Linux Foundation Launches 'Zephyr', a tiny OS for Internet of Things

The 21st century is witnessing a great change over in the daily life of folks with the advent of IoT devices that are capable of talking to each other without any human intervention.

Yeah! Now you do not have to individually cascade an instruction to each of your home devices to accomplish a task. All have gone automated with the actuators and sensors which are infused into the home

Avast to demonstrate mobile security app with Qualcomm at Mobile World Congress 

qualcomm-logo

New machine learning-powered malware detection technology identifies zero-day and transformational malware threats at the processor level.

Avast Software was selected by Qualcomm Technologies, Inc. as the lead mobile security service to integrate Qualcomm® Snapdragon™ Smart Protect, a behavioral analysis-based, anti-malware technology that utilizes technology from the Qualcomm® Zeroth™ Machine Intelligence Platform to detect mobile malware threats to smartphone security and personal privacy in real-time. Qualcomm Technologies and Avast will be demonstrating this mobile security solution at Mobile World Congress next week in Barcelona.

Mobile malware is on the rise 

Avast currently has over two million malicious samples in its mobile threat detection database. Every day, Avast detects 12,000 new, unique mobile malware samples and each quarter about 15% of mobile users worldwide encounter mobile malware.

With the growing use of mobile devices and the valuable data they contain, malware developers increasingly target mobile users. One example of mobile malware is ransomware, which locks a device or the data on it and demands a ransom to unlock the device. Adware is also spreading on mobile. Adware often comes in the form of a gaming or entertainment app that seems harmless, but what users are unaware of is that the adware is using their infected device to click on ads. In 2015, Avast also detected new forms of mobile spyware which intrude on users’ privacy and collect their data. In addition to mobile malware, potential exploits in the Android operating system such as Stagefright put users at risk.

“With threats increasing every day, OEMs and mobile operators need to protect their users in real-time,” said Gagan Singh, president of mobile at Avast. “Snapdragon Smart Protect provides security at the processor level, which is designed to improve customer privacy and protect them from rogue applications, zero day attacks, and ransomware.  We are proud to have worked with Qualcomm Technologies on this effort.”

“Snapdragon Smart Protect is engineered to support real-time, accurate detection of zero-day and transformed mobile malware,” says Sy Choudhury, senior director of product management, Qualcomm Technologies, Inc. “The combination of Qualcomm Technologies’ dynamic, behavior-based malware analysis of Snapdragon Smart Protect and the core malware analysis delivered by Avast enables very powerful and comprehensive security and privacy protection for device users.”

Traditional security software is limited to scanning and monitoring software behavior at the application layer level. Snapdragon Smart Protect utilizes Qualcomm Technologies’ Zeroth machine learning technology to detect and classify a broader range of mobile malware at the processor level to achieve an even higher level of protection. While consumers will benefit from better protection, OEMs and mobile operators will benefit from reducing the risk of data leakage and malware attacks for their users.

Snapdragon Smart Protect is available to handset OEMs now on the Snapdragon 820 processor, and is expected to be supported by additional Snapdragon SoCs later this year. The first commercial devices with Snapdragon Smart Protect are expected in the first half of 2016.

CVE-2016-1927

The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.

CVE-2016-2039

libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.