Subscribe to:

Subscribe to :: TheGuruReview.net ::

Microsoft’s Edge Browsers Appears To Be The Best At Thwarting Malware

October 19, 2017 by  
Filed under Around The Net

Microsoft’s Edge easily beat rival browsers from Google and Mozilla in third party tests of the behind the scenes services which power anti-malware warnings and malicious website-blocking.

NSS Labs said Windows 10’s default browser is better at blocking phishing and socially-engineered malware attacks than Google Chrome or Mozilla Firefox.

The outfit said Edge automatically blocked 92 percent of all in-browser credential phishing attempts and stymied all socially-engineered malware (SEM) attacks.

The latter encompassed a wide range of attacks, but their common characteristic was that they tried to trick users into downloading malicious code.

The tactics that SEM attackers deploy include links from social media, such as Facebook and Twitter, and bogus in-browser notifications of computer infections or other problems.

Edge decisively bested Chrome and Firefox by decisive margins. Chrome blocked 74 percent of all phishing attacks, and 88 percent of SEM attacks.

Meanwhile, Firefox came in third in both tests, stopping just 61 percent of the phishing attacks and 70 percent of all SEM attempts.

Chrome and Mozilla’s Firefox rely on the Safe Browsing API, but historically Mozilla’s implementation has performed poorly compared to Google’s.

Edge also took top prize in blocking attacks from the get-go. In NSS’s SEM attack testing the Voleware stopped every attempt from the first moments a new attack was detected. Chrome halted 75 percent and Firefox halted 54 percent of the brand new attacks

The researchers spent three weeks continuously monitoring the browsers on Windows 10 computers.

Courtesy-Fud

Apple Close To Deal With Steven Spielberg For ‘Amazing Stories’

October 12, 2017 by  
Filed under Consumer Electronics

Apple Inc is putting the final touches on a deal to make 10 new episodes of Steven Spielberg’s 1980s science fiction anthology series “Amazing Stories,” landing a premiere Hollywood talent for its plunge into original TV programming, a source with knowledge of the discussions said.

The series would be produced for Apple by Spielberg’s Amblin Television and Comcast Corp’s NBCUniversal television production unit. “Amazing Stories” originally ran on the NBC broadcast network.

“We love being at the forefront of Apple’s investment in scripted programming,” NBC Entertainment President Jennifer Salke said in a statement about the show’s planned revival.

An Apple spokeswoman declined to comment. Amblin did not immediately respond to requests for comment.

The deal is the first to be made public since Apple hired veteran Sony executives Jamie Erlicht and Zack Van Amburg in June to expand the iPhone maker’s push into original programming, a field crowded with streaming services and traditional networks.

It is unclear how people will be able to watch “Amazing Stories” or when it will debut. Apple has not divulged if it will put its own TV series in the iTunes Store, where it sells shows made by other companies, or on another platform.

The deal with Spielberg fits with a strategy Apple executives have outlined in meetings with Hollywood executives. Apple has emphasized in the discussions that it wants prestigious programming and to work with A-list actors, producers and writers, according to sources with knowledge of Apple’s plans.

The company already has placed bids on other projects, including for a comedy series about morning television starring Jennifer Aniston and Reese Witherspoon, sources said.

“They are looking for really high-end premium stuff they feel is creatively in line with the Apple brand,” one source said of Apple’s strategy.

The technology company is competing with several established players that have hooked big name stars, such as Netflix Inc and Time Warner Inc’s HBO, plus newer entrants like Facebook Inc FB.N.

 Apple has committed $1 billion to start its programming push, the sources said. Netflix, by comparison, says it will spend up to $7 billion on content next year.

The budget for “Amazing Stories” will be more than $5 million per episode, according to The Wall Street Journal, which first reported that Apple had reached a deal for the series.

Netflix Acquires Comics Publisher Millarworld

August 9, 2017 by  
Filed under Around The Net

Netflix Inc has announced that it has purchased comics publisher Millarworld, bringing on board renowned comic book writer Mark Millar and a host of character franchises it can mine for TV shows and movies.

It is the first acquisition by Netflix, the 20-year-old streaming-video pioneer that is building a library of original series and films in a bid to hook new customers around the world.

Two of Millarworld’s best-known comics, “Kick-Ass” and “Kingsman,” are not part of the deal, whose terms Netflix did not disclose.

The purchase of a character stable mimics the strategy of Walt Disney Co. Disney bought Marvel Studios in 2009 and has churned out blockbuster movies, TV series and toys based on its superheroes. Some Marvel shows run on Netflix.

Mark Millar, a Scottish writer and former Marvel employee, runs Millarworld with his wife, Lucy.

Three of Millarworld’s franchises – “Wanted,” “Kick-Ass” and “Kingsman” — have been adapted into films that have taken in nearly $913 million combined at global box offices.

Although “Kick-Ass” and “Kingsman” are not part of the deal, it does bring Netflix a range of other franchises across genres from science fiction to fantasy, plus superheroes and real-world characters.

“Mark is as close as you can get to a modern-day Stan Lee,” Netflix’s chief content officer, Ted Sarandos, said in a statement, referring to the 94-year-old creator of comic book franchises such as “Spider-Man,” “Avengers” and “X-Men.”

Security Researcher Develops Method To Test For NSA Spying

April 24, 2017 by  
Filed under Around The Net

Wondering lately if your PC has  been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that will find out.

Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the National Security Agency. It’s designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.

The script, which requires some programming skill to use, is available for download on GitHub.

Some security researchers have used Jennings’s script to scan the internet for machines infected with the implant. Their results have varied widely, showing between 30,000 and 100,000 computers with the code on them.

Below0Day, a penetration testing company, has tweeted graphs showing which countries are most affected. The U.S. sits at the top, with 11,000 machines.

Several other countries, including U.K., Taiwan and Germany, have more than 1,500 machines infected.

It’s not clear when these machines were infected with the implant, Jennings said. However, the suspected NSA exploits that deliver Doublepulsar were leaked a week ago, at which point anyone with some hacking skills could start using them.

Security experts are worried that cybercriminals or foreign governments might take the leaked exploits and attack vulnerable machines over the internet. They say computers with older or unpatched Windows systems are particularly at risk. Rebooting a system will remove the implant, but not necessarily any malware associated with it.

Jennings said he developed his script by analyzing how the Doublepulsar implant communicated over the internet to its control server. However, his original intention was to help businesses identify the implant over their networks, not to scan the entire internet for the implant.

“There’s been a lot of discussion on Twitter,” he said. “People are wondering if maybe the script is incorrect, because they are surprised by the number of systems infected.”

However, not one has presented evidence that his computer script is wrong, Jennings said.

“There’s probably a group out there, or many out there, using these exploits to compromise vulnerable machines,” he said.

Older Windows Server systems, especially those running without a firewall, are considered easy to hack with the exploits. Thousands of these machines around the internet appear to be exposed.

Dan Tentler, CEO of security provider Phobos Group, has been looking at the accuracy of the script. He’s already done manual checks on 50 machines that were flagged as infected, and all 50 of them were.

“Usually if you check that many, and the scripting is bad, you would expect to find a handful that were false positives,” he said. “But I’ve found zero false positives.”

It’ll take more time for security researchers to vet the accuracy of the Doublepulsar search results. But Tentler recommends system operators take steps to prevent infection from the recently leaked malware.

Users should install all available patches on their Windows system, he says. Past patches from Microsoft will address the danger, but older operating systems like Windows XP and Windows Server 2003 no longer receive support from the company.

Users can consider upgrading the system to a newer OS. They can also run antivirus products like Windows Defender to help them root out any malware.

Malware Distributors Try Less Suspicious File Types For Distribution

February 8, 2017 by  
Filed under Computing

After almost exclusively using JavaScript email attachments to distribute malware for the past year, attackers are now turning towards less suspicious file types to trick users.

Last week, researchers from the Microsoft Malware Protection Center warned about a new wave of spam emails that carried malicious .LNK files inside ZIP archives. Those files had malicious PowerShell scripts attached to them.

PowerShell is a scripting language for automating Windows system administration tasks. It has been abused to download malware in the past and there are even malware programs written entirely in PowerShell.

In the recent campaign seen by Microsoft, the malicious LNK files contained a PowerShell script that downloaded and installed the Kovter click fraud trojan. The same technique has been used in the past to distribute the Locky ransomware.

On Thursday researchers from Intel Security warned that PowerShell can also be used in so-called fileless attacks, where the malicious code is launched directly into memory and nothing is saved to disk for endpoint security products to detect.

“You may think that you are protected from fileless malware because your PowerShell execution policies are set to ‘Restricted’ so that scripts can’t run,” the Intel Security researchers said in a blog post. “However, attackers can easily bypass these policies.”

Another file type used to distribute malware in recent months has been SVG (Scalable Vector Graphics). While many people correctly associate .SVG files with images, it’s a little-known fact that such files can actually contain JavaScript.

Attackers have been using SVG files to execute obfuscated JavaScript when users open what they believe to be images inside their browsers. These obfuscated scripts are used to launch malicious file downloads, incident responders from the SANS Internet Storm Center warned in a recent report.

Google plans to block JavaScript file attachments in Gmail starting February 13, regardless of whether they’re attached directly or within archive files like ZIP. Such restrictions from email providers will likely force cybercriminals to find alternative file formats that allow hiding malicious code.

Banning LNK or JS file attachments is easy, because it’s rare for people to send such files via email. However, banning SVG might prove impractical since it’s a widely used image format.

Was Android The Most Insecure OS Last Year?

January 5, 2017 by  
Filed under Computing

While people might mock Microsoft’s security, it would appear that the least most secure operating systems this year were Android, Debian and Ubuntu.

To be fair, its method of assessing the security of operating systems is somewhat bunk. It sets a figure based on the number of vulnerabilities found rather than the importance of those vulnerabilities or whether someone fixed them quickly. You know that there is something wrong when the fruity cargo cult Apple ranks rather low in the list when its “three wise monkey” approach to security vulnerabilities is legendary.

However, the figures should wipe the smug smile off the faces of those open saucers who claim that Linux and all who sail in her are much better than iOS or Windows.

Courtesy-Fud

IRS Says Hackers Tax Filers E-Filing PIN Numbers In Latest Attack

February 11, 2016 by  
Filed under Around The Net

The Internal Revenue Service was the target of an illegal network intrusion that used stolen Social Security numbers and other taxpayer data to obtain PINs that can be used to file tax returns electronically.

The attack occurred in January and targeted an IRS Web application that taxpayers use to obtain their so-called Electronic Filing (E-file) PINs. The app requires taxpayer information such as name, Social Security number, date of birth and full address.

Attackers attempted to obtain E-file PINs corresponding to 464,000 unique SSNs using an automated bot, and did so successfully for 101,000 SSNs before the IRS blocked it.

The personal taxpayer data used during the attack was not obtained from the IRS, but was stolen elsewhere, the agency said in a statement. The IRS is notifying affected taxpayers via mail and will monitor their accounts to protect them from tax-related identity theft.

While the IRS said that externally acquired taxpayer data was used, the agency did suffer a security breach last year that allowed attackers to gain information such as Social Security information, date of birth and street address for over 300,000 taxpayers.

That attack involved the IRS’ “Get Transcript” application and in that case, too, the agency said that attackers were able to pass the app’s verification steps using information acquired from an external source.

Given the sheer amount of personal data that’s now in the hands of cybercriminals, it’s likely that some of them will try to monetize it and one possible method is by filing fraudulent tax returns.

 

 

ARM And Nokia Want To Update The TCP/IP Stack

December 16, 2015 by  
Filed under Computing

Nokia and ARM want to spruce up the TCP/IP stack to make it better suited to networks that need to operate at high speed and/or low latency.

Legacy TCP/IP is seen as one of the slowing points for a lot of future IT – particularly 5G.  LTE was IP-based but it was hell on toast getting it to go and as networks get faster and more virtualised, the TCP/IP stack is failing to keep up.

At the moment Nokia and ARM are using 5G to drive other companies into looking at a
fully revamped TCP/IP stack, optimized for the massively varied use cases of the next mobile generation, for cloud services, and for virtualization and software-defined networking (SDN).

Dubbed the OpenFastPath (OFP) Foundation, founded by Nokia Networks, ARM and industrial IT services player Enea. The cunning plan is to create an open source TCP/IP stack which can accelerate the move towards SDN in carrier and enterprise networks.

AMD, Cavium, Freescale, HPE and the ARM-associated open source initiative, Linaro are all on board with it.

The cunning plan is to create open but secure network applications, which harness IP packet processing. Some want very high throughput, others ultra-low latency others want both and it is probably going to require a flexible standard to make it all go

The standard would support faster packet forwarding, via low IP latency combined with high capacity, and so reduce deployment and management costs by making networks more efficient.

This appears to be based around getting TCP/IP out of the kernel and using them for packet processing involves a number of operations (moving packets into memory, then to the kernel, then back out to the interface) which could be streamlined to reduce latency.

Courtesy-Fud

 

Mozilla’s Firefox Coming To iPhone

April 21, 2015 by  
Filed under Mobile

Mozilla will offer Firefox for Apple’s iPhone “soon,” according to a company announcement of an open marketing position.

As the senior mobile marketing manager, the candidate will “lead marketing for Firefox on both Android and iOS,” the listing stated, adding that “a new Firefox for iOS application [will be] arriving soon.”

Mozilla, which had previously staunchly declined to create a version of its iconic browser for iOS, changed its tune last December, when a company manager said that the open-source developer would “get Firefox on iOS.”

Although Mozilla confirmed that it was working on Firefox for iOS, at the time it gave no hint of a timeline. “We are in the early stages of experimenting with something that allows iOS users to be able to choose a Firefox-like experience,” Mozilla said in a Dec. 2 blog.

The phrase “Firefox-like experience” was crucial: Apple allows only those browsers into the App Store that are built atop its own rendering and JavaScript engines, WebKit and Nitro, which power Safari. Mozilla relies on its own technologies for both. Firefox on iOS, then, will be a user interface (UI) layer atop WebKit and Nitro.

Mozilla’s Github repository for iOS Firefox confirmed that.

The reasons for Mozilla’s renewed interest in iOS likely stemmed from Firefox’s decline in browser user share. Over the last 12 months, Firefox has shed 31% of its desktop user share by metrics vendors’ Net Applications count, and now has less than half the share of Google’s Chrome.

Mozilla has put its shoulder behind other mobile initiatives. But Firefox OS, an open-source mobile operating system based on the browser, has not yet gained significant traction and its Firefox browser for Android hasn’t moved the needle. According to Net Applications, Firefox’s usage share on mobile was just 0.7% last month, or about one sixty-sixth that of Safari.

 

 

 

DoS Bug Found In Android

January 29, 2015 by  
Filed under Mobile

Security researchers have discovered a bug in the Android WiFi Direct feature that could allow hackers to launch denial-of-service (DoS) attacks on Android devices.

WiFi Direct allows Android devices to connect to one another directly without needing a third-party device like a wireless router. The feature runs as standard in most Android smartphones today.

The guys at Core Security found the vulnerability, dubbed CVE-2014-0997, and said that a number of Android smartphones are vulnerable and can be affected by a DoS attack when scanning for WiFi Direct-capable devices.

An attacker could implement the DoS attack by sending a specially crafted 802.11 probe response frame “causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class”, said Core Security.

“On some Android devices processing a probe response frame with a WiFi-Direct (P2P) information element that contains a device name attribute with specific bytes generates a malformed supplicant event string that ends up throwing the IllegalArgumentException. As this exception is not handled the Android system restarts.”

In laymen’s terms, the attacker could essentially reboot an Android device remotely, knocking it off the wireless connection.

Devices currently affected by the bug include the Nexus 5 and Nexus 4 running Android version 4.4.4, the LG D806 and the Samsung SM-T310 running Android 4.2.2, and the Motorola RAZR HD running Android 4.1.2.

Core Security said that other devices could also be affected. Android 5.0 Lollipop is not vulnerable to the exploit, so the firm suggests that Android users should update to the latest version where possible.

Courtesy-TheInq

Amazon Acquires Rooftop Media, Expands Digital Content

October 29, 2014 by  
Filed under Around The Net

Amazon.com Inc is set to acquire online comedy service Rooftop Media, a small deal that underscores the Internet retailer’s broader ambition of becoming a media and entertainment powerhouse.

Amazon is persisting in buying content to round out its service, with designs to take on Netflix Inc and other online digital media services. But that increasing spending has helped keep the company in the red, inviting criticism from investors.

Audible, the audiobooks service it bought in 2008 for $300 million, is picking up the 10-person company for an undisclosed sum. Audible founder and Chief Executive Donald Katz said in a statement on Monday the company had been attracted by Rooftop’s content as well as its pool of comic talent.

Rooftop records comedians at clubs across the country and licenses the digital rights to thousands of hours of comedy, which is broadcast either live or later on demand. The company’s media partners include Apple Inc and Yahoo, and it also works with streaming services such as Sirius XM,  Spotify and Pandora.

Its content now becomes part of Audible, itself a fast-growing seller of online audiobooks, and vastly increases Rooftop’s audience, said Rooftop Chief Executive Officer Will Rogers.

Amazon is expected to continue acquiring digital content at a rapid clip. In past years, it began investing heavily to branch out from its online retail roots, delving into Hollywood-style content production as well as developing a line of tablets, smartphones and set-top boxes to accelerate the sale of digital content.

 

 

Nearly 45% Of Android Devices Have Browser With Security Holes

October 10, 2014 by  
Filed under Mobile

Around 45 percent of Android mobile devices have a browser that is vulnerable to two serious security issues, but some countries have a considerably larger percentage of affected users than others, according to data from mobile security firm Lookout.

The two security issues were uncovered over the past month by a security researcher named Rafay Baloch and were described as a privacy disaster by other researchers. They allow an attacker to bypass a core security boundary, called the same-origin policy (SOP), that exists in all browsers.

The SOP prevents scripts from one domain from interacting with data from a different domain. For example, scripts running on a page hosted on domain A should not be able to interact with content loaded on the same page from domain B.

Without that restriction, attackers could create pages that load Facebook, Gmail or some other sensitive sites in an invisible iframe and then trick users into visiting those pages in order to hijack their sessions and read their emails or send Facebook messages, for example.

The SOP bypass vulnerabilities found by Baloch affect Android versions older than 4.4, which according to data from Google are installed on 75 percent of all Android devices that actively visit the Google Play Store. Android 4.4 is not vulnerable because it uses Google Chrome as the default browser instead of the older Android Open Source Project (AOSP) browser.

Google has released patches for the two vulnerabilities through AOSP, which serves as the base for the customized Android firmware installed on devices by manufacturers. The task now falls on device vendors to import those patches and release firmware updates to end users.

However, history has shown that the availability of Android firmware updates varies greatly among manufacturers, different devices from the same manufacturer and even among countries, as local carriers also play a role in the distribution of over-the-air updates.

 

Will The 512K Routing Limit Stall The Internet?

August 15, 2014 by  
Filed under Around The Net

The Internet, the popular feline-based online entertainment service, has started to fail as the weight of traffic begins to bite older equipment.

Older routers were designed to keep a maximum of 512,000 (512k) updates to routing tables in the cache memory at any given time. Yesterday, that 512k figure was exceeded, causing many routers to either stop functioning, reboot, or plead for help from their human servants.

Depending on your point of view, this is either a slight glitch that will right itself shortly, or threatens the end of the internet. We’ve decided to plump for somewhere in between those two – it’s another millenium bug that we can hope will turn out to be a tempest in a teacup.

Cisco has been keen to remind customers that it warned in May that this day was coming when it told customers about what models of its equipment are likely to experience problems and what workarounds are available.

However, it did reassure customers, saying, “The possibility of TCAM resource exhaustion at 512k routes is a known issue that we all know has been coming for some time. There is no related security vulnerability, and it cannot be easily triggered by a remote, untrusted user.”

So there’s no opportunity for hacking villains in the 512k routing table entries limit, then.

Although neither Lastpass nor eBay, two websites that suffered major outages yesterday, have admitted any connection with “512k Day”, as the Twitterati are calling it, and their problems, it seems likely that it is no coincidence.

As to what happens now, with the interminably slow take-up of the IPv6 standard in industry, the 512k limit is likely to be tripped repeatedly. The worrying thing is that no one is quite sure how big a deal it actually is yet. Like the exhaustion of IPv4 addresses, the internet service industry seems to be sitting back, arms folded, and watching the fun with morbid curiosity.

Meanwhile, expect a few more days of intermittent faults with some high profile websites as IT administrators rake in overtime pay installing the configuration workarounds and righting routers that have fallen over. Either that, or The INQUIRER will be moving to become a print publication.

Courtesy-TheInq

Google Boosts Gmail Spam Filtering Abilities

August 14, 2014 by  
Filed under Around The Net

Google is shoring up Gmail’s ability to detect and block malicious emails from spammers and scammers that exploit similarities among Unicode characters to trick users into clicking on bad links.

Unicode provides a standard for character encoding for all the writing systems in the world, along with technical symbols, punctuation and other text characters.

Because characters among different scripts are often very similar — such as the Latin and Cyrillic scripts’ characters for the lowercase letter “a” — spam and phishing emails often combine them in website links that otherwise look legitimate to the unsuspecting eye.

Scammers set up a site with the URL of a known business — a large bank or retailer — using a mixture of Unicode characters, making the URL look like the one from that business. Then they include a link to that malicious site in spam and phishing emails, hoping people will click on it.

“The Unicode community has identified suspicious combinations of letters that could be misleading, and Gmail will now begin rejecting email with such combinations,” wrote Google official Mark Risher, from the company’s Spam & Abuse Team.

Google will use the Unicode Consortium’s “Highly Restricted” open standard designation because the company believes it strikes a good balance “between legitimate uses of these new domains and those likely to be abused,” Risher wrote.

The Unicode encoding standard provides the basis for “processing, storage and interchange of text data in any language in all modern software and information technology protocols,” according to the Unicode Consortium.

Unicode is aimed at developers who want their software applications to work in any language in the world.

 

 

Can Moving From TCP/IP Speed Up The Internet?

July 31, 2014 by  
Filed under Computing

A team of Danish boffins have worked out that the Internet could be sped up by more than five times if there were some significant changes to TCP/IP. The researchers who hang out at Aalborg University say that a lot of the TCP/IP system needs to be junked in favour of something called “Random Linear Network Coding” (RLNC).

Basically this means using new mathematical algorithms on routing problems to eliminate retransmissions and cut congestion. Researchers say that experiments with their new network coding equipment manufacturers experienced speeds that are five to ten times faster than usual. RLNC would allow encoded data be able to be reconstructed within the network and stop the receiving node having to work out that some data went missing and request a retransmission.

This means that the data stream would contain enough data so it can reconstruct missing data without retransmission. Upstream and downstream data is used to reconstruct what is missing using a mathematical equation. Basically it is similar to the error correction which TCP/IP tried to kill off in the first place. The group is trying to flog the technology in Silicon Valley through a company called Steinwurf, which will make RLNC available to hardware manufacturers.

Courtesy-Fud

 

Next Page »