Google revealed Android 5.0 ‘Lollipop’

lollipoplead

Google has just revealed that the next major version of Android, 5.0, will be known as Lollipop. After months of teasing the OS, the search giant is finally taking what was previously known as Android “L” into the mainstream, with the first set of the devices expected to arrive early next month. Speaking of which, Android Lollipop will make its debut on the new Nexus 6, a big-screen smartphone from Motorola; the Nexus 9, an 8.9-inch tablet made by HTC; and the Nexus Player, a $99 media-streaming box with Android TV, the first one with Google’s novel home entertainment platform. What’s more, the company confirmed that Lollipop is coming to the Nexus 5, Nexus 7 and Nexus 10, as well as Google Play edition devices, in the coming weeks.

To make things better, Android 5.0 is also headed to a number of Motorola smartphones, such as both generations of the Moto X and Moto G (including the LTE model), Moto E, Droid Maxx, Droid Mini and Droid Ultra. Motorola didn’t say when exactly the upgrade would be available for those devices, but at least it has confirmed its plans to do so. Now that Google’s let the Lollipop out of the bag, we’re sure more manufacturers are due to start coming forward with their own announcement.

The Android 5.0 SDK is going to be available on Friday, October 17th, which means everything is slowly, and sweetly falling into place ahead of next month. In the meantime, stay tuned, because we’ll be updating this post if any additional details come in.

Source: Engadget

Banker Malware Targeting Malaysian Internet Banking User

MyCERT Alert

1.0 Introduction

MyCERT had received several reports regarding a malware that targets Malaysian Internet banking customers. Based on our initial analysis, we found this campaign uses the Zeus banking malware family as its Modus Operandi in this campaign.

Attacker will infect victim’s computers with Zeus banker malware which will inject modified fake contents or page while a user is browsing a legitimate online banking website.

2.0 Affected Systems

Based on our initial analysis of a sample incident, we found the below is the affected system:

2.1 Smartphone running on Android
2.2 Vulnerable and unpatched Windows Operating System

3.0 Impact

3.1 The malware will inject a modified fake contents that looks like a real online banking website when user is browsing a legitimate online banking website, in which the content will request victim’s smartphone operating system and mobile number.

3.2 The malware will SMS to the smartphone a malicious APK and infect the smart phone in order to establish callback with the attackers for further instructions.

4.0 Technical Details

Attacker will infect victim’s computers with Zeus banker malware which will inject modified contents when users is browsing a legitimate online banking website, as shown in the below sample image of the injected page.

mycert-636.jpg

The modified content will prompt user to choose their smartphone Operating System and provide their phone number as well. With the phone number information, attacker will send SMS containing link to a malicious APK known as Zitmo malware to the victim’s smartphone, purportedly to be a an online banking verification certificate.

Once the APK is installed in the smartphone, a popup message will appear and the Zitmo malware will attempt to make callback to attacker through SMS and wait for further instruction.

Few days later, attacker will login to victim’s online banking account using the stolen credentials and perform online transaction successfully by using intercepted TAC number.

The mobile malware has been discovered since late September 2010 but first time being used in malware campaign targeting Malaysian Online Banking users.

5.0 Recommendation

5.1 For laptop/PC User:

1) Install robust anti-virus, anti-spyware and firewall software on your computer and other devices and configure it to update regularly.

2) Perform regular scans of your systems for malware and other risks.

3) Operating system providers such as Microsoft, periodically releases updates and patches that improve the security of your operating system. You should periodically check for these updates and keep your system current or configure it to do so automatically.

4) When accessing to online banking, make sure there is no pop-up/window that requires personal info such as credit card number, smartphone platform(Android/iOS) etc. Do not enter those information if required.

5) Use only a dedicated computer or laptop to do online banking

6) If you suspect your bank account has been compromised or spot any activity you have not authorized, please notify your banking provider immediately.

7) Please ensure you logout properly at the end of each session by clicking log-out button. Do not exit by simply closing the browser window.

8) If you come across anything suspicious when you do banking online such as unusual web pages asking for banking information, notify your bank provider immediately.

9) Never respond to any email/advertisements requesting you to provide your login details or log in via a link sent in an email/applications. The bank will never send you a mail or provide links in any applications like that, and such a request is likely to be a phishing attempt.

5.2) For Smartphone Users:

1) Verify an app’s permission and the app’s author or publisher before installing it.

2) Do not click on adware or suspicious URL sent through SMS/messaging services. Malicious program could be attached to collect user’s information.

3) Since URL on mobile site appears differently from desktop browser, make sure to verify it first.

4) Always run a reputable anti-virus on your smartphone/mobile devices, and keep it up to date regularly.

5) Don’t use public Wi-Fi networks for bank transactions and turn off Bluetooth connection when not in use. These can be open windows for eavesdroppers intercepting the transaction or installing spyware and other malware on user’s smartphone/tablet.

6) Update the operating system and applications on smartphone/tablet, including the browser, in order to avoid any malicious exploits of security holes in out-dates versions.

7) Do not root or otherwise ‘Jailbreak’ your phone; avoid side loading
(installing from non-official sources) when you can. If you do install Android software from a source other than the Market, be sure that it is coming from a reputable source.

6.0 References

6.1. Kapersky report on Zitmo malware

6.2. ATSEngine

Source: CyberSecurity Malaysia

Apple unveils watch and larger iPhones

Apple CEO Tim Cook speaks during an Apple event announcing the iPhone 6 and the Apple Watch at the Flint Center in Cupertino, California, September 9, 2014.

Apple CEO Tim Cook speaks during an Apple event announcing the iPhone 6 and the Apple Watch at the Flint Center in Cupertino, California, September 9, 2014.

Apple Inc unveiled a watch, two larger iPhones and a mobile payments service on Tuesday as Chief Executive Officer Tim Cook seeks to revive the technology company’s reputation as a wellspring of innovation.

The first new product to be developed and introduced under Cook’s reign is a timepiece tethered to the iPhone that will combine health and fitness tracking with communications. It will price at $349 and go on sale in early 2015.

First impressions were mixed. Some expected Apple to blow away the current competition but others warned the fact that it requires a paired iPhone may limit its sales.

Starting at $349 – $50 more than the cheapest version of the iPhone 6 with a contract, the lofty price tag may also keep some consumers on the sidelines. It could go up to more than $1,000 for higher-end editions, IDC analyst Danielle Levitas said.

The Apple Watch can receive phone calls and messages, play music, serve as a digital wallet to pay for goods and monitor heart rates via special sensors. The watches will come in three collections, including a sport edition and an upscale line coated in 18-karat gold.

“People are kind of scratching their heads on this watch, especially the fact that to successfully use the watch and to take advantage of its capabilities, you also have to have an iPhone,” said Daniel Morgan, vice president at Synovus Trust Company in Atlanta. “I don’t know if they’re in the right direction with this iWatch.”

Still, rival watch and wearable device makers will keep a wary eye on Apple, which upended the music industry and drove once-dominant phone makers like Blackberry to the brink of extinction.

Sony Corp, Samsung, LG Electronics Inc and Qualcomm Inc have already launched smartwatches, albeit without much success.

“Not the knockout some were anticipating. A bit gimmicky also on the health end of the wearable bands market,” said Jon Cox, an analyst of Swiss watch companies at brokerage Kepler Cheuvreux in Zurich.

“Not as cool as I feared. Nick Hayek is probably sleeping a little easier tonight,” Cox said, referring to the chief executive of Swatch Group.

Shares of the company closed just a tad higher after having risen almost 5 percent before executives trotted out the watch. The stock tends to rise in the run-up to a major product launch, and come under selling pressure afterward as investors cash out.

BUY WITH BIGGER PHONES

The watch is unlikely to increase Apple’s top-line. Estimates vary but IDC expects total global demand of 42 million smartwatches in 2015. Apple sells that many or more iPhones in a good quarter.

But the pressure was on for the world’s largest tech company to wow on Tuesday, after a years-long drought of products beyond new iPhones and iPads. The prospect of a new gadget attracted a broader swathe of attendees than usual, with celebrities, fashion industry editors and even healthcare executives rounding out the mostly tech-industry crowd.

In a rare move, Apple had planned on livecasting its entire event online, with a simultaneous translation in Chinese. But the livestream went down about a half-hour in, prompting many users to take to Twitter to express their frustrations.

Also on Tuesday, the company took the wraps off a larger, 4.7-inch iPhone 6 and 5.5-inch iPhone 6 Plus. They will support more than 200 telecoms carriers worldwide, including all three in China – a key growth market for the company.

And it introduced a new mobile payments service dubbed “Apple Pay.” Each phone will come equipped with its new payments service, which launches in the United States next month and allows users to pay for items in stores with their phones instead of physically presenting their credit or debit cards.

Launch partners include Walt Disney Co, McDonald’s and Whole Foods. The move gives Apple access to a trove of data on how consumers shop in brick and mortar stores, where more than 90 percent of U.S. retail sales are still conducted.

Each new iPhone will come with a “secure element” chip and a near-field communications, or NFC, antenna.

Ben Milne, CEO of Internet payment network Dwolla, wanted to hear a lot more about how Apple will tackle the aging payments infrastructure. Apple Pay should get some level of mass adoption based on the number of iPhones out there, but Apple will have to tackle the current high costs of payment processing to make its new feature more widespread, he said.

“The old architecture that payments is driven on is not up to snuff for the future they want to build,” Milne said.

Source: Reuters

 

Apple is replacing your iPhone 5 battery

iphone5blackwhiteApple has determined that a very small percentage of iPhone 5 devices may suddenly experience shorter battery life or need to be charged more frequently. The affected iPhone 5 devices were sold between September 2012 and January 2013 and fall within a limited serial number range.

If your iPhone 5 is experiencing these symptoms and meets the eligibility requirements noted below, Apple will replace your iPhone 5 battery, free of charge.

Replacement process
As of August 22, 2014, the replacement process will be available in the U.S. and China. In other countries, it will be available as of August 29, 2014.

Visit a participating Apple Authorized Service Provider to have your battery replaced. Your iPhone will be examined prior to any service to verify that it is eligible for this program and in working order.

To prepare your iPhone 5 for the battery replacement process, please follow the steps below:

  • Back up your data to iTunes or iCloud
  • Turn off Find my iPhone
  • Erase data and settings in Settings > General > Reset > Erase all Content and Settings

Note: If your iPhone 5 has any damage such as a cracked screen which impairs the replacement of the battery, that issue will need to be resolved prior to the battery replacement. In some cases, there may be a cost associated with the repair.

Additional Information
Apple may restrict or limit repair to the original country of purchase.

If you believe your iPhone 5 was affected by this issue, and you paid to replace your battery, you can contact Apple about a refund.

This worldwide Apple program doesn’t extend the standard warranty coverage of the iPhone 5. The program covers affected iPhone 5 batteries for two years after the first retail sale of the unit or until March 1, 2015, whichever provides longer coverage.

For more information and to check if you are eligible or not, click here.

Smartphones will go ultra-high definition in 2015

HYPER DETAILED: The latest LG flagship phone, the LG G3, can capture video in ultra-high definition. — ©LG

HYPER DETAILED: The latest LG flagship phone, the LG G3, can capture video in ultra-high definition. — ©LG

Just like televisions and computer monitors, handset displays are about to get a huge resolution boost.

According to the latest forecast from ABI Research, a 4K screen will become a flagship smartphone feature within the next 12 months and within five years, 478 million smartphones a year will ship with a UHD display as standard.

However, at the moment there is very little native 4K broadcast content available for either televisions or smartphones, meaning that, for the time being, a display with a super resolution could be seen as just a marketing gimmick.

Senior analyst Michael Inouye commented: “While some content owners and broadcasters have or are preparing to launch 4K programming, video resolution delivered to mobile devices will continue to lag behind screen pixel densities. While mobile device components, such as processor, memory and in some cases batteries, are gearing up to handle 4K, network and infrastructure elements remain challenging.

“Key video services like several under the UltraViolet umbrella, for instance, still largely distribute content to mobile devices in SD. Content protection and data utilisation concerns are part of the issue, but consumers also have not demanded higher resolution video in adequate numbers for services to respond,” he adds.

Although UHD displays aren’t expected to arrive until next year, the ability to use a smartphone to create 4K content is already here. The latest Samsung and LG flagship handsets both record video in 4K and as such join a growing list of UHD devices, such as the GoPro action cam.

However, even with more user-generated UHD content, disseminating it among friends or even hosting it to sites like YouTube is still an issue in terms of streaming or downloading due to the size of the file involved and consumers’ hatred of videos that buffer.

“Over The Top (OTT) video services will carefully weigh the costs of 4K delivery, the impact on viewing on mobile devices, and the brand halo high resolution services can bring,” said practice director Sam Rosen.

Rosen believes companies that use the internet to deliver content will initially focus on bringing UHD to televisions but there are emerging connection technologies that could mean that smartphones become a hub for streaming rich content to other devices around the home.

“New connections like wired MHL 3.0 and wireless 802.11ad can help position mobile devices as a hub for streaming high quality video and gaming to TVs. Qualcomm’s acquisition of Wilocity and push of 802.11ad could further encourage OTT companies and TV manufacturers to embrace the technology and bring high resolution video to TVs via mobile devices,” he adds. — AFP/Relaxnews 2014

Indonesian capital threatens to ban Uber car app

TARGETED: The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said. — AFP

TARGETED: The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said. — AFP

JAKARTA: The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said Wednesday.

Jakarta authorities are just the latest to target Uber, an app that has sparked protests from taxi drivers in several countries as it allows customers to hail private rides via their phones.

“In our opinion, the service Uber provides is just like a taxi service, but it doesn’t have a licence to operate as one in this city,” Jakarta transport agency chief Muhammad Akbar told AFP.

“Registered taxis in Jakarta have to meet certain standards, including some to do with safety, so if Uber wants to operate here, it must be held to the same standards — otherwise it’s not fair.”

Authorities are concerned that Uber’s service will undercut the current market for taxis and that the company may evade tax if not registered legally, Akbar said.

The agency is working with the ministry for IT and communications to have the app shut down, Akbar said, adding that it had invited Uber to a meeting a month ago but never received a response.

Uber could not be immediately contacted for comment, but has fended off similar criticism in the past by explaining its service merely links customers looking for a ride with those who have a car, and does not own or operate its own fleet.

Uber began by linking users of its apps to luxury car operators, but then decided to offer a broader selection of cars and include a ridesharing option.

In Jakarta, it currently only links to services offering paid-for trips in upmarket cars.

The California-based app, operating in 170 cities spread across dozens of countries, is the most prominent of several that are shaking up the traditional taxi landscape in cities around the world.

Uber has already faced significant resistance from regulators in several countries, who accuse it of unfair competition and lack of standards.

Jakarta is flooded with some 20 million people on any given work day and taxis are a common mode of transport in the congested city, which is poorly covered by public transport. — AFP