Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'devices'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 51 results

  1. New Hampshire, Colorado and Virginia Top the List of States with Highest Malware Rates So Far in 2017 Computer users in New Hampshire were three times as likely to get a malware infection on their computers compared to the rest of the country. That's according to data released today by Enigma Software Group (ESG), makers of the SpyHunter anti-malware program. The ESG research team compiled their latest data based on more than 1.5 million infections detected on SpyHunter in all 50 states in the first six months of 2017. Surprisingly to some, it turns out that the infection rate in New Hampshire was 201% higher than the average infection rate for all 50 states. Colorado, Virginia, New Jersey, and Oregon were the next highest states. "It's hard to tell exactly why some states have higher infection rates than others," said ESG spokesperson Ryan Gerding. "In the top five alone, you've got east coast and west coast states, highly populated states and sparsely populated ones. Regardless of where you live, it's always important to stay vigilant for infections all the time." Infections can come in many forms. Some may be adware, which forces massive amounts of popup advertising to appear on your computer. Some may be rogue anti-spyware programs, which look like legitimate programs that promise to remove infections, but in reality are just taking your money without doing anything. Many people have seen headlines about ransomware, which can lock important files and hold them hostage unless a ransom is paid. However, the vast majority of files detected can be considered nuisance-ware. Those are potentially unwanted programs that change browser settings, switch your default search engine, install unwanted toolbars, and slow down performance. Other key findings from the ESG's mid-year infection analysis include: Overall infections have actually dropped on a monthly basis since January 2017. In June 2017, infections in the US were down 31% over infections in January. The experts at ESG believe that's due in part to users updating to more secure versions of their Windows operating system. On a city by city basis, Orlando, Denver, and St. Louis had the highest infection rates compared to other major cities in the U.S. Tennessee, Alabama, and Mississippi had the lowest infection rates in the first half of 2017. ESG offers the following tips to keep computers protected from all kinds of malware. Regularly backup your data. Ideally, you would use a physical back up (external hard drive connected to your computer) and a cloud backup. By backing up your hard drive, what whatever happens to your computer, you know your data is safe. Install a trusted malware removal software like SpyHunter, and set it to perform scans and updates automatically. Set your operating system to update automatically and regularly. It's tempting to click the button to 'update later' when a notification pops up. Still, it's always better to update your software as soon as possible. Think about that link. Be very wary of links sent to you in emails and social media messages. Crooks are getting much better at creating bogus messages that look like something legitimate (messages from friends, emails from retailers), but, actually, have malicious intent. Below is the full ranking of all 50 states and how much their infection rate differed from the national average in the first six months of 2017. New Hampshire 201% higher than the national average Colorado 143% higher than the national average Virginia 80% higher than the national average New Jersey 64% higher Oregon 25% higher New York 24% higher Montana 24% higher Missouri 23% higher Arizona 18% higher Maine 17% higher Wyoming 17% higher Arkansas 17% higher Wisconsin 14% higher Massachusetts 11% higher Georgia 10% higher North Dakota 8% higher Nevada 6% higher Nebraska 5% higher Rhode Island 5% higher Florida 3% higher South Dakota 3% higher Vermont 2% higher Washington 1% lower than the national average Iowa 1% lower than the national average Kansas 2% lower Ohio 3% lower Idaho 3% lower Pennsylvania 5% lower South Carolina 5% lower Illinois 6% lower Maryland 6% lower New Mexico 7% lower Texas 9% lower North Carolina 10% lower Alaska 10% lower Utah 16% lower Michigan 18% lower Kentucky 20% lower Louisiana 20% lower Oklahoma 21% lower West Virginia 24% lower Minnesota 27% lower Hawaii 30% lower California 30% lower Connecticut 31% lower Delaware 32% lower Indiana 35% lower Tennessee 47% lower Alabama 50% lower Mississippi 53% lower Article source
  2. It is aiming to tackle planned obsolescence and discourage things like glued in batteries. The European Parliament has been discussing how to encourage device makers to make their products more durable and easier to repair. Yesterday some recommendations were published which, if enforced, could see devices created with longer useful lifespan. Furthermore, planned obsolescence for physical goods, and software, looks like it is being tackled head-on as it will be defined and then "appropriate dissuasive measures for producers," introduced. Behind these initiatives is a 2014 Eurobarometer survey. The survey found that 77 per cent of EU consumers "would rather repair their goods than buy new ones, but ultimately have to replace or discard them because they are discouraged by the cost of repairs and the level of service provided". You can find the bullet pointed list of recommendations below, as published on the European Parliament news page: robust, easily repairable and good quality products: “minimum resistance criteria” to be established for each product category from the design stage, if a repair takes longer than a month, the guarantee should be extended to match the repair time, member states should give incentives to produce durable and repairable products, boosting repairs and second-hand sales - this could help to create jobs and reduce waste, consumers should have the option of going to an independent repairer: technical, safety or software solutions which prevent repairs from being performed, other than by approved firms or bodies, should be discouraged, essential components, such as batteries and LEDs, should not be fixed into products, unless for safety reasons, spare parts which are indispensable for the proper and safe functioning of the goods should be made available “at a price commensurate with the nature and life-time of the product”, an EU-wide definition of 'planned obsolescence' and a system that could test and detect the 'built-in obsolescence' should be introduced, as well as “appropriate dissuasive measures for producers”. iFixIt type product labelling In addition to the above new product durability and repairability initiatives, a product labelling scheme was proposed. A voluntary European label should highlight a product's durability, eco-design features, and upgradeability in line with technical progress and reparability. The labelling resolution was passed with an overwhelming majority of 662 votes to 32, with two abstentions. In recent related news the Microsoft Surface Laptop scored a dismal zero out of ten for reparability on the iFixIt site. View: Original Article
  3. Scientists have developed an innovative firewall programme that can protect smartphones from malicious codes and security threats. Earlier this year, researchers from the Ben-Gurion University of the Negev (BGU) in Israel discovered a security vulnerability in the internal communications between Android cellphone components and a phone's central processing unit (CPU). They alerted Android developer Google and helped the company address the problem. "Our technology doesn't require device manufacturers to understand or modify any new code," said Yossi Oren from BGU. "It's a firewall that can be implemented as a tiny chip, or as an independent software module running on the CPU," said Oren. Some 400 million people change their phone's components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks. These components, referred to as "field replaceable units (FRUs)," communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorised app downloads. "This problem is especially acute in the Android market with many manufacturers that operate independently," researchers said. "An attack of this type occurs outside the phone's storage area; it can survive phone factory resets, remote wipes and firmware updates. Existing security solutions cannot prevent this specific security issue," they said. "There is no way for the phone itself to discover that it's under this type of an attack. Our solution prevents a malicious or misconfigured FRU from compromising the code running on the CPU by checking all the incoming and outgoing communication," said Omer Schwartz from BGU. The research team uses machine learning algorithms to monitor the phones' internal communications for anomalies that may indicate malicious code. The software allowed them to identify and prevent hardware-generated data leaks and hacks. The researchers are seeking to further test the patent-pending technology with phone manufacturers. Article source
  4. Last week, the Free Software Foundation (FSF) awarded new certifications in the Respects Your Freedom (RYF) program that highlights hardware vendors and devices that respect user privacy and allow the user full control over his device. Fifteen new products have been added to the FSF's RYF list, all from Romanian startup Technoethical (formerly Tehnoetic). Since 2012 and for many years after, the FSF's Respect Your Privacy certification list only included a handful of products. The addition of Technoethical's devices to the list is important because it more than doubles the number of devices that received the RYF award. Today, most hardware vendors include bloatware with their products, which collects various user metrics, or use DRMs to limit the user's customization options. Technoethical's devices will give users more options and a complete set of hardware products to choose from if they want to be in control of their digital life. Below is a list of all the products that received a Respect Your Freedom certification. Technoethical TET-N150HGA High Gain Antenna Wireless USB Adapter for GNU/Linux-libre Technoethical TET-N300 Wireless USB Adapter for GNU/Linux-libre Technoethical TET-N300HGA High Gain Antennas Wireless USB Adapter for GNU/Linux-libre Technoethical TET-N300DB Dual Band Wireless miniPCIe Card for GNU/Linux-libre Technoethical TET-N450DB Dual Band Wireless miniPCIe Card for GNU/Linux-libre Technoethical TET-BT4 Nano Bluetooth 4.0 USB Adapter for GNU/Linux-libre Technoethical TET-X200 Laptop with Libreboot and GNU/Linux-libre Technoethical TET-X200T Tablet with Libreboot and GNU/Linux-libre Technoethical TET-X200s Laptop with Libreboot and GNU/Linux-libre Technoethical TET-T400 Laptop with Libreboot and GNU/Linux-libre Technoethical TET-T400s Laptop with Libreboot and GNU/Linux-libre Technoethical TET-T500 Laptop with Libreboot and GNU/Linux-libre Technoethical TET-D16 Server Mainboard with Libreboot Technoethical TET-X200DOCK Docking station for Technoethical X200, X200s & X200T Technoethical TET-T400DOCK Docking station for Technoethical T400 & T500 Vikings USB Stereo Sound Adapter [discontinued] Vikings USB Stereo Sound Adapter Vikings ASUS KGPE D16 Server/Workstation-grade x86 Mainboard Vikings X200 Laptop Minifree Libreboot T400 Laptop Aleph Objects LulzBot TAZ 6 3D Printer Aleph Objects LulzBot Mini 3D Printer ThinkPenguin TPE-R1100 Wireless-N Mini VPN Router ThinkPenguin TPE-N150USB Wireless N USB Adapter for GNU/Linux ThinkPenguin TPE-N150USBL Wireless N USB Adapter /w External Antenna for GNU / Linux Technoethical TET-N150 Mini Wireless USB Adapter for GNU/Linux-libre Taurinus X200 Laptop ThinkPenguin TPE-NWIFIROUTER [discontinued] Wireless-N Router Minifree Libreboot X200 [discontinued] Laptop Article source
  5. Check Point researchers revealed a new attack vector threatening millions of users of popular media players, including VLC, Kodi (XBMC), Popcorn Time and Stremio. By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can potentially take complete control of any device running the vulnerable platforms. “The supply chain for subtitles is complex, with over 25 different subtitle formats in use, all with unique features and capabilities. This fragmented ecosystem, along with limited security, means there are multiple vulnerabilities that could be exploited, making it a hugely attractive target for attackers,” said Omri Herscovici, vulnerability research team leader at Check Point. Here’s a video of the attack: Hacked in Translation Demo The subtitles for films or TV shows are created by a wide range of subtitle writers, and uploaded to shared online repositories, such as OpenSubtitles.org, where they are indexed and ranked. Researchers also demonstrated that by manipulating the repositories’ ranking algorithm, malicious subtitles can be automatically downloaded by the media player, allowing a hacker to take complete control over the entire subtitle supply chain without user interaction. How many users are affected? VLC has over 170 million downloads of its latest version, released June 5, 2016. Kodi (XBMC) has reached over 10 million unique users per day, and nearly 40 million unique users per month. No current estimates exist for Popcorn Time usage, but it is estimated to be tens of millions. Check Point has reason to believe similar vulnerabilities exist in other streaming media players. What can you do? Since the vulnerabilities were disclosed, all four companies have fixed the reported issues. Stremio and VLC have also released new software versions incorporating this fix. “To protect themselves and minimize the risk of possible attacks, users should ensure they update their streaming players to the latest versions,” concluded Herscovici. Article source
  6. Internet of Things (IoT) aims at integrating digital devices more with the physical world for the betterment of humans. However, as the technology gets increasingly pervasive, we should bear in mind few concerns. For instance, is the technology failsafe for use or can it be weaponized? These were the questions set to dominate cyber-security conference in the Netherlands where Reuben Paul, sixth-grader genius from Austin, Texas stunned the audience. The boy suggested that things in our daily lives like IoT home appliances, cars, refrigerators or everything that can be connected to Internet-connected can be weaponized or used to spy on us or harm us. Reuben demonstrated this by plugging into his laptop a device known as a “Raspberry Pi“. It is a low-cost computer. He then proceeded to scan the hall for Bluetooth devices and downloaded dozens of numbers. Next, using the Python language, he successfully managed to hack into his bear via one of the numbers and turned on Bob’s (his teddy bear’s) lights and recorded audio. With this, he underscored something important – Internet of Things devices could easily be hacked. As such, our private information such as passwords can be stolen or the same can be used as a remote surveillance system to spy on someone. Reuben’s father revealed that the boy showcased his early IT skills at the age of 6. A new interconnection of technology which was once heralded as the next industrial revolution thus has become the first apprehension of early adopters of the technology. The message out is loud and clear – manufacturers, security researchers, and the government have to work together! Article source
  7. Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide effective countermeasures, other approaches for tricking wireless clients into automatically associating with a rogue access point are wanted. Enter Lure10 – a new attack that, by taking advantage of Wi-Fi Sense, tricks wireless devices running Windows into doing exactly that. What is Wi-Fi Sense? Wi-Fi Sense, enabled by default on Windows 10 and Windows Phone 8.1, is a feature that automatically connects users to crowdsourced open wireless networks it knows about. Based on information previously collected by devices that connected to one or another of these open networks, Microsoft evaluates whether they provide a good-quality connection and, if they do, adds it to the list of hotspots that will be suggested by Wi-Fi Sense. Wi-Fi Sense will pick one when the user is in range, automatically accept its terms of use, and the user will seamlessly be connected to it. The Lure10 technique The success of the attack, which was presented by security engineer George Chatzisofroniou at this year’s Hack in the Box conference in Amsterdam, relies on: The victim’s device being fooled into believing it is within the geographical area of a Wi-Fi Sense-tagged open wireless network The attacker successfully disrupting the victim device’s existing Wi-Fi connection (by spoofing DEAUTH frames), and The attacker successfully mimicking the Wi-Fi Sense network in question (broadcasting a network with the same ESSID – extended service set identifier – is enough to do that). That last prerequisite can be achieved by finding a Wi-Fi Sense network that exists in an area relatively close to the victim (e.g. in their home city), and collecting its ESSID (e.g. “AIRPORT_FREE”). At the same time, through, the attacker also needs to collect the BSSIDs (the MAC addresses of the access points) of the other wireless networks in the same area, as this information is used by Windows Location Service to determine the location of a device. By broadcasting beacon frames with these BSSIDs, the attacker fools WLS into thinking the device is in the area of the impersonated network (first prerequisite of the attack). Once the attacker goes through the two steps, the fact that the rogue access point is sending out beacon frames with the ESSID of the Wi-Fi Sense network it mimics is enough for the victim device to connect to it automatically – IF the victim device has no shared WLANs in its Preferred Networks List and Available Networks List. But even that last condition can be achieved (see Chatzisofroniou’s presentation slides for more details). How to protect yourself? The Lure10 attack technique has been added to the latest version of the open source Wifiphisher rogue Access Point tool, of which Chatzisofroniou is the lead developer. The engineer says that Microsoft has been informed about this issue and has acknowledged its impact, but has not taken steps to mitigate it, as they consider it an “accepted risk.” Users can protect themselves against this attack by simply disabling Wi-Fi Sense on their device. Article source
  8. Backup, Backup, Backup! (In the voice of Steve Ballmer yelling Developers, Developers, Developers!) In the next two to three weeks Microsoft will be making the third major feature update for Windows 10, the Creators Update, generally available to users on the Windows 10 Anniversary Update. Once it is released, this update will roll out in a very controlled manner to make sure delivery systems are not overwhelmed or that there aren't any unexpected issues cropping up. All of this will be monitored by the Windows Team and Microsoft engineers who have the ability to regulate the updates push out to Windows 10 systems around the world. As an end user your choices are pretty straight forward when it comes to getting the Windows 10 Creators Update. Option 1 - Wait Since it is a staggered release that means more machines will be added to receive the official update over time. Microsoft usually begins a roll out like this to their known users such as the Windows Insiders who have already been testing the update over the last several months. Then they add likely compatible hardware users such as those on Surface devices and other OEM machines that have full Windows 10 compatibility. If you want to just wait until your device gets the update then sit tight because it will eventually get targeted towards your machine. However, if you are inpatient and want the updates from the first day then this is not going to work very well for you. That means Option 2 is going to be your solution. Option 2 - Force the Update When Microsoft makes a new feature update available they also upgrade their Media Creation Tool (MCT) on the Windows 10 Download Page so that it can be used to install the latest upgrade. The MCT should provide a couple of options for getting and installing the Creators Update. 1. Create installation media on a USB or DVD that can be used to boot your Windows 10 system and perform a clean install. This option means all of your data, apps and other desktop software will be wiped from the device. 2. Perform an in place upgrade to the Creators Update using the MCT to create the install media necessary to upgrade the system. This method gives you an option to keep or remove your files, settings, and apps. 3. Use the MCT to download an ISO file that can be used on the current or other devices to upgrade/clean install other devices. Eligibility If you are running the Windows 10 Anniversary Update, which was released last August, then you will get the Creators Update for free. If you are still running Windows 7 or 8.1 then you will have to purchase Windows 10 to be eligible for the upgrade. It is still being reported that some product keys for consumer versions of Windows 7/8.1 will work when upgrading to Windows 10 and not require a new license but that is not a guarantee since Microsoft officially ended the free upgrade program for those versions of Windows back on 29 July 2016. Your First and Key Step - Backup! This is good advice on any day of the week however, when you are about to undertake a major operating system upgrade it is even more important. Let me start by saying I have been a Windows Insider since the program began in October 2014. Since then I have done countless build to build upgrades as I tested for Threshold 1 (original Windows 10 release), November Update (Threshold 2), Anniversary Update (Redstone 1), and now the Creators Update (Redstone 2). I have also upgraded numerous systems for each major feature update during this same time frame. In the midst of all those upgrades I have never experienced a catastrophic failure that resulted in the loss of data. Even on the few occasions that an upgrade has failed, it always rolled back to my previous working install without the loss of data. In other words - I have a lot of faith in this version to version upgrade process that Microsoft has developed for Windows 10. However, that does not mean I did not have my critical data backed up and safe - just in case. It is never a bad thing to have working backups of that important information. As I shared a couple of weeks ago, OneDrive is my backup/sync plan for the data on my devices. So if for some reason a device was to experience a major issue and not be recoverable during an upgrade my data would still be in the cloud waiting to be synched back on that device once it was back up and running. For some of you, backing up your data could be accomplished by grabbing an external hard drive or flash drive and copying your documents folder over for safe keeping. The key here is to obviously have a device capable of holding all of your data. Of course, there are also many cloud backup providers that can back up just your documents or an entire image of your device that has your data, apps, and software protected. Restoring those using their software is simple once you have your device back up and online. Ultimately, it does not matter what method you use to protect your data. It is just critical that you have some backup method in place and prove that it works. There is only one type of backup - one that works and can be restored - because a non-working backup isn't really a backup. It is then that you are ready to upgrade your system to the Windows 10 Creators Update. So will you wait or force the Windows 10 Creators Update? By Richard Hay http://winsupersite.com/windows-10/getting-your-devices-ready-windows-10-creators-update
  9. Researchers have developed new technology that can prevent stolen phones and laptops from getting into the wrong hands -- by destroying them. This new self-destruct mechanism built by researchers at the King Abdullah University of Science and Technology (KAUST) in Saudi Arabia would provide an extra layer of defense against thieves who resell the devices or access the device's sensitive data. The technology works quickly, and it can be installed on most modern devices, say the researchers. "The first customers would be the ones who need data protection: intelligence communities, corporations, banks, hedge funds, social security administrations, collectors who handle massive data," says Muhammad Mustafa Hussain, an electrical engineer who helped to develop the technology, speaking to IEEE Spectrum. Here's how it works: The self-destruct mechanism consists of an expandable polymer, which crumples the device's chips within a few seconds. When the mechanism is remotely triggered, heater electrodes that draw power from the device's battery activates the polymer, which rapidly expands to seven-times its original size when heated to 80°C (176°F). According to the researchers, the expanding polymer can destroy a silicon chip up to 90 micrometers thick, or just less than 0.1mm. The researchers say that a number of different triggers are possible, such as a GPS switch that could activate the self-destruct mechanism if a device is taken outside of a building, for example. Another example would be a password-enabled app that could also remotely activate the trigger, the researchers say. And because the technology can be retrofitted to existing laptops and desktops, that cuts down the manufacturing costs. Each self-destruct mechanism could cost as little as $15, says Hussain. More details of the research are slated to be published in an upcoming issue of the "Advanced Materials Technologies" journal. Source
  10. Lineage OS Announces A Bunch Of Newly Supported Devices For Its Preview Builds Last month, Cyanogen announced that it was shutting down its offices, leaving the future of CyanogenMod in question. However, from the company's digital ashes rose a new project called Lineage OS. The developer team behind the operating system announced that it would support more than 80 devices. However, at launch, it only supported a handful of devices. Now, the company has updated its roster of supported devices, adding a number of older handsets to the list. Previously, the developer team had only included the LG Nexus 5X, Huawei Nexus 6P, Motorola Moto G4 / G4 Plus, Nextbit Robin and Xiaomi Redmi 1S. The company has now updated its list of supported devices to include: Asus Nexus 7 2013 (4G / Wi-Fi) LG Nexus 5 Huawei Honor 5X LG G4 (T-Mobile / International) LG G3 S LG G3 Beat Motorola Moto X Pure (2015) Motorola Moto E Motorola Moto G Motorola Moto G4 Play OnePlus One Oppo Find 7a Oppo Find 7s Samsung Samsung Galaxy S III (AT&T / Sprint / T-Mobile / Verizon / International) Samsung Galaxy S II (International) Sony Xperia SP Xiaomi Mi 3w and Mi 4 Xiaomi Mi 5 Xiaomi Mi Max Xiaomi Redmi 3/Prime Xiaomi Redmi Note 3 As can be seen, the list of devices has increased drastically. That said, the developer team has not announced how many installs its operating system has garnered. Previously, the company had announced that experimental builds of Lineage OS had been downloaded more than 50,000 times. This figure is bound to change with more devices being supported everyday. You can download the latest nightly and experimental builds on supported handsets by heading over to the download page here. Source
  11. bluetooth

    Bluetooth 5 Is Here While Bluetooth technology is not perfect, it has greatly impacted the technology industry. Look no further than headphones and speakers to see that it has made wireless music possible. It is also the technology that links smartphones to smartwatches. Those are just two such examples -- there are countless more. Today, the Bluetooth Special Interest Group announces the official adoption of the previously-announced Bluetooth 5. In other words, it is officially the next major version of the technology, which will eventually be found in many consumer devices. "Key feature updates include four times range, two times speed, and eight times broadcast message capacity. Longer range powers whole home and building coverage, for more robust and reliable connections. Higher speed enables more responsive, high-performance devices. Increased broadcast message size increases the data sent for improved and more context relevant solutions. Bluetooth 5 also includes updates that help reduce potential interference with other wireless technologies to ensure Bluetooth devices can coexist within the increasingly complex global IoT environment. Bluetooth 5 delivers all of this while maintaining its low-energy functionality and flexibility for developers to meet the needs of their device or application", says the Bluetooth Special Interest Group. Mark Powell, executive director of the Bluetooth SIG explains, "Bluetooth is revolutionizing how people experience the IoT. Bluetooth 5 continues to drive this revolution by delivering reliable IoT connections and mobilizing the adoption of beacons, which in turn will decrease connection barriers and enable a seamless IoT experience. This means whole-home and building coverage, as well as new use cases for outdoor, industrial, and commercial applications will be a reality. With the launch of Bluetooth 5, we continue to evolve to meet the needs of IoT developers and consumers while staying true to what Bluetooth is at its core: the global wireless standard for simple, secure, connectivity". So, will you start to see Bluetooth 5 devices and dongles with faster speeds and longer range in stores tomorrow? Nope -- sorry, folks. Consumers will have to wait until 2017. The Bluetooth SIG says devices should become available between February and June next year. Source Alternate Source - Bluetooth 5.0 Officially Introduced with Longer Range, Faster Speed
  12. American Associates, Ben-Gurion University of the Negev BEER-SHEVA, Israel, Nov. 22, 2016 - Researchers at Ben-Gurion University of the Negev (BGU) have demonstrated malware that can turn computers into perpetual eavesdropping devices, even without a microphone. In the new paper, "SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit," the researchers explain and demonstrate how most PCs and laptops today are susceptible to this type of attack. Using SPEAKE(a)R, malware that can covertly transform headphones into a pair of microphones, they show how commonly used technology can be exploited. "The fact that headphones, earphones and speakers are physically built like microphones and that an audio port's role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers," says Prof. Yuval Elovici, director of the BGU Cyber Security Research Center (CSRC) and member of BGU's Department of Information Systems Engineering. "This is the reason people like Facebook Chairman and Chief Executive Officer Mark Zuckerberg tape up their mic and webcam," says Mordechai Guri, lead researcher and head of Research and Development at the CSRC. "You might tape the mic, but would be unlikely to tape the headphones or speakers." A typical computer chassis contains a number of audio jacks, either in the front panel, rear panel or both. Each jack is used either for input (line-in), or for output (line-out). The audio chipsets in modern motherboards and sound cards include an option for changing the function of an audio port with software -a type of audio port programming referred to as jack retasking or jack remapping. Malware can stealthily reconfigure the headphone jack from a line-out jack to a microphone jack, making the connected headphones function as a pair of recording microphones and turning the computer into an eavesdropping device. This works even when the computer doesn't have a connected microphone, as demonstrated in the SPEAKE(a)R video. The BGU researchers studied several attack scenarios to evaluate the signal quality of simple off-the-shelf headphones. "We demonstrated is possible to acquire intelligible audio through earphones up to several meters away," said Dr. Yosef Solewicz, an acoustic researcher at the BGU CSRC. Potential software countermeasures include completely disabling audio hardware, using an HD audio driver to alert users when microphones are being accessed, and developing and enforcing a strict rejacking policy within the industry. Anti-malware and intrusion detection systems could also be developed to monitor and detect unauthorized speaker-to-mic retasking operations and block them. Article source
  13. Hacked cameras, DVRs and other devices in the internet of things are making headlines. But improvements are possible, say cybersecurity experts. The internet of things isn't secure. That much was clear when a panel of four cybersecurity experts began their talk on Thursday at the Techonomy conference in Half Moon Bay, California. "The internet of things is something that cannot be fully secured," said Betsy Cooper, the executive director of the UC Berkeley Center for Long-Term Cybersecurity. "We just have to assume that there is a risk." That risk became a real threat last month, when hacked cameras and DVRS began overwhelming popular websites with requests and knocking them offline, causing internet outages across the US. In light of that and other recent attacks, "We should absolutely be working to get that risk as low as possible," Cooper said. Experts have lots of ideas for making things better, from creating security standards for internet-connected devices to raising awareness of the risk among the public. Cooper was joined by Verizon executive Mark Bartolomeo; Nicole Eagan, CEO of cybersecurity firm Darktrace; and Chris Rill, an executive at IoT security company Canary. "It's a problem we'll probably never stop working on," Bartolomeo said. One solution that's already in the works is a security rating for internet-connected devices. Companies like ICSA Labs and Underwriter Laboratories (better known as UL) are testing and developing standards for devices. So is the National Institute for Standards and Technology, which is part of the US Department of Commerce. These efforts could lead to a consumer rating system akin to the crash test rating for a car or an energy rating for a refrigerator. All this testing could help a problem that is difficult for companies to avoid, Eagan said. Companies that sell IoT devices often have them manufactured by a string of third parties outside the US. That means companies can't be totally sure the device they designed is secure. "An attack can be embedded in the device before it arrives," Eagan said. Despite the testing efforts, Rill said the problems built into today's IoT devices won't be fixed for another two to three years. "It's going to get worse before it gets better," Rill said. "I would say ask a lot of questions before you buy these products." Article source
  14. As an additional security layer, you can use this guide to enable write protection on Windows 10 to prevent users from copying data to a USB drive. Windows 10 is the most secure version of Windows yet, but even though Microsoft has spent countless hours building new features to make computers more secure, someone can still just walk in, insert a USB drive, and walk away with sensitive data. Of course, you can always protect your computer with a password, or set up a very strong PIN, but it's possible for someone with physical access to your machine get a hold to your sensitive data. Fortunately, Windows 10 includes a write protection feature, which is hidden for some mysterious reason, and it allows you prevent any users from inserting a USB drive and downloading any data from your computer. In this Windows 10 guide, we'll walk you through the steps to edit the registry and enable the write protection feature in the operating system to block users from saving data to a USB drive. How to enable USB write protection Important: This is a friendly reminder to let you know that editing the registry is risky, and it can cause irreversible damage to your installation if you don't do it correctly. It's recommended to make a full backup of your PC before proceeding. 1. Use the Windows key + R keyboard shortcut to open the Run command. 2. Type regedit, and click OK to open the registry. 3. Browse the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control 4. Right-click the Control (folder) key, select New, and click on Key. 5. Name the new key StorageDevicePolicies and press Enter. 6. Select the newly created key, and right-click on the right side, select New, and click on DWORD (32-bit) Value. 7. Name the new DWORD WriteProtect and press Enter. 8. Double-click the newly created DWORD and change its value from 0 to 1. 9. Click OK. 10. Close the Registry to complete the task. Once you completed the steps, anyone who connects a USB drive to your computer will be denied copy privileges, and they'll get a "This disk is write-protected" message. As a result, no one will be able to edit, delete, create, or rename files in the external storage. At any time you can revert the changes by following the steps mentioned above, but on step 8, make sure to change the DWORD value from 1 to 0. Wrapping things up While you can enable the write protection feature on your computer to protect your data from falling on to the wrong hands, there a number of other scenarios where something like this will be useful. For example, this feature can add an extra layer of security when implementing a kiosk machine, or when you work with sensitive data on your business, just to name a few. Although we're focusing this guide on Windows 10, it's worth pointing out that the same concept should work on previous versions of the operating system, including Windows 8.1 and Windows 7. Article source
  15. To analyze the current state of device security, Duo Security analyzed more than two million devices, 63 percent of which were running Microsoft operating systems. Seriously outdated Windows versions Researchers found that 65 percent of all Windows devices are running Windows 7, affected by approximately 600 security vulnerabilities. To make things even more dangerous, tens of thousand of devices are still running Windows XP 15 years after its release. This represents more than 700 vulnerabilities, 200 of which are rated as high-to-critical. “There are numerous reasons why companies continue to stick with older operating systems like Windows 7,” said Ajay Arora, CEO of Vera. “Reasons can range from the cost it takes to update every computer, or the software they are currently using might not translate to newer operating system and environments.” “If companies chose to continue to use Windows 7 and operating systems that lack features such as, no default disk encryption to protect data on lost devices and no file-level encryption to protect data as it leaves the corporate network, they need to consider using security software that do. It comes down to, spending the money to address the underlying issue of using an operating system with weaker security, spending money to update the operating systems, or spending the money to secure the thing you are trying to protect in the first place; the data itself,” concluded Arora. Microsoft browsers Twenty percent of devices running Internet Explorer are running unsupported versions 8, 9 and 10. IE versions 8 through 10 have reached end-of-life status without the ability to receive security patches, leaving them susceptible to old exploits. Of all devices running Microsoft browsers, only 3% are using the latest, Edge. Additional findings Nearly 62 percent of devices running IE have an old version of Flash installed potentially making them susceptible to compromise by an exploit kit containing code for Flash vulnerabilities. Ninety-eight percent of devices running IE have Java installed. Businesses have legacy and custom applications that rely on Java. Java remains a top target of attackers. Forty-two percent of all devices analyzed used Microsoft services, including Remote Desktop Protocol, Outlook Web Access, and Remote Desktop Gateway. “Malicious actors rely on out-dated and up-patched software, including operating systems, so they can automate malware distribution because they can save time and money – thereby increasing their profits,” said Stephen Singam, Managing Director, Security Research at Distil Networks, told Help Net Security. “Reports like this are alarming because there is clearly a dangerously high number of devices that are worth targeting. The likelihood of one of these devices being compromised and subsequently added to a botnet are high and the likelihood of the owner of the device knowing their device has been compromised is low,” Singam added. Protection tips To protect against the vulnerabilities discussed here, Duo recommends: Switch to modern browser platforms that are more secure such as Edge or those that update more frequently and automatically Run regular security updates as well as emergency patches Use device encryption, passwords and fingerprint ID Implement a two-factor authentication solution to protect systems and data Enable automatic updates for as much software as possible to make it easier for your users Disable Java and prevent Flash from running automatically on corporate devices, and enforce this on user-owned devices through endpoint access policies and controls. Article source
  16. The Windows Upgrade Analytics Service analyzes app compatibility and helps to automate deployment IT administrators trying to figure out how to move their organizations to Windows 10 have a new tool that might change the game. This week, Microsoft released the Windows Upgrade Analytics Service, designed to make it easier to decide whether you can carry out a massive upgrade. WUAS gives administrators a sense of what drivers and applications are running in their environment, as well as how many devices are running Windows 10. Using Microsoft telemetry data, it decides whether those devices and the software running on them will be compatible with Windows 10 and suggest fixes for compatibility problems. The upgrade service helps address a key concern that IT professionals have about a major OS upgrade: Will the new OS break the applications and devices that end users rely on? By introducing this tool, Microsoft may accelerate adoption of Windows 10. The service is essentially a more advanced version of the Application Compatibility Toolkit that Microsoft made available for IT shops deploying Windows 7, Gartner Research Vice President Steve Kleynhans said in an interview. “It’s always good to know what kind of blockers you’re going to run into, what kind of problems you might hit, so IT shops are constantly looking for these kinds of tools and making use of them,” Kleynhans said. WUAS can also be used to help execute rollouts of Windows 10, whether in a small pilot project or a full production-level launch. The service will export a list of devices to a suite of software deployment tools, which administrators can use to deploy an upgrade. In the future, Kleynhans hopes the service can become a part of the process for organizations evaluating the impact of Windows 10 patches. “I think it’ll be interesting to see how this plays out with the ongoing updates going forward. Because that’s really the bigger challenge,” Kleynhans said. “We’ve got the one project now, getting onto Windows 10, but then there’s the project later on that happens every six, nine, 12 months, whatever it turns out to be, as new updates roll out.” Article source
  17. Microsoft officials said Windows 10 has hit the 400 million 'active' device milestone, up from 300 million in early May. Windows 10 is now running on 400 million active devices as of today, September 26, Microsoft officials said. That's up from 300 million as of May 5, and 207 million at the end of March. "Active devices" mean devices than have been active in the past 28 days, Microsoft officials have said. The figure includes not only Windows 10 installed on PCs, tablets, and phones, but also on Xbox One consoles and HoloLens, Surface Hubs. Microsoft's original goal was to have Windows 10 running on one billion devices by 2018, but execs recently conceded they wouldn't make that number until some unspecified time after that. Microsoft execs shared the newest stats on the opening day of the Microsoft Ignite conference in Atlanta. They also said that Windows Insider testers working with early Windows 10 "Redstone 2" builds soon should get their hands on a new Edge browser security feature that's been rumored for some time: Container-based isolation in the browser. That container-based isolation is technology codenamed "Barcelona." While Windows 10 Enterprise currently supports containers for development purposes, Barcelona is specific to the browser baked into the operating system. Microsoft execs have christened Barcelona "Windows Defender Application Guard," they said today. The feature will use virtualization-based security, isolating potentially malicious code in containers so it can't spread across company networks. Starting "early next year," Microsoft will start testing this feature with enterprise customers who've expressed interest, officials said. Microsoft officials also said at Ignite today that the Windows Defender Advanced Threat Protection (ATP) and Office 365 ATP services now "share intelligence mutually." These services help detect and thwart advanced attacks. And as of early 2017, Office 365 ATP will be extended to Word, Excel, PowerPoint, SharePoint Online, and OneDrive for Business. Users will be able to get email with placeholder attachment and use "URL detonation" for analyzing links in real time. Article source
  18. In collaboration with Microsoft Research, Cindy Hsin-Liu Kao, a PhD student at MIT’s Media Lab, and a team of fellow researchers have designed a new fabrication process which allows anyone—with the time and money—to create temporary, functional “tattoos” for their skin. By applying conductive gold leaf to the body, Kao’s process, DuoSkin, produces a less invasive, and more aesthetically appealing result than other forms of biohacking. GIF: MIT Media Lab Perhaps the most interesting thing about DuoSkin is that the technique produces devices that are inherently temporary, creating technology that is intended to be used as a real style statement. The researchers who created DuoSkin say it is possible to design a circuit on any graphics software. Then, all you would need to do is stamp the tattoo in gold leaf, and apply other components to make the tattoo interactive. While the technique is vastly more user-friendly than other forms of biohacking, DuoSkin still isn’t something the average person could carry out without some know-how. With that said, it’s not hard to imagine commercialized versions that consumers could purchase. For example, a music speaker could come prepackaged with a set of fashionable DuoSkin tattoos that allow for the music to be remotely controlled. In a promotional video, Kao describes how DuoSkin can be used to create three “classes” of devices. The first, input devices, turn your skin into a trackpad. The second, output displays, report information about your body, such as its temperature. The third, communication devices, allow others to digitally receive information from your tattoo, in the form of something similar to an NFC tag. Since DuoSkin doesn’t require surgery, it might be a good introduction to biohacking for the majority of Americans who are afraid of using technology to alter their bodies. This isn’t Kao’s first experiment with technological body modification. Last year, she built NailO, a tiny device mounted on your thumbnail that can be used to send a quick text message or email, particularly in situations where whipping out your smartphone might been seen as rude. The device essentially turns your thumb into a tiny trackpad. DuoSkin is set to be presented at a symposium for wearable technology next month. Article source
  19. GNOME Improves Handling of Unknown Audio Devices (Thanks to Unity) Is it a mic? Is it a speaker? No, it’s a … well, actually GNOME doesn’t know either — but the popular open-source desktop is getting smarter at finding out. As previewed in mockups earlier this year, GNOME 3.20 is to present users with a dialog window when an audio device that it can’t identify is connected to the headphone/microphone input jack. The user assistive feature has been able to go from mock-up to implementation thanks, in part, to Unity developer David Henningsson, Henningsson’s original code (and knowledge) has helped GNOME integrate the functionality into their desktop shell in a way that ‘…should be easily implementable in other desktop environments that use libgnome-volume-control to interact with PulseAudio.’ In a blog post GNOME developer Bastien Nocera explains how it works in a little more depth: Nifty! If you connect a lot of different audio peripherals to your Linux device keep a beady eye out for the feature in GNOME 3.20, which ships later this year. Source
  20. All Android OS versions are susceptible and can be affected by four identified security flaws. Hackers can potentially infect Android devices with malware, which when installed, would provide them with "privilege escalation" to gain rooting access to devices, thanks to four new vulnerabilities, dubbed Quadrooter, identified by security researchers. Around 900 million Android devices have been left vulnerable by Quadrooter. According to security firm Check Point, hackers could potentially exploit any one of the four identified vulnerabilities to gain rooting privileges, which would then give the hackers full control over the affected device. This means that hackers would then have access to all the data and hardware of the infected device, including camera and microphone. The vulnerabilities affect Android devices of various brands, including: BlackBerry Priv, Blackphone 1 and 2, Google Nexus 5X, 6 and 6P, HTC One M9 and HTC 10, LG G4, G5, and V10, New Moto X by Motorola, OnePlus One, 2 and 3, Samsung Galaxy S7 and S7 Edge, Sony Xperia Z Ultra "An attacker can exploit these vulnerabilities using a malicious app. Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing. Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm," Check Point said. Hackers could potentially exploit any one of the four identified vulnerabilities to gain rooting privileges, which would then give the hackers full control over the affected deviceQualcomm Flaws in-built "During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems," said Check Point senior security researcher Adam Donenfeld, presenting the firm's findings at the DefCon security conference on 7 August. The flaws uncovered by Check Point were found to affect Qualcomm chip drivers, which are installed into devices during manufacturing. This means that Google, which provides the software for Android devices, would not be able to produce the security patches. Instead, the security updates must come from the hardware manufacturer (in this case Qualcomm), to be provided to the phone vendors, before it can be rolled out to the users. 3 down, 1 to go Three of the four security flaws identified have already been patched. However, the remaining vulnerability is yet to be fixed, the Register reported. The security patch for the remaining vulnerability will likely arrive with Google's monthly security update release, and should be available to users in September. "No-one at this point has a device that's fully secure," Check Point mobility product management head Michael Shaulov told ZDNet. "That basically relates to the fact that there is some kind of issue of who fixes what between Qualcomm and Google." Check Point has a free app that enables users to check if their devices are vulnerable. Article source
  21. Researchers from Rapid7 at DefCon will demonstrate vulnerabilities that allow attackers to turn point-of-sale devices into keyboards Magnetic stripe readers, you are the gift that keeps on giving. Unfortunately. Researchers from Rapid7 Inc. will demonstrate how point-of-sale systems and hotel keys with magstripe technology can be hacked and used in brute-force attacks as part of a DefCon presentation this weekend. Building on work from Samy Kamkar and his MagSpoof techniques, along with integrated bad barcode from Tencent, Rapid7's Weston Becker will show how to inject OS commands into a Windows-based POS system with the magstripe reader. "Often a magstripe reader is configured as a general-purpose device, so you can drop in commands to open a register, open a window, or download malware and install," said Tod Beardsley, senior security research manager at Rapid7, in a phone interview with Dark Reading. With a device that's programmable via an electromagnetic field, the hacker has lots of options: open a cash register drawer, open a window on the computer, or download and install malware. "You only need to distract the operator for a couple seconds -- it all happens very quickly," Beardsley explained. In effect, the attack turns the magstripe reader into a keyboard. "If you've seen the rubber ducky attacks with the exposed USB ports, you know that something that mimics a keyboard gives you direct access to the [POS] device," Beardsley added. The vulnerability affects everything from hotel keys to loyalty cards, gas cards, or special access cards for first responders to use elevators. Rapid7 has already notified the manufacturer, Samsung, but the vulnerability affects nearly all vendors' POS devices, which aren’t that different from one another, according to Beardsley. There's also been no official response from Samsung, though Beardsley assumes they're doing their own testing and due diligence. Rapid7 is also working with CERT for handling the vulnerability disclosure. Beardsley and Weston point to two areas that need to be fixed. The first is not to allow magstripe readers to be used as a keyboard, which can be addressed by new driver definitions, "an OS fix," Beardsley said. Secondly, because the devices can be tricked into taking certain types of commands, the applications they use should limit the kind of data they're expecting. "Credit card data is ASCII, not anything exciting. But the fact I can inject keystrokes, like the F8 key, is unexpected," Beardley said. "It's a fundamental design flaw in how these Windows-enabled systems run." Brute-forcing a magstripe hotel card is also remarkably simple; the data it contains is encoded but not encrypted, Beardsley said. An attacker with a magstripe hotel card will look for the folio number associated with check-in, which is usually six digits and tends to be assigned incrementally (123456, 123457, 123458…) rather than randomly. The attacker will also look for the room number on the magstripe card and the checkout date. All three pieces of data have to be accurate for a room doorlock to open. "Once you have a device, it's short work to guess a number on the fly that opens a lock – the doors to guest rooms," Beardsley said. By replacing incremental IDs with random ones and expanding the number of digits in the data fields, hotels and other affected industries can help address the vulnerabilities – a cheaper, easier fix than using encrypted cards. "Encryption will happen at some point, but today it's pretty much the same basic technology from the 1970s," Beardsley said. Article source
  22. As growing numbers of devices are connected to the internet, security and privacy concerns grow. Businesses are looking for solutions that provide protection for both the endpoint and the network. Israel-based Allot Communications is announcing a new collaboration with Intel Security to introduce McAfee Unified Security Powered by Allot, providing complete end-to-end security capabilities. The solution blends advanced threat detection technologies in the network and at the endpoint with customer intelligence and comprehensive personalization capabilities to deliver a scalable platform that simplifies security service activation, service awareness, operation and management. Deployed by communication service providers (CSPs) as a value-added security service to their customers, it offers comprehensive protection for users at home, at work and on-the-go, and features a consumer-friendly interface and simple self-management capabilities. "With the proliferation of mobile devices and the exponential growth in IoT, the combination of Intel Security's expertise in the cyber security domain with Allot's vast experience in the CSP network-based Security as a Service market delivers immediate and unparalleled value for operators and consumers alike", says Andrei Elefant, president and CEO at Allot Communications. "We see significant interest in the joint solution, including several engagements in progress. We are excited about this collaboration and are looking forward to working jointly with Intel Security and to expanding Allot's global reach". Unified Security works with devices ranging from smartphones and tablets to gaming consoles, smart TVs and more. It can help guard against bots, malware, phishing and spam, plus it uses Intel's True Key to allow users to sign in using features that are unique to them instead of having to remember passwords. Additional features include ad blocking and parental controls. You can find out more on the Allot website. Article source
  23. The java-based cross-platform Adwind RAT not only steals data but also turns the infected device into a botnet! Cyber criminals always develop malware filled with unbelievable features but hardly ever you will find something that targets different operating systems simultaneously. Now, researchers have discovered a malware based on Java infecting companies in Denmark but it’s only a matter of time before it will probably hit other countries. Dubbed Adwind RAT (Remote access tool), the malware was first detected and taken down in 2015 before it could infect millions of users around the world, however, it’s back with full power as currently, no anti-virus software could detect. If your device is infected with this malware, your security software is rendered useless against it (at least for now). Detection test on VirusTotal In a blog post, Andra Zaharia of Heimdal Security revealed that cybercriminals are sending malicious emails to organizations in the English language attached with Doc-172394856.jar file which open executions providing a backdoor access to attackers. The researchers have warned not to download or click any files coming with a Java archive .jar extension. The targeted devices include Windows, OS X, Linux and Android which upon infection turn them into a botnet, that’s not all, Adwind also steals data from the device. Previously, Omni RAT was found targeting Mac, Linux, Windows PC and Android phones. In 2016, researchers have identified several cases in which Javascript malware was used to infect users; i.e Comment tagging malware on Facebook dropping malware on Chrome users, Qarallax RAT or QRAT on Skype and even the famous SNAP vulnerability in Android devices was also triggered through javascript malware. There’s much more on Heimdal Security website including additional technical details. To protect your devices from such malicious software don’t download files from unknown emails, don’t download files from untrusted websites. Article source
  24. How to protect your data and devices in the post-antivirus age This week, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) issued a warning about popular antivirus software made by Symantec, some of it under the Norton brand, after security researchers with Google's Project Zero found critical vulnerabilities in it. Is your antivirus protecting your computer or making it more hackable? Internet security experts are warning that anti-malware technology is becoming less and less effective at protecting your data and devices, and there's evidence that security software can sometimes even make your computer more vulnerable to security breaches. This week, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) issued a warning about popular antivirus software made by Symantec, some of it under the Norton brand, after security researchers with Google's Project Zero found critical vulnerabilities. Concordia University professor Mohammad Mannan, who does research on IT security, says he doesn't use antivirus software on his primary machines and hasn't for years. "These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible," wrote Google researcher Tavis Ormandy in a blog post. Symantec said it had verified and addressed the issues in updates that users are advised to install. It's not the only instance of security software potentially making your computer less safe. Concordia University professor Mohammad Mannan and his PhD student Xavier de Carné de Carnavalet recently presented research on antivirus and parental control software packages, including popular brands like AVG, Kaspersky and BitDefender, that bypass some security features built into internet browsers to verify whether sites are safe or not in order to be able to scan encrypted connections for potential threats. In theory, they should make up for it with their own content verification systems. 'Surprised at how bad they were' But Mannan's research, presented at the Network and Distributed System Security Symposium in California earlier this year, found they didn't do a very good job. "We were surprised at how bad they were," he said in an interview. "Some of them, they did not even make it secure in any sense." Increasingly, attacks focus on social engineering or phishing that lures users onto compromised websites that can steal information or serve ransomware. When contacted about Mannan's research, Kaspersky said it was reviewing the research and AVG said it had made precautionary changes to its software. Alexandru Balan, chief security researcher for BitDefender, defended his company's encrypted content scanning feature as valuable protection against threats, but said that type of "SSL or TLS filtering" feature needs to be designed and constantly updated in a careful fashion, which he believes his company does. However, Mannan recommends that if you use antivirus software, you should choose one that doesn't have the feature or turn it off. He doesn't use antivirus protection on his primary machines and hasn't for years, he said. "I don't see any clear advantage of using them," he wrote in a followup email, noting that they can slow your machine down and introduce new vulnerabilities. Neither the vulnerabilities reported by Mannan or the Symantec vulnerabilities are known to have been exploited, but that doesn't mean they never have been. Meanwhile, many experts agree that antivirus software may not do a great job at protecting your computer against today's threats. 'Antivirus is getting increasingly useless these days,' wrote Stu Sjouwerman, CEO of KnowBe4, in a blog post. (KnowBe4) "Antivirus is getting increasingly useless these days," wrote Stu Sjouwerman, CEO of KnowBe4, which trains employees of other companies to be smarter about internet security, in a blog post this week. When asked to elaborate in an interview, he said, "The bad guys … basically have gone smart and they say, 'We're not going to try and circumvent antivirus. We're just going to attack organizations at the weakest link in IT security, which is the user.'" Increasingly, attacks focus on social engineering or phishing that lures users onto compromised websites that can steal information or serve ransomware. Those websites are so short-lived that antivirus software often doesn't update fast enough to recognize them, Sjouwerman added. Still worth it? J. Paul Haynes, CEO of Cambridge, Ont.-based cybersecurity firm eSentire, said that while antivirus software used to protect against 80 to 90 per cent of threats, but it's now thought to protect against less than 10 per cent because of the cybercriminal tactics cited by Sjouwerman. "It gets a little worse every day, every week, every month," Haynes said. But both Sjouwerman and Haynes suggest that even a small level of protection offered by antivirus software may still be worth the price for corporations. "This is the easiest and cheapest stuff to stop," Haynes said. However, they both warned against having a false sense of security if you have an antivirus installed. For the consumer, Haynes said, "ransomware is probably the thing that people have to worry about." Ransomware typically encrypts your files and demands a ransom of several hundred or thousand dollars to restore access. And because those compromised websites are so short-lived, "it wouldn't matter how good your antivirus is," Haynes said, you'd still be vulnerable. Tips for protecting yourself So what can you do to protect yourself in the post-antivirus age? Mannan, Haynes and Sjouwerman all have similar recommendations: Back up everything regularly. You can back up photos and non-sensitive files to the cloud. But you should also keep a backup on an external hard drive that is not physically connected to your computer (otherwise it can be compromised in a ransomware attack). That way, if you get attacked by ransomware or another threat, you can roll back to the previous version of your computer. Keep your operating system and software such as browsers up to date and patched. Turn on automatic updates if they're available. Think before you click on links or attachments. If you're not sure about them, get in touch with the person who sent them to double-check. To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted. Article source
  25. 'Medjack 2' describes the latest weapons in the hacker arsenal used to hijack medical devices. TrapX It is not just the enterprise, banks and individuals that are targeted by cybercriminals looking to cash in on data and rinse bank accounts. Things have taken a more sinister turn with the introduction -- and evolution -- of attacks specifically designed to compromise medical devices, which places both patient health and information at serious risk. A new report released by security firm TrapX on Monday highlights how this trend is becoming more and more serious, and healthcare organizations must sit up and take note of these emerging threats before it is too late. We've already seen ransomware attacks levied against hospitals this year which have successfully disrupted critical services and taken down full systems, with some hospitals giving in and paying a ransom to resume operating. This kind of malware, although often heartbreaking for victims and capable of immense disruption, is not in the same ballpark as other attacks which are striking hospitals for the purpose of tampering with devices and data. The report, "Anatomy of an Attack - Medical Device Hijack 2" (.PDF), is based on medical hijack attacks detected between late 2015 and early 2016, expanding on TrapX's original MedJack 1 research. The team found that attacks which target medical devices deployed in hospital PC systems and networks are on the rise and often contain backdoors, botnet connections and remote access tunnels for cyberattackers to manipulate devices. Greg Enriquez, CEO of TrapX Security commented: Some of the report highlights include: Attackers were found to repackage and disguise advanced tools within old, Windows-based worms which were ignored by security software as outdated, harmless malware -- but would then seek out old PC systems to compromise. Old malware variants were commonly used to attack medical devices as many of them have no security protection whatsoever, and there is no need to use sophisticated, expensive software once a network has been infiltrated; Backdoors were often installed afterwards, allowing for spying, data theft and providing an avenue to deploy malware payloads including ransomware; X-ray machines, radiation systems, fluoroscopy radiology systems and linac gating devices were all found to be constant targets for attackers. By compromising medical systems, attackers could not only potentially tamper with live-saving devices -- such as altering dosage rates or turning systems off and on -- but they can also use vulnerabilities to steal valuable medical and patient data over time. Medical device hijacking is only one threat element hospitals face today. Healthcare organizations have been forced to take cybersecurity more seriously since the recent spate of ransomware-based attacks at a number of hospitals this year, but to combat the more complex problem of medical device hijacking, solutions need to come from the top. Hospital budgets and board decisions have to come into play if healthcare organizations are going to be able to keep patients safe from these threats in the future. It may not seem likely that such a malicious attack would occur against a patient using a critical medical device, but in today's world, anything is possible. "Healthcare organizations need to implement strategies that review and remediate existing medical devices, better manage medical device end-of-life and carefully limit access to medical devices," noted Moshe Ben Simon, TrapX Security co-founder and vice president. "It becomes essential to leverage technology and processes that can detect threats from within hospital networks." Article source