Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

Intel – New High Speed Optane Memory Modules

Intel’s new Optane memory modules has the potential to significantly boost PC performance as shared below:

http://www.pcmag.com/news/352632/intel-unveils-first-optane-memory-modules

Intel on Monday began selling its first Optane memory modules, which it says will transform the traditional relationship between PC memory and storage, making everything from gaming to web browsing much faster on the mainstream computers most people buy.   Optane memory’s crowning achievement is its ability to intelligently allocate the data on a PC between the memory and the hard drive, all the while continuously monitoring your computing patterns to achieve faster app launches and boot times.

But Intel says that Optane’s all-memory approach to data allocation is better than the hybrid drives that have been on the market for nearly a decade, both because of advances in memory technology and the fact that the Optane software configures everything automatically: you don’t have to chose which data are kept in memory and which go on the storage drive.

The upshot is that Optane memory will increase the speed of a traditional hard disk drive-based PC (which is nearly 80 percent of the PC market, according to Intel) by 28 percent, with up to 14 times faster storage performance, Intel says. The company didn’t offer test results for Optane-powered SSD systems.

Android – New O version released as Developer Preview

The new Android “O” version has been released as released as Developer Preview, as documented in the announcement below:

https://android-developers.googleblog.com/2017/03/first-preview-of-android-o.html

The new mobile OS aims to improve battery life and device performance while offering new features like picture-in-picture display, Wi-Fi Aware support, and more  Android O introduces a number of new features and APIs to use in your apps. Here’s are just a few new things for you to start trying in this first Developer Preview:

Background limits: Android O puts a big priority on improving a user’s battery life and the device’s interactive performance. To make this possible, we’ve put additional automatic limits on what apps can do in the background, in three main areas: implicit broadcasts, background services, and location updates.

Notification channels: Android O also introduces notification channels, which are new app-defined categories for notification content. Channels let developers give users fine-grained control over different kinds of notifications

Autofill APIs: We are making this work more easily across the ecosystem by adding platform support for autofill.

PIP for handsets and new windowing features: Picture in Picture (PIP) display is now available on phones and tablets, so users can continue watching a video while they’re answering a chat or hailing a car. Apps can put themselves in PiP mode from the resumed or a pausing state where the system supports it

Adaptive icons: You can now create adaptive icons that the system displays in different shapes, based on a mask selected by the device.

Wide-gamut color for apps: Android developers of imaging apps can now take advantage of new devices that have a wide-gamut color capable display (AdobeRGB, Pro Photo RGB, DCI-P3, etc.).

Connectivity: Android O now also supports high-quality Bluetooth audio codecs such as LDAC codec. We’re also adding new Wi-Fi features as well

Keyboard navigation: With the advent of Google Play apps on Chrome OS and other large form factors, we’re seeing a resurgence of keyboard navigation use within these apps.

AAudio API for Pro Audio: AAudio is a new native API that’s designed specifically for apps that require high-performance, low-latency audio.

WebView enhancements: In Android O, we’re enabling multiprocess mode by default and adding an API to let your app handle errors and crashes, for enhanced security and improved app stability.

Java 8 Language API improvements: Android now supports several new Java Language APIs, including the new java.time API. In addition, the Android Runtime is faster than ever before, with improvements of up to 2x on some application benchmarks.

Partner platform contributions: Hardware manufacturers and silicon partners have accelerated fixes and enhancements to the Android platform in the O release. For example, Sony has contributed more than 30 feature enhancements including the LDAC codec and 250 bug fixes to Android O.

AMD Ryzen chips – BIOS update being developed to fix early CPU lockup issues

As noted by PC Magazine, a special BIOS update is being developed to fix a CPU lockup issue being experienced by AMD Ryzen chips which began to launch earlier this month.  

http://www.pcmag.com/news/352538/ryzen-7-chips-are-locking-up-pcs-amd-knows-why

All Ryzen desktop processors are suffering from the same problem, and owners are being asked to wait for BIOS updates to solve the issue.  AMD threw Intel a curve ball in February when the chip company announced its Ryzen CPUs would launch in early March. They are fast and significantly cheaper than Intel’s equivalent Core processors. It even led to some price cuts by Intel.

But with Ryzen chips now making their way into desktop PCs, AMD experienced its first major problem. All variants of the Ryzen 7 desktop processors are locking up PCs. The issue is related to FMA3 code, which are a set of streaming SIMD Extensions (SSE) that can greatly enhance the performance of floating point operations carried out by the chips. FMA3 isn’t new. AMD added support for the instruction set back in 2012.

Thankfully for Ryzen chip owners, AMD knows what the problem is but isn’t giving out much in the way of details. According to Digital Trends, the fix requires changes to the BIOS on motherboards. AMD is working on those changes, which will then be distributed to motherboard manufacturers who will then issue a patch.

Ransomware – Blank Slate uses blank spam email message with zip attachment

Ransomware is a highly destructive family of malware, which is designed to hold the victim hostage to get desired files restored.  A highly effective spamming technique used by malware designers to send out a blank spam email message with malicious zip attachment.  This is called the “Blank Slate” attack and is circulating extensively in the wild.

http://researchcenter.paloaltonetworks.com/2017/03/unit42-blank-slate-campaign-takes-advantage-hosting-providers-spread-ransomware/

In recent months, we’ve been tracking a malicious spam (malspam) campaign using emails with no message content and an attached zip archive to spread ransomware. We’ve nicknamed this campaign “Blank Slate” because the malspam messages are blank with nothing to explain the malicious attachments.

Last month, we published a blog  that discussed farming Microsoft Word documents in AutoFocus associated with the Blank Slate campaign. It revealed more than 500 domains were used. These malicious domains were quickly taken offline, but Blank Slate actors quickly registered new ones, revealing a cycle of abuse towards legitimate hosting providers.

Today’s blog describes the delivery, exploitation, and installation components of this attacker’s playbook, and it explores the cycle of abuse criminals follow against legitimate hosting providers to host ransomware associated with these infections.

Microsoft Security Updates – MARCH 2017

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release

http://blog.talosintelligence.com/2017/03/microsoft-patch-tuesday-march-2017.html

https://technet.microsoft.com/en-us/library/security/ms17-mar.aspx

https://isc.sans.edu/forums/diary/February+and+March+Microsoft+Patch+Tuesday/22185/

https://isc.sans.edu/mspatchdays.html?viewday=2017-03-14

Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PDF Library, Microsoft SMB Server, Uniscribe, Microsoft Graphics Component, Adobe Flash Player and Microsoft Windows. 92 vulnerabilities are rated as important, additionally affecting Active Directory Federation Services, DirectShow, Internet Information Services, Microsoft Exchange Server, Microsoft Office, Microsoft XML Core Services, Windows DVD Maker, Windows Kernel, Windows Kernel-Mode Drivers.

Internet Security – Five worst hacking incidents Q1 2017

Entrepreneur’s web site lists the five worst hacking incidents for the first quarter of 2017, as follows: 

https://www.entrepreneur.com/slideshow/290673

1. Fake GMAIL login page – hackers have discovered a highly-effective phishing scheme that’s fooled users into forfeiting their login credentials. The hacker — usually disguised as a close email contact — is found to be sending emails with a “PDF” attachment. Upon clicking the attachment, which is not actually a PDF but appears like one, victims are led to a fake Gmail login page.

2. World Wrestling Entertainment (WWE) hacked – Last year, hacking group OurMine was the leader of some big-time, harmless hacks.  OurMine broke in and informed the company how unsecure its accounts are, and offered its commercial services to help. “We’re just testing your security,” posted the company — which seems to be its well-known tagline.

3.CNN site hacked — Hacking group Our Mine was feeling ambitious over the Jan. 28 weekend. A day after breaking into WWE’s accounts, the cyber security company went for its next victim: CNN. On Jan. 29, the main CNN facebook page, along with CNN International and CNN Politics were hacked.

4. IndiGo Airline Twitter account hacked — Indian airline IndiGo fell victim to cyber attacks twice. Most recently, the company’s Twitter account, which previously had more than 100,000 followers, got hijacked

5. Hundreds of Twitter accounts — From Duke University to Justin Bieber to the Atlanta Police Department, Twitter accounts worldwide are being hijacked, with the hackers spreading a political message.

Internet Security – Permanently delete unneeded social media accounts

The attached article shares very helfpul links & advice for users who wish to close a social networking, email, or other popular INTERNET sites.  Some users may desire to start with a fresh account or permanently leave as a member of site.

http://www.pcmag.com/article2/0,2817,2386458,00.asp

Deleting accounts you’ve created on the internet isn’t always easy. Here’s how to leave several big-name services, from Facebook and Google to Netflix and Hulu.  Sadly, not all websites and social networks and online retailers are created equal when it comes to breaking up. With some, it takes only a couple of clicks to say goodbye. For a few sites, if you stop paying for the service, the site cuts ties fairly quickly. Others make you jump through more hoops. Even after you follow all the required steps, some sites never quite leave you alone, with vestiges of your relationship around forever.

No matter what you call it—deleting, canceling, removing—when you want to be rid of an online account, many sites don’t make it easy. You don’t want to rush into a breakup, but if you’re ready, we’ve compiled the links, tips, and—in the most extreme cases—the phone numbers you need to sever ties. (And let’s be clear, there’s a difference between deleting an account and just deactivating it. We’ll spell out the differences for each account, as needed.) Also, sometimes legality prevents a service from deleting everything you’ve posted publicly in the past, so remnants of your time there could remain in perpetuity

Phishing – Corporate techniques prevent realistic image files from other sites

The ISC warns of obfuscated JavaScript phishing attacks that can pull in highly realistic Excel image files pulled from outside the company’s main website.  In targeted corporate attacks, this highly realistic HTML code can to be linked into scripts that may trick users into revealing passwords.  The Excel spreadsheet security prompt for email address & password is realistic & dangerous

https://isc.sans.edu/forums/diary/How+your+pictures+may+affect+your+website+reputation/22151/

It is part of a phishing campaign and tries to lure the victim to provide his/her credentials to get access to an Excel sheet. Nothing very dangerous for most people. It’s a simply obfuscated Javascript code.  When loaded in the browser, it first displays a HIGH SECURITY warning.  Then, it renders the fake Excel sheet with a popup to enter an email address and password.  A good practice is to prevent hot-linking of images. Basically, you configure your web server to serve images only of the referer is correct.

Windows 10 Edge – Import favorite sites from other browsers

Below are techiques that allow saved bookmarks to be easily imported to the HUB central area that are stored in other browsers

https://blogs.windows.com/windowsexperience/2017/02/27/windows-10-tip-import-favorites-browsers-microsoft-edge/

Did you know you can easily import your favorite sites from other browsers including Chrome, Internet Explorer and Firefox with just two clicks, and see them organized in the Hub? Hub lets you to access your favorites, downloads, reading list and history all in one place.  To import your favorites, go to the Hub and click Settings on the top right. Select the browser you want to import favorites from and click Import.  All your imported favorites will show up in the Hub under the Favorites section

Security – Danger of Internet connected toys for children FEB-2017

There are dangers noted in privacy if parents are not careful with controls and supervision, as shared below

http://www.foxnews.com/tech/2017/02/28/data-from-internet-connected-teddy-bears-held-ransom-security-expert-says.html

Data from internet-connected smart teddy bears has been leaked and ransomed, exposing children’s voice messages and more than half a million customer accounts, according a security expert.  In a blog post, cybersecurity expert Troy Hunt says that an unnamed source contacted him about a data breach affecting the CloudPets range of stuffed animals. The Bluetooth-connected toys let parents upload and download messages to and from their children via an app.

The CloudPets database had allegedly been left exposed online. “Someone sent me data from the table holding the user accounts, about 583k records in total,” wrote Hunt, in his blog post. “There are references to almost 2.2 million voice recordings of parents and their children.” Hunt added that the information was sent to him by “someone who travels in data breach trading circles,” and said that others had also accessed the information. “The CloudPets data was accessed many times by unauthorised parties before being deleted and then on multiple occasions, held for ransom,” he wrote.

Steven Malone, director of security product management at security company Mimecast told Fox News that users need to think carefully about the security implications of the Internet of Things, where a wide range of devices are connected to the web. “Just because you can connect a device to the Internet, it doesn’t mean you should!” he wrote.