Cisco Warns Of Bug In Virtual App
Cisco has warned of a default Secure Shell vulnerability in three of its virtual applications.
The flaw could allow attackers to decrypt traffic exchanged in the services, and has been detailed in a Cisco security advisory.
It affects Cisco’s Web Security Virtual Appliance (SMAv), Email Security Virtual Appliance and Security Management Virtual Appliance, which are already commercially available.
Cisco said that it “is not aware of any public announcements or malicious use of the vulnerabilities”, but warned that attackers who got hold of the private keys could decrypt communications with a man-in-the-middle attack.
The default private encryption keys were preinstalled on all three of the products, a move which is considered bad security practice.
“Successfully exploiting this vulnerability on Cisco SMAv allows an attacker to decrypt communication toward SMAv, impersonate SMAv, and send altered data to a configured content appliance,” the advisory said.
“An attacker can exploit this vulnerability on a communication link toward any content security appliance that was ever managed by any SMAv.”
Cisco has released a patch which deletes the preinstalled SSH keys and explains how customers can correct the problem.
The Cisco-sa-20150625-ironport SSH Keys Vulnerability Fix comes as part of several product upgrades, and must be manually installed from a command line interface.
Cisco’s advisory said that the patch is not required for physical hardware appliances, or for virtual appliance downloads or upgrades after 25 June.
Cisco revealed details of a new point of sale attack earlier this year that could part firms from money and customers from personal data.
The threat, called PoSeidon by the Cisco team, came at a time when eyes were on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a threat that has the ability to breach machines and scrape them for credit card information.
Yet Another Retailer System Hacked
Women’s clothing retailer Bebe Stores has become the latest in a growing list of national retailers to be hit by an attack on its credit card payment system.
The company said Friday that the cardholder name, account number, expiration date, and verification code could have been stolen by hackers who apparently had access to the company’s payment processing system between Nov. 8 and 26.
The incident came to light in late November when Bebe said it noticed suspicious activity on computers that operate the payment processing system. Stores affected were the roughly 200 it operates in the U.S., Puerto Rico and the U.S. Virgin Islands.
“If you used a payment card at a U.S., Puerto Rico or U.S. Virgin Islands store during this time frame, you should review your account statements for any unauthorized activity,” it said in a message to customers.
The last couple of years have been bad ones for the safety of credit card data at major U.S. retailers. Millions of credit and debit card numbers have been compromised in breaches at retailers, including Target, Home Depot, PF Chang’s restaurants, Super Valu grocery stores, Neiman Marcus, UPS Store and others.
In many cases, the attacks were targeted at payment processing terminals and used sophisticated malware that stole card details as consumers swiped their cards. Many of the thefts were only discovered after the card numbers appeared for sale on Internet hacking forums.
Such was the case with Bebe Stores. First news of the hack came earlier this week through the closely followed Krebs on Security blog.
Will IBM Realize Growth In 2015?
International Business Machines Corp said it is projecting growth in its hardware sector next year as the company invests in research and development and abandons low-performing ventures.
The comments come less than one month after the world’s largest technology service company reported its lowest quarterly revenue in five years, weighed by sluggish global demand for its hardware, which plunged 23 percent in the first quarter of 2014.
The company added that growth in Latin America, the Middle East and Africa remain strong, and blamed falling revenue in China on government reforms affecting state-owned clients, and on the country’s hardware-heavy portfolio.
“We move on and we spread ourselves out, more industries, more clients, cloud, data, et cetera, around there,” said IBM Chief Executive Ginni Rometty at an investor briefing on Wednesday.
Chief Financial Officer Martin Schroeter said to stabilize the hardware sector IBM would continue to “refresh” hardware and further invest in research and development.
“Quite frankly, we are seeing very good growth out of software, good growth out of services, but challenges in hardware,” said Schroeter. “We will stabilize that hardware base and I am comfortable we will make that happen in 2014,” he said.
He reiterated the company’s EPS target for 2015 of at least $20. He expects a shift to higher-value business to bring in $3.25 and share repurchases to add $2 in earnings per share by 2015.
AMD To Focus On China
Advanced Micro Devices has relocated its desktop chip business operations from the U.S. to the growing market of China, adding to its research lab and testing plant there.
The desktop market in China is growing at a fast pace and its shipments of desktops and laptops are equal in ratio, said Michael Silverman, an AMD spokesman, in an email. “The desktop market in China remains strong,” Silverman said.
The move of AMD’s desktop operations was first reported by technology news publication Digitimes, but the chip maker confirmed the news.
The company is also developing tailored products for users in China, Silverman said.
AMD’s move of desktop operations to China brings them closer to key customers such as Lenovo, said Dean McCarron, principal analyst at Mercury Research.
“Not that they don’t have their sales in the U.S.,” but a significant number of those PCs are made in China and then shipped internationally, McCarron said.
AMD is the world’s second-largest x86 processor maker behind Intel. Many PC makers like HP and Dell get products made in China.
Being in China also solves some desktop supply chain issues because it moves AMD closer to motherboard suppliers like Asustek and MSI, which are based in Taiwan, but get parts made in China. Chips will be shipped to customers faster and at a lower cost, which would reduce the time it takes for PCs to come to market, McCarron said.
AMD already has a plant in Suzhou, which Silverman said “represents half of our global back-end testing capacity.” AMD’s largest research and development center outside the U.S. is in Shanghai.
Some recent products released by the company have been targeted at developing countries. AMD recently starting shipping Sempron and Athlon desktop chips for the Asia-Pacific and Latin America markets, and those chips go into systems priced between $60 and $399. AMD is targeting the chips at users that typically build systems at home and shop for processors, memory and storage. The chips — built on the Jaguar microarchitecture — go into AMD’s new AM1 socket, which will be on motherboards and is designed for users to easily upgrade processors.
China is also big in gaming PCs, and remains a key market for AMD’s desktop chips, said Nathan Brookwood, principal analyst at Insight 64. “White box integrator’s play a big role in China,” he said.
Zeus Attached To Cancer Email Scam
March 28, 2014 by admin
Filed under Around The Net
Comments Off on Zeus Attached To Cancer Email Scam
Thousands of email users have been hit by a sick cancer email hoax that aims to infect the recipients’ computers with Zeus malware.
The email has already hit thousands of inboxes across the UK, and looks like it was sent by the National Institute for Health and Care Excellence (NICE). It features the subject line “Important blood analysis result”.
However, NICE has warned that it did not send the malicious emails, and is urging users not to open them.
NICE chief executive Sir Andrew Dillon said, “A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results.
“This email is likely to cause distress to recipients since it advises that ‘test results’ indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”
The hoax message requests that users download an attachment that purportedly contains the results of the faux blood analysis.
Security analysis firm Appriver has since claimed that the scam email is carrying Zeus malware that if installed will attempt to steal users’ credentials and take over their PCs.
Appriver senior security specialist Fred Touchette warned, “If the attachment is unzipped and executed the user may see a quick error window pop up and then disappear on their screen.
“What they won’t see is the downloader then taking control of their PC. It immediately begins checking to see if it is being analysed, by making long sleep calls, and checking to see if it is running virtually or in a debugger.
“Next it begins to steal browser cookies and MS Outlook passwords from the system registry. The malware in turn posts this data to a server at 69.76.179.74 with the command /ppp/ta.php, and punches a hole in the firewall to listen for further commands on UDP ports 7263 and 4400.”
Africa To Lead Global Bandwidth Demand
Comments Off on Africa To Lead Global Bandwidth Demand
Africa’s demand for Internet access to the rest of the world will grow by an average of 51 percent every year until 2019, ahead of all other regions, according to a forecast by research company Telegeography.
Rapid economic growth and wider Internet use will drive the increase in demand, which will be met mostly by turning on unused capacity in existing cables, according to Telegeography analyst Erik Kreifeldt. Terrestrial links are in demand partly because much of Africa still relies on satellite, which is far more expensive per bit than wired broadband, he said.
Most Internet bandwidth between continents is provided by undersea cables built and financed by groups of service providers. From Africa, most of those links go to Europe. Other carriers pay to tap into those cables and link their customers to the Internet. In some parts of Africa, running cables from coastal areas to the interior is a challenge so satellite remains the major Internet source, Kreifeldt said.
The capacity of international cables landing on African shores is just a fraction of the bandwidth available between Europe, the U.S. and Asia. After seven years of the growth that Telegeography forecasts, from 2012 through 2019, Africa will have 17.2Tbps (bits per second) of links to the outside world. That’s up from just 957Gbps in 2012 but will still be only about one-quarter of the international capacity of Latin America and less than that of Canada, according to Telegeography.
The hunger for the Internet varies among African countries. Through 2019, bandwidth demand is expected to grow fastest in Angola, at 71 percent per year; Tanzania, at 68 percent; and Gabon, at 67 percent.
Many new cables have been built to Africa and around the continent in the past several years, giving service providers excess fiber capacity that can be turned on when needed, Kreifeldt said. As that fiber gets lit up and supply rises, prices should fall for enterprises and other users in African countries, he said. However, due to relative scarcity, a given amount of bandwidth between Africa and Europe costs about 10 times as much as the same size connection between Europe and North America, he said. Africa’s bandwidth gains aren’t expected to shrink that gap.
ATM Malware Found In Mexico
A malicious software program identified in ATMs in Mexico has been improved and translated into English, which suggests it may be used elsewhere, according to security vendor Symantec.
Two versions of the malware, called Ploutus, have been discovered, both of which are engineered to empty a certain type of ATM, which Symantec has not identified.
In contrast to most malware, Ploutus is installed the old-fashioned way — by inserting a CD boot disk into the innards of an ATM machine running Microsoft Windows. The installation method suggests that cybercriminals are targeting standalone ATMs where access is easier.
The first version of Ploutus displays a graphical user interface after the thief enters a numerical sequence on an ATM’s keypad, although the malware can be controlled by a keyboard, wrote Daniel Regalado, a Symantec malware analyst, on Oct. 11.
Ploutus is programmed for a specific ATM model since it assumes there is a maximum of four cassettes per dispenser in the ATM. It then calculates the amount of money that should be dispensed based on the number of bills. If any of the cassettes have less than the maximum number of 40 bills, it releases whatever is left, repeating that process until the ATM is empty.
Kevin Haley, director of Symantec Security Response, said in an interview earlier this month that the attackers have deep knowledge of the software and hardware of the particular ATM model.
“They clearly know how this machine worked,” he said.
The source code of Ploutus “contains Spanish function names and poor English grammar that suggests the malware may have been coded by Spanish-speaking developers,” Regalado wrote.
In a new blog post, Regalado wrote that the attackers made Ploutus more robust and translated it into English, indicating the same ATM software can be exploited in countries other than Mexico.
The “B” variant of Ploutus has some differences. It only accepts commands through the keypad but will display a window showing the money available in the machine along with a transaction log as it dispenses cash. An attacker cannot enter a specific number of bills, so Ploutus withdraws money from the cassette with the most available bills, Regalado wrote.
Symantec advised those with ATMs to change the BIOS boot order to only boot from the hard disk and not CDs, DVDs or USB sticks. The BIOS should also be password protected so the boot options can’t be changed, Regalado wrote.
iPad Rivals Have Better Chance In Europe
Comments Off on iPad Rivals Have Better Chance In Europe
Would-be rivals to Apple’s iPad have a better chance in Europe than they do in the United States, but they need to drop prices fast to grasp the opportunity, IT research firm Forrester said on Tuesday.
Apple’s relatively small retail presence in Europe — with 52 stores compared with 238 in the United States — offers a chance to the likes of Samsung, Acer and Research in Motion, Forrester said.
But their prices cannot yet compete with Apple, which has far larger scale in the tablet market and an efficient supply chain. Forrester said emerging challengers from China and Taiwan would likely step in soon with cheaper offerings.
“There is this opportunity for iPad challengers, but the competition is very fragmented. Competing with Apple will require a different approach from what we’ve seen so far,” said analyst Sarah Rotman Epps, the author of the Forrester report.
Apple still has the tablet-computer market almost to itself after launching the iPad a year and a half ago. It has sold close to 30 million iPads, whose prices start at about $500.
Forrester expects Apple to sell 80 percent of all consumer tablets in the United States and 70 percent in Europe this year.
It expects 2011 worldwide tablet sales to reach 48 million units, with half of those sold in the United States, 30 percent in Europe, 15 percent in Asia and 5 percent in Latin America.
Forrester surveyed almost 14,000 online adult consumers in France, Germany, Italy, the Netherlands, Spain, Sweden and Britain, and also interviewed product strategists from manufacturers, telecommunications operators and retailers.
Mobile Networks Near Capacity
July 23, 2011 by admin
Filed under Smartphones
Comments Off on Mobile Networks Near Capacity
Mobile networks in North America are using 80 percent of capacity, with 36 percent of base stations facing capacity constraints, according to a survey by investment firm Credit Suisse.
Networks in other regions also are more than 50 percent utilized, with the global average at 65 percent, Credit Suisse said after surveying carriers around the world. That level of use matches the average “threshold” rate that would trigger the service providers to start buying more network equipment, the report said. Looking ahead, on average the carriers expected their utilization rate to grow to 70 percent within 12 months.
Credit Suisse used the results to predict new sales by makers of cellular equipment, such as Ericsson, Alcatel-Lucent, Nokia Siemens Networks and Huawei Technologies. But at a certain level, heavy use of a base station can also affect the mobile experience of individual subscribers. The survey found that 23 percent of base stations worldwide had capacity constraints (defined as a utilization rate over 80 percent during busy hours), while 36 percent in North America were under that kind of pressure.
The North American networks were 72 percent utilized two years ago. The region’s carriers expect the rate to ease back down to that point within two years. North American service providers are likely to buy more equipment soon, because having their networks 74 percent filled is the threshold rate in that region, the survey said.