News & Updates

Enlarge / Microsoft’s Phil Spencer speaks at the DICE conference in Las Vegas. (credit: Kyle Orland)

LAS VEGAS—In just over four years as head of Xbox and executive vice president of gaming at Microsoft, Phil Spencer has overseen some tough times for the gaming brand. But he says one of the most difficult lessons he has learned in that time came after a company-hosted Game Developers Conference party that featured scantily clad women dancing on podiums.

That “unequivocally wrong, unequivocally sexist, unequivocally intolerable choice” led to justifiable public backlash, Spencer recalled at a keynote speech at the DICE Summit in Las Vegas this morning, which Ars attended. But, he said, the “internal backlash at my own company was almost harsher.” Instead of sidestepping responsibility, Spencer said he “absorbed the hit” as a leader and used it as an opportunity to “bet on what we stood for… we don’t tolerate any employee or partner that enables or offends others… we stand for inclusivity.”

Doing better

This sort of internal cultural transformation has been a deliberate focus for Microsoft since Satya Nadella became the company’s third-ever CEO roughly four years ago, Spencer said. That company-wide “reboot” was especially necessary in the Xbox group, which Spencer admits was in a “world of pain” since “we hadn’t done our best work with the announce[ment] of the Xbox One. The product we built wasn’t meeting the expectations of our customers, market share was taking a nosedive, and it was painful to read all the headlines.”

Read 10 remaining paragraphs | Comments


Enlarge / The Asus NovaGo. (credit: Asus)

Always Connected Windows 10 PCs that use Qualcomm’s Snapdragon 835 ARM processors will work on all four major US networks, the chip company has announced today, with T-Mobile and AT&T joining the previously announced Sprint and Verizon.

In total, 14 different network operators across 10 countries have pledged to support the new generation of ARM-powered Windows 10 laptops and tablets. Qualcomm adds that some of those network operators will also be selling the systems, though it has not specified which will be doing so.

Initially, three systems will be available. HP’s Envy x2 is a tablet with detachable keyboard, as is Lenovo’s Miix 630. Asus’ NovaGo, in contrast, is a clamshell laptop with a 360-degree hinge to enable tablet-like operation.

Read 2 remaining paragraphs | Comments


Experts from Kaspersky highlighted a shift focus in the Sofacy APT group’s interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia.

The Russia-linked APT28 group (aka Pawn StormFancy BearSofacySednitTsar Team and Strontium.) made the headlines again, this time security experts from Kaspersky highlighted a shift focus in their interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia.

“Sofacy, one of the most active APT we monitor, continues to spearphish their way into targets, reportedly widely phishes for credentials, and infrequently participates in server side activity (including host compromise with BeEF deployment, for example). KSN visibility and detections suggests a shift from their early 2017 high volume NATO spearphish targeting towards the middle east and Central Asia, and finally moving their focus further east into late 2017.” states Kaspersky.

The experts analyzed the infections of the Sofacy backdoor tracked as SPLM, CHOPSTICK and X-Agent, the APT group had been increasingly targeting former Soviet countries in Central Asia. The hackers mostly targeted telecoms companies and defense-related organization, primary target were entities in Turkey, Kazakhstan, Armenia, Kyrgyzstan, Jordan and Uzbekistan.

The researchers observed several attacks leveraging the SPLM and the Zebrocy tool between the second and fourth quarters of 2017 against organizations in Asia. The list of targeted countries included China, Mongolia, South Korea and Malaysia.

Sofacy APT

“This high level of cyber-espionage activity goes back years. In 2011-2012, the group used a relatively tiny implant (known as “Sofacy” or SOURFACE) as their first stage malware, which at the time had similarities with the old Miniduke implants.” states Kaspersky.

“This made us believe the two groups were connected, although it looks they split ways at a certain point, with the original Miniduke group switching to the CosmicDuke implant in 2014. The division in malware was consistent and definitive at that point.”

The Zebrocy tool was used by attackers to collect data from victims, researchers observed its involvement in attacks on accounting firms, science and engineering centers, industrial organizations, ministries, embassies and consulates, national security and intelligence agencies, press and translation services, and NGOs.

The researchers highlighted that the attack infrastructure used in the last attacks pointed to the Sofacy APT, the group has been fairly consistent throughout even if their TTPs were well documented by security firms across the years. Researchers at Kaspersky expect to see some significant changes this year.

“Sofacy set up and maintained multiple servers and c2 for varying durations, registering fairly recognizable domains with privacy services, registrars that accept bitcoin, fake phone numbers, phony individual names, and 1 to 1 email address to domain registration relationships. Some of this activity and patterns were publicly disclosed, so we expect to see more change in their process in 2018. Also, throughout the year and in previous years, researchers began to comment publicly on Sofacy’s fairly consistent infrastructure setup.” continues Kaspersky.

Further details are included in the analysis published by Kaspersky, including Indicators of Compromise (IOCs).

medianet_width=’300′; medianet_height= ‘250’; medianet_crid=’762221962′;

“zoneid”: 1082811,
“async”: false});

Pierluigi Paganini

(Security Affairs – Sofacy APT, Asia)

“zoneid”: 1063289,
“async”: false});

“zoneid”: 321967,
“async”: false});

The post Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia appeared first on Security Affairs.

Source: Security affairs

Greetings, Arsians! Courtesy of our friends at TechBargains, we have another round of deals to share. Today the Dealmaster is bringing you a choice deal on Sony’s PlayStation VR headset, which remains the most accessible entry point for the VR-curious (presuming they have a PlayStation 4, of course). Sony has slashed each of its PSVR bundles by $100, bringing them down to their Black Friday prices.

Your best bet here is likely the Skyrim bundle: it’s $350, but for that cash you get the second-generation PSVR headset (which supports HDR passthrough and comes with an integrated pair of headphones), the mandatory PlayStation camera, two PlayStation Move motion controllers, and a classic game that isn’t perfect in VR but is still a decent way to get started with the tech. Alternatively, there’s a cheaper bundle that includes Doom VFR, but we’ll, uh, leave that decision up to you.

If you don’t care about VR, though, fear not. The roundup also includes savings on speedy Samsung SSDs (alliteration!), iPads, TCL Roku TVs, lots of Dell PCs, Motorola’s Moto G5 Plus phone, DJI drones, and much more. Take a look for yourself below.

Read 10 remaining paragraphs | Comments


A number of “alt-right,” pro-Trump, and self-described conservative social media personalities awoke this morning to find that they had a lot fewer followers on Twitter than they had the night before. The apparent cause was the latest culling by Twitter of accounts that in some way violated the company’s terms of service, a Twitter spokesperson told Ars, including “behaviors that indicate automated activity or violations of our policies around having multiple accounts, or abuse.” The sweep has some on the right accusing Twitter of politically motivated censorship.

“Twitter’s tools are apolitical, and we enforce our rules without political bias,” a Twitter spokesperson said in a statement emailed to Ars. The accounts were targeted as part of “our ongoing work in safety,” the spokesperson said. “We also take action on any accounts we find that violate our terms of service, including asking account owners to confirm a phone number so we can confirm a human is behind it. That’s why some people may be experiencing suspensions or locks. This is part of our ongoing, comprehensive efforts to make Twitter safer and healthier for everyone.”

In response to the sudden culling of accounts, starting at around 1am Eastern Time today, some aligned with “alt-right” figures such as white supremacist Richard Spencer started the #TwitterLockOut and #TwitterPurge hashtags, and some resurfaced Project Veritas’ accusations that Twitter employees were deliberately censoring “right-leaning” accounts. Spencer himself claimed to have lost over 1,000 followers over a few hours overnight; Janna “Deplorable” Wilkinson, who had her own account suspended in October, claimed to have lost 3,500 followers.

Read 1 remaining paragraphs | Comments


Enlarge / Intel Core i9 X-series Skylake X. (credit: Intel)

Intel reports that it has developed a stable microcode update to address the Spectre flaw for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants.

The microcode updates help address Spectre variant 2 attacks. Spectre variant 2 attacks work by persuading a processor’s branch predictor to make a specific bad prediction about which code will be executed. This bad prediction can then be used to infer the value of data stored in memory, which, in turn, gives an attacker information that they shouldn’t otherwise have. The microcode update is designed to give operating systems greater control over the branch predictor, enabling them to prevent one process from influencing the predictions made in another process.

Intel’s first microcode update, developed late last year, was included in system firmware updates for machines with Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors. But users subsequently discovered that the update was causing systems to crash and reboot. Initially, only Broadwell and Haswell systems were confirmed to be affected, but further examination determined that Skylake, Kaby Lake, and Coffee Lake systems were rebooting, too.

Read 3 remaining paragraphs | Comments


Enlarge / Reconstruction of a Bell Beaker burial (National Archaeological Museum of Spain). (credit: Miguel Hermoso Cuesta via Wikimedia Commons)

We can understand the prehistoric past only by interpreting the things people left behind. Finds don’t come with words to explain how an object arrived at a site or why people decorated a pot a certain way. So there’s a lot of detail about prehistoric people’s lives, cultures, and interactions that these objects can only hint at. In recent years, however, the DNA of ancient people has added depth and detail to the information gleaned from artifacts. Genomic studies, it turns out, can tell us who the people using those artifacts were and where they came from.

Most of the genomic work so far has been relatively small-scale due to the massive effort involved in sampling and processing ancient DNA, but two new studies add several hundred prehistoric genomes to the existing data.

“The two studies published this week approximately double the size of the entire ancient DNA literature and are similar in their sample sizes to population genetic studies of people living today,” Harvard Medical School geneticist David Reich, who coordinated the studies, told Ars. “We can pick out subtleties in ancient demographic process that were more difficult to appreciate using the small sample size studies available before.”

Read 14 remaining paragraphs | Comments


Enlarge / The Nest Cam IQ. The blue glow means it’s recording. (credit: Ron Amadeo)

Google clearly has a goal of putting the Google Assistant just about everywhere. Today you can find it in smartphonestabletslaptopsTVswatchessmart speakersheadphones and soon, smart displays. There’s one place you haven’t seen the Assistant, though: a camera. Today Google is fixing that by updating the Next Cam IQ with Google Assistant support. The device is now basically a mini Google Home with a camera on top.

The Nest Cam IQ is Nest’s top-of-the-line indoor camera, with a 4K sensor and an outrageously powerful (for a camera) six-core processor. All that power is put to work crunching that 4K video feed down to a more reasonable 1080p size, with the 4K sensor used to power the “12x digital zoom” feature available for its app. The Nest Cam IQ has always featured a microphone and speaker for remote communication, and now it will also be put to work to power your usual Google Assistant commands.

With the update, you’ll be able to speak the usual “OK Google” commands, and the blue ring around the Nest Cam IQ will light up to show it’s listening. Just like every other Google Assistant device, it supports questions, smart home commands, making shopping lists, buying stuff, controlling Chromecasts, and a score of other things.

Read 3 remaining paragraphs | Comments