July | 2016 | Mark Cathey's Tech Site

The U.S. National Science Foundation will spend more than US$400 million over the next seven years to fund next-generation wireless research in an effort to bring super-fast mobile service to the country.

U.S. officials hope the investments, announced Friday, will speed up the county’s move to next-generation 5G mobile service, potentially offering speeds of 10Gbps, and allow for a rapid expansion of the internet of things.

The next-generation mobile services will enable self-driving cars, an “always on” IoT, smart cities, new virtual reality offerings, and video to aid police, firefighters, and emergency medical responders, said John Holdren assistant to President Barack Obama for science and technology.

“Time and again, history has shown us that when we make sustained federal investments in fundamental academic research and in public-private partnerships … we as a nation reap the benefits,” Holdren said at an NSF event in Washinton, D.C., Friday.

The NSF funding, part of a new White House Advanced Wireless Research Initiative, includes $50 million as part of a partnership with more than 20 mobile companies and trade groups to roll out advanced wireless testing sites in four U.S. cities. The testing will include deployment of small cells to boost signals of high-band, millimeter wave spectrum.

Friday’s announcement piggybacks on a Federal Communications Commission vote Thursday to open up nearly 11 gigahertz of high-band spectrum to 5G and IoT services.

The NSF expects to spend $350 million over the next seven years on fundamental research and testing of next-generation wireless technologies, the agency said.

The FCC and other agencies want to focus on making spectrum available so that wireless companies can experiment with the best ways to deliver new services, said FCC Chairman Tom Wheeler. Some countries have pushed to set 5G standards before moving forward, but not the U.S., he said.

To read more and the original story follow this link to Network World.

Crooks found a way to reinfect computers with malware via the Windows BITS service, months after their initial malware was detected and deleted from the infected system.

BITS (Background Intelligent Transfer Service) is a Windows utility for transferring files between a client and a server. The utility works based on a series of cron jobs and is the service in charge of downloading and launching your Windows update packages, along with other periodic software updates.

According to US-based Dell subsidiary SecureWorks, crooks are using BITS to set up recurring malware download tasks, and then leveraging its autorun capabilities to install the malware.

Abusing BITS is nothing new since criminals used the service in the past, as early as 2006, when Russian crooks were peddling malicious code capable of using BITS to download and installing malware on infected systems.Initial malware infection took place back in March 2016In the particular case, SecureWorks staff were called to investigate a system that had no malware infections but was still issuing weird security alerts regarding suspicious network activities.

The SecureWorks team discovered that the initial malware infection took place on a Windows 7 PC on March 4, 2016, and that the original malware, a version of the DNSChanger malware calledZlob.Q, had added malicious entries to the BITS service.

These rogue BITS tasks would download malicious code on the system and then run it, eventually cleaning up after itself.

Since the user’s antivirus removed the initial malware, the BITS tasks remained, re-downloading malware at regular intervals. Because BITS is a trusted service, the antivirus didn’t flag these activities as malicious but still issued alerts for irregular activities.BITS tasks could be used in much more dangerous waysIn this case, SecureWorks reports that the BITS jobs downloaded and launched a DLL file that executed as a “notification program.”

BITS jobs have a maximum lifetime of 90 days, and if the malware coder had used them properly, they could have had a permanent foothold on the infected system.

SecureWorks staff presents a method of searching for malicious BITS tasks in their technical write-up, along with a list of domains from where this particular infection kept downloading malicious code.