Subscribe to:

Subscribe to :: ::

Google To Release Fix For Buzzing Sound In Pixel 2

November 22, 2017 by  
Filed under Mobile

Last month, Pixel 2 owners reported strange noises coming from their phones, including clicking noises like a ticking clock and high-pitched sounds. Google acknowledged the problem affecting some devices, and promised a fix. Looks like it’s coming sooner rather than later.

“Coming weeks” is still completely nebulous, but it does suggest a time frame of December or January.

The audio issues are part of a string of bad press befalling the Pixel 2 and Pixel 2 XL. Phone owners also complained of blue shift, which makes the screen appear blue when you’re looking at it from certain angles, and screen burn-in, a condition that makes “afterimages” permanently visible on the screen, even after you’ve moved on to view something else. This affected two of CNET’s Pixel 2 phones.

Google has so far been able to address some of the flaws with software updates, but it’s too soon to say if the dogpile of bad press has dampened buyers’ enthusiasm for the “pure” Android devices, especially as Black Friday deals roll in.

AVAST To Seek An IPO In 2018

November 10, 2017 by  
Filed under Around The Net

AV outfit Avast has hired Rothschild to prepare the business for an initial public offering (IPO) which could value the firm at as much as $4 billion.

CVC Capital Partners, which took control of the Prague-based company in 2014, could seek a London listing for Avast in the first half of next year if market conditions allow.

If successful, Avast’s float would represent the largest ever UK technology IPO. However it would have to navigate a tough market, which has seen a number of planned London listings pulled in recent weeks.

CVC hired Rothschild after talking to a series of banks as part of a contest in October, the sources said, adding Rothschild will carry out the preliminary work for the deal which includes the selection of global coordinators and bookrunners.

Avast, which previously attempted to float on Nasdaq in 2012, has Summit Partners among its minority investors alongside Czech entrepreneurs Pavel Baudiš and Eduard Kuera who founded the company in 1991.


Facebook Moves Into E-commerce With Shopping Feature

October 14, 2015 by  
Filed under Around The Net

Facebook Inc wants its users to buy clothes and other products from their mobile phones without ever leaving its app.

In an effort to move further into e-commerce and compete with Amazon Inc’s retail offerings, Facebook announced that it is testing several ad features that allow users to shop directly through its app.

Few users make purchases on mobile phones because it is slow and cumbersome, but Facebook hopes to win over more ad dollars by smoothing the process. Mobile purchases make up less than 2 percent of all retail sales, according to research firm eMarketer.

“We’re looking to give people an easier way to find products that will be interesting to them on mobile, make shopping easier and help businesses drive sales,” said Emma Rodgers, Facebook’s head of product marketing for commerce.

Among the new features are ads that take a user through a specific brand’s products without redirecting them to another site. For example, a user who clicks on an ad from a boutique could see an expanded page that displays numerous clothing items.

Businesses on Facebook will also be able to display products for purchase directly on their own pages. And users will be able to purchase products directly on Facebook through a “buy now” button that will be more widely available.

The 1.5-billion-member social network has also added a new section on its app that takes users directly to a shopping page where they can browse among numerous brands from a select group of small businesses that will gradually expand.

“From Facebook’s perspective, they’re addressing a pain point for retailers,” said Catherine Boyle, an analyst at eMarketer. “They will attract serious ad dollars with this offering.”


Researchers Uncover Android Ransomware That Changes PIN Codes

September 14, 2015 by  
Filed under Mobile

Researchers at security company ESET have uncovered a type of malware that changes an Android device’s PIN, the first of its kind in a constantly changing landscape of ransomware attacks.

For most users, the only option to get rid of the malware is to reset the phone to its factory settings, which unfortunately also deletes all the data on the device.

The malware calls itself “Porn Droid” and bills itself as a viewer for adult content. It has been seen only on third-party Android application marketplaces or forums for pirated software, wrote Lukas Stefanko, an ESET malware analyst.

But after it’s installed, users see a warning supposedly from the FBI that they’ve allegedly viewed “prohibited pornography.” It asks for a $500 fine to be paid within three days.

To change the device’s PIN, Porn Droid needs administrator-level access to the phone.  Stefanko wrote that the malware uses a new method to obtain that high level of access.

When Porn Droid runs, it asks people to click a button. “After clicking on the button, the user’s device is doomed,” Stefanko wrote. “The Trojan app has obtained administrator rights and now can lock the device. And even worse, it sets a new PIN for the lock screen.”

Other kinds of Android malware locked the screen by keeping the ransonware warning in the foreground using an infinite loop. But that could be remedied by using a command-line tool, the Android debug bridge, or deactivating admin rights in Safe Mode, according to Stefanko.

In the case of Porn Droid, if someone tries to deactivate the admin privileges, the malware uses a call-back function to reactivate them, Stefanko wrote.

The malware is also coded to try to shut down three mobile antivirus products: Dr. Web, ESET’s Mobile Security and Avast.

More advanced users may be able to get rid of Porn Droid without resetting and erasing all data on their phone. It is possible to remove the malware if a user has root privileges to the device, and some security software can stop it, Stefanko wrote.






Spam Rate Finally Falls Below 50%

July 21, 2015 by  
Filed under Around The Net

Spam emails have dropped to less than 50 percent of all email in June, the lowest in a decade, Symantec said Thursday in its latest Intelligence Report.

The levels of spam have been slowly falling since 2010 for multiple reasons. Network providers are more tuned into the problem and are taking action faster when there are issues on their services.

Also, unlike six or seven years ago, sending billions of messages per day from massive botnets isn’t as feasible anymore.

Law enforcement, along with companies including Microsoft, have aggressively gone after some of the largest botnets over the past few years and worked to technically shut them down. Although some botnet operators have been able in some instances to regain control, the increased attention makes it more difficult for them to work.

Improved filtering and blocking also means that fewer unsolicited marketing messages reach inboxes where people might click on a message to buy a product. Response rates to spam are notoriously low, so it means spammers must reach many inboxes in order to build a business.

That’s not to say spam is going to completely stop, but as the cost of entry into the spam business rises and the likelihood of a return falls, it’s less of an incentive.

In June, Symantec saw 704 billion email messages sent. Of those, 353 billion were classified as spam. At one of the peaks of the spam epidemic in June 2009, 5.7 trillion of the 6.3 trillion messages sent were spam, according to past data from Symantec.

Symantec noted that phishing and email-based malware fell in June, which is evidence that “attackers are simply moving to other areas of the threat landscape.”



LinkedIn Introduces ‘Member Blocking’

February 24, 2014 by  
Filed under Around The Net

LinkedIn users who have no interest in receiving job inquiries or other messages, or allow access to their profiles from certain other members, can now block them.

“Member blocking,” was recently released by the professional social networking site after receiving requests from users. The feature adds an additional layer to privacy controls by allowing users to block profiles, direct interactions and network activity from other members with whom they do not wish to interact.

“We built this feature not only because it was a feature our members requested, but because we also knew it was the right thing to do,” said Paul Rockwell, who heads trust and safety at the site, in announcing the tool.

The tool is available in a dropdown menu on the profile page, by clicking on “block or report.” If a user chooses block, then the two members won’t be able to access each other’s profiles or send messages to each other. If the two are already connected, then they won’t be connected anymore if one person blocks the other.

People can view and manage their list of blocked members within a block list in their privacy and settings page.

In addition to blocking, LinkedIn also provides more granular controls to let people customize which elements of their profiles are discoverable by search engines, and who can see updates to their profile, among other settings.

With the tools, LinkedIn aims to cut down on abuse of its site and give its members a new method to prevent themselves from being spammed.

That’s if users know who they should block. LinkedIn already gives members the option to view others’ profiles anonymously. If someone enables this option, then only anonymous details about them show up, like their job title or school, when others check to see who visited their profile.

LinkedIn said that at this time, people can’t block anonymous viewers of their profile.


Kaspersky Finds A Java Version Of IceFrog

January 16, 2014 by  
Filed under Computing

A variant of the infamous Icefog malware, an advanced persistant threat (APT) campaign uncovered last September, has been found by security firm Kaspersky.

Dubbed “Javafog”, the malware uses Oracle’s Java software and is targeting several high profile companies and government agencies, according to the Russian security firm, including “a very large American independent oil and gas corporation”.

The new variant was uncovered by Kaspersky Lab experts Costin Raiu, VitalyK and Igor Soumenkov, who came across the threat while monitoring previously shut down Icefog command and control (C&C) servers.

“In September 2013, we published our extensive analysis of Icefog, an APT campaign that focused on the supply chain – targeting government institutions, military contractors, maritime and shipbuilding groups,” the security firm said in a blog post.

“Since the publication of our report, the Icefog attackers went completely dark, shutting down all known C&C servers.

“Nevertheless, we continued to monitor the operation by sinkholing domains and analysing victim connections. During this monitoring, we observed an interesting type of connection, which seemed to indicate a Java version of Icefog.”

The malware is just as nasty as its older brother, it seems, retaining the same espionage focus as the original Icefog campaign in that once in a victim’s system installs the malware, it is designed to communicate with Icefog C&C servers.

“The module writes a registry value to ensure [that] it is automatically started by Windows. It is worth noting that the module does not copy itself to that location,” continued the post.

“Next, it enters a loop where it keeps calling its main C&C function, with a delay of 1,000 milliseconds. The main loop contacts [a] well-known Icefog C&C server and interacts with it.”

The Kaspersky security experts said that evidence suggests a number of major US corporations involved in critical infrastructure might have fallen victim to the new Javafog variant during the sinkhole operation, and listed 72 different C&C servers, “of which we managed to sinkhole 27,” Kaspersky added.

This was achieved by correlating registration information for the different domains used by the malware samples.

“During the sinkholing operation, we observed eight IPs for three unique victims of Javafog, all of them in the United States. Based on the IP address, one of the victims was identified as a very large American independent oil and gas corporation, with operations in many other countries,” Kaspersky said.

The team said that the Javafog malware is far harder to track than the original Icefog attacks.

“The truth is that even at the time of writing, detection for Javafog is extremely poor (three out of 47 on Virustotal). Java malware is not as popular as Windows Preinstallation Environment (PE) malware, and can be harder to spot,” read the post.

Security firm Trusteer advised that to prevent Java exploits and malware-based infiltrations, it is important to restrict execution to only known trusted Java files.

“Since organisations struggle to manage and maintain a complete list of all known trusted files, they should at least restrict execution to files that have been signed by trusted vendors, or downloaded from trusted domains,” Trusteer warned.



Cryptolocker Infects 250K Systems

December 24, 2013 by  
Filed under Computing

DELL’s security research team has revealed that a new form of ransomware, dubbed “Cryptolocker” has managed to infect up to 250,000 devices, stealing almost a million dollars in Bitcoins.

“Based on the presented evidence, researchers estimate that 200,000 to 250,000 systems were infected globally in the first 100 days of the CryptoLocker threat,” Dell announced in a Secureworks post.

The firm worked out that if the Cryptolocker ransomware threat actors had sold its 1,216 total Bitcoins (BTC) that they collected from September this year, immediately upon receiving them, they would have earned nearly $380,000.

“If they elected to hold these ransoms, they would be worth nearly $980,000 as of this publication based on the current weighted price of $804/BTC,” Dell said.

Cryptolocker is unique when compared against your average ransomware. Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses third-party certified cryptography offered by Microsoft’s CryptoAPI.

“By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent,” Dell said.

Conventionally, ransomware prevents victims from using their computers normally and uses social engineering to convince them that failing to follow the malware authors’ instructions will lead to real-world consequences. These consequences, such as owing a fine or facing arrest and prosecution, are presented as being the result of a fabricated indiscretion such as pirating music or downloading illegal pornography.

“Victims of traditional forms of ransomware could ignore the demands and use security software to unlock the system and remove the offending malware,” Dell explained. “Cryptolocker changes this dynamic by aggressively encrypting files on the victim’s system and returning control of the files to the victim only after the ransom is paid.”

Dell said that the earliest samples of Cryptolocker appear to have been released on 5 September this year. However, details about its initial distribution phase are unclear.

“It appears the samples were downloaded from a compromised website located in the United States, either by a version of Cryptolocker that has not been analysed as of this publication, or by a custom downloader created by the same authors,” Dell added.

Dell seems to think that early versions of Cryptolocker were distributed through spam emails targeting business professionals as opposed to home internet users, with the lure often being a ‘consumer complaint’ against the email recipient or their organisation.

Attached to these emails would be a ZIP archive with a random alphabetical filename containing 13 to 17 characters, containing a single executable with the same filename as the ZIP archive but with an EXE extension, so keep your eye out for emails that fit this description.



Google To Incorporate User’s Info In New Display Advertising

October 14, 2013 by  
Filed under Uncategorized

Google Inc plans to roll out new product-endorsement ads incorporating photos, comments and names of its users, in a move to match the “social” ads pioneered by rival Facebook Inc that is raising some privacy concerns.

The changes, which Google announced in a revised terms of service policy on Friday, set the stage for Google to introduce “shared endorsements” ads on its sites as well as millions of other websites that are part of Google’s display advertising network.

The new types of ads would use personal information of the members of Google+, the social network launched by the company in 2011.

If a Google+ user has publicly endorsed a particular brand or product by clicking on the +1 button, that person’s image might appear in an ad. Reviews and ratings of restaurants or music that Google+ users share on other Google services, such as in the Google Play online store, would also become fair game for advertisers.

The ads are similar to the social ads on Facebook, the world’s No. 1 social network, which has 1.15 billion users.

Those ads are attractive to marketers, but they unfairly commercialize Internet users’ images, said Marc Rotenberg, the director of online privacy group EPIC.

“It’s a huge privacy problem,” said Rotenberg. He said the U.S. Federal Trade Commission should review the policy change to determine whether it violates a 2011 consent order Google entered into which prohibits the company from retroactively changing users’ privacy settings.

Users under 18 will be exempt from the ads and Google+ users will have the ability to opt out. But Rotenberg said users “shouldn’t have to go back and restore their privacy defaults every time Google makes a change.”

Information Google+ users have previously shared with a limited “circle” of friends will remain viewable only to that group, as will any shared endorsement ads that incorporate the information, Google said in a posting on its website explaining the new terms of service.

Google, which makes the vast majority of its revenue from advertising, operates the world’s most popular Web search engine as well as other online services such as maps, email and video website YouTube.

The revised terms of service are the latest policy change by Google to raise privacy concerns. Last month, French regulators said they would begin a process to sanction Google for a 2012 change to its policy that allowed the company to combine data collected on individual users across its services, including YouTube, Gmail and social network Google+. Google has said its privacy policy respects European law and is intended to create better services for its users.

Google’s latest terms of service change will go live on November 11.


Click Fraud May Have Met Its Match With ‘Viceroi’ Program

September 27, 2013 by  
Filed under Around The Net

A group of researchers have developed an algorithm they say could assist advertising networks to better detect fraudulent clicks.

Fraudsters have developed sophisticated ways to perpetrate click fraud, which involves using various methods to generate fake clicks on advertisements, defrauding advertisers. Digital marketing revenues are rapidly growing and exceeded $36 billion in 2012 in the U.S., according to the Interactive Advertising Bureau.

Advertising networks are secretive about the technologies they use to stop click spam. Often, it involves filtering out attacks, such as if thousands of clicks on an advertisement are coming from a single IP address. But defensive moves still miss attacks, wasting advertisers’ money.

The researchers’ algorithm, called Viceroi, is free and can be used by advertising networks. Viceroi looks for publishers who have abnormally high per-user revenues, which may be an indication of fraud. For their experiment, Viceroi was tested with a major ad network, flagging several hundred publishers as suspects out of tens of thousands, according to their research paper.

Vacha Dave, a post-doctoral researcher at the University of California at San Diego and co-author of the paper, said in interview Thursday that per-user revenue rates at some publishers were way higher than those collected by Google or Microsoft.

Viceroi works because of the economics of click spam. In one variation of the fraud, a click spammer may pay someone else a per-install fee to distribute a dodgy search toolbar designed to direct people to their advertisements.

The toolbar’s search results page is stuffed with advertisements since the click spammer wants to exploit the user as much as possible before the tool is uninstalled. But the rising per-user revenue on a publisher’s site would be spotted by Viceroi.

To beat Viceroi, the “click spammers must reduce their per-user revenue to that of an ethical publisher. At which point, without the economic incentive to offset the risk of getting caught, the net effect is a disincentive to commit click spam,” the paper said.

Not all publishers are necessarily at fault if they have abnormally high per-user revenues. There is a lot of traffic brokering on the Internet, and it is often hard to tell where user traffic originated from, said Saikat Guha of Microsoft Research India, who co-authored the paper. Advertising networks learn from Viceroi which publishers to investigate.

“Some of the publishers are definitely being take advantage of,” Guha said. “Our job is to help them find the bad traffic.”


Ransomware Peddlers Make Millions From Porn-shaming Scams

November 12, 2012 by  
Filed under Around The Net

Ransomware is a growth industry that places at least $5 million annually into cybercriminals’ pockets, according to Symantec.

“If you look at the nature of the beast, it really puts the screws to you,” said Kevin Haley, director of Symantec’s security response team, in an interview yesterday. “We see so many gangs moving to ransomware, looking for new angles, new versions [of the malware], that we’re going to see a lot of this in the future.”

“Ransomware” is a long-standing label for malware that once on a personal computer cripples the machine or encrypts its files, then displays a message — the ransom note — that demands payment to restore control to the owner.

“It’s an extortion racket,” Symantec said in a white paper on the topic published Thursday.

The criminal strategy has been in play for at least a half-dozen years, but until relatively recently, was rare, ineffective and focused on Eastern European victims.

That’s changed, said Haley, who ticked off a whole host of improvements to the scam, ranging from a more reliable payment mechanism and stronger encryption to completely locking up the PC and thwarting repairs by shaming the victim with on-screen pornography.

They’ve also expanded their hunting territory. “It began in 2011, when they started to move out of Eastern Europe, to Germany and the U.K., then began to move westward to the U.S,” said Haley. From the first to the third quarters of 2012, for example, Symantec tracked a significant uptick in ransomware infections in the U.S.

Today’s ransomware displays a message claiming that because the user browsed to illegal pornographic websites, the computer had been locked and a fine must be paid to regain control. The “fines” range between ¬50 and ¬100 in Europe, and are usually around $200 in the U.S.

Symantec was able to estimate what criminals earn from ransomware after uncovering a command-and-control (C&C) server used by one family of the malware.

The ransom note demanded $200 from each victim, putting $33,600 in the criminals’ pockets. Extrapolating the 68,000 infections over the course of a month put the total at nearly $400,000.

Because the ransomware infects PCs using advertisements on compromised adult websites, Symantec recommended that users refrain from clicking on such ads, and to keep Windows, Java, Flash, Adobe Reader and Windows updated with the most recent patches.


Facebook Adds A Feature That Allows Editing Of Regrettable Posts

June 25, 2012 by  
Filed under Around The Net

Have you ever posted something on Facebook and immediately felt that it was a mistake?

The world’s largest social network said late last week that it is introducing out an editing feature that will let you fix those regrettable posts.

Previously, users who posted something they immediately regretted — either because they wish they had said it differently, misspelled a word or simply thought of a funnier way to say it – had to delete the comment and start over.

Now Facebook is allowing users to click the “delete” button within several seconds of posting a comment and they’ll be given the option of editing the text.

However, if someone comments on your post first, you’re out of luck. You can’t edit after someone has commented.

Zeus Kerravala, an analyst with ZK Research, said the new feature may seem small, but it will be helpful to a lot of people.

“People react too quickly and post things without thinking,” he said. “This lets people do that, but then think about it and change it. It’s about being able to self-edit.”

Kerravala is one of the lucky few who says he’s never posted something he regretted. He said he sticks to one simple rule.

“The rule of thumb is that if you don’t want your mom, spouse or boss to read it, don’t post it,” he said. “The problem is that I’d say 90% of people don’t follow that rule of thumb.”

However, users should keep in mind that there also is an Edit History feature, so snooping friends could check to see what changes you made to your post.