IT security researchers have discovered a new spear-phishing campaign that intercepts an active conversation and hijacks them to spread malware using highly-customised emails designed to look as if they are coming from the original sender.

Image Source – Phishing

The malware dubbed as FreeMilk is used by the hackers to infiltrate the computers using malicious codes and retrieve confidential information without even getting noticed.

The attack leverages CVE-2017-0199, a remote code execution vulnerability in the way Microsoft Office and Wordpad parse specially crafted files – which was subsequently patched in April this year.

How does FreeMilk affect the victim’s system ?

Upon successful execution of a FreeMilk phishing attack, two payloads named PoohMilk and Freenkin gets installed on the targeted system

PoohMilk’s primary motive is to run the Freenki downloader. Freenki, on the other hand, performs two different task -the first is to collect information from the host and the second is to act as a second-stage downloader which further downloads sophisticated malware.

Information collected by the malware include username, computer name, ethernet MAC addresses, and running processes. Besides this, Freenki can take screenshots of the victim’s system, with all the information sent to a command server for the attackers to store and use.

Who is behind this ?

As of now the actors behind this attack have not been identified. However, the security researchers have found out that ‘PoohMilk’ tool has been previously used in January 2016 in which the phishing emails were disguised as a security patch.

Attackers also attempted to distribute ‘Freeniki’ in an August 2016 watering-hole attack on an anti-North Korean government website by defectors in the United Kingdom.

How does this affect India ?

Due to the massive number inactive, un-patched and outdated windows machines especially in the government & small-medium scale organisations, these series of attacks can be deadly for India. All machines that aren’t updated with the patch that was released in April are at a severe risk and can aid cyber criminals and state actors in gaining access to even the most sophisticated networks.

You can more about the same here and here

Comments from Ankush Johar, Director at HumanFirewall.io, a leading provider of human information security awareness and preparedness solutions.

Freemilk is exploiting the CVE-2017-0199 vulnerability in Windows which was patched in April 2017. Therefore, ensure that any computer that has not been patched since before April, 2017 is not allowed to go on your the network.

First Things First, Patch all your computers using the official security update if not done already. Patch available here

General Hygiene for Protection

Defending against this kind of attack is rather simple. Following are some key points.

For Consumers

  • Use the latest Operating System.
  • Make sure automatic updates are enabled, and downloaded regularly.
  • Ensure Firewall is enabled to block all network based attacks.
  • Never Click/Download anything on Emails from untrusted sources. Make sure the mail is from a trusted party, only then download the attachments.
  • Use a proper, regularly updated Antivirus.

For Organizations

  • Latest patches must instantly be deployed across the company.
  • All pirated/un-patched/outdated devices to be removed [read unplugged] from the network instantly.
  • Employees to be trained to detect and protect against Phishing and other such scams.
  • Antiviruses ensured to be in place and updated.

With the vision to bring more ‘energy’ to the Indian startup community, Shell India is inviting all energy and IT startups to enter its pan-India programme, Shell E4 [Energizing and Enabling Energy Entrepreneurs].

Through the Shell E4 programme, Shell will be scouting for startups and businesses in early, pilot, or post-pilot stages to collaborate and work together on ideas that have the potential to impact the future of energy. Shell will work with the selected cohort for a period of six months and provide them with access to Shell’s Technology and IT labs in Bengaluru, technical and commercial mentorship from within and outside of Shell, access to potential customers through its network of partners and a fixed sum investment of USD 20,000 per startup.

The Shell E4 programme builds upon the company’s global vision to support the energy sector’s evolving ecosystem. Shell has a rich history of working with entrepreneurs across the energy value chain globally. For cleaner energy solutions, Shell also introduced Make The Future campaign, under which #makethefuture Accelerator India 2017 was concluded in March this year. The programme was a platform for millennials to showcase their bright energy ideas to build solutions for the future energy challenges both globally and in India.

Commenting on the launch of the programme, Nitin Prasad, Chairman, Shell Companies in India, said

At Shell, we believe that the answers to energy challenges lie in the power of innovation. With this programme, we aim to provide a platform to energy startups that have the potential to impact the future of energy. The Shell E4 Programme provides a platform for collaboration and conversation around valuable energy transitions, offering startups an opportunity to bring their ideas to life with Shell’s guidance and support.

Shell E4 will be located at the Shell Technology Centre Bengaluru [STCB] and, is well positioned to leverage the vibrant Bengaluru ecosystem.

Important Dates for Shell E4

Following the evaluation, the selected startups will form the 1st cohort and will be incubated with Shell for a period of 6 months at their campus in Bengaluru. As part of the incubation, the cohort will gain exposure to Shell’s advanced infrastructure and IT facilities; technical and commercial mentorship; an opportunity to pitch their ideas to other potential investors and an access to Shell’s network of partners and customers in India and abroad. In addition to this, Shell will also make a fixed amount of investment. For more details and to apply visit Shell India

U2opia Mobile announced the launch of Reycreo, a platform geared to help game discovery and adoption in frontier markets. The Reycreo vision has been tailored to provide a progressive gaming experience for early adopters in these markets.

Subscribers to Reycreo have an option to dive into an all–you–can–eat offering of over 500 browser-based bite-size games. This also serves as a simplified initiation to the world of gaming. The platform has games across categories including – Action, Arcade, Adventure, Puzzles, and Logic. Users can play all the games on any browser anytime without downloading. A wide range of games can be played on any device, anywhere, any number of times. With multiple language support, users get a great gaming experience on their mobile data or Wi-Fi connection.

Reycreo is currently live in South Africa, India, Malaysia, Cameroon, Saudi Arabia, Oman, Ivory Coast, Nigeria, Indonesia, Bissau and Kenya. The mobile gaming market has huge potential in the frontier markets. By 2020 the mobile gaming industry is expected to cross USD 2bn in MEA and USD 30bn in Asia Pacific, which indicates that in next three years, the market may grow up to 60%.

U2opia is actively signing up strategic partners to introduce downloadable freemium and premium games with a specific focus on localized gaming content along with global favorites.

Sumesh Menon, Co-Founder and MD, U2opia Mobile said

With Reycreo, our ambitions are to handhold first-time gamers through the exciting myriad world of game content. We are cognizant of challenges of high-speed bandwidth, handset compatibility and access to payment channels that are in some ways curtailing rapid game adoption. Reycreo is working towards solving for these systematically.

About U2opia Mobile

A pioneer and innovator in mobile technology working towards accelerating the growth and usage of the internet across the globe. U2opia Mobile collaborates with the world’s largest and most innovative mobile operators and is managed by an experienced team with deep understanding of consumer, internet and mobile ecosystems. Engaging a variety of customers, across generations of handsets, the company addresses a global user base of over 1 Billion users in emerging markets. The company is backed by marquee investors Matrix Partners and Omidyar Network. For more information, please visit U2opia Mobile

Industree Foundation launched its new initiative ‘Mission Creative Million‘ at a round table, during the World Economic Forum’s India  Economic Summit. Shri Chandrababu Naidu, Honourable Chief Minister, Andhra Pradesh, launched the initiative at an event that was held Hotel Taj Palace, New Delhi.

Established in 2000, Industree Foundation addresses the root cause of rural poverty in India by establishing ownership-based manufacturing enterprises for majority women micro-entrepreneurs in the farm and off-farm sector. Industree assesses the traditional skill base of communities, organises them into production units, develops products that appeal to modern markets, and creates consistent demand, opening up the 40 billion dollar global market for these entrepreneurs.

Industree Foundation has already trained 30,000 women artisans in India and Africa through collaborative efforts with organisations like Future Group, IKEA, the Commonwealth Secretariat, Grassroots Business Fund, and National Skill Development Corporation. Industree has also directly impacted over 2,000  producers and tripled their incomes, having built two of India’s largest off-farm producer companies.

‘Mission Creative Million’, Industree’s latest initiative designed to empower entrepreneurs and create jobs, aims to impact one million creative producers in the next 5 years, dramatically scaling up outcomes.

According to Neelam Chhiber, Founder and Managing Trustee

With the right training and tools, producers can become owners of their own businesses and leaders in their communities. That is why we have developed a model that empowers producers with skills training, market linkages and the professional management support they need not only to build sustainable futures for themselves but also create hundreds of new jobs.

Creative Million projects are already in various phases of execution in Karnataka, Tamil Nadu, and Odisha, and are in the planning phase in Andhra Pradesh, Telangana, Rajasthan and Uttar Pradesh. This is in partnership with the Ministry of Textiles, Karnataka and Andhra Pradesh state governments, along with companies such as Sonata Software, Mindtree, Mercuri Urval and impact organisations like MasterCard Center for Inclusive Growth, British Asian Trust, Social Venture Partners, Womanity, Dasra and UNDP.

The first few pilots have impacted more than 75,000 producers. Industree also partners with organisations like Fair Trade Forum India, All India Artisans and Craftworkers Association, to ensure the reach extends to a million people.

Speaking about the initiative, Shamina Singh, President of Mastercard Center for Inclusive Growth, a key partner, said

Unlocking the potential of artisan producers to earn, save and invest is critical to ensuring that India’s economic growth is inclusive and sustainable. We are proud to partner with Industree, government ministries and other private sector leaders to realize the promise of the creative million business model.

Uber, the ridesharing app that connects riders with drivers to provide convenient, reliable and affordable rides at the push of a button, strengthened its commitment to decongest Indian cities and reduce emissions over time by expanding uberPOOL, an innovative offering, in 3 cities – Chandigarh, Jaipur and Ahmedabad this week, taking the national tally to 12 cities.

The expansion strategy is an effort to promote shared mobility in India with uberPOOL allowing people heading in the same direction to take the same ride. Post the successful adoption of the product in Delhi, Bangalore, Mumbai, Kolkata, Hyderabad, Pune, Guwahati, Chennai and Kochi, uberPOOL went live in Chandigarh [3rd October] and Jaipur [5th October] followed by Ahmedabad, which will go live tomorrow.

Designed to offer first and last mile connectivity, and improved reliability,uberPOOL will also help contribute towards reducing congestion in cities. With more people in fewer cars, uberPOOL aims to decongest roads and reduce emissions and pollution over time. As of March 2017, with 48,259,398 kms of travel saved, uberPOOL has helped in reducing Co2 emissions of 5,352, 000 Kgs.

Speaking on the launch, Prabhjeet Singh, General Manager, North, Uber India, said

At Uber, we are constantly working towards redefining the urban mobility landscape in Indian cities which involves initiatives towards reducing congestion and pollution. We believe that uberPOOL is the future of urban mobility that allows ridesharing using technology, and in the process helps decongest cities by getting more people into fewer cars, letting riders move around their city more affordably and enables first/last mile connectivity. We have received positive feedback from other cities and are confident that as Chandigarh, Jaipur and Ahmedabad embark on their uberPOOL journey, the same will help contribute to the future that we have envisioned – smarter cities.

According to Uber’s Green Index 30% of rides in Mumbai are on UberPOOL, 28% in Delhi, 29% in Hyderabad, 25% in Bengaluru, 18% in Chennai and Pune and 15% in Kolkata. Uber’s ridesharing product has been able to deliver a significant impact in reducing congestion and pollution in several cities.  In order to highlight several such examples from across India and advocate the merits of ridesharing, Uber launched a nationwide initiative, Decongest India, which aims to draw the attention of policymakers on how utilising cars for ride-sharing can complement stressed and overburdened public transport to be part of the solution – rather than the problem.

How does uberPOOL work

Selecting the uberPOOL option connects the rider real-time with 1~2 passengers heading in the same direction.

  1. Set your pickup location and destination
  2. Select uberPOOL for the carpooling option and get a fixed fare upfront, so you know exactly what you’re going to pay
  3. Click on ‘Confirm Uberpool’
  4. Click on ‘Confirm Pickup’
  5. Select how many seats you need 1 / 2
  6. Confirm seats! You might get matched with other passengers heading in the same direction
  7. Regardless of whether you are matched or not, the fare will be less than traveling solo
  8. You can choose to use Cash, PayTM, Credit or even a Debit card

NI, the provider of platform-based systems that enable engineers and scientists to solve the world’s greatest engineering challenges, announced the release of NI Trend Watch 2018. The report examines the technological advances propelling our future faster than ever before along with some of the biggest challenges engineers face looking ahead to 2018.

As per Shelley Gretlein, NI Vice-President of corporate marketing,

As we advance through the 21st century, our customers demand higher quality devices, faster test times, more reliable networking and almost instantaneous computing to keep their organizations moving forward. Not only is NI prepared to help customers keep pace by exploring the trends impacting our industry, we also provide actionable insights backed with an open, software-centric platform to accelerate the development of any customer-defined test, measurement or control system.

NI Trend Watch 2018 explores the following topics:

  • Machine Learning Puts Data to Work – Intelligent systems create and rely on data, but the ever-increasing quantity of data exacerbates the Big Analog Data Challenge. Discover how machine learning addresses the problem head-on, so engineers can focus on finding and solving the next grand challenge.
  • 5G to Disrupt Test Processes – 5G innovation doesn’t stop at design. Test and measurement solutions will be key in the commercialization cycle, but 5G requires a different approach to test than previous wireless technologies. Find out what it’s going to take to make 5G a reality.
  • 3 Mandates of the IIoT – The proliferation of smart and connected ‘things’ in the Industrial Internet of Things [IIoT] provides tremendous opportunities for increased performance and lower costs, but managing these distributed systems is often an overlooked challenge. Explore the three necessities for successfully managing your ‘things’.
  • Effects of Electrification – The vehicle electrification trend goes deeper than a global shift from internal combustion and hybrid vehicles to fully electric powertrains. Consider implications beyond the increasingly complex vehicle itself, including new demands on supporting infrastructure.
  • Breaking Moore’s Law – The constant pace of innovation has tracked remarkably close to Moore’s law for decades, despite a few minor revisions and much talk of its death. But now, the more than 50-year-old observation is facing health challenges again. Find out what that means for the future of the semiconductor market.

Review the complete report here.

Marico Limited, India’s leading consumer products company in the wellness and beauty space, has recently adopted Microsoft Azure SQL Data Warehouse to improve their business productivity. The adoption of the fully-managed, highly-elastic, petabyte-scale, warehouse-as-a-service cloud-based relational database has helped Marico increase their data processing speed by over 150%.

In the FMCG space, the volume of data being generated fluctuates greatly during certain periods, especially the month beginning and ends or during season and festival time. This puts unforeseen burden on the existing IT infrastructure in managing the data flux. The window for extraction, transformation and loading of huge amount of data is limited to a few hours.

This deployment has freed Marico from regular hardware refresh owing to data volume variability, and provided the flexibility of scale-up or scale-down on demand. They now have an end-to-end data solution [database, data warehouse, big data, visualization, advanced analytics] that unlocks insights from any data. This has given Marico complete control of data management and more agility for business decision-making during critical times. They have also overcome the need for creating disaster recovery or backup infrastructure.

Mukesh Kripalani, Chief – Business Process Transformation & IT, Marico said

With the growing surge of data, and the burden that used to come along with it, Microsoft has helped us in eliminating the need for over-provisioning. We wanted to gain control over the churn and speed of data, and Azure SQL Data Warehouse has not only helped achieve this but also helped us gain business insights from big data and advanced analytics.

Peter Gartenberg, General Manager, Enterprise Commercial, Microsoft India, said

The deployment at Marico addresses the current FMCG market need for an integrated, intelligent cloud-based database management system. The solution will help Marico stay ahead of the market with faster and more accurate decisions. We have always aimed to reduce complexity and redundancy, and ensure data privacy and security through the Microsoft Cloud. We are excited to be associated with the growth of Marico.

In India, numerous FMCG customers are leveraging Microsoft Azure as their cloud platform to develop cutting edge digital and data analytics capabilities. Microsoft’s commitment to deliver enterprise-grade cloud platform that is open, flexible, affordable and secure has resonated strongly with Indian companies.

To celebrate 20 years in India and a legacy cutting across learner segments, Pearson, the world’s learning company, announced the launch of its new brand campaign #WeArePearson. Aimed at making learning more accessible, fun and experiential for everyone, the campaign personifies the over 20 years Indian legacy of Pearson, and takes us back to an era where legends like Albert Einstein started inspiring the world and changing the face of education.

Image Source – Pearson

The campaign will engage people through contests, videos and live interactions to get them to think about their own innovative and fun ways of learning in today’s digital age. Pearson will bring exclusive experiences for customers as part of the celebration which will be revealed soon on the Pearson’s website.

In a journey that started in 1997 in India, Pearson has set benchmarks by finding the new ways to recognise teachers’ extraordinary contribution & inspire students by combining world class content and finest authors. The brand has harnessed the power of technology in bringing newer ways of learning and delivering on its core philosophy of ‘Always Learning‘.

Vikas Singh, Managing Director, Pearson India, said

We are extremely excited and proud as we celebrate 20th anniversary in India. In the last two decades, we have come a long way in becoming the preferred partner for educators and learners alike, by bringing our global learning platforms and practices to India. We have a formidable presence across all segments of education and now we are looking at the next generation of courseware and digital solutions which aims to transform the face of the Indian education system.

We continue to strive towards our goal to help students make measurable progress in their lives through learning. With our new campaign, we aim to spread the joy of learning and empower the next generation with the resources they need to be future ready.

As a future-facing organisation, Pearson offers solutions across the spectrum that leverage technology for better education. The company has continually improved, thoroughly researched and expertly developed world-class products to India across three core verticals of K-12, Higher Education and Vocational [and Professional] education.