Archive for September, 2012

Adobe is no stranger to seeing vulnerabilities in its software being targeted in the wild, but it’s not every day that the company comes across malware masquerading as Adobe software using a valid code signing certificate. Adobe recently received not one, but two such malicious utilities, the company revealed Thursday.

Upon being convinced of the authenticity of the digital certificate used to sign the said malware apps, the company decommissioned its existing code signing infrastructure and launched an investigation. According to Brad Arkin, senior director of product security and privacy at Adobe, the investigation led the company to a build server that had been compromised. 

“We have identified a compromised build server that required access to the code signing service as part of the build process,” Atkins wrote in a post on the Adobe Secure Software Engineering Team (ASSET) blog Thursday. “Although the details of the machine’s configuration were not to Adobe corporate standards for a build server, this was not caught during the normal provisioning process. We are investigating why our code signing access provisioning process in this case failed to identify these deficiencies.”

But how did the attackers manage to get in? The company claims to have found the mechanism they used to compromise the build server, which was itself found to be infected with malware: “We can confirm that the private key required for generating valid digital signatures was not extracted from the HSM [Hardware Security Module]. We believe the threat actors established a foothold on a different Adobe machine and then leveraged standard advanced persistent threat (APT) tactics to gain access to the build server and request signatures for the malicious utilities from the code signing service via the standard protocol used for valid Adobe software.”

The company feels that this issue does not pose a general security risk. A more likely scenario, according to the company, is one which involves the use of these digitally signed utilities “during highly targeted attacks for privilege escalation and lateral movement within an environment following an initial machine compromise.”

“Adobe is currently investigating what appears to be the inappropriate use of an Adobe code signing certificate for Windows,” the company said in a FAQ about the issue, which is said to only affect Adobe Muse, Adobe Story AIR applications and  Acrobat.com desktop services. “To maintain trust in genuine Adobe software, we plan to revoke the impacted certificate on October 4, 2012 for all software code signed after July 10, 2012. We are in the process of issuing updates signed using a new digital certificate for all affected products.”

General security risk or not, this is a highly troubling development. What do you think?


Go to Source

WD PlattersStorage stalwart Western Digital announced that it’s expanding its enterprise-class storage line with the release of new WD RE SAS and WD RE SATA hard drives in capacities up to 4TB, matching the largest capacity current available in the market. If that’s too much storage, the new SAS drives will also ship in 1TB, 2TB, and 3TB capacities, and the same with the SATA drives, minus the 1TB model.

“Given the insatiable need for storage capacity across all market segments, WD is offering both SAS and SATA interfaces for the WD 4 TB RE hard drives to best support both private and public clouds,” said Doug Pickford, senior director of business marketing for WD’s enterprise business unit. “WD continues to pioneer the capacity-optimized 3.5-inch market segment, in particular, and the WD RE SAS and SATA 4 TB drives are designed, tested and optimized for enterprise storage and applications, enabling 33 percent greater capacity than previously available drives and up to 2.4 PB of raw capacity in a single enterprise rack.”

WD’s enterprise-class HDDs differ from consumer drives in that they offer a number of IT friendly features, like dual port, full duplex connectivity and several technologies intended to enhance reliability, all of which come at a premium. Pricing breaks down as follows:

  • 4TB SAS: $479
  • 3TB SAS: $369
  • 2TB SAS: $249
  • 1TB SAS: $139
  • 4TB SATA: $459
  • 3TB SATA: $349
  • 2TB SATA: $229

WD RE Drive

The drives are available now through select distributors and resellers, and are backed by a 5-year warranty.

Follow Paul on Google+, Twitter, and Facebook

 


Go to Source

Intel Atom Z2760 ProcessorIn what’s being described as “just the beginning of Intel’s effort in the tablet market,” the world’s largest chip maker unveiled its Atom Z2760 processor (codenamed Clover Trail) for Windows 8 tablets. According to Intel, the spunky Atom chip allows for the thinnest, lightest tablets built on the company’s architecture — as thin as 8.5 mm and 1.5 pounds — and lends itself to long lasting battery life, enough to watch 10 hours of local HD video.

The Atom Z2760 SoC (System on Chip) is built on a 32nm manufacturing process and features an Imagination Technologies PowerVR SGX545 graphics core. It’s a dual-core part with four threads via Hyper Threading and a 1.8GHz clockspeed, or higher using Intel’s Burst technology. The GPU is clocked at 533MHz.

A number of OEM partners are on board with the new chip and will implement it into upcoming Windows 8 tablets. They include Acer, Asus, Dell, Fujitsu, HP, Lenovo, LG Electronics, Samsung, and ZTE, all of which said they plan to offer full featured tablets built around the Atom part.

“This is just the beginning of Intel’s effort in the tablet market, and our goal is to deliver products that fit the spectrum of evolving needs of both consumers and business users without compromising on compatibility, experience or battery life,” said Erik Reid, general manager, Application Processor Platforms for Intel’s Mobile and Communications Group. “When people or corporations buy a device with Intel Inside, they’re getting the best of Windows 8 features with a computing experience that just works.”

What Intel has really done is set the stage for a showdown with ARM-based tablets, which will run Windows RT. Expect them all to make their debut when Windows 8 launches in late October.

Follow Paul on Google+, Twitter, and Facebook

 


Go to Source

Adata DashDrive Elite HE720Technology has a tendency to move fast, and as a result, your reign on top might only last a few days. Just ask Toshiba, which at the beginning of the week unveiled its 500GB Canvio Slim, a portable drive it proudly billed as the world’s thinnest at 9mm thick. By the end of the week, it became the second thinnest, as Adata just introduced its DashDrive Elite HE720 external hard drive, which is 8.9mm thick.

For the time being, Adata’s model is now the world’s thinnest, and it’s a looker too. It has a brushed stainless steel surface that, in addition to being attractive, offers 9H scratch resistance and prevents damage, even after long-term use, Adata says.

There’s a blue LED indicator on the bottom to let you know when it’s transferring data, along with a one-touch backup feature to automatically backup and sync data with a single touch. Other features include USB 3.0 connectivity and a 60-day free trial of Norton Internet Security 2012 (which did well in our most recent antivirus roundup).

Adata DashDrive in Pocket

Adata says it will initially offer the DashDrive Elite HE720 in 500GB capacity for $90, which trumps Toshiba’s Canvio by $25.

Follow Paul on Google+, Twitter, and Facebook

 


Go to Source

Maximum PC had the opportunity to check out Acer’s newly announced Iconia W510 Windows 8-powered tablet today and boy, was the thing FAST.

416×234 with html5 and api support

As you can see from the video above, this ain’t your uncle’s Atom processor. Navigating through Windows 8’s touch interface was lightning quick.

The W510 is expected to go on sale in October when Microsoft formerly launches Windows 8. The price has not been announced, but competing designs peg it in the $650 range. 


Go to Source

 Page 1 of 24  1  2  3  4  5 » ...  Last »