Author Archives: Amandeep Singh Nagpal

About Amandeep Singh Nagpal

Amandeep Singh Nagpal is the founder and Editor-in-chief of the i4infomania portal . He is pursuing B.tech and lives in Ambala City ( Haryana ) . He loves to write on gadgets , latest news and always remain keen to learn new interesting things .

McAfee Labs Report Sees Known Exploits and Fileless Malware Drive Record New Malware Surge

NEWS HIGHLIGHTS

  • McAfee Labs reports record volume of new malware, surges 10% in Q3 2017 with 57.6 million samples
  • Fileless malware leveraging Microsoft PowerShell grew 119%
  • Trickbot and other threats exploit known and patched Microsoft vulnerabilities
  • New ransomware rises by 36%, Lukitus version of Locky ransomware emerges
  • DragonFly 2.0 malware targets new industries for espionage: pharmaceutical, finance, accounting
  • New mobile malware jumps 60% with infection rates remaining highest in Asia

McAfee, one of the world’s leading cybersecurity companies, today released its McAfee Labs Threat Report: December 2017, examining the growth and trends of new malware, ransomware, and other threats in Q3 2017. McAfee Labs saw malware reach an all-time high of 57.6 million new samples—four new samples per second—featuring developments such as new fileless malware using malicious macros, a new version of Locky ransomware dubbed Lukitus, and new variations of the banking Trojans Trickbot and Emotet. Threats attempting to exploit Microsoft technology vulnerabilities were very prominent despite the fact that the platform vendor addressed these issues with patches as early as the first quarter of 2017.

“The third quarter revealed that attackers’ threat designs continue to benefit from the dynamic, benign capabilities of platform technologies like PowerShell, a reliable recklessness on the part of individual phishing victims, and what seems to be an equally reliable failure of organizations to patch known vulnerabilities with available security updates,” said Raj Samani, McAfee’s Chief Scientist. “Although attackers will always seek ways to use newly developed innovations and established platforms against us, our industry perhaps faces a greater challenge in the effort to influence individuals and organizations away from becoming their own worst enemies.”

Each quarter, McAfee Labs assesses the state of the cyber threat landscape based on threat data gathered by the McAfee Global Threat Intelligence cloud from hundreds of millions of sensors across multiple threat vectors around the world. McAfee Advanced Threat Intelligence complements McAfee Labs by providing in-depth investigative analysis of cyberattacks from around the globe.

Known Vulnerabilities Exploited

The third quarter of 2017 saw cybercriminals continue to take advantage of Microsoft Office vulnerabilities such as CVE-2017-0199, which took advantage of a vulnerability within both Microsoft Office and WordPad to allow remote code execution through specially crafted files. To execute this attack, many took advantage of a tool available via GitHub offering an easy route to creating a backdoor attack without complex configuration.

New variations of the Trickbot banking Trojan featured code that embedded the EternalBlue exploit responsible for the massive WannaCry and NotPetya ransomware outbreaks in Q2. Despite Microsoft’s continued efforts to counter EternalBlue with security patches, the new Trickbot authors still found the proven technique to be effective. They combined it with new features such as cryptocurrency theft and new delivery methods, and made these new Trickbot versions the most active banking Trojans in Q3.

“Once vulnerabilities are discovered and disclosed ‘into the wild,’ or the hacker community, they present a blueprint for malicious parties seeking to develop sophisticated threats that exploit them,” said Steve Grobman, Chief Technology Officer at McAfee. “The year 2017 will be remembered as the time when such vulnerabilities were exploited to orchestrate large-scale cyber events, including the WannaCry and NotPetya ransomware outbreaks, and high-profile breaches such as at Equifax. Only by investing more in the discovery and remediation of cyber vulnerabilities can technology vendors, governments, and business enterprises hope to gain a step on the cybercriminals working furiously to uncover and take advantage of them.”

Fileless Threats

Fileless threats continued to be a growing concern in Q3, with PowerShell malware growing by 119%. Very prominent in this category was the Emotet banking Trojan, which spread around the world through large spamming campaigns, and lured users into downloading Microsoft Word documents. This act inadvertently activates a PowerShell macro that downloads and installs the malware on their systems.

“Although many cyberattacks continue to rely on the exploitation of basic security vulnerabilities, exposures, and user behaviors, fileless threats leverage the utility of our own system capabilities,” said Vincent Weafer, Vice President for McAfee Labs. “By leveraging trusted applications or gaining access to native system operating tools such as PowerShell or JavaScript, attackers have made the development leap forward to take control of computers without downloading any executable files, at least in the initial stages of the attack.”

Lukitus Ransomware

One of the key developments in the ransomware space was the emergence of Lukitus, a new version of Locky ransomware. The ransomware was distributed by more than 23 million spam emails within the first 24 hours of the attack. Overall in the category, new ransomware samples increased by 36%. The number of total ransomware samples has grown 44% in the past four quarters to 12.3 million samples.

DragonFly: New Industries, New Objectives

The McAfee Advanced Threat Research team found that DragonFly 2.0, the malware discovered earlier in 2017 in the energy sector, has targeted organizations beyond original discoveries, including the pharmaceutical, financial services, and accounting industries. These attacks were initiated through spear-phishing emails, luring recipients to click on links that download the Trojan and provide attackers with network access.

“The actors involved in the DragonFly 2.0 attacks have a reputation for initiating attacks for the purpose of conducting reconnaissance on the inner workings of targeted sectors—with energy and pharmaceutical confirmed as top priorities,” said Christiaan Beek, McAfee Lead Scientist and Principal Engineer. “The intellectual property and insider insights they obtain upon gaining access to targeted sectors is of tremendous economic value.”

Q3 2017 Threat Activity

Security incidents. McAfee Labs counted 263 publicly disclosed security incidents in Q3, a decrease of 15% from Q2. More than 60% of all publicly disclosed security incidents in Q3 took place in the Americas.

Vertical industry targets. The health and public sectors accounted for more than 40% of total incidents in Q3.

  • North America. Health sector attacks continued to lead vertical sectors in Q3 security incidents.
  • Asia. Public sector, followed by technology and individual attacks led in reported Q3 incidents.
  • Europe, Oceana and Africa. Public sector attacks led reported Q3 incidents.

Attack vectors. Account hijacking led disclosed attack vectors, followed by leaks, malware, DDoS, and targeted attacks.

Mobile malware. Total mobile malware continued to grow, reaching 21.1 million samples. New mobile malware increased by 60% from Q2, largely due to a rapid increase in Android screen-locking ransomware.

Malware overall. New malware samples increased in Q3 to 57.5 million, a 10% increase. The total number of malware samples grew 27% in the past four quarters to almost 781 million samples.

Fileless malware. While JavaScript malware growth slowed by 26% in Q3, PowerShell malware more than doubled with 119%.

Ransomware. New ransomware samples rose by 36% in Q3. The total number of new ransomware samples grew 14% in the last quarter to 12.2 million samples.

Mac malware. Mac OS malware samples increased by 7% in Q3.

Macro malware. Total macro malware continued to grow, increasing by 8% in Q3.

Spam campaigns. The Gamut botnet remains the most prevalent spamming botnet during Q3, with the Necurs botnet a close second. Necurs proliferated several Ykcol (Locky) ransomware campaigns throughout the quarter with themes such as “Status Invoice,” “Your Payment,” and “Emailing: [Random Numbers] JPG.”

Importance of Apps in Emerging E-commerce Industry

Ask any venture capitalist across India and eCommerce still pops up as the most lucrative investment category. Growth rate at which eCommerce has emerged in last few years in Indian subcontinent is totally mind boggling, with some even calling it as the biggest pivoting point in the history of Indian retail. Though up until recently, this growth (commerce / transaction per say) was only limited to large screened devices. However at the other end of the horizon, another growth story brewing was of mobile. With pretty much every third Indian owning a smart phone, the numbers are just too mouthwatering for any eCommerce marketer to ignore.

ecommerce appsNumber of cell phone devices out-shadow desktops by huge difference, add to that – one of the cheapest telecom rates in the world and the tremendous initiatives taken by the incumbent Indian government like digitization of India and promotion of plastic money and what we get is the perfect recipe for a typical mobile consumer.

The biggest benefit of having a mobile app strategy in place is that it’s faster and hence provides better shopping experience for the customer. Once installed, there are several things not being download every time user opens up a new product page, thus saving time and data costs.

In comparison with a website, an app gives lesser chance for customer to get distracted. Since the entire frame is owned by you, it is always a tad-bit less likely for the user to open another tab window which is quite usual when a consumer is visiting using a browser.

Better analytics, as a marketer, constantly measuring your performance is of paramount importance. And once a customer installs your app you get way more data about the customer than what you otherwise get for a website visitor. And better data always translates into better sales for the company and better experience for the customer.

Another big hurdle having your own App addresses, is that of customer retention. Keeping the customer coming back again and again is a challenge, and the only few options to make sure your customers repeatedly buy from you is to keep on continuously marketing, be it search, email or social, you are continually spending money. However a customer who has your app installed will always give you the first preference for sheer ease factor. Besides, reaching out to such customers is also very easy. Through push notifications, you instantly grab your customer’s attention and that too for free.

In the end, I would certainly like to draw your attention towards what Myntra did, though my entire article is in favor of how Mobile and App strategy certainly makes sense in the current Indian scenario. However I would definitely like to mention how it’s not sensible to go only that route. As a brand/company one should never try to dictate terms for a customer, in fact, one should rather try to be present at all possible destinations where a customer is present.

Note from Author : Hello, This is Ayush Agrawal, founder of WeTheChic.in (a private label fashion portal), and through this article my intention was to bring forth few bullet points about why eCommerce on mobile (or eCommerce) is a reality that no longer can be ignored.

Asus Zenpower 10050 mAh Power Bank Review : Sturdy, Efficient & Compact

Smartphones have become a necessity in life which are used for various purposes like Music, Camera, Videos, Business, GPS Navigation, Browsing and what not. All these things lead to battery drain even before your day comes to end. You need to charge your phone again but at the same time you have to travel too. What would you do ? This is where Portable Chargers / Power Banks comes into picture.

These days Smartphones Manufacturers have jumped in to Power Bank market too as these have become important accessory. Asus too launched its Power Bank dubbed as ASUS ZenPower 10050 mAh Power Bank back in May.

asus zenpower front

Asus Zenpower is not just light in weight (215 g) when compared with other in the almost same capacity segment but also compact having dimensions 90.5 x 59 x 22 mm which is little big than a credit card size.

Initial Impressions :

I received the Silver Variant for Review and was amazed to unbox it. The Small sized packet never made me think of a Power Bank atleast. Upon unboxing, I was even amazed to see the compactness and light weight of Asus ZenPower. It can be easily carried in one’s hand or trouser’s pocket.

Along with ZenPower, there comes the data cable for charging and the user manual. Zenpower is made up of smooth aluminium exterior with rounded bezels. The power bank is similar to Xiaomi’s one but one thing which Asus takeaway and secure a good position over others is its size keeping its capacity in mind.

Design and Build :

ZenPower gives a premium look and has one slot for charging which I think they could have work upon to provide One more slot. But I cant complain the same due to its compact size.

On the Top is the Power Reset Button along with the 4 small LEDs. Each LED signifies 25% battery. Each time you connect your phone for charging, the no. of LEDs will blink according the left battery capacity. There is one USB slot with the output of 5.1 volt and 2.4 ampere (5.1V/2.4A) for charging the Smartphones and tablets. Along with it, there is a micro USB connector for charging your Asus ZenPower with the Standard Charger.

asus zenpower top

On the Bottom, the battery capacity is written i.e 10050 mAh along with the other Certifications Asus has got a safety measures. The front of the Power Bank features Asus Branding while back of the Power Bank is plain.

asus zenpower bottom

Asus also brings the ZenPower Bumper case, which is an optional accessory. The Bumper case comes in 4 colors : light red, yellow, aqua and black and one can give new look to his Zenpower as a makeover daily. The Bumper case acts as a protective sheath covering for the power bank. It is smooth, soft to touch, scratch and impact resistant. It makes sure that your Zenpower do not get any marks over it over the long period of use.

Not just that, it is highly recommendable for girls as they put all of their things in the bags and power bank could actually bring harm to those. The Bumper case will make sure thats its tough Aluminium do not break thinks inside their bags.

Features and Performance :

Zenpower brags 11 Safety Features (especially JIETA Protection) and 6 international Certification which makes it safe for use.

1. Temperature Protection
2. Short circuit Protection
3. Reset Protection
4. Input over Voltage Protection
5. Output over Voltage Protection
6. Input reverse direction protection
7. Over charge/over discharge protection
8. Output Over Current Protection
9. Cell PTC (Positive temperature coefficient) Protection
10. Adapter protection
11. JEITA Protection (Adjusting charging current according to surrounding temperature to improve battery life by 1.8 times)

asus zenpower

ZenPower has the sensor which detects automatically whenever you connect or disconnect the phone thereby getting itself on/off. Similarly, whenever your phone gets charged completely, it cuts the connection with the phone thereby stopping the charging which saves the life of Phone’s battery.

ZenPower takes approximately 24 hours to get fully charged which is obvious too for such a large capacity but on the other hand with its quick charge feature, charges the phone quickly too.

Zenpower charges the Zenphone 5 three times, Zenphone 2 two times, Gionee S7 three times, Mi4i two times with some battery left for the third go.

Zenpower is a sturdy and compact device which is worth to buy provided you dont feel the need of charging two devices at once. ZenPower is in direct competition with Huawei Honor Power Bank 13000 mAh battery, Mi 10,400 mAh bank,  OnePlus 10,000 mAh power bank.

Pros :

  • Compact Size and Sturdy
  • Premium Design and Durable
  • Charges phone faster
  • Light weight

Cons :

  • One more USB port could have been added.

Price and Availability :

The ZenPower is available in Silver, Pink, Blue and Gold colour for Rs. 1499, and the black colour variant is priced Rs. 1599. The Black colour is a special edition that incorporates concentric circle plate on the inlet face, making it look even more premium from other colours. The Bumper cases are available for Rs 299 each.

Teewe 2 Review : Chromecast Media Streamer Alternative

Manufactured and Launched by Bangalore based Mango Man, Teewe 2 is the 2nd version of its predecessor which is small in size with the better Wi-Fi chipset.

Gone are the days when you needed to have Bluray or other DVD players to watch your favourite videos on the large screen TV. Teewe 2 is the Chromecast alternative priced at 2399 INR which can actually transform your TV into a smart TV and help you watch your content from your smartphone to directly on your large screen TV.

Teewe 2

The concept of wireless streaming your video directly from your Smartphone to your TV removes all the hassles of HDMI Cable, Network storage etc and what not. The dongle can be connected with Laptops & other computers using a dedicated software which helps in streaming the content over WiFi.

Teewe 2 is powered by a a dual-core ARM Cortex A9 Processor along with a quad-core GPU and 1 GB of DDR 3 RAM. It will work with any TV with an HDMI Port and needs a Wi-Fi 802.11 b/g/n connection to stream online content.

Design :

Teewe 2 has HDMI connector on one side while the micro usb connector on the other. Teewe 2 is compact making it look better and comes with better Wi-Fi chipset enabling it to play content even on poor networks.

Teewe 2 Dongle

Teewe 2 Dongle Side view

There is also a reset point on the Teewe 2. It is completely made with Plastic having enough holes in it for the sole purpose of heat dissipation.

Getting Connected

Along with the device comes a 5V power adapter, an HDMI extender cable and a micro USB cable. To use the device, you need to connect it to an HDMI port of the TV and power the device using the micro USB port. You can either use the bundled power adapter or an empty USB port of your television.

Teewe 2 Unboxed

Installation process is pretty easy. Set up a primary Wifi network, Plug the Teewe 2 with your HDMI Capable TV, Install the App on your Mobile and simply follow the instructions.

Teewe App works on Android, iOS and windows platform. You can install the app on Desktop and there is an extension for chrome browser too.

From Desktop, you can either stream your videos to your TV or you can simply cast your Laptop screen to the TV so that you can experience your work on a bigger screen although the picture quality was not that great.

You can also install Teewe Chrome Extension which can help you mirror your browser on your TV but mirroring is not poosible via Mobile App. Not just that, with the Teewe App, you can access anything from your devices as long as all are copnnected to same Wifi Network along with Teewe 2 Device.

Streaming HD videos on your TV has never been easy but with Teeewe 2. If the video is available online which is to be streamed, Teewe will directly stream it from your Router accessing the internet while for offline Videos, it will fetch the content from your device without using Internet Bandwidth.

Having said that, you must have a good Broadband connection which must be capable of Streaming HD videos if videos to be streamed are available online while for the Offline videos, you may find sluggist performance if your router is not good enough, say, Slow or Old Router.

Teewe 2 Streaming Device

Priced at 2399, Teewe 2 is definitely a good device competing against Chromecast. Teewe 2 is durable and pretty simple and neat looking device. The Teewe 2 also comes along with a 20GB free internet data package (for three months each, a total of 60GB) if you are using an Airtel broadband connection.

You can use the internet for all your needs and not just for Teewe.

LIVA X MINI PC By Elite Group Unveiled in India

Taiwan based company Elitegroup Computer System launched their product LIVA X Mini PC which is a fan-less design and low power consumption small-size computer in India at very affordable price. Liva X Mini weighs less than a KG and replaces the conventional PC.

liva x mini

Liva X Mini is a fanless device which means it uses heatsink for the dissipation of heat making it noise as well as dust free. With dimensions of 135x83x40mm, it is a Portable Device and consumes as low as 15 Watt power.

Liva X Mini is packed with Intel Bay-Trail M SOC 22nm processor (64-bit dual core 2.25 GHz processor), USB 3.0 port, Wi-Fi & Bluetooth wireless connection technology, and storage capacity can be upgraded via mSATA SSD.

Liva X Mini has two variants currently in India i.e with OS or without OS. The one with 32GB eMMC storage and 2GB DDR3L comes for MRP of INR 14,900 with the latest Windows 8.1 and BING OS (optional) while the same variant without OS comes for MRP of INR 11,900.

One can upgrade to Windows 10 as well once it is available by the Microsoft. It supports dual display feature which means at one time, Two users can operate and do their work simultaneously. Liva X mini range can be bought from Flipkart as well as Amazon.

Download UC Browser for your Desktop / Laptop

Yes, Now you can use your favorite UC Browser on your computer which till date was available for Mobile Devices only. UC Browser became the no. 1 Mobile Browser in the past and still continues to be on its position. Seems like they dont want to limit themselves with Mobile Platform and therefore, have straightforward jumped for the Desktop versions.

ucbrowser for desktop

Features of UC Browser for PC / Desktops :

  • Fast Downloads

Enjoy high speed downloads with a resume option when interrupted and a smart file manager.

  • Smooth Browsing

Load photos and links beforehand so you can open them instantly later on for non-stop browsing.

  • Cloud Sync

Seamlessly switch between UC Browser across your devices by syncing your open tabs and bookmarks.

  • Fun & Easy to Use

Customizable speed dials, themes and add-ons, plus unique and user-friendly features make your browsing easier and fun!

Download UC Browser for PC

You can go to http://pc.ucweb.com and choose between General Version and Indian version.