News

microsoftPlaying offense against cybercriminals is what drives me and everyone here at the Microsoft Digital Crimes Unit. Today, Microsoft has upped the ante against global cybercrime, taking legal action to clean up malware and help ensure customers stay safer online. In a civil case filed on June 19, Microsoft named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi, and a U.S. company, Vitalwerks Internet Solutions, LLC (doing business as No-IP.com), for their roles in creating, controlling, and assisting in infecting millions of computers with malicious software—harming Microsoft, its customers and the public at large.

We’re taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals to infect innocent victims with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware. In the past, we’ve predominately seen botnets originating in Eastern Europe; however, the authors, owners and distributors of this malware are Kuwaiti and Algerian nationals. The social media-savvy cybercriminals have promoted their wares across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct illicit crimes—demonstrating that cybercrime is indeed a global epidemic.

We want to update all our loyal customers about the service outages that many of you are experiencing today. It is not a technical issue. This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives.

We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening. Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers. Millions of innocent users are experiencing outages to their services because of Microsoft’s attempt to remediate hostnames associated with a few bad actors.

The Blender Foundation has released Blender 2.71, an update to its cross-platform, open-source 3D graphics tool. Version 2.71, also available in 64-bit and portable form on Windows, includes new features and continues to build on the recently revamped user interface.

Areas that enjoy significant changes include the Cycles renderer, Animation, Modelling, Sculpting-Painting, Game Engine and Freestyle NPR Rendering tool.

Cycles gains support for rendering volume textures, fire and smoke, deformation motion blur, baking textures from cycles materials, additional texture interpolation modes and a new dedicated UV layer node.

The Animation tools adds new interpolation types containing “easing equation” presets, while auto-snapping becomes independent from the display type and locking time to other windows is once again possible. It also adds lasso selection support and the ability to set preview range based on selected strips.

Avast Software has released the fourth update to its Avast 2014 range of products with the unveiling of build number 9.0.2021 for Avast Free Antivirus 2014, Avast Internet Security 2014 and Avast Premier Security 2014.

As with the previous few updates, R4 contains no new features, but does include several important security enhancements among other tweaks and optimizations that once again make it essential for existing users.

Avast promises tighter security through improved process security, which is guarded by Avast’s self-defense component. Avast R4 also handles conditions for the Guest account better, increasing sensitivity to any incorrect user inputs that might compromise system security and tuning the import settings tool to prevent it from allowing users to bypass any protections.

microsoftIn business perception is everything. Many companies succeed or fail not because their products are great but their brands are perceived to be that way. Apple is a remarkable perception manager. Consider iPhone 5s, which features and benefits fall far behind many competing devices. Rather than innovate, the fruit-logo launches an evocative marketing campaign -- "You're more powerful than you think" -- that makes the smartphone look better. Improved. The ads are compelling because they communicate: Your life will be better, you shall achieve your dreams, by buying iPhone 5s.

Meanwhile, competitors like Microsoft truly innovate and take the kind of risks that once defined Apple. Last year I asked: "Will 2013 be another year of Apple iteration masquerading as innovation?" Yes, and halfway into another year, little is changed. The answer is the same. Last month I explained "Why Apple no longer innovates". OS X Yosemite and iOS X 8 are prettier, but so what? Meanwhile, Windows 8/8.1 is a radical rethinking of the platform -- as is Surface, which delivers refreshing change to computing. What's that long-forgotten Yellow Pages tagline? Let your fingers do the walking. They do on Surface.

Bromium has just published the results of “Endpoint Protection: Attitudes and Opinions,” a survey of more than 300 information security professionals, focused on end user threats and security. The majority of the respondents believe:

  • Existing security solutions are unable to stop endpoint infections,
  • Anti-virus is unable to stop advanced targeted attacks and
  • End users are their biggest security headache.

heartbleedSecunia Research classifies vulnerabilities by rating the severity of vulnerabilities from 1: "not critical" to 5: "extremely critical."
Going by the PR Heartbleed received, you would be excused for thinking that what we were dealing with here was, indeed, "extremely critical."
But it was not, as vulnerabilities go. That rating we use for "remotely exploitable vulnerabilities that can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild."

The Heartbleed vulnerability was in fact only rated as a 3 of 5 by Secunia: "moderately critical", which is typically used for "remotely exploitable Denial of Service vulnerabilities against services like FTP, HTTP, and SMTP, and for vulnerabilities that allow system compromises but require user interaction."
It gets this rating because it enables information retrieval from remote without any user interaction or authentication requirements.

skypeLinux users are not the most sociable bunch. Sure, I am generalizing, but I speak from experience. Not only do I know many socially awkward and inept Linux nerds, but I am one myself. While I do not use operating systems based on the kernel exclusively, I use them often, and understand preferring the company of a computer to other humans.

Still, every once in a while, a Linux nerd must communicate with family or friends and what better way to do that than video chat? Skype is one of the best options, although some Linux users refuse to use it since Microsoft acquired it. Me? I could care less who owns it as long as it functions as I expect. Today, Microsoft reaffirms its commitment to Linux with a new version of Skype.

Microsoft touts the following changes:

  • An updated UI
  • Our new cloud-based Group Chat experience
  • More reliable file transfer support when using multiple devices at once
  • Greater accessibility by blind and visually impaired users
  • PulseAudio 3.0 and 4.0 support
  • Lots of bug fixes

Sadly for some users, ALSA support has been dropped, so you must use PulseAudio. However, most users should not have a problem with this.

source Source: BetaNews