Security firm RSA attacked using Excel-Flash one-two sucker punch

RSA attacked using Flash vulnerability
It has emerged that the underlying cause of RSA's SecurID gaffe was the recently-reported zero-day vulnerability found in Adobe's Flash Player.

The exploit, which used specially-crafted Flash embedding in Excel spreadsheets, was first reported on March 15 and has since been fixed. RSA was hacked sometime in the first half of March when an employee was successfully spear phished and opened an infected spreadsheet. As soon as the spreadsheet was opened, an advanced persistent threat (APT) -- a backdoor Trojan -- called Poison Ivy was installed. From there, the attackers basically had free reign of RSA's internal network, which led to the eventual dissemination of data pertaining to RSA's two-factor authenticators.

The attack is reminiscent of the APTs used in the China vs. Google attacks from last year -- and indeed, Uri Rivner, the head of new technologies at RSA is quick to point out that that other big companies are being attacked, too: "The number of enterprises hit by APTs grows by the month; and the range of APT targets includes just about every industry. Unofficial tallies number dozens of mega corporations attacked [...] These companies deploy any imaginable combination of state-of-the-art perimeter and end-point security controls, and use all imaginable combinations of security operations and security controls. Yet still the determined attackers find their way in."

What we'd like to know, though, is whether the attack on RSA was caused by Adobe's lackadaisical approach to patching Flash -- or was it the other way around? Was it the RSA attack that first brought the zero-day vulnerability to Adobe's attention?

Security firm RSA attacked using Excel-Flash one-two sucker punch originally appeared on Download Squad on Wed, 06 Apr 2011 06:55:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/06/security-firm-rsa-attacked-using-excel-flash-one-two-sucker-punc/

SANDISK SALESFORCE COM SAIC ROCKWELL AUTOMATION RF MICRO DEVICES

The Marines Just Got The First Two Short Take Off/Vertical Landing F-35 Jets [Video]

The US Air Force got their first regular F-35 Lightning II on July 2011. Now it's the US Marine's turn: they just got the first two production models of the F-35B, the variant that allows for short takeoff and vertical landing. More »


Source: http://feeds.gawker.com/~r/gizmodo/full/~3/AKjPmEoAHSg/the-marines-got-the-first-two-short-take-offvertical-landing-f+35-jets

NVIDIA NUANCE COMMUNICATIONS NOVELLUS SYSTEMS NOVELL NETWORK APPLIANCE

Sony demos 24- and 46-inch glasses-free 3DTVs, we go eyes-on (video)

Take a quick tour of the showroom floor here at CES and you'll certainly see, 3D days are here again -- at least, where flat panel manufacturers are concerned. And while the industry continues to pump out mass market iterations of the living room tech that hinge upon hideous eyewear, companies like Sony are hard at work behind-the-scenes refining displays that won't make you look a fool. The autostereoscopic panels, shown off at the company's booth in 24- and 46-inch models -- employ a subtle 3D effect that isn't immediately noticeable. In fact, we found the visual pizzazz was best enjoyed when experienced from the side -- a feat possible due to the incorporation of multi-point viewing angles -- lending much needed depth to the onscreen image. Of the two, only the larger set can deliver full HD, owing to its beastly 4K resolution, whereas the 1080p panel on its lil' bro suffers when halved. Distance also plays a major role in the intensity of the 3D visuals, with effects holding up at a range of up to 2ft for the smaller screen and 10ft for the 46-incher. Normally, we'd recommend you skip on past the break to sample the in-development eye candy, but be warned -- you won't see much. These are truly TVs that need to be seen to be believed.

Continue reading Sony demos 24- and 46-inch glasses-free 3DTVs, we go eyes-on (video)

Sony demos 24- and 46-inch glasses-free 3DTVs, we go eyes-on (video) originally appeared on Engadget on Wed, 11 Jan 2012 23:04:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments


Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/hOwB_eMzbTM/

ROGERS COMMUNICATIONS SAIC SATYAM COMPUTER SERVICES SES SHAW COMMUNICATIONS

micca EP600 Network Digital Media Player Review

Another day, another media player.  Is it me or what?  Now micca has a new entry in the plethora of players available, the EP600 Premium Full-HD media player. This networked player is supposed to play all your media files on your HD TV from connected storage devices and streams from devices on your LAN.  We’ll give it a [...]

Source: http://the-gadgeteer.com/2012/01/08/micca-ep600-network-digital-media-player-review/

CYPRESS SEMICONDUCTOR ACCENTURE ACER ADOBE SYSTEMS ADVANCED SEMICONDUCTOR ENGINEERING

Hands-on with the Octa WhaleTail & Vacuum Dock

Octa

Walking through the various halls here at CES 2012 you sure stumble across a whole bunch of different stuff, some things get a bit repetitive but sometimes there are things that just jump right out at you. While cruising through one of the halls I noticed a bunch of tablets all propped up without anyone holding them and I was immediately intrigued, then I met Octa WhaleTail and Vacuum Dock. While it is not specifically an Android only accessory it certainly works well on Android tablets, and for those of you who like to watch movies, play games, type long messages or anything else that you don't want your tablet laying down for you will want to check this out.

The concept is quite simple, they wanted to make holding a tablet a more enjoyable experience for everyone so they designed a holder that suctions to the back that contours the hand very nicely. To get the back to stick on the device all Android Central @ CESyou have to do is put it on there, give it a few pumps and it's on there, and rather firmly. Releasing the piece is pretty simple (once you get the hang of it), pull up slightly on the two tabs and then push them in, and off it comes. Also included is the WhaleTail which hooks onto the back of the Vacuum Dock which allows the tablet to be propped up and it also doubles as a security measure for when you are carrying your tablet around so it doesn't just fall right out of your hands. Hit the break with us for a few more images as well as a video walkthrough of the product in action!

read more

Source: http://feedproxy.google.com/~r/androidcentral/~3/UGF5NEZM9X0/story01.htm

SPSS SPANSION SONUS NETWORKS SONIC AUTOMOTIVE SKYWORKS SOLUTIONS

Sony demos 24- and 46-inch glasses-free 3DTVs, we go eyes-on (video)

Take a quick tour of the showroom floor here at CES and you'll certainly see, 3D days are here again -- at least, where flat panel manufacturers are concerned. And while the industry continues to pump out mass market iterations of the living room tech that hinge upon hideous eyewear, companies like Sony are hard at work behind-the-scenes refining displays that won't make you look a fool. The autostereoscopic panels, shown off at the company's booth in 24- and 46-inch models -- employ a subtle 3D effect that isn't immediately noticeable. In fact, we found the visual pizzazz was best enjoyed when experienced from the side -- a feat possible due to the incorporation of multi-point viewing angles -- lending much needed depth to the onscreen image. Of the two, only the larger set can deliver full HD, owing to its beastly 4K resolution, whereas the 1080p panel on its lil' bro suffers when halved. Distance also plays a major role in the intensity of the 3D visuals, with effects holding up at a range of up to 2ft for the smaller screen and 10ft for the 46-incher. Normally, we'd recommend you skip on past the break to sample the in-development eye candy, but be warned -- you won't see much. These are truly TVs that need to be seen to be believed.

Continue reading Sony demos 24- and 46-inch glasses-free 3DTVs, we go eyes-on (video)

Sony demos 24- and 46-inch glasses-free 3DTVs, we go eyes-on (video) originally appeared on Engadget on Wed, 11 Jan 2012 23:04:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

Source: http://www.engadget.com/2012/01/11/sony-demos-24-and-46-inch-glasses-free-3dtvs-we-go-eyes-on-vi/

TELETECH HOLDINGS TECHNITROL TAKETWO INTERACTIVE SOFTWARE SYNTEL SYNTAXBRILLIAN

Add playback hotkeys to Amazon Cloud Player with a Chrome extension

Sure, Amazon's Cloud Player works -- as long as you're in the U.S. or willing to do some tinkering -- but it's fairly simplistic at the moment. There are plenty of features missing which we'd like to see added -- but since Cloud Player is a Web app we don't have to wait for Amazon!

Google Chrome users, for example, can add playback hotkeys with an extension called keyMazony. Once installed, you'll have keyboard control of your Amazon Cloud Player queue. keyMazony commands will work as long as you're in the same Chrome window as Cloud Player, even if its tab doesn't have focus. The key combinations are customizable as well -- just make sure you don't set up a combo that conflicts with another extension or Chrome's built-in keyboard shortcuts.

Add playback hotkeys to Amazon Cloud Player with a Chrome extension originally appeared on Download Squad on Thu, 31 Mar 2011 11:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/03/31/add-playback-hotkeys-to-amazon-cloud-player-with-a-chrome-extens/

BT GROUP CANON MEMC ELECTRONIC MATERIALS MICROSOFT MILLICOM INTL CELLULAR

Classic Shell now makes Internet Explorer 9 look like IE8

classic shell make windows 7 look like xp
If you used Windows XP for a long time (who didn't?), one of the biggest changes when moving to Windows 7 or Vista was the massively-altered Explorer. While the new Explorer introduces some useful new features, it also removed just as many -- which is where Classic Shell comes in!

We've covered Classic Shell before, but here's the crib note: Classic Shell restores almost every Windows XP-era Explorer feature. The best change, in our opinion, is the reemergence of the 'up' arrow, meaning you now navigate without using the Windows Vista/7 'breadcrumbs' address bar. The status bar yet again shows the total size of your selection, and -- praise be! -- the diabolical Windows 7 Copy File 'copy and replace?' dialog has been replaced with a Windows XP lookalike (image after the break).

New to the most recent version of Classic Shell is the ability to make IE9 look like IE8. With Classic Shell the title bar yet again has a caption, so you can see the full title of Web pages. The current security zone and loading progress indicator have been put back into the status bar, too. If you enable 'Show tabs on a separate row,' it's almost like using IE8.

Finally, Classic Shell replaces the omnipotent Windows 7 Start Menu with the age-old 'classic' Windows 2000/XP-style Start Menu. Classic Shell makes the Start Menu skinable, too, if you're into the kind of thing.

As awesome as it sounds, we've only touched on a small section of Classic Shell's feature set. Check the Classic Shell site for a complete list. There's a few more images of Classic Shell in action after the break.

Download Classic Shell for Windows

Continue reading Classic Shell now makes Internet Explorer 9 look like IE8

Classic Shell now makes Internet Explorer 9 look like IE8 originally appeared on Download Squad on Mon, 04 Apr 2011 12:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/04/classic-shell-makes-windows-explorer-and-ie9-look-like-their-anc/

MOTOROLA MOODYS MISCROSOFT OFFICE MICROSOFT MICROSEMI

Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus

LizaMoon SQL injection rogue AV
Over the last few days, a mass SQL injection attack has been quickly gathering speed. Just three days ago only 28,000 URLs were affected, but at the time of writing, there could be up to 3.8 million infected URLs.

Websense
has a complete write up the attack, dubbed 'LizaMoon,' but here's the basic gist: it looks like someone is exploiting a vulnerabilty (or vulnerabilities) in hundreds of thousands of websites running on Microsoft SQL Server 2003 and 2005. It's not yet known whether this is a vulnerability in SQL Server, or simply a case of outdated, unmaintained, and easily-exploitable CMSes.

The attack takes the form of an SQL injection, which then inserts a link to a JavaScript file hosted on the attacker's server. This is repeated over and over until every Web page in the SQL database has been infected -- and considering 3.8 million URLs have been infected, you can see that this is a very easy, and automated, attack.

Fortunately, the JavaScript isn't particularly malicious: it pops up a rogue AV program called Windows Stability Center, but that's it. Better yet, the rogue antivirus is already recognized by a bunch of real antivirus suites, including Avast, Panda and Microsoft Security Essentials.

The real problem with SQL injection attacks is that there's nothing we surfers can do about them. There will always be old and unmaintained websites, and thus SQL injections will remain one of the easiest and most lucrative tools of hackers and spammers alike. All you can do is keep your antivirus and anti-malware software up to date, and pray.

Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus originally appeared on Download Squad on Fri, 01 Apr 2011 05:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/01/massive-sql-injection-infects-3-8-million-urls-installs-rogue-a/

ZORAN ZIONS BAN YAHOO YAHOO XILINX

OnTip 3-in-1 Gloves Review

The winter has arrived and temperatures are dropping across the northern hemisphere. For those of us that live in a cold climate and love our gadgets that means having to take off our gloves to use our touch screen devices, leaving our precious digits exposed to the elements, or does it? A company, by the [...]

Source: http://the-gadgeteer.com/2012/01/08/ontop-3-in-1-gloves-review/

INTERSECTIONS INTERNATIONAL RECTIFIER INTERNATIONAL GAME TECHNOLOGY INTERNATIONAL BUSINESS MACHINES (IBM) INTERDIGITAL COMMUNICATIONS