Security research has found a banking trojan called Shifu that is going after Japanese financial firms in a big way.
Shifu is described as “masterful” by IBM X-Force, and is named after the Japanese word for thief, according to the firm. It is also the Chinese word for skilled person, or tutor.
X-Force said in a blog post that the malware has been active since the early summer, and comprises a number of known tools like Dyre, Zeus and Dridex. It has been put together by people who know what they are doing, and sounds like a significant problem for the 20 institutions it is targeting.
“The Shifu trojan may be a new beast, but its inner workings are not entirely unfamiliar. The malware relies on a few tried-and-true trojan mechanisms from other infamous crimeware codes,” said the IBM researchers.
“It appears that Shifu’s internal makeup was composed by savvy developers who are quite familiar with other banking malware, dressing Shifu with selected features from the more nefarious of the bunch.”
The Shifu package offers a range of attack features as well as clean-up tools to cover its tracks. It reads like a Now that’s what I call … recent attacks compilation CD, and has some oldies but baddies.
“Shifu wipes the local System Restore point on infected machines in a similar way to the Conficker worm, which was popular in 2009,” added the firm as one example.
The package can wreak havoc on companies and their users. If we had a bucket of damp sand we would pour it all over Shifu and stamp on it.
“This trojan steals a large variety of information that victims use for authentication purposes. For example, it keylogs passwords, grabs credentials that users key into HTTP form data, steals private certificates and scrapes external authentication tokens used by some banking applications,” said IBM.
“These elements enable Shifu’s operators to use confidential user credentials and take over bank accounts held with a large variety of financial service providers.
“Shifu’s developers could be Russian speakers or native to countries in the former Soviet Union. It is also possible that the actual authors are obfuscating their true origin, throwing researchers off by implicating an allegedly common source of cybercrime.”
Lenovo’s new line-up includes seven computers, comprising the IdeaCentre AIO 700 desktop PC, the IdeaPad Miix 700a 2-in-1 tablet hybrid, and five laptops: the IdeaPad 300 and 500 and their lighter cousins, the IdeaPad 100S, 300S and 500S.
Lenovo said that the new designs feature an option for Intel’s RealSense 3D cameras alongside Windows 10 for “never-before-seen PC performance” while “giving discerning shoppers multiple reasons to upgrade this holiday season”.
The Lenovo IdeaPad Miix 700 (above) sees the firm setting its sights squarely on Microsoft’s Surface, with the device sporting an integrated kickstand, optional keyboard cover and the same dual watchband hinges as seen on on the Yoga 3 Pro.
It also boasts a 12 inch Full HD+ 2160×1440 display, a 6th-generation Intel Core processor, up to 8GB of RAM, up to 256GB SSD and either Windows 10 Pro or Windows 10 Home.
The IdeaPad MIIX 700 starts at $699, and will be available sometime this year.
The Lenovo IdeaCentre AIO 700 desktop (below) is said to deliver up to double the power, screen resolution and memory capacity of the previous-generation, making it ideal for videos and gaming, Lenovo said.
The desktop has the latest Intel Core i7 processor, coupled with up to a 27in UHD 10-point multitouch display alongside JBL stereo speakers and discrete graphics.
“This all-in-one desktop is upgraded to up to twice the CPU performance, screen resolution and memory capacity of its three-year-old previous generation, offering music and movie buffs double the incentive to refresh their hardware this season,” the firm said.
There’s also a removable slip-off back panel providing flexibility for those wanting to upgrade or maintain the system. The IdeaCentre AIO 700 24in desktop starts at $1,099 and will be available in October.
Meanwhile, the new Lenovo IdeaPad 300 and 500 laptops are claimed to be 33 percent thinner than the same range three years ago. This doesn’t sound like much of a feat, but Lenovo promised that the devices will “take portability to the next level”, weighing 2.1kg for the 14in laptop and 2.3kg for the 15in.
They come with up to Nvidia GeForce 920 graphics, 1TB of storage and Dolby Advanced Audio. The IdeaPad 500 will be powered by the latest Intel 6th generation Core i7 processor with optional JBL speakers.
For those who want an even thinner and lighter laptop, the IdeaPad 100S, 300S and 500S are thinner and lighter than their IdeaPad 300 and 500 cousins, and much lighter than their comparably priced counterparts from three years ago. The IdeaPad 100S 14in laptop is 35 percent lighter, while the IdeaPad 500S 15in laptop is 20 percent lighter.
The IdeaPad laptop range will start from $179, going up to $499 depending on model, size and specifications, and will be available in October.
The Mate S, launched on the sidelines of Europe’s biggest consumer electronics show, IFA, in Berlin, has a 5.5-inch display, a 13 mega pixel rear camera and fingerprint security. Huawei says it is one of the first smartphones to include a Force Touch display, which can distinguish between a light tap and deep press, enabling access to more functions just by pressing harder.
Huawei became the world’s third-biggest smartphone company by sales last month, according to research firm Gartner, overtaking Chinese rival Lenovo, and aims to become the first Chinese firm to sell more than 100 million smartphones this year.
But it is still far behind Samsung, which had 21.9 percent of the market in the second quarter, and Apple, on 14.6 percent. Huawei’s share rose to 7.8 percent from 5.4 percent in the first quarter.
Huawei’s Mate S phone will retail for 649 euros ($732) — comparable to some higher-end Apple iPhone 6 series models — with a premium version for 748 euros, the Chinese company said.
“Huawei aspires to be the next Samsung, successful with both premium design and by shipping large numbers of smartphone models,” said IHS analyst Ian Fogg, who expects Huawei to ship about 109 million smartphones this year.
“2015′s Huawei smartphone launches show the company is finally coming close to meeting these market goals which Huawei set some years ago.”
The top of the smartphone market is a tough environment, as Samsung has experienced. While it remains the world’s biggest smartphone maker, Apple is reaping most of the rewards. The U.S. company is estimated by some analysts to earn 90 percent or more of the industry’s profits.
Huawei has its roots in telecoms equipment gear where it competes with the likes of Ericsson and Nokia, but it has invested heavily in consumer devices in recent years.
Its Mate S will be available in more than 30 countries including China, Germany, Israel,Japan, France, Germany and Spain and can be pre-ordered in Western Europe from Sept. 15.
Acer Inc founder Stan Shih said he would welcome a takeover of the struggling Taiwanese computer manufacturer after a drastic decline in its stock price, while warning any potential buyer would have to pay a heavy amount.
“Welcome,” Shih told reporters in response to a question about whether Acer would be open to a takeover. He added however that any buyer would get an “empty shell” and would pay dearly.
“U.S. and European management teams usually are concerned about money, their CEOs only work for money. But Taiwanese are more concerned about a sense of mission and emotional factors,” he said.
His remarks were first reported by Taiwanese media on Thursday and were confirmed by a company spokesman.
Acer has reported steep on-year sales falls in recent months, including a 33 percent drop in July.
It suffered a T$2.89 billion ($90 million) loss in the first six months of 2015, versus a slight profit in the same period last year. It booked losses for all of 2011, 2012 and 2013 amid cratering PC sales.
Its stock price has fallen by nearly half since early April.
IBM security research has found that people are using the so-called dark net to launch cyber attacks, force ransomware demands on punters and make distributed denial-of-service (DoS) attacks.
The dark net, accessed via Tor, is often tagged as a threat. The IBM X-Force Threat Intelligence Quarterly 3Q 2015 report identifies a spike in bad traffic and leads with a warning.
The report introduces Tor as the network that takes people to the dark net. We might start calling it the ferryman and the passage across the river Styx, but things are complicated enough.
IBM said that Tor is used by “non-malicious government officials, journalists, law enforcement officials” and bad people alike. It is the latter that should concern us.
“This latest report reveals that more than 150,000 malicious events have originated from Tor in the US alone thus far in 2015,” the report said.
“Tor has also played a role in the growing ransomware attack trend. Attackers have evolved the use of encryption to hold data hostage and demand payment/ransom for the decryption code.”
We have been here before, and ransomware has been a feature of many a security alert this year already. We heard, courtesy of Bitdefender, that ransomware charges start at £320, and are a real pain to deal with. We also heard that it is Android mobile users in the UK who get the worst of the hackers’ grabbing-for-money treatment.
Back at the IBM report, and we find IBM X-Force on the issue. X-Force, which is nothing like X-Men, said that hackers push internet users who are easily fooled by flashy online advertisements into installing the new cyber nightmare. Ransomware, it warns, will separate you from your cash.
“A surprising number of users are fooled by fake/rogue antivirus [AV] messages that are nothing more than animated web ads that look like actual products. The fake AV scam tricks users into installing or updating an AV product they may never have had,” it explains, adding that in some cases people pay the money without thinking.
“Afterward, the fake AV keeps popping up fake malware detection notices until the user pays some amount of money, typically something in the range of what an AV product would cost.”
This establishes the subject as a mark, and the hackers will exploit the opportunity. “Do not assume that if you are infected with encryption-based ransomware you can simply pay the ransom and reliably get your data back,” said IBM.
“The best way to avoid loss is to back up your data. Regardless of whether your backup is local or cloud-based, you must ensure that you have at least one copy that is not directly mapped visibly as a drive on your computer.”
Tor nodes in the US spewed out the most bad traffic in the first half of this year, according to the report, adding up to about 180,000 attacks. The Netherlands is second with around 150,000, and Romania is third with about 80,000.
The bulk of this negative attention lands at technology and communications companies. You might have assumed the financial markets, but you were wrong. IBM said that ICT gets over 300,000 Tor thwacks every six months, manufacturing gets about 245,000, and finance gets about 170,000.
IBM said that the old enemy, SQL injection attacks, is the most common Tor-led threat to come at its customers. Vulnerability scanning attacks are also a problem, and IBM said that the use of the network as a means for distributed DoS attacks should “Come as no surprise”. It doesn’t.
“These attacks combine Tor-commanded botnets with a sheaf of Tor exit nodes. In particular, some of the US-based exit nodes provide huge bandwidth,” explained the report.
“Employing a handful of the exit nodes in a distributed DoS orchestrated by the botnet controller and originating at dozens or hundreds of bot hosts can impose a large burden on the targeted system with a small outlay of attacker resources, and generally effective anonymity.”
There is a lot more. The bottom line is that bad things happen on the dark net and that they come to people and businesses through Tor. IBM said that concerned outfits should just block it and move on, which is along the lines of something that Akamai said recently.
“Corporate networks really have little choice but to block communications to these stealthy networks. The networks contain significant amounts of illegal and malicious activity,” said Akamai.
“Allowing access between corporate networks and stealth networks can open the corporation to the risk of theft or compromise, and to legal liability in some cases and jurisdictions.”
That sounds fine to us, but won’t someone give a thought to those non-malicious government officials out there?
Samsung is working on a huge Android-based tablet that could be used in living rooms, offices, or schools, presumably as a coffee table.
According to Sam Mobile the SM-T670, codenamed ‘Tahoe’, is an Android 5.1 Lollipop-based tablet with an 18.4-inch display.
It will have a TFT LCD screen with a resolution of 1920 x 1080 pixels and be powered by an octa-core 64-bit 1.6GHz Exynos 7580 processor. It will have a rather low 2GB RAM, 32GB internal storage, a microSD card slot and a 5,700 mAh battery. Face it though a tablet this big is not going to spend a lot of time being carried about or needing a battery.
Apparently it will have an 8-megapixel primary camera and a 2.1-megapixel secondary camera. It will be 451.8 mm wide, 275.8 mm tall, and 11.9 mm thick. Strangely no one has mentioned the things weight.
Samsung is also said to be working on a Windows 10-based tablet with a high-resolution 12-inch display, a 13nm Intel Core M chipset, 4GB RAM, and an S Pen.
Billions of mobile phone users are at risk from a signalling flaw that allows hackers to intercept all voice calls and track locations.
Australian TV program 60 minutes is claiming the scoop, showing in a special report how hackers were able to record the mobile phone conversations of a prominent politician and track his movements from a base thousands of miles away in Germany.
This is because of a flaw in the architecture of the signalling system, known as SS7, which is used to enable mobile phone roaming across telecoms providers, according to the programme.
A hacker can use this information to listen in to any mobile phone conversation by forwarding all calls to an online recording device and then re-routing the call back to its intended recipient, a so-called man-in-the-middle attack.
It also allows the movements of a mobile phone user to be tracked on applications such as Google Maps, and 60 Minutes claimed that it throws the security of SMS verification used by banking apps, for example, into doubt.
“Verification by SMS message is useless against a determined hacker with access to the SS7 portal because they can intercept and use the SMS code before it gets to the bank customer,” the report said.
It’s worth noting, however, that the German hackers who carried out the demonstration, in which they intercepted and recorded a conversation between a 60 Minutes reporter and independent Australian senator Nick Xenophon, were given legal access to SS7 by the government, something most hackers won’t have.
Even so, the disclosures have led to calls for an immediate public inquiry in Australia, amid concerns that the security and intelligence services have long been aware of the SS7 security vulnerabilities.
Senator Xenophon said in response to the report: “This is actually quite shocking because it affects everyone. It means anyone with a mobile phone can be hacked, can be bugged, can be harassed.
“The implications are enormous and what we find shocking is that the security services, the intelligence services, they know about this vulnerability.”
What’s more, security outfit Adaptive Mobile said that such flaws should be taken seriously, as attacks can be launched anywhere in the world on any individual connected to the global SS7 network.
The firm published a blog post following the high-profile attack on Hacking Team when it first became concerned about SS7.
“Security in the SS7 network has become of paramount importance for the mobile community, so knowing how these surveillance companies regard and use SS7 is essential,” Adaptive Mobile said.
“Based on the information that has become available, it seems that there is a wider group of commercial entities selling systems that allow surveillance over SS7, and that these systems are for offer today.”
The new Dell Chromebook 13 laptop has a 13.3-inch (33.7 centimeter) screen and resembles the other business-class Latitude Dell laptops, with a carbon fiber weave cover, magnesium alloy palm rest and aluminum base.
Unlike other Dell laptops, it has no hard drive, aside from a small 16GB or 32GB SSD to hold the operating system. Like other Chromebooks, it runs Google’s Chrome OS and is designed to be used primarily for Web applications.
Some Dell customers are choosing Chromebooks over “other alternatives,” said Kirk Schell, Dell vice president and general manager for commercial client solutions.
Dell doesn’t expect that this Chromebook will replace full-fledged Windows-based notebooks. “We don’t think this is a one-size-fits-all market,” Schell said.
In particular, organizations with many mobile workers may find Chromebooks appealing, as would those organizations that rely entirely on Web applications. The Chromebook 13 can also support desktop virtualization software from Dell or Citrix as well, allowing workers to remotely access their desktop applications.
The device, slated to start shipping in September, offers up to 12 hours of battery life, and can boot up in less than 6 seconds, according to Dell.
Chromebook 13 comes with several advancements over its predecessor, Chromebook 11, which had an 11-inch screen and offered an estimated 7 hours of battery life.
Google also provides a cloud-based management console to manage and update the corporate Chromeboooks.
The Dell Chromebook 13 starts at $399.00 and will be available beginning September 17 in the U.S. and Canada.
Lenovo has reported not very good financial results, and the shedding of five percent of the workforce.
The firm revealed a 50 percent drop in net profits, when measured against the same period last year, and an 80 percent slide in pre-tax income, again against Q2 2014.
The firm spoke of the severe challenges and tough environment that it finds itself in, explaining that this led to a quarterly revenue increase of three percent to $107bn, the 80 percent drop in pre-tax income to $52m, and a 51 percent profit drop to $105m.
Gross profits increased by 22 percent to $1.6bn, while operating profit dropped 67 percent year over year to $96m.
Times, we are given to understand, are tough and tough decisions have to be made. These decisions are couched in terms of increased efficiency and increased share value. They include the dunking of smartphone inventory worth $300m, and presumably post-Superfish clean up work.
“Last quarter, we faced perhaps the toughest market environment in recent years, but we still achieved solid results,” said Yuanqing Yang, chairman and CEO of Lenovo.
“But to build long-term, sustainable growth, we must take proactive and decisive actions in every part of the businesses. We will reduce costs in our PC business and increase efficiency in order to leverage industry consolidation increase share and improve profitability. We will come through these efforts as a faster, stronger and better aligned global company.”
The meat of the efforts comes later, after the positives. “This effort will reduce expenses by about $650m in the second half of this year and about $1.35bn on an annual basis. These actions will include a reduction of 3,200 people in our non-manufacturing workforce around the world,” reveals the firm in its financial statements (PDF).
“This equates to about 10 percent of non-manufacturing headcount and about five percent of our total population of around 60,000 people.”
There are positives. Lenovo’s PC sales dropped by three percent year over year, but were still good enough for the firm which said that it has seen gains in all geographies.
Quarterly sales of mobile devices, which include Motorola models, were up by 22 percent, but that part of the firm accounts for a $292m chunk of overall pre-tax losses.
Customers who pre-ordered the Surface Hub from Microsoft were notified this week that their mega-display and conference room collaboration tool won’t arrive until 2016, at least four months after Microsoft originally planned.
Pre-orders for the Surface Hub, which is a massive touch-sensitive and camera-equipped display designed to help people work together in an office and across the Web, opened July 1. Following strong demand for the devices, Microsoft said two weeks later that it would be reworking its manufacturing processes to keep up with interest, and would have to delay the devices’ roll-out. Wednesday’s announcement means companies that planned to install the devices know when to expect their new hardware.
“Surface Hub devices will begin shipping on January 1, 2016,” the company said in a blog post.
The device can run a variety of applications tailored for workplace collaboration like PowerPoint and a version of Skype for Business. It’s designed to reinvent the process of holding meetings by bringing in digital content that can then be shared with users both during and after a workplace get-together. Microsoft has been pushing hard to improve workplace collaboration with its new software projects, including Office 2016, which allows users to work together on documents in real time through new desktop apps.
Microsoft first announced the Surface Hub at its Windows 10 event in January, showing off the device’s 84-inch model, which sports a 4K resolution display and can be purchased for $20,000. There’s also a smaller, 55-inch model that sports a HD screen and costs a comparatively affordable $7,000. In order to purchase the devices, companies must go through the network of partners and resellers that Microsoft has set up.
Apple is about to spike plans to make a cheaper, plastic iPhone 6C.
The Tame Apple Press became all moist when the news that Apple was going to make a a plastic bodies and 4in screens in an iPhone 6C? This would mean that Apple would not only have three phones coming out this year, but actually have one that it could put into cheaper markets.
We have heard that logic before, and it never really worked. And now it looks like Apple has abandoned the plan (if it even had it in the first place).
A marketing firm claims it has seen testing data for just two new iPhones, which strongly suggests that an iPhone 6C launch is not imminent.
Fisku, had access to data that shows identifiers for models in testing. Its logs recently showed two new iPhones, which showed up as “iphone8,1″ and “iphone8,2″ – most likely codenames for the upcoming iPhone 6s (or 7, depending on Apple’s choice of moniker) and the iPhone 6s Plus (or 7 Plus).
If the phone is launched it might be at a much later date, but so far it looks like Apple will stick to launching just two models.
The preview will include a number of benefits including a redesigned in-call experience. The new call screen features larger buttons to make it easier to manage a call on a phone’s smaller screen. The app’s new dashboard is designed to make communication easier by pulling a user’s most recent conversations, upcoming meetings and the ability to search all their contacts into one place.
Video calls will now fill the screen on a user’s phone, so it’s easier for them to see their colleagues. Furthermore, the new app’s design is supposed to simplify the video, content and IM panes and make navigating between them easier.
Getting access to the preview apps will be a somewhat involved process. IT administrators can visit skypepreview.com and nominate up to four end users each to test the iOS and Android apps. Administrators have to apply by Friday to be considered for the first testing batch. After that, Microsoft will evaluate the nominations and pick out a group of testers for the applications.
Users who have the Lync 2013 app for iOS or Android will get automatically upgraded to Skype for Business when the app launches later this year. It’s compatible with deployments of Lync Server 2013, Skype for Business Server 2015 and Skype for Business Online.
Skype for Business was officially released in April for Windows PCs, but Microsoft has been slower to update and rebrand other platforms. Windows Phone owners already have access to a new Skype for Business app, which launched last month.
Windows 10 has grown faster in two weeks than its predecessor managed in its first six months.
In the two weeks since release, the new ‘Windows-as-a-service’ has been installed on an estimated 27 million machines, or 3.78 of the market, according to analysts at StatCounter. This is up from 0.39 percent from the beginning of the month. In the UK, the uptake is even speedier, with 7.56 percent of machines updated.
That means that Windows 10 is already beating Windows 8 (not including 8.1).
Digging back into the INQ archives we can see that it took until April 2013 – a full six months after release to hit this saturation, according to Netmarketshare.
As the great hope for a Microsoft revival, following the lukewarm reception for the tile-clad predecessor, this bodes well. With another three weeks before the next Netmarketshare figures, there is a realistic chance that Windows 10 will overtake Windows 8 marketshare within the first month.
The combined Windows 8.x marketshare for July was just 15.86 percent, and with so many users still waiting for their upgrade, there is every chance that Windows 8.x will be annihilated by its successor within months, leaving it as a footnote in history like Vista before it.
Windows 10 has achieved near universal acclaim for its blending of familiar and new elements. Demand for the new OS is such that Microsoft servers have been, at times, overwhelmed. Users have been advised that their upgrade request could take “weeks” and even once installed, it could take time to activate the free upgrade licence.
Mozilla, makers of the popular open source Firefox browser, isn’t so impressed, and has already made it clear that it is not amused by Windows 10 with an open letter to CEO Satya Nadella criticising the company’s move to a process of silent, background security updates.
Microsoft has described the enormity of the task of offering free updates to Windows 10 as akin to “buying pizza for 1.5 billion people”.
Qualcomm has announced its Snapdragon 620, a successor to the reasonably successful Snapdragon 615.
The new chip is Qualcomm’s first to feature a brand new quad core cluster of four Cortex A72 1.8 GHz cores and four more A53 based 1.2GHz cores.
The new Qualcomm chip supports dual channel LPDDR3 memory at 933MHz and the as yet unidentified next generation of Adreno graphics which will probably be branded as 5xx series. Qualcomm promises to support the latest graphics APIs, hardware tessellation and geometry shading.
The new SoC, which targets the mainstream phones, comes with support for Cat 7 speeds of up to 300 Mbps down/100 Mbps up via 2×20 MHz carrier aggregation in the downlink and uplink on LTE FDD and LTE TDD. The SoC supports LTE Broadcast, LTE multimode dual SIM and VoLTE with HD Voice and SRVCC and comes with Qualcomm VIVE 1-stream 802.11ac, Qualcomm IZat location services, USB 2.0 and Bluetooth Smart 4.1.
The chip supports Quad HD 2560×1600 screen, and Miracast for up to 1080p wireless displays, 4K@30fps capture, 1080p@120fps capture with Hardware HEVC (H.265) encode and decode. Those with dual ISPs can support up to 21MP ZSL @ 24fps and 930MP/sec throughput, local tone mapping and enhanced AF.
The higher end Snapdragon 820 comes with four Hydra based cores and 14nm manufacturing node. We are not sure what function the mainstream Snapdragon 620 processor will have for Qualcomm.
If you look more carefully at Snapdragon 620 you will notice that this chip is a declocked version of Snapdragon 810, but it comes with Cortex A72 instead of Cortex A57. This promises to bring the performance close to Snapdragon 810 to the mainstream market phones in early 2016.
Snapdragon 820 is expected to be the performance leader in Qualcomm land and we expect to learn a bit more about the chip this week.
Qualcomm is set to unveil its new Snapdragon 820 SoC on August 11 in LA and more details are being leaked than you would see at a Welsh leak recipe contest.
It appears that the new Snapdragon 820 will have the catchy title MSM8996 and it promises some significant performance improvements in key areas. We already know that it will not be catching fire, but it also has a 40 per cent GPU performance increase with its A530 GPU.
The device is also claimed to have a 30 per cent power improvement with 64b of shared virtual memory with the CPU.
Another big area of improvement is the Hydra CPU, which claims a 35 percent improvement compared to the Snapdragon 810.
The Snapdragon 820 will support 4k60 entertainment and high-speed data connectivity.
There are rumours that there will be a QFE3100 Envelope Tracking system this will not speed up mail in the criminally slow Italian Post Office, but should create a lower power and a thermal footprint. A dedicated low power sensor is integrated for always on use.
Another major upgrade compared to the older SoC is a switch from 20nm to 14nm FinFET manufacturing process. We are still expecting the Xiaomi Mi5 to be the first one to use it.