly serve malicious coding over legitimate online advertising networks. It’s an attack method that has proven to be a successful at quickly spreading malware to potentially millions.

The makers behind the Stegano attack were also careful to create safeguards to prevent detection, ESET said. For instance, the banner ads will alternate between serving a malicious version or a clean version, depending on the settings run on the victim’s computer. It will also check for any security products or virtualization software on the machine before proceeding with the attack.

ESET declined to name the news websites that were found unknowingly displaying the malicious ads, but cautioned that the attack was widespread, and could have been hosted through other popular sites as well.

Source-http://www.thegurureview.net/aroundnet-category/stegano-malvertising-ads-expose-millions-of-online-users-to-hacking.html

Can iOS Activation Lock Be Bypassed?

December 7, 2016 by  
Filed under Around The Net

Comments Off on Can iOS Activation Lock Be Bypassed?

Two researchers report that they have discovered a way to bypass the activation lock feature in iOS that’s supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.

The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.

The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.

One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.

The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it. This is supposed to restore the state of the tablet from where it was left off, in this case, loading the WPA2 screen again with the long strings of characters filled in.

“After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock,” he said in a blog post.

Hemanth said he reported the issue to Apple on Nov. 4, and the company is investigating it. He tested the bypass on iOS 10.1, which was released on Oct. 24.

Last week, a researcher named Benjamin Kunz Mejri, from German outfit Vulnerability Lab, posted a video showing the same bypass, but on the newer iOS 10.1.1 version.

Kunz Mejri’s method is similar and also involves overflowing the Add Wi-Fi form fields with long strings of characters but also requires rotating the tablet’s screen in order to trigger the crash after the smart cover trick.

Apple has not yet confirmed that issue and did not immediately respond to a request for comment.

Source- http://www.thegurureview.net/mobile-category/researcher-prove-ios-activation-lock-can-be-bypassed.html

Is Facebook Moving Into A.I.?

December 6, 2016 by  
Filed under Around The Net

Comments Off on Is Facebook Moving Into A.I.?

Facebook Inc is developing a way to automatically flag offensive material in live video streams, building on a growing effort to use artificial intelligence to monitor content, said Joaquin Candela, the company’s director of applied machine learning.

The social media company has been embroiled in a number of content moderation controversies this year, from facing international outcry after removing an iconic Vietnam War photo due to nudity, to allowing the spread of fake news on its site.

Facebook has historically relied mostly on users to report offensive posts, which are then checked by Facebook employees against company “community standards.” Decisions on especially thorny content issues that might require policy changes are made by top executives at the company.

Candela told reporters that Facebook increasingly was using artificial intelligence to find offensive material. It is “an algorithm that detects nudity, violence, or any of the things that are not according to our policies,” he said.

The company already had been working on using automation to flag extremist video content, as Reuters reported in June.

Now the automated system also is being tested on Facebook Live, the streaming video service for users to broadcast live video.

Using artificial intelligence to flag live video is still at the research stage, and has two challenges, Candela said. “One, your computer vision algorithm has to be fast, and I think we can push there, and the other one is you need to prioritize things in the right way so that a human looks at it, an expert who understands our policies, and takes it down.”

Facebook said it also uses automation to process the tens of millions of reports it gets each week, to recognize duplicate reports and route the flagged content to reviewers with the appropriate subject matter expertise.

Chief Executive Officer Mark Zuckerberg in November said Facebook would turn to automation as part of a plan to identify fake news. Ahead of the Nov. 8 U.S. election, Facebook users saw fake news reports erroneously alleging that Pope Francis endorsed Donald Trump and that a federal agent who had been investigating Democratic candidate Hillary Clinton was found dead.

However, determining whether a particular comment is hateful or bullying, for example, requires context, the company said.

Source-http://www.thegurureview.net/aroundnet-category/facebook-developing-artificial-intelligence-to-patrol-live-videos.html

PC Market Showing Signs Of Life

September 23, 2016 by  
Filed under Computing

Comments Off on PC Market Showing Signs Of Life

The PC market is showing some signs of growth, with Intel boosting its revenue guidance based on improved chip shipments.

The chip maker has raised its revenue guidance for the third quarter to $15.6 billion, plus or minus $300 million, an improvement from $14.9 million, plus or minus $500 million.

That’s due to PC makers replenishing laptop and desktop inventory, which means Intel is shipping out more chips. It’s likely in anticipation of the holiday season, when PC shipments rocket.

“The company is also seeing some signs of improving PC demand,” Intel said in a statement.

In the second quarter of the year, PC makers slowed down chip orders and were clearing out existing stock of laptops and desktops. PC shipments declined by 4.5 percent during that period, according to IDC.

Shipments of gaming PCs, 2-in-1s and Chromebooks are driving PC shipments. Microsoft’s free upgrade offer to Windows 10 has also ended, which means users are more likely to buy new PCs to get Windows 10.

Meanwhile, new laptops with Intel’s Kaby Lake chips are now available. All the top PC makers have announced new 2-in-1s and laptops with Intel’s new chips. New Kaby Lake chips for gaming PCs will be announced in January.

Intel also has started shipping Pentium and Celeron chips, both aimed at low-cost laptops, based on the same architecture and code-named Apollo Lake. Many Chromebooks are based on Apollo Lake chips.

Courtesy- http://www.thegurureview.net/computing-category/pc-market-showing-signs-of-life.html

Intel Sheds McAfee

September 14, 2016 by  
Filed under Security

Comments Off on Intel Sheds McAfee

Intel has sold the Intel Security business for $3.5bn less than it paid for it six years ago.

Intel Security, previously and better known as McAfee, has been sold to private equity firm TPG for $4.2bn, despite Intel paying $7.7bn for it in 2010.

The chip firm will receive $3.1bn in cash as part of the transaction and retain a 49 per cent minority stake. TPG will take control with a 51 per cent stake, and will invest $1.1bn in the company.

Intel Security is based on the McAfee business and was renamed two years ago. The company will revert to the better known McAfee brand, despite John McAfee reportedly suing Intel over the use of his name.

The transaction is expected to close in the second quarter of 2017, and Chris Young, general manager of Intel Security Group, will become CEO of McAfee.

Young described TPG in an open letter to stakeholders as a “seasoned technology investor” that was “attracted to our current momentum and long-term potential”.

He claimed that McAfee currently protects “more than a quarter of a billion endpoints” and more than 200 million consumers, and is present in two thirds of the world’s 2,000 largest companies.

Intel CEO Brian Krzanich claimed that, despite the sale, security “remains important in everything we do at Intel”.

“We will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices,” he added.

Bryan Taylor, a partner at TPG, said that the company had “long identified the cyber security sector, which has experienced strong growth due to the increasing volume and severity of cyber attacks, as one of the most important areas in technology”.

Intel’s acquisition of McAfee Security in 2010 was intended to enable the company to beef up security around PCs and sell McAfee antivirus and other security software around its core business.

However, the combination never worked as the money to be made in the security business became increasingly focused on the data center and cloud computing.

Courtesy-TheInq

MIT Researchers Triple Wireless Speeds

August 29, 2016 by  
Filed under Around The Net

Comments Off on MIT Researchers Triple Wireless Speeds

MIT researchers have uncovered a way to transfer wireless data using a smartphone at a speed about three times faster and twice as far as existing technology.

The researchers developed a technique to coordinate multiple wireless transmitters by synchronizing their wave phases, according to a statement from MIT on Tuesday. Multiple independent transmitters will be able to send data over the same wireless channel to multiple independent receivers without interfering with each other.

Since wireless spectrum is scarce, and network congestion is only expected to grow, the technology could have important implications.

The researchers called the approach MegaMIMO 2.0 (Multiple Input, Multiple Output) .

For their experiments, the researchers set up four laptops in a conference room setting, allowing signals to roam over 802.11 a/g/n Wi-Fi. The speed and distance improvement is expected to also apply to cellular networks. A video describes the technology as well as a technical paper (registration required), which was presented this week to the Association for Computing Machinery’s Special Interest Group on Data Communications (SIGCOMM 16).

The researchers, from MIT’s Computer Science and Artificial Intelligence Lab, are: Ezzeldin Hamed, Hariharan Rahul, Mohammed Abdelghany and Dina Katabi.

Courtesy-http://www.thegurureview.net/mobile-category/mit-researchers-develop-technique-to-triple-wireless-speeds.html

Courtesy-http://www.thegurureview.net/mobile-category/mit-researchers-develop-technique-to-triple-wireless-speeds.html

CVS Debuts CVS Pay

August 24, 2016 by  
Filed under Around The Net

Comments Off on CVS Debuts CVS Pay

CVS has rolled out its CVS Pay program that exists inside its mobile app. It allows customers to pay in store for prescriptions by scanning a barcode at the register.

Payments will be backed by a customer’s credit or debit card, the company said.

CVS Pay is currently available in New York, New Jersey, Pennsylvania and Delaware; a nationwide rollout at all 9,600 stores is expected to kick off later this year.

CVS doesn’t support Apple Pay or other NFC-based payment technologies, and its use of barcodes for payments is reminiscent of the way Starbucks customers pay for coffee. Working with the barcode technology was a faster way for CVS to bring forward technology for more convenient in-store payments, analysts said.

Other retailers have created in-store payments through their own apps. Walmart created Walmart Pay in December to allow payments through mobile device QR codes that can be read at checkout registers.

“There’s nothing really innovative here with CVS Pay,” said Gartner analyst Avivah Litan on Friday. “They are pretty much following the trend. It’s just mobile commerce with a credit card attached. It’s no big deal to put a credit card in a wallet.”

At one point, CVS was working with Walmart and dozens of other major retailers in the Merchant Customer Exchange, which was designed to process mobile payments electronically through bank accounts and not credit cards to cut out the card processing cost that merchants paid to banks. But MCX ended its pilot of its mobile app, CurrentC, in June. Analysts have predicted the concept will not continue.

Source-http://www.thegurureview.net/mobile-category/cvs-debuts-cvs-pay.html

Intel To Acquire Deep Learning Company Nervana

August 19, 2016 by  
Filed under Computing

Comments Off on Intel To Acquire Deep Learning Company Nervana

Intel is acquiring deep-learning startup Nervana Systems in a deal that could help it make up for lost ground in the increasingly hot area of artificial intelligence.

Founded in 2014, California-based Nervana offers a hosted platform for deep learning that’s optimized “from algorithms down to silicon” to solve machine-learning problems, the startup says.

Businesses can use its Nervana cloud service to build and deploy applications that make use of deep learning, a branch of AI used for tasks like image recognition and uncovering patterns in large amounts of data.

Also of interest to Intel, Nervana is developing a specialty processor, known as an ASIC, that’s custom built for deep learning.

Financial terms of the deal were not disclosed, but one estimate put the value above $350 million.

“We will apply Nervana’s software expertise to further optimize the Intel Math Kernel Library and its integration into industry standard frameworks,” Diane Bryant, head of Intel’s Data Center Group, said in a blog post. Nervana’s expertise “will advance Intel’s AI portfolio and enhance the deep-learning performance and TCO of our Intel Xeon and Intel Xeon Phi processors.”

Though Intel also acquired AI firm Saffron late last year, the Nervana acquisition “clearly defines the start of Intel’s AI portfolio,” said Paul Teich, principal analyst with Tirias Research.

“Intel has been chasing high-performance computing very effectively, but their hardware-design teams missed the convolutional neural network transition a few years ago,” Teich said. CNNs are what’s fueling the current surge in artificial intelligence, deep learning and machine learning.

As part of Intel, Nervana will continue to operate out of its San Diego headquarters, cofounder and CEO Naveen Rao said in a blog post.

The startup’s 48-person team will join Intel’s Data Center Group after the deal’s close, which is expected “very soon,” Intel said.

Source- http://www.thegurureview.net/aroundnet-category/intel-to-acquire-deep-learning-company-nervana.html

Is Changing Your Password Often A Good Idea?

August 15, 2016 by  
Filed under Security

Comments Off on Is Changing Your Password Often A Good Idea?

Carnegie Mellon University professor Lorrie Cranor, who is the US FTC’s technology guru, has debunked a myth that it is a good idea to change your password often.

Talking to Ars Technica she said that while frequent password changes can lock hackers out they make make security worse.

She told the BSides security conference in Las Vegas that frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking.

A study published in 2010 by researchers from the University of North Carolina at Chapel Hill more or less confirmed her views. The researchers obtained the cryptographic hashes to 10,000 expired accounts that once belonged to university employees, faculty, or students who had been required to change their passcodes every three months. Researchers received data not only for the last password used but also for passwords that had been changed over time.

By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1″, for instance (excluding the quotation marks) frequently became “tArheels#1″ after the first change, “taRheels#1″ on the second change and so on. Or it might be changed to “tarheels#11″ on the first change and “tarheels#111″ on the second. Another common technique was to substitute a digit to make it “tarheels#2″, “tarheels#3″, and so on.

“The UNC researchers said if people have to change their passwords every 90 days, they tend to use a pattern and they do what we call a transformation. They take their old passwords, they change it in some small way, and they come up with a new password.”

The researchers used the transformations they uncovered to develop algorithms that could predict changes with great accuracy.

A separate study from researchers at Carleton University showed that frequent password changes hamper attackers only minimally and probably not enough to offset the inconvenience to end users.

Courtesy-Fud

PC Monitors Vulnerable To Hacking

August 12, 2016 by  
Filed under Security

Comments Off on PC Monitors Vulnerable To Hacking

You should probably be leery of what you see since, apparently, your computer monitor can be hacked.

Researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.

Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.

They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.

During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.

It wasn’t exactly an easy hack to pull off. To discover the vulnerability, both Cui and Kataria spent their spare time over two years, conducting research and understanding the technology inside the Dell monitor.

However, they also looked at monitors from other brands, including Samsung, Acer and Hewlett Packard, and noticed that it was theoretically possible to hack them in the same manner as well.

The key problem lies in the monitors’ firmware, or the software embedded inside. “There’s no security in the way they update their firmware, and it’s very open,” said Cui, who is also CEO of Red Balloon.

The exploit requires gaining access to the monitor itself, through the HDMI or USB port. Once done, the hack could potentially open the door for other malicious attacks, including ransomware.

For instance, cyber criminals could emblazon a permanent message on the display, and ask for payment to remove it, Kataria said. Or they could even spy on users’ monitors, by logging the pixels generated.

However, the two researchers said they made their presentation to raise awareness about computer monitor security. They’ve posted the code to their research online.

“Is monitor security important? I think it is,” Cui said.

Dell couldn’t be reached for immediate comment.

Source- http://www.thegurureview.net/computing-category/computer-monitors-are-also-vulnerable-to-hacking.html

Next Page »