Archive for April 6, 2017

Linksys Ships Max Stream EA8300 Router

Posted in Commentary with tags on April 6, 2017 by itnerd

Linksys is now shipping its new 802.11ac Tri-Band MU-MIMO Router. The Linksys Max Stream EA8300 is an AC2200 Tri-Band MU-MIMO router priced at $249 CAD, giving users MU-MIMO (Multi-User, Multiple-Input, Multiple Output) technology and up to double the performance of a dual-band router for even faster speeds and efficiency for downloading, streaming, gaming and surfing.


Linksys Max-Stream AC2200 Tri-Band MU-MIMO ROUTER (EA8300)

The Linksys Max-Stream AC2200 is outfitted with Next Gen AC Wi-Fi technologies such as Multi-User MIMO (MU-MIMO) and Tri-Band that work in concert to deliver powerful Wi-Fi at the same time and same speed to multiple connected devices including TVs, gaming consoles, wireless printers, laptops plus others at combined speeds up to 2.2 Gbps. The Linksys Max-Stream AC2200 provides easy setup options to get a home office up and running quickly along with the exclusive Linksys app that provides added control of the EA8300 Wi-Fi Router from anywhere at any time using a mobile device. The Max-Stream EA8300 Wi-Fi Router also features a robust set of advanced offerings:

  • Tri-Band AC2200 – Up to 2.2Gbps (867 Mbps 5Ghz + 867 Mbps 5GHz + 400 Mbps 2.4 GHz)
  • MU-MIMO Wave 2 for simultaneous 4K Streaming on multiple devices at the same time
  • Memory: 256MB DDR3 RAM, plus 256MB flash memory
  • Four active high performance antennas with six high power amplifiers to provide the best performance and coverage
  • Five Gigabit Ethernet Ports (4 LAN + 1 WAN)
  • USB 3.0 Port: connecting shared network storage devices as well as a range of other peripherals.
  • Linksys Advanced Beamforming technology: Maximizes Wi-Fi coverage for both 2.4 and 5GHz radios while enhancing the performance and coverage
  • Airtime Fairness enables faster devices to transmit at faster speeds while the slower device will not impede the speed of Wi-Fi network
  • “Smart Connect” band steering: balances your 5GHz Wi-Fi connections and intelligently chooses the best radio band for your devices and the best Wi-Fi performance of your network
  • Seamless Roaming with Max Stream range extenders provide room-to-room Wi-Fi with one network name
  • Linksys App: Remote manage, monitor, and control your Wi-Fi from anywhere, anytime
  • Linksys Auto Firmware update: Linksys automatically pushes the software update to your router overnight and seamlessly bring the latest features and security to your home network
  • Amazon Alexa support: Three new skills including turning guest access on and off, obtaining guest Wi-Fi credentials, as well as getting main network credentials read back to the user.
  • SPI Firewall and DoS Protection provide the best in class network security


The Linksys AC2200 Tri-Band MU-MIMO Router (EA8300) is available immediately on and at stores across Canada for $249.99 CAD ($199.99 US).


McAfee Labs Report Highlights Critical Challenges to Threat Intelligence Sharing

Posted in Commentary with tags on April 6, 2017 by itnerd

McAfee Inc. today released its McAfee Labs Threats Report: April 2017, which details the challenges facing threat intelligence sharing efforts, probes the architecture and inner workings of Mirai botnets, assesses reported attacks across industries, and reveals growth trends in malware, ransomware, mobile malware and other threats in Q4 2016.

The report reviews the background and drivers of threat intelligence sharing; various threat intelligence components, sources, and sharing models; how mature security operations can use shared data; and critical sharing challenges that the industry must overcome. Those challenges include:
  • Volume. A massive signal-to-noise problem continues to plague defenders trying to triage, process, and act on the highest-priority security incidents.
  • Validation. Attackers may file false threat reports to mislead or overwhelm threat intelligence systems, and data from legitimate sources can be tampered with if poorly handled.
  • Quality. If vendors focus just on gathering and sharing more threat data, there is a risk that much of it will be duplicative, wasting valuable time and effort. Sensors must capture richer data to help identify key structural elements of persistent attacks.
  • Speed. Intelligence received too late to prevent an attack is still valuable, but only for the cleanup process. Security sensors and systems must share threat intelligence in near real time to match attack speeds.
  • Correlation. The failure to identify relevant patterns and key data points in threat data makes it impossible to turn data into intelligence and then into knowledge that can inform and direct security operations teams.
To move threat intelligence sharing to the next level of efficiency and effectiveness, McAfee Labs suggests focusing on three areas:
  • Triage and prioritization. Simplify event triage and provide a better environment for security practitioners to investigate high-priority threats.
  • Connecting the dots. Establish relationships between indicators of compromise so that threat hunters can understand their connections to attack campaigns.
  • Better sharing models. Improve ways to share threat intelligence between our own products and with other vendors.
Mirai Botnet Proliferation
Mirai was responsible for the fourth quarter’s highly publicized DDoS attack on Dyn, a major DNS service provider. Mirai is notable because it detects and infects poorly secured IoT devices, transforming them into bots to attack its targets.
The October public release of the Mirai source code led to a proliferation of derivative bots, although most appear to be driven by script kiddies and are relatively limited in their impact. But the source code release has also led to offerings of “DDoS-as-a-service” based on Mirai, making it simple for unsophisticated yet willing attackers to execute DDoS attacks that leverage other poorly secured IoT devices. Mirai botnet-based DDoS attacks are available as a service in the cybercriminal marketplace for $50 to $7,500 per day.
McAfee Labs estimates that 2.5 million Internet of Things (IoT) devices were infected by Mirai by the end of Q4 2016, with about five IoT device IP addresses added to Mirai botnets each minute at that time.
For more on the Mirai botnet, please see our blog and video on the topic.
Q4 2016 Threat Activity
In the fourth quarter of 2016, McAfee Labs’ Global Threat Intelligence network registered notable trends in cyber-threat growth and cyber-attack incidents across industries:
  • Malware growth. The number of new malware samples slowed 17 per cent in Q4, while the overall count grew 24 per cent in 2016 to 638 million samples.
  • Mobile malware. The number of new mobile malware samples declined 17 per cent in Q4, while total mobile malware grew 99 per cent in 2016.
  • Ransomware growth. The number of new ransomware samples dropped 71 per cent in Q4, mostly due to a drop in generic ransomware detections, as well as a decrease in the activity of the Locky and CryptoWall strains. The number of total ransomware samples grew 88 per cent in 2016
  • Mac OS malware. Although still small compared to Windows threats, the number of new Mac OS malware samples grew 245 per cent in Q4 due to adware bundling. Total Mac OS malware grew 744 per cent in 2016.
  • Spam botnets. Spam email messages from the top 10 botnets dropped 24 per cent in Q4 to 181 million emails. They generated 934 million spam messages in 2016 overall.
  • Reported security incidents. McAfee counted 197 publicly-disclosed security incidents in Q4 and 974 publicly-disclosed security incidents in 2016. Security incidents are events that compromise the integrity, confidentiality, or availability of information assets. Some, but not all, of these incidents are breaches. Breaches are incidents that result in the confirmed disclosure (not just potential exposure) of data.
  • Public sector cyber-attacks. The public sector experienced the greatest number of incidents by far, but McAfee believes this may be the result of stricter requirements for reporting incidents, as well as an increase in attacks related to the U.S. election process, mostly voter database incidents and defacing of election websites.
  • Banking and gaming attacks. A Q3 jump in incidents in the software development sector was due to the rise in attacks on gaming platforms. In the finance sector, the SWIFT attacks on the banking sector led to a Q2 jump in incidents.
  • Botnet activity. The KelihosC botnet, a recent purveyor of phony pharmaceuticals and Russianautomotive supplies (such as “winter and summer tires at competitive prices”), increased its overall volume during Q4.
For more information on these trends, or more threat landscape statistics for Q4 2016, visit for the full report.
For guidance on how organizations can better protect their enterprises from the threats detailed in this quarter’s report, visit Enterprise Blog.

Rakuten Kobo Acquires Shelfie Technology

Posted in Commentary with tags on April 6, 2017 by itnerd

Rakuten Kobo Inc. has announced that it has acquired Shelfie, a service that was built to enable customers to get free or discounted eBook versions of books in their print libraries, and get recommendations based on print books they already own. The deal includes technology assets, IP, and the infrastructure on which the ecosystem runs; it also includes hiring Shelfie’s skilled team, which specializes in the application of big data and machine learning for book discovery.

Shelfie ceased operations this January. Kobo worked with Shelfie to offer its customers the opportunity to transfer their eBook libraries to Kobo’s platform, ensuring they would continue to have access to their digital books. Over the coming months, Kobo will work to integrate the Shelfie platform into its Android and iOS apps, enabling readers to add their print libraries to their reading history to generate ever more tailored eBook recommendations, as well as the option to get digital versions of print titles they already own.

Founded in 2013 by Peter Hudson and Marius Muja, as BitLit Media Inc., Shelfie grew to offer more than 450,000 eBooks and audiobooks that booklovers could purchase at a discount or download free of charge. Via any iOS or Android device, users snapped a photo of their bookshelf, and through patented technology, Shelfie scanned the spines of every book to identify titles and give readers a complete inventory of their collection, and served them the available equivalent titles in digital—free of charge or at a promotional price. The service also used the titles on the shelf as data, combined with digital reading data, to generate personalized recommendations.

The WiFi Exploit That Allowed Remote Pwnage Of iDevices Is In Android Phones Too

Posted in Commentary with tags on April 6, 2017 by itnerd

Earlier this week I pointed out that Apple had come out with iOS 10.3.1 a week after coming out with iOS 10.3. It’s sole purpose was to close a hole which allowed the pwnage of an iDevice via WiFi. It turns out that this wasn’t an Apple problem. Actually, it was a problem that stemmed in the WiFi chips made by Broadcom. Why is that an important detail? Well, those chips are used in iDevices, and a ton of Android devices. This came to light via a highly detailed blog post published by Google Project Zero. But what you really care about, at least if you have an Android device, is what Ars Technica had to say on this:

Google is in the process of releasing an update in its April security bulletin. The fix is available only to a select number of device models, and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible.

In short, if you have the right Android devices, you’ll get a fix quickly. For everyone else on that platform, it may take ages for you to get a fix. If you get one at all. Not good.

So, how do you protect yourself? Well, the best you can do is not to connect to free WiFi. Or even going to the extreme of turning off WiFi which in my opinion isn’t realistic unless you have an extremely good data plan. Hopefully this gets mitigated via a patch to the majority of Android users quickly.