Tag: microsoft

Britain’s Newest Warship Runs Windows XP, Raising Cyber Attack Fears

Chrisq shares a report from The Telegraph: Fears have been raised that Britain’s largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-boar hardware and software “would have been good in 2004” when the carrier was designed, “but now seems rather antiquated.” However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks. Read more of this story at Slashdot.

Read the original post:
Britain’s Newest Warship Runs Windows XP, Raising Cyber Attack Fears

Hacker Behind Massive Ransomware Outbreak Can’t Get Emails From Victims Who Paid

Joseph Cox, reporting for Motherboard: On Tuesday, a new, worldwide ransomware outbreak took off, infecting targets in Ukraine, France, Spain, and elsewhere. The hackers hit everything from international law firms to media companies. The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker’s account, leaving victims with no obvious way to unlock their files. The hacker tells victims to send $300 worth of bitcoin. But to determine who exactly has paid, the hacker also instructs people to email their bitcoin wallet ID, and their “personal installation key.” This is a 60 character code made up of letters and digits generated by the malware, which is presumably unique to each infection of the ransomware. That process is not possible now, though. “Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact, ” Posteo, the German email provider the hacker had an account with, wrote in a blog post. “Our anti-abuse team checked this immediately — and blocked the account straight away. Read more of this story at Slashdot.

Originally posted here:
Hacker Behind Massive Ransomware Outbreak Can’t Get Emails From Victims Who Paid

How the CIA infects air-gapped networks

Enlarge / A configuration screen found in the Drifting Deadline exploit. (credit: WikiLeaks ) Documents published Thursday purport to show how the Central Intelligence Agency has used USB drives to infiltrate computers so sensitive they are severed from the Internet to prevent them from being infected. More than 150 pages of materials published by WikiLeaks describe a platform code-named Brutal Kangaroo that includes a sprawling collection of components to target computers and networks that aren’t connected to the Internet. Drifting Deadline was a tool that was installed on computers of interest. It, in turn, would infect any USB drive that was connected. When the drive was later plugged into air-gapped machines, the drive would infect them with one or more pieces of malware suited to the mission at hand. A Microsoft representative said none of the exploits described work on supported versions of Windows. The infected USB drives were at least sometimes able to infect computers even when users didn’t open any files. The so-called EZCheese exploit, which was neutralized by a patch Microsoft appears to have released in 2015, worked anytime a malicious file icon was displayed by the Windows explorer. A later exploit known as Lachesis used the Windows autorun feature to infect computers running Windows 7. Lachesis didn’t require Explorer to display any icons, but the drive of the drive letter the thrumbdrive was mounted on had to be included in a malicious link. The RiverJack exploit, meanwhile, used the Windows library-ms function to infect computers running Windows 7, 8, and 8.1. Riverjack worked only when a library junction was viewed in Explorer. Read 4 remaining paragraphs | Comments

See original article:
How the CIA infects air-gapped networks

Windows 10 preview delivers new emoji and easy GPU tracking

Windows Insiders have a big day today. Microsoft just released Windows 10 Preview Build 16226 for PCs and it’s got a whole host of new goodies inside. Perhaps the most important update is support for Emoji 5.0. Now you can express yourself with new snacks, characters and even dinosaurs. The build also includes an updated Task Manager with GPU tracking information, improvements to Touch Keyboard and handwriting interactions, tweaks to Storage Sense and shell improvements, including the option to share a file in File Explorer via the right-click context menu. The build also includes improvements for IT professionals, including the removal of SMB1 as part of a multi-year security upgrade. There’s also a new Remote Desktop settings page. Additionally, Windows will finally display plain-text error codes when an update fails so you can troubleshoot what exactly went wrong and how to fix it. The latest release is accessible only to Windows Insiders in the Fast Ring. You can see the full list of improvements, tweaks and add-ons at Microsoft’s website . Source: Microsoft

More:
Windows 10 preview delivers new emoji and easy GPU tracking

Microsoft improves Office’s hands-free typing with Dictate

Microsoft has released a new app called Dictate. It’s an add-in for Word, Outlook and Powerpoint and uses Cortana’s speech-recognition technology to let you speak what you want to type. The company is obviously not the first to work on dictation technology. Nuance’s Dragon software has been around for awhile and is available for both desktops and mobile devices. And, last year, Google added more features to its voice typing option in Docs. Office has already supported voice-to-text typing, but Dictate brings along some new features. It supports more than 20 languages and has a number of commands that let you edit as you go. Simple statements like “new line, ” “delete” and “stop dictation” let you manipulate the cursor and correct the text with your voice. Punctuation is also easily managed with voice control. Another feature offered is real time translation. Just adjust some of the settings and Dictate will type a translation of what you speak. You could speak in Spanish and type in French, for example, and the 20 languages supported for dictation can be translated into over 60. Right now, Dictate is available for 32- and 64-bit Office and Windows 8.1 is a minimum requirement. The download is free, but because it’s a Microsoft Garage project, it’s not clear what the future holds for the app. Source: Microsoft

Continued here:
Microsoft improves Office’s hands-free typing with Dictate

Microsoft Will Disable WannaCry Attack Vector SMBv1 Starting This Fall

An anonymous reader writes: Starting this fall, with the public launch of the next major Windows 10 update — codenamed Redstone 3 — Microsoft plans to disable SMBv1 in most versions of the Windows operating systems. SMBv1 is a three-decades-old file sharing protocol that Microsoft has continued to ship “enabled by default” with all Windows OS versions. The protocol got a lot of attention recently as it was the main infection vector for the WannaCry ransomware. Microsoft officially confirmed Tuesday that it will not ship SMBv1 with the Fall Creators Update. This change will affect only users performing clean installs, and will not be shipped as an update. This means Microsoft decision will not affect existing Windows installations, where SMBv1 might be part of a critical system. Read more of this story at Slashdot.

More:
Microsoft Will Disable WannaCry Attack Vector SMBv1 Starting This Fall

Team Collaboration App Slack, Valued at $9 Billion, Draws Attention of Amazon

Amazon is in the running among a handful of companies looking to acquire the popular chatroom startup, reports Bloomberg. From the article: San Francisco-based Slack could be valued at at least $9 billion in a sale, the people said. An agreement isn’t assured and discussions may not go further, said the people. Buying Slack would help Seattle-based Amazon bolster its enterprise services as it seeks to compete with rivals like Microsoft and Alphabet’s Google. The company’s cloud-hosting unit, Amazon Web Services, in February unveiled a paid-for video and audio conferencing service — Amazon Chime — that lets users chat and share content. Kara Swisher, reporting for Recode: Slack, the popular business communications company, is in the midst of raising $500 million at a $5 billion post-money valuation, an effort that has attracted several potential buyers interested in taking out the company ahead of the funding. Those include Amazon, Microsoft, Google and Salesforce, several of which have previously shown interest in acquiring Slack. Bloomberg reported the interest by Amazon today, with a $9 billion sales price. Read more of this story at Slashdot.

Continue reading here:
Team Collaboration App Slack, Valued at $9 Billion, Draws Attention of Amazon

Malware downloader infects your PC without a mouse click

You think you’re safe from malware since you never click suspicious-looking links, then somebody finds a way to infect your PC anyway. Security researchers have discovered that cybercriminals have recently started using a malware downloader that installs a banking Trojan to your computer even if you don’t click anything. All it takes to trigger the download is to hover your mouse pointer over a hyperlink in a carrier PowerPoint file. According to researchers from Trend Micro and Dodge This Security the technique was used by a recent spam email campaign targeting companies and organizations in Europe, the Middle East and Africa. The emails’ subjects were mostly finance-related, such as “Invoice” and “Order #, ” with an attached PowerPoint presentation. [Image credit: Trend Micro] The PowerPoint file has a single hyperlink in the center that says “Loading… please wait” that has an embedded malicious PowerShell script. When you hover your mouse pointer over the link, it executes the script. If you’re running a newer version of Microsoft Office, though, you’ll still need to approve the malware’s download before it infects your PC. That’s because the more modern versions of the suite has Protected View, which will show a prompt warning you about a “potential security concern” when the script starts running. Just click Disable, and you’ll be fine. However, older versions of the suite don’t have that extra layer of security. The downloader can install a Trojan virus into your system to steal your credentials and bank account information the moment your mouse pointer hovers over the link. [Image credit: Trend Micro] The good news is that the spam emails died down back on May 29th after peaking on the 25th with 1, 444 detections by Trend Micro. Still, it’s better to steer clear of similar emails, since it’s always possible that the campaign in May was just a test run for a bigger one. Via: Ars Technica Source: Trend Micro , Dodge This Security

Continue Reading:
Malware downloader infects your PC without a mouse click

Xbox exec reveals Scorpio has 9GB of RAM available for games

We’re still a couple of days away from Microsoft officially revealing its Project Scorpio Xbox, but details continue to dribble out. Xbox & Windows gaming platform VP Mike Ybarra tweeted that the team “Unlocked extra GB of RAM for (game developers), now 9GB of GDDR5.” The console’s specs include 12GB of GDDR5 RAM built-in (the devkits that we’ve seen feature 24GB of RAM), but as with other game systems, some of its resources are reserved to handle system features, multitasking apps and other non-game elements. We’ll keep tuning Scorpio to empower creators to share the best versions of their games. Unlocked extra GB of RAM for them, now 9GB of GDDR5 — Mike Ybarra (@XboxQwik) June 8, 2017 Sometimes system optimizations can free up resources, as we saw with the PS3 , or disabling features, as we’ve seen with the Xbox One using Kinect or Snap picture-in-picture . Early demos of the Project Scorpio hardware have shown its ability to handle 4K, 60fps gaming, but every bit of extra RAM doesn’t hurt, as Ybarra explained that even when games don’t use the extra RAM directly (read: unoptimized existing Xbox One games), it will be available for caching to speed things up. The only thing that hasn’t expanded, however, is the space on your DVR, which you may need since Xbox boss Phil Spencer says the company’s Sunday afternoon press conference is likely to stretch beyond the scheduled 90 minutes. Games that don’t use the full 9GB, the rest of the RAM will be used as a cache (making things load way faster, etc.). All games = better. https://t.co/yZTGOvBJRx — Mike Ybarra (@XboxQwik) June 8, 2017 Source: Mike Ybarra (Twitter)

Follow this link:
Xbox exec reveals Scorpio has 9GB of RAM available for games

Xbox one users largely ignore backward-compatible Xbox 360 games

In an interview with Time earlier this week, Sony Head of Global Marketing and Sales Jim Ryan said that “when we’ve dabbled with backwards compatibility, I can say it is one of those features that is much requested, but not actually used much.” An in-depth Ars Technica analysis of Xbox Live user data shows that sentiment is definitely true, at least when it comes to Microsoft’s competing consoles. Our analysis used a third-party API to randomly sample usage data from nearly one million active Xbox One Gamertags over a period of nearly five months starting last September ( read the introductory piece for much more about the data and methodology). In the end, only about 1.5 percent of the more than 1.65 billion minutes of Xbox One usage time we tracked was spent on the 300+ backward-compatible Xbox 360 games, in aggregate. That translates to an average of just 23.9 minutes per sampled active Xbox One user spent on Xbox 360 games out of 1,526 average minutes of Xbox One usage during the sampling period. Read 5 remaining paragraphs | Comments

See the original article here:
Xbox one users largely ignore backward-compatible Xbox 360 games