Facebook AV Marketplace International Offers Sophos’ Free AV for Mac

Kuala Lumpur, Malaysia, April 12, 2013 – Sophos today announced that the free Sophos Anti-Virus for Mac Home Edition is now available on Facebook’s Antivirus Marketplace in English, French, German, Japanese and Spanish languages. The international Antivirus Marketplace connects individuals with free versions of IT security software from the world’s leading vendors.

Sophos Anti-Virus for Mac addresses the growing concern about Mac malware, protecting home Mac users from all threats in all versions, including the current version of the Mountain Lion operating system, OS X 10.8.3, as well as OS X 10.4-10.7. It is available for free download from both the Sophos website as well as from the Facebook AV Marketplace.

“The Facebook AV Marketplace is a destination for our more than one billion users to ensure they’re safe from the latest security threats,” said Joe Sullivan, chief security officer, Facebook."To help our users keep their hardware better protected, we’re pleased to offer Sophos software for those using Mac devices."

“We continue to see significant global demand for our free antivirus tool. As Apple products grow in popularity, they're increasingly attractive targets to hackers,” said Sunil Choudrie, product manager, Sophos. “By making this tool available on the Facebook AV Marketplace, we’re providing Facebook’s many Mac users with secure peace of mind—all of which is updated automatically.”

Sophos offers complete security solutions available in a variety of deployment options, all with simple setup and management. The company also offers several free solutions including the aforementioned Anti-Virus for Mac tool, Sophos Mobile Security and a UTM: Home Edition.

ASUS releases the WL-330NUL — the World’s Smallest Router

Helps customers stay connected wherever they go with Ethernet, Wi-Fi and access point modes plus multi-OS support, all in a pocket-sized USB device

Kuala Lumpur, Malaysia (31 January, 2013) — designed to enable convenient and quick internet access for travelers, the USB-based ASUS WL-330NUL integrates full capabilities in the smallest-sized router produced to date. It was created specifically for customers who travel frequently, especially those who use Ultrabooks, smartphones, and tablets to get online. The WL-330NUL provides quick secure network setup and connection sharing with other users. It works with multiple operating systems, including Windows 8, Mac OS, and iOS.

Most compact all-in-one router
The WL-330NUL has been engineered to offer fully-fledged router functionality in a miniaturized form factor. It operates in multiple modes, including router, Ethernet, Wi-Fi hotspot, and access point. Its flexibility and convenience allow easy internet service sharing across several devices, regardless of whether only wired or wireless connectivity is available. The WL-330NUL measures 6.5cm in length and weighs 17.5g, making it as easy to carry and handle as a USB stick.

Account sharing at no extra cost
With its router capabilities, the WL-330NUL allows sharing a single connection on multiple devices without having to pay for additional accounts or apply for new log-in information. For customers who travel often and require connectivity on notebooks, tablets, smartphones, and even desktops at once, easy sharing adds up to major savings plus provides good quality connections that do not deteriorate when extra devices are added to networks.

Designed as an Ultrabook™ companion 
The WL-330NUL pairs easily with Ultrabooks via USB. As these often lack a wired networking port, the RJ-45 Ethernet port on the WL-330NUL brings customers faster, more stable, and more secure wired connections. All users have to do is pair it with their Ultrabook™ using a USB cable, then connect the WL-330NUL to a wired internet source such as a modem or directly to the wall using an Ethernet cable.

Secure and easy setup
The WL-330NUL supports secure network creation, maintaining confidentiality and ensuring data remains safe even if shared across devices. The product works essentially setup-free, with one-click network management and guest access control. Customers can get online almost instantly while utilizing the friendly web-based interface and bundled software for effortless access and connection sharing.

Multi-OS compatible and several ways to power up
The WL-330NUL is compatible with multiple Windows versions including Windows 8, as well as Mac OS and iOS. It is therefore accessible to a wide range of devices, delivering its benefits to a broader customer base. It has very minimal energy requirements for full-functionality, and can be connected directly to the wall via the bundled power adapter or receive power from any USB connection. Customers can also pair it with mobile power banks for even greater convenience.

Availability and pricing
The WL-330NUL will be available in Malaysia first week of March 2013. The recommended retail price is RM129.

Samsung’s New SMART TV Software Development Kit supports various O/S

Samsung’s Smart TV SDK (Samsung Development Kit) 4.0 will expand the development of the Smart TV ecosystem

LAS VEGAS, USA – January 3, 2013– Samsung Electronics Co., Ltd. announced that it will be releasing the Smart TV SDK (Software Development Kit) 4.0 at the 2013 International Consumer Electronics Show (CES) from January 8-11, 2013. The Smart TV SDK will allow Smart TV software development on Linux and Mac, in addition to Windows O/S.

Up till now, Samsung's Smart TV software development only supported Windows O/S. The new SDK 4.0 allows for the development of Smart TV software on Linux and Mac environments. This is expected to lead to active development of Smart TV software in some areas where non-Windows O/S are widely used.
 Samsung is the first in the TV industry to provide a local cloud development environment. This environment enables the development of content based on connection between web services by utilising an open API (Application Programming Interface).

Moreover, Smart TV SDK 4.0 provides a local cloud development environment that allows developers who use the Mac O/S to team up with other developers who use Windows O/S. As a result, many developers can engage in a team effort, resulting in greater software development efficiency and reduced costs.
By expanding and supporting HTML5 in the Smart TV SDK 4.0, a standard programming language, Samsung has laid the foundation for many software developers to easily take part in development of Smart TV applications.

With HTML5, Samsung has been able to build an integrated environment that supports the development of convergence applications. This enables Samsung's Smart TVs to interact and communicate with external devices.

And to promote the active development of Smart TV software through Samsung's Smart Interaction function, the company strengthened the voice and gesture recognition functions on its Smart TVs.

“Samsung have been making continued efforts to build an ecosystem where software developers all across the globe can more easily develop Smart TV software using their creative ideas. The creative ideas of developers and innovative features of Samsung Smart TVs will come together to offer optimal Smart TV experiences to customers.” said Hyogun Lee, senior vice president, Visual Display Business at Samsung Electronics.

Please visit our booth to experience this future technology firsthand. Samsung's product line will be displayed January 8-11 at booth #12004 in the Central Hall of the Las Vegas Convention Center.

Full details, video content and product images are available at the Samsung microsite at: www.samsungces.com or mobile site at: m.samsungces.com as well.

The Samsung press conference and Samsung Tomorrow TV CES 2013 Specials will be streamed live on the Samsung Tomorrow blog at: global.samsungtomorrow.com and Samsung's microsite site also.
After the live presentations, videos will be available at http://youtube.com/SamsungTomorrow

Trend Micro Pioneers Social Networking Protection for Consumers; Delivers Comprehensive Online Security for Your PC, Tablet and Smartphone

Trend Micro™ Titanium™ 2013 Cloud Edition makes protection easy for Windows, Mac and Android devices against growing cyber threats

Malaysia, November 21, 2012 - Trend Micro Incorporated (TYO: 4704;TSE:4704), a global leader in cloud security and the fight against cybercrime, today launched Trend Micro™ Titanium™ 2013 family of security software that promises “Protection Made Easy” to consumers with state-of-the-art protection from cyber threats for your device, your important files and data, your privacy and your family. Whether it is a PC, tablet or mobile running Windows, Mac or Android, the Titanium product portfolio protects consumers in Malaysia as the risk of cybercrime increases manifold.

“Consumers are spending most of their time checking email, surfing the Web and using social networks to stay connected with family and friends. Privacy is also a major concern as cybercriminals are scoping out the privacy of our online identities in new and more interesting ways. It is imperative for consumers in Malaysia to stay vigilant and protected with the right tools that can work easily and seamlessly across devices and platforms for complete protection,” said Terrence Tang, Regional Director, Digital Marketing & Consumer Business, Trend Micro.

Social Networking Security
Titanium’s new Facebook Privacy Scanner for Windows provides an extra layer of protection for personal information that is the only one of its kind in the industry. With a single click, users can easily monitor their Facebook page settings, identify which settings may lead to privacy concerns and control access to personal and private information.

By identifying potentially malicious links, all products within the Titanium family protect users while on social networking sites such as Facebook, Twitter, Google+, LinkedIn and Pinterest by alerting the consumer. It also allows them to share this information with friends so users can help keep friends safe online too.

(L-R) Cedric Lim, Consumer Sales Manager, Trend Micro, Terrence Tang, Regional Director, Digital Marketing & Consumer Business, Trend Micro, Andrew Tan, Product Marketing Manager (Consumer), Southeast Asia, Trend Micro, Lisa Chong, Marketing Manager Consumer Business, Trend Micro.


Protection Across Multiple Devices
Titanium Maximum Security customers receive one or three licenses that can be used on multiple devices including PCs, laptops, tablets and mobile phones.

“Trend Micro is constantly looking at new and innovative ways to take complex jobs and make them easy for consumers. The latest range of Titanium security software provides complete protection for consumers in all aspects of their digital lives,” said Andrew Tan, Product Marketing Manager (Consumer), Southeast Asia, Trend Micro.

Trend Micro Titanium™ 2013 Cloud Edition also offers:

 Trend Micro’s flagship mobile product, Trend Micro Mobile Security Personal Edition, blocks access to the latest threats. Trend Micro’s new Privacy and Threat Scanner warns users of apps that access and upload private data. These features use the Trend Micro Mobile App Reputation System, a cloud-based system that monitors 650,000+ apps for mobile malware, apps that upload private data, and battery-hogging apps. It also includes Lost-Device Protection that allow users to find, lock and erase a missing device.

 Trend Micro™ DirectPass™, a password manager that manages website passwords and login IDs in one secure location, so you only need to remember one password.

 Trend Micro™ SafeSync™, a secure online storage vault that will keep up to 5GB of important documents, pictures and videos backed up in the cloud.

 Access to the Trend Micro Vault which keeps important documents secure and allow users to remotely lock it if the computer is lost or stolen

Keeping Families and Kids Safe Online
Trend Micro offers enhanced Parental Control as a new feature for Trend Micro Titanium 2013, giving parents the ability to manage specific programs that their children can access at certain times. With Titanium Maximum Security, consumers can also utilize Trend Micro™ Online Guardian, a parental control software, that provides Internet monitoring for social networking and online content.

Windows 8 Optimization
In line with the launch of the Microsoft® Windows® 8, Trend Micro Titanium products are Windows 8 compatible. Whether users are using the new Windows 8 operating system, or an older version of Windows, users will enjoy the same vigilant protection and easy-to-use Trend Micro Titanium solutions.

Protection for Mac
Mac platforms are emerging as a target for an increasing number of malware and cybercriminal attacks. Trend Micro protects customers on all platforms, extending its reputation as number one in Mac security. Titanium Internet Security for Mac is included as part of Titanium Maximum Security, providing Mac users comprehensive security, including protection against spam, viruses, malware, parental controls and protection on social networking sites.

Pricing and Availability
Trend Micro’s range of Titanium products is available in the Malaysia market today. Titanium Maximum Security is retailing at RM109 for one (1) device or RM159 for three (3) devices.

New Mac Malware Discovered, Hours Before Release of Mountain Lion

- Trojan hidden inside multi-platform Java attack designed to hit both Windows
and OS X users -

Kuala Lumpur, Malaysia, July 25, 2012 – Just hours before the release of Mountain Lion, the latest version of the OS X operating system*, new malware has been discovered highlighting the need for Apple Mac users to protect their computers with anti-virus software.

Sophos researchers have discovered that the new Morcut Mac OS X malware, also known as "Crisis", has been distributed as part of a multi-platform attack, designed to hit both Windows and Mac users - embedded in an archive file which pretends to be Adobe Flash Player.

The threat, which has not yet been seen in the wild, is complex - and when run on an OS X system drops multiple components, reconfigures system settings and installs a backdoor and rootkit combination that connects to a remote server and waits for instructions from malicious hackers.

When run on Windows systems, a version of the Swizzor malware is installed instead.

"Analysis of this malware is ongoing, but Mac users are protected right now if they are running a good, up-to-date anti-virus," said Graham Cluley, senior technology consultant for Sophos. "The good news is that this threat has not been seen in the wild so far, but we are seeing increasing evidence of cybercriminals exploiting the fact that many Mac users have still not got the message that they need to protect their computers. There is much less malware for Macs than there is for Windows, but that doesn't mean it's non-existent. If Mac users are too laid-back about security and leave their bellies exposed, they're asking for trouble."

SophosLabs experts are continuing to analyse the Morcut malware, and warn that even if the threat does not break into the wild, the techniques it uses could be deployed by other malicious hackers in the future.

Sophos makes available a free anti-virus for Mac home users which protects against the threat. It can be downloaded from http://www.sophos.com/freemacav.

Sophos products detect the various components used in the attack as Troj/JVDrop-A, Mal/Swizzor-D and OSX/Morcut-A.

The Top-10 of 2011: An “Explosive” Year in Security

By Costin Raiu, Director of Kaspersky Lab's Global Research & Analysis Team

PETALING JAYA, January 6, 2012 - If we had to summarize 2011 in a single word, I think it would have to be “explosive.” The multitude of incidents, stories, facts, new trends and intriguing actors is so big that it makes it very hard to come up with a Top-10 of security stories of 2011. What I was aiming for with this list was to remember the stories that also indicated major trends or the emergence of new major actors on the security scene. By looking at these stories, we can get an idea of what will happen in 2012.

1. The Rise of “Hacktivism”

It’s difficult to imagine someone reading this list who has not yet heard of Anonymous, LulzSec, and maybe TeaMp0isoN. Throughout 2011 these groups together with others were actively involved in various operations against law enforcement agencies, banks, governments, security companies and major software vendors. Sometimes working together, in other cases working against each other, these groups emerged as one of the main groups of actors of 2011, through incidents such as security breaches of networks belonging to the United Nations, security intelligence firm Stratfor, FBI contractor IRC Federal, US Defense contractor ManTech, and the CIA. Interestingly, some of these incidents, such as the Stratfor hack, revealed major security problems such as the storing of CVV numbers in unencrypted format, or extremely weak passwords used by administrators.

Overall, the rise of hacktivism was one of the major trends of 2011, and no doubt it will continue in 2012 with similar incidents.
2. The HBGary Federal Hack

Although related to the first item on this list, I’d like to point this one out as a separate story. In January 2011, hackers from the Anonymous hacker collective broke into HBGary Federal’s webserver – hbgaryfederal.com – through an SQL injection attack. They were able to extract several MD5 hashes for passwords belonging to the company CEO, Aaron Barr, and COO, Ted Vera. Unfortunately, both used passwords that were very simple: six lowercase letters and two numbers. These passwords allowed the attackers to get access to the company’s research documents and tens of thousands of mails stored on Google Apps. I believe this story is relevant because it demonstrates an interesting situation – the use of weak passwords together with old software systems plus use of the cloud can turn into a security nightmare. If the CEO and COO had used strong passwords, none of this would likely have happened. Or, if they’d had multi-factor authentication enabled on Google Apps, the attackers wouldn’t have been able to access the superuser account and copy all the company e-mails. It’s important to point out that even if better security measures had been in place, we can’t rule out the possibility that the ever-persistent hackers wouldn’t have found another way in. Persistence and determination, combined with plenty of time, gives the attackers the upper hand.

3. The Advanced Persistent Threat

Although many security experts despise this term, it has made its way into the media and rocketed to super- popularity with incidents such as the RSA security breach or the imposingly entitled incidents such as operations Night Dragon, Lurid and Shady Rat. Interestingly, many of these operations were not too advanced at all. On the other hand, there were many cases in which zero-day exploits were used, such as in the RSA breach. In this case, the attackers took advantage of CVE-2011-0609 – a vulnerability in Adobe Flash Player – to run malicious code on the target machine. Another interesting zero-day was CVE-2011- 2462, a vulnerability in Adobe Reader, which was used in targeted attacks against U.S. Defense contractor ManTech. Several things stand out in these attacks: Many cases involved zero-day vulnerabilities in Adobe software; many of these attacks were directed at U.S. targets, notably companies working with the U.S. military or government; the Lurid attack was interesting because it mainly targeted countries in Eastern Europe such as Russia or CIS countries. These attacks confirm the emergence of powerful nation-state actors and the establishment of cyber-espionage as common practice. Additionally, many of these attacks seemed to be interconnected and have major global ramifications. For instance, the RSA breach was notable because the attackers stole the database of SecurID tokens, which was later used in another high- profile attack.

4. The Comodo and DigiNotar Incidents

On March 15, 2011 one of the affiliates of Comodo, a company known for its security software and SSL digital certificates, was hacked. The attacker quickly used the existing infrastructure to generate nine fake digital certificates for web sites such as mail.google.com, login.yahoo.com, addons.mozilla.com and login.skype.com. During the analysis of the incident Comodo was able to identify the attacker as operating from the IP address 212.95.136.18 - in Tehran, Iran. But in terms of size this was nothing compared to the DigiNotar breach. On June 17, 2011 hackers began poking around the DigiNotar servers, and over the next five days managed to get access to their infrastructure and generate over 300 fraudulent certificates. The hacker left a message in the form of a digital certificate containing a message in the Persian language: “Great hacker, I will crack all encryption, I break your head!” To make the link with Iran more solid, days later the fake certificates were used in a man-in-the-middle attack against over 100,000 Gmail users from Iran. The attacks against Comodo and DigiNotar have highlighted that that there’s already been a loss of trust in the certificate authorities (CA). In the future CA compromises may become more widespread. Besides, it is likely that more digitally signed malware will appear.

5. Duqu

In June 2010, researcher Sergey Ulasen from the Belarusian company VirusBlokada discovered an intriguing piece of malware that appeared to use stolen certificates to sign its drivers and a zero-day exploit that used .lnk files for replication in a typical Autorun fashion. This malware became world famous under the name Stuxnet, a computer worm containing a very special payload aimed directly at Iran’s nuclear program. Stuxnet hijacked Siemens PLCs at Iran’s Natanz plant and reprogrammed them in a very specific way, indicating one single objective: sabotaging the uranium enrichment process at Natanz. Back then, when I saw the code that reprogrammed the PLCs responsible for controlling the 64,000-RPM centrifuges, I thought to myself that it’s impossible to write something like that without having access to the original schematics and source code. But how could attackers have obtained something as sensitive as the custom code that controls the billion dollar facility? One possible answer lies within the Duqu Trojan. Created by the same people that were responsible for Stuxnet, Duqu was discovered in August 2011 by the Hungarian research lab CrySyS. Originally, it wasn’t known how Duqu infected its targets. Later, malicious Microsoft Word documents exploiting the vulnerability known as CVE-2011-3402 were discovered as a means of Duqu’s penetration. The purpose of Duqu is quite different to Stuxnet. This Trojan is actually a sophisticated attack toolkit, which can be used to breach a system and then systematically siphon information out of it. New modules can be uploaded and run on the fly, without a file system footprint. The highly modular architecture, together with the small number of victims around the world, made Duqu undetectable for years. The first trace of Duqu-related activity we were able to find actually dates back to August 2007. In all the incidents we have analyzed the attackers used an infrastructure of hacked servers to move the data – sometimes hundreds of megabytes – out of the victims’ PCs .

Duqu and Stuxnet represent the state of the art in cyber warfare and hint that we are entering an era of cold cyber war, where superpowers fight each other unconstrained by the limitations of real-world war.


6. The Sony PlayStation Network Hack

On April 19, 2011, Sony learned that its PlayStation Network (PSN) had been hacked. At first the company was reluctant to explain what had happened and claimed that the service, which was suspended on April 20, would be back up in a few days. It wasn’t until April 26 that the company acknowledged that personal information had been stolen, which potentially included credit card numbers. Three days later, reports appeared that seemed to indicate that 2.2 million credit card numbers were being offered for sale on hacker forums. By May 1, the PSN was still unavailable, which left many users not only having had their credit cards stolen but also frustrated at not being able to play the games they’d already paid for. Then in October 2011, the PSN was again making the headlines with 93,000 compromised accounts that had to be locked down by Sony to prevent further misuse. The Sony PSN hack was a major story in 2011 because it indicates, among other things, that in the cloud era, Personally Identifiable Information is conveniently available in one place, accessed over fast Internet links, ready to be stolen in case of any misconfigurations or security issues. In 2011, 77 million usernames and 2.2 million credit cards came to be considered normal “booty” in the cloud era.

7. Fighting Cybercrime and Botnet Takedowns

While the attackers in the PSN incident are still unidentified, 2011 was a definitively bad year for the many cybercriminals who got caught and arrested by law enforcement authorities around the world. The ZeuS gang arrests, the DNSChanger gang takedown, and the Rustock, Coreflood and Kelihos/Hilux botnet takedowns were just a few examples. These indicate an emerging trend: Bringing down a cyber-criminal gang goes a long way towards hampering criminal activity around the world, sending a message to the remaining gangs that this is no longer a risk-free undertaking. One particular case I’d like to mention is the Kelihos takedown, which was performed by Kaspersky Lab in cooperation with Microsoft’s Digital Crimes Unit. Here, Kaspersky Lab initiated a sinkhole operation for the botnet, counting many tens of thousands of infected users per day. And here’s where the big debate starts: Knowing the bot update process, Kaspersky Lab or a law enforcement agency could effectively push a program to all the infected users, notifying them thereof in the process, or even cleaning their machines automatically. In a poll ran on the Securelist website, a whopping 83% voted that Kaspersky Lab should “push a cleanup tool that removes the infections,” despite this being illegal in most countries. For obvious reasons, we haven’t done so, but it outlines the vast limitations of today’s legal system when it comes to fighting cybercrime in an effective manner.

8. The Rise of Android Malware

In August 2010, we identified the first Trojan for the Android platform – Trojan- SMS.AndroidOS.FakePlayer.a, which masqueraded as a media player app. In less than a year, Android malware quickly exploded and became the most popular mobile malware category. This trend became obvious in Q3 2011, in which we discovered over 40% of all the mobile malware we saw in 2011. Finally, we hit critical mass in November 2011 when we uncovered over 1000 malicious samples for Android, which is almost as many as all the mobile malware we have discovered in the past six years! The huge popularity of Android malware can be attributed to several things - most notably the wild growth of Android itself. Secondly, the documentation freely available regarding the Android platform makes the creation of malware for Android quite easy. Finally, there are many who blame Google Market for its weak screening process, which makes it straightforward for cybercriminals to upload malicious programs. While there are only two known malicious programs for iPhone, we are now approaching 2000 Android Trojans already in our collection.

9. The CarrierIQ Incident

CarrierIQ is a small privately-owned company, founded in 2005, and operating out of Mountain View, California. According to their website, CarrierIQ software is deployed on over 140 million devices around the world. Although the declared purpose of CarrierIQ is to collect “diagnostic” information from mobile terminals, security researcher Trevor Eckhart demonstrated how the extent of the information CarrierIQ collects goes beyond the declared simple “diagnostic” purpose, including things such as keylogging and monitoring URLs opened on a mobile device. CarrierIQ is built within a typical Command and Control architecture where system administrators can establish the kind of information that is collected from phones and which information is sent “home.” While it is obvious that CarrierIQ does collect a lot of information from your mobile phone, it doesn’t necessarily mean it is evil, or so we are advised to think by its creators, or companies such as HTC, which support its usage. Being a U.S.-based company, CarrierIQ could be forced to disclose much of the collected information to US law enforcement, if presented with a warrant. This legal loophole could effectively turn it into a government spy and monitoring tool. Whether this may indeed be the case or not, many users have decided that it’s best to get rid of CarrierIQ from their phones. Unfortunately, it isn’t a simple process and is different for iPhones, Android phones and BlackBerrys. In the case of Android, you may have to root your phone in order to get rid of it. Alternatively, many users have decided to flash custom Android firmware instead, such as Cyanogenmod.

The CarrierIQ incident shows that we are totally unaware of what exactly is running on our mobile devices, or the level of control which the mobile operator has over your hardware.

10. MacOS Malware

While I realize that I’m putting myself into the line of fire by even just mentioning Mac OS X malware, I think it’s an important story from 2011 which shouldn’t be overlooked. Products called MacDefender, MacSecurity, MacProtector or MacGuard, which are rogue AV products for Mac OS, appeared in May 2011 and quickly became popular. Distributed through black-hat SEO techniques in Google searches, these programs rely on social engineering to get the user to download, install, and then pay for the “full” version. Most who decide to pay $40 for the supposedly full version later discover that they actually paid $140, and sometimes they paid several times over. The crossing over of PC threats (rogue AV programs being one of the most popular malware categories for PCs) to Macs is an important trend of 2011. In addition to Mac OS rogue AVs, the DNSChanger family of Trojans deserves special mention as well. First identified around 2007, these small Trojans conduct a very simple and straightforward system compromise by changing the DNS settings to point to the criminals’ private DNS servers, before uninstalling themselves. Hence, you may get infected with a DNSChanger, have your DNS settings changed, and think you’re fine because there’s no malware actually on your computer; however, in reality what the criminals do is abuse the DNS communication to make you visit fake websites and perform click fraud and man-in-the-middle attacks. Luckily, in November 2011, the FBI arrested the six Estonian nationals who made up the gang behind the DNSChanger malware. According to FBI data, in the past four years they infected over four million computers in more than 100 countries and generated approximately $14 million in illegal profit. These incidents show that malware for Mac OS is as real as malware for PCs, and that even modern security practices fail against carefully elaborated social engineering techniques. It is without doubt that we will see both platforms continue to be abused in the future.

To summarize, these ten stories are just a tiny speck in the galaxy of 2011 security incidents. The reason I selected them is because they point to the major actors of 2011 who will no doubt continue to play a major role in the cyber- security blockbuster which is around the corner. These are the hacktivist groups, the security companies, the advanced persistent threat in the form of superpowers fighting each other through cyber-espionage, the major software and gaming developers such as Adobe, Microsoft, Oracle and Sony, law enforcement agencies, traditional cybercriminals, Google - via the Android operating system, and Apple - thanks to its Mac OS X platform. The relations among these can be complicated, full of drama, contain many super-secret details, and be as mysterious and darkly dreaming as Showtime’s Dexter. One thing is for sure – these same stars will be playing in all the major 2012 security blockbuster movies.

Cisco Unveils New Ways to Collaborate in the Post-PC Era

Cisco Jabber & Next Generation WebEx to Transform Collaboration & Meet Ups via New Cloud Services

KUALA LUMPUR, Malaysia, November 23, 2011 – At the Cisco® Collaboration Summit 2011 event last week, Cisco unveiled new solutions to help people collaborate more effectively in the "post-PC" era. This era moves past the limitations of "PC centric" communication and instead evokes a "people centric" approach where people can collaborate anywhere, anytime and on any device or application. The advancements Cisco is introducing today --from Cisco WebEx® to Cisco Jabber™ -- can change how people meet utilizing expanded cloud-based services, and can give workers an easy way to collaborate directly from Web applications they use every day, driving new levels of business productivity and competitiveness.

With the announcement, Cisco is unveiling the next generation of Cisco WebEx. From HD video advancements and enhanced mobile capabilities that enable all new ways to prepare, meet and follow-up after a meeting, Cisco WebEx is helping to change the meeting experience. Additionally, Cisco is extending cloud conferencing to more people with a new free basic edition of WebEx® designed for three people or less.
Cisco is also transforming the workspace by dramatically changing how people collaborate from Web applications they use every day, like SAP Streamwork, Cisco Quad™ or Google Apps. Today, whether mobile or at their desks, people find themselves having to open and utilize a variety of collaboration applications just to communicate on their own terms– whether that's via instant message (IM), voice, or video. Cisco is making collaboration much easier by advancing Cisco Jabber with a freely downloadable Web browser plug-in that will help extend collaboration to tens of millions of people that use web browsers on Windows- or Mac-based OS devices.

With these innovations and recent announcements around virtualization and unified communications, Cisco is continuing to transform the workspace. Additionally, with WebEx and the recently announced Cisco TelePresence® solutions for small and medium sized businesses, Cisco is advancing its cloud-based offerings through the Cisco Collaboration cloud.

Announcement Highlights

Cisco WebEx
Enabling greater cross company collaboration: Cisco's advanced WebEx Meetings spaces help users manage the complete meeting lifecycle. Individuals can:
• Easily access and collaborate on files and presentations in the cloud from their PC or mobile device in real time at any time.
• See whether their colleagues are available through presence and initiate synchronous conversations via IM to prepare, collaborate and follow up.
• Schedule meetings and share agendas, notes, action items, recordings and any other relevant documents at anytime.
• In addition, IT administrators can set policy controls providing users with a single identity across all Cisco WebEx SaaS offerings to meet corporate security guidelines.

Enhancing the mobile meeting experience: WebEx enables users to engage in two-way high-quality video meetings on mobile devices with new support for the Cisco Cius™ tablet and Apple iPhone on top of the currently supported Apple iPad. Voice over IP is now also available on the iPhone and iPad.

Integrating offerings to propel collaboration: With Cisco's "one-button-to-push" technology, WebEx users can now easily connect into Cisco TelePresence meetings from the Cisco Cius and Apple mobile devices. Integrated experiences will also be provided with Cisco Jabber, Cisco Quad and technology for optimizing medianets. The solution supports a set of common application programming interfaces (APIs) that can easily integrate third party applications such as CRM offerings.

Extending collaboration to more users via the Cisco Collaboration Cloud: With Cisco WebEx Basic Edition, Cisco will offer a free version of WebEx that supports up to three meeting participants and provides users with VoIP audio, standard video, IM, presence, desktop sharing and a 250 MB of storage. The Basic Edition is targeted for availability in the first quarter of 2012.

Availability: The beta version of Cisco WebEx is scheduled to be available in December 2011 in English and is primarily targeted for the Americas and Europe. General availability is planned starting in the first quarter of 2012 and will be available in multiple languages including English, French, German, Spanish (Castilian and Latin American), and Brazilian Portuguese.

Parallels Desktop 7 for Mac Makes Windows Programs Roar with Mac OS X Lion Features

MALAYSIA, October 12, 2011 – Parallels® today announced the availability of Parallels Desktop®7 for Mac (www.parallels.com/desktop/seven), the fastest, most intuitive and immersive version yet of the No. 1 selling software for running Windows and Mac applications side-by-side on a Mac without rebooting. Over three million current Parallels Desktop users can upgrade to Parallels Desktop 7 starting today. More than 90 new and enhanced features in Parallels Desktop 7 include Mac OS® X Lion integration, performance boosts and a powerful new Parallels Mobile app and My Parallels services platform for iPad, iPhone and iPod touch devices. Parallels Desktop 7 is packed with features most desired by users, extending its lead as the best solution for businesses and consumers worldwide.

“As Macs have become more popular than ever, a growing number of Mac users, including enterprises, find they need to run critical Windows programs on their Macs. Parallels Desktop 7 for Mac lets you run popular apps like Windows Internet Explorer, Access, OneNote, Quicken and more, even the most demanding graphical programs, without rebooting and without compromise on speed and usability. Run Windows applications like they were made for your Mac,” said Parallels CEO Birger Steen. “The people have spoken and Parallels listened to make the best even better. Whether you’re a business, individual or student, Parallels Desktop 7 gives you the best Windows on Mac performance plus mobility from any iPad, iPhone or iPod touch.”

According to results from more than 4,000 benchmark tests conducted by independent publisher MacTech, Parallels Desktop 6 for Mac outperformed its closest competitor in 92 percent of 3D graphics tests and 84 percent of general performance tests.[1]Parallels Desktop 7 performance is even faster. It outpaces its competitor by 120 percent when copying files within Windows, and 40 percent when starting and resuming Windows, according to testing conducted by Parallels. It is also 60 percent faster than Parallels Desktop 6 for resuming Windows and up to 45 percent faster for 3D graphics in some applications.

Parallels Desktop 7 delivers the most immersive and integrated Windows on Mac experience ever so customers can enjoy the full benefits of the Mac hardware they love. Highlights include:

· Enjoy Lion functionality including Full Screen, Launch Pad and Mission Control, for your Windows programs

· Run multiple copies of OS X Lion or Windows and their applications on your Mac

· Use your iPad, iPhone or iPod touch to watch and listen to Flash videos in Windows on your Mac; access and run your OS X, Windows, Chrome, Ubuntu and other operating systems, their applications and files on your Mac anytime from anywhere

· Windows on Demand - purchase and automatically install Windows on your Mac right from Parallels Desktop 7in the U.S.–Parallels does all the work for you!

For people who want to switch from PC to Mac, Parallels also announced the availability of Parallels Desktop 7 Switch to Mac Edition™, which includes Parallels Desktop 7 plus Parallels High Speed USB transfer cable, as well as almost two hours of video tutorials that make it easy to learn how to use your new Mac.

Parallels Desktop 7 for Mac Enterprise Edition (www.parallels.com/desktop/enterprise) empowers businesses and IT departments to support Windows based business applications for Mac users with a configurable, policy-compliant solution that easily fits into existing business processes and helps reduce the cost of deploying and maintaining client-based software.

Today Parallels also separately announced (www.parallels.com/press) the new Parallels Mobile app with My Parallels service for iPad, iPhone and iPod touch devices works with Parallels Desktop 7 and is for sale in the App Store. The new Parallels Mobile app lets you remotely access and control both your Mac and Windows applications, and files from anywhere. Its new Windows features include audio support for Flash and the ability to copy and paste text between Windows programs on your Mac and your Apple mobile devices. Details are available at www.parallels.com/mobile.

Parallels Desktop 7 has more than 90 new and improved features including:

Simple Switching, Simple Daily Use

· You asked for it: New look and feel delivers on top customer requests for usability

· Make Windows programs roar: Enjoy Lion functionality including Full Screen, Launch Pad and

Mission Control, for your Windows programs.

· Keep your routine: Run Windows programs like they were made for your Mac, with seamless integration, improved virtual printing, shared folders and more.

· Moving to Mac made easy: Move your programs, files, and user settings – even browser favorites – from your PC to your Mac with a complete set of switching tools. Make your new Mac just as familiar as your old PC.

· Webcams: Enjoy using your Mac’s iSight or FaceTime HD camera in both OS X Lion and Windows programs

· Windows on demand: U.S. customers can purchase and automatically install Windows on your Mac right from Parallels Desktop 7 – Parallels does all the work for you[2]

Speed and Performance

· Fastest ever: Start, stop and resume Windows more quickly than ever. Access and work faster with Windows and Mac files.

· Brilliant graphics: Experience Parallels’ maximum speed and performance for 3D and graphic intensive applications with improved full screen support and up to 1GB of video memory

· Richer audio: Enjoy music, movies, videos and games more than ever before with support for 7.1 surround sound and a new 5.1 sound driver

Mobility and Manageability

· Get more done: Work or play longer with improved battery life performance

· Connect anytime, anywhere: Access Mac or Windows applications and documents from your iPad, iPhone or iPod touch with the new Parallels Mobile app –including new capabilities such as audio support and cut-and-paste within Windows applications running on your Mac.

· Flash video with sound on the go: New audio integration with Flash means you can watch and listen to Flash videos on your iPad and iOS devices by remotely running Windows Internet Explorer and Windows Media Player on your Mac with the new Parallels Mobile app

· Multiple virtual machines: Run multiple copies of OS X Lion or Windows and their applications on your Mac. Easily open virtual machines created by other Parallels products as well import virtual machines created in third-party software.

· Anti-Virus and Internet Security for both Mac and Windows: Enjoy peace of mind with a free 90-day trial of Kaspersky Anti-Virus for Mac and Kaspersky Internet Security for Windows.

Availability and Pricing
Parallels Desktop 7 for Mac is available today as an upgrade for current Parallels Desktop users. It is available to the general public, both a downloadable version and packaged software for delivery, from www.parallels.com. Packaged software will also be available from Machines, Epicentre, Mac Studio and Switch.

The standard retail price (SRP) of Parallels Desktop 7 for Mac is RM349.00 and a student edition is available for RM179.00. Parallels Desktop 7 Switch to Mac Edition is RM549.00. Upgrades are available now for existing Parallels Desktop for Mac customers for RM179.00. Details are available online at www.parallels.com. Volume pricing and site-license opportunities for Parallels Desktop 7 for Mac Enterprise Edition are available by contacting the Parallels Sales Team at http://www.parallels.com/desktop/volume-licensing.

Parallels Desktop 7 for Mac is available in English, German, French, Italian, Spanish, Russian and Japanese. Additional localised versions will soon be available in, simplified and traditional Chinese, Korean, Czech, Polish and Portuguese.

A free trial of Parallels Desktop 7 for Mac is available starting September 6th, along with in-depth information, videos and screenshots of the new features at www.parallels.com/desktop/seven.

Customers who purchased Parallels Desktop 6 for Mac from an authorized reseller on or after August 1, 2011, are eligible to upgrade to Parallels Desktop 7 for Mac at no additional cost. If you purchased from parallels.com or have registered your product activation key you will automatically be emailed instructions on how to upgrade to Parallels Desktop 7 at no additional cost.

The new Parallels Mobile app is available in the App Store on (or shortly after) September 1 with a US$4.99 introductory price; the standard retail price is US$19.99. Current users of the free Parallels Mobile app will receive a free upgrade to the new Parallels Mobile app when it becomes available.

SKYPE 2.8 BETA FOR MAC DELIVERS WI-FI HOTSPOT ACCESS MANAGEMENT & SCREEN SHARING TO MAC USERS

New core Skype features debut on Mac platform first

KUALA LUMPUR, January 7, 2009 – Skype today released Skype™ 2.8 Beta for Mac, the latest version of its internet communications software for Mac users. This new release, which was first demonstrated during ShowStoppers® at the Macworld Conference & Expo® in San Francisco, contains a number of new Skype features, including Skype Access™ and screen sharing. Both of these features will be built into versions of Skype for other operating systems sometime in 2009.

Skype Access is a worldwide, pay-per-minute Wi-Fi hotspot access service provided by Boingo Wireless® and enabled by Skype. Skype Access allows Skype users to connect to any of the more than 100,000 Boingo Wi-Fi hotspots worldwide – including airports, hotels, cafes and metropolitan hot zones – with a single click, and to pay per minute only for what they use with Skype Credit. Skype Access scans for available Wi-Fi hotspots and presents a pop-up dialogue box displaying the price-per-minute to use the Boingo network using Skype Credit. With Skype Access, you only pay for what you use, and there’s no need to fiddle with credit cards or log-in details.

The price to use Skype Access to connect to a Boingo Wi-Fi hotspot is based on a flat, global rate of €0.14/$0.19 per minute (€0.16/$0.22 incl. VAT), which will vary based on currency. There are no connection fees or monthly charges for Skype Access. Boingo’s Terms of Service and Acceptable Use Policy apply and access to all Internet services will be provided on a simple, per minute billing basis. You can keep tabs on how much you’ve spent using Skype Access by signing in to your account on skype.com. When you stop Skype Access, the amount will be deducted from your Skype Credit balance.

“The goal of the major new features in Skype 2.8 Beta for Mac is to makes Skype easier to use everywhere,” said Scott Durchslag, Skype’s Chief Operating Officer. “Skype Access is perfect for those times when you need to make a few Skype calls or send some instant messages or emails while you’re on the go, and screen sharing is a productivity tool that enables collaboration between two parties, regardless of their location.”

The new screen sharing function in Skype 2.8 Beta for Mac enables you to show others something you are working on or to explain how to do something. Similar to a Skype video call, it works by capturing, encrypting and transferring the content of your screen in real-time to the person you are sharing your screen with. Once there, the content is decrypted and shown to the other person on their screen. If you are using Skype 2.8 Beta for Mac, you are also able to share your screen with Skype for Windows and Skype for Linux users, but cannot see theirs (yet).

Skype 2.8 Beta for Mac newly incorporates a number of other nice Skype features:
Improved chat management: you can sort chats in the drawer and set priorities to chats
Quick Add: it’s now much easier to add people to chats
Mood message chat: see mood message updates from your friends as chat messages
Large profile pictures: just like Skype 4.0 Beta 2 for Windows, you can now use images of up to 256 x 256 pixels
Hidden avatars in incoming contact requests: a small minority of Skype users have profile pictures which others may find unpleasant, and so they’re now hidden by default in contact requests
Add notes to contacts: you can add notes to a contact in their profile window – handy for keeping track of who’s who.

Skype 2.8 Beta for Mac is available for download at skype.com/go/macosx-beta.