econoTwist's

Posts Tagged ‘Microsoft’

Microsoft Spot New Antivirus Blocking Trojan

In Uncategorized on 22.01.11 at 04:05

A new Trojan has been spotted by Microsoft researchers in China that neutralize antivirus products that rely on cloud-based technology. The cloud technology is a relatively new technology, specially used in security software. Upon running, it targets major Chinese AV vendors and other international security brands by blocking their internet access at the network driver layer.

“Engineering it is not trivial.”

Kurt Baumgartner


Of particular concern here is the sophistication of the so-called “Bohu” Trojan, which blocks the cloud-based antivirus software by means of a Windows Sockets service provider interface (SPI) filter, itself made possible by the installation of an NDIS driver. The malware employs social engineering techniques to trick users into executing it.

The use of cloud-based technologies is becoming more prevalent, as traditional antivirus companies adopt techniques that allow them to detect and neutralize malware infestations in minutes rather than in days.

Speaking to eWeek, Kurt Baumgartner, who is a senior malware researcher at Kaspersky Lab acknowledged that engineering it is “not trivial.”

This effectively gives Bohu the ability to perform deep packet inspection on the network data, which it uses to modify search terms sent to sogou.com, and cookies belong to the top search engines.

For now, Microsoft says it has already contacted the affected vendors about the Bohu threat.

More on this story:
article at eWeek
article at Computer Weekly
article at IT Pro

Related:

Microsoft tool now scans for the Zeus Trojan
Security loopholes surfaces on Mac App Store
Zeus Trojan mules used fake names, passports
Evidence of Zeus Trojan found in majority of Fortune 500 companies

Related by The Swapper:

Advertisements

Will Microsoft Team Up With Adobe To Battle Apple?

In Financial Markets, National Economic Politics, Technology, Views, commentaries and opinions on 24.11.10 at 23:04

Well, this is one of the hottest rumors in the info tech business at the moment. However, both Microsoft and Adobe denies that a plan of an alliance between the two is on the table. But analysts and business insiders see the move as a natural next step in the ongoing battle to dominate the mobile application market.

“With Dreamweaver on its hands, Microsoft would pretty much have everything covered.”

mbj3000


And indeed, Microsoft has the money to buy Adobe, whose current market value is about $15 billion, with its guided estimate of a record profit at $27,3 billion for the full fiscal year, ending in June 2011.

But Microsoft have also invested heavily in developing its own Flash rival – Silverlight.

However,after Apple dumped Adobe’s Flash on both iPhone and iPad, the game is about to change.

Adobe chief executive office Shantanu Narayen denies the rumors:

“We value our independence, and we continue to think that we just have tremendous opportunities ahead of us as a company,” he says.

(Here at The Swapper we’re tempted to see this statement as a signal to Microsoft that they have to pay a price per share that’s well above market value if they want Adobe to accept an offer.)

Morningstar analyst Toan Tran is among those who belive there’s something to the rumor:

“It may be a case of “the enemy of my enemy is my friend,” and both Microsoft and Adobe have a common enemy in Apple,” Tran says.

Editor of the magazine PC Pro, who reports on the story, is not too thrilled about the idea:

“What a shame if this not only turns out to be true, but actually come to pass,” Tim Danton writes in a comment in the latest edition of PC Pro, (January 2011).

“To battle against Apple’s perceived dominance on mobile platforms, Adobe and Microsoft need to concentrate on innovation, not consolidation. If the merger happened, all I can see is 18 months of bickering and fall-outs.”

“And what would be the benefit to the consumers? That rather than two player technology, in Silverlight and Flash, we get one? I can only see one winner from this deal, and that’s Apple,” Danton concludes.

Here are some comments from business insiders, bloggers and software reviewers:

“It might be a good idea for Microsoft to buy Adobe since they have complementary products. But it would be a very bad idea to buy the company simply because of a spat with Apple.”

(ironbath)

“It might not just be about defending against Apple. It would also help Microsoft in the web development market, with Dreamweaver on its hands, Microsoft would pretty much have everything covered.”

(mjb3000)

“The whole theory falls down if Apple starts to allow Flash.”

(davidsoap)

Anyway – this has the potential to be the next big story in the tech industry, and you can be sure investors are keeping a close eye with these companies at the moment.

Cyber Criminals Attack Critical Water, Oil and Gas Systems

In Financial Engeneering, Law & Regulations, Learning, Trading software on 30.08.10 at 17:48

For the first time, Norwegian companies are being targeted by a new kind of computer attacks, aimed at critical social management systems, like water oil and gas supply systems. The attacks was first discovered in Germany and Belarus in June. Since then, at least 6000 infected computers have been confirmed.

“A malicious foreign power  – given €86 million, 750 people and two years to prepare – could launch a devastating cyber attack on the EU.”

Charlie Miller

This summer the Norwegian National Security Authority (NSM) discovered for the first time targeted computer attacks directed against internal process and control systems to ensure supply of electricity and water. Similar attacks was discovered in Germany and Belarus. EU’s cyber-security unit, ENISA, will in late October or early November carry out the first ever pan-European cyber security exercise.

According to the Norwegian newspaper, Aftenposten, the National Security Authority confirms that Norwegian companies have been attacked, but will not say which.

“It’s the first time we see this Trojans, specifically designed to take control of the process and control systems. We know that other companies are affected, besides the Norwegians,” Christophe Birkeland at the NSM says.

Malicious software that comes into these systems, stealing business critical information, and in worst cases, destroy or take over control of the systems. We know Norwegian companies have gotten this Trojan into some of their systems,” he says.

NSM emphasizes that it is not reported any injuries at the moment.

However, NSM are now sending out a new warning against what they perceive as a serious threat to a number of critical social actors in Norway:

* Government and the national institutions.

* Power producers and suppliers.

* The oil companies.

* Water supply and treatment plants.

* Transport companies.

Going For The Most Advanced

In the operational center of Hafslund in Oslo,  computers provide electric power for about 1.4 million people in the area.

The Hafslund central is one of the world’s most advanced power systems.

“We have also experienced attempts to hack into our office support systems. We are fully focused on this, and it is a very familiar problem,” information officer, Morten Schau, at Hafslund says.

Faximile: Aftenposten, paper edition, 08292010.

Customized Trojan

Behind the seemingly innocent file name “% System% \ drivers \ mrxnet” is the malicious, and highly sophisticated,  computer virus “Stuxnet,” which this summer has been a hot topic amongst computer security experts.

The attacks may have been going on for many months before it was discovered in Germany and Belarus in June.

One of the many technical features is the fact that the Trojan hides itself very well. Since June, at least 6.000 computers have been confirmed infected by “Stuxnet”.

The cyber criminals have exploited vulnerabilities in Windows, but first in early August did Microsoft create a security update that plugged the hole.

Siemens System Infected

The attack has been directed towards a management system supplied by Siemens – Simatic WinCC.

WinCC is used to control everything from pizza ovens to oil platforms.

In Norway, the system is in use in at least 200 oil companies, power suppliers, and metal and food industries.

Siemens admits that 12 companies have been affected, but stresses that this is not its Norwegian customers.

“Those customers who were infected was quickly helped, and the problem is now fixed,” information officer, Christian Jahr, at Siemens says.

“What happened was that an employee has used a USB stick outside the office, or in other private places. This became infected with the virus, which is activated when used on a PC with WinCC installed. This goes to show that you have to be awake and updated to ensure the best security facilities possible,” Jahr says.

Who’s Fighting Who?

No one knows who is behind the attacks, or what country they come from.

Worldwide companies in Indonesia, India, Iran and the US are being hit the hardest.

There are also several different theories about what the goal is:

* Industrial Espionage.

* Blackmail.

* Sabotage attempts.

The most important way to protect themselves is to make absolutely watertight bulkhead between the data networks used to control machines, and computer systems used for communication with the outside world, according to the experts.

One must also prevent careless use of memory sticks and other USB devices.

Previously, both the police, governments, health institutions, banks and industrial companies have been hit by computer criminals.

Able To Crash The Whole EU

A malicious foreign power – given €86 million, 750 people and two years to prepare – could launch a devastating cyber attack on the EU, a US security expert says.

Charlie Miller, a mathematician who served for five years at the US’ National Security Agency stress-testing foreign targets’ computer systems and designing network intrusion detection tools,” calculated the EU scenario on the basis of a more detailed study of US vulnerability.

This is how it can be done:

Got 100 Million Dollar?

The assault would begin with a member of staff at, say, the London Stock Exchange or the French electricity grid operator, RTE, opening a PDF attachment in an email which looks as if it had been sent by a colleague.

Take down the EU, or buy a famous piece of art? (The price tag is about the same).

The PDF would contain software enabling a hacker on a different continent to silently take over his computer.

Over time, the hacker would monitor the employees’ keystrokes, sniff out passwords, and use the information to take over computers higher up the command chain, eventually putting him in a position to switch off the target’s firewalls, leaving it open to DOS (Denial of Service) attacks, and to install RATs (Remote Administration Tools), which control its hardware.

Around 18 to 21 months down the line, with enough targets compromised, the assault could take place, the EUobserver.com writes.

The EU 27 countries would wake up to find electricity power stations shut down; communication by phone and Internet disabled; air, rail and road transport impossible; stock exchanges and day-to-day bank transactions frozen.

Crucial data in governments and financial institutions are scrambled and military units at home and abroad cut off from central command or sent fake orders.

Normal life could be restarted in a few days’ time. But the damage done to administrative capacity, consumer confidence and the economy by loss of vital data would last for years.

Mr Miller says the bulk of the money –  €83 million ($105 million) would be used to pay an army of 750 hackers, with just €3 million spent on hardware – a testing lab with 50 computers, another two computers each per hacker and assorted smart-phones and network equipment.

* 100 million dollar are just small change for some of our current dictators and drug barons.

* You can win a 100 million dollar at one single game of poker in Las Vegas.

* You can earn 100 million dollars in one year as a  commodities trader at Citigroup.

* 100 million dollar is what Tiger Woods paid for his divorce settlement.

Money won’t be a problem, but organizing the the right people for the operation might be.

Army Of Hackers

An elite corps would consist of 20 world class experts whose main job would be to find “0-day exploits” – previously undetected security gaps in popular software such as Windows, Java or Adobe.

The experts would have to be paid a small fortune –  over €200.000 ($250.000) – each a year.

Or extorted, Dr. Miller adds.

Another 40 people, drawn from the enemy country’s secret services or recruited inside EU member states, would get inside “air-gapped” facilities – the most secure targets, such as military command structures or air traffic control bodies, which are physically cut-off from the Internet in order to prevent cyber attacks.

When the time came, the agents would un-airgap targets by connecting them to the Internet via 3G modems and satellite phones.

The rest of the cyber army, 690 people, mostly computer science graduates and post-graduates from inside the hostile state, would use the 0-day exploits to take over target networks.

They would also collect, maintain, create and test “bots” – software which secretly uses computers in ordinary people’s homes to run automated tasks, such as DOS attacks, which bombard target systems with overwhelming amounts of data.

The final assault would require 500 million bots in diverse locations, according to the calculations.

Dr. Miller, who currently works for the Baltimore, an US-based company, Independent Security Evaluators, admits that internet scare stories like this helps his firm to get business.

But he also underlines that classic intelligence gathering is the best line of defense, rather than hiring IT experts.

“It’s really hard to defend against an attack that’s well equipped and carried out by smart people. But you do have years to detect it before it happens. If you have an elaborate intelligence gathering network you could detect it, not technically because you can see it, but because you have human intel,” he says.

“If you want to spend your money well, spend it on your intelligence services.”

Here’s a copy of  the US National Security Agency stress testing of US and foreign computer systems.

EU’s First Cyber War Exercise

The threat of cyber war against EU targets became clear on 27 April 2007 when hackers crashed Estonian online news agencies with DOS attacks in the middle of an Estonia-Russia political dispute.

The assault gathered pace over the next three weeks disrupting online banking services and government communications.

Three and a half years down the line there is no hard evidence linking the attack to a foreign power, although activists in the pro-Kremlin youth group, Nashi, claim to have taken part.

“If these cyber attacks were used to test the Estonian cyber defense capabilities, much more sophisticated attacks could possibly follow, based on the knowledge acquired during the attacks,” a report on the 2007 events by the Estonian government’s Computer Emergency Response Team says.

NATO and EU countries are now putting more resources than ever into joint cyber-security projects.

EU’s cyber-security unit, the Crete-based European Network and Information Security Agency (ENISA), will in late October or early November carry out the first ever pan-EU cyber security exercise.

ENISA spokesman, Ulf Bergstrom, says the exercise will look at disrupting normal internet operations in the EU’s internal market and the way EU member states’ authorities co-operate across the union’s internal borders.

Mr Bergstrom notes that ENISA’s initial mandate, which covers security of e-commerce, online banking and mobile phones, is being expanded to cover cyber criminality.

“We have been given political signals, for example by information society commissioner Neelie Kroes, to work more closely with agencies like Europol and Interpol,” he says.

“Cyber security is vital for the economy of Europe, to protect the businesses and operations of ordinary citizens. This is the digital society that we take for granted, like water out of the tap, which we need to defend.”

Related by The Swapper:

Hackers Steal CO2-emission Permits Worth $4bn

Another Carbon Fraud Raid Reveals Firearms, Piles Of Cash

Most Polluting Companies Makes Billions On Carbon Trade

Julian Assange: Journalist, Activist or Informant?

We Give You Merkel – You Give Us Batman


Europe: Cyber Criminals Attack Critical Water, Oil and Gas Systems

In Financial Markets, Health and Environment, International Econnomic Politics, National Economic Politics on 29.08.10 at 21:34

For the first time, Norwegian companies are being targeted by a new kind of computer attacks, aimed at critical social management systems, like water oil and gas supply systems. The attacks was first discovered in Germany and Belarus in June. Since then, at least 6000 infected computers have been confirmed.

“A malicious foreign power  – given €86 million, 750 people and two years to prepare – could launch a devastating cyber attack on the EU.”

Charlie Miller


This summer the Norwegian National Security Authority (NSM) discovered for the first time targeted computer attacks directed against internal process and control systems to ensure supply of electricity and water. Similar attacks was discovered in Germany and Belarus. EU’s cyber-security unit, ENISA, will in late October or early November carry out the first ever pan-European cyber security exercise.

According to the Norwegian newspaper, Aftenposten, the National Security Authority confirms that Norwegian companies have been attacked, but will not say which.

“It’s the first time we see this Trojans, specifically designed to take control of the process and control systems. We know that other companies are affected, besides the Norwegians,” Christophe Birkeland at the NSM says.

Malicious software that comes into these systems, stealing business critical information, and in worst cases, destroy or take over control of the systems. We know Norwegian companies have gotten this Trojan into some of their systems,” he says.

NSM emphasizes that it is not reported any injuries at the moment.

However, NSM are now sending out a new warning against what they perceive as a serious threat to a number of critical social actors in Norway:

* Government and the national institutions.

* Power producers and suppliers.

* The oil companies.

* Water supply and treatment plants.

* Transport companies.

Going For The Most Advanced

In the operational center of Hafslund in Oslo,  computers provide electric power for about 1.4 million people in the area.

The Hafslund central is one of the world’s most advanced power systems.

“We have also experienced attempts to hack into our office support systems. We are fully focused on this, and it is a very familiar problem,” information officer, Morten Schau, at Hafslund says.

Faximile: Aftenposten, paper edition 08292010.

Customized Trojan

Behind the seemingly innocent file name “% System% \ drivers \ mrxnet” is the malicious, and highly sophisticated,  computer virus “Stuxnet,” which this summer has been a hot topic amongst computer security experts.

The attacks may have been going on for many months before it was discovered in Germany and Belarus in June.

One of the many technical features is the fact that the Trojan hides itself very well. Since June, at least 6.000 computers have been confirmed infected by “Stuxnet”.

The cyber criminals have exploited vulnerabilities in Windows, but first in early August did Microsoft create a security update that plugged the hole.

Siemens System Infected

The attack has been directed towards a management system supplied by Siemens – Simatic WinCC.

WinCC is used to control everything from pizza ovens to oil platforms.

In Norway, the system is in use in at least 200 oil companies, power suppliers, and metal and food industries.

Siemens admits that 12 companies have been affected, but stresses that this is not its Norwegian customers.

“Those customers who were infected was quickly helped, and the problem is now fixed,” information officer, Christian Jahr, at Siemens says.

“What happened was that an employee has used a USB stick outside the office, or in other private places. This became infected with the virus, which is activated when used on a PC with WinCC installed. This goes to show that you have to be awake and updated to ensure the best security facilities possible,” Jahr says.

Who’s Fighting Who?

No one knows who is behind the attacks, or what country they come from.

Worldwide companies in Indonesia, India, Iran and the US are being hit the hardest.

There are also several different theories about what the goal is:

* Industrial Espionage.

* Blackmail.

* Sabotage attempts.

The most important way to protect themselves is to make absolutely watertight bulkhead between the data networks used to control machines, and computer systems used for communication with the outside world, according to the experts.

One must also prevent careless use of memory sticks and other USB devices.

Previously, both the police, governments, health institutions, banks and industrial companies have been hit by computer criminals.

Able To Crash The Whole EU

A malicious foreign power – given €86 million, 750 people and two years to prepare – could launch a devastating cyber attack on the EU, a US security expert says.

Charlie Miller, a mathematician who served for five years at the US’ National Security Agency stress-testing foreign targets’ computer systems and designing network intrusion detection tools,” calculated the EU scenario on the basis of a more detailed study of US vulnerability.

This is how it can be done:

Got 100 Million Dollar?

The assault would begin with a member of staff at, say, the London Stock Exchange or the French electricity grid operator, RTE, opening a PDF attachment in an email which looks as if it had been sent by a colleague.

Take down the EU, or buy a famous piece of art? (The price tag is about the same).

The PDF would contain software enabling a hacker on a different continent to silently take over his computer.

Over time, the hacker would monitor the employees’ keystrokes, sniff out passwords, and use the information to take over computers higher up the command chain, eventually putting him in a position to switch off the target’s firewalls, leaving it open to DOS (Denial of Service) attacks, and to install RATs (Remote Administration Tools), which control its hardware.

Around 18 to 21 months down the line, with enough targets compromised, the assault could take place, the EUobserver.com writes.

The EU 27 countries would wake up to find electricity power stations shut down; communication by phone and Internet disabled; air, rail and road transport impossible; stock exchanges and day-to-day bank transactions frozen.

Crucial data in governments and financial institutions are scrambled and military units at home and abroad cut off from central command or sent fake orders.

Normal life could be restarted in a few days’ time. But the damage done to administrative capacity, consumer confidence and the economy by loss of vital data would last for years.

Mr Miller says the bulk of the money –  €83 million ($105 million) would be used to pay an army of 750 hackers, with just €3 million spent on hardware – a testing lab with 50 computers, another two computers each per hacker and assorted smart-phones and network equipment.

* 100 million dollar are just small change for some of our current dictators and drug barons.

* You can win a 100 million dollar at one single game of poker in Las Vegas.

* You can earn 100 million dollars in one year as a  commodities trader at Citigroup.

* 100 million dollar is what Tiger Woods paid for his divorce settlement.

Money won’t be a problem, but organizing the the right people for the operation might be.

Army Of Hackers

An elite corps would consist of 20 world class experts whose main job would be to find “0-day exploits” – previously undetected security gaps in popular software such as Windows, Java or Adobe.

The experts would have to be paid a small fortune –  over €200.000 ($250.000) – each a year.

Or extorted, Dr. Miller adds.

Another 40 people, drawn from the enemy country’s secret services or recruited inside EU member states, would get inside “air-gapped” facilities – the most secure targets, such as military command structures or air traffic control bodies, which are physically cut-off from the Internet in order to prevent cyber attacks.

When the time came, the agents would un-airgap targets by connecting them to the Internet via 3G modems and satellite phones.

The rest of the cyber army, 690 people, mostly computer science graduates and post-graduates from inside the hostile state, would use the 0-day exploits to take over target networks.

They would also collect, maintain, create and test “bots” – software which secretly uses computers in ordinary people’s homes to run automated tasks, such as DOS attacks, which bombard target systems with overwhelming amounts of data.

The final assault would require 500 million bots in diverse locations, according to the calculations.

Dr. Miller, who currently works for the Baltimore, an US-based company, Independent Security Evaluators, admits that internet scare stories like this helps his firm to get business.

But he also underlines that classic intelligence gathering is the best line of defense, rather than hiring IT experts.

“It’s really hard to defend against an attack that’s well equipped and carried out by smart people. But you do have years to detect it before it happens. If you have an elaborate intelligence gathering network you could detect it, not technically because you can see it, but because you have human intel,” he says.

“If you want to spend your money well, spend it on your intelligence services.”

Here’s a copy of  the US National Security Agency stress testing of US and foreign computer systems.

EU’s First Cyber War Exercise

The threat of cyber war against EU targets became clear on 27 April 2007 when hackers crashed Estonian online news agencies with DOS attacks in the middle of an Estonia-Russia political dispute.

The assault gathered pace over the next three weeks disrupting online banking services and government communications.

Three and a half years down the line there is no hard evidence linking the attack to a foreign power, although activists in the pro-Kremlin youth group, Nashi, claim to have taken part.

“If these cyber attacks were used to test the Estonian cyber defense capabilities, much more sophisticated attacks could possibly follow, based on the knowledge acquired during the attacks,” a report on the 2007 events by the Estonian government’s Computer Emergency Response Team says.

NATO and EU countries are now putting more resources than ever into joint cyber-security projects.

EU’s cyber-security unit, the Crete-based European Network and Information Security Agency (ENISA), will in late October or early November carry out the first ever pan-EU cyber security exercise.

ENISA spokesman, Ulf Bergstrom, says the exercise will look at disrupting normal internet operations in the EU’s internal market and the way EU member states’ authorities co-operate across the union’s internal borders.

Mr Bergstrom notes that ENISA’s initial mandate, which covers security of e-commerce, online banking and mobile phones, is being expanded to cover cyber criminality.

“We have been given political signals, for example by information society commissioner Neelie Kroes, to work more closely with agencies like Europol and Interpol,” he says.

“Cyber security is vital for the economy of Europe, to protect the businesses and operations of ordinary citizens. This is the digital society that we take for granted, like water out of the tap, which we need to defend.”

Related by the Econotwist:

Hackers Steal CO2-emission Permits Worth $4bn

Another Carbon Fraud Raid Reveals Firearms, Piles Of Cash

Most Polluting Companies Makes Billions On Carbon Trade

Julian Assange: Journalist, Activist or Informant?

We Give You Merkel – You Give Us Batman

*

Keep your confidential data from falling into the wrong hands.

Quantifi Risk Analysis Software Takes Another Bite

In Quantitative Finance, Trading software on 07.07.10 at 21:36

Quantifi XL has been selected by OFI Asset Management for the pricing and analysis of its structured products and distressed market portfolios.

“Quantifi analytics has empowered us to streamline the pricing and analysis of our structured credit portfolio.”

Guillaume Launay


OFI, a European firm with more than €22 billion of assets under management, says it made its decision based on the analytic platform’s ease of use, transparency, speed, sophistication, and support, Structured Finance News writes.


“Quantifi analytics are particularly powerful and flexible, and we highly value the robust functionality, which has empowered us to streamline the pricing and analysis of our structured credit portfolio,” says Guillaume Launay, head of structured credit at OFI.

“Quantifi XL is now considered to be an integral component within our structured credit business and has allowed us to enhance the manner in which we monitor and control our risk.”

“Acquiring OFI Asset Management as a client adds to the diversity of our expanding client base,” Quantifi CEO Rohan Douglas says.

“We have been extremely successful in adding clients across Europe in the asset management sector, and I am delighted that we have the opportunity to work closely with one of the leading asset management firms in France.”


Quantifi XL provides various add-in functions for Excel.

It provides financial institutions with access to pricing and risk analysis of credit products from within Microsoft‘s Excel.

Enhanced by Zemanta

Top Stock Picker Beats Market by 167%

In Financial Markets, National Economic Politics, Views, commentaries and opinions on 16.12.09 at 20:45

Head of Research Stig Myrseth at Orion Securities  has won the prize of  “Stock Picker of the Year 2009″ in Norway six years in a row. This year he’s made his best result ever – increasing the value of his stock portfolio by wooping 167%, compared to the OSE benchmark index’ gain of 64,5%.

“It remains to be seen how sustainable the current cyclical upswing is, and the danger of a new setback when fiscal policy must be tightened in 2011, is not insignificant.”

Stig R. Myrseth

Stig R. Myrseth, head of reaserch, Orion Securities

Mr. Myrseth use macro strategies, and his speciality is to recognize small undervalued companies with a big upside potential. He describes himself as a “gold digger”.

And golden shares he finds.

Mr.Myrseth writes in his latest research note:

“At this time a year ago the situation was fairly simple and to survey. The overriding question was as follows: Will the government’s massive stimulus real or are we facing a complete collapse of the capitalist system? Those who answered yes, bought the shares and have been richly rewarded for it, while those who answered no, stayed away from the stock market and bet instead on canned food, gold coins and firearms. At the beginning of 2010, the situation is far more complicated. A maximum of stimulating monetary policy has inflatert asset prices and brought the pricing of stocks back to historical average levels. Moreover, the future economic path uncertain. It remains to be seen how sustainable the current cyclical upswing is, and the danger of a new setback when fiscal policy must be tightened in 2011, is not insignificant. At the same time monetary policy in stimulating such a great extent that it creates fertile ground for speculation and new bubbles. Perhaps the equity and commodity markets continue ascension and shoot far above its fundamental equilibrium level, supported by the last year’s tripling of the base money supply in the United States? Where the road goes on, can hardly known with certainty. Our qualified guess is that the main trend in the stock market currently is sideways. A decreasing width of the staircase is a fatigue character. At the same time limiting the downside of an explosive liquidity climate.”


Here’s Norway’s best stock picker’s recommendations at Oslo Stock Exchange for the next month:


Fairstar – well positioned to win large contracts

· Fairstar is a Rotterdam-based offshore company, which has two modern heavy transport vessel, Fjord and Fjell.

· Tungtransport market has been weak this year, and this is expected to be the case in the next few quarters as well. The main problem is a surplus of tonnage caused by many converted tankers compared with reluctant oil companies.

· Despite challenging market conditions we are pleased Fairstar for two reasons.

· Firstly seems Fairstar with its modern and specialized vessels to be well positioned to win the long-term contracts at favorable rates in connection with several large development projects, including the giant Gorgon LNG project in Australia. A contract awards in connection with the latter may already this month and will then be a great price trigger.

· Then think Fairstar pretty low rated, even if sober assumptions be used. This is made manifest by a DCF value of 14.1 per share subject to a utilization of 70% and the rate of $ 70.000/dag. In comparison guides lead a utilization of 80% and the rate of $ 80.000/dag.

· The key figures are also attractive with a price / book-factor of 0.9 and P / E of 4.8 for this year falling to 4.6 next year.

· The main risk in Fairstar is that the contract coverage for next year so far is only at 30%. Fairstar need a contract coverage of at least 60% to rates of at least $ 60.000/dag to avoid liquidity problems.

· Although the risk is significant, rather we are against that risk / reward ratio is favorable in the stock. We therefore recommend the purchase and see a significant upside in any contract awards.



Opera – the global leader in the industry in a strong mega trend

· Opera Software is global market leader in browsers for mobile phones with a market share of 26.5% according to StatCounter.

· Terms of profit, the company is in a bad period as a result of a shift in strategic focus away from mobile phone manufacturers and to telecom companies. The cost this year will grow faster than revenues.

· We do, however, against the prevailing weakness is transitory and that the Opera’s new strategy will bear fruit in the longer term.

· This is supported by the fact that the company has signed several major contracts in the past indicating that demand remains strong.

· The positive image is supported by two insider purchases this month. Among other things, bought a board member shares for 1.25 million Euro to price 16.73. The person owned no shares previously.

· The past month downturn in the stock price also makes the site increasingly emerging as a oppkjøpskandidat. acquisition candidate. Of potential overtakere include Google and Microsoft. These are increasingly interested in technology and market position over the short-term profit growth.

· With a market capitalization of only 2.1 billion appears to Opera as a relatively cheap entry for industrial players who want a strong position in the market for browsers on handheld devices.

· As a result of the prevailing pressures on margins are not the key figures in the Opera typically attractive in short to medium term. It may be mentioned that the P / E is at 43 for 2010 falling to 16 in 2011.

· DCF suggests, however, that the stock is underpriced and pointing at a price of 23. Up there it is 32%.

· DCF along with the global market leadership, acquisition opportunity and an industry that is in a powerful mega trend means that we will land on a buy recommendation.


RCL – estimates and share price going up this winter

· The U.S. economy is improving slowly but surely. This is good news for RCL, as the company is entirely dependent on the American consumer.

· As a result of some price increases along with continued strong cost control, we expect that the EPS is picking up from $ 0.70 in the year to $ 1.87 next year. In comparison awaits a consensus EPS of $ 1.43 next year.

· We believe that consensus is too pessimistic and that the estimates together with the share price will pull up over the winter. Of factors that can contribute to this, particularly mentioned Carnival’s quarterly report in December.

· DCF flashes RCL as cheap since it implies a share price of 175

· The positive image is supported by key figures. A price / book-factor of 0.8 is low for a company in doupolaktig market with high barriers establishment. A 2010-P / E of 13.7 is not demanding for a deep cyklic company on the rise.

· The main risk in RCL posed by the American consumer and the price of oil.

· The last week, however, oil prices fell sharply, and it reinforces our faith in the stock.


REC – world record confirms strong technological position

· REC announced Friday that the company in collaboration with ECN has produced the world’s most efficient solar panels multikrystalline with an efficiency of 17%. Den The previous record was 16.5%.

· This news is positive because it shows that the REC still have a strong technological position in an industry where innovation is the most critical success factor in the long term.

· UN climate conference in Copenhagen ends this coming Friday. We note that several key State leaders, including President Obama, have changed their plans and will come to Copenhagen on Friday. This increases the likelihood that the conference will lead to something constructive.

· When it comes to the market conditions, may be mentioned that the demand has picked up sharply since the summer. Consensus indicates a growth in installed capacity of 40-60% in 2010 followed by a corresponding growth in 2011-2013.

· Although it still is likely to be overcapacity in soli industry in 2010, we believe that this is already inndiskontert in share prices.

· REC appears to be cheap in relation to our estimates. Compared with the industry traded stock with a discount of 11% rated out from 2010-2011-multiples. Furthermore, DCF suggests a share price of NOK 60.

· The key figures are not a deterrent. A price / book-factor of 0.4 and 2010-P / E of 18 is attractive for a company with a strong technological and market position in perhaps the world’s most promising growth industry.

· Keep in mind however, that the REC is not without risk. It relates substantial risk to both the long-term contracts as well as expansion projects that Singapore factory and Silicon III (Moses Lake).


Simrad – the strong order intake continues

· Simrad is a global niche supplier of electro-optical instruments, weapon improvement systems, vehicle systems and remote control systems for the defense sector.

· Company announced Monday about an order of 91 million from Kongsberg Gruppen. With this in place has Simrad an order book that covers more than one year’s estimated revenue.

· In light of the strong order situation appears not our estimates indicate a turnover growth of 12% next year as particularly aggressive.

· In the longer term, we expect that the Simrad strong capacity for innovation will ensure that the company has a growth rate well above the average in the defense industry.

· With a P / E of 8.7 for this year falling to 7.1 next year appears Simrad as one of the cheapest growth companies on the Oslo Stock Exchange.


· DCF implies a share price of 7.20. Relative pricing also flashes the stock as attractive. Add Kongsberg Gruppen its multiples as a basis, defense Simrad a share price of NOK 6,60 – 6,80.


· With an upside of 38-51% depending on the valuation method used, we recommend the difficult but the purchase of Simrad.

Orion Securities

Oslo Stock Exchange


Reblog this post [with Zemanta]

Michael Milken Warns Against Sovereign Debt

In Financial Markets, International Econnomic Politics on 06.11.09 at 22:41

In the 80’s U.S. investors lost $1 trillion in sovereign loans, but investors continue to believe these assets aren’t risky, Mr. Michael Milken, chairman of Milken Institute,  told investors at a conference in New York thursday. According to Mr. Milken souvereign debt can be 200% more risky than ordinary lower rated industrial bonds.

” This dramatic example tells us that people in senior positions, such as those in the Fed and run major banks, make statements that are just 100% false.”

Michael Milken

(Article in Norwegian)

micheal-milken.jpg

Kanskje er Credit-default Swaps den beste investeringen i tiden fremover? I hvert fall hvis vi skal tro styreformann Michael Milken ved Milken Institute. Statsobligasjoner kan ha 200% høyere risiko enn de industrielle, advarer han.

Under Imperial Capitals tredje Global Opportunity Conference torsdag ga den anerkjente finanseksperten Mihael Milken investorene råd om hva de bør være forsiktige med i tiden fremover.

Milken poengterte at selv om den amerikanske finanssystemet nærmest imploderte i 2008, hadde som verden som helhet den tredje største verdiskapningen i historien (etter årene 1999 og 2007), skriver The Wall Street Journal.

USA ikke lenger sentrum

– Hvis du ser på Øst-Europa, Sør-Amerika og Asia er det land som hadde en veksttakt på 100 prosent i fjor. Det er ikke rart at disse landene har litt problemer med nyhetsoverkriftene fra Amerika. USA er ikke lenger solen, eller sentrum i solsystemet, vi er kanskje Jupiter, sier Milken.

Men det var ikke USAs posisjon i verdensøkonomien som var budskapet; det var investeringer, lån og kreditt.

Dårlig butikk

Michael Milken mener det i hovedsak er fem forhold i det amerikanske finanssystemet som førte til krisen.

– Når jeg var på Wall Street, hadde jeg sjelden en belåningsgrad på mer enn 3 til 1, eller 4 til 1. Jeg hadde aldri hørt om en belåningsgrad (leverage) over 10 til 1. Men i USA er dt selskaper som har en belåningsgrad på 100 til 1. Det er ikke god butikk i mine øyne, understreker Milken.

Boliglån er ikke obligasjoner

– Verdien på eiendom kan stige inntil 70 år, og i perioder falle fem år i strekk. Det har skjedd før. På 80-tallet hadde vi fem, seks smertefulle år som forårsaket konkurser og fusjoner i så å si hver eneste finansinstitusjon i flere stater. I Huston falt boligprisene 40 prosent på fem år.

Milken advarer investorene mot å tro at boliglånsrelaterte verdipapirer, som for eksempel CDO-er (Collateralized Debt Obligation) er det samme som en obligasjon.

– Hvis du er en investor som kjøper eiendomspapirer som er sikret i boliglån og antar at den eneste måten du kan tjene på er hvis boligprisene går opp, er det vanskelig i vite hva slags investeringskategori dette er. Gjelden er avhengig av verdien på eiendommen som selskapet som selger verdipapirene ikke kan garantere, påpeker han.

Renter er uberegnelige

– Jeg har ennå ikke møtt noen av betydelig formue som har tjent penger på å gjette hvilken vei rentene går, forteller han og understreker at renten er både volatil og uberegnelig.

Noe som gjøre gjeldspapirer enda mer risikable, er at ratingbyråenes graderinger er villedende.

– Jeg tror ikke det hadde vært noen finanskriser hvis ikke det hadde vært for ratingsystemet, sier Milken og viser til at det i øyeblikket bare er fire selskaper i USA som har AAA kredittrating, (Microsoft, ADP, ExxonMobil og Johnson & Johnson), men at det helt frem til i fjor var 17 000 industrielle obligasjoner som hadde trippel-A rating fra Standard & Poor’s.

– Hvordan kan man miste en trippel-A rating? Vel, for det første var ikke disse selskapene trippel-A selskaper. For det andre kan man låne mot disse papirene og skape et nytt verdipapir sikret med en portefølje av boliglån som fremdeles har trippel-A gradering. Det er ikke noe nytt, men hvis du sjekker historien vil du for eksempel se at dobbel-A papirer har en misligholdsgrad som er 200 prosent høyere enn en vanlig industriell B-gradert obligasjon, opplyser Milken.

Statsgjeld er farlig

Det er ikke noen stor diskusjon i markedet i dag, og var heller ikke årsaken til finanskrisen, men statlig gjeld er blant de mest risikable investeringene som finnes, hevder finanseksperten.

– På 80-tallet ble investorene fortalt at ingen noensinne har tapt på å låne penger til en stat. Men USA fikk bare tilbake 30 prosent på et obligasjonslån til Polen. Tapene på investeringer i utenlandske statsobligasjoner var på til sammen 1 000 milliarder dollar i de årene. Men investorer hevder fremdeles at disse papierene ikke er risikable.

– Dette dramatiske eksempelet forteller oss at folkene i ledende posisjoner i dag, som for eksempel dem i Federal Reserve som driver de største bankene, kommer med uttalelser som er 100 prosent falske, styreformannen i Milken Institute.

Les hele referatet fra Milkens innlegg på investorkonferansen i New York her.