Zeus Attached To Cancer Email Scam

Thousands of email users have been hit by a sick cancer email hoax that aims to infect the recipients’ computers with Zeus malware.

The email has already hit thousands of inboxes across the UK, and looks like it was sent by the National Institute for Health and Care Excellence (NICE). It features the subject line “Important blood analysis result”.

However, NICE has warned that it did not send the malicious emails, and is urging users not to open them.

NICE chief executive Sir Andrew Dillon said, “A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results.

“This email is likely to cause distress to recipients since it advises that ‘test results’ indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”

The hoax message requests that users download an attachment that purportedly contains the results of the faux blood analysis.

Security analysis firm Appriver has since claimed that the scam email is carrying Zeus malware that if installed will attempt to steal users’ credentials and take over their PCs.

Appriver senior security specialist Fred Touchette warned, “If the attachment is unzipped and executed the user may see a quick error window pop up and then disappear on their screen.

“What they won’t see is the downloader then taking control of their PC. It immediately begins checking to see if it is being analysed, by making long sleep calls, and checking to see if it is running virtually or in a debugger.

“Next it begins to steal browser cookies and MS Outlook passwords from the system registry. The malware in turn posts this data to a server at 69.76.179.74 with the command /ppp/ta.php, and punches a hole in the firewall to listen for further commands on UDP ports 7263 and 4400.”

Source

SEC Plans Cybersecurity Meeting

The Securities and Exchange Commission said that its making plans to conduct a roundtable next month to discuss cybersecurity, after massive retailer breaches refocused the attention of the business community and policymakers on the area.

The SEC said that it would hold the event on March 26 to talk about the challenges cyber threats pose for market participants and public companies.

Recent breaches at Target Corp and Neiman Marcus have sparked concern from lawmakers and revived a long-running spat among retailers and banks over who should bear the cost of consumer losses and technology investments to improve security.

Last Thursday, trade groups for the two industries announced they are forming a partnership to work through the disputes.

U.S. lawmakers have also considered weighing in on how consumers should be notified of data theft. But progress on legislation is not guaranteed in a busy election year.

The SEC in 2011 drafted informal staff-level guidance for public companies to use when considering whether to disclose cyber attacks and their impact on a company’s financial condition.

SEC Chair Mary Jo White last year told Congress that her agency was reviewing whether a more robust disclosure process is needed. But she told reporters last fall she felt the guidance appeared to be working well and that she didn’t see an immediate need to create a rule that mandates public reporting on cyber attacks.

Source

Samsung Joins OpenPower

Samsung has joined Google, Mellanox, Nvidia and other tech companies as part of IBM’s OpenPower Consortium. The OpenPower Consortium is working toward giving developers access to an expanded and open set of server technologies to improve data centre hardware using chip designs based on the IBM Power architecture.

Last summer, IBM announced the formation of the consortium, following its decision to license the Power architecture. The OpenPower Foundation, the actual entity behind the consortium, opened up the Power architecture technology, including specs, firmware and software under a license. Firmware is offered as open source. Originally, OpenPower was the brand of a range of System p servers from IBM that utilized the Power5 CPU. Samsung’s products currently utilize both x86 and ARM-based processors.

The intention of the consortium is to develop advanced servers, networking, storage and GPU-acceleration technology for new products. The four priority technical areas for development are system software, application software, open server development platform and hardware architecture. Along with its announcement of Samsung’s membership, the organization said that Gordon MacKean, Google’s engineering director of the platforms group, will now become chairman of the group. Nvidia has said it will use its graphics processors on Power-based hardware, and Tyan will be releasing a Power-based server, the first one outside IBM.

Source

Sony Exits PC Business

Sony will unload its struggling PC business to a Japanese investment firm, the company said Thursday, raising the possibility that the “Vaio” brand could all but disappear from markets outside Japan.

Tokyo-based investment fund Japan Industrial Partners (JIP) will operate the Vaio PC brand under a newly established firm and initially sell PCs in Japan only.

In another reform aimed at bolstering its restructuring efforts, Sony also said it would turn its beleaguered TV business into a subsidiary.

The moves come as Sony said it now expects a net loss of $1.1 billion for the year to the end of March, a reversal of its October profit forecast.

Vaio, which Sony introduced in 1996, looks set to vanish from most markets, at least for short term, as the new company will initially concentrate on selling consumer and corporate PCs in Japan. Whether or not Sony will continue to produce products under the Vaio brand remains to be seen, Sony said.

Although Sony is selling its PC business, it will continue to produce tablet computers, part of its renewed focus on mobile devices including smartphones.

Sony did not put a price on the sale. Sony will take a 5% stake in the new firm, it said.

Sony will stop making and selling PCs after its 2014 Spring lineup launch, but about 250 to 300 Sony staff, including some from a subsidiary that produces TV sets, cameras and computers at factories in Japan, will be hired by the new company, which is to be based at the hub of Sony’s current PC business in Japan’s Nagano Prefecture.

Meanwhile, Sony said it will turn its TV business, which has faced a decade of losses, into a wholly owned subsidiary by July 2014.

Source

Google Moves into Conerencing

Google Inc introduced a videoconferencing system for businesses on Thursday, the Internet search company’s latest attempt to generate revenue from corporate customers.

Google said it was partnering with Asus, Hewlett-Packard Co and Dell to offer a specialized version of its Chromebox PC that comes with videoconferencing gear, including a video camera and speakers.

The first Chromebox for meetings to be available is made by Asus and goes on sale in the U.S. on Thursday for $999, Google said. Customers can also pay a $250 annual service and management fee, though the first year is included in the product’s sales price.

The product uses Google’s free Hangouts video chat technology to connect up to 15 separate video streams from users in different locations.

The product will put Google in competition against Cisco Systems Inc and Polycom Inc, which make the video conferencing systems used by many corporations.

The world’s largest Internet search engine, Google makes the vast majority of its revenue from advertising. But Google also sells services to corporate customers, including special versions of its online apps such as email and word processing, as well as Chromebook laptops aimed at business users.

Source

Amazon, Microsoft Cut Cloud Storage Prices

Last April, Microsoft agreed that it would match Amazon’s Web Services’ (AWS’) prices for compute, storage and bandwidth.

So when Amazon announced last Thursday  that it would cut its S3 (Simple Storage Service) and Elastic Block Store (EBS) prices by up to 22%, Microsoft followed suit the very next day.

“We are matching AWS’ lowest prices (US East Region) for S3 and EBS, reducing prices by up to 20% and making the lower prices available in all regions worldwide,” Microsoft posted in its official blog.

For Microsoft’s “Locally Redundant Disks/Page Blobs Storage,” the company is reducing prices by up to 28%. It is also reducing the price of Azure Storage service by 50%.

Amazon’s new prices take effect Feb. 1. Microsoft’s price cuts begin March 13.

“We’re also making the new prices effective worldwide, which means that Azure storage will be less expensive than AWS in many regions,” Microsoft said.

Amazon said it dropped its prices for its S3 storage by 22% and its EBS standard volume storage and I/O operations by up to 50%.

Source

Is Acer Doomed?

Taiwanese PC maker Acer reported worse-than-expected quarterly loss. Actually, it had been expected to be bad, but no one had predicted it would be this bad.

For the fourth quarter, the world’s No.4 PC vendor reported a net loss of $254 million. The company had posted a worse-than-expected net loss of $446 million in the third quarter and a $112.31 million loss in the same quarter of 2012. In short, its troubles have been getting worse for more than two years.

At the end of last year the company named former Taiwan Semiconductor Manufacturing Co sales executive Jason Chen as its new CEO and launched a new initiative to integrate hardware, software and cloud services. It will be a while before the new broom can sweep out two years of doom, so many are expecting more doom to emerge. Acer relied too heavily on making low-end laptops, which weakened its brand, it also missed the shift to mobile.

Acer’s senior executives are taking a 30 per cent voluntary salary cut starting January, the company said in a statement.

Source

Microsoft Buys Parature

Microsoft Corp said that they it will acquire cloud-based software maker Parature Inc, which assists businesses in managing help desks and provide other customer support services.

Parature’s software helps businesses provide automated customer service, manage online discussion boards and forums, and conduct online surveys.

The company’s customers include Ask.com, the U.S. Environmental Protection Agency, International Business Machines Corp and Saba Software Inc.

Microsoft did not disclose the terms of the deal.

The acquisition will boost Microsoft’s Dynamics unit, which makes business software and counts Mattress Firm Holding Corp, Pandora Media Inc and Nissan Motor Co as customers.

Cloud computing, a broad term referring to the delivery of services via the Internet from remote data centers, is a favorite with businesses because it is faster to implement and has lower upfront costs than traditional software.

Oracle Corp said in December that it would buy web-based marketing software maker Responsys Inc for about $1.39 billion to bolster its cloud computing offerings.

Salesforce.com Inc, the biggest maker of online sales management tools, said in June that it would pay $2.5 billion for marketing software maker ExactTarget, which helps companies reach customers on social networks through mobile devices.

Source

Will Businesses Accept The Chromebook?

Sales of Chromebooks enjoyed rapid growth,going from basically nothing in 2012 to more than 20 percent of the U.S. commercial PC market, analyst firm NPD reported, while Windows PCs and Macs remained flat at best.

NPD estimated that, throughout all of 2013, 14.4 million desktops, notebooks, and tablets were sold through U.S. commercial channels, typically resellers. That compares to 16.4 million PCs, overall, sold in the U.S. during the third quarter alone–excluding tablets, according to IDC. All told, about 46.2 million PCs have been sold in the U.S. during 2013, IDC found.

Within that segment, however, NPD reported some intriguing findings. Chromebooks, once largely the province of Acer and Samsung, have been embraced by Dell, HP, and others–not the least of which are paying customers. In 2012, Chromebook sales were “negligible,” NPD reported. But in the space of a single year, they climbed to 21 percent, NPD found, helping push overall notebook PC growth up by 28.9 percent.

Windows notebooks, however, contributed nothing to that, as NPD found that growth was flat. Worse still, Macs actually declined, with combined sales of desktops and notebooks falling by 7 percent. Windows tablet sales tripled, albeit off what NPD called “a very small base”.

The message? Businesses are turning to the Web, which Chromebooks almost exclusively run. And those low-cost, Net-focused devices are becoming engines of productivity. As a result, they’re receiving validation from traditional PC vendors including Acer, Asus, Dell, and Hewlett-Packard, plus Google’s own Pixel.

“The market for personal computing devices in commercial markets continues to shift and change,” saidA Stephen Baker, vice president of industry analysis at NPD, in a statement.A “New products like Chromebooks, and reimagined items like Windows tablets, are now supplementing the revitalization that iPads started in personal computing devices. It is no accident that we are seeing the fruits of this change in the commercial markets as business and institutional buyers exploit the flexibility inherent in the new range of choices now open to them.”

Naturally, tablet sales continued to explode, capturing 22 percent(or about 3.16 million units) of all the computing device sales sold through the U.S. channel. Of all tablets sold commercially, iPads dominated with 59 percent of all unit sales, leaving the rest to Android (which grew more than 160 percent) and Windows.

Baker said that diversity will be key to the future success of hardware makers, a signpost for what vendors might release at 2014 and the weeks and months following.

Source

Cryptolocker Infects 250K Systems

DELL’s security research team has revealed that a new form of ransomware, dubbed “Cryptolocker” has managed to infect up to 250,000 devices, stealing almost a million dollars in Bitcoins.

“Based on the presented evidence, researchers estimate that 200,000 to 250,000 systems were infected globally in the first 100 days of the CryptoLocker threat,” Dell announced in a Secureworks post.

The firm worked out that if the Cryptolocker ransomware threat actors had sold its 1,216 total Bitcoins (BTC) that they collected from September this year, immediately upon receiving them, they would have earned nearly $380,000.

“If they elected to hold these ransoms, they would be worth nearly $980,000 as of this publication based on the current weighted price of $804/BTC,” Dell said.

Cryptolocker is unique when compared against your average ransomware. Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses third-party certified cryptography offered by Microsoft’s CryptoAPI.

“By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent,” Dell said.

Conventionally, ransomware prevents victims from using their computers normally and uses social engineering to convince them that failing to follow the malware authors’ instructions will lead to real-world consequences. These consequences, such as owing a fine or facing arrest and prosecution, are presented as being the result of a fabricated indiscretion such as pirating music or downloading illegal pornography.

“Victims of traditional forms of ransomware could ignore the demands and use security software to unlock the system and remove the offending malware,” Dell explained. “Cryptolocker changes this dynamic by aggressively encrypting files on the victim’s system and returning control of the files to the victim only after the ransom is paid.”

Dell said that the earliest samples of Cryptolocker appear to have been released on 5 September this year. However, details about its initial distribution phase are unclear.

“It appears the samples were downloaded from a compromised website located in the United States, either by a version of Cryptolocker that has not been analysed as of this publication, or by a custom downloader created by the same authors,” Dell added.

Dell seems to think that early versions of Cryptolocker were distributed through spam emails targeting business professionals as opposed to home internet users, with the lure often being a ‘consumer complaint’ against the email recipient or their organisation.

Attached to these emails would be a ZIP archive with a random alphabetical filename containing 13 to 17 characters, containing a single executable with the same filename as the ZIP archive but with an EXE extension, so keep your eye out for emails that fit this description.

Source

« Previous Page — Next Page »