IT Support and Hardware for Clinics
38.7K views | +7 today
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...!

Apple Malware Outbreak: Infected App Count Grows

Apple Malware Outbreak: Infected App Count Grows | IT Support and Hardware for Clinics |

The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.

In the wake of the discovery of a six-month malware campaign last week, early estimates were that dozens of apps had been infected with the XcodeGhost malware, which could be used by attackers to steal data from devices, including users' Apple passwords, as well as launch phishing attacks.

But FireEye now reports that the number of infected iOS apps is far higher than researchers initially suspected. "Immediately after learning of XcodeGhost, FireEye Labs identified more than 4,000 infected apps on the App Store," the company says in a Sept. 22 blog post.

Apple did not respond to a request for comment on that report and has so far declined to respond to questions about how many apps may have been infected.

FireEye has not released a full list of all infected apps, but spokeswoman Darshna Kamani tells Information Security Media Group that most of them are aimed at Chinese-language users. Previous reports, meanwhile, had warned that such popular apps as the WeChat messaging app and the Didi ride-hailing app were infected, and that infected apps were used not just by Chinese users, but globally.

The malware attack was perpetrated by attackers offering for download a pirated version of Apple's free Xcode software - which is used to build iOS and Mac OS X applications - that added malware to every app when it was compiled. An anonymous developer has claimed credit for the attack campaign, saying it was a "mistaken experiment," although numerous security experts have dismissed that claim.

Apple Squashes Bad Apps

Apple says that it has seen no evidence that any personal information was compromised. The company says it has been excising all apps that were built using a malicious version of Xcode and working with developers to ensure that they only use the official Xcode tool.

"We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used," Apple says in an XcodeGhost FAQ. "We're not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords. ... Malicious code could only have been able to deliver some general information such as the apps and general system information."

But other security firms have warned that the malware could have been used for malicious purposes. "XcodeGhost is reported to be the first instance of the iOS App Store distributing a large number of trojanized apps," FireEye says. "The malicious apps steal device and user information and send stolen data to a command and control server. These apps also accept remote commands, including the ability to open URLs sent by the [C&C] server. These URLs can be phishing webpages for stealing credentials, or a link to an enterprise-signed malicious app that can be installed on non-jailbroken devices."

Chinese social media and gaming giant - and WeChat developer - TenCent published a report on Sept. 20 warning that the malware could be used to remotely control devices and launch man-in-the-middle attacks against users. It also found that at least 76 of the top 5,000 apps in Apple's China app store were infected with XcodeGhost.

In its XcodeGhost FAQ, Apple has listed the top 25 most popular infected apps - which include WeChat, Didi, Railroad 12306, Baidu Music and NetEase Music - noting that "after the top 25 impacted apps, the number of impacted users drops significantly." It has also promised to make it easier - and quicker - for Chinese developers to download Xcode, because the difficulty of obtaining the official software reportedly drove developers to obtain it from non-official sources.

China is a massive and growing market for Apple, accounting for $13.2 billion in revenue in its last financial quarter, compared to $20.2 billion in the United States and $10.3 billion in Europe. In January 2014, Apple reported that Chinese developers had already launched 130,000 apps via Apple's app store.

Before this malware attack, only five malicious apps had ever successfully made it into the App Store, according to cybersecurity firm Palo Alto Networks.

Timeline: XcodeGhost Discovery

On Sept. 14, China's Computer Emergency Response Team issued a warning about the danger of using unofficial versions of Xcode. Just days later, Chinese researchers began reporting that at least a handful of apps had been infected with XcodeGhost malware, after which the count of infected apps has continued to skyrocket.

On Sept. 20, the XcodeGhost-Author account-holder on China's Weibo social media platform claimed credit for the malware campaign, saying the ability to trojanize the Xcode software had been an "accidental discovery," and that it had been distributed as "a one-time, mistaken experiment" to see if it could be used to push advertisements to infected devices, The Wall Street Journal reports.

The message claimed that the capability had never been exploited and noted that the malware was only ever designed to collect basic user and device data. "And 10 days ago, I actively shut down the server and deleted all the data, so it will not have any effect on anyone," it said.

While it is impossible to verify those claims, many security experts have dismissed them, saying the attacker's intentions were obviously nefarious. "The entire process was plotted and planned," mobile Internet security expert Lin Wei told China Central Television, pointing to a campaign that used multiple Internet accounts to make the software available - via multiple websites - over a six-month period, The Wall Street Journal reports.

Recommendation: Uninstall Apps

Pending updates from every developer that shipped an infected app, information security experts recommend that users uninstall all apps that were known to be infected. "Developers are releasing updated, clean versions of their apps. The best fix, if one of your apps is listed, is to uninstall it," says Lee Neely, a senior IT and security professional at the U.S. Department of Energy's Lawrence Livermore National Laboratory, in a recent SANS Institute newsletter.

Neely says that both iOS developers and Apple are to blame for the XcodeGhost malware outbreak. "This malware made it into the Apple App store due to social engineering of developers and a shortfall of Apple's code review process," he says. "When you own the compiler/IDE [integrated code environment], you own the apps created with it."

No comment yet.!

Skype for Business arrives on Windows Phone, but lacking a key feature for Office 365

Skype for Business arrives on Windows Phone, but lacking a key feature for Office 365 | IT Support and Hardware for Clinics |

Although Microsoft has now brought Skype for Business to Windows Phone, its own business customers—those who subscribe to Office 365—may be disappointed to learn that one key feature hasn’t yet been implemented: conversation syncing.

Skype for Business has already replaced Lync on desktop PCs and the Web, and Windows Phone 8.1 phones will automatically download the new Skype for Business app to replace Lync 2013. (Windows Phone 8.0 users can continue using Lync 2013 or Lync 2010; those phones won’t be able to update to the new app.) 

Given the fact that a phone has limited space with which to work, one change that Microsoft has made to the app is to “wall off” extraneous conversations. If a new message arrives on your phone, you’ll have the option to answer it without other clients' grabbing the conversation, Microsoft said. Microsoft has also encrypted your conversation and voice mail history by default.

One of the complaints Skype users have had, however, is that conversations that roam between various platforms don’t sync appropriately, meaning that you might end up with notifications being sent to your PC some time before they arrive on your phone. Microsoft apparently solved that problem, provided you’re running the latest server software—just not for Office 365 users. That capability will be coming soon, the company said.

Otherwise, the new Skype for Business app for Windows Phone features the Skype UI and 100 new emoticons, to give it a bit of extra punch.

Last week the Skype for Business team previewed a “broadcast” feature that will allow meetings to be shown to up to 10,000 participants. The app now also works with traditional telephones, so that users can simply dial in to conference calls.

Why this matters: To its credit, Microsoft has launched Skype for Business on Windows Phone, ahead of iOS and Android—not always the case, to be sure. Still, I suspect that some IT admins wish that Microsoft would get its ducks in a row before releasing the Windows Phone app. Not knowing where you are in a business conversation can give the appearance that you’re unprofessional—and it’s also just plain annoying.

No comment yet.!

Samsung proposes an Android phone that transforms into a Windows laptop

Samsung has been thinking up new ways to transform smartphones into laptops. In a patent application filed last week, first spotted by Patently Mobile, Samsung describes a mobile device that runs Android and is able to switch over to Windows when inserted into a dock. Individually, these ideas aren't new — dual-OS devices and docking smartphones have been tried a number of times over the past several years — but they haven't been put together in a particularly straightforward way. Of course, this is only a patent application, so there's no guarantee that Samsung will actually make it.


Even so, Samsung actually goes into quite a bit of detail on how such a device would work. The core would be a smartphone or a tablet, which would hold everything needed to run both Android and Windows. The dock would have a keyboard, a large display, and possibly a trackpad. Those final two items are where it gets interesting. The dock may not need a trackpad because the smartphone's touchscreen could be used instead (given the state of Windows trackpads, this could even be a benefit). Alternatively, if the dock includes a trackpad, the smartphone could be used as a second display. Samsung proposes that it could display Android at the same time that the dock displays Windows, or that it could be an extension of the Windows desktop.

The patent application notes that other operating systems could be used in place of Windows and Android, but those are the two that it focuses on. That's not really a surprise: they're the dominant mobile and desktop operating systems, and Samsung has even played around with transitioning between the two of them before. In 2013, it introduced the Ativ Q, which could switch between functioning as a Windows notebook and an Android tablet. Of course, making both form factors actually good to use is difficult, especially when all of their power is coming from a mobile device. Still, the idea that a single device could eventually serve as the core of all our computing isn't unreasonable, and it's clearly something that Samsung is thinking about.

No comment yet.!

4 Ways Technology Is Making You Age Faster

4 Ways Technology Is Making You Age Faster | IT Support and Hardware for Clinics |

You can't deny technology has made many things easier. But, like with so many good things, too much can be a bad thing. And with people using their smartphones, tablets and laptops for nearly everything, including work, scheduling and socializing, sometimes there's hardly a moment of the day we aren't connected.

We're living in the first era of such connectivity and only starting to discover the downside of our connectedness. Technology has not only made us less active, but it also has the ability to age us faster than we'd like. Here are four innocuous ways technology is actually making us older:

1. It's making you lose sleep.
Of course the constant pinging of emails and text messages will keep you up at night, but studies have shown that using tablets, smartphones or your laptop near bedtime can disrupt your natural sleep schedule. A study published last year by the Brigham and Women's Hospital concluded that using these light-emitting devices suppresses your melatonin levels, making it harder to fall asleep and get more restful sleep.

And besides feeling sluggish the next day, poor sleep can cause dark circles, a lackluster complexion and fine lines, thanks to elevated cortisol levels which can lead to collagen breakdown. A solution: make your bedroom a technology-free zone and create a bedtime ritual which involves putting away your gadgets before you go to sleep.

2. It's causing "tech neck."
In 2014, researchers discovered that staring down at your phone as you text puts five to six times the weight pressure on your neck, creating posture problems and added stress to your spine.

"The problem of wrinkles and sagging of the jowls and neck used to begin in late middle age but, in the last 10 years, because of 'tech neck', it has become a problem for a generation of younger women," Christopher Rowland Payne, a dermatologist, told The International Business Times.

Besides, hunching over only makes you look older. The study's author, Kenneth Hansraj, says it's important to keep your neck straight and to bring your phone up to meet your eyes.

3. It's aging your eyes.
Whether you notice it or not, you're probably not blinking nearly enough when you're furiously texting or shooting off emails. Some doctors say you blink around half as much as you normally do when you're not staring at computer or smart phone screens. Not blinking enough can contribute to problems like dry eyes, blurry vision and even headaches.

Plus, if you're having trouble reading your phone, you're probably squinting, which can cause fine lines and wrinkles, especially around the eyes.

To combat the stress, there are several things you can do. Make your font size bigger so you don't have to strain your eyes to read. Make a conscious effort to blink more. Take a break from your screens every 20 minutes for around 20 seconds (or more) and focus on something far away. Or even better, get up from your desk, and take a quick lap around the office.

4. It may be affecting your memory.
Remember the good old days when you used to know all your friends' phone numbers by heart? These days, it's a miracle if we don't forget our own, thanks to the contacts you store on your phone. In addition, the use of a GPS to help you navigate means we're relying less on our own brain power.

A McGill University study found that people who use spatial navigation (things like remembering landmarks, etc.) to get around had a higher hippocampus volume than people who relied on a GPS. The hippocampus is the part of the brain that processes and stores memories.

Another study found that taking photos of things can impair your memory. Researchers at Fairfield University had subjects go to an art museum and observe some objects without taking photos -- and then observe other objects while taking photos. What they found was that memories were weaker for the items that were simply photographed.

It's important not to be entirely reliant on your phone. Try to use the GPS sparingly. Try to memorize a couple of new phone numbers. Try to calculate how much to tip the waiter all on your own.

You can do it.

No comment yet.!

Samsung Touts Video Chops With Two More Big Screen Phones

Samsung Touts Video Chops With Two More Big Screen Phones | IT Support and Hardware for Clinics |

As expected (and amply leaked), Samsung has today whipped back the curtain on a pair of new flagship smartphones, announcing two new phablets: the Galaxy Note 5 (pictured above) and the Galaxy S6 Edge+ at press events in New York and London.

The focus for Samsung here is bigger handsets that can do more with multimedia content, letting the user make use of additional screen real-estate for video editing or livestreaming, or multitasking with multiple content windows on screen.

The Korean giant doesn’t normally drop flagship smartphones in August but is presumably hoping to hog the limelight by announcing new kit in what is typically a fallow month for tech news — before the hype cycle spins up again come September, when Apple typically unboxes new iPhones. (In the event, Chinese mobile maker Xiaomi stole a march on Samsung’s phablet new by announcing its own pair of newbies earlier today.)

Here’s a quick rundown of the new additions to Samsung’s handset Galaxy, which will be landing in some 7,000 retail stores in the U.S. for preview starting from tomorrow (but on sale globally later this month):

Galaxy Note 5

The Galaxy Note 5 is the sequel to the 5.7-inch display Note 4, which launched back in September 2014. The display remains the same size (and same quad-HD res), but RAM has been beefed up to 4GB.

The design has also been tweaked to be thinner and slimmer, with a narrower bezel and curved back. The rear camera is still 16MP, but there’s now 5MP on the front. Both are f1.9.

The S-Pen stylus has also had an update — with an “all new” design, and, says Samsung, improved writing capabilities (albeit it said that at the last Note update…), including the ability to jot down info even when the screen is off.

Users can also now annotate PDF files using the S-Pen, and capture a whole website from top to bottom using a Scroll Capture feature. And the pen is easier to extract from its kennel inside the Note, thanks to a “one click” extraction mechanism.

Available colorways for the Note 5 are “Black Sapphire” and “White Pearl”. There are 32GB and 64GB variants (but no microSD card slot — a factor that’s going to continue to grate on long-time Samsung fans).

Galaxy S6 Edge+

The Galaxy S6 Edge+ updates one of two new flagships Samsung unboxed back in March at the Mobile World Congress trade show — namely the S6 Edge.

The flagship feature of that handset was a screen with curved edges. Those curves spill over now to the S6 Edge+ but the overall size of the screen has also been increased to phablet size — so it’s been bumped up from 5.1 inches to 5.7 inches. As with the S6 Edge, the curved edges can be used as a shortcut from any screen to access top contacts and apps, by swiping along the edge.

As with the Note 5, RAM has also been increased to 4GB. And the rear camera is 16MP, with a 5MP lens on the front.

Available colorways for the S6 Edge+ are “Black Sapphire” and “Gold Platinum” (below). And there are also 32GB and 64GB variants (but again no microSD card slot).


Multimedia focus

Both devices sport improved video stabilization when shooting from the front or rear camera, according to Samsung.  There’s also a new video collage mode that allows users to shoot and edit short videos more easily, adding various frames and effects. And a 4K Video filming feature to record content for 4K TVs.

A full HD Live Broadcast option lets users instantly stream video straight from the phone to any individual, group of contacts, or through YouTube Live — a la live streaming apps like Meerkat and Periscope. While Samsung touts other camera and audio improvements such as a quick launch feature (by double clicking the home button from any screen to jump into the camera), and support for UHQA for richer audio quality.

Both handsets also support Samsung Pay — the company’s forthcoming NFC and magnetic secure transmission mobile payment tech which it’s lining up as an Apple Pay rival.

There’s also embedded wireless charging on both, but wireless charger pads aren’t included — so that’s an additional accessory you’d have to have or buy yourself.

No comment yet.!

Windows 10 likely to land at PC makers this week

Windows 10 likely to land at PC makers this week | IT Support and Hardware for Clinics |

Microsoft keeps wending its way past the mile markers en route to getting Windows 10 out to the public on time.

The software titan is putting the finishing touches on the operating system software and will finalize its prerelease development by July 10, The Verge is reporting, citing people who claim to have knowledge of the company's plans. This version ofWindows 10, called "release to manufacturing," will then be sent to PC makers to be bundled into their products.

Windows 10, which is slated to launch on July 29, comes at a critical time for Microsoft. While Windows overall remains the dominant force in desktop operating systems, running on over 90 percent of computers worldwide, according to NetMarketShare, the last big release -- Windows 8 -- proved a marked disappointment. According to NetMarketShare, Windows 8 musters just 13 percent market share worldwide, far behind the 61 percent share for Windows 7 and just ahead the 12 percent share for the now ancient Windows XP.

The issues with Windows 8 were numerous, ranging from Microsoft's design choice, called Metro, to a steep learning curve for those used to the old days of Windows. Windows 8, which launched in 2012, also came as consumers and business users were increasingly attracted to tablets and smartphones, which typically ran either Apple's iOS software or Google's Android.

Microsoft tried to respond by offering its own tablet, the Surface, and partner with third-party tablet manufacturers. The efforts, however, have done little to kick Android and iOS from the top spots.

Realizing its own miscues and the changing market dynamics, Microsoft has tried to address its Windows 8 woes with Windows 10.

The Start button is back and the design a bit more traditional, while Microsoft CEO Satya Nadella has made clear that Microsoft is a "mobile-first (and cloud-first)" company that will allow for Windows 10 to run on multiple device types without sacrificing features. To boost adoption, Microsoft will offer free upgrades to customers currently running Windows 7 and Windows 8 -- a first for the company. Microsoft has even softened its stance in its longstanding battle with pirates, saying that any pirated copy of Windows can be upgraded to Windows 10 free-of-charge.

For months now, Microsoft has been offering preview versions of Windows 10 to developers and consumers who want to take the operating system for a test drive. Operating systems go through a series of "builds," or versions, during their development phase. Once the company's development team has finalized the operating system, it goes into RTM phase, which means it's ready to be passed on to hardware vendors for bundling into the PCs they sell. Assuming the report is accurate, hitting the RTM phase this week would ensure Windows 10 would be available later this month, as anticipated.

That said, while Microsoft seems to be on-pace for a July 29 launch, the company has cautioned thatthe rollout could be slow going.

Microsoft said last week that it "will start rolling out Windows 10" on July 29, but will roll out the operating system "in waves" after that date.

"Each day of the rollout, we will listen, learn and update the experience for all Windows 10 users," the company said in a blog post. "If you reserved your copy of Windows 10, we will notify you once our compatibility work confirms you will have a great experience, and Windows 10 has been downloaded on your system."

The blog post seems to indicate that while Windows 10 may be released to PC vendors soon, it will continue to fine-tune the operating system after the July 29 launch date.

Microsoft has yet to say when its operating system will hit the RTM phase, but in the past, the company has announced the milestone on its site. Microsoft will likely do the same with Windows 10, once it has officially gone RTM.

No comment yet.!

Google bursts into the wireless industry

Google bursts into the wireless industry | IT Support and Hardware for Clinics |

Google wants to be your wireless carrier.

The search giant on Wednesday announced its long-anticipated wireless service in the United States, called Project Fi.

Google hopes to stand out by changing the way it charges customers. Typically, smartphone owners pay wireless carriers like AT&T and Verizon a bulk rate for a certain amount of data. Google says it will let customers pay for only what data they use on their phones, from doing things like making calls, listening to music and using apps, potentially saving them significant amounts of money.

For now, the program is invite-only and will only be available on Google's Nexus 6 smartphone.

"It's important that wireless connectivity and communication keep pace and be fast everywhere, easy to use, and accessible to everyone," Nick Fox, vice president of communications products at Google, said in a statement.

Google's new wireless service represents a shift in its efforts to remake the wireless industry. The company began in 2005, when it purchased the nascent Android mobile phone software, and began giving it away to handset makers like Samsung, LG and Lenovo. Competitors, like Microsoft, typically charged for their software. The plan worked: Today, Android powers more than 80 percent of the world's smartphones, and commands significant influence in the wireless industry.

The next step for the search giant is to expand into how the cellular and wireless connections themselves are delivered to you.

Google said it would offer one plan at one price. For $20 a month, you get voice, text, Wi-Fi tethering and international coverage in more than 120 countries. Then it's $10 per gigabyte per month. But if you don't use all of the data you bought, Google refunds you for what you didn't use. Their service won't require an annual contract.

Google isn't just offering a different way to charge customers. It will also offer a new technology to allow users to switch between cellular and Wi-Fi signals while on a call. The nascent technology will help Google to keep costs down, and help customers avoid relying on cellular networks that are often overburdened by wireless traffic. The program will also store your phone number on Google's servers, so yo'll be able to use your number to talk and text from a phone, tablet or laptop.

Google isn't building its own wireless network to do this. Instead, the Internet giant has made a deal with US carriers Sprint and T-Mobile to use their networks.

"We are proud to enable Google's entry into the wireless industry as a service provider," Sprint said in a statement.

Still, for wireless companies, Google's entrance to the market could be worrisome. Google, with its financial resources and influence, has the power to shake up the entire industry.

When Google product chief Sundar Pichai confirmed the wireless service in February, he sought to reassure the carriers. He said Google's wireless service was meant to be a small scale experiment. Google's rationale is said to be trying to innovate new practices and pricing models, and trying to get the wireless industry at large to follow suit.

"I think it will be a small market initially, but I have to believe [the carriers] going to be watching it closely," said Tim Bajarin, president of tech research firm Creative Strategies.

Google is the highest-profile company to do this, but it's not the only company that will offer this kind of service. Republic Wireless, a small North Carolina-based wireless company, will offer a similar service this summer.

Google has been dipping into the Internet access business in other ways too. The company began taking on the home-and-business Internet service providers in 2010 with a project it calls Google Fiber. The a service offered Internet connections to people's homes in cities like Kansas City and Austin for much less than larger rivals Comcast, AT&T and Verizon charge.

Google is also hoping to bring its service efforts to developing countries. The company has been building a way to beam Internet connectivity to rural populations via high-flying balloons with a project called Loon. Google is also experimenting with satellites for the same purpose.

No comment yet.