Archive for the ‘Pc Systems’ Category

Comments Off

Where did Flashback start? Blame the blogosphere


2012
06.30

The Flashback outbreak has been one of the largest to hit the
Mac platform to date, and while some estimates claim the number of Flashback-infected OS X systems has been swiftly dropping since its peak of 600,000 systems on around April 9, others suggest this may not be the case and the infection rate remains relatively high.

This development along with several other recent malware scams in the past few years has been a wake-up call for Mac users to mind their security; however, the security of the Mac platform and even others extends beyond the computer itself.

When this malware was first announced it became apparent that the problem largely rested on Apples avoidance of attending to Java updates. By not pushing the latest Java updates to OS X users, Apple left a large window of opportunity open for known vulnerabilities in the software on OS X systems to be exploited.

As a result of this, much of the blame for this attack falls on Apples shoulders, but even with blame directed to Apple, we cannot overlook how the attack was spread in the first place. Contemporary malware attacks have been known to spread through underground Web sites, illegal file-sharing services, warez distribution, and other behaviors for which the end-user is responsible; however, recent malware attacks have happened outside of these means.

Analysis of the Flashback infection by Kaspersky labs suggests that the malware started in compromised WordPress blogs, so instead of illicit or underground activity resulting in attacks, people have been infected by visiting legitimate Web sites without even realizing these sites had been made part of a malware distribution network.

Kaspersky found that between September 2011 and February 2012, the criminals behind the Flashback malware worked in tandem with a cyber crime hosting program that supplied the malware. The hosts in this program were then accessed by injecting redirect scripts into personal Web blogs that were running vulnerable versions of the WordPress software. The specific vulnerabilities that were exploited for this are unknown, but may have been in the main WordPress package itself or in one of the numerous add-ons for the software, such as the ToolsPack plug-in.

With the compromised blog sites active, users visiting them would be redirected to the cyber crime network that would host variants of the malware. As a result, the criminals only had to update the malware versions on the cyber crime network in order to spread new variants of the attack.

Over the months between September 2011 and February 2012, the criminals used these means to evolve the attack from being downloadable Flash updates to those that exploited Java vulnerabilities and installed without user intervention. Therefore, people visiting their favorite blogs might have suddenly found their browser offering a new Flash Player update, or perhaps quickly showing a blank window that they didnt expect, but which had run the Java-based variant of the malware.

Often those who were infected with early variants would revisit the compromised blogs and be subsequently reinfected with more-advanced variants as the crime network evolved its software. This was evident by later variants of the malware checking for and removing the components of early versions before installing on the system.

By February 2012, estimates of the affected Web sites have been at between 30,000 and 100,000, with approximately 85 percent being located in the United States.

This development shows that while the end-users system is the ultimate barrier to malware attacks, the responsibility also falls to those who are running their own personal blogs and other software on hosting services that may be hijacked and used to spread malware.

While the WordPress organization offers hosted services that are kept up-to-date with the latest WordPress releases, only about half of the roughly 73 million WordPress blogs worldwide are hosted and managed by WordPress. The others are managed on secondary hosting services using the free WordPress software, and which require maintenance and update management by the administrators of these hosts.

Unfortunately as with the lag in Java being updated on Apples systems, if an administrator of one of these sites omits an update, then the site may be left vulnerable to security holes, and potentially taken advantage of by hackers who can use it to spread malware to PC systems that visit the site.

Therefore, while the Flashback malware was ultimately enabled by the poor maintenance and support of Java in OS X, its spread was enabled by numerous well-meaning sites whose administrators have been oblivious to the changes made that have been helping distribute the malware.

To help stem the use of personal sites to spread malware, if you have your own Web blog for which you manage the blog software, be sure you keep your software up-to-date and configured with proper security settings to prevent exploitation of it and the users who visit it. You can also regularly use a test computer or virtual machine with various installations of OS X and Windows to view your site and ensure it behaves as it should without redirecting users to different sites or performing other unwanted behavior.

If you suspect your blog has been compromised, then be sure to contact your blogs support resources to see what can be done. Often as is instructed in WordPress security FAQ, the easiest way to remove hacks is to reinstall the blog software on your server, which should remove injected code from the files that the blog uses, but the specifics of what should be done will depend on what aspects of your site have been compromised.

Questions? Comments? Have a fix? Post them below or !
Be sure to check us out on Twitter and the CNET Mac forums.

Comments Off

Dishonored cinematic trailer released


2012
06.14

Whether Dishonored can rise above the criticisms of other stealth game remains to be seen. While the game promises action with meaning it remains to be seen how Arkane will strike a balance between the impressive supernatural abilities shown in the trailer and a meaningful story.

Arkane will no doubt have to find new ways to invest players into the interesting new world they have created to avoid falling into just another action game. Dishonored will be available for the PlayStation 3, Xbox 360, and PC systems.

While the release date of the game has not been released interested Tucsonans can pre-order online to reserve a copy.

Comments Off

City to Celebrate Earth Day with E-waste Recycling Event


2012
06.10

The Fountain Valley Community Foundation will celebrate Earth Day this Saturday by hosting an electronic waste collection event for local citizens to drop off their unwanted electronic items.

The event will take place in the parking lot next to the Fountain Valley Recreation Center from 9 am to 4pm This is a free service offered to residents to properly dispose of their e-waste and help divert waste from landfills. Shredding services will also be provide until 2 pm, or until the truck is full.

Hundreds of millions of retired computers, cell phones, and electronics sit idle or are discarded by Americans every year, eventually contributing to landfill waste. Toxic substances like lead, cadmium, and mercury that are commonly used in these products can contaminate the land, water, and air.

Acceptable household e-waste items include televisions, PC systems, laptops, monitors, home entertainment systems, cell phones, desktop copiers, printers, fax machines, keyboards, DVD and VCR players, audio devices, and loose wires in working condition or not.

#13;

Items not accepted are fluorescent lamps, microwaves, vacuums, and cooling units such as refrigerators.

For more information, visit monitorheaven.com or call Orange Coast Computers and Recycling at (800) 574-5944.

Comments Off

NVIDIA estimates mobile GPU performance will surpass Xbox 360 by 2014


2012
06.09

NVIDIA estimates mobile GPU performance will surpass Xbox 360 by 2014

NVIDIA has estimated smartphones released during 2012-2014 will contain Xbox 360-class GPU performance out of mobile SoCs, according to Anandtech. According to a slide handed to the site, if the trend in mobile chips continues, it will catch up with PC systems a few years beyond 2014. NVIDIA is currently toting its Tegra 3 System-on-a-Chip as a solution to high-end graphics on mobiles devices. Thanks, GI International.

Comments Off

Staray Silence: New Enermax Midi Tower for Silent PC Now Available


2012
06.05

PRESS RELEASE

Virtually Silent Cooling with Twister Fans

Hamburg, 2nd of April 2012. Already at the beginning of 2012, Enermax has extended the Staray case series with an affordable entry-level model, the Staray Lite (ECA3175-L). Now, the manufacturer launches another version that has been designed for the admirers of silent PC systems. Staray Silence takes up the characteristic outlook of the Staray series with the large, air-permeable mesh front. Apart from that, two 12cm fans of the best-selling TBSilence series support the cooling system of the case. The patented Twister bearing guarantees a smooth rotation and a long life time of up to 100,000 hours MTBF.

The manufacturer also optimized the interior design of the midi tower. In comparison to the original version ECA3170-BL/-BR, Staray Silence offers an additional cut-out for an easy and comfortable CPU cooler installation and a black interior coating. Two USB 3.0 ports at the front panel allow for an ultrafast data transfer between external USB storage devices and the systems HDDs. An internal 19-pin connector avoids the inconvenient and unpleasant cable routing through the back of the case.

Staray Silence (ECA3175-S) is now available at a MSRP of pound;44.90. Technical details and product photos: www.enermax.co.uk/staray.

About Enermax

Enermax Technology Corporation was founded in Taiwan in 1990 and is a globally renowned manufacturer of PC components such as power supplies, PC cases, cooling products, keyboards, enclosures and other peripherals. Since almost 20 years Enermax plays a leading role as an innovator in PSU market. Enermax products are well known for their innovative technology, high quality and safety, best performance and unique design. The company possesses its own research and development centre as well as two factories. Subsidiaries and numerous affiliates around the world provide an excellent network for OEM/ODM and retail business. Enermax subsidiary in Hamburg coordinates major European markets.

Comments Off

PAYDAY: The Heist Smuggles In New Game Update


2012
05.18

Sony and OVERKILL Software today announced the latest game update for the high-intensity, co-op, first-person shooter PAYDAY: The Heist. With a slew of new events, achievements, disguise masks and an all-new community-centric music track, this game update offers some serious ransom to hardened criminals looking for the ultimate PAYDAY.

Available today via digital download on the PlayStation Network and PC systems, the new game update further intensifies this online co-op shooters six dynamic heists, forcing players to rely on quick thinking and teamwork to thwart well-trained law enforcement and successfully execute new objectives and achievements. Enhanced AI capabilities, such as aggressiveness, agility and intelligence, have also been implemented.

Key features of the new game update include:
o Masks of Disguise: Presidential masks are now available to those players that have reached level 145. Players can grab a Golden mask when all heists are completed on OVERKILL 145+. BEEEF masks have also been added to the game, and can be picked up in the lobby.
o OVERKILL 145+: Players that have reached level 145 can now play on a new difficulty called OVERKILL 145+, which opens up the possibility for new events and achievements. It also unlocks new weapons, such as the crowbar to open doors, as well as leaderboards.
o Drop-In: With the added in-game drop-in ability, players can set the server to allow for others to join the game mid-heist. Players can also filter players by setting server reputation and difficulty requirements.
o SWAT Tactics: The SWAT captain has trained a slew of new recruits, resulting in challenging new tactics and counter measures for players to face on each of the heists.
o Sweet Moves: Players can check out new weapon animations for the Shotgun. Law enforcers now move more tactically than ever before. Even civilians have new dance animations in the DIAMOND HEIST.
o Portrait Window Additions: Players can now see the name of the character they are currently playing in the portrait window while in game.
o Compare Worldwide: PC Players can now view statistics on how many players in the world have completed the different heists on all difficulties through the SELECT HEIST menu.
o Expanding Field of View (FoV): PC Players can now choose what FoV they want to use ranging from 60 to 100 through the advanced graphics menu.
o DIAMOND HEIST Music: For PC players, as a token of appreciation to the community, 200 of the most dedicated career criminals nicknames have been immortalized in-game. The DJ has added a new music track, doing shout-outs to 200 players in the community.

This game update is available for download at no additional cost on STEAM and on the PlayStation Network.

Comments Off

Quake 4 Arrives On Mac OS X


2012
05.17

In standard Mac system gaming style, and just seven or so years after arriving on PC systems, Quake 4 has now arrived on Apple Mac machines. Quake 4 is the fourth title in the series of the Quake first-person shooter games, and was developed by Raven Software, id Software and published by Activision back in 2005, and is now available to purchase from the Apple Mac store for $19.99.

If you havent already played Quake 4 it contains multiplayer modes for Deathmatch, Team Deathmatch, Tourney, Capture the Flag, Arena CTF and DeadZone. Allowing you to finally fight it out with other Mac users. Great game all the same and worth the cash if you enjoy traditional first person shooters, but nothing new to see.

The Quake 4 single player mode continues the story of Quake II by pitting the player against a cyborg alien race known as the Strogg. The game follows the story of a Marine named Matthew Kane who is a member of the fabled Rhino Squad.

Source: Redmond Pie

Comments Off

Get Adobe’s Creative Suite From the Cloud, For Just $49 A Month


2012
05.15

Adobes new offering, Creative Cloud, brings the companys expansive and expensive range of legendary publishing and art applications, Flash development software and other tools to all via an affordable software as a service solution.

The Cloud Gets Design Power

Adobe has long ruled the roost in the creative world with its suites of design and creation apps. Despite the high retail prices, updates to apps like InDesign, PhotoShop and Flash Builder are eagerly lapped up by creative types working on the latest quad-core Mac and PC systems. Whats another few grand for the best software?

Not all designers are so well off, and many smaller companies have armies of designers, developers and tweeners, slaving away on older versions. For anyone in that pickle, a solution is at hand, $49 a month access to pretty much all of Adobes output on a year-long contract (with cheaper special offer pricing for existing customers).

Comments Off

How to remove the Flashback malware from OS X


2012
05.13

While OS X was relatively void of malware for the first 10 years of use, recently malware scares have cropped up that have affected a significant number of
Mac systems.

One of the first was the MacDefender fake antivirus scam, which had people issuing credit card information out of fear their systems were infected. This scam morphed quite rapidly as it tried to avoid detection and continue coercing people to offer personal information. Another scam was the DNSChanger malware that affected millions of PC systems worldwide, and which ultimately directed affected systems to malicious Web sites, and like the MacDefender malware tried to get people to offer personal information.

The latest malware to hit OS X has been the Flashback scam, which initially started as a fake Flash player installer application that was relatively easy to avoid. However, the threat quickly morphed into a more serious threat by taking advantage of unpatched security holes in Java (which Apple has since addressed) to install on a Mac running Java by merely visiting a malicious Web page and not requiring any user attention. So far, it is estimated to have infected over 600,000 Mac systems worldwide, with the majority in the US and Canada.

How does it work?

The Flashback malware injects code into applications (specifically Web browsers) that will be executed when they run, and which then send screenshots and other personal information to remote servers.

First step: Exploiting Java
When you encounter the malicious Web page containing the malware and have an unpatched version of Java running on your system, it will first execute a small Java applet that when run will break the Java security and write a small installer program to the users account. The program is named something like .jupdate, .mkeeper, .flserv, .null or .rserv, and the period in front of it makes it appear hidden in the default Finder view.

In addition, the Java applet will write a launcher file named something like com.java.update.plist, com.adobe.reader.plist, com.adobe.flp.plist or even null.plist to the current users ~/Library/LaunchAgents/ folder, which will continually launch the .jupdate program whenever the user is logged in.

In order to avoid detection, the installer will first look for the presence of some antivirus tools and other utilities that might be present on a power users system, which according to F-Secure include the following:

/Library/Little Snitch
/Developer/Applications/Xcode.app/Contents/MacOS/Xcode
/Applications/VirusBarrier X6.app
/Applications/iAntiVirus/iAntiVirus.app
/Applications/avast!.app
/Applications/ClamXav.app
/Applications/HTTPScoop.app
/Applications/Packet Peeper.app

If these tools are found, then the malware deletes itself in an attempt to prevent detection by those who have the means and capability to do so. Many malware programs use this behavior, as was seen in others such as the Tsunami malware bot.

Second step: Downloading the payload
When the jupdate program executes, it will connect to a remote server and download a payload program that is the malware itself, and which consists of two components. The first is the main part of the malware that performs the capture and upload of personal information, and the second is a filter component that is used to prevent the malware from running unless specific programs like Web browsers are being used.

Third step: Infection
Once the malware and the filter are downloaded, the malware is run to infect the system. This is where users will see an alert about a software update and will be prompted to supply their passwords. Unfortunately at this point there is nothing to stop the infection, and whether or not a password is supplied only changes the mode of infection.

The root of the infection routine is based around hijacking configuration files in OS X that are read and executed when programs are run. One of these is called Info.plist located in the Contents folder within each OS X application package, and is read whenever that specific program is opened. The second is called environment.plist and is located within the user account in a hidden folder (~/.MacOSX/environment.plist), which can be used to launch parameters whenever any programs are opened by the user.

The first mode of infection is if a password is supplied, in which case the malware alters the Info.plist files in
Safari and
Firefox to run the malware whenever these programs are opened. This is the malwares preferred mode of infection, but if a password is not supplied, then the malware resorts to its second mode of infection, where it alters the environment.plist file.

By using the environment.plist file, the malware will run whenever any application is opened, and this will lead to crashes and other odd behavior that might cause alarm to the user, so the malware then uses its filter component to only run when certain applications are launched, such as Safari, Firefox, Skype, and even Office installations.

Either way, once downloaded the malware will infect the system using one of these approaches and will run whenever target applications like Web browsers are used. In more recent variants of the malware, when installed using the environment.plist file it will further check the system to ensure complete installations of programs such as Office or Skype are present, and potentially delete itself if these programs are not fully or properly installed. F-Secure speculates this is an attempt to prevent early detection of the malware.

How do I detect it?

Detecting the malware is fairly easy, and requires you simply open the Terminal application in the /Applications/Utilities/ folder and run the following commands:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

defaults read /Applications/Firefox.app/Contents/Info LSEnvironment

These commands will read the Info.plist file of some target applications, and the environment.plist file in the user account, and determine if the variable used by the malware to launch itself (called DYLD_INSERT_LIBRARIES) is present. If the variable is not present, then these three Terminal commands will output that the default pair does not exist, but if they are present then these commands will output a path that points to the malware file, which you should see in the Terminal window.

In addition to the above commands, you can check for the presence of invisible .so files that past variants of the malware create in the Shared user directory by running the following command in the Terminal:

ls -la ~/../Shared/.*.so

After running this command, if you see an output of no such file or directory then you do not have these files in your user shared directory; however if they are present then you will see them listed.

How do I remove it?

If after running the first three detection commands you find that your system does contain the modified files and you suspect it has the malware installed, then you can go about removing it using F-Secures manual removal instructions. These instructions are a bit in-depth, but if you follow them exactly, then you should be able to rid the system of the infection:

  1. Open the Terminal and run the following commands (the same as above):

    defaults read /Applications/Safari.app/Contents/Info LSEnvironment

    defaults read /Applications/Firefox.app/Contents/Info LSEnvironment

    defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

    When these commands are run, make a note of the full file path that is output to the terminal window (it may be paired with the term DYLD_INSERT_LIBRARIES). For each of the commands that output a file path (and do not say the domain pair does not exist), copy the full file path section and the run the following command with the file path in place of FILEPATH in the command (copy and paste this command):

    grep -a -o __ldpath__[ -~]* FILEPATH

  2. Locate the files mentioned in the output of the above commands, and delete them. If you cannot locate them in the Finder, then for each first type sudo rm in the terminal followed by a single space, and then use your mouse cursor to select the full file path from the first commands output, and use Command-C followed by Command-V to copy and paste it back into the Terminal. Then press Enter to execute the command and remove this file.

    See the following screenshot for an example of how this should look:

Comments Off

Digital Storm Unveils Marauder Series PC Systems For Gamers On A Budget


2012
05.12

Digital Storm have today unveiled a new range of Marauder gaming PC systems they have created specifically with the budget conscious gamer in mind, and have been built using Corsairs Vengeance C70 chassis.

The new Marauder gaming systems start at $799 and for that you will receive a quad-core 3.6GHz AMD FX-4100 CPU, together with a Radeon HD 7750 GPU, supported by 8GB of Corsair Vengance memory. Check out the full specification lists after the jump.

Rajeev Kuruppu, Digital Storms Director of Product Development explains: With this new line, weve set a new standard for the price versus performance ratio. Our engineers have always wanted to create a line of powerful gaming PCs that are within reach of every gamer,-With complete systems starting at $799, this is the very first time Digital Storm has offered such an affordable gaming PC.

Before any system get send out by Digital Storm all systems undergoes a rigorous 72-Hour Stress-Test, and Digital Storm technicians benchmark the system via industry standard testing software coupled with a proprietary testing process that detects components which can be prone to future failure. To make sure you system arrives and plays as it should whilst you enjoy your gaming.

Source: Hot Hardware


Sitemap