Google is starting to roll out Android 14 Beta 5 today. Which is the last planned beta for Android 14, meaning that this should be pretty stable. This is the third release in the Platform Stable release for Android 14. So there’s not a lot of changes here, most of the changes are making the OS more stable.
This means that the developer APIs are final, and all app-facing behaviors are final too. Developers can now start to integrate these changes into their apps and publish them onto the Google Play Store, targeting the SDK version 34, for Android 14.
You can still opt into the beta for Android 14, and if you were waiting for it to get pretty stable to join the beta, now is the time to do so. Or you could wait for the Android 14 rollout which is about a month away. It’ll likely be starting to roll out after Labor Day next month.
What’s new in Android 14?
Android is pretty mature these days, so there’s really not a whole lot of new features in this version of Android. A lot of the changes are pretty minor this time around. Of course, privacy and security has been reworked as usual.
Google is pushing out some new lock screen options, that will match your system color palette. Google has also rolled out the wallpaper features, or at least some of them. So Cinematic and Emoji wallpapers rolled out with the last feature drop, but AI-generated wallpapers are coming in Android 14. The system sharesheet is also getting a revamped with custom app actions and more informative preview results.
Android 14 is going to be rolling out to the Pixel 5 and later, next month. It is available for beta on all of those devices as well. So that includes the Pixel 5, Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Fold, and Pixel Tablet. Other OEMs will start to roll out Android 14 in the coming months.
The New York Times today reported on a website called The App Danger Project that was created by a computer scientist named Brian Levine who is at the University of Massachusetts Amherst. The site uses AI to scan reviews of social networking sites on the App Store and Google Play Store to evaluate the context of certain words and phrases used in these reviews including “child porn” or “pedo.” Levine says, “There are reviews out there that talk about the type of dangerous behavior that occurs, but those reviews are drowned out. You can’t find them.”
The website uses a Machine Learning algorithm to find apps that are flagged as being possibly dangerous to children because of the nature of the user reviews. The site is free and while Levine isn’t looking to monetize it for personal profit, he does seek donations to the University of Massachusetts to cover the cost of running the project.
Three apps that generated $30 million in revenue last year had multiple user reviews mentioning sexual abuse
Levine and 12 other computer scientists did some digging and discovered that out of the 550 social networking apps offered by the App Store and the Google Play Store, 20% of them had two or more complaints in their reviews about content that was characterized as “child sexual abuse material.” A whopping 81 apps had seven or more such complaints. Levine says that Apple and Google need to do a better job of giving parents information about such apps and policing their app storefronts to kick out such titles.
Hoop, one of the apps said to be unsafe to children by the App Danger Project, remains in the App Store and Play Store
As you probably know by now, Apple and Google take as much as 30% of the value of an in-app transaction. The Times, citing data from app analytics firm Sensor Tower, says that last year the two major app storefronts helped three apps generate $30 million in sales even though the trio had multiple user reports of sexual abuse. The apps were: Hoop, MeetMe, and Whisper.
The Justice Department, in more than a dozen criminal cases in various states, described the three apps as “tools” used by subscribers to ask children to send them sexual images or to meet with them. And some apps that are a danger to children remain in the App Store and Google Play Store according to a computer scientist named Hany Farid who worked with Mr. Levine on the App Danger Project.
Farid says, “We’re not saying that every app with reviews that say child predators are on it should get kicked off, but if they have the technology to check this, why are some of these problematic apps still in the stores?” A Google spokesman says that the company investigated the apps listed by the App Danger Project and found no evidence of child sexual abuse material. The Google spokesman said, “While user reviews do play an important role as a signal to trigger further investigation, allegations from reviews are not reliable enough on their own.”
Apple also investigated the App Store apps listed by the website and ended up kicking out 10 apps although it won’t reveal their names. “Our App Review team works 24/7 to carefully review every new app and app update to ensure it meets Apple’s standards,” said a company spokesman.
Snapchat is also on the App Danger Project list as being “unsafe for children.”
Hoop, one of the apps on the App Danger Project list as being a danger to kids, had 176 reviews out of the 32,000 posted since 2019 mention sexual abuse. One such review pulled from the App Store said, “There is an abundance of sexual predators on here who spam people with links to join dating sites, as well as people named ‘Read my picture.’ It has a picture of a little child and says to go to their site for child porn.”
The App Danger Project says Snapchat is unsafe for children
The app, now under new management, says it has a new content moderation system making the app safer. Liath Ariche, Hoop’s chief executive, noted that the app has learned how to deal with bots and malicious users. “The situation has drastically improved,” he says. MeetMe parent The Meet Group told the Times that it doesn’t tolerate abuse or exploitation of minors and Whisper did not respond to requests for comment.
It should be noted that apps like WhatsApp and Snapchat are also on the App Danger Project website, both listed as being “unsafe for children.” One could argue that the App Danger Project is being too sensitive, but when it comes to children many would answer that zero tolerance is the only way to protect the children.
The Google Play Store is home to all the most modern games for modern audiences. But you’re not looking for that; you’re looking to relive those memories of staying up past your bedtime playing video games back in the 80s or 90s. While those days are gone, they’re not really gone. Here’s a list of the best Retro games you can play on your Android device.
This is a list of games that transport us back through time. They’re either re-releases of classic games or modern games that strive to give a classic feeling. These include pixelated games. Be sure to check back to see more titles added each month.
DRAGON QUEST I
Download Cost: $2.99
In-App Cost: None
Size: 31MB
Google Play Rating: 4.5 stars out of 5
One of the games that defined the RPG genre, Dragon Quest is a franchise that’s still relevant today. If you want to relive playing the original game, or if you want to experience it for the first time, well there’s good news. The original Dragon Quest is available on the Play Store.
This game was re-released by Square Enix, the original developer, and it’s been rebuilt from the ground up to work on mobile. You’ll use the on-screen joystick and buttons to control the characters and do battle. It will take a little getting used to if you’re used to playing the original. However, you’ll get the hang of it.
You play games, but what if you want to actually make them? In Game Dev Story, this is exactly what you’ll do. While Game Dev Story is a pretty old game itself, it’s not exactly a 90s title. However, the pixelated graphics and limited animations give you that classic game feeling. It reminds you of the 16-bit games on the Sega Genesis and Super Nintendo.
In this game, you’ll create your own game dev studio and get to work making your games. When you start a project, you’ll choose the platform/console you want it on, then you’ll start choosing the genre, game type, and the aspects you want to focus on. After that, you’ll choose an artist, writer, and composer for the game. Lastly, you’ll finish up by naming the game and fixing the bugs.
You’ll focus on other aspects of running a gaming studio. You’ll hire and train staff, attend conventions, keep an eye on which gaming platforms are still relevant, and do side jobs to earn more money. Also, as you play, you’ll move to bigger game studios.
The world has not moved on from good old 8-bit graphics. Pocket Trains is a fun and relaxing game where you manage your own train empire. If you’re a fan of retro graphics, then you’ll like the 8-bit graphics that are in the game. While they’re 8-bit, they still look really nice.
The point of this game is to grow your train empire by delivering packages to different cities around the world. You’ll start off with a handful of trains in the heart of Europe. You’ll use those trains to deliver packages to their designated locations. When you do, you’ll either earn money, bux (the premium currency), or crates (you’ll open those for parts to build and repair trains).
As you play, you’ll unlock more tracks and expand your empire. Also, you’ll build more trains that you can name and customize. It’s a fun and relaxing game to play and pass the time.
It doesn’t get much more classic than Tetris. We’ve seen this re-released about a thousand times, and the mobile market is no different. Right now, you can download the official Tetris game on the Google Play Store. While it’s the classic game, it’s been modernized with newer graphics and some new mechanics.
While this is a game that needs no introduction, here’s a quick rundown. You’ll see an empty column, and there will be blocks slowly dropping to the bottom. As they fall to the bottom, they’ll stack up. What you need to do is make sure that you make complete rows of the blocks. When that happens, you’ll see those rows disappear. You’ll need to make as many complete rows before the blocks reach the top. It’s almost 40 years old, and the gameplay still hasn’t changed.
This is a game that’s survived the test of time, and you can have it on your phone/tablet for only $2. Sonic 2 was one of the most memorable games on the Sega Genesis. The sequel to the smash hit Sonic The Hedgehog (the game that single-handedly saved the Sega Genesis), Sonic 2 takes Sonic and Tails through 11 zones with boss battles at the end of most of them.
This was the first game to use the classic spin dash, and it broke boundaries with its faux-3D special stages. It’s still as fun today as it was back in 1992. If you’re feeling nostalgic, you should pick it up.
Whether you were playing this game in the arcades in the 80s or as a port in later decades, Pac-Man still remains one of the most famous classic games in the world. While not many of those arcade cabinets still stand, you can still experience this game. Pac-Man is live on the Google Play Store. We’re not talking about a remake or rip-off. This was posted by Bandai-Namco itself, the company that owns the rights to this game.
Since this is the original game, the gameplay is the exact same. You’re collecting pellets, avoiding ghosts, and wracking up a high score.
We all remember the torment of going onto the family computer and trying to figure out how Minesweeper worked. Many of us still feel bad about killing that poor yellow guy on the top of the window. Well, there are those of us who still want to re-experience and finally beat this guessing game.
You’ll start by picking one space. When you do that (if it’s not a mine, that is), you’ll see a seemingly random assortment of numbers appear on the board. Those numbers represent the number of adjacent blocks that are mines. You’ll need to use your power of deduction to side-step all of the potential mines.
You might not be familiar with the name Gameloft, but you’re most likely familiar with one of this company’s most popular games Asphalt 9: Legends. Well, the company has been around since 1999, and it has a library of classic games that it made before it became a mobile game empire.
To commemorate its 20th year anniversary, the company released a collection of its older games. It’s a launcher that you can use to play a plethora of Gameloft hits. These include games like the original N.O.V.A and Modern Fight. You can switch between these games and play them at your fancy.
The Way Home is a modern-day rogue-like that has the pixelated art style of a classic game from the 90s. Not only are the graphics pleasantly archaic, but the music and sound effects also have that classic sound.
In this game, you’re stranded on a strange island, and you’re trying to make your way back home. While you’re on the island, you’ll encounter different strange creatures that you need to fend off. You’ll do this while you’re gathering materials to craft the essentials you need to survive. It’s a great game to play if you’re looking for some light nostalgic fun.
This one is for all you sports fans out there. Retro Bowl, as the name indicates, is a retro football game that lets you create and manage your own football team. You get a classic pixelated look with the 8-bit-style graphics.
This isn’t as much a football simulator as it is a football manager simulator. So, you won’t take direct action in the matches. You will see a sped-up version of the matches so that you can see how they go. Rather than playing in the matches, you’ll be managing your team. Tasks include choosing and managing your roster, managing the finances, choosing the games you’ll play, etc. It’s a very behind-the-scenes type of game.
Microsoft has announced patches for 87 vulnerabilities this month, including two that are being actively exploited.
August’s Patch Tuesday is a lot quieter than it was last month, when Microsoft patched a whopping 130 vulnerabilities. That number went down to 87 this month but it does include two actively exploited vulnerabilities.
Let’s start by looking at those two:
CVE-2023-38180 (CVSS score 7.5 out of 10): a .NET and Visual Studio Denial of Service (DoS) vulnerability. Although there is a Proof of Concept (PoC) available to exploit this vulnerability, Microsoft notes that the code or technique is not functional in all situations and may require substantial modification by a skilled attacker, probably because the attacker would need to be on the same network as the target system.
CVE-2023-36884 (CVSS score 7.5 out of 10): a Windows Search Remote Code Execution (RCE) vulnerability. We discussed it last month in detail when Microsoft offered mitigation advice. The CVSS score and scope of the vulnerability have been changed since then. Microsoft has issued a security advisory about this and recommends installing the Office updates it discusses, as well as installing the Windows updates from August 2023..
Other vulnerabilities that deserve some attention are six vulnerabilities in Microsoft Exchange Server including:
CVE-2023-21709 (CVSS score 9.8 out of 10): a Microsoft Exchange Server Elevation of Privilege (EoP) vulnerability which could allow an attacker to login as another user. In the FAQ about the vulnerability Microsoft says that additional steps are needed to protect against this vulnerability.
In addition to installing the updates a script must be run. Alternatively you can accomplish the same by running commands from the command line in a PowerShell window or some other terminal.
Follow these steps:
(Strongly recommended) Install Exchange Server 2016 or 2019 August SU (or later)
Do one of the following:
Apply the solution for the CVE automatically on your servers, run the CVE-2023-21709.ps1 script. You can find the script and the documentation here: https://aka.ms/CVE-2023-21709ScriptDoc.
or
Apply the solution for the CVE manually on each server, by running the following command from an elevated PowerShell window:
Although Microsoft recommends installing the security updates as soon as possible, running the script or the commands on a supported version of Exchange Server prior to installing the updates will address this vulnerability.
Other vendors
Other vendors have synchronized their periodic updates with Microsoft. Here are few major ones that you may find in your environment.
The Galaxy Z Flip 4 was a rather iterative update over the Flip 3, but the Galaxy Z Flip 5 did change things up a bit. It delivers a really nice new cover screen, in addition to some other improvements. In this article, we’ll compare the Samsung Galaxy Z Flip 5 vs Samsung Galaxy Z Flip 3. We’ve already compared Samsung’s latest clamshell foldable with the Galaxy Z Flip 4, in case you’re interested in checking that out.
As per usual, we’ll first list the specs of both smartphones, and will then get down to business. We’ll first check out their designs, and then move to their displays, performance, battery life, cameras, and audio performance. This comparison will hopefully help you reach a purchasing decision. That being said, let’s get started.
Specs
Galaxy Z Flip 5 & Galaxy Z Flip 3, respectively
– Screen size (main): 6.7-inch fullHD+ foldable Dynamic AMOLED (120Hz, HDR10+, 1,750 nits) 6.7-inch fullHD+ foldable Dynamic AMOLED (120Hz, HDR10+, 1,750 nits) – Screen size (cover): 3.4-inch Super AMOLED (60Hz) 1.9-inch Super AMOLED (60Hz) – Display resolution (main): 2640 x 1080 – Display resolution (cover): 720 x 748 260 x 512 – SoC: Snapdragon 8 Gen 2 for Galaxy Qualcomm Snapdragon 888 – RAM: 8GB (LPDDR5X) 8GB (LPDDR5) – Storage: 256GB/512GB/1TB (UFS 4.0) 128GB/256GB (UFS 3.1) – Rear cameras: 12MP (wide, OIS, PDAF, f/1.8 aperture, 1.8um pixel size), 12MP (ultrawide, 123-degree FoV) 12MP (wide, OIS, PDAF, f/1.8 aperture, 1.4um pixel size), 12MP (ultrawide, 123-degree FoV) – Front cameras: 10MP (f/2.2 aperture, 1.22um pixel size) 10MP (f/2.4 aperture, 1.22um pixel size) – Battery: 3,700mAh 3,300mAh – Charging: 25W wired, 15W wireless, 4.5W reverse wireless (no charger) 15W wired, 10W wireless, 4.5W reverse wireless (no charger) – Dimensions (unfolded): 165.1 x 71.9 x 6.9 mm 166 x 72.2 x 6.9 mm – Dimensions (folded): 85.1 x 71.9 x 15.1 mm 86.4 x 72.2 x 15.9-17.1 mm – Weight: 187 grams 183 grams – Connectivity: 5G, LTE, NFC, Wi-Fi, USB Type-C, Bluetooth 5.3 5G, LTE, NFC, Wi-Fi, USB Type-C, Bluetooth 5.1 – Security: Side-facing fingerprint scanner – OS: Android 13 with One UI Android 11 with One UI (upgradable) – Price: $999 No longer available – Buy: Amazon No longer available
Samsung Galaxy Z Flip 5 vs Samsung Galaxy Z Flip 3: Design
Both of these phones fold right down the middle, and both of them have flat sides with chamfered edges. On top of that, you’ll also find a centered display camera hole on the main display of both phones, while the bezels are quite thin on both too. The Flip 5’s main display does feel a bit better to use, it doesn’t feel as plasticky, it’s hard to explain. The crease, however, is equally bad on both, pretty much.
So, what’s changed? Well, the Galaxy Z Flip 5 does fold flat unlike the Galaxy Z Flip 3. It’s also thinner in addition to that. The biggest change, however, is that cover display. The one on the Galaxy Z Flip 5 is much larger, and it has a folder icon shape. It’s much more useful than the tiny cover display on the Galaxy Z Flip 3. The two phones also have a different camera orientation on the back, mainly due to different display types.
These two phones are about the same height, and the same goes for width, and thickness in unfolded form. The Galaxy Z Flip 5 is thinner when folded. Both smartphones are IPX8 certified for water resistance, while the Galaxy Z Flip 5 offers better cover display protection, and the same goes for its glass backplate. The Galaxy Z Flip 5 is a bit heavier, but not by much, that’s not even a difference you’ll feel. Both phones are quite slippery, and both feel really nice to hold and use.
Samsung Galaxy Z Flip 5 vs Samsung Galaxy Z Flip 3: Display
There is a 6.7-inch fullHD+ (2640 x 1080) main display on the Galaxy Z Flip 5. That is a Foldable Dynamic AMOLED 2X panel with a 120Hz refresh rate. It supports HDR10+ content, and gets up to 1,750 nits of peak brightness. The cover display on the phone measures 3.4 inches, and it offers a 720 x 748 resolution. That is a Super AMOLED display with 306 ppi, and Gorilla Glass Victus 2 protection.
The Galaxy Z Flip 3, on the other hand, has a 6.7-inch main display. That is a Foldable Dynamic AMOLED 2X panel with 120Hz and HDR10+ support. It has a resolution of 2640 x 1080, and its brightness goes up to 1,200 nits. The cover display on the Flip 3 measures 1.9 inches, and offers a resolution of 260 x 512 pixels.
Both displays are better on the Galaxy Z Flip 5. The main display does get considerably brighter when needed, while it also feels sturdier in a way. The cover display on the phone is much larger than the one on the Galaxy Z Flip 3, and thus much more useful. With just a little bit of tweaking, you can get it to run basically any app, like it would on the main display. Displays on both are quite vivid, and offer good viewing angles, and deep blacks. They’re also more than sharp enough.
Samsung Galaxy Z Flip 5 vs Samsung Galaxy Z Flip 3: Performance
The Snapdragon 8 Gen 2 for Galaxy fuels the Galaxy Z Flip 5. Samsung also included 8GB of LPDDR5X RAM on the device, along with UFS 4.0 flash storage. The Galaxy Z Flip 5, on the other hand, is fueled by the Snapdragon 888 SoC, and it includes 8GB of LPDDR5 RAM, along with UFS 3.1 flash storage. The Galaxy Z Flip 5 obviously has a more powerful SoC, and better RAM and storage modules.
Does that translate into better performance, though? Well, the Galaxy Z Flip 5 is snappier, there’s no escaping that fact. Is it a huge difference, well, no. The Galaxy Z Flip 3 still offers solid performance, but if you want the best of the best, upgrading is the move. When it comes to gaming, the Galaxy Z Flip 5 does handle itself much better with graphically-intensive games. If you don’t plan on playing those, however, both will do the job just fine.
Samsung Galaxy Z Flip 5 vs Samsung Galaxy Z Flip 3: Battery
There is a 3,700mAh battery included in the Galaxy Z Flip 5, while the Galaxy Z Flip 3 comes with a 3,300mAh unit. The Galaxy Z Flip 5 does have a larger outer display, but it also includes more power efficient components. In theory, it should offer better battery life. Does it, though? Well, the Galaxy Z Flip 3 didn’t exactly offer good battery life, so yes, the Galaxy Z Flip 5 does beat it. It actually offers rather good battery life.
We were able to get around 7 hours of screen-on-time on the Galaxy Z Flip 5, on most days. On the Galaxy Z Flip 3, however, around 5 hours of screen-on-time was the usual number. That’s quite a difference. Do note that your mileage may vary, though, of course. You’ll be using your phone differently, with different apps, and will have different signal strengths. There are also two displays here to take into account.
In terms of charging, neither phone will blow you out of the water, but the Galaxy Z Flip 5 does offer more in that regard. It supports 25W wired, 15W wireless, and 4.5W reverse wireless charging. The Galaxy Z Flip 3, on the flip side, supports 15W wired, 10W wireless, and 4.5W reverse wireless charging. Do note that neither device comes with a charger in the box, though.
Samsung Galaxy Z Flip 5 vs Samsung Galaxy Z Flip 3: Cameras
The Galaxy Z Flip 5 includes a 12-megapixel main camera (f/1.8 aperture, 1.8um pixel size, OIS), and a 12-megapixel ultrawide camera (f/2.2 aperture, 1.12um pixel size, 123-degree FoV) on the back. The Galaxy Z Flip 3, on the other hand, has a 12-megapixel main camera (f/1.8 aperture, 1.4um pixel size, OIS), and a 12-megapixel ultrawide camera (f/2.2 aperture, 1.12um pixel size, 123-degree FoV).
The Galaxy Z Flip 5 does have better camera performance, though that’s understandable. Samsung did not immensely improve the camera hardware in comparison, but it did issues some improvements to the main camera over the two generations. The images are a bit sharper now, while the overall performance is also better. The biggest difference can be noticed in low light, where the Galaxy Z Flip 5 handles itself a lot better.
The ultrawide cameras are far more similar in terms of performance than the main ones. That makes all the sense in the world considering their hardware. There is also a 10-megapixel selfie camera on both phones, and that part is also quite similar. Both do a good job in that regard, though chances are you’ll use the main camera on the Galaxy Z Flip 5, even for selfies, due to the size of its cover display.
Audio
You will find a set of stereo speakers on both of these devices. Both sets are tuned by AKG, and both perform solid output. They’re loud enough, and also detailed enough, but not amongst the best in the business.
There is no headphone jack included here, on either phone. That Type-C port that is included on both phones will have to serve you instead, as you can connect your headphones to both phones that way. If you prefer wireless audio, Bluetooth 5.3 is included on the Galaxy Z Filp 5, while the Galaxy Z Flip 4 offers Bluetooth 5.1 support.
July saw one of the highest number of ransomware attacks in 2023 at 441. At the forefront of these attacks is, once again, Cl0p.
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
July saw one of the highest number of ransomware attacks in 2023 at 441, second only to a record-breaking 556 attacks in May. At the forefront of these attacks is, once again, Cl0p.
In June, Cl0p shot to the top of the charts due to their use of a zero-day exploit in MOVEit Transfer, and the story in July is no different. Using the same vulnerability, the gang attacked an additional 170 victims in July—the second highest number of attacks by a single gang all year, just two shy of MalasLockers’ record in May.
Amidst all the Cl0p chaos, however, a familiar foe seems to be quietly waning: LockBit.
Known ransomware attacks by gang, July 2023
The LockBit gang is experiencing a steady four-month decline in the number of attacks it has carried out. Since April 2023, we’ve observed an average decrease of 20 attacks a month from the group. LockBit’s 107 attacks in April to 41 in July represents a 62 percent dip in activity.
We’ve seen a similar pattern from LockBit before, and it’s not unusual for ransomware gang activity to ebb and flow. Still, it’s worth mentioning that a suspected LockBit affiliate was arrested last month. At least LockBit’s July numbers, then, could be explained by them simply wanting to lay low for a bit.
When another LockBit suspected affiliate was arrested in November 2022, we also saw a similar historic low in activity from the group.
“Big game hunting” numbers
Research published in July by Chainanalysis showed that ransomware gangs raked in around $449 million from victims in the last six months. The driving force behind this huge number? Chainanalysis says it is “big game hunting.” the practice of targeting large, financially well-off corporations in order to secure the biggest possible payouts.
Chainanalysis also mentions an increase in payouts less than $1000, meaning smaller companies are still being targeted by ransomware gangs as well.
At around this same time last year, total payouts were slightly under $300 million—a difference of over $150 million.
One possible reason for this increase, says Chainanalysis, could be that because fewer and fewer firms are willing to pay the ransom, ransomware gangs are increasing the size of their ransom demands, the idea being to squeeze the most money possible out of the firms still willing to pay.
Malwarebytes’ own data suggests that the increase in payouts could also be a simple consequence of there being more ransomware attacks in general. From March 2022 to July 2022, Malwarebytes recorded a total of 1,140 ransomware attacks. From March 2023 to July 2023, we recorded a total of 2,130.
Likely, there’s a combination of factors at play here. Our logic goes as follows:
Bigger targets + greedier gangs + more ransomware attacks in general = Historically high payouts.
Known ransomware attacks by country, July 2023
Attacks on the US and UK are at a four-month high. Four-mouth trends on attacks in Italy, on the other hand, suggest that the country is a new regular in the monthly “Top Five” of most-attacked countries.
Known ransomware attacks by industry sector, July 2023
In an article published in October of last year, we speculated on the future evolution of ransomware and how, with the rise of double-extortion schemes, more and more gangs might pivot away from using encryptors entirely. Interestingly, new research last month by Huntress seems to support this idea—exemplified by the most active ransomware gang today no less.
In their massive zero-day exploitation sprees, Cl0p has apparently not deployed ransomware at all. Instead, the group has focused on simply stealing company data to then later use as leverage against victims.
This move represents a significant departure from the majority of top ransomware gangs, and it forces organizations to rethink the nature of the problem: i’s not about ransomware per se, it’s about an intruder in your network. The really dangerous thing is turning out to be the access, not the ransomware software itself.
Cl0p’s focus on exploiting zero-days for initial access is revolutionary on its own. Pairing this with a pure data-exfiltration approach could signal an even bigger paradigm shift in how ransomware gangs operate into the future.
The new API is a conduit for swift data dissemination, helping other cybercriminals instantly access and distribute the stolen information on the dark web. The overarching goal here —especially considering that ALPHV failed to seek a ransom from recently-breached cosmetics company Estee Lauder—seems to be to pressure victims to pay as stolen data reaches wider audiences.
Time will tell if the move pays off, but if nothing else, it signals cybercriminal desperation amid declining ransomware payments.
New players
CATCUS
CACTUS emerged in March 2023 as a fresh strain of ransomware, zeroing in on large-scale commercial operations. Last month, they published 18 victims on their leak site.
To infiltrate systems, this gang exploits well-known vulnerabilities present in VPNs. Once CACTUS operatives gain access to a network, they enumerate local and network user accounts and reachable endpoints. Following this, they craft new user accounts and deploy their ransomware encryptor. The uniqueness of CACTUS lies in their use of specialized scripts that automate the release and activation of the ransomware through scheduled tasks.
The CACTUS leak site
Cyclops/Knight
Though the underworld caught wind of Cyclops in May 2023, it’s only recently that evidence of their activities surfaced as new victims’ details appeared on their dark web portal. In addition, they’ve announced a shift in branding to “Knight.” Last month, they published 6 victims on their leak site.
This ransomware is versatile, capable of compromising Windows, Linux, and macOS systems alike. Cyclops stands out with its intricate encryption methodology, which mandates a unique key to decrypt the execution binary. Cyclops also comes equipped with a distinct stealer component designed to extract and transfer sensitive information.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
English Premier League teams Arsenal and Liverpool have made a big Google Pixel move. These teams have picked Google Pixel as their official smartphone ahead of the league. This is a big recognition for Google, although they are a top manufacturer in the smartphone industry.
With this partnership on the ground, all parties in question stand to gain a lot from one another. The football clubs will be able to earn a certain amount from ads that Google will run in the clubs’ stadiums during matches. The brand on its part will also benefit from the publicity the clubs’ provide, considering that they are very popular around the world.
Google will work with both the male and female teams of these clubs as their official smartphone partner. Pixel fans in England and around the world will be able to catch their brand on screen while watching an Arsenal or Liverpool game. Also, this partnership will enlighten more people about the features of Google Pixel devices, hence prompting them to make a purchase.
Google’s marketing strategy involves Arsenal and Liverpool Football clubs
Google’s latest partnership with Arsenal and Liverpool Football clubs will help promote their product. Just like every other partner with these clubs, this new one is a marketing strategy. This will help Google’s smartphone business grow in regions where these clubs have a certain amount of influence.
The choice of clubs here is also a very impressive one, as both clubs are part of the English Premier League’s big five. Last season Arsenal finished second place in the men’s league table with Liverpool trailing behind. For the women’s teams, Arsenal came in third place and Liverpool trailed behind again.
But a new season is starting, and both teams have new player signings and play strategies. In the men’s and women’s leagues, both teams look forward to a good season as they play to win the title. Part of the partnership deal involves a dedicated YouTube series for the Liverpool women’s first team.
Google will not be the first smartphone brand to move into a partnership with big football brands. In 2015 OPPO went into a partnership with Barcelona FC and so did Snapdragon with Manchester United last year. These partnerships will help the brands such as Google Pixel grow their fan base around the world, hence boosting sales.
Taking to its official website, Qualcomm proudly announces that its Snapdragon X75 chip is now a record holder. This modem chip currently holds the record for the fastest download speed on any mobile device. During its download speed tests, this device showed off a mind-blowing 7.5Gbps downlink speed.
At this speed, this new modem chip floors its predecessor as well as any other modem chip on the smartphone market. Currently, the Snapdragon X70 modem chip boasts 3.3Gbps in real-time usage. So the coming Snapdragon X75 chip is set for more than this download speed when it comes to flagship devices later this year.
This is a very impressive upgrade, one that Qualcomm is proud of, and it’ll also improve how consumers access the internet. However, its download speed is not the only area where this new modem is bringing notable upgrades. In this article, you’d get to find out places where this new modem is stepping up its game in the industry.
Asides from its download speed, the new Snapdragon X75 chip is the world’s first in other areas
To achieve this remarkable download speed, Qualcomm relied on the 300Mhz spectrum. This system runs on a single download connection with 1024QAM, four carrier aggregations, and four TDD channels. With this system combination, the new Snapdragon X75 chip is more efficient than its predecessor.
But aside from the faster download speed on this new modem chip, Qualcomm brings some other improvements. It highlights these improvements in three major areas, all bringing world’s first technology. The areas of improvement are the next-gen modem-RF system architecture, AI hardware acceleration, and better 5G performance and spectrum flexibility.
For its mmWave-sub6 modem-RF system architecture, the Snapdragon X75 is more efficient (cost and energy) and reduces board footprints. With this technology, OEMs can create better-performing 5G devices. Contributing to this improvement is the world’s first mmWave-sub6 converged transceiver and sensor-modem-RF solution for mmWave beam management.
In the AI department, this modem comes with the world’s first hardware accelerator for AI-enhanced 5G. This is an AI tensor accelerator that packs the 5G AI Processor Gen 2 and 5G AI Suite Gen 2 technology from Qualcomm. With all these features working together, the Snapdragon X75 chip offers massive AI improvements.
For better 5G performance, Qualcomm debuts the world’s first 256QAM 10CC mmWave solution. On the sub-6 GHz spectrum, it also brings the world’s first 5x carrier aggregation, 1024-QAM, and FDD UL-MIMO technology. With all these improvements coming, Qualcomm Snapdragon-powered devices will offer consumers a faster and more reliable internet connection.
Disney Plus appears to be looking into cracking down on password sharing, according to Disney CEO Bob Iger (via The Verge.) Details of the potential change were announced briefly during Disney’s most recent earnings call on August 9.
Iger says the plan is to start changing some of the policies later this year. But that doesn’t mean subscribers will start seeing the changes take affect at that time. Disney does plan to update subscriber agreements with “additional terms” and changes to sharing policies in 2023. But It won’t be looking to monetize those changes until sometime in 2024. “We will look to roll out tactics to drive monetization in 2024” Iger says.
What does this mean for subscribers? Well for the moment it’s tough to say. Disney is simply exploring the idea of cracking down on password sharing for Disney Plus right now. And for the time being it hasn’t laid out any plans for how it would work or when it would be rolled out. But the changes do seem inevitable. Iger reported that the service did see a decrease in subscribers, although slightly. And he also mentioned that the number of accounts sharing passwords was “significant.” Which it sounds like may have negatively impacted Disney’s bottom line for subscriber numbers.
Disney can already monitor password sharing
If you’re asking yourself how Disney will know, Iger says the company already has the “technical capabilities” to monitor sign-ins. So it’s already equipped to tell who is sharing passwords and who isn’t. All that’s left for Disney to do is to start implementing the policy changes.
As mentioned though there’s no way of knowing for now when exactly that happens. Or how the end results will look. When Netflix rolled out password sharing changes, it offered subscribers a way to add people onto the account for use outside the home network. Disney may or may not choose to do the same thing. Either way, Disney’s intention here is likely to increase subscribers. And it already knows this can be an affective method thanks to Netflix. As the company reported that its password sharing crackdown worked.
A couple of days back, Samsung released the August security update for the Galaxy Note 20 series and Galaxy S20 FE 5G. However, the rollout was limited to select international markets, including Latin America and Europe. Thankfully, the company didn’t take long to bring the update to the US. These phones are now receiving the latest security patch stateside as well.
As of this writing, Samsung is rolling out the August SMR (Security Maintenance Release) to the factory-unlocked variants of the Galaxy Note 20 and Galaxy Note 20 Ultra in the US. The new firmware build number for the phones is N98*U1UES5HWG6. The last Note-branded Galaxy flagships are getting nothing more than this month’s security fixes, the official changelog provided by the company confirms.
The August SMR itself is pretty big, though. Samsung revealed earlier this week that the latest security release contains more than 80 vulnerability patches. These include over 50 Android OS patches coming from Google and partner vendors. The remaining 30-odd patches concern Galaxy-specific security flaws (not present in Android products from other brands) and come directly from Samsung.
At least three vulnerabilities patched this month were critical issues (including at least one Galaxy-specific patch), Samsung has confirmed. Users with a Galaxy Note 20 or Galaxy Note 20 Ultra in the US can install the latest update to stay safe from these vulnerabilities. The Korean firm has already pushed the August SMR to all of its recent foldable smartphones stateside (excluding the 2023 models releasing tomorrow).
The Galaxy S20 FE 5G is also getting the August update in the US
The Galaxy S20 FE 5G is another Samsung smartphone that is now getting the August update in the US. However, unlike the Galaxy Note 20 series or the foldable models, the rollout for this phone has begun with carrier-locked units. The original Fan Edition (FE) phone is receiving the August SMR with firmware version G781USQSCHWGA. As of this writing, the update is live on T-Mobile, Metro, and Sprint networks.
However, it shouldn’t be long before Galaxy S20 FE 5G users on other networks get the latest security patch from Samsung. The rollout for unlocked units should also begin soon. Don’t expect anything notable apart from the aforementioned security patches, though. The changelog doesn’t mention anything else. As usual, you will get a notification once the OTA (over the air) release hits your phone. You can wait for the notification or manually check for updates from the Settings app.