Notorious malware kjw0rm and Sir DoOoM have been uncovered in a hacker forum as evolved versions, developed with advanced functionality, according to researchers at Trend Micro.
A threat response engineer at Trend Micro, Michael Marcos, said that he uncovered the malware while examining the Arabic language on a bogus “computer enthusiast site”, called dev-point.com forum.
“One of the notable topics in the forum talked about new malware ‘kjw0rm’ and a worm named ‘Sir DoOom’, which both came about after the release of the Njw0rm malware source code in the same forum,” he explained.
The Njw0rm’s source code was leaked in May 2013. The evolved kjw0rm is currently available in two versions, both of which have advanced infiltration and infection mechanisms.
The first Kjw0rm V2.0 appeared initially on the forum in January 2014, while the updated 0.5X version and new Sir DoOoM malware followed in December.
The V2.0 malware is the most basic of the three and reportedly hides itself in bogus files within infected systems.
“The propagation method of this malware targets all folders in the root directory of the removable drive,” read the advisory.
V0.5X follows a developed version of the same tactic, and Sir DoOoM adds an anti-virtual machine capability.
“[V0.5X] obfuscated some portions of the malware code. The malware author utilises an obfuscator tool that converts characters to hex values, adds filler functions, and performs computations that make analysis more difficult and time-consuming,” explained Marcos.
“[Sir DoOoM] also has an anti-virtual machine routine. It first searches for a list of the installed programs in the affected computer.
“If this variant found itself in a computer where a virtual machine program is installed, it will uninstall and terminate itself from the affected system. This prevents analysts testing to determine malware behaviour.”
Trend Micro senior engineer Bharat Mistry told V3 that the variants are dangerous as they add several advanced functions.
“Previous versions were there mainly for password stealing from browsers. As the malware has evolved, after the initial infections it now has the ability to download and execute Visual Basic code [VBS],” he said.
“VBS is a powerful coding language and can be used to interact directly with the operating system on the infected device.
“Also it now has the ability to recognise if it is being used in a security testing environment known as a sandbox by looking for the presence of a virtual machine.
“Finally the replication has also advanced with the use of hidden files on removable storage devices such as USB sticks.”
He added that the new powers could be used to mount a variety of attacks.
“The malware can be used to perform a number of different functions, including download, installation and execution of additional files or tools to potentially gain administrator or privilege credentials,” he said.
“Once this is gained hackers then have the ability to move laterally in the organisation and start looking for crown jewels or simply advertise that a point of presence has been created in a organisation that could then be ‘rented’ out to perform attacks, such as DDoS.”
Kjw0rm and Sir DoOoM’s appearance follows the discovery of several evolved attack tools. These include the defence-dodging Skeleton Key malware and the advanced Cryptowall 3.0 ransomware.
Intel’s CEO Brian Krzanich has shrugged off rumors that Apple is about to switch to ARM in future Mac releases.
Of course the Tame Apple Press is declaring that this will mean the end of Intel as we know it. AppleInsider even ran a story claiming that Intel’s mobile was effectively destroyed by Apple’s Ax ARM Application Processors
After all only five or six percent of the world run on Apple Macs so the loss of Apple business would be annoying to Intel but no great problem.
Krzanich says the rumors of Apple switching to ARM are just that anyway and not likely.
“Apple is always going to choose the supplier who can provide the most amount of capability in innovation to build on. They’re a company based on innovation.”
Krzanich, who maintains that Intel needs to continue focusing on delivering parts that are better than its competitors.
But does Intel have anything to worry about? Well not really. Apple Macs are at the expensive end of the market and they need chips to match their price tag – well at least half of their price tag. ARM is still a long way from matching anything remotely like the what Intel shoves under the bonnet of Apple macs.
HP is about to put out two tablets later this year.
The names are expected to be the HP Pro Slate 10 EE G1 and HP Pro Tablet 10 EE G1 and they were found on the world wide wibble by Notebook Italia,.
Both tablets are powered by an Intel quad-core Bay Trail Atom Z3735F processor. Accompanying the processor package is 2GB of RAM, as well as 32GB of internal storage. Both the Pro Slate and Pro Tablet come with 10.1-inch displays, as well as 802.11n Wi-Fi, Bluetooth, and NFC.
The Pro Slate sticks with Android, while the Pro Tablet opts for Windows 8.1. The tablets mean they will each come with a stylus, but it would appear that the stylus is just a stand in for your finger, rather than doing anything useful.
Pro Slate will set you back $400.00 and Pro Tablet cost $499.
HP has yet to officially announce either device.
Mozilla is working on offering a version of the Firefox OS for wearables, and one of the top priorities is to break down barriers among smartwatches, smart glasses and other body-hugging devices based on Apple’s and Google’s operating systems.
The Firefox OS is already being used in low-cost smartphones, and will be used in 4K TVs released by Panasonic in 2015. Mozilla now wants to expand the OS to a wider range of devices, including wearables and home appliances, said Joe Cheng, manager of product and project management of the mobile devices group at Mozilla, in an interview on the sidelines of the CES conference.
It’s important to push the OS into more Web-connected devices and to provide a consistent user experience, Cheng said.
The goal for the Firefox OS is to provide an underlying operating system for all mobile devices, TVs, appliances and wearables to easily communicate and exchange information with each other, Cheng said.
For users, the Firefox OS would provide an alternative to wearables being developed based on Google’s Android Wear, or Apple’s iOS, which will run on the upcoming Apple Watch. Firefox OS is already being used in low-cost handsets, and a version of the wearable OS could be attractive to low-cost smartwatch makers in countries like China, who sell products for under $100.
Wearables like smartwatches are today considered secondary devices to mobile phones. Smartwatches can track fitness information and also display notifications, social networking updates and news feeds from handsets.
But there’s a problem — wearables with Android Wear can talk only with Android devices, and the upcoming Apple Watch is expected to exchange information only with the iPhone.
Mozilla wants to break that walled garden and make sure wearables with Firefox OS communicate with all devices, regardless of OS. The company is betting that its use of open-source technologies will make that possible.
“We want to break that single-brand barrier,” Cheng said.
Cheng didn’t provide a timeline for when the Firefox OS would reach wearables. The company, however, is talking with partners who may be interested in using the OS.
Apple is apparently having problems getting its partners to make 3-D transistors that go.
Drexel Hamilton’s chip analyst Rick Whittington [no really] made a comment that Intel might be getting ready to bail Apple out while he was having a chat about Micron. In passing, Whittington noted problems had by Taiwan Semiconductor and Samsung Electronics trying to produce 3-D transistors in any useful yield.
He noted that Intel has mastered 3-D transistors, and said that it would be very good for Intel if neither Samsung or TSM can do FinFET this next year; puts them in line to supply Apple’s internal foundry needs.
However he admitted that it was more that TSM/Samsung would operate FinFET under very low yield output and keep capacity tight.
Of course if Jobs’ Mob don’t want that they can always rush into the loving arms of Chipzilla – again. As happened with Saphire glass Apple has shown that it can dump a partner quickly if it does not move fast enough.
The U.S. Federal Communications Commission will render a decision on whether to establish rules regarding hotels’ ability to block personal Wi-Fi hotspots inside their buildings, a practice that recently earned Marriott International a $600,000 fine.
In August, Marriott, business partner Ryman Hospitality Properties and trade group the American Hotel and Lodging Association asked the FCC to clarify when hotels can block outside Wi-Fi hotspots in order to protect their internal Wi-Fi services.
In that petition, the hotel group asked the agency to “declare that the operator of a Wi-Fi network does not violate [U.S. law] by using FCC-authorized equipment to monitor and mitigate threats to the security and reliability of its network,” even when taking action causes interference to mobile devices.
The comment period for the petition ended Friday, so now it’s up to the FCC to either agree to Marriott’s petition or disregard it.
However, the FCC did act in October, slapping Marriott with the fine after customers complained about the practice. In their complaint, customers alleged that employees of Marriott’s Gaylord Opryland Hotel and Convention Center in Nashville used signal-blocking features of a Wi-Fi monitoring system to prevent customers from connecting to the Internet through their personal Wi-Fi hotspots. The hotel charged customers and exhibitors $250 to $1,000 per device to access Marriott’s Wi-Fi network.
During the comment period, several groups called for the agency to deny the hotel group’s petition.
The FCC made clear in October that blocking outside Wi-Fi hotspots is illegal, Google’s lawyers wrote in a comment. “While Google recognizes the importance of leaving operators flexibility to manage their own networks, this does not include intentionally blocking access to other commission-authorized networks, particularly where the purpose or effect of that interference is to drive traffic to the interfering operator’s own network,” they wrote.
Instead of requiring that users fill in the letters and numbers shown in a distorted image, sites that use Google’s reCAPTCHA service will be able to use just one click, answering a simple question: Are you a robot?
“reCAPTCHA protects the websites you love from spam and abuse,” wrote Vinay Shet, product manager for Google’s reCAPTCHA service, in a blog post. “For years, we’ve prompted users to confirm they aren’t robots by asking them to read distorted text and type it into a box… But, we figured it would be easier to just directly ask our users whether or not they are robots. So, we did! ”
Google on Wednesday began rolling out a new API that rethinks the reCAPTCHA experience.
CAPTCHA “can be hard to read and frustrating for people, particularly on mobile devices,” said Zeus Kerravala, an analyst with ZK Research. “People often have to put in the text several times. On the surface, this seems a good way to improve the user experience. It still requires human intervention, just something simpler.”
CAPTCHAs were created to foil computer programs that hackers or spammers use to troll for access to websites or to collect email addresses.
Google said CAPTCHAs are less useful than they have been, although they are still frustrating to everyday users.
“CAPTCHAs have long relied on the inability of robots to solve distorted text,’ wrote Shet. “However, our research recently showed that today’s artificial intelligence technology can solve even the most difficult variant of distorted text at 99.8% accuracy. Thus distorted text, on its own, is no longer a dependable test.”
The new API, along with Google’s ability to analyze a user’s actions — before, during, and after clicking on the reCAPTCHA box — let’s the new technology figure out if the user is human or not.
“The new API is the next step in this steady evolution,” Shet stated. “Now humans can just check the box and in most cases, they’re through the challenge.”
“Our goal is to deliver fantastic cross-platform apps that support the variety of email services people use today and help them accomplish more,” wrote Rajesh Jha, Microsoft corporate vice president for Outlook and Office 365, in a blog post announcing the purchase.
Over the past year, Microsoft has been extending its Office set of office productivity software and services so they can be accessed on non-Windows devices. The company has released Office apps for the iPad and iPhone, and is working on a version of Office for Android.
Founded in 2013, Acompli offers an iPhone and Android mobile e-mail client that streamlines many of the basic tasks around managing e-mail so they can be completed on the device itself, rather than by using a desktop client. Users have reported that the software works particularly well with Microsoft’s Exchange e-mail servers. Microsoft offers a basic version of Outlook for iPhones, though thus far it has seemingly garnered only a lukewarm response from users.
The free Acompli app offers advanced features such as the ability to view both calendar items and email side by side on the same screen. The calendar lets users email available times for proposed meetings and send a message when they are running late.
Microsoft plans to pair the Acompli development team with the team for its own Outlook e-mail client.
Terms of the deal were not disclosed, though tech website Re/Code reported that the acquisition was worth more than $200 million.
Films bought on Vudu will be integrated with the Disney Movies Anywhere service starting on Tuesday, Jamie Voris, Disney Studios’ chief technology officer, said at an event where the company highlighted mobile initiatives.
Disney is building the service as studios try to steer movie fans to digital purchases while sales of DVDs decline.
The media company launched Disney Movies Anywhere in February with Apple Inc’s iTunes, and this month partnered with the Google Play online store. Customers can buy more than 400 Disney, Pixar and Marvel movies through those retailers and watch them on a variety of Internet-connected TVs, computers and mobile devices.
The addition of Vudu comes on the same day that Disney releases a sing-along version of animated blockbuster “Frozen” and digital versions of the Marvel hit “Guardians of the Galaxy.”
TSMC has announced that it will begin volume production of 16nm FinFET products in the second half of 2015, in late Q2 or early Q3.
For consumers, this means products based on TSMC 16nm FinFET silicon should appear in late 2015 and early 2016. The first TSMC 16nm FinFET product was announced a few weeks ago.
TSMC executive CC Wei said sales of 16nm FinFET products should account for 7-9% of the foundry’s total revenue in Q4 2015. The company already has more than 60 clients lined up for the new process and it expects 16nm FinFET to be its fastest growing process ever.
Although TSMC is not talking about the actual clients, we already know the roster looks like the who’s who of tech, with Qualcomm, AMD, Nvidia and Apple on board.
This also means the 20nm node will have a limited shelf life. The first 20nm products are rolling out as we speak, but the transition is slow and if TSMC sticks to its schedule, 20nm will be its top node for roughly a year, giving it much less time on top than earlier 28nm and 40nm nodes.
The road to 10nm
TSMC’s 16nm FinFET, or 16FinFET, is just part of the story. The company hopes to tape out the first 10nm products in 2015, but there is no clear timeframe yet.
Volume production of 10nm products is slated for 2016, most likely late 2016. As transitions speed up, TSMC capex will go up. The company expects to invest more than $10bn in 2015, up from $9.6bn this year.
TSMC expects global smartphone shipments to reach 1.5bn units next year, up 19 percent year-on-year. Needless to say, TSMC silicon will power the majority of them.
The feature, part of the Google+ Helpouts online collaboration video service that launched a year ago, allows healthcare workers to share expertise through live video and provide real-time advice from their computers or mobile devices.
“When you’re searching for basic health information — from conditions like insomnia or food poisoning — our goal is provide you with the most helpful information available. We’re trying this new feature to see if it’s useful to people,” a Google spokesperson said in an email response to Computerworld.
The new Helpouts feature offers a link to a video service that a physician or other healthcare worker has established for advising patients who’ve used a particular search query, such as “congestive heart failure” or “shoulder injury.”
Video chat services and other forms of remote communications with healthcare workers have increased 400% from 2012 levels.
This year in the U.S. and Canada, 75 million out of 600 million appointments with general practitioners will involve electronic visits, or eVisits, according to new research from Deloitte.
With an aging Baby Boomer population and broadband bandwidth improved a hundredfold from a decade ago, telemedicine is exploding as a convenient and less costly alternative to the traditional visit to the doctors’ office.
Kaspersky has revealed that it is working with Interpol in attempting to foil a gang of cash machine (ATM) hackers who have found a way to make it spit out its contents without even using a card.
The hack is incredibly carefully thought out. Hackers gain access to cash machines, through mole employees or perhaps cleaners, and add the malicious code, named Tyupkin by Kaspersky. The cash machine continues to function as normal.
The malware is triggered only at set times – Sunday and Monday nights – thus avoiding being accidentally triggered by a member of the public.
At that time, the mule is sent to the machine and types in a series of digits unique to that raid based on an algorithm known to the gang.
He then makes a second call to the gang who generate the second half of the code from their end, thus ensuring that the mule isn’t tempted to swan off with the dough.
At that point, it’s Winsday. The machine will display how much is in each cash compartment and willingly spits it out to the waiting mule who goes back to distribute the swag.
“Offenders are constantly identifying new ways to evolve their methodologies to commit crimes, and it is essential that we keep law enforcement in our member countries involved and informed about current trends and modus operandi,” said Sanjay Virmani, director of the Interpol Digital Crime Centre.
“We strongly advise banks to review the physical security of their ATMs and network infrastructure and consider investing in quality security solutions,” added Vicente Diaz, principal security researcher at Kaspersky Lab’s Global Research and Analysis Team, who, coincidentally, knows a company that can offer those solutions. Fancy.
Among the recommendations Kaspersky offers is a reminder to switch away from default passwords for systems including the system BIOS for each cash machine.
In June of this year, two Canadian teenagers showed how they had broken into an in-store ATM simply by downloading the instructions from the internet and using unchanged default passwords.
Malware for ATMs first came to the fore in 2008 when two Louisiana criminals reconfigured a cash machine to make it believe that it had smaller denomination bills than it really did.
TSMC’s 16nm FinFET process (16FinFET or 16FF) is now in risk production. The companies collaborated to optimise ARM’s 64-bit ARMv8 processors designs for the new node.
The designs are now being optimised for TSMC’s improved 16FF+ process, which promises to deliver a 11% performance gain in the same power envelope for the A57 and a 35% reduction for the A53. The companies hope to finalise their work on 16FF+ optimisation by the end of the year.
The initial results for the first generation 16FF process are encouraging. The big Cortex A57 core manufactured in 16FF can achieve a sustained clock of 2.3GHz. It is backed by Cortex A53 cores running at the same clock and consuming an average of 75mW for most workloads.
Pete Hutton, executive VP and president of ARM product groups, said the joint effort will eventually transform end-user experiences across the next generation of consumer devices and enterprise hardware.
“This silicon proof point with ARM Cortex-A57 and Cortex-A53 processors demonstrates the additional benefits in performance and power efficiency that 16nm FinFET technology delivers to big.LITTLE implementations,” said Hutton.
Cliff Hou, VP of R&D at TSMC, said the company is proud to be the first foundry to validate an ARM big.LITTLE chip on 16nm technology. He said the collaboration with ARM will continue and the companies will strive to deliver market-leading SoCs for mobiles, servers and infrastructure applications using new nodes.
The vulnerability means that on the surface, it looks like the popups and advertisements are coming from the websites users are visiting, when they are actually coming from the fake Evernote web extension.
Researchers at the company discovered the vulnerability in a “multi-plug .PUP” file, which installs the fake Evernote browser extension.
A PUP file is one that has the .pup file extension and is most commonly associated with the Puppy Linux operating system. PUP files run when an installer program is opened on the user’s computer and they are similar to the installer.exe files that are used with Windows applications.
“A quick look shows the PUP is digitally signed by ‘Open Source Developer, Sergei Ivanovich Drozdov’, although the certificate has since been revoked by the Issuer. This serves as another reminder that you can’t always trust a program just because it’s digitally signed,” said Malwarebytes malware intelligence analyst Joshua Cannell.
“Clicking ‘Visit website’ directs the user to the Chrome webstore page for the actual Evernote Web extension,” Cannell added. “Chrome believes the real extension is installed, as verified by the Launch App button. When clicking this button with the fake extension installed, nothing happens, whereas normally the user is met with an Evernote login screen.”
Cannell explained that this is because the extension uses a content script to run in the context of the webpages a user browses.
“The content script is guaranteed to be loaded into every web page using the extension manifest (manifest.json). When visiting webpages, you’ll get a series of annoying advertisements, all leading to potentially more unwanted programs and offers,” he added.
To remove the extension, Chrome users need to visit the extensions tab in the browser and click the picture of a garbage can.
Evernote hit the headlines for its security concerns last year when it emerged that its network had been compromised by hackers.
The online note-taking service issued a password reset for all users after the discovery. It said that it “discovered and blocked” suspicious activity on its network, but claimed that no user data was compromised during the intrusion.
“In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost,” Evernote said.
Chip-equipment maker Applied Materials has surprised most of the cocaine nose jobs of Wall Street with a better-than-expected third-quarter profit. It appears that contract manufacturers are spending more on technology used to make smartphone and memory chips.
The company also forecast current-quarter adjusted profit largely above analysts’ average estimate. Chief Executive Gary Dickerson said that demand for DRAM chips is expected to grow in the current quarter.
Applied Materials, which also provides equipment to make flat panel displays and solar cells, forecast an adjusted profit of 25-29 cents per share for the fourth quarter. Wall Street was expecting a profit of 26 cents per share.
Applied Materials expects revenue growth of about 10 to 17 percent, implying revenue of $2.19 billion to $2.33 billion for the quarter. Analysts on average were expecting $2.28 billion. Applied Materials’ net income rose to $301 millionin the third quarter ended July 27, from $168 milliona year earlier. Revenue rose 14.7 percent to $2.27 billion.
Revenue in the company’s silicon systems business, which brings in about two-thirds of total sales, rose 16 percent to $1.48 billion.