Archive for March, 2017

Samsung Galaxy S8 – Product Announcement of new features

BGR has an informative write-up listing many of the new state-of-art features for the  Samsung Galaxy S8 and Galaxy S8+ as follows:

http://bgr.com/2017/03/30/galaxy-s8-features-and-specs-top-5/

It’s funny how you can know just about everything there is to know about a new flagship smartphone thanks to rumors and leaks, and yet still be blown away when the phone is finally announced. Once people actually saw the full Galaxy S8 and Galaxy S8+ picture come together on stage yesterday, however, they knew they were watching something special.

1. Design — We can already state conclusively that these new flagship smartphones are the sleekest, most elegant, best-designed handsets the world has ever known. Just a few short years ago, Samsung was still releasing flagship phones made out of thin plastic that felt flimsy and cheap. Fast-forward to 2017 and the company’s new Galaxy S8 and S8+ are unmatched. Apple’s iPhones have always been considered the gold standard of design — they are the most copied handsets on the market, after all — but Samsung has bested Apple in every way.

2. State of Art Screen — First and foremost, Samsung’s new Galaxy S8 and Galaxy S8+ have narrow bezels and a screen-to-body ratio of 83%. As a result, Samsung has fit a monstrous 6.2-inch Super AMOLED display into a phone the same size as Apple’s 5.5-inch iPhone 7 Plus. Then you’ve got the rounded edges on the front and back of the phones, which makes them fit perfectly in the hand. It also makes Samsung’s new phones feel incredibly thin despite actually being a tiny bit thicker than Apple’s iPhones.

3. Bixby — The second most talked-about Galaxy S8 feature has to be Bixby. This is Samsung’s attempt to combat the rise of digital assistant products like Amazon Alexa, Google Assistant, and the one that started it all, Apple’s Siri. This is one of the hottest spaces in consumer tech right now, so it’s no mystery why Samsung would want in on the action.

4. Bixby Vision — Bixby Vision is an extension of Bixby that brings the physical world around you into the picture. Literally. Using the camera on the Galaxy S8 or S8+, Bixby Vision allows the phones to “look” at their surroundings and offer useful information to users. Bixby Vision can also “see” printed text and instantly translate more than 50 different languages.

5. Samsung DeX — Samsung isn’t the first company to bake a desktop experience into a smartphone, but it is the first company to bake a desktop experience into a smartphone that people actually want.  Samsung’s implementation with DeX is shockingly fast.

6. State-of-Art CPU Processors — The processors are more important than normal because these are the first new smartphones to sport next-generation 10nm chipsets.The Qualcomm Snapdragon 835 and Samsung Exynos 8895 use a process that is more compact than any other mass-market processors. They’re also more energy-efficient and more powerful than any other processors on the market. In terms of multi-core performance, they absolutely crush everything else on the market and people are excited to check them out.

7. Bluetooth 5.0 support — Galaxy S8 will be the first widely available smartphone with Bluetooth 5.0. This next-generation wireless technology is better than current versions of Bluetooth in literally every way. It’s more power efficient, it has four times the range, and it supports two simultaneous independent streams.

8. Gigabit LTE capabilites — Galaxy S8 will be the first phone to support gigabit LTE speeds. That’s right, 1Gbps data transfers on your phone. Google luck holding onto your tiered data plans in the future

CyberSecurity – Pew Research Center 10 question quiz

The Pew Research Center has a 10 question quiz that users can quickly take to test basic knowledge. Only 1% of users get all 10 questions correct, as there are few tricky ones where is a “most correct” answer.

TAKE 10 QUESTION QUIZ in link below (takes about 2 minutes)
http://www.pewinternet.org/quiz/cybersecurity-knowledge/

Evaluation of the test results reveal more education is needed.
http://www.pewinternet.org/2017/03/22/what-the-public-knows-about-cybersecurity/

A new study from Pew Research Center finds that even amid high profile hacks on businesses and institutions that affect millions, many Americans don’t have a comprehensive understanding about what precautions need to be taken to prevent cybersecurity breaches. And perhaps it is unsurprising, but Pew says that “those with higher levels of education and younger internet users are more likely to answer cybersecurity questions correctly.”

Google Home – 12 vendors added for new smart home capabilities

Google Home is adding 12 new smart home vendors, which will be compatible with it’s smart “voice activated” speaker system.  This is documented as follows:

https://www.cnet.com/au/news/google-home-gets-new-partners-in-its-first-big-smart-home-update/

Starting today, Google’s smart speaker can control a variety of new devices, including locks and sprinklers. With a dozen new companies announcing integrations with its platform, the search giant has dramatically increased what its smart speaker can do.  You’ll be able to give a voice command to the Google Assistant built into the Google Home smart speaker and control devices from these 12 companies.

This announcement doesn’t quite even the playing field with Amazon, since Amazon’s assistant Alexa now has more than 10,000 “skills” — essentially third-party apps for voice control. Still, it’s a big push in the right direction that includes many popular smart home products.

It also expands Google Home’s abilities into new territory. Previously, the Google Assistant only worked with lights, plugs, switches, thermostats and recently robot vacuums. Today’s announcement includes locks, sprinklers, an air conditioner, a sous vide cooker and even a professionally installed smart home system.

Phone Security – One Ring Scam entices users to call back

A new phone scam is circulating where robo-caller software randomly constructs telephone numbers and generates a single ring with an immediate hang-up.  Some users may see this as a missed call or may be curious who has called them from the unusual number.  However, users who call back will have premium charges added to their bill as described below.  The Better Business Bureau and other authorities are warning to avoid this new threat.

http://www.techlicious.com/blog/BBB-warning-against-rising-one-ring-phone-scam/

If missed a phone call from an unrecognized number on your cell, the Better Business Bureau (BBB) is warning that might want to do your research before you call it back. The “One Ring Phone Scam” is on the rise, and falling for it is as easy as it is costly.

In the scam, bad guys have a computer autodial thousands of phone numbers at once. Calls disconnect after a single ring to make sure you don’t answer it in time, generating a missed call notification instead.  Attempt to call the number back and you’ll be connected to a premium phone service located outside of the United States. It’s a pricey mistake: Callers can be sacked with a hefty upfront $19.95 international call fee and per-minute charges of $9 or more.

Specifically, the BBB is warning that scammers are using the area codes 268 (Antigua or Barbuda), 809 (Dominican Republic), 876 (Jamaica), 284 (British Virgin Islands) and 473 (Grenada).

How can you stay safe? The BBB explains that “if you don’t recognize an out-of-state telephone number on your caller ID, ignore it and if you do answer, do not call back. Also you should check your cell phone bills carefully and inform your carrier if you spot any unauthorized charges. The earlier you document the fraud, the better your chances of having some or all of the charges removed.” You might also want to block specific phone numbers should you be targeted.

Samsung Galaxy S8 – MARCH 29 2017 launch

The Samsung Galaxy S8 smartphone will have a much improved battery design to promote safety, plus a few expected new, as this preview by The Verge documents below.  There may be a few surprises, given the innovation by Samsung as leading mobile phone manufacturer in world:

http://www.theverge.com/2017/3/28/15078352/samsung-galaxy-s8-preview-event-announcement-challenges

The Samsung Galaxy S8 launches on Wednesday will carry greater expectations and have to prove a lot more than usual. Here’s a rundown of the biggest challenges facing Samsung as it prepares to take the wraps off the Galaxy S8.

The battery — The smaller S8 is set to have a 5.8-inch display paired with a 3,000mAh battery. Samsung got itself in trouble by trying to force the biggest possible battery inside the Note 7, but will it fall behind in the endurance stakes with the more conservative combination it has in its latest phones?

Home button demise and the screen’s elongation — Every leaked image of the Galaxy S8 shows it dumping Samsung’s signature home button in favor of an entirely software-based interface and the smallest screen bezels in Samsung’s history. What’s lost with that physical home button is not only a familiar and tactile method for returning to the starting screen

Camera — Over the course of multiple generations, Samsung separated itself from the rest of the Android competitive field, outdoing rivals like HTC, LG, and Sony with the best optics and image processing available outside the iOS stable. Both the Galaxy S6 and S7 could make legitimate claims to being even better than the corresponding iPhone of their time.

Voice Assistant and DEX Desktop — Beyond the three crucial hardware components of the battery, display, and camera, Samsung will also try to establish unique selling points for the Galaxy S8 with its new Bixby voice assistant and anticipated DeX desktop functionality.

Intel – New High Speed Optane Memory Modules

Intel’s new Optane memory modules has the potential to significantly boost PC performance as shared below:

http://www.pcmag.com/news/352632/intel-unveils-first-optane-memory-modules

Intel on Monday began selling its first Optane memory modules, which it says will transform the traditional relationship between PC memory and storage, making everything from gaming to web browsing much faster on the mainstream computers most people buy.   Optane memory’s crowning achievement is its ability to intelligently allocate the data on a PC between the memory and the hard drive, all the while continuously monitoring your computing patterns to achieve faster app launches and boot times.

But Intel says that Optane’s all-memory approach to data allocation is better than the hybrid drives that have been on the market for nearly a decade, both because of advances in memory technology and the fact that the Optane software configures everything automatically: you don’t have to chose which data are kept in memory and which go on the storage drive.

The upshot is that Optane memory will increase the speed of a traditional hard disk drive-based PC (which is nearly 80 percent of the PC market, according to Intel) by 28 percent, with up to 14 times faster storage performance, Intel says. The company didn’t offer test results for Optane-powered SSD systems.

Android – New O version released as Developer Preview

The new Android “O” version has been released as released as Developer Preview, as documented in the announcement below:

https://android-developers.googleblog.com/2017/03/first-preview-of-android-o.html

The new mobile OS aims to improve battery life and device performance while offering new features like picture-in-picture display, Wi-Fi Aware support, and more  Android O introduces a number of new features and APIs to use in your apps. Here’s are just a few new things for you to start trying in this first Developer Preview:

Background limits: Android O puts a big priority on improving a user’s battery life and the device’s interactive performance. To make this possible, we’ve put additional automatic limits on what apps can do in the background, in three main areas: implicit broadcasts, background services, and location updates.

Notification channels: Android O also introduces notification channels, which are new app-defined categories for notification content. Channels let developers give users fine-grained control over different kinds of notifications

Autofill APIs: We are making this work more easily across the ecosystem by adding platform support for autofill.

PIP for handsets and new windowing features: Picture in Picture (PIP) display is now available on phones and tablets, so users can continue watching a video while they’re answering a chat or hailing a car. Apps can put themselves in PiP mode from the resumed or a pausing state where the system supports it

Adaptive icons: You can now create adaptive icons that the system displays in different shapes, based on a mask selected by the device.

Wide-gamut color for apps: Android developers of imaging apps can now take advantage of new devices that have a wide-gamut color capable display (AdobeRGB, Pro Photo RGB, DCI-P3, etc.).

Connectivity: Android O now also supports high-quality Bluetooth audio codecs such as LDAC codec. We’re also adding new Wi-Fi features as well

Keyboard navigation: With the advent of Google Play apps on Chrome OS and other large form factors, we’re seeing a resurgence of keyboard navigation use within these apps.

AAudio API for Pro Audio: AAudio is a new native API that’s designed specifically for apps that require high-performance, low-latency audio.

WebView enhancements: In Android O, we’re enabling multiprocess mode by default and adding an API to let your app handle errors and crashes, for enhanced security and improved app stability.

Java 8 Language API improvements: Android now supports several new Java Language APIs, including the new java.time API. In addition, the Android Runtime is faster than ever before, with improvements of up to 2x on some application benchmarks.

Partner platform contributions: Hardware manufacturers and silicon partners have accelerated fixes and enhancements to the Android platform in the O release. For example, Sony has contributed more than 30 feature enhancements including the LDAC codec and 250 bug fixes to Android O.

AMD Ryzen chips – BIOS update being developed to fix early CPU lockup issues

As noted by PC Magazine, a special BIOS update is being developed to fix a CPU lockup issue being experienced by AMD Ryzen chips which began to launch earlier this month.  

http://www.pcmag.com/news/352538/ryzen-7-chips-are-locking-up-pcs-amd-knows-why

All Ryzen desktop processors are suffering from the same problem, and owners are being asked to wait for BIOS updates to solve the issue.  AMD threw Intel a curve ball in February when the chip company announced its Ryzen CPUs would launch in early March. They are fast and significantly cheaper than Intel’s equivalent Core processors. It even led to some price cuts by Intel.

But with Ryzen chips now making their way into desktop PCs, AMD experienced its first major problem. All variants of the Ryzen 7 desktop processors are locking up PCs. The issue is related to FMA3 code, which are a set of streaming SIMD Extensions (SSE) that can greatly enhance the performance of floating point operations carried out by the chips. FMA3 isn’t new. AMD added support for the instruction set back in 2012.

Thankfully for Ryzen chip owners, AMD knows what the problem is but isn’t giving out much in the way of details. According to Digital Trends, the fix requires changes to the BIOS on motherboards. AMD is working on those changes, which will then be distributed to motherboard manufacturers who will then issue a patch.

Ransomware – Blank Slate uses blank spam email message with zip attachment

Ransomware is a highly destructive family of malware, which is designed to hold the victim hostage to get desired files restored.  A highly effective spamming technique used by malware designers to send out a blank spam email message with malicious zip attachment.  This is called the “Blank Slate” attack and is circulating extensively in the wild.

http://researchcenter.paloaltonetworks.com/2017/03/unit42-blank-slate-campaign-takes-advantage-hosting-providers-spread-ransomware/

In recent months, we’ve been tracking a malicious spam (malspam) campaign using emails with no message content and an attached zip archive to spread ransomware. We’ve nicknamed this campaign “Blank Slate” because the malspam messages are blank with nothing to explain the malicious attachments.

Last month, we published a blog  that discussed farming Microsoft Word documents in AutoFocus associated with the Blank Slate campaign. It revealed more than 500 domains were used. These malicious domains were quickly taken offline, but Blank Slate actors quickly registered new ones, revealing a cycle of abuse towards legitimate hosting providers.

Today’s blog describes the delivery, exploitation, and installation components of this attacker’s playbook, and it explores the cycle of abuse criminals follow against legitimate hosting providers to host ransomware associated with these infections.

Microsoft Security Updates – MARCH 2017

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release

http://blog.talosintelligence.com/2017/03/microsoft-patch-tuesday-march-2017.html

https://technet.microsoft.com/en-us/library/security/ms17-mar.aspx

https://isc.sans.edu/forums/diary/February+and+March+Microsoft+Patch+Tuesday/22185/

https://isc.sans.edu/mspatchdays.html?viewday=2017-03-14

Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PDF Library, Microsoft SMB Server, Uniscribe, Microsoft Graphics Component, Adobe Flash Player and Microsoft Windows. 92 vulnerabilities are rated as important, additionally affecting Active Directory Federation Services, DirectShow, Internet Information Services, Microsoft Exchange Server, Microsoft Office, Microsoft XML Core Services, Windows DVD Maker, Windows Kernel, Windows Kernel-Mode Drivers.