Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

Uncategorized

Android – New O version released as Developer Preview

The new Android “O” version has been released as released as Developer Preview, as documented in the announcement below:

https://android-developers.googleblog.com/2017/03/first-preview-of-android-o.html

The new mobile OS aims to improve battery life and device performance while offering new features like picture-in-picture display, Wi-Fi Aware support, and more  Android O introduces a number of new features and APIs to use in your apps. Here’s are just a few new things for you to start trying in this first Developer Preview:

Background limits: Android O puts a big priority on improving a user’s battery life and the device’s interactive performance. To make this possible, we’ve put additional automatic limits on what apps can do in the background, in three main areas: implicit broadcasts, background services, and location updates.

Notification channels: Android O also introduces notification channels, which are new app-defined categories for notification content. Channels let developers give users fine-grained control over different kinds of notifications

Autofill APIs: We are making this work more easily across the ecosystem by adding platform support for autofill.

PIP for handsets and new windowing features: Picture in Picture (PIP) display is now available on phones and tablets, so users can continue watching a video while they’re answering a chat or hailing a car. Apps can put themselves in PiP mode from the resumed or a pausing state where the system supports it

Adaptive icons: You can now create adaptive icons that the system displays in different shapes, based on a mask selected by the device.

Wide-gamut color for apps: Android developers of imaging apps can now take advantage of new devices that have a wide-gamut color capable display (AdobeRGB, Pro Photo RGB, DCI-P3, etc.).

Connectivity: Android O now also supports high-quality Bluetooth audio codecs such as LDAC codec. We’re also adding new Wi-Fi features as well

Keyboard navigation: With the advent of Google Play apps on Chrome OS and other large form factors, we’re seeing a resurgence of keyboard navigation use within these apps.

AAudio API for Pro Audio: AAudio is a new native API that’s designed specifically for apps that require high-performance, low-latency audio.

WebView enhancements: In Android O, we’re enabling multiprocess mode by default and adding an API to let your app handle errors and crashes, for enhanced security and improved app stability.

Java 8 Language API improvements: Android now supports several new Java Language APIs, including the new java.time API. In addition, the Android Runtime is faster than ever before, with improvements of up to 2x on some application benchmarks.

Partner platform contributions: Hardware manufacturers and silicon partners have accelerated fixes and enhancements to the Android platform in the O release. For example, Sony has contributed more than 30 feature enhancements including the LDAC codec and 250 bug fixes to Android O.

AMD Ryzen chips – BIOS update being developed to fix early CPU lockup issues

As noted by PC Magazine, a special BIOS update is being developed to fix a CPU lockup issue being experienced by AMD Ryzen chips which began to launch earlier this month.  

http://www.pcmag.com/news/352538/ryzen-7-chips-are-locking-up-pcs-amd-knows-why

All Ryzen desktop processors are suffering from the same problem, and owners are being asked to wait for BIOS updates to solve the issue.  AMD threw Intel a curve ball in February when the chip company announced its Ryzen CPUs would launch in early March. They are fast and significantly cheaper than Intel’s equivalent Core processors. It even led to some price cuts by Intel.

But with Ryzen chips now making their way into desktop PCs, AMD experienced its first major problem. All variants of the Ryzen 7 desktop processors are locking up PCs. The issue is related to FMA3 code, which are a set of streaming SIMD Extensions (SSE) that can greatly enhance the performance of floating point operations carried out by the chips. FMA3 isn’t new. AMD added support for the instruction set back in 2012.

Thankfully for Ryzen chip owners, AMD knows what the problem is but isn’t giving out much in the way of details. According to Digital Trends, the fix requires changes to the BIOS on motherboards. AMD is working on those changes, which will then be distributed to motherboard manufacturers who will then issue a patch.

Ransomware – Blank Slate uses blank spam email message with zip attachment

Ransomware is a highly destructive family of malware, which is designed to hold the victim hostage to get desired files restored.  A highly effective spamming technique used by malware designers to send out a blank spam email message with malicious zip attachment.  This is called the “Blank Slate” attack and is circulating extensively in the wild.

http://researchcenter.paloaltonetworks.com/2017/03/unit42-blank-slate-campaign-takes-advantage-hosting-providers-spread-ransomware/

In recent months, we’ve been tracking a malicious spam (malspam) campaign using emails with no message content and an attached zip archive to spread ransomware. We’ve nicknamed this campaign “Blank Slate” because the malspam messages are blank with nothing to explain the malicious attachments.

Last month, we published a blog  that discussed farming Microsoft Word documents in AutoFocus associated with the Blank Slate campaign. It revealed more than 500 domains were used. These malicious domains were quickly taken offline, but Blank Slate actors quickly registered new ones, revealing a cycle of abuse towards legitimate hosting providers.

Today’s blog describes the delivery, exploitation, and installation components of this attacker’s playbook, and it explores the cycle of abuse criminals follow against legitimate hosting providers to host ransomware associated with these infections.

Microsoft Security Updates – MARCH 2017

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release

http://blog.talosintelligence.com/2017/03/microsoft-patch-tuesday-march-2017.html

https://technet.microsoft.com/en-us/library/security/ms17-mar.aspx

https://isc.sans.edu/forums/diary/February+and+March+Microsoft+Patch+Tuesday/22185/

https://isc.sans.edu/mspatchdays.html?viewday=2017-03-14

Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PDF Library, Microsoft SMB Server, Uniscribe, Microsoft Graphics Component, Adobe Flash Player and Microsoft Windows. 92 vulnerabilities are rated as important, additionally affecting Active Directory Federation Services, DirectShow, Internet Information Services, Microsoft Exchange Server, Microsoft Office, Microsoft XML Core Services, Windows DVD Maker, Windows Kernel, Windows Kernel-Mode Drivers.

Internet Security – Five worst hacking incidents Q1 2017

Entrepreneur’s web site lists the five worst hacking incidents for the first quarter of 2017, as follows: 

https://www.entrepreneur.com/slideshow/290673

1. Fake GMAIL login page – hackers have discovered a highly-effective phishing scheme that’s fooled users into forfeiting their login credentials. The hacker — usually disguised as a close email contact — is found to be sending emails with a “PDF” attachment. Upon clicking the attachment, which is not actually a PDF but appears like one, victims are led to a fake Gmail login page.

2. World Wrestling Entertainment (WWE) hacked – Last year, hacking group OurMine was the leader of some big-time, harmless hacks.  OurMine broke in and informed the company how unsecure its accounts are, and offered its commercial services to help. “We’re just testing your security,” posted the company — which seems to be its well-known tagline.

3.CNN site hacked — Hacking group Our Mine was feeling ambitious over the Jan. 28 weekend. A day after breaking into WWE’s accounts, the cyber security company went for its next victim: CNN. On Jan. 29, the main CNN facebook page, along with CNN International and CNN Politics were hacked.

4. IndiGo Airline Twitter account hacked — Indian airline IndiGo fell victim to cyber attacks twice. Most recently, the company’s Twitter account, which previously had more than 100,000 followers, got hijacked

5. Hundreds of Twitter accounts — From Duke University to Justin Bieber to the Atlanta Police Department, Twitter accounts worldwide are being hijacked, with the hackers spreading a political message.

Internet Security – Permanently delete unneeded social media accounts

The attached article shares very helfpul links & advice for users who wish to close a social networking, email, or other popular INTERNET sites.  Some users may desire to start with a fresh account or permanently leave as a member of site.

http://www.pcmag.com/article2/0,2817,2386458,00.asp

Deleting accounts you’ve created on the internet isn’t always easy. Here’s how to leave several big-name services, from Facebook and Google to Netflix and Hulu.  Sadly, not all websites and social networks and online retailers are created equal when it comes to breaking up. With some, it takes only a couple of clicks to say goodbye. For a few sites, if you stop paying for the service, the site cuts ties fairly quickly. Others make you jump through more hoops. Even after you follow all the required steps, some sites never quite leave you alone, with vestiges of your relationship around forever.

No matter what you call it—deleting, canceling, removing—when you want to be rid of an online account, many sites don’t make it easy. You don’t want to rush into a breakup, but if you’re ready, we’ve compiled the links, tips, and—in the most extreme cases—the phone numbers you need to sever ties. (And let’s be clear, there’s a difference between deleting an account and just deactivating it. We’ll spell out the differences for each account, as needed.) Also, sometimes legality prevents a service from deleting everything you’ve posted publicly in the past, so remnants of your time there could remain in perpetuity

Phishing – Corporate techniques prevent realistic image files from other sites

The ISC warns of obfuscated JavaScript phishing attacks that can pull in highly realistic Excel image files pulled from outside the company’s main website.  In targeted corporate attacks, this highly realistic HTML code can to be linked into scripts that may trick users into revealing passwords.  The Excel spreadsheet security prompt for email address & password is realistic & dangerous

https://isc.sans.edu/forums/diary/How+your+pictures+may+affect+your+website+reputation/22151/

It is part of a phishing campaign and tries to lure the victim to provide his/her credentials to get access to an Excel sheet. Nothing very dangerous for most people. It’s a simply obfuscated Javascript code.  When loaded in the browser, it first displays a HIGH SECURITY warning.  Then, it renders the fake Excel sheet with a popup to enter an email address and password.  A good practice is to prevent hot-linking of images. Basically, you configure your web server to serve images only of the referer is correct.

Windows 10 Edge – Import favorite sites from other browsers

Below are techiques that allow saved bookmarks to be easily imported to the HUB central area that are stored in other browsers

https://blogs.windows.com/windowsexperience/2017/02/27/windows-10-tip-import-favorites-browsers-microsoft-edge/

Did you know you can easily import your favorite sites from other browsers including Chrome, Internet Explorer and Firefox with just two clicks, and see them organized in the Hub? Hub lets you to access your favorites, downloads, reading list and history all in one place.  To import your favorites, go to the Hub and click Settings on the top right. Select the browser you want to import favorites from and click Import.  All your imported favorites will show up in the Hub under the Favorites section

Security – Danger of Internet connected toys for children FEB-2017

There are dangers noted in privacy if parents are not careful with controls and supervision, as shared below

http://www.foxnews.com/tech/2017/02/28/data-from-internet-connected-teddy-bears-held-ransom-security-expert-says.html

Data from internet-connected smart teddy bears has been leaked and ransomed, exposing children’s voice messages and more than half a million customer accounts, according a security expert.  In a blog post, cybersecurity expert Troy Hunt says that an unnamed source contacted him about a data breach affecting the CloudPets range of stuffed animals. The Bluetooth-connected toys let parents upload and download messages to and from their children via an app.

The CloudPets database had allegedly been left exposed online. “Someone sent me data from the table holding the user accounts, about 583k records in total,” wrote Hunt, in his blog post. “There are references to almost 2.2 million voice recordings of parents and their children.” Hunt added that the information was sent to him by “someone who travels in data breach trading circles,” and said that others had also accessed the information. “The CloudPets data was accessed many times by unauthorised parties before being deleted and then on multiple occasions, held for ransom,” he wrote.

Steven Malone, director of security product management at security company Mimecast told Fox News that users need to think carefully about the security implications of the Internet of Things, where a wide range of devices are connected to the web. “Just because you can connect a device to the Internet, it doesn’t mean you should!” he wrote.

AMD – New Vega Radeon branded as next generation graphics cards

AMD has shared some of their future plans for the next generation chipsets for their low cost graphic card solutions designed for engineers or gamers

http://hothardware.com/news/amd-announces-radeon-rx-vega-branding-and-logo

Although we have not yet been given full access to AMD’s upcoming Vega graphics architecture, what the company has provided is the official branding for its new flagship parts. While we all knew that these graphics cards would be based on the Vega architecture, which supersedes Polaris, we didn’t know that “Vega” would actually find its way into the name of shipping parts.  Upcoming cards will take on the Radeon RX Vega branding instead of, for example, Radeon RX 470. AMD also showed off the Vega logo

Radeon RX Vega graphics cards will begin shipping during the first half of 2017 and are still built on a 14nm FinFET process, like their Polaris predecessors. However, AMD is bringing second generation High Bandwidth Memory (HBM2) to the table along with twice the peak throughput per clock compared to previous generation architecture. The Geometry Pipeline, which is now even more efficient, is also joined by a New Compute Unit and next generation Pixel Engine.