We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

   Technology StocksThe *NEW* Frank Coluccio Technology Forum

Previous 10 Next 10 
From: TimF6/30/2020 7:04:32 PM
1 Recommendation   of 46820
Chinese bank forced western companies to install malware-laced tax software

GoldenSpy backdoor trojan found in a Chinese bank's official tax software, which the bank has been forcing western companies to install.

A Chinese bank has forced at least two western companies to install malware-laced tax software on their systems, cyber-security firm Trustwave said in a report published today.

The two companies are a UK-based technology/software vendor and a major financial institution, both of which had recently opened offices in China.

"Discussions with our client revealed that [the malware] was part of their bank's required tax software," Trustwave said today.

"They informed us that upon opening operations in China, their local Chinese bank required that they install a software package called Intelligent Tax produced by the Golden Tax Department of Aisino Corporation, for paying local taxes."
The "GoldenSpy" backdoor

Trustwave, who was providing cyber-security services for the UK software vendor, said it identified the malware after observing suspicious network requests originating its customer's network.

In a report published today, Trustwave said it analyzed the bank's tax software. Turstwave said the software worked as advertised, allowing its customer to pay local taxes, but that it also installed a hidden backdoor.

The security firm says this backdoor, which Trustwave codenamed GoldenSpy and said it ran with SYSTEM-level access, allowed a remote attacker to connect to the infected system and run Windows commands, or upload and install other software.

But many types of software have remote-access features for debugging services. However, Trustwave said it also identified features that are more commonly found in malware and don't have legitimate uses anywhere else. For example:

GoldenSpy installs two identical versions of itself, both as persistent autostart services. If either stops running, it will respawn its counterpart. Furthermore, it utilizes an exeprotector module that monitors for the deletion of either iteration of itself. If deleted, it will download and execute a new version. Effectively, this triple-layer protection makes it exceedingly difficult to remove this file from an infected system.

The Intelligent Tax software's uninstall feature will not uninstall GoldenSpy. It leaves GoldenSpy running as an open backdoor into the environment, even after the tax software is fully removed.

GoldenSpy is not downloaded and installed until a full two hours after the tax software installation process is completed. When it finally downloads and installs, it does so silently, with no notification on the system. This long delay is highly unusual and a method to hide from the victim's notice.

GoldenSpy does not contact the tax software's network infrastructure (i-xinnuo[.]com), rather it reaches out to ningzhidata[.]com, a domain known to host other variations of GoldenSpy malware. After the first three attempts to contact its command and control server, it randomizes beacon times. This is a known method to avoid network security technologies designed to identify beaconing malware.

GoldenSpy operates with SYSTEM level privileges, making it highly dangerous and capable of executing any software on the system. This includes additional malware or Windows administrative tools to conduct reconnaissance, create new users, escalate privileges, etc.

State hackers or malicious insider?

But despite spotting the hidden backdoor inside the Aisino Intelligent Tax Software, Trustwave wasn't able to determine how it got there.

Trustwave said it wasn't able to determine if the backdoor was developed by China's government hackers, secretly added by one of the bank's rogue employees, or created by someone at Aisino Corporation.

It was also unclear if Chinese intelligence might have forced the bank or the Aisino Corporation into adding the malware to their official software so they could spy on a foreign company, or if this was an incident where hackers were purely interested into their own financial gain.

But while some questions remain unanswered, in the meantime, Trustwave is sounding the alarm for any other company doing business in China that has installed the same software.

"We believe that every corporation operating in China or using the Aisino Intelligent Tax Software should consider this incident a potential threat and should engage in threat hunting, containment, and remediation countermeasures, as outlined in our technical report," Trustwave said.

Trustwave didn't name the bank. ZDNet has sent the Aisino Corporation a request for comment about Trustwave's findings and we'll update if the software vendor decides to reply.

Share RecommendKeepReplyMark as Last Read

From: Peter Ecclesine8/15/2020 12:00:52 AM
   of 46820
Draft FCC U-NII device testing KDB August 14, 2020 [- Low Power Indoor devices in 4Q2020]

Publication: 987594

Keyword/Subject: U-NII6 GHz, U-NII5, U-NII6,U-NII7,U-NII8, U-NII5-8,5.925-7.125 GHz band,15E

First Category:Unlicensed Service Rules and Procedures

Second Category: U-NII devices-15.401

987594 D01 General Requirements. Form 731 and supporting information requirements for all types of devices.

987594 D02 EMC Measurement. Test report, exhibits and RF Measurement Procedures for demonstrating: EIRP, Bandwidth, Channel Mask, Out of Band Emissions, Contention Based Protocol (Listen Before Talk), Automatic Power Control(APC ) as applicable to 6 GHz devices.

987594 D03 Q&A General Questions and Answers.

987594 D04 AFC demonstration requirements.This attachment is not currently available. Updated guidance will be published in a phase 2.

Share RecommendKeepReplyMark as Last ReadRead Replies (2)

To: Peter Ecclesine who wrote (46802)9/29/2020 1:14:22 PM
From: elmatador
2 Recommendations   of 46820
Microsoft raises the stakes in telecom fight against AWS and Google

IAIN MORRIS, International Editor 9/29/2020

Good bye telcos ! Hello Big Tech!

A graphic in Microsoft's latest blog about its 5G ambitions neatly encapsulates the Windows inventor's telecom sprawl.

Its long fingers now reach into nearly every corner of the market, beckoning communications service providers (CSPs) to enter its embrace.

Cloud solutions? Goes without saying. Network functions? Check, after this year's takeovers of Affirmed Networks and Metaswitch. Need an edge platform? Microsoft can bring that by simply extending the Azure cloud into new locations.

It even has an interconnect offer to advertise.

"They seem to think they've got it all covered," says James Crawshaw, a principal analyst with Omdia.

Azure for operators – ticking most of the boxes

Source: Microsoft

Microsoft is not the only Internet giant on the telecom prowl. Both Amazon (through AWS) and Google have been stalking the CSP neighborhood, luring operators into cloudy partnerships.

Some telcos have joined hands with a hyperscaler to serve enterprise customers. Others have been convinced to run their back-office and IT services from a public cloud.

But neither Amazon nor Google has gone as far as Microsoft.

"This is the boldest, most coherent pitch to telecom by a public cloud player to date, by a distance," says Gabriel Brown, a principal analyst with Heavy Reading.

"AWS and Google are in the mix but haven't communicated anything like this level of ambition."

Going after the network
What really distinguishes Microsoft from its two rivals is the former's keen interest in network functions, says Brown.

"They are really targeting the carrier network itself."

An operator could, in theory, run a packet core developed by Affirmed Networks entirely through the Azure public cloud.

It would be kissing off a critical part of its network, entrusting its security to Azure. But Microsoft could be a better home for it in straitened times, especially with the demands of 5G.

No one has done it, though, and many would be horrified even to consider awarding custody of network functions to Microsoft.

For that reason, Microsoft is desperate to look placatory.

"Recognizing that not everything will move to the public cloud, we will meet operators where they are – whether at the enterprise edge, the network edge, or in the cloud," it says in what Brown describes as a "cleverly worded" blog.

For the software giant, the immediate opportunity probably lies in enterprise and the Internet of Things.

"Where it makes sense is in private networks," says Crawshaw.

A telco might have little interest in expanding its data center to accommodate smaller firms with their own private networks, he explains.

"That business might only last a year, so you host the packet core for those customers in Azure."

The risk in this enterprise sector is that Microsoft becomes a telco rival instead of a telco partner.

Armed with Affirmed, Metaswitch and any other network suppliers it acquires, Microsoft might see little need for telco involvement, especially if a customer has its own spectrum.

The CSP could be left with the role of dumb pipe, providing basic connectivity – a fate many are determined to avoid.

But it may be too late to start worrying about Microsoft as an enterprise competitor.

"That horse has already bolted," says Brown. "Microsoft is an enterprise company – it is not coming onto turf it did not already own – and cloud connectivity has already taken over from WANs [wide area networks]."

Crawshaw also thinks the concern is somewhat overblown.

"Telcos are good channel partners and have field technicians who can get antennas pointing in the right direction," he says.

"Microsoft won't look to completely disintermediate telcos. They will just look to suck up the high-value bits and leave telcos to do the grunt work."

Only the brave
Once operators have seen Azure-hosted functions at play in the private network sector, some brave or destitute telco will eventually decide a main core network that lives in the private cloud is simply too much trouble.

At that point, it outsources management, depreciates its server equipment and fires 90% of its data center staff, says Crawshaw.

If the move translates into beefier margins, others could flock to the public cloud like Walmart shoppers on Black Friday.

But who would take the plunge?

"At the moment, and probably for the foreseeable future, most operators of reasonable size are not going to want to put core network functions on a third-party public cloud," says Brown.

"In some cases, there is visceral opposition to doing that."

The likeliest candidate, in his view, is a mobile virtual network operator, or a telco entering a new geographical region.

Want to know more about 5G? Check out our dedicated 5G content channel here on Light Reading.

Until then, one area of the CSP market remains a Microsoft-free zone, according to the software giant's graphic.

Active post-takeover in packet core, and with its own lineup of voice and other applications, Microsoft still has no role in the radio access network (RAN).

But Rakuten, the Internet firm building a fourth mobile network in Japan, owns a majority stake in Altiostar, which develops RAN software. And it has now bundled Altiostar into its own telco cloud platform and made this available to other firms.

Could Microsoft buy a rival such as Mavenir or Parallel Wireless and do likewise?

It is feasible but unlikely, says Brown.

"I can't see them wanting to get into the classic mobile RAN infrastructure market. There is too much hard work and headcount and too many processes they are not familiar with."

Crawshaw agrees the hardware hassle would be off-putting.

"Obviously they don't want to get into the antennas and all that gubbins, but the software part could make sense."

In its blog, Microsoft does call out the radio access network as an example of a function it could support – not necessarily through an acquisition but conceivably in partnership with a specialist such as Samsung.

A takeover, though, would make its graphic look complete.

Related posts:

Share RecommendKeepReplyMark as Last Read

To: Peter Ecclesine who wrote (46802)1/31/2021 2:26:07 AM
From: elmatador
2 Recommendations   of 46820
Wi-Fi proponent Jessica Rosenworcel to lead FCC as Acting Chairwoman

January 24, 2021 | Breaking News | by Claus Hetting, Wi-Fi NOW CEO & Chairman

By Claus Hetting, Wi-Fi NOW CEO & Chairman

On Thursday of last week the new US administration picked 8-year commissioner veteran Jessica Rosenworcel to succeed Ajit Pai at the helm of the FCC. For now Ms Rosenworcel will lead the FCC as Acting Chairwoman. Jessica Rosenworcel has been a passionate Wi-Fi proponent for her entire FCC career.

We suspected it would happen – and frankly some of us have been silently cheering it on – then on Thursday it finally did: Long-time Wi-Fi proponent and 8-year FCC veteran Jessica Rosenworcel has been selected by the new US administration to succeed Ajit Pai at the helm of the world’s most powerful telecom regulatory body, the Federal Communications Commission.

Enjoying this story?Leave your email here and we'll get you all the latest Wi-Fi news.

Ms Rosenworcel has been designated ‘Acting Chairwoman’ for now but it is not unreasonable to expect that she may eventually be confirmed for the permanent FCC chairmanship of the Biden administration. There are no specific rules as to how US administrations choose their FCC chairpersons and previous chairman Ajit Pai was also selected from among presiding FCC commissioners by the Trump administration at the time .

Above: Jessica Rosenworcel – today Acting Chairwoman of the FCC – being interviewed by Wi-Fi NOW CEO Claus Hetting at Wi-Fi NOW USA 2016 in Washington, D.C.For now the Wi-Fi industry will be more than delighted that one huge Wi-Fi proponent – in the form of Ajit Pai – has been replaced by another to head the FCC. Ms Rosenworcel has consistently been an outspoken and fervent supporter of more spectrum and more Wi-Fi-friendly regulation including spearheading the effort to release the 5.9 GHz band and strongly supporting Ajit Pai’s drive to release the full 6 GHz band to unlicensed use.

Ms Rosenworcel is a strong advocate of connecting all Americans with broadband services and has been particularly vocal on the need to finally close the ‘homework gap’ giving all children across the US access to the Internet connectivity they need for schooling and education. She’s also a big supporter of upgrading the US federal government’s widely successful E-rate program (in existence since 1996) intended to make broadband services more affordable for schools and libraries across the nation.

Ms Rosenworcel has been a frequent speaker at Wi-Fi NOW events starting at our inaugural US event in Washington DC in 2016 and most recently at the virtual Wi-Fi World Congress this past October ( see the interview here).

Share RecommendKeepReplyMark as Last ReadRead Replies (1)

To: elmatador who wrote (46804)1/31/2021 9:02:10 PM
From: Peter Ecclesine
1 Recommendation   of 46820
We met with FCC OET and WTB to discuss next steps in using FCC ULS data to
protect 6 GHz incumbents

and answer questions on the TR-1008

I am in a group that is putting the 6 GHz band in harness, much like the 5 GHz band was put
in harness in the early 2000s.

1200 MHz has a lot of uses we cannot foresee.

Wi-Fi Now is useful to say the obvious, the toothpaste is coming out of the tube.

802.11ax was approve January 26 and will be published soon, after IEEE Std 802.11-2020 is published in mid-February.

Share RecommendKeepReplyMark as Last ReadRead Replies (1)

To: Peter Ecclesine who wrote (46805)1/31/2021 9:06:25 PM
From: engineer
   of 46820
interesting Peter that the 802.11ax is finally approved, but has been in chipsets for more than 3 years. I did not realize that it was not a fully "approved" standard until now.

Thanks for that.

Share RecommendKeepReplyMark as Last ReadRead Replies (1)

To: engineer who wrote (46806)1/31/2021 9:27:14 PM
From: Peter Ecclesine
1 Recommendation   of 46820
The big amendments, 11ac, 11ax, 11be take 5-7 years
11ac started in 2008, 11ax started in 2014, 11be started in 2019

WiFi Alliance does an early release approval before the amendment is published, then an r2
a couple of years later with whatever options become popular.

Getting a 2000 person year project over the finish line is hard, as many pull away to the next big project.

Look at start and RevCom and SB approval timespans on your favorite amendments.

Little ones like 11j Japan, 11y 3650 MHz, 11af TVWS take 2-3 years, depending on Korea Inc or other
opposing blocks.


Share RecommendKeepReplyMark as Last ReadRead Replies (1)

To: Peter Ecclesine who wrote (46807)2/1/2021 2:10:07 AM
From: elmatador
   of 46820
Good stuff.
Have you met the author of the article Claus Hetting CEO of Wi-Fi NOW?

Share RecommendKeepReplyMark as Last ReadRead Replies (1)

To: elmatador who wrote (46808)2/1/2021 7:28:30 AM
From: Peter Ecclesine
   of 46820
Yes, we were on video conf with Claus last week to discuss a 6 GHz workshop. He had slipped on ice the day before and was waiting minor surgery. Wi-Fi NOW does market promotion where opportunity presents - e.g., April 24, 2020 in Washington DC. Right now Regions 1 and 2 are presenting opportunities.

Share RecommendKeepReplyMark as Last ReadRead Replies (1)

To: Peter Ecclesine who wrote (46809)2/1/2021 9:47:14 AM
From: elmatador
   of 46820
Yes. He broke his wrist and had to to get the bones screwed back into place

Share RecommendKeepReplyMark as Last ReadRead Replies (1)
Previous 10 Next 10