Intel unveiled its Compute Card, a credit card-sized device that’s basically an entire PC, at CES this year. At Computex this week, the company officially launched the card with a full list of partners and what we can expect to see from them product-wise. These devices will all be at the show and vary widely. Sharp, for example, is showing off digital signage while Seneca and Foxconn are making mini PCs. LG is sticking the Compute Card in its monitors to turn them into all-in-ones. The card might also show up in tablets and interactive whiteboards. Nexdock will be showing something off, too, which we can assume is its touchscreen conceptthat it announced in January. Intel says the Compute Card will start shipping in August.
Weirdly, Intel’s most well-known partners, including Lenovo, HP, and Dell, aren’t ready to show off their products. Intel says they’ll definitely create something but we don’t have an idea of what those devices might be.
The compute card will be available in four variants:
Image: IntelThe company’s also putting out its design kit today that includes guides and reference designs for developers. The Compute Card might not take over, but it at least is giving us hope for a future of powerful pocket PCs.
Auto-clicking 'Judy' adware was distributed by over 40 apps in Google's official Android market.
Security researchers have discovered a large malware campaign in the Google Play store.
Dubbed Judy -- because many of the malicious apps are games featuring a cutesy character of that name -- the autoclicking adware was found in 41 different apps created by a Korean mobile app developer, whose products have been downloaded by up to 18 million Android users. Some of the apps having been available for many years and are regularly updated.
Uncovered by cybersecurity researchers at Check Point Software, the malware uses devices to generate fraudulent clicks on adverts, generating income for those behind the scheme.
The malware was also discovered in several apps created by other developers on Google Play, some of which haven't been updated since April 2016. This suggests the malicious code was able to hide in the store undetected for over a year. The connection between the two campaigns is unknown, but it's possible one developer borrowed code from the other.
It's unclear how long the malicious code has existed within this second group of apps, but they have been downloaded by up to 18 million users.
This represents the latest instance of malicious codes sneaking malicious apps into the Play store, as part of Google's ongoing battle with Android malware.
The Judy apps are able to bypass Google Play's Bouncer protection system by using similar techniques to other forms of malware which have successfully infiltrated the Android store -- such as FalseGuide and Skinner -- because the malicious code is hidden from view.
There are more cryptor attacks than ever before. Could your business survive a cryptor? Despite criminals often demanding bigger payments from business victims, the ransom may only represent a small portion of the overall costs to the business. Download this ebook to learn how to guard against crypto-ransomware.
Many of the malicious apps are developed by a Korean firm named Kiniwini, whose products in the Play Store are registered under the name ENISTUDIO corp. They develop products for both Android and iOS and their games focus on a character called Judy doing various jobs ranging from cooking to pet care.
The researchers note that it's unusual to unearth the actors behind malicious apps, which in this case are hijacking users' devices to generate fraudulent clicks.
In addition to the fraudulent activity, the apps display a number of adverts which often leave users with no option but to click on them. Some users have commented on this as suspicious in negative reviews. However, the apps still enjoyed high user ratings -- a reminder that review scores can't always be trusted as apps can trick users into giving high scores.
Negative reviews noting suspicion of Judy apps in the Play Store.
Image: Check PointCheck Point has informed Google about the adware and the apps have now been removed from the store, although the millions who've already downloaded them are likely to remain unaware they're affected, due to the lack of any sort of recall facility for apps.
While Google keeps the vast majority of its 1.4 billion Android users safe from malware, malicious apps still get through.
Kiniwini has posted a statement on its website, which seems to refer to the games being removed from Google Play.
"Recently, our game apps have been blocked on Google Play and the service has been stopped," the company said.
Google had not responded to a request for comment at the time of publication.
2. More data sharingIn addition to storing web data longer, Twitter is changing how it shares this data with its partners (read: advertisers). The wording is a bit vague but the changes certainly aren't being made to share less of your data: "We've updated how how we share non-personal, aggregated, and device-level data, including through some select partnership agreements that allow the data to be linked to your name, email, or other personal information - but only when you give your consent to those partners."
3. No more Do Not TrackTwitter is no longer supporting Do Not Track, which you could enable in most browsers to stop advertisers from tracking your browsing history. Twitter states that despite its early support "an industry-standard approach to Do Not Track did not materialize."
A NEW STRAIN of ransomware has spread quickly all over the world, causing crises in National Health Service hospitals and facilities around England, and gaining particular traction in Spain, where it has hobbled the large telecom company Telefonica, the natural gas company Gas Natural, and the electrical company Iberdrola. You know how people always talk about the Big One? As far as ransomware attacksgo, this looks a whole lot like it.
The ransomware strain WannaCry (also known as WanaCrypt0r and WCry) that caused Friday’s barrage appears to be a new variant of a type that first appeared in late March. This new version has only gained steam since its initial barrage, with tens of thousands of infections in 74 countries so far today as of publication time. Its reach extends beyond the UK and Spain, into Russia, Taiwan, France, Japan, and dozens more countries.
One reason WannaCry has proven so vicious? It seems to leverage a Windows vulnerability known as EternalBlue that allegedly originated with the NSA. The exploit was dumped into the wild last month in a trove of alleged NSA tools by the Shadow Brokers hacking group. Microsoft released a patch for the exploit, known as MS17-010, in March, but clearly many organizations haven’t caught up.
“The spread is immense,” says Adam Kujawa, the director of malware intelligence at Malwarebytes, which discovered the original version of WannaCry. “I’ve never seen anything before like this. This is nuts.”
A Bad BatchRansomware works by infecting a computer, locking users out of the system (usually by encrypting the data on the hard drive), and then holding the decryption or other release key ransom until the victim pays a fee, usually in bitcoin. In this case, the NHS experienced hobbled computer and phone systems, system failures, and widespread confusion after hospital computers started showing a ransom message demanding $300 worth of bitcoin.
As a result of Friday’s infection, hospitals, doctors’ offices, and other health care institutions in London and Northern England have had to cancel non-urgent services and revert to backup procedures. Multiple emergency rooms around England spread word that patients should avoid coming in if possible. The situation doesn’t appear to have resulted in any unauthorized access to patient data so far.
In England, the National Health Service said that it is rushing to investigate and mitigate the attack, and UK news outlets reported that hospital personnel have been instructed to do things like shut down computers and larger IT network services. Other victims, like Telefonica in Spain, are taking similar precautions, telling employees to shut down infected computers while they wait for instructions about mitigation.
Hospitals make for popular ransomware victims because they have an urgent need to restore service for their patients. They may therefore be more likely to pay criminals to reinstate systems. They also often make for relatively easy targets.
“In healthcare and other sectors we tend to be very slow to address these vulnerabilities,” says Lee Kim, the director of privacy and security at the Healthcare Information and Management Systems Society. “But whoever is behind this is clearly extremely serious.”
annaCry didn’t go after NHS alone, though. “This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors,” the NHS said in a statement. “Our focus is on supporting organizations to manage the incident swiftly and decisively.”
In some ways, that makes things worse. WannaCry’s not just coming for hospitals; it’s coming for whatever it can. Which means this’ll get worse—a lot worse—before it gets better.
Wide RangeThe NHS portion of the attack has rightly been drawing the most focus, because it puts human lives at risk. But WannaCry could continue to expand its range indefinitely, because it exploits at least one vulnerability that has persisted unprotected on many systems two months after Microsoft released a patch. Adoption is likely better on consumer devices, so Malwarebytes’ Kujawa says that WannaCry is mostly a concern for business infrastructure.
The creators of WannaCry seem to have developed it with broad, long-term reach in mind. In addition to the Windows server vulnerability from Shadow Brokers, MalwareHunter, a researcher with the MalwareHunterTeam analysis group who discovered the second generation of WannaCry, says that “probably there are more” vulnerabilities the ransomware can take advantage of as well. The software can also run in 27 languages—the type of development investment an attacker wouldn’t make if he were simply trying to target one hospital or bank. Or even one country.
It’s equally bad on a more micro level. Once WannaCry enters a network, it can spread around to other computers on that same network, a typical trait of ransomware that maximizes the damage to companies and institutions. It’s also unclear so far exactly where the attacks originated, making it harder to remediate on a large scale. Security analysts will eventually be able to use information from victims about how attackers were able to first get in (things like phishing, malvertising, or more personalized targeted attacks) to trace the origins.
The spread is immense. I’ve never seen anything before like this. This is nuts.ADAM KUJAWA, MALWAREBYTES
While it’s likely too late for those already impacted (the question for them now is whether to pay or not), there is a way to provide at least some protection from WannaCry before it hits: Get that Microsoft update ASAP. Or, since it’s a server-level patch, find the nearest sysadmin who can.
“I would say it’s having so much ‘success’ because people and companies aren’t patching their systems,” MalwareHunter says.
Until they do, expect WannaCry to keep spreading. And make sure you’re ready before the next big ransomware wave hits.
Thecomputerheale.com makes no claims about the efficacy of the information contained in the documents and related graphics published on this website for any purpose. All information, documents and graphics are provided "as is" without any kind of guarantee of effectiveness. Thecomputerhealer.com hereby disclaims all responsibility for the manner in which the information offered on this website is used by you.
In no event shall Thecomputerhealeronline.com be liable for any special, indirect or consequential damages or any damages whatsoever resulting from the loss of use, data or profits arising out of or in connection with the use or performance of information available from this website.
The documents and related graphics published on this website may include technical inaccuracies or typographical errors. Changes are periodically added to the information on this website. Thecomputerhealer.com reserves the right, at its discretion, to change or modify all or any part of this agreement and the content on website at any time, effective immediately upon publication of this notice.
Your continued use of this website constitutes your binding acceptance of these terms and conditions, including any changes or modifications made by Thecomputerhealer.com as permitted above. If, at any time, the terms and conditions of this agreement are no longer acceptable to you, you should immediately cease using this website.