'Dridex' malware revives Microsoft Word macro attacks

A recent piece of malware that aims to steal your online banking credentials revives a decade-old technique to install itself on your PC.

Called Dridex, the malware tries to steal your data when you log into an online bank account by creating HTML fields that ask you to enter additional information like your social security number. Thats not unusual in itself: Dridex is the successor to a similar piece of malware called Cridex which also targets your bank account.

Whats different is how Dridex tries to infect your computer in the first place. Its delivered in the form of a macro, buried in a Microsoft Word document in a spam email message.

Cybercriminals started using macros more than a decade ago but they fell out of favor after Microsoft strengthened its security defenses against them. But some hackers are apparently trying them again.

Most PCs disable macros from running by default. But if the malicious Word file is opened, it advises users to enable macros, and if they do, Dridex starts downloading to the PC, wrote Rhena Inocencio, a threat response engineer, on Trend's blog on Wednesday.

"The move to macros could be seen as one way of ensuring a higher chance of successful attacks," she wrote. "If the macro feature was already enabled prior to the attack, the attack commences without any additional requirements. Otherwise, the attack must use a strong social engineering lure in order to convince the user to enable the feature."

Once installed on a computer, the malware is programmed to jump into action when it sees a person visits one of a long list of banks, including Bank of Scotland, Lloyd's Bank, Danske Bank, Barclays, Kasikorn Bank, Santander and Triodos, she wrote.

The spam messages for Dridex came mostly from Vietnam, India, Taiwan, South Korea and China, while the top three countries infected with it are Australia, the U.K. and the U.S.

A Switzerland-based computer security project that has for years tracked command-and-control servers for some of the more infamous banking malware program such as Zeus is now also tracking Dridex's command-and-control servers.

16.01 | 0 komentar | Read More

AMD reveals Civilization: Beyond Earth game bundle, Radeon R9 290X with 8GB RAM

Mere days after Nvidia announced a holiday games bundle that pairs Ubisoft's most hotly anticipated titles with new high-end GeForce GTX graphics cards, AMD's striking back by offering a free copy of the absolutely stellar Civilization: Beyond Earth with its top-tier Radeon hardware.

But here's the truly interesting twist: This promotion is separate from and can be combined with AMD's existing Never Settle: Space bundle, meaning that buyers of a new Radeon R9 290, R9 290X, or dual-GPU R9 295X2 can walk away with Civilization: BE and three additional games of their choice. Whew!

AMD's also announcing a new, overclocked variant of its flagship R9 290X graphics card that doubles the previous amount of onboard memory to a full 8GB, making it better suited for Civilization: Beyond Earth's thirst for GPU framebuffering—and amplifying what was already a strong suit for Radeon graphics cards.

The story behind the story: The recent introduction of Nvidia's GTX 900-series graphics cards threw AMD's Radeon lineup for a loop. The Radeon R9-series graphics cards are more than a year old and lag behind the GTX 980 and GTX 970 in both power efficiency and pure performance at common resolutions. Since then, AMD's been fighting back with the tools it has at its disposal: steep price cuts, abundant free games, and gaming performance at ultra-high resolutions.

Putting AMD's best foot forward

Much as the recent GeForce game bundle focuses on titles built using Nvidia's GameWorks technology, Firaxis worked closely with AMD during the development of Civilization: Beyond Earth. The game utilizes AMD's performance-boosting Mantle API to do two things: increase frame rates in traditional PC setups by optimizing how the CPU talks to the GPU, and create a smoother gameplay experience in multi-card Crossfire setups by using a "split frame rendering" subsystem. This subsystem assigns each graphics card a portion of each frame to render, rather than having the cards alternate rendering of entire frames, as is the norm.

An AMD slide deck about the benefits of Mantle.

Civilization is one of the biggest names in PC gaming. Working so tightly with Firaxis and being able to offer this giveaway is a major win for AMD.

That goes double when you consider that new Radeon R9 290-series buyers will still be able to select three free games of their choice from more than 25 available options as part of the Never Settle: Space bundle. Considering how cheaply AMD's top Radeon cards are selling for these days, and that the Space bundle includes killer games like Alien: Isolation, Sniper Elite 3, Darksiders II, Saints Row IV, and Star Citizen, you could walk away with an awful lot of gaming goodness for an insanely compelling price. Civilization: BE and Alien: Isolation alone retail for $60 a pop, and you could grab two more games beyond that.

Double the memory, double the fun?

The AMD Radeon R9 290X reference card.

Playing off Civilization: Beyond Earth's heavy use of GPU memory, AMD's also announcing a new, overclocked R9 290X variant with 8GB of onboard RAM.

While Nvidia's new GeForce GTX 900-series graphics tend to triumph over AMD's top single-GPU cards at 1080p or 2560x1600 resolution in our tests, the Radeon R9 290X actually holds the upper hand in many gaming tests conducted at 4K resolution, or across multiple monitors using AMD's Eyefinity technology. A graphics card with flat-out more memory essentially offers the ability to handle higher antialiasing settings at ultra-high resolutions.

In other words, doubling the R9 290X's memory from 4GB (formerly the maximum) to 8GB only strengthens AMD's advantage on pixelicious monitor setups—though if you're gaming at 4K you'll probably want a pair of the cards in a CrossFire setup to keep frame rates up to snuff.

The official details are fairly light. AMD would only say that Sapphire, PowerColor, and MSI will be the initial hardware partners, with a soft target MSRP of $429. That seems like a hefty markup for memory considering that 4GB R9 290X graphics cards are selling for as low as $300 these days, but hey, if you're rocking a pricey 4K display or a multi-monitor setup, twice the memory might just be worth the money.

The arrival of overclocked R9 290X graphics cards with double the onboard memory has one more bit of significance: If AMD's partners are rolling out new flagship variants in November, I'd be shocked if the next generation of Radeon GPUs surface before the end of the year.

16.01 | 0 komentar | Read More

US net neutrality advocates plan Hungary-style protests

Protests are planned outside the White House in Washington, D.C., and at several locations across the U.S. on Thursday evening to object to leaks that the U.S. Federal Communications Commission is considering a new "hybrid" proposal to break through the deadlock over net neutrality rules.

Taking a cue from recent protests in Hungary against an Internet tax, the demonstrators plan to hold their mobile phones, laptops, tablets and flashlights above their heads as a symbol of protest to "shine light" on alleged corruption in the federal government.

The Wall Street Journal reported last week that FCC Chairman Tom Wheeler was planning a partial reclassification of broadband as a regulated utility, while not explicitly prohibiting special access deals between broadband and content companies.

By the reclassification, back-end broadband services, through which broadband providers serve as a route for Web sites to distribute content, would be classified as a common carrier under Title II of the Communications Act and brought under the FCC's authority, according to the report. Retail services provided to consumers by Internet service providers would not come under the reclassification.

The FCC has said that Wheeler has not decided on a net neutrality plan and added that all broadband reclassification options are under consideration.

The protests are supported by groups such as Fight for the Future, PopularResistance.org and Free Press.

The net neutrality issue came to the forefront in January this year after the U.S. Court of Appeals for the District of Columbia Circuit largely overruled the earlier Open Internet Order which prohibited broadband providers from blocking or unreasonably discriminating against content providers or applications for network access.

Supporters of net neutrality have been demanding that broadband in its entirety should be reclassified under Title II and regulated. The reclassification could, however, invite lawsuits from broadband companies like Verizon, which warned the FCC recently that reclassification had "significant legal vulnerabilities."

In September, net neutrality groups and companies observed Internet Slowdown Day with thousands of websites participating by showing spinning-wheel icons to mimic slow-loading sites. The aim of the protest was to convey to visitors the Internet slow lanes activists claim will appear if the FCC doesn't pass strong net neutrality regulations.

The protests on Thursday will include demonstrations at San Francisco's Civic Center Plaza, Federal Plaza in Chicago and at the Philadelphia headquarters of cable company Comcast, according to PopularResistance.org. Supporters who can't make it to the event are asked to take a photo of themselves holding a sign that says #RealNetNeutrality or #ReclassifyTheInternet and upload the snap to the Tell the FCC - My Voice Matters! page, according to Free Press.

16.01 | 0 komentar | Read More

Michael Dell gets his payback, slams 'turmoil' at HP and IBM

What a difference a year makes.

For much of 2013, while Michael Dell was fighting a costly battle to take his company private, his rivals played up the distraction and did their best to lure his customers away. Now the shoe is on the other foot.

Michael Dell opened the Dell World conference in Texas on Tuesday and, looking decidedly relaxed and pleased with himself, wasted no time denouncing the "turmoil" his rivals in the industry are going through.

"They're splitting away businesses, spinning off pieces of their businesses, and one has to ask the question: who is this for? Does this actually help the customers? Does it help them create the next great innovative products?"

You can't begrudge him a bit of schadenfreude. Just six months ago Meg Whitman was calling Hewlett-Packard a "paragon of stability" compared to its rivals and now she's breaking the company in two. And IBM is selling its x86 server business to Lenovo and fighting to keep its profits above water.

Dell became a private company almost exactly a year ago, and Michael Dell doesn't have to worry about those quarterly targets any more. He said that allows Dell to invest in better products and growing its business.

Dell can focus on a future that's "beyond the next quarter, the next year or the next shareholder activist," he said, perhaps thinking of Carl Icahn, who made him pay millions more to take his company private.

It also means that Dell's financial results are no longer public, so it's hard to know how its business is really doing. Dell's PC shipments grew almost 20 percent in the U.S. last quarter, Michael Dell said, faster than those of HP and Apple.

That's correct, according to IDC, though Lenovo and Acer grew more on a global basis, and Dell still trails HP in the U.S. and worldwide.

Still, Dell is clearly investing in new technologies. On Wednesday it will announce a new "converged infrastructure" system called the PowerEdge FX, he said, which combines servers, network and storage in a new design that offers "the most density in the world."

It's also investing in services, and launched the beta of a "cloud exchange" last week that will give businesses a place to select and sign up for cloud infrastructure services. He also touted recent partnerships with VMware and Microsoft's Azure for private cloud deployments.

Michael Dell isn't the most relaxed or emotive speaker as a rule and this was a candid display for him, even taking questions from reporters in the audience. His enthusiasm was tempered when someone asked him why, if Dell is growing so much, it had to lay off some of its employees this year. He said his company needed less people in some parts of the business but more in others, and that Dell is actually hiring engineers and salespeople despite the job cuts.

With Apple's Mac shipments growing fast, PCs don't look like such a dire industry to be in any more, at least compared to recent years. That's lucky for Dell, which still gets a huge chunk of its revenue from desktops and laptops, even as it tries to expand its more profitable businesses.

"We still believe the PC is how real business gets done," Michael Dell said.

16.01 | 0 komentar | Read More

Google and LG strike broad patent licensing deal

Google and LG have entered into a patent cross-licensing deal, the latest partnership seeking to reduce the threat of lawsuits between major tech companies.

The agreement, announced on Tuesday, covers "a broad range of products and technologies" built on the two companies' existing patents as well as those they file over the next 10 years, they said. Financial details of the deal were not disclosed.

"We're pleased to enter into this agreement with a leading global technology like LG," said Allen Lo, Google's deputy general counsel, in a statement.

The agreement is likely to stave off any potential patent lawsuits between the two companies like the drawn out, costly legal battles that have ensued between Apple and Samsung or Google and Oracle. Google's Android OS is in a number of LG smartphones and the South Korean company owns patents covering smartphones, consumer electronics and other portable gadgets.

But perhaps more importantly, the Google-LG patent arrangement may support new technology for connected devices for the home.

LG has already partnered with other companies like Google and Nest to develop Internet-connected home appliances. LG also offers its line of Smart ThinQ appliances that can be monitored and controlled from afar using a mobile app.

The deal allows each company easier access to technology from the other.

16.01 | 0 komentar | Read More

Apple security checks may miss iWorm malware

Apple's security technologies for Mac OS X may still miss iWorm, a piece of malware discovered in late September that infected thousands of computers.

Apple released an update for its XProtect antivirus engine to detect iWorm, but the update only detects when iWorm's installer is launched, which is a one-time operation, said Patrick Wardle, director of research with Synack, a computer security company based in Redwood City, California. He wrote a paper describing his findings.

It means that computers already infected with iWorm before the update would still be compromised.

Apple "released a signature, but it doesn't address the problem," Wardle said in a phone interview Tuesday. "Unless the user has another antivirus product installed that has a correct signature, those infections aren't going to go away."

iWorm, which is a backdoor that can steal data from a computer, infected more than 18,000 machines, according to security company Dr. Web. It does not exploit any vulnerabilities on Mac OS X but instead relies on tricking people to install it.

The malware was found wrapped into pirated copies of Adobe Systems' Photoshop and Illustrator applications, Parallels Desktop and Microsoft Office for Mac software offered on The Pirate Bay, the infamous search engine for content shared using the BitTorrent peer-to-peer network.

Why Apple only released an update—known as a "signature"—for iWorm's installer is unclear. Apple officials couldn't immediately be reached for comment.

Wardle contends that's dangerous since another Apple security technology, called "Gatekeeper," can also fail to stop iWorm in some scenarios.

When a person downloads an application, Gatekeeper checks if it has a digital signature that indicates it comes from Apple's Store or if it has an approved developer's certificate. If it has neither, Gatekeeper warns that the application could pose a security risk, although users can choose to run it.

But only certain applications, including Safari, Firefox and Chrome, will flag files—known as a "quarantine attribute"—for Gatekeeper to check. If someone downloads a file using uTorrent, a popular client for downloading torrents from The Pirate Bay, it isn't programmed to flag files for inspection by Gatekeeper, Wardle said.

Wardle said he hasn't contacted Apple with his findings, but he said Apple is likely aware of the Gatekeeper's weaknesses, as it appears the way it works was a conscious design decision.

Ultimately, it means that malware authors will still be able to take advantage of the method iWorm uses.

"Unfortunately, it [iWorm] is able to bypass Apple's malware mitigations really easily," Wardle said. "It illustrates that malware on OS X is a problem. It's not that Macs are immune to malware."

16.00 | 0 komentar | Read More

AppDynamics now provides intel for business managers

Looking to expand into a new market, AppDynamics has updated its application monitoring software to provide real-time insights that can be useful for business managers as well as IT staff.

The company announced the Fall 2014 Release of its software at its first user conference in Las Vegas this week. The update also adds new collaboration capabilities and enhancements to keep current with the latest Web development technologies.

With APM (application performance monitoring) systems, developers add software agents to their applications that can collect performance and operational data and relay it back to IT administrators, who use it to spot outages, errors and unexpected latencies.

But in the past couple of years, APM companies have realized the data they collect can be useful to business managers as well. The products provide the ability to see "every interaction within the software stack, from the end user through the business logic," Gartner analyst Jonah Kowall said via email.

A new feature in the AppDynamics platform, called Application Analytics, could help business leaders understand which features in a new app are being most heavily used, for instance. The software could also provide a way to calculate the cost of an app outage in terms of lost revenue. And it could highlight underperforming apps, helping managers make better decisions about IT investments.

Getting that type of data requires no additional coding or infrastructure, according to AppDynamics, which competes with companies like New Relic and Dynatrics, a recent spin-off from Compuware.

Using APM instead of a standard data warehouse can be advantageous because users can get data as it's generated, rather than waiting for it to be collected and stored for analysis in a daily batch process, according to AppDynamics

Along with the new analytics capabilities, the Fall 2014 Release adds a feature called the Virtual War Room, which helps teams collaborate by providing a space where they can discuss data that's being collected. It can also automatically email pre-configured reports to multiple recipients.

The release also adds new analysis patterns to help understand how complex applications are behaving. One such tool, called cross-application flow, can examine well how multiple applications, working together on a common task, are interacting. Another pattern can examine the performance of WebSocket connections, a new Web standard for real-time communications.

AppDynamics now can monitor applications running on the WebMethods and Tibco integration platforms, in addition to applications built with Java, .Net, PHP and Node.js, which have been long supported. It also recognizes the Cassandra database and Microsoft's SQL Azure DB cloud-based services. And in a beta feature, the package can monitor applications written in C/C++.

AppDynamics offers a free "lite" version of its APM product, which can run on-premise or as a hosted service. Use of the "Pro" version starts at US$180 per month.

16.00 | 0 komentar | Read More

Flaw in Visa cards could ring up a very large fraud

Visa's contactless payment cards will approve very large transactions in currencies other than the British pound due to a flaw in a protocol, U.K. researchers contend.

They concluded it would be possible for criminals to turn a mobile phone into a point-of-sale terminal and pre-set a large amount of money to be transferred from a payment card even if it was in someone's pocket.

The type of card, known as EMV after its developers Europay, MasterCard and Visa, uses a microchip to facilitate transactions rather than a magnetic stripe. EMV will soon be used widely across the U.S.

Some types of EMV cards are configured for "contactless" payments, where a customer doesn't have to enter a PIN for smaller transactions that in the U.K. are limited to £20 (US$32).

Researchers with Newcastle University found that Visa's contactless card would authorize a transaction up to 999,999.99 without a PIN if it was in a currency other than the pound.

If an improvised point-of-sale device gets close enough to someone's card in a wallet, the contactless card would approve an offline transaction in less than a second.

The researchers cautioned, however, that they did not test the back-end system of banks, so it is unclear if the transaction cleared by the card would be be fully processed. It wasn't clear from the payment protocol's documentation how banks would deal with the inconsistencies the research uncovered.

Still, they wrote in a news release that "the fact that we can bypass the £20 makes this new hack potentially very scalable and lucrative. All a criminal would need to do is set up somewhere like an airport or the London underground where the use of different currencies would appear legitimate." It isn't clear whether the researchers tried to contact Visa or the banks about the flaw.

EMV cards have been used for many years in Europe and other parts of the world. The microchips that contain account information and authorize transactions are not easy to forge unlike the magnetic stripe data on cards today, which can be easily copied.

But the researchers predicted that as the magnetic stripe is phased out, contactless payments may become interesting to criminals.

Visa officials could not be immediately reached for comment.

16.00 | 0 komentar | Read More

Cortana to give voice and ears to Dynamics CRM

Dynamics CRM 2015 will ship next month with multiple enhancements, including one literally audible: using Cortana on Windows Phone 8.1 devices, users will be able to talk to the customer relationship management suite.

Tasks available via Cortana voice commands will include setting up meetings and reminders, searching for contacts, accounts and activities, calling up customer lists and creating new records.

The integration has a futuristic shine to it, but analysts say the move isn't a technology-for-technology's sake gimmick from Microsoft, which will unveil the Dynamics-Cortana tie-up along with other CRM and ERP announcements on Tuesday.

"This is very significant. Salespeople spend a lot of time on the road, so this lets them leave voice memos on an account while on the go, without having, for example, to be typing and driving," said analyst Ray Wang, chairman and founder of Constellation Research.

It also ties in with an ongoing push by the Dynamics CRM team to make the product simple to use so that it can help salespeople be more productive. "That's why Dynamics CRM has been doing so well," he said.

Meanwhile, analyst Rebecca Wettemann, vice president at Nucleus Research, said it's been proven that adding mobile access to CRM drives significant productivity gains. "This is just the tip of the iceberg in vendors leveraging the voice capture and analytics technologies to deliver CRM productivity," she said.

Wetttemann also views the integration as part of a broader and recent Microsoft trend to leverage its product portfolio to boost its enterprise applications under new CEO Satya Nadella. "The bigger story is that this is a great example of how Microsoft is bringing its product strengths to bear on CRM," she said.

Another recent example of this approach was last month's launch of the Sales Productivity bundle, which combines Dynamics CRM Online Professional with Office 365 and Power BI.

Tuesday's announcements, which Microsoft will make at its Convergence 2014 Europe business conference in Barcelona, also include updates to the suite's platform, which lets customers tailor Dynamics CRM in various ways; and an interoperability between Thunderhead.com's One Engagement Hub and Dynamics CRM to offer omni-channel customer engagement capabilities.

Also on tap is an update to Dynamics AX, Microsoft's ERP suite for large customers, which is due in December and which will let customers run the ERP suite in hybrid environments—on premises and on Azure, according to the company. The update also adds a new point-of-sales client for Windows tablets and phones, and capabilities to streamline warehouse and transportation operations for faster order fulfillment.

Microsoft will also demonstrate Dynamics NAV 2015, the new version of the ERP suite for small and medium size businesses, which features a user experience optimized for tablets and other touch devices, personalized homepages for users, and simpler invoice design and production via interoperability with Word.

16.00 | 0 komentar | Read More

Gmail 5.0 for Android gets a new look, Exchange support

The upcoming version of google's Gmail app for Android features a new look and support for non-Gmail email accounts, Android Police reports.

The new look app features the material design that Google has developed for Android apps, and has a retooled navigation interface. The mailbox pane, for instance, lives in a restyled slide-out "drawer," and the message viewer has a new, cleaner look. The app also has a brighter color scheme compared to the ubiquitous light gray of the older Gmail app.

Also new is support for Microsoft Exchange, as well as POP and IMAP email accounts (think Yahoo Mail, iCloud, email from your ISP), so you no longer have to use two different apps to check all your email. With version 5.0, Gmail for Android becomes a full-fledged general-purpose email client. 

Why this matters: Material Design is Google's name for a new look and feel for its apps, and it's a key new feature of Android 5.0 Lollipop. Gmail 5.0 is not the first app outside of Android 5.0 to get the new look: Version 5.0.13 of the Google Play app also features this new design.

Google will push the updated app to users' phones, but it may take a while before your phone gets it. If you want to get the updated app now, however, Android Police has provided links to mirrored versions of the APK that you can download and install onto your phone manually.

16.01 | 0 komentar | Read More