Beware that Adobe Flash update on your Android device: It could be malware

Researchers at cloud security company ZScaler have discovered a variant of the banking malware Marcher that makes it even more dangerous: It’s lurking on the internet disguised as a Flash update.

Users who open a suspect link will be told they need to update Flash and given the option to download an infected APK file. Opening the APK will prompt the user to disable security and allow installation of third-party apps, at which point the APK installs itself and prepares to steal credentials associated with finance app accounts.

ZScaler’s team goes on to state that less than 20 percent of antivirus software was able to detect this new form of Marcher. Its code is highly obfuscated, and that makes it even more dangerous—those who have it may have their credentials harvested without ever realizing it.

How Marcher steals credentials

This fake Flash version of Marcher operates exactly like older variants. It registers the device with a command and control (C&C) server and waits for an unsuspecting user to open a finance app. It’s then that Marcher springs into action.

SEE: Automated Mobile Application Security Assessment with Mobile Security Framework (TechRepublic Academy)

When a user opens one of over 40 affected apps (Chase, Paypal, Citibank, and even Walmart are among them) Marcher intercepts the login page request and opens a fake one hosted on the internet. If the user logs in, their credentials are as good as stolen—Marcher sends them off to its C&C server immediately.

How to protect yourself

Ideally you won’t ever get infected with this hard-to-spot malware. It has to be installed manually, so the best possible prevention is not falling for its attempts to make you do so.

Third-party Android apps, both legitimate and illegitimate, have to be allowed to install by changing a security setting. By making sure this setting is turned off you’re preventing not just Marcher, but other dangerous apps, from getting installed.

  • Open the Settings app.
  • Go to Security.
  • Find the Unknown Sources item and make sure it’s toggled off.

If you suspect a device does have a Marcher infection don’t give it up for dead—it’s still possible to boot into safe mode to remove malware.

Marcher is a threat for both personal and business devices. If you are responsible for managing Android devices make sure you control app installation to prevent things like Marcher from happening.

SEE: Video: Mobile malware is up 400% from last year, and Android is the most infected (TechRepublic)

Android malware might be everywhere but it can be easy to prevent much of it by disabling app installation outside of the Play Store. Malware from the store is still a problem, so be sure you have a reliable antivirus app installed on Android devices too.

The three big takeaways for TechRepublic readers:

  1. A new version of the Marcher Android malware is masquerading as an Adobe Flash update.
  2. Once installed, Marcher redirects app users to false sign-in pages that it uses to steal credentials from finance-related apps.
  3. Android owners and administrators should be sure third-party app installation is turned off to prevent Marcher and malware like it from being accidentally installed.

How to set up ssh key authentication

linuxsecurityhero.jpg

If you’re a Linux administrator, you most certainly are using secure shell to gain access to your remote servers. Why? Secure shell is far more trustworthy than many other means of logging into your remote servers. When you attempt to log into a remote server, you will be asked for a username and password. As you transmit that information it is encrypted, so there’s no need to worry. However, what if you could add yet another layer of security? This is not only possible, it’s actually quite simple.

I want to walk you through the process of setting up ssh key authentication for secure shell and disable password authentication. With this configured, only those with the proper ssh key will be able to log into your servers. I’ll be demonstrating on the Ubuntu Server 16.04 platform, but this works on any Linux platform that uses secure shell. I will assume you already have secure shell installed on both a server and at least one client. Last but not least, I will be using the following IP addresses for my example:

  • Client – 192.168.1.198
  • Server – 192.168.1.162

It is also important that the user that will generate the ssh key also have accounts on both machines as well as be a member of the sudoers group on both machines.

Generating the ssh key

The first thing we must do is generate the ssh key on the server. Log into your server and issue the following command (as the user that will log in from the client):

ssh-keygen -t rsa

During the creation of the key, you have the option of creating an associated password or not. The benefit of not configuring a password is that you won’t be prompted for it when you go to log into the server. Unless you absolutely have to have password-less authentication for your ssh key, I wouldn’t recommend this.

Copying the key to the client

Once that command completes, you need to copy the key from the server to the client. The command to do this is:

 ssh-copy-id -i $HOME/.ssh/id_rsa.pub USER@192.168.1.198


Where USER is the username that will be logging into the server.

Testing the connection

When that finishes, it’s time to test the connection. Go back to the client and issue the command:

ssh -v USER@192.168.1.162


Where USER is the username.

If you configured your ssh key without a password, you will immediately be logged into the server. If you setup your ssh key with a password, you’ll be prompted for it. Type the ssh key password and you’ll be logged in.

Disabling password authentication

If you successfully managed to log in, let’s now configure secure shell such that it doesn’t allow password authentication. To do this, open up the file /etc/ssh/sshd_config in your favorite editor and add the following line to the bottom of the file:

PasswordAuthentication no


Save and close that file.

Finally, restart ssh with the command:

sudo service ssh restart


Now, if you attempt to log into your server, you will not be able to do so without the added ssh key. Now that you’re certain everything works, you can use the ssh-copy-id command (from the server) to each client machine that will need to be able to log into the server.

Enjoy the security

That’s all there is to it! You can now only log into your server from machines that include your ssh key. Enjoy the added layer of security, brought to you by secure shell and secure shell authentication keys.

Box integrates with Microsoft Teams, creating hub for billions of Office files in the cloud

boxcloud.jpg


With the plethora of applications for the workplace, and the shift of so many enterprises to bringing work to the cloud, finding a central solution to manage workflow and data storage is key to a successful digital transformation strategy. To help businesses pull together these various strands, Box, a cloud and content management service, has announced a new offering: An integration with Microsoft Teams, the chat-based workspace in Microsoft Office 365.

Announced on Wednesday, on a Box blog post by Jon Fan, sr. director of product management at Box, the goal of the integration is to offer “a connected, unified experience where these best-of-breed apps and services simply work together.” The company’s integration with Microsoft Teams contributes to this goal, adding another integration to its current library of thousands—all of which allow businesses to “share, edit, manage, analyze and collaborate with all types of data.”

SEE: Cloud Data Storage Policy (Tech Pro Research)

According to Fan’s post, Box users have uploaded billions of Microsoft Office files in its cloud service, which include everything from Word documents to Excel sheets to PowerPoint presentations. The new integration with Microsoft Teams will allow business users—especially those working on a group project—to collaborate in one central place, with a single point of entry.

“By bringing content from Box into Teams, organizations can share their files more easily and collaborate on projects in real-time, all while keeping their content securely managed in Box,” wrote Fan. “With Box as the central cloud content management platform, admins can protect files wherever they go with robust security controls and reporting, customer-managed encryption, rights management, and mobile security. And end users can work closely with anyone inside or outside the organization and keep sensitive files secure with granular user permissions.”

The new integration will allow access to Office files on desktop, mobile, and online, giving business users a range of options to access and work on important files and documents.

SEE: Download: The inside story of how Aaron Levie and his childhood friends built Box into a $2 billion business (TechRepublic)

The 3 big takeaways for TechRepublic readers

  • Box, a cloud and content management service, has just announced a new offering: An integration with Microsoft Teams, the chat-based workspace in Microsoft Office 365.
  • With the new integration, Box users can collaborate easily on billions of Microsoft Office files, including everything from Word documents to Excel sheets to PowerPoint presentations.
  • Box has taken security measures as well, including controls and reporting for business administrators, customer-managed encryption, rights management, and mobile security.

Cybercrime industry growing rapidly, cybersecurity can’t keep up

In an interview with TechRepublic’s Dan Patterson, IBM’s executive security advisor Etay Maor discussed the rapidly growing cybercrime industry. Maor emphasized how vulnerable businesses are to cybercrime and how new technology puts companies at even greater risk.

SEE: 4 questions businesses should be asking about cybersecurity attacks (Tech Pro Research)

Maor explained that cybercrime is it’s own business. Specifically, “a $455B a year business. It’s huge. And it’s not going anywhere, it’s just growing,” Maor said.

Cybercrime does not discriminate when it comes to big or small businesses, Maor added. When medium or small businesses get hacked, that information can often be used as a proxy for a larger attack on bigger businesses. Maor noted how we always hear of high profile attacks, but the majority of attacks are e-crimes committed by smaller groups.

While the dark web does have some good qualities, Maor said the dark web is a breeding ground for cybercrime because of the anonymity provided to its users. The attack strategies in the cyber world are terrifying, with many e-commerce websites posing as safe, normal websites, but are instead minefields for cyberattack in the dark web, Maor said.

“It’s a constant game of cat and mouse between the defenders and the attackers,” Maor noted. With technology constantly changing, security has a tough time keeping up. Maor explained that the security industry moves significantly slower than the cybercrime industry because there are no regulations for cybercrime.

Maor said it’s imperative for people to change how they approach security. Companies are not doing basic things to protect themselves from cybercrime, they need to have backups in place and always be prepared, Maor furthered.

The mindset around cybersecurity and cybercrime must shift. Businesses need to run under a “when will I get hacked” instead of an “if I get hacked” mentality, making security more of a priority than expediency to release a product.

The 3 big takeaways for TechRepublic readers

  1. Cybercrime is not going anywhere, in fact, it is a growing business.
  2. The security industry moves slower than the cybercrime industry, leaving small and medium businesses even more vulnerable to attacks.
  3. A mental shift surrounding cybercrime must occur if businesses want to be protected. Companies need to view cybercrime as a perpetual imminent threat and address security accordingly

Former US security advisor: Cyberattacks damage society as much as physical infrastructure

In an interview at this week’s Global Cybersecurity Summit in Kiev, Ukraine, former deputy national security advisor and deputy secretary of state Tony Blinken told TechRepublic’s Dan Patterson that the threat posed by cyberattacks to human infrastructure, meaning what we think and believe, is as important as the threat to physical infrastructure

The best defense against the threat to human infrastructure, Blinken said, is a population of educated consumers with strong critical thinking abilities.

During the interview, Blinken recommended the following solutions to present cyberthreats:

  • Demanding a collective response from groups like academic institutions, corporations, NGOs
  • Better defense, in the form of public-private partnerships to strengthen defenses against cyberattacks
  • Creation of international cybersecurity norms and standards so there’s “at least a floor on how people behave and act.”
  • Measures to impose costs on entities who carry out cyberattacks

The conversation also touched on ways organizations can plan future cyberdefense strategies. Blinken said that right now, organizations are not great at “thinking around the corner,” or considering how technology created today might be used as a weapon in the future. The same energy that goes into innovation needs to go into anticipating potential consequences and how to guard against them, said Blinken.

When asked what’s really keeping him up at night, Blinken pointed to tensions between those who feel the best way to respond to societal and technological challenges is to protect themselves and “build a wall,” and those who feel the best way to respond is to remain an open society and mitigate any threats that arise. But he also mentioned the power of using technology creatively to start talking and listening to each other again, and said he’s ultimately hopeful about the future.

Facebook’s secret weapon for fighting terrorists: Human experts and AI working together

Facebook had declared that it is actively fighting terrorism online, and it is using artificial intelligence (AI) to do so. In a Thursday blog post, the company detailed its strategy for removing terrorist content from Facebook, and how it’s working to protect users from such material.

The post said that radicalization typically occurs offline, but there’s no denying that the internet is a major communication channel for terrorist groups around the world. The Islamic State (ISIS) is thought to have hundreds of social media accounts, even doing recruiting drives on social media.

It’s a massive problem, and Facebook wants to help solve it.

SEE: How one ransomware campaign was actually a front for a terrorist kill list

“We remove terrorists and posts that support terrorism whenever we become aware of them,” the blog post said. “When we receive reports of potential terrorism posts, we review those reports urgently and with scrutiny. And in the rare cases when we uncover evidence of imminent harm, we promptly inform authorities.”

With billions of users speaking some 80 languages, the post noted, the challenge is enormous. But Facebook said it believes that AI can act as a solution.

One of the ways that the technology can help is by matching images and videos to known terrorist content. The hope is that the company would be able to prevent other accounts from uploading a photo or video that was previously removed from the site for its ties to terrorist activity, the post said.

Facebook’s systems are also looking out for language. Text that praises extremist groups, or seems to be promoting the work of terrorist groups, can be recognized and flagged for removal. The site also uses signals to determine if a particular page is a central location for a terrorist cluster so they can remove it, the post said.

According to the post, Facebook is also working harder to eliminate fake accounts used to circumvent the site’s policies. The company is also attempting to tackle terrorist activity on WhatsApp and Instagram as well, the post said.

AI isn’t the only solution—people are also a big part of Facebook’s anti-terrorism strategy. In addition to reports and reviews from its Community Operations team, Facebook is also employing some 150 counter-terrorism experts as well, including academic experts, former prosecutors, former law enforcement agents, analysts, and engineers, the post said. And if a threat is imminent, a separate Facebook team communicates with law enforcement.

Additionally, specialized training, partner programs, industry collaboration, and government partnerships all play a role in Facebook’s work against terrorists online.

The 3 big takeaways for TechRepublic readers

  1. Facebook is fighting terrorists online, using a combination or AI and human experts to flag content for removal and protect users.
  2. Image matching, language understanding, eliminating fake accounts, and taking down terrorist cluster pages are all a part of Facebook’s plan.
  3. Facebook also employs 150 counter-terrorism experts, along with its Community Operations team, to add human expertise to its strategy.

How to minimize your luggage and pick the right bags for your next business trip

I have a shameful secret: I’m a former overpacker. For the last 20 years, whenever I traveled for business, I took two suitcases and a laptop bag. Yes, that’s right—two suitcases. One was always a 29″ checked suitcase, and the other was a 22″ piece of luggage that I usually checked, since I also had a laptop bag.

It was embarrassing when I’d spot colleagues eyeing my pile of luggage at the airport baggage claim. It was more embarrassing when my bags wouldn’t fit into the back of the airport shuttle with everyone else’s luggage. And then there was the time on vacation in Barcelona that my shuttle driver stashed my laptop bag on top of everyone else’s luggage and, when he opened the rear door to unload, my bag crashed to the ground, breaking the lovely bottle of Spanish wine I’d tucked in next to my iPad. That didn’t end well.

I knew I had to travel lighter, but I wasn’t sure where to start. I had to find the right bags to help me maximize my packing while minimizing my luggage.

So this year, I’ve finally learned the trick of traveling light—or at least, lighter. I’ll never be that woman who backpacks through Europe with only one change of clothing and the desire to handwash my unmentionables in a hotel sink. But I can go on a four-day business trip with one carry-on suitcase and a laptop tote or a backpack that serves double duty as a handbag. I realized that no one at a conference cares if I wear the same black dress on Wednesday that I wore on Monday. And it’s really okay to limit myself to two pairs of shoes for the entire trip—one for business meetings, one for the hotel gym.

SEE: Cruising connected: How to stay online when traveling the world (TechRepublic)

What’s helped the most has been finding exactly the right bags and accessories. I compiled a TechRepublic gallery of the best bags I could find that serve multiple purposes. You can use them for business, or you can use them for vacation. And don’t forget accessories. My new lifesavers are packing cubes, particularly Eagle Creek’s compression packing cubes that tightly pack multiple items in a small space. I know it’s counterproductive to packing light to figure out a way to bring more, but it works, and it allows me to manage with one small carry-on suitcase.

There’s a range of suitcase styles you can opt for, but the ones with four 360-degree wheels are my favorite. No more pulling suitcases—I simply push them. And the new smart suitcases, such as those from Bluesmart, Raden, and Away, are genius. I reviewed these suitcases last year, and I liked how Bluesmart and Raden provided apps to help you weigh and locate your bag at the airport, and I liked the simplicity of Away and its hard-shell case and USB charging port.

The style of a bag also matters. The bag you carry on your shoulder or back will be the one most people notice first, so finding exactly the right backpack or laptop bag is essential. For guys, I particularly like the looks of the WaterField backpack with its rugged design, or the Rule #5 line of backpacks, or the Victorinox Swiss Army touring bags, which are perfect for the less-formal tech world. But sleek leather designs for men and women also make an impact. Knomo makes a few backpacks and totes that offer RFID-blocking pockets and room for laptops and gadgets of all sizes.

And for those times that you simply have to take more, such as for a trade show, consider a rolling duffel. They come in sizes ranging from 21″ to 32″, and the soft sides allow you to stuff far more than should be allowed into one bag.

SEE: Photos: The best suitcases, carry-ons, and backpacks for business travel (TechRepublic)

Questions to consider before choosing a suitcase

  • How often do you travel?
  • Is your travel primarily domestic or international?
  • How long are most of your trips?
  • Does the suitcase meet all airline requirements for size, whether checked or carry-on?
  • What is the minimum number of clothing changes you can manage?
  • Can you lift the suitcase when fully packed?
  • Do you prefer a hard-shell case or a soft-sided bag?
  • How will you lock the bag to secure it?
  • Are smart suitcase features such as a USB port or an app important?

Questions to consider before choosing a laptop bag or a backpack

  • What devices do you typically take on a trip?
  • Will your laptop fit in the bag?
  • If the bag is bigger than required for your laptop, is there an inner sleeve option?
  • Can the bag serve double duty as a handbag, if needed?
  • Are there exterior pockets to stash small gadgets and charging cords?
  • Is the bag within airline requirements for carry-on size?
  • Will the bag fit under an airplane seat, or will it need to go in the overhead bin?

SEE: Video: The top 5 travel tech essentials (TechRepublic)

Less is more when traveling

Whichever bag you choose, don’t take more than you need. No one has ever bragged about learning to pack more for every trip. People do, however, brag about packing less; until I found the right bags for my travels, I never realized I’d be that person.

It’s freeing to no longer have to wait in long lines to check my luggage, and have delays at baggage claim. I have to admit to feeling a certain smugness at the LaGuardia airport last month when I saw a long line for people checking their bags, and I was able to walk right through security. Last year, I would have been in that line.

Can AI really create 800,000+ jobs by 2021? This report says yes

New research from IDC, released by Salesforce, claims that artificial intelligence (AI) will create 823,734 jobs by the year 2021, surpassing the number of jobs lost to AI technologies such as machine learning and automation. Additionally, the report predicted that AI will increase global business revenues by $1.1 trillion in the same time frame.

The two statistics mentioned above will both come about as a result of “efficiencies driven by AI in CRM,” the report found. And, if one includes indirect obs, the number of jobs added by AI jumps to 2 million. “This is a net-positive figure in that it includes an estimate of jobs lost to automation from AI,” according to the report.

The big takeaway from this research is the idea that AI will create more jobs than it displaces. This stands in stark contrast to other research, such as that from MIT economist Erik Brynjolfsson, that suggests AI and automation will replace more jobs that it will create.

SEE: The Complete Machine Learning Bundle (TechRepublic Academy)

Other, more dire, claims state that there’s a 50% chance that AI will outperform humans in every job in just 45 years. It’s no wonder that the fear of losing one’s job to AI is the no. 1 cause of stress at work, according to a recent Udemy report.

The report was commissioned by Salesforce to specifically look at the impact AI will have on the CRM space. It is important to note, however, that Salesforce also recently launched a new effort in AI-powered CRM analytics called Einstein Analytics as well.

The year 2018 is set to be a major turning point for AI adoption, the report found. As 28% of respondents said their organizations has adopted AI already, an additional 41% said they will adopt the technology within two years.

In a separate forecast, IDC noted that by 2018, 75% of development happening in the enterprise and among independent software vendors (ISVs) will include features or functionalities built on machine learning or AI technologies. This seems to parallel what was found in the Salesforce-commissioned report.

Of the respondents who identified as AI adopters, 46% said that more than half of their CRM activities happen in the public cloud. As such, the report predicts that cloud vendors will lay a key role in delivering AI solutions in the future.

The 3 big takeaways for TechRepublic readers

  1. According to a Salesforce-commissioned IDC report, AI will create more than 800,000 jobs by 2021, and will have a $1.1 trillion impact on the global economy.
  2. The idea that AI will create more jobs than it replaces stands in stark contrast to other research from MIT and others that point to an opposing trend, with automation replacing workers.
  3. Public cloud vendors will be critical in delivering the AI solutions of the future, the report found.

How to quickly give users sudo privileges in Linux

How many times have you created a new user on a Linux machine, only to find out that new user doesn’t have sudo privileges. Without the ability to use sudo, that user is limited in what they can do. This, of course, is by design; you certainly don’t want every user on your system having admin privileges. However, for those users you do want to enjoy admin rights, they must be able to use the sudo command.

There are a couple of ways to tackle this task; one of which is not recommended (unless you need granular control over user admin privileges). I will demonstrate both methods and will be working on the Ubuntu Server 16.04 platform, but these methods will work on any Linux distribution that makes use of sudo.

Method 1

Say you want to give a user access to only one administration-level command. This method is what you want to use to give granular control over admin privileges Effectively, what you do is edit the /etc/sudoers file and add the user. However, you want to use a special tool for this: visudo. When using visudo, it will lock the sudoers file against multiple, simultaneous edits (this is important). To use this tool, you need to issue the command sudo -s and then enter your sudo password. Now enter the command visudo and the tool will open the /etc/sudoers file for editing).

To add a specific user for all administrative privileges, scroll down to the bottom of the file and add the following, where USERNAME is the actual username you want to add.:

USERNAME ALL=(ALL) ALL

Save and close the file and have the user log out and log back in. They should now have a full range of sudo privileges.

But what if you only want to give that user rights to a single command? You can do that. How? Issue the command visudo (after issuing sudo -s) to open the sudoers file for editing. There are two bits of information you must add to this file:

  • Command alias(es)
  • User entry

Both of these entries are necessary. Let’s give user willow access to the apt-get command. To this, issue the commands sudo -s followed by visudo. Locate the Cmnd alias specification section and add the following:

Cmnd_Alias APT_GET = /usr/bin/apt-get

Scroll down to the bottom of the file and add the following line:

willow ALL=(ALL) NOPASSWD: APT_GET

Save and close that file. Have the user willow log out and log back in, at which point they will be able to now use the sudo apt-get command successfully.

Method 2

If you have a user you want to give all admin privileges to, the best method is to simply add that user to the admin group. You will notice this line, in the /etc/sudoers file:

%admin ALL=(ALL) ALL

This means all members of the admin group have full sudo privileges. To add your user to the admin group, you would issue the command (as a user who already has full sudo privileges):

sudo usermod -a -G sudo USERNAME

Where USERNAME is the name of the user to be added. Once the user logs out and logs back in, they will now enjoy full sudo privileges.

Use with caution

Obviously, you do not want to add every user to the sudoers file or to the admin group. Use this with caution, otherwise you run the risk of jeopardizing system security. But with care, you can manage what your users can and cannot do with ease.

Microsoft Office: Full version comes to the Windows Store

laptopwide.jpg

Microsoft is making the full version of Office available in the Windows Store to owners of its new Surface Laptop.

Office in the Windows Store will be available from today to those running Windows 10 S on Microsoft Surface devices, according to a Microsoft support article.

The Office launch coincides with the worldwide availability of the Surface Laptop, Microsoft’s $999, mid- to high-end laptop aimed at students.

SEE: Microsoft Surface Laptop: The smart person’s guide

The release brings the full version of Office to the laptop, which runs Windows 10 S, a locked-down version of Windows that only allows users to install apps from the Windows Store.

Office in the Windows Store will be made available to other Windows 10 users once it comes out of its current ‘preview’ release.

According to the support article, Office in the Windows Store will include Word, Excel, PowerPoint, Outlook, Access and Publisher. When the preview period is over, other Office editions will also work on Windows 10 S, including Office Home & Student 2016 and Office Home & Business 2016.

ZDNet’s Mary Jo Foley points out that the version of Office available through the store is not identical to the full desktop Office suite. Differences include Office in the Windows Store being 32-bit only, being unable to use COM add-ins on Windows 10 S, and the OneNote app being the Universal Windows Platform version, rather than OneNote 2016 version.

Following the availability of Office in the Windows Store, Microsoft is repositioning existing Windows Store Office apps as being ‘Office Mobile apps’, for phones and tablets with screen sizes smaller than 10.1-inches.

Office 365 Personal, Office 365 Home, Office 365 for Education Plus and Office 365 Education E5 subscribers will have access to Office in the Windows Store on Surface devices running Windows 10 S. Office in the Windows Store is not currently available to those on Office 365 business plans.

Microsoft’s Surface laptop is garnering praise for its specs and decent battery. In her review, Foley described it as “a nice addition to Microsoft’s line-up for productivity workers who want a well-crafted device that’s a cut above many of the Windows laptops on the market”.