Latest news with #Windows-maker
Forbes
04-05-2025
- Forbes
Do Not Open This PDF On A Microsoft Windows PC
Do not open this PDF—delete on sight. A few weeks on from Microsoft warning Windows users that PDF attachments are increasingly being used in attacks, there's another warning and a new lure. While the Windows-maker's alert for PC users came ahead of tax day in the U.S., the new attack is less time critical and has a nasty trick in how it masks its malicious intent. Microsoft's tax day warning called out 'PDF attachments with an embedded DoubleClick URL that redirected users to a Rebrandly URL shortening link. That link in turn redirected the browser to a landing site that displayed a fake DocuSign page hosted on a domain masquerading as DocuSign.' When users clicked to download, 'the outcome depended on whether their system and IP address were allowed to access the next stage based on filtering rules set up by the threat actor.' This was a clever form of obfuscation to make it more difficult for security researchers to replicate the attack and craft a fix. Now, the team at TrustWave SpiderLabs warn 'we've spotted a campaign delivering RemcosRAT, using a fake payment SWIFT copy to lure victims. The attached PDF links to an obfuscated JavaScript file that uses ActiveXObject to fetch a second-stage script. This script invokes PowerShell to download and decode an image hosted on which appears harmless but conceals the Remcos payload using steganography.' Again, obfuscation here is key. The latest trickery in malicious PDFs is to hide links behind QR codes or to compile PDFs without the usual URL tag, making it harder to a security scan to pick up the treat. Steganography takes this to a new level, hiding the link in an image, and making it all but impossible for a user to detect. As Kaspersky explains, 'steganography is the practice of concealing information within another message or physical object to avoid detection. Steganography can be used to hide virtually any type of digital content, including text, image, video, or audio content. That hidden data is then extracted at its destination. Content concealed through steganography is sometimes encrypted before being hidden within another file format. If it isn't encrypted, then it may be processed in some way to make it harder to detect.' According to Cybersecurity News, the new attack 'begins with a phishing email that attaches a PDF file contains a malicious link, specifically pointing to malicious webpage: luring victims into a multi-stage infection process designed to deliver RemcosRAT, a malware known for its ability to remotely control infected systems.' RemcosRAT is a nasty trojan you don't want anywhere near your PC. But the warning is not really that specific. PDFs are highlighted as a new favorite for cyber attacks, given user wariness as regards Office documents. The feeling amongst users seems to be that PDFs are more benign and therefore safer. Unfortunately, that's not the case. As for what to look for here. An email headed 'SWIFT Copy' that purports to confirm a bank transfer with an attacked receipt. While for most this lure is typical of the raft of latest threats, these campaigns are hitting plenty of marks. That's why they proliferate. Delete on sight.
Time of India
02-05-2025
- Business
- Time of India
Apple shares fall 5% as buyback cuts, tariff fears fan investor jitters
Apple shares fell 5% on Friday after the company trimmed its stock buyback program and CEO Tim Cook flagged a $900 million tariff-related hit to costs this quarter amid a raging Sino-U.S. trade war. U.S. President Donald Trump 's tariff flip-flops have thrown corporate plans into disarray, even for Apple, which along with Microsoft, has been juggling the title of the world's most valuable company. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Why Seniors Are Snapping Up This TV Box, We Explain! Techno Mag Undo The company has been stocking up to cushion the blow from potential supply-chain snarls and rising U.S. import costs. But with consumer confidence sliding, some analysts said Apple may face weakening iPhone demand in its home market. Its decision to lower its buyback authorization by $10 billion also marked a rare pullback that signaled a desire to preserve cash in the face of uncertainty. Typically it has either maintained or increased its repurchase levels. "The $100 billion buyback announced is below the $110 billion announced a year ago, which we found as a bit of a head-scratcher, as Apple historically either holds its buyback or increases it authorization," said Angelo Zino, equity analyst at CFRA Research. Live Events Analysts have warned U.S. tariffs on China could drive up iPhone prices, if Apple chose to pass on the added costs to consumers. But, Cook said most of the devices sold in the U.S. this quarter would be manufactured outside China. A last-minute exemption for consumer electronics has also offered temporary relief, even as the White House continues to weigh further trade actions. Cook said on Thursday Apple is ramping up efforts to shift its supply chain away from China, with most U.S.-bound iPhones now set to be assembled in India. Apple reported quarterly sales of $95.36 billion and earnings of $1.65 per share, narrowly beating market expectations. The company forecast low-to-mid single-digit revenue growth, in line with muted expectations. In China, Apple posted $16 billion in revenue, slightly above forecasts, though competition from Huawei and slower AI rollout continue to pressure market share. If losses hold, Apple is on track to shed more than $150 billion in market value, while a bullish outlook from Microsoft earlier this week has helped the Windows-maker become the world's most valuable company. SHIFTING SUPPLY CHAIN Cook said Apple's shift away from manufacturing in China would include sourcing more chips from the U.S. and expanding its footprint in key states like Texas, Arizona, and Oregon, but acknowledged the transition comes at a cost. "Having everything in one location had too much risk," he told analysts, referring to Apple's historical dependence on Chinese manufacturing. Apple's move to import iPhones from India marks a further shift in its production strategy, aimed at sidestepping future tariffs while expanding its presence in a fast-growing emerging market. "Part of their long-term vision is a big portion of the supply chain being in India," said Joe Tigay, portfolio manager at Catalyst Funds, which owns Apple shares. "I think just kind of having that base there would also do well for their relations or their prestige in the country."
Economic Times
02-05-2025
- Business
- Economic Times
Apple shares fall 5% as buyback cuts, tariff fears fan investor jitters
Apple shares fell 5% on Friday after the company trimmed its stock buyback program and CEO Tim Cook flagged a $900 million tariff-related hit to costs this quarter amid a raging Sino-U.S. trade war. ADVERTISEMENT U.S. President Donald Trump's tariff flip-flops have thrown corporate plans into disarray, even for Apple, which along with Microsoft, has been juggling the title of the world's most valuable company. The company has been stocking up to cushion the blow from potential supply-chain snarls and rising U.S. import costs. But with consumer confidence sliding, some analysts said Apple may face weakening iPhone demand in its home market. Its decision to lower its buyback authorization by $10 billion also marked a rare pullback that signaled a desire to preserve cash in the face of uncertainty. Typically it has either maintained or increased its repurchase levels. "The $100 billion buyback announced is below the $110 billion announced a year ago, which we found as a bit of a head-scratcher, as Apple historically either holds its buyback or increases it authorization," said Angelo Zino, equity analyst at CFRA Research. Analysts have warned U.S. tariffs on China could drive up iPhone prices, if Apple chose to pass on the added costs to consumers. But, Cook said most of the devices sold in the U.S. this quarter would be manufactured outside China. ADVERTISEMENT A last-minute exemption for consumer electronics has also offered temporary relief, even as the White House continues to weigh further trade actions. Cook said on Thursday Apple is ramping up efforts to shift its supply chain away from China, with most U.S.-bound iPhones now set to be assembled in India. ADVERTISEMENT Apple reported quarterly sales of $95.36 billion and earnings of $1.65 per share, narrowly beating market expectations. The company forecast low-to-mid single-digit revenue growth, in line with muted expectations. In China, Apple posted $16 billion in revenue, slightly above forecasts, though competition from Huawei and slower AI rollout continue to pressure market share. ADVERTISEMENT If losses hold, Apple is on track to shed more than $150 billion in market value, while a bullish outlook from Microsoft earlier this week has helped the Windows-maker become the world's most valuable company. SHIFTING SUPPLY CHAIN ADVERTISEMENT Cook said Apple's shift away from manufacturing in China would include sourcing more chips from the U.S. and expanding its footprint in key states like Texas, Arizona, and Oregon, but acknowledged the transition comes at a cost. "Having everything in one location had too much risk," he told analysts, referring to Apple's historical dependence on Chinese manufacturing. Apple's move to import iPhones from India marks a further shift in its production strategy, aimed at sidestepping future tariffs while expanding its presence in a fast-growing emerging market. "Part of their long-term vision is a big portion of the supply chain being in India," said Joe Tigay, portfolio manager at Catalyst Funds, which owns Apple shares. "I think just kind of having that base there would also do well for their relations or their prestige in the country." (You can now subscribe to our ETMarkets WhatsApp channel)
Forbes
02-05-2025
- Forbes
Microsoft's Free Upgrade Offer Hits New High—Check Your Windows PC Now
Windows 11 hits new high SOPA Images/LightRocket via Getty Images Microsoft is ramping up its warnings for the hundreds of millions of Windows users facing down a cyber nightmare as their PCs stop receiving security updates. The solution is a free upgrade to Windows 11, which the company says is a huge security boost. But as that free upgrade hits a new high, there remain at least 240 million users who will miss out and need to find an alternative solution before time runs out. Microsoft wants that alternative solution to be a Copilot+ PC, with required security upgrades as well as Recall, its staccato screenshotting machine. While the Windows-maker would like all non-Copilot+ owners to make the move, the warning is aimed at those without a new enough PC to upgrade to Windows 11. This needs a TPM 2.0 security module to bridge hardware and software to better protect against attacks. You should check if your Windows 10 PC can upgrade now. The good news for Microsoft is that its free upgrade campaign is now making progress, and come the end of April had hit a new high. While in the U.S., Windows 11 already outranks Windows 10, the same is not true across the world. Windows 10 usage has remained stubbornly high and well ahead of its newer sibling. But now, per the best estimates at Statcounter, the shift from old to new has reached a new milestone. While Windows 11 has not yet overtaken or even caught Windows 10 globally, it's within 10% for the first time. Just 12-months ago, that gap was more than 40%. There are still just over half (53%) of all Windows users still on Windows 10, but that's inching down month by month. Windows 11 is up to 44%, but at some point will hit a red line as the free upgrades stop. The question is what happens to the 240-million-plus users who can't upgrade and need to pay $30 for a year's extension or buy a new PC. Unfortunately, the more likely alternative is they fall off support and 'wing it.' In the wonderful world of Windows, this is a bad plan — a very bad plan. Last year saw a record number of patched vulnerabilities, and no user should be prepared to risk leaving their PC and their data open to attack. Pick a different option. And when you do pick, also make sure you delete passwords from your Microsoft account and run passkeys only — now the default for new accounts. That's the other Microsoft headline news this week, passwords finally coming to an end.
Forbes
01-05-2025
- Forbes
Microsoft Warns Windows Users—Delete Your Password
You have been warned — today is the day. Microsoft is on a mission to delete passwords for a billion users, given that 'the password era is ending.' The Windows-maker warns users that 'bad actors know it, which is why they're desperately accelerating password-related attacks while they still can.' And those attacks are now making headlines weekly. The answer is passkeys, which link your account security to your physical device security, which means unless an attacker has access to your hardware and unlock method — biometric or PIN, they can't bypass a password to login. More than others, Microsoft is not just promoting passkeys but also password deletion: 'If a user has both a passkey and a password, and both grant access to an account, the account is still at risk for phishing. Our ultimate goal is to remove passwords completely and have accounts that only support phishing-resistant credentials.' Today is World Password Day. Ignoring the trite nature of the occasion, it's a day Microsoft likes to use (1,2) to promote its mission. 'This World Password Day,' it likes to say, 'consider ditching your password altogether.' The FIDO Alliance, the organization charged with promoting passkeys has taken to the internet airwaves this time around to 'launch a Passkey Pledge to further accelerate [the] global movement away from passwords.' Its latest research found that 'over 35% of people had at least one of their accounts compromised due to password vulnerabilities, [and] 47% of consumers will abandon purchases if they have forgotten their password for that particular account. This is significant for passkey adoption, as 54% of people familiar with passkeys consider them to be more convenient than passwords, and 53% believe they offer greater security.' FIDO has welcomed Microsoft's password deletion as industry leading. 'This is an exciting and seminal milestone as Microsoft is taking passwords out of play for over a billion user accounts,' its CEO Andrew Shikiar told me, 'who can now instead leverage user-friendly, phishing-resistant passkeys. Microsoft's leadership in doing so today will help encourage more service providers to do the same, which moves us collectively closer to the day when passwords are fully in our rear-view mirror.' Microsoft describes passkeys as 'incredibly easy to use and intuitive, eliminating the need for complicated password creation processes and the hassle of remembering them. And unlike passwords, passkeys are resistant to phishing attempts, making them a much more secure option. Best of all, you can use your passkey across all your devices, so you never have to worry about forgetting your password again!' It makes sense. At the very least use passkeys and make passwords as long and complex as you can, and ensure any two-factor authentication (2FA) codes that remain are not SMS and link to an authentication app at the very least. You can find details on setting up Microsoft passkeys here.
