Sign up for our Technology Newsletter 
Is Epic Turla Exploiting Windows XP?
Kaspersky Lab has discovered an espionage network that successfully attacked government institutions, intelligence agencies and European companies.
The firm has dubbed the spy operation Epic Turla, and said that it is in no doubt about its capabilities.
“Over the last 10 months, Kaspersky Lab researchers have analyzed a massive cyber-espionage operation which we call ‘Epic Turla’,” it said.
“The attackers behind Epic Turla have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies.”
Kaspersky said that Epic Turla used two zero-day exploits that affected Adobe and Microsoft software, along with some backdoor and social engineering tricks.
In particular, Kaspersky said a vulnerability in Windows XP and Windows 2003 – CVE-2013-5065 – termed a “privilege escalation vulnerability” is being used. “The CVE-2013-5065 exploit allows the backdoor to achieve administrator privileges on the system and run unrestricted. This exploit only works on unpatched Microsoft Windows XP systems.”
The use of this Windows XP flaw underlines the risk that the unsupported Windows XP OS poses. Kaspersky went on to explain that, once inside, attackers install their own rootkits and other malware tools and begin their surveillance.
“Once the attackers obtain the necessary credentials without the victim noticing, they deploy the rootkit and other extreme persistence mechanisms,” it said. “The attacks are still ongoing as of July 2014, actively targeting users in Europe and the Middle East.”
The attacks are just the latest in a long line of incidents that businesses need to be aware of as cyber attacks continue at an alarming rate.
In June the security firm Crowdstrike alerted the industry to Putter Panda, a cute-sounding but nasty piece of malware. That firm pointed an accusatory finger at China and charged it with espionage on the US and Europe.
Crowdstrike CEO George Kurtz said at the time, “China’s decade-long economic espionage campaign is massive and unrelenting. Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe.” Chinese authorities disputed this.
The report comes in the same week Hold Security reported uncovering a huge trove of 1.2 billion web passwords and login details that have been gathered by Russian cyber criminals.
Chrome Climbs To Second
Google’s Chrome browser in July broke the 20% user share bar for the first time, according to recently published statistics by Web measurement vendor Net Applications.
But because the browser war is a zero-sum game, when Chrome won others had to lose. The biggest loser, as has been the case for the last year: Mozilla’s Firefox, which came dangerously close to another milestone, but on the way down.
Firefox accounted for 15.1% of the desktop and laptop personal computer browsers used in July, a low point not seen by the open-source application since October 2007, a year before Chrome debuted and when Microsoft’s Internet Explorer (IE) was only on version 7.
Chrome had flirted with the 20% mark before. More than two years ago, Chrome’s user share — a Net Applications’ measurement of the unique visitors running each browser — had come close: 19.6%. But Chrome then took a prolonged dip that only began reversing last fall.
Chrome’s July user share of 20.4% put the browser solidly in second place, but still far behind IE in Net Applications’ tallies. IE’s share last month was 58%, down slightly from the month before.
Firefox also lost user share in July, dropping half a percentage point to 15.1%. It was the ninth straight month that the desktop browser lost share. In the past three months alone, Firefox has fallen nearly two points.
The timing of the decline has been terrible, as Mozilla’s current contract with Google ends in November. That deal, which assigned Google’s search engine as the default for most Firefox customers, has generated the bulk of Mozilla’s revenue. In 2012, for example, the last year for which financial data was available, Google paid Mozilla an estimated $272 million, or 88% of all Mozilla income.
Going into this year’s contract renewal talks, Mozilla will be bargaining from a much weaker position, down 34% in total user share since July 2011.
Apple’s Safari remained in a distant fourth place behind Firefox, with a user share of 5.2%, down four-tenths of a percentage point in the last month. Meanwhile, Opera Software’s Opera browser brought up the rear with a small 1% user share.
Can Lenovo Succeed With Tablets?
July 31, 2014 by admin
Filed under Consumer Electronics
Comments Off on Can Lenovo Succeed With Tablets?
Lenovo on Friday said it would continue selling sub-10-in. Windows tablets in the U.S., backing away from statements it made the day before, when it said it was pulling the ThinkPad 8 from the North American market and had discontinued offering a model of the Miix 2.
“We will continue to bring new Windows devices to market across different screen sizes, including a new 8-inch tablet and 10-inch tablet coming this holiday,” Lenovo said in a press release published on its website Friday.
“Our model mix changes as per customer demand, and although we are no longer selling ThinkPad 8 in the U.S., and we have sold out of Miix 8-inch, we are not getting out of the small-screen Windows tablet business as was reported by the media (emphasis in original),” the statement continued.
On Thursday, the IDG News Service — like Computerworld, owned and operated by IDG – reported the withdrawal of the ThinkPad 8 and the 8-in. Miix from the U.S. market. The ThinkPad 8 had debuted in January at prices starting at $449, and the similarly-sized Miix had launched in October 2013.
Lenovo told IDG News that it was diverting remaining stocks of the ThinkPad 8 to other countries, including Brazil, China, and Japan, where demand was stronger for smaller Windows 8.1-powered tablets.
The China-based company, which has made impressive gains in the global market — it was the world’s largest personal computer seller during the second quarter, ahead of Hewlett-Packard and Dell, according to IDC — did not say exactly when it would return with an 8-in. device. If it begins selling the unnamed device in October, typical of OEMs that seed the channel then for the holiday sales season, it will have been absent from the market for two or more months.
eBay Expands Mobile Shopping
July 21, 2014 by admin
Filed under Around The Net
Comments Off on eBay Expands Mobile Shopping
Braintree, the payments gateway owned by eBay Inc, is working on removing a hurdle for e-commerce companies by making it easier for customers to directly pay for products on their smart phones.
The company rolled out a set of tools for software developers on Wednesday that allows businesses to deduct payments directly from a customer’s PayPal account.
The developer kit is the first big push from Braintree since it was bought by eBay for $800 million last year to help PayPal, eBay’s payments division, expand its presence on mobile devices.
Eliminating the need for mobile shoppers to type in their credit card details on their phones should help boost sales, Braintree Chief Executive Bill Ready said in an interview.
This is especially critical as consumers spend more time on their smartphones, a trend that is forcing developers to design a “fundamentally different computing experience” for the smaller screen, Ready added.
Braintree processes payments for businesses including car service Uber and online home-rental marketplace Airbnb.
Is Malware Wreaking Havoc On XP?
One of the top three malware programs affecting businesses in the second quarter is a worm that takes advantage of the large number of companies still using Windows XP, Trend Micro has warned.
The worm, dubbed DOWNAD, also known as Conficker, can infect an entire network via a malicious URL, spam email, or removable drive. Windows XP is particularly susceptible to this threat because it is known to exploit the MS08-067 Server service vulnerability in order to execute arbitrary code.
DOWNAD also has its own domain generation algorithm (DGA) that allows it to create randomly-generated URLs. It then connects to these created URLs to download files to the system. Trend Micro said that around 175 IP addresses are found to be related to the DOWNAD worm and that these IP addresses use various ports and are randomly generated via the DGA capability of DOWNAD.
“During our monitoring of the spam landscape, we observed that in Q2, more than 40 percent of malware related spam mails are delivered by machines infected by DOWNAD worm,” said Trend Micro anti-spam research engineer Maria Manly in a blog post.
“A number of machines are still infected by this threat and leveraged to send the spammed messages to further increase the number of infected systems. And with Microsoft ending the support for Windows XP this year, we can expect that systems with this OS can be infected by threats like DOWNAD.”
The security company warned that spam campaigns delivering FAREIT, MYTOB, and LOVGATE payloads in email attachments are attributed to DOWNAD infected machines. FAREIT is a malware family of information stealers that download variants of the Zeus Trojan, while MYTOB is an old family of worms known for sending a copy of itself in spam attachments.
The other top sources of spam with malware are the CUTWAIL botnet, together with Gameover ZeuS (GoZ). Manly said CUTWAIL was actually previously used to download GoZ malware but now a malware called UPATRE employs GoZ malware or variants of ZBOT which have peer-to-peer functionality.
“In the last few weeks we have reported various spam runs that abused Dropbox links to host malware like UPATRE,” Manly said. “We also spotted a spammed message in the guise of voice mail that contains a Cryptolocker variant. The latest we have seen is a spam campaign with links that leveraged CUBBY, a file storage service, this time carrying a banking malware detected as TSPY_BANKER.WSTA.”
According to Manly, cybercriminals and threat actors are probably abusing file storage platforms to mask their malicious activities and go undetected in the system and network.
“As spam with malware attachment continues to proliferate, so is spam with links carrying malicious files. The continuous abuse of file hosting services to spread malware appears to have become a favoured infection vector of cyber criminals most likely because this makes it more effective given that the URLs are legitimate thereby increasing the chance of bypassing anti-spam filters,” she added.
Salesforce Goes Healthcare
Salesforce Inc, one of the first cloud-computing companies, is turning its focus towards healthcare with new software and services aimed at the largest hospitals.
Salesforce has announced a strategic alliance with Amsterdam-based medical technology company Philips, which it envisions as the first of many partnerships. These companies will announce two new medical applications later in the summer, called Philips eCareCoordinator and Philips eCare Companion.
The software is designed to improve health and cut costs. The apps are intended to be used by physicians to monitor chronically ill patients between doctor visits.
Salesforce said the goal is to make it easier for hospitals to collect and analyze data from medical devices, which patients with chronic conditions often use at home.
“In the United States, care providers are facing increasing demands and decreasing reimbursement,” said Michael Peachey, a senior director of solutions and product marketing at Salesforce.
“We want to improve efficiency for physicians by transmitting patient data in real time.”
Peachey said the Salesforce software meets security and privacy rules under the Health Insurance Portability and Accountability Act, known as HIPAA.
In the short term, Peachey said Salesforce intends to develop additional apps with other partners to help doctors and nurses monitor patients from the comfort of their homes.
“It’s an open platform,” he said.
Oracle Takes A Fall
Oracle posted fiscal fourth-quarter results that were just horrible for investors looking for more progress in web-based services, sending its shares lower.
The company had been expected to report a pickup in its software business and progress in cloud computing, shares of Oracle had gained 10 percent over the past three months. However yesterday it was clear that Oracle is getting a kicking from the competition like Salesforce.com and Workday which have been offering competitive software and Internet-based products at prices that often undercut Oracle.
Tech spending is likely to fall as more companies move to the cloud. Oracle has been rolling out its own cloud-based products but they remain under five percent of its overall revenue. For the fiscal first quarter, Oracle expects software and cloud revenue to grow between 6 percent and 8 percent. That forecast includes expectations for software- and platform-related cloud services to grow between 25 percent and 35 percent.
Oracle said it expects its hardware system revenue to be in a range of down 1 percent to up 3 percent.
For its latest fourth quarter, Oracle said overall revenue rose 3 percent to $11.3 billion. That was less than the $11.48 billion analysts had expected on average. Net income fell 4 percent to $3.6 billion.
Revenue from Oracle’s hardware systems products grew 2 percent to $870 million.
Can Malwarebytes Protect XP?
Malwarebytes has launched anti-exploit services to protect Windows users from hacking attacks on vulnerabilities in popular targets including Microsoft Office, Adobe software products and Java, a service which even offers protection for Windows XP users.
Consumer, Premium and Corporate versions of the service are available, and are designed to pre-emptively stop hackers from infecting Windows machines with malware.
“An exploit will typically first corrupt the memory of an application process, take control, then execute code,” said Malwarebytes director of special projects Pedro Bustamante.
“From the shell code it executes a payload that tells the exploit what to do and that in turn usually downloads malware from the internet and executes it. The final stage is usually where antivirus kicks in, when it’s being downloaded from the internet, and starts doing things like behavioural analysis to see if it’s malicious.
“We don’t care about that, what we do comes before then. We just look for exploit-like behaviour and block anything that looks like it at the shellcode or payload stages. We come into play before the malware even appears on the scene.”
The Consumer version of the anti-exploit service is free and offers basic browser and Java protection.
The Premium version costs $37.00 per user and adds Office and Adobe protection services as well as the ability to add custom shields to other internet-facing applications, like Messenger or Netflix.
The Corporate version costs$40.00 person user and offers complete anti-exploit protection and comes with Malwarebytes’ Anti-malware service and a toolkit for IT managers.
Bustamante explained that the technology is designed to help businesses and general web users defend against the new wave of exploit-based cyber attacks.
“Traditional security can’t deal with exploits. Every day we see people getting infected, even if they have the latest up-to-date antivirus readers, because of exploits,” he said. “This is why we care about the applications you run – Firefox, Chrome, Internet Explorer, Java, Acrobat [and Microsoft] Word, Excel [and] Powerpoint.”
Bustamante added that the service is doubly important for Windows XP users since Microsoft officially ceased support for the OS in April.
“We’re still seeing over 25 percent of our users running XP. For them this product is even more important,” he said.
“We see new zero-days if not every week, every month, and for XP users who are not getting any more patches from Microsoft this product will be essential.
“Every month Microsoft will be releasing security patches for newer versions of Windows. Every time Microsoft does this it’ll be a treasure map for hackers to find exploits on Windows XP.
“It’ll show them exactly where the vulnerabilities are, so every month will see an influx of new exploits targeting Windows XP.”
Will MasterCard Sell Big Data?
June 23, 2014 by admin
Filed under Around The Net
Comments Off on Will MasterCard Sell Big Data?
MasterCard Inc, the world’s second-largest credit card association, sees business booming from selling data to retailers, banks and governments on spending patterns found in the payments it processes, a top executive told Reuters.
MasterCard, which handles payments for 2 billion cardholders and tens of millions of merchants, uses that information to generate real-time data on consumer trends, available more quickly that regular government statistics.
“It is an incredibly fast growing area for us,” Ann Cairns, who heads MasterCard’s business outside North America, said in an interview, stressing that the company respects cardholder privacy, using anonymous data rather than personal information.
MasterCard does not give figures for its information services products but “other revenues”, which include the sale of data, grew 22 percent in the first quarter of 2014 to $341 million, outpacing the growth of total revenue dominated by payments processing, which rose 14 percent to $2.177 billion.
Cairns said clients for the data include retailers, banks and governments, with MasterCard tailoring it to their needs.
“Retailers are fantastic at using the data they have available about how people shop in their store, how their inventory turns over, but what they don’t know is what happens outside their store,” she said. “The data we’ve got is ubiquitous across the whole market. We can help retailers see what they need to do to capture more sales.”
Cairns, 57, a statistician by training who joined MasterCard in 2011 after helping manage the disposal of Lehman Brothers assets in Europe, revels in the insights real-time card data can provide, such as London’s popularity as the world’s top travel destination and a rise in spending on experiences such as eating out or going on holiday rather than shopping in stores.
MasterCard has recorded a spike in spending in Brazil on groceries and a drop in spending on luxury goods as the price of food has risen ahead of the World Cup, she said, the kind of insight valued by companies such as Nike and Adidas that are hoping to sell $300 soccer boots during the competition.
While MasterCard expands in “big data”, Cairns sees no slowdown in its traditional business of processing payments, with plenty of potential for growth as 85 percent of consumer transactions are still made by cash or check.
“Moving money and doing it safely and securely is so deeply cared about by so many people around the world that it will be a business that has fantastic value now and for years to come,” said Cairns, who previously worked at Citigroup and ABN Amro.
Is China Hurting U.S. Vendors?
Shipments of servers from Chinese vendors grew at a rapid pace while the top server vendors in the U.S. declined during the first quarter of this year.
Worldwide server shipments were 2.3 million units during the first quarter, growing by just 1.4 percent compared to the same quarter last year, according to Gartner.
Growth was driven by Chinese server vendors Huawei and Inspur Electronics, which were ranked fourth and fifth, respectively, behind the declining Hewlett-Packard, Dell and IBM.
Huawei has been in the top five for server shipments for more than a year, but Inspur Electronics is a new entrant. Inspur builds blade servers, rack servers and supercomputers, and is best known for being involved in the construction of China’s Tianhe-2, which is currently the world’s fastest supercomputer, according to Top500.org.
Chinese servers partly benefitted from the 18 percent shipment growth in the Asia-Pacific region, while shipments in other regions declined, Gartner said in a statement.
Server buying trends have changed in recent years. Companies like Facebook, Google and Amazon, which buy servers by the thousands, are bypassing established server makers and purchasing hardware directly from manufacturers like Quanta and Inventec. That trend in part led to the establishment of the Open Compute Project, a Facebook-led organization that provides server reference designs so companies can design data-center hardware in-house.
Similarly, Chinese cloud providers are building mega data centers and buying servers from local vendors instead of going to the big name brands, said Patrick Moorhead, analyst with Moor Insights and Strategy.
The trend of buying locally is partly due to the security tension between the U.S. and China, but servers from Chinese companies are also cheaper, Moorhead said.
The enterprise infrastructure is also being built out in China, resulting in a big demand for servers. There is also a growing demand for servers from little-known vendors based in Asia — also known as “white box” vendors — in other regions, Moorhead said.