Symantec Uncovers Advanced Spying Malware

An advanced malicious software application has been discovered that since 2008 was used to spy on private companies, governments, research institutes and individuals in 10 countries, anti virus software maker Symantec Corp said in a report on Sunday.

The Mountain View, California-based maker of Norton anti virus products said its research showed that a “nation state” was likely the developer of the malware called Regin, or Backdoor. Regin, but Symantec did not identify any countries or victims.

Symantec said Regin’s design “makes it highly suited for persistent, long-term surveillance operations against targets,” and was withdrawn in 2011 but resurfaced from 2013 onward.

The malware uses several “stealth” features “and even when its presence is detected, it is very difficult to ascertain what it is doing,” according to Symantec. It said “many components of Regin remain undiscovered and additional functionality and versions may exist.”

Almost half of all infections occurred at addresses of Internet service providers, the report said. It said the targets were customers of the companies rather than the companies themselves. About 28 percent of targets were in telecoms while other victims were in the energy, airline, hospitality and research sectors, Symantec said.

Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage.” It said “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.”

Regin also uses what is called a modular approach that allows it to load custom features tailored to targets, the same method applied in other malware, such as Flamer and Weevil (The Mask), the anti virus company said. Some of its features were also similar to Duqu malware, uncovered in September 2011 and related to a computer worm called Stuxnet, discovered the previous year.

Symantec said Russia and Saudi Arabia accounted for about half of the confirmed infections of the Regin malware and the other countries were Mexico, Ireland, India, Iran,Afghanistan, Belgium, Austria and Pakistan.

Source

Oracle And SAP Settle Piracy Dispute

Oracle has won a limited victory in its long-running lawsuit with rival SAP.

The action was taken in reference to events dating back to 2007, which saw employees of SAP’s TomorrowNow unit accused of illegally downloading Oracle software.

German company TomorrowNow was bought by SAP as a means to undercut Oracle’s internal tech support rates, with the ambition of getting customers to migrate to SAP solutions, reports Reuters.

In 2006, TomorrowNow started the process of undermining its parent’s position, offering cut-price support to users of the Siebel database and CRM.

Oracle was originally awarded $1.3bn back in 2010, but this was adjusted downwards on multiple appeals.

SAP acknowledged that its employees had been in the wrong, but disputed the damages awarded. SAP offered a $306m payment in 2012, but did so more in hope than expectation given its admissions.

Earlier in the year, a federal judge gave Oracle the option to settle for $356.7m or force a retrial, and the company has now decided on the former with a further $2.5m in interest.

“We are thrilled about this landmark recovery and extremely gratified that our efforts to protect innovation and our shareholders’ interests are duly rewarded,” said Oracle’s general counsel Dorian Daley.

“This sends a strong message to those who would prefer to cheat than compete fairly and legally.”

SAP agreed: “We are also pleased that, overall, the courts hearing this case ultimately accepted SAP’s arguments to limit Oracle’s excessive damages claims and that Oracle has finally chosen to end this matter.”

SAP announced a partnership with IBM last month to bring its HANA service to enterprise cloud users.

Source

New Malware Targeting Apple Devices

Palo Alto Networks Inc  has uncovered a new group of malware that can infect Apple Inc’s  desktop and mobile operating systems, underscoring the increasing sophistication of attacks on iPhones and Mac computers.

The “WireLurker” malware can install third-party applications on regular, non-jailbroken iOS devices and hop from infected Macs onto iPhones through USB connector-cables, said Ryan Olson, intelligence director for the company’s Unit 42 division.

Palo Alto Networks said on Wednesday it had seen indications that the attackers were Chinese. The malware originated from a Chinese third-party apps store and appeared to have mostly affected users within the country.

The malware spread through infected apps uploaded to the apps store, that were in turn downloaded onto Mac computers. According to the company, more than 400 such infected apps had been downloaded over 350,000 times so far.

It’s unclear what the objective of the attacks was. There is no evidence that the attackers had made off with anything more sensitive than messaging IDs and contacts from users’ address books, Olson added.

But “they could just as easily take your Apple ID or do something else that’s bad news,” he said in an interview.

Apple, which Olson said was notified a couple weeks ago, did not respond to requests for comment.

Once WireLurker gets on an iPhone, it can go on to infect existing apps on the device, somewhat akin to how a traditional virus infects computer software programs. Olson said it was the first time he had seen it in action. “It’s the first time we’ve seen anyone doing it in the wild,” he added.

Source

Amazon Tops Apple

A mere five months after Apple snatched J.D. Power’s tablet satisfaction award away from Samsung, it has lost it to up-and-coming Amazon.

Apple’s iPad finished in second place in the latest satisfaction survey conducted by J.D. Power and Associates, with a score of 824 out of a possible 1,000. For the first time, Amazon took first place, scoring 827.

Samsung came in at 821 for third, while Asus and Acer filled out the first five, but those stragglers’ scores were under the category average.

J.D. Power’s satisfaction score included five separate measurements for performance, ease of operation, features, styling and design, and cost, with each accounting for different percentages of the final number. Performance, for example, counted as 28% of the total; cost for 11%.

Apple received high scores in performance and styling and design, while Amazon performed best in ease of operation and cost, said Kirk Parsons, senior director of telecommunications services at J.D. Power.

“Within the tablet segment, there’s a balance of cost and value, and for this period, Amazon was at the equilibrium,” said Parsons. “For the money, [Amazon tablets] do what buyers need them to do. And the Mayday feature really helped them in ease of operation.”

Mayday is a feature on Amazon’s higher-end tablets that lets customers video chat with support representatives using the device.

Parsons called out Amazon’s Fire HDX, which launched in October 2013 in a 7-in. size and a month later in an 8.9-in. format, for driving the brand’s scores. Amazon now sells the 7-in. Fire HDX for $179; the 8.9-in. model starts at $379. “The new Fire HDX did really, really well” in the survey, Parsons noted.

J.D. Power polled nearly 2,700 U.S. tablet owners who had had their current devices for less than a year. The survey period ran from March to August.

The last time J.D. Power published tablet customer satisfaction scores, Amazon placed fourth. Its jump to first was a small surprise, said Parsons. “I figured [Amazon’s] scores would improve, but I didn’t think they’d take the top spot,” he admitted.

Price is increasingly important to satisfaction, said Parson, as costs fall and capabilities climb across the board, making it more difficult for premium-priced tablets like Apple’s iPad, to retain their polled positions. On average, tablet customers now spend $345 on their tablets, $48 less than in April 2013, a decline of 12%.

Source

Will The Drupal Flaw Be Catastrophic?

The Drupal web content management system has been exposed as having backdoor access that could deliver your site to hackers.

The problem is not particularly new. Drupal warned about it earlier this month, but it still needs tackling as millions of websites may be at risk.

Drupal said that sites running version 7 really ought to have upgraded to 7.32 by now, because not doing so leaves them as open as a torn tea bag.

Initially the alert was about the threat, but the firm has updated its earlier advice and is now warning of in-the-wild attacks.

That earlier advice was about a problem in a database API. “A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution,” warned Drupal in a security alert.

“Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks. This vulnerability can be exploited by anonymous users.”

More recent information from the firm points users toward the released upgrade, and informs them that attacks started not long after the initial announcement.

“You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is seven hours after the announcement,” it said, adding that, even when updated, sites will have some cleaning up to do.

“If you have not updated or applied this patch, do so immediately, then continue reading this announcement; updating to version 7.32 or applying the patch fixes the vulnerability but does not fix an already compromised website,” it explains.

“If you find that your site is already patched but you didn’t do it, that can be a symptom that the site was compromised – some attacks have applied the patch as a way to guarantee they are the only attacker in control of the site.”

Gavin Millard, EMEA technical director at Tenable Network Security, advised people to follow Drupal’s advice.

“The so-called ‘Drupageddon’ vulnerability could have easily led to exploitation of any systems running the vulnerable code. With such an easy to exploit flaw, the chance of exfiltration of data or further exploitation are high,” he said.

“For those who have good security controls, reviewing of logs and traffic directed at the sites following the vulnerability being announced and the patch applied is common sense and highly advisable, with appropriate action taken if indicators of compromise are found.

“For those who don’t have such a good level of security or visibility into the logs, the advice from the Drupal team should be heeded. If you don’t know if you were exploited you should assume that you have been.”

Source

MDM Coming To Office 365

Microsoft will rollout mobile device management (MDM) capabilities to Office 365 in 2015, making it easier for firms to manage corporate data across a range of mobile devices, including those running iOS and Android as well as Windows.

Microsoft unveiled the updates coming to its Office 365 cloud-delivered productivity suite in 2015 at its TechEd Europe conference.

These will enable customers to apply security policies against devices that connect to Office 365 to ensure that email and documents can be accessed only by approved devices, plus the ability to remotely wipe Office 365 data if necessary.

Julia White, Microsoft general manager for Office 365, said that the updates will enable customers to offer “conditional access” to Office documents and email, such as ensuring that any device used by employees has not been jailbroken or rooted, which could potentially pose a security risk.

Administrators will be able to set policies directly from the Office 365 administration portal, and enforce the use of a Pin to secure access to the device. Any wipe of Office 365 content will not affect the user’s personal data, White added.

These MDM features coming to Office 365 are actually powered by Microsoft’s Intune cloud-based management service and are a subset of Intune’s capabilities, the firm disclosed.

Intune itself is also getting some upgrades that will enable customers to benefit from additional security features if they also subscribe to Intune.

These will include data leak prevention measures that enable policies to be applied against managed applications, preventing users from copying and pasting data from an Office 365 app to another, for example, or copying files from Office 365 to elsewhere on the device.

While these capabilities are built in to Office 365, Microsoft will also enable this to be extended to other applications using Intune app wrapper functionality, White said.

White also confirmed that Microsoft is working on an Android version of the Office for iPad suite of mobile productivity tools that the firm announced for Apple’s tablet platform earlier this year.

Microsoft’s Office announcement comes amid speculation that the firm will release Office for Android next month.

Source

Google Continues A.I. Expansion

Google Inc is growing its artificial intelligence area, hiring more than half a dozen leading academics and experts in the field and announcing a partnership with Oxford University to “accelerate” its efforts.

Google will make a “substantial contribution” to establish a research partnership with Oxford’s computer science and engineering departments, the company said on Thursday regarding its work to develop the intelligence of machines and software, often to emulate human-like intelligence.

Google did not provide any financial details about the partnership, saying only in a post on its blog that it will include a program of student internships and a series of joint lectures and workshops “to share knowledge and expertise.”

Google, which is based in Mountain View, California, is building up its artificial intelligence capabilities as it strives to maintain its dominance in the Internet search market and to develop new products such as robotics and self-driving cars. In January Google acquired artificial intelligence company Deep Mind for $400 million according to media reports.

The new hires will be joining Google’s Deep Mind team, including three artificial intelligence experts whose work has focused on improving computer visual recognition systems. Among that team is Oxford Professor Andrew Zisserman, a three-time winner of the Marr Prize for computer vision.

The four founders of Dark Blue Labs will also be joining Google where they will be will be leading efforts to help machines “better understand what users are saying to them.”

Google said that three of the professors will hold joint appointments at Oxford, continuing to work part time at the university.

Source

Hackers Infiltrate Jimmy Johns

Sandwich restaurant chain Jimmy John’s said there was a potential data breach involving customers’ credit and debit card information at 216 of its stores and franchised locations on July 30.

An intruder stole log-in credentials from the company’s vendor and used the credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16 and Sept. 5, the company said.

The chain is the latest victim in a series of security breaches among retailers such as Target Corp, Michaels Stores Inc and Neiman Marcus.

Home Depot Inc  said last week some 56 million payment cards were likely compromised in a cyberattack at its stores, suggesting the hacking attack at the home improvement chain was larger than the breach at Target Corp.

More than 12 of the affected Jimmy John’s stores are in Chicago area, according to a list disclosed by the company.

The breach has been contained and customers can use their cards at its stores, the privately held company said.

Jimmy John’s said it has hired forensic experts to assist with its investigation.

“Cards impacted by this event appear to be those swiped at the stores, and did not include those cards entered manually or online,” Jimmy John’s said.

The Champaign, Illinois-based company said stolen information may include the card number and in some cases the cardholder’s name, verification code, and/or the card’s expiration date.

Source

Will Mark Hurd Call The Shots At Oracle?

Analysts have started to wonder which of the two heads that Larry Ellison left in charge of Oracle will be calling the shots — Safra Catz or Mark Hurd.

Wall Street thinks that dealmaker and finance guru Safra Catz will be in charge even though she, and not Hurd who would be the real boss. Of course Ellison will remain around for a while, so it is a little moot, neither Catz or Hurd got to the top by crossing Ellison. But Ellison could actually go, particularly if his mysterious exit was because he was sick and this has made some analysts wonder who will be in charge.

Of 12 analysts who replied to an anonymous poll, five said Catz would likely run Oracle, while only one voted for Hurd, 57. Four said both would continue to run the company, one said neither, and one plumped for dark-horse internal candidate Thomas Kurian.

Catz has more status because the 52-year old former Wall Street banker orchestrated Oracle’s multibillion dollar acquisitions and has been Ellison’s de facto deputy for the last few years. Hurd, who only joined Oracle in 2010 after leaving HP under the cloud of a business ethics breach, has a larger public presence but is still seen as a newcomer.

Only one analyst said Hurd was the more likely to lead the company, chiefly because he is the one with experience of being the CEO of a large technology company. In fact some of the Oracle board does not trust him because of the experience that HP had with him.

Source

Ericsson Acquires Fabrix Systems

The distinctions between TV and mobile services continues to merge and in many cases that occurs in the cloud.

That’s the logic behind Ericsson’s planned $95 million acquisition of Fabrix Systems, which sells a cloud-based platform for delivering DVR (digital video recorder), video on demand and other services.

The acquisition is intended to help service providers deliver what Ericsson calls TV Anywhere, for viewing on multiple devices with high-quality and relevant content for each user. Cable operators, telecommunications carriers and other service providers are seeing rapid growth in video streaming and want to reach consumers on multiple screens. That content increasingly is hosted in cloud data centers and delivered via Internet Protocol networks.

Fabrix, which has 103 employees in the U.S. and Israel, sells an integrated platform for media storage, processing and delivery. Ericsson said the acquisition will make new services possible on Ericsson MediaFirst and Mediaroom as well as other TV platforms.

Stockholm-based Ericsson expects the deal to close in the fourth quarter. Fabrix Systems will become part of Ericsson’s Business Unit Support Solutions.

Other players usually associated with data networks are also moving into the once-specialized realm of TV. At last year’s CES, Cisco Systems introduced Videoscape Unity, a system for providing unified video services across multiple screens, and at this year’s show it unveiled Videoscape Cloud, an OpenStack-based video delivery platform that can be run on service providers’ cloud infrastructure instead of on specialized hardware.

Source

« Previous Page — Next Page »