The social security numbers and credit card information of up to 6,000 University of Connecticut students, faculty and others may have been stolen by cyberhackers from China, the university said on Friday.
Officials detected a potential breach of the School of Engineering’s network in March and an investigation uncovered that hackers may have gained access to it as early as September, 2013, spokesman Tom Breen said.
He said 6,000 students, faculty, alumni and research partners of the school were notified that their personal information may have been compromised.
“The breach is far more extensive, could impact many more accounts and started much earlier than we originally believed,” said Breen. “There is no way at the present time to determine the exact number of accounts hacked,” he added.
Breen said the hack has been traced to China ”based on the type of cyber-attack that was launched, and the software used.” He added the FBI and several state agencies have been notified. The university said it was also taking steps to secure its systems.
Oracle is looking to expand the market for its Sparc-based servers with a new, low-cost processor which it curiously called Sonoma.
The company isn’t saying yet when the chip will be in the shops but the spec shows that could become a new rival for Intel’s Xeon chips and make Oracle’s servers more competitive.
Sonoma is named after a place where they make cheap terrible Californian wine and Oracle aims the chip at Sparc-based servers at “significantly lower price points” than now.
This means that companies can use them for smaller, less critical applications.
Oracle has not done much with its Sparc line-up for a couple of years, and Sonoma was one of a few new chips planned. The database maker will update its Sparc T5, used in its mid-range systems and the high-end Sparc M7. The technology is expected to filter to the Sonoma lower tier servers.
The Sparc M7 will have technologies for encryption acceleration and memory protection built into the chip. It will include coprocessors to speed up database performance.
According to IDG Sonoma will take those same technologies and bring them down to low-cost points. This means that people can use them in cloud computing and for smaller applications.
He didn’t talk about prices or say how much cheaper the new Sparc systems will be, and it could potentially be years before Sonoma comes to market.
Researchers from the University of Salerno and the Sapienza University of Rome in Italy have used three different techniques to obfuscate exploits like the ones usually used in drive-by download attacks.
Functionality provided by HTML5 can be efficient for malware obfuscation, the Italians have proved.
Modern security software can detect a big chunk of threats, but if they use some HTML5 features to hide the exploits served in drive-by download attacks, they could evade static and dynamic detection systems.
Experts say some of these APIs can be used to deliver and assemble the exploit in the web browser without being detected.
One method dubbed “delegated preparation” involves delegating the preparation of the malware to system APIs.
Another called “distributed preparation,” shares the code over concurrent and independent processes running within the browser.
A third involves triggering the code preparation based on the user’s actions on the malicious webpage or website.
VirusTotal detection rates for these sorts of obscured attacks remains low.
The paper published by researchers, with the catchy title of “Using HTML5 to Prevent Detection of Drive-by-Download Web Malware,” contains recommendations about some of the steps that can be taken to counter these obfuscation techniques.
It is possible that one day we will report on which companies made it through the night without being hacked or without exposing their users.
For now, though, the opposite is the norm and today we are reporting about a problem with gaming system Steam that, you guessed it, has dangled the personal details of punters within the reach of ne’er-do-wells.
The news is not coming out of Steam, or parent Valve, directly, but it is running rampant across social networks and the gaming community. The problem, according to reports and videos, was a bad one and made the overtaking of user accounts rather a simple job.
No badass end-of-level boss to beat here, just a stage in the authentication process. A video posted online demonstrates the efforts required, while some reports – with access to Steam’s PR hot air machine – say that the problem is fixed.
A statement released to gaming almanac Kotaku finds the firm in apologetic clean-up mode.
Steam told the paper that some users would have their passwords reset, those being the ones who might have seen their log-in changed under suspicious circumstances, and that in general users should already be protected from the risks at hand.
“To protect users, we are resetting passwords on accounts with suspicious password changes during that period or may have otherwise been affected,” the firm said.
“Relevant users will receive an email with a new password. Once that email is received, it is recommended that users log-in to their account via the Steam client and set a new password.
“Please note that, while an account password was potentially modified during this period, the password itself was not revealed. Also, if Steam Guard was enabled, the account was protected from unauthorized log-ins even if the password was modified.”
The firm added its apologies to the community.
Police in Beijing have raided a factory that made more than 41,000 fake iPhones worth as much as 120 million yuan ($19 million), including some that reached the United States, and have arrested nine suspects in the counterfeiting operation.
Apple is one of the most popular brands in China, where authorities have stepped up efforts in recent years to dispel the country’s reputation for turning out counterfeit goods.
Officials have taken stiffer action to enforce intellectual property (IP) rights, pushed firms to apply for trademarks and patents and cracked down on fakes.
Police arrested nine people, including a married couple who led the operation, after a raid in May on the factory, run under the guise of a gadget maintenance shop on the northern outskirts of the Chinese capital.
The details were revealed in a social media posting on Sunday by the public security bureau in Beijing.
The group, headed by a 43-year old man, surnamed Yu, and his 40-year old wife, surnamed Xie, both from the southern hardware manufacturing city of Shenzhen, allegedly set up the Beijing factory with six assembly lines in January, the bureau said.
They hired “hundreds” of workers to repackage second-hand smartphone components as iPhones for export, it added.
Police seized 1,400 handsets and large quantities of accessories during the May 14 raid. In the United States, the newest Apple Inc handsets can fetch $649, or more, depending on the model.
Beijing police said their investigation followed a tip-off from U.S. authorities who seized some of the fake devices.
The destination of the counterfeit phones, and how many made it there, remains unknown.
Public security representatives declined to comment on Monday, telling Reuters they had no additional information.
Apple also declined to comment, saying the investigation was ongoing.
The software genii at Apple have redesigned their OSX software to allow malware makers to make designer micro-software that can infect Macs with rootkits.
Obviously the feature is one that Apple software experts designed specifically for malware writers, perhaps seeing them as an untapped market.
The bug in the latest version of Apple’s OS X allows attackers root user privileges with a micro code which could be packed into a message.
Security researcher Stefan Esser said that this was the security hole attackers regularly exploit to bypass security protections built into modern operating systems and applications.
The OS X privilege-escalation flaw stems from new error-logging features that Apple added to OS X 10.10. Plainly the software genii did not believe that standard safeguards involving additions to the OS X dynamic linker dyld applied to them because they were protected from harm by Steve Job’s ghost.
This means that attackers to open or create files with root privileges that can reside anywhere in the OS X file system.
“This is obviously a problem, because it allows the creation or opening (for writing) of any file in the filesystem. And because the log file is never closed by dyld and the file is not opened with the close on exec flag the opened file descriptor is inherited by child processes of SUID binaries. This can be easily exploited for privilege-escalation,” Esser said.
The vulnerability is present in both the current 10.10.4 (Yosemite) version of OS X and the current beta version of 10.10.5. Importantly, the current beta version of 10.11 is free of the flaw, an indication that Apple developers may already be aware of the vulnerability.
An Apple spokesman said that engineers are aware of Esser’s post of course they did not say they would do anything about it. They will have to go through the extensional crisis involved in realising that their product was not secure or perfect. Then the security team will have to issue orders, signed in triplicate, sent in, sent back, queried, lost, found, subjected to an internal inquiry, lost again, and finally bury it in soft peat for three months and recycled as firelighters.
The flaws could potentially be exploited to execute malicious code on computers when users visit compromised websites or open specially crafted documents. They were reported through Hewlett-Packard’s Zero Day Initiative (ZDI) program.
HP’s TippingPoint division, which sells network security products, pays researchers for information on unpatched high-risk vulnerabilities in popular software. The company uses the information to create detection signatures, giving it a competitive advantage, but also reports the flaws to the affected vendors so they can be fixed.
The ZDI team gives vendors 120 days to develop fixes before making limited information about the flaws reported to the public. That deadline was apparently reached for the four Internet Explorer vulnerabilities this week.
The ZDI advisories describe the type, impact and general location of the flaws, but intentionally leave out technical details that could help attackers create exploits for them. In other words, they don’t classify as full disclosure.
Three of the new ZDI advisories don’t have sufficient information for other researchers or hackers to easily rediscover the issues, said Carsten Eiram, the chief research officer at vulnerability intelligence firm Risk Based Security, via email. The fourth one, however, is a bit more detailed, he said.
That advisory, tracked as ZDI-15-359, covers a vulnerability that was used by security researcher Nicolas Joly during the Mobile Pwn2Own hacking contest organized by ZDI in November last year. As part of the contest rules, researchers disclose the vulnerabilities they use with ZDI, which then shares them with the affected vendors.
Microsoft said in an emailed statement that it would take “appropriate steps” to protect its customers, but noted that no attacks had been reported so far.
Named Send, the new tool aims to deliver a simple experience much like that offered by text messaging or instant messaging software but without the need to know a co-worker’s mobile number or username. Instead, Send lets users quickly fire off a message to any co-worker using just their email address; no subject line, salutations or signatures are required.
“On my way,” might be one example, or “Are you in the office today?”
The app connects to Office 365 business and school email accounts to find frequent and recent contacts; users need only tap on one to start a conversation. A “Quick Reply” option allows for speedy responses.
That Office 365 connection, meanwhile, also means conversations are synced with Outlook, letting users continue them from anywhere. Messages sent using Send are treated internally like any other work email and comply with an organization’s email compliance policies, Microsoft said.
Send is now available free for iPhone through the Microsoft Garage in the U.S. and Canada. Versions for Windows Phone and Android are coming soon, as are additional IT controls. Currently the app works with Office 365 business and school email accounts, but Microsoft plans to make it more broadly available in the coming months, it said.
Microsoft has begun to open source some more of its code, this time for the Microsoft Research Software Radio (Sora).
“We believe that a fully open source Sora will better support the research community for more scientific innovation,” said Kun Tan, a senior researcher on the Sora project team.
Sora was created to combat the problem of creating software radio that could keep up with the hardware developments going on around it.
The idea behind it is to run the radio off software on a multi-core PC running a basic operating system. In the example, it uses Windows. But then it would.
A PCIe radio control board is added to the machine with signals processed by the software for transmission and reception, while the RF front-end, with its own memory, interfaces with other devices.
The architecture also supports parallel processing by distributing processing pipelines to multiple cores exclusively for real-time SDR tasks.
Sora has already won a number of awards, and the Sora SDK and API were released in 2011 for academic users. More than 50 institutions now use it for research or courses.
As such, and in line with the groovy open Microsoft ethos, the software has now been completely open sourced, with customizable RF front-ends, customizable RCB with timing control and synchronization, processing accelerators and support for new communication models such as duplex radios.
The Sora source code is now up on GitHub. Use cases already in place include TV whitespace, large scale MIMO and distributed MIMO systems.
Microsoft has made a number of moves towards open sourcing itself over the past year. Most notably, The .NET Framework at the heart of most Windows programs was offered up to the newly created .NET Foundation.
It was announced yesterday that Google is releasing its Kubernetes code to the Linux Foundation to set up a standardized format for containerization.
HP has proclaimed that it will buy 12 years of wind power from SunEdison and use it to run a new data centre in Texas.
The firm’s embracing of the wind market follows similar commitments from Facebook, which is planning to run its newest centre, the fifth so far, on wind power alone.
HP said that the 12-year purchase agreement will provide 112MW of wind power sourced from SunEdison and its nearby facilities.
The company said that 112MW could power some 40,000 homes, and will save more than 340,000 tons of carbon dioxide every year.
HP added that the deal puts the firm well on the way to meeting its green goals this year, five years earlier than the 2020 previously stated.
The renewable energy purchase is a first for HP and will power the new 1.5 million square foot data centre in Texas.
“This agreement represents the latest step we are taking on HP’s journey to reduce our carbon footprint across our entire value chain, while creating a stronger, more resilient company and a sustainable world,” said Gabi Zedlmayer, vice president and chief progress officer for corporate affairs at HP.
“It’s an important milestone in driving HP Living Progress as we work to create a better future for everyone through our actions and innovations.”
SunEdison, which HP calls the “world’s largest renewable energy development company”, is predictably excited to be the provider chosen to put the wind up HP servers.
“Wind-generated electricity represents a good business opportunity for Texas and for HP,” said Paul Gaynor, executive vice president, Americas and EMEA, at SunEdison.
“By powering its data centres with renewable energy, HP is taking an important step toward a clean energy future while lowering operating costs.
“At the same time, HP’s commitment allows us to build this project which creates valuable local jobs and ensures Texan electricity customers get cost-effective energy.”
Paypal appears to have had technical problems as it tried to free itself from the corporate networks of Ebay and has been stopping some users from spending money for nearly six weeks.
The company, which appeared on the stock market again free from Ebay for the first time today, has been blocking some users from spending their money.
It is flagging transactions as being problematic and refusing to let them go through. The user gets a message suggesting that they should try later. However, waiting never improves anything, the account is blocked.
We noticed the problem about six weeks ago and it was hinted to us that the problem was caused as engineers tried to liberate PayPal from its eBay overlords.
Paypal customer support did not know what to do and is blaming all of Paypal’s suppliers as security risks. Ironically it has also been saying that eBay transactions have been security risks. Initially customner support suggested that payments were sent out to email addresses but then the unfixed security feature started blocking these too.
What is also alarming is that the security blocks cannot be overridden manually, in fact, most users will not even know they have been blocked.
Customer support seems to have faith that the security system and has no interest in referring the problem to someone with technical expertise:
” the reason as to why your payment using your account is being stopped is because according to our Internal Security System it may fail or there are potential problems linked to it.
Please be advised that I do not mean you, as the user or the seller or even your card/bank account has triggered our internal security system but what happened here is that when each and every payment is made through PayPal our Internal Security system will analyse each one of them.
I hope you understand that our system will analyze all factors involved in the payment being made, not just those making the payment or receiving or what is being used. It could possibly be that items or services of a certain category has had a history of failing or being done fraudulently or that the item or service is not suitable according to the Acceptable Use Policy. These are a few examples of what could have triggered our Internal Security system and it completely objective and analytical to prevent any negative outcomes to a transaction.
You may at the moment view this as protection but in actual fact this system we use has helped reduce losses for both buyers and sellers, as we only have your best interests in mind. A smooth transaction is an ideal transaction and we wish to straighten out any wrinkles for you from the start so that once an exchange of money and item or service is done, you need not worry about it anymore.”
Obviously automatically freezing people’s accounts does prevent the money from being stolen, but it equally reduces the usefulness of your service.
We asked PayPal to comment about the problem and if it was aware of the security problem it was facing. We even offered access to our accounts so they could see the problem in action.
Press officer Adam Blacker told us that we needed to talk to customer support. This makes it the first time in our long career that we have been referred to customer support when asking about a company’s security. Needless to say we thought we would get a better comment from the cat than another round of emails to customer support.
Costco Wholesale Corp , Sam’s Club and several other large retailers have disabled their online photo printing stores in recent days, over concerns about a possible data breach at PNI Digital Media, which manages and/or hosts photo services sites.
Last week CVS Health Corp disabled its CVSphoto.com site, and the week before Walmart Canada’s walmartphotocentre.ca took a similar action after it was informed that customer credit card data had been potentially compromised.
Other photo printing sites that might have been recently affected included Rite Aid Corp and British supermarket chain Tesco’s.
“We take the protection of information very seriously. PNI is investigating a potential credit card data issue, and outside security experts are assisting in the investigation,” said Kirk Saville, vice president, global communications at Staples Inc, which bought Vancouver-based PNI last year.
Some websites said they had been advised by PNI of a potential breach, while others said they acted because of recent reports.
Costco Canada and Rite Aid noted that PNI has limited access to customer information since it does not process credit cards, but the photo service sites were temporarily taken down as a precaution.
CVS and Walmart Canada asked customers to monitor their credit card transactions closely for unauthorized charges.
Tesco’s page simply said it was it was unavailable for routine maintenance.
The retailers’ main websites and other services were not affected by the potential breach.
Adallom, which develops cloud security platforms, is expected to become the center for Microsoft’s cyber security business in Israel, the newspaper said.
Adallom could not be reached for comment and officials at Microsoft in Israel declined to comment.
The U.S. technology company has made several recent acquisitions in Israel, including security software developer Aorato for a reported $200 million. It also bought text analysis firm Equivio and the technology of digital pen maker N-trig.
Adallom has raised about $50 million from venture capital funds Sequoia Capitol and European Index Ventures as well as EMC Corp and Hewlett-Packard, among others, Calcalist said.
Adallom was founded in 2012 has 80 employees at its offices in Israel and the United States.
It offers users information security technology on remote servers. It can secure information stored on Salesforce’s, Microsoft’s or Google’s cloud services and protect it from cyber attacks.
The levels of spam have been slowly falling since 2010 for multiple reasons. Network providers are more tuned into the problem and are taking action faster when there are issues on their services.
Also, unlike six or seven years ago, sending billions of messages per day from massive botnets isn’t as feasible anymore.
Law enforcement, along with companies including Microsoft, have aggressively gone after some of the largest botnets over the past few years and worked to technically shut them down. Although some botnet operators have been able in some instances to regain control, the increased attention makes it more difficult for them to work.
Improved filtering and blocking also means that fewer unsolicited marketing messages reach inboxes where people might click on a message to buy a product. Response rates to spam are notoriously low, so it means spammers must reach many inboxes in order to build a business.
That’s not to say spam is going to completely stop, but as the cost of entry into the spam business rises and the likelihood of a return falls, it’s less of an incentive.
In June, Symantec saw 704 billion email messages sent. Of those, 353 billion were classified as spam. At one of the peaks of the spam epidemic in June 2009, 5.7 trillion of the 6.3 trillion messages sent were spam, according to past data from Symantec.
Symantec noted that phishing and email-based malware fell in June, which is evidence that “attackers are simply moving to other areas of the threat landscape.”
Fabless chipmaker AMD has come up with a mixed set of results for the second quarter. The company managed to make as much cash as the cocaine nose jobs of Wall Street expected, but missed revenue expectations.
In fact its revenues were below the psychologically important billion figure at $942 million.
We knew it was going to be bad. Last week we were warned that the results would be flat. The actual figure was $942m, an 8.5 per cent sequential decline and a 34.6 per cent drop from the same period a year ago.
As you might expect, there are some measures of this not being AMD’s fault. The company is almost entirely dependent on PC sales. Not only have these fallen but don’t look like they are going to pick up for a while.
AMD’s Computing and Graphics division reported revenue of $379m, which was down 54.2 per cent, year-on-year. Its operating loss was $147m, compared to a $6m operating loss for last year’s quarter.
Lisa Su, AMD president and CEO, in a statement said that strong sequential revenue growth in AMD’s enterprise, embedded, and semi-custom segment and channel business was not enough to offset near-term problems in its PC processor business. This was due to lower than expected consumer demand that impacted sales to OEMs, she said.
“We continue to execute our long-term strategy while we navigate the current market environment. Our focus is on developing leadership computing and graphics products capable of driving profitable share growth across our target markets,” she added.
In the semi-custom segment, AMD makes chips for video game consoles such as the Nintendo Wii U, Microsoft Xbox One, and Sony PlayStation 4 consoles. That segment did reasonably well, up 13 percent from the previous quarter but down 8 percent from a year ago.
But AMD’s core business of processors and graphics chips fell 29 percent from the previous quarter and 54 percent from a year ago. AMD said it had decreased sales to manufacturers of laptop computers.
Figures like this strap a large target on AMD’s back with a sign saying “take me over” but AMD is not predicting total doom yet.
For the third quarter, AMD expects revenue to increase 6 percent, plus or minus 3 percent, sequentially, which is a fairly conservative outlook given the fact that Windows 10 is expected to push a few sales its way.
AMD supplies chips to the Nintendo Wii U, Microsoft Xbox One, and Sony PlayStation 4 consoles and these seem to be going rather well.