Google Addressed Numerous Security Flaws With Chrome 126

andreasc
-
0
Google Addressed Numerous Security Flaws With Chrome 126
[ad_1]

With the latest Chrome 126 release, Google patched multiple security flaws affecting the browser, including a high-severity vulnerability exploited at a hacking event.

Google Chrome 126 Fix Multiple Security Flaws

This week, Google rolled out the Chrome browser version 126 (stable release) for the users. Like most security updates, this stable release also addressed numerous security flaws in the browser that could have severely impacted users when exploited.

One of these vulnerabilities includes a type confusion vulnerability in Chrome’s V8 component. The vulnerability first caught the attention of security researcher Seunghyun Lee, who demonstrated the flaw at the recent SSD Secure Disclosure’s TyphoonPWN 2024 hacking event. Identified as CVE-2024-6100, this vulnerability received a high severity rating and earned the researchers a $20,000 bounty for the discovery.

Another major security fix addressed CVE-2024-6101, a high-severity vulnerability due to inappropriate implementation in WebAssembly. Google credited the researcher with the alias “ginggilBesel” for reporting the flaw, who also won a $7000 bounty.

Besides, this Chrome release also includes two other security fixes for high-severity vulnerabilities in Dawn. These are CVE-2024-6102, an out-of-bounds memory access, and CVE-2024-6103, a use-after-free flaw. Google acknowledged the researcher with the alias “wgslfuzz” for reporting both vulnerabilities.

As mentioned in Google’s release update, these security fixes have been released with Chrome 126.0.6478.114/115 for Windows and Mac devices and 126.0.6478.114 for Linux systems. Moreover, the tech giant released the same security patches with Chrome for Android version 126.0.6478.110, which users may download from the Google Play Store.

Since Google released these patches with the respective Chrome browsers for different systems, users must keep their devices updated with the latest browser releases to remain safe. Thankfully, none of these vulnerabilities is zero-day, saving users from the worries of active attacks. Still, keeping all devices up-to-date with the latest releases is important for better security.

Let us know your thoughts in the comments.


[ad_2]
Source link

OnePlus Pad Pro live images surface ahead of launch

andreasc
-
0
OnePlus Pad Pro live images surface ahead of launch
[ad_1]

The OnePlus Pad Pro live images have just appeared, ahead of launch, following official renders. As a reminder, this tablet is expected to arrive in a couple of days, on June 27. It will be accompanied by a number of other devices, more on that later on.

The OnePlus Pad Pro live images have just surfaced

Nine OnePlus Pad Pro live images have surfaced, courtesy of Digital Chat Station. This is one of the most prolific tipsters in the industry, so chances are that these images are spot on.

We get to see the tablet from both front and back here. It will have rather thin bezels (for a tablet), but not too thin, so you’ll be able to grip it… easily. Glass will be included on the back, with a centered OnePlus logo.

A single camera will be included inside a circular camera island, while an LED flash will also sit in there. That camera island will be centered up top, looking from a horizontal position, of course. The frame on the sides will be rounded, and both the front and the back side will curve into it.

This tablet will look a lot like the company’s current-gen model

Design-wise, this thing looks very similar to the OnePlus Pad 2. The bezels on it do seem to be a bit thicker, though, but not by much. This tablet is expected to include the Snapdragon 8 Gen 3 SoC, Qualcomm’s most powerful chip.

Now, you’ll also notice that a keyboard accessory is pictured in the provided images. The same goes for a stylus. Well, both of those accessories will likely be announced on June 27 too.

In addition to the OnePlus Pad Pro, OnePlus is aiming to launch the OnePlus Watch 3 on June 27. The OnePlus Ace 3 Pro will also be announced, and the same goes for the OnePlus Buds Pro 3.

OnePlus will have a lot on its plate on June 27. All of these devices are expected to launch globally too, though the OnePlus Ace 3 Pro will likely be called the OnePlus 12T.


[ad_2]
Source link

Transform your home decor with Wallpics wall-pictures-tiles

andreasc
-
0
Transform your home decor with Wallpics wall-pictures-tiles
[ad_1]

In the realm of home decor, finding unique and personalized ways to enhance your living space can be a delightful challenge. Wallpics wall-pictures-tiles offer an innovative and stylish solution to this challenge, allowing you to transform your walls with ease and creativity. These customizable photo tiles provide a fresh, modern take on displaying your cherished memories, blending convenience, aesthetics, and personalization into one seamless package. In this article, we’ll explore the benefits of Wallpics wall-pictures-tiles and how they can revolutionize your home decor.

What Are Wallpics Wall-Pictures-Tiles?

Wallpics wall-pictures-tiles are lightweight, frameless photo tiles that can be easily affixed to your walls without the need for nails or hooks. Made from durable, high-quality materials, these tiles are designed to showcase your favorite photos in a sleek and contemporary format. The tiles stick to the wall using special adhesive strips, making it simple to arrange, rearrange, and remove them without damaging your walls.

Personalization at Its Best

One of the standout features of Wallpics wall-pictures-tiles is the ability to personalize your space with ease. You can select photos that hold special meaning to you, such as family portraits, travel memories, or artistic shots, and transform them into stunning wall art. This level of customization ensures that your decor is a true reflection of your personality and experiences, adding a deeply personal touch to your home.

Easy to Install and Rearrange

Gone are the days of struggling with nails, hammers, and levels to hang pictures on your walls. Wallpics Wall Pictures offer a hassle-free installation process that anyone can manage. The adhesive strips on the back of each tile allow you to simply peel and stick the tiles onto your wall. If you want to change the arrangement or move the tiles to a different room, you can easily remove them without leaving any residue or damage. This flexibility is perfect for those who like to refresh their decor frequently or who live in rental properties where wall damage must be avoided.

Versatile and Stylish

Wallpics wall-pictures-tiles are designed to complement a variety of decor styles, from modern and minimalist to cozy and eclectic. The frameless design gives a clean and sleek look that can blend seamlessly into any room. Whether you’re looking to create a gallery wall in your living room, a personal photo display in your bedroom, or an artistic arrangement in your office, these tiles offer a versatile and stylish solution.

Quality and Durability

When it comes to displaying your cherished photos, quality matters. Wallpics wall-pictures-tiles are made from premium materials that ensure your photos look vibrant and sharp. The printing technology used guarantees high-resolution images with excellent color accuracy, bringing your memories to life on your walls. Additionally, the tiles are durable and designed to last, maintaining their appearance over time without fading or warping.

Perfect for Any Room

Wallpics wall-pictures-tiles are a great addition to any room in your home. In the living room, they can create a focal point or a conversation starter. In the bedroom, they can add a personal touch and make the space feel more intimate. In the hallway, they can brighten up the area and make it more inviting. Even in the kitchen or bathroom, these tiles can add a touch of creativity and style. Their versatility makes them suitable for any space, allowing you to carry a cohesive design theme throughout your home.

Ideal for Gifts

Looking for a thoughtful and unique gift? Wallpics wall-pictures-tiles make an excellent choice. Whether it’s for a birthday, anniversary, housewarming, or any other special occasion, personalized photo tiles are a heartfelt gift that shows you’ve put thought into creating something special. You can select meaningful photos that hold significance to the recipient, making it a gift that will be cherished for years to come.

How to Get Started with Wallpics

Getting started with Wallpics wall-pictures-tiles is simple and straightforward. Here’s how you can create your own personalized photo tiles:

1. Select Your Photos: Choose the photos you want to display. High-resolution images work best to ensure the quality of the print.

2. Upload Your Photos: Visit the Wallpics website and upload your selected photos. The user-friendly interface makes it easy to upload and arrange your images.

3. Customize Your Tiles: Once your photos are uploaded, you can customize your tiles by selecting the layout and order. Preview your arrangement to ensure it’s exactly how you want it.

4. Place Your Order: After finalizing your design, place your order. Wallpics will print your photos onto the tiles and ship them to you.

5. Install Your Tiles: Once you receive your tiles, you can start decorating. Simply peel off the backing and stick the tiles to your wall. Rearrange as needed until you’re satisfied with the display.

Conclusion

Wallpics wall-pictures-tiles offer a modern, stylish, and highly personalized way to decorate your home. With their ease of installation, versatility, and high-quality finish, these photo tiles are a perfect solution for anyone looking to add a personal touch to their decor. Whether you’re decorating a new home, refreshing your current space, or searching for a unique gift, Wallpics wall-pictures-tiles provide a beautiful and meaningful option that will transform your walls and showcase your cherished memories. Embrace the creative possibilities and let Wallpics help you turn your photos into stunning wall art that enhances your home’s aesthetic and tells your unique story.


[ad_2]
Source link

Time to update your contact pics as Google Messages now shows them bigger

andreasc
-
0
Time to update your contact pics as Google Messages now shows them bigger
[ad_1]

A discussion is a place, where people can voice their opinion, no matter if it is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some random thoughts, which are not directly related to the matter.

Things that are NOT allowed:

  • Off-topic talk – you must stick to the subject of discussion
  • Trolling – see a description
  • Flame wars
  • Offensive, hate speech – if you want to say something, say it politely
  • Spam/Advertisements – these posts are deleted
  • Multiple accounts – one person can have only one account
  • Impersonations and offensive nicknames – these accounts get banned

Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a post should be moderated – please, report it.

Have a question about the rules or why you have been moderated/limited/banned? Please, contact us.

[ad_2]
Source link

LockBit Ransomware Claims 33 TB of US Federal Reserve Data for Ransom

andreasc
-
0
LockBit Ransomware Claims 33 TB of US Federal Reserve Data for Ransom
[ad_1]

The notorious LockBit ransomware gang claims to have breached the Federal Reserve Board (Federalreserve.gov), the central banking system of the United States, and is holding 33 terabytes of data for ransom.

Although these claims sound far-fetched, the ransomware gang has warned the US government of a June 25, 2024, deadline, after which the allegedly stolen data could be leaked to the public.

At the time of writing, the type of data extracted by LockBit is unclear. However, as seen by Hackread.com, a statement from the cybercrime enterprise on its new dark web leak site hints at “33 terabytes of juicy banking information” containing “American banking secrets.” Another statement by the ransomware group suggested that there are ongoing negotiations between them and the US government.

“33 terabytes of juicy banking information containing Americans’ banking secrets. You better hire another negotiator within 48 hours, and fire this clinical idiot who values Americans’ bank secrecy at $50,000.”

LockBit Ransowmare

The statement from LockBit appears to be a taunt directed at the US Federal Reserve, suggesting dissatisfaction with the current negotiator, if any, handling the ransom negotiations.

LockBit Ransomware Claims 33 TB of US Federal Reserve Data for Ransom
Screenshot from the LockBit ransomware gang’s dark web leak site (Credit: Hackread.com)

LockBit Claims and Realities

LockBit is notorious for its high-profile data breaches, including incidents involving Boeing, ICBC Bank, Bangkok Airways, and others. A recent report from the NCC Group revealed that LockBit is the most active ransomware gang, even after its infrastructure was seized and its alleged leader was exposed as Dmitry Yuryevich Khoroshev by law enforcement authorities.

Despite this, the group is known for claiming high-profile targets, which are often dismissed by the companies involved. For instance, in April 2023, the group announced it had breached Darktrace, a prominent Cambridge-based cybersecurity company. These claims were swiftly dismissed by the company.

In June 2022, the group claimed to have breached Google-owned Mandiant cybersecurity. However, the company did not find any evidence of a data breach.

Nevertheless, the current situation is that the group has claimed Federalreserve.gov as its new victim. Hackread.com is monitoring the situation and has reached out to the US Cybersecurity and Infrastructure Security Agency (CISA) for comment. Stay tuned!

  1. LockBit Ransomware Gang Returns, Taunts FBI
  2. LockBit Affiliate Sentenced to 4 Years in Canada
  3. LockBit Ransomware Gang in Decline May Be Compromised
  4. LockBit Takedown: Source Code, Arrests, Recovery Tool Revealed
  5. LockBit ransomware gang blames victim for DDoS attack on its website

[ad_2]
Source link

Here are all color options of OnePlus’ upcoming high-end phone

andreasc
-
0
Here are all color options of OnePlus’ upcoming high-end phone
[ad_1]

OnePlus will launch a handful of devices on June 27. One of those devices will be the OnePlus Ace 3 Pro. This will be a high-end phone from OnePlus, and all of its color options have just been revealed.

Colors options of OnePlus’ upcoming high-end phone have just been revealed

OnePlus revealed those colors by sharing official renders of the upcoming OnePlus Ace 3 Pro handset. You can check them out in the gallery below the article. There are four images included there.

As you can see, the phone will come in three color variants. It seems like different backplate materials will be used too. The ‘Green Field Green’ color will have a vegan leather backplate with a nice pattern on it. It will be green, needless to say.

The ‘Supercar Porcelain Collector’s Edition’ model will have a white ceramic backplate. And last, but not least, the Titanium Sky Mirror Silver model will have a glass backplate, a glossy silver one.

This device will likely be rebranded to the OnePlus 12T… for global markets

This phone looks very similar to the OnePlus 12 in terms of the design. It will almost certainly be re-released as the OnePlus 12T for global markets, as this variant is aimed for the Chinese market. That happened in the past, so… it’s likely what will happen this time around too.

The phone seemingly has three cameras on the back, as part of its round camera island. Its back side is curved, and the same goes for its front, even though we can’t see it here. It will have thin bezels and a centered display camera hole.

This phone will be fueled by the Snapdragon 8 Gen 3 SoC. It will feature a 6.78-inch 1.5K LTPO OLED display with a 120Hz refresh rate. Android 14 will be included too, as will a 6,100mAh battery. 100W charging will be on offer, and much more.

In addition to this device, OnePlus will also announce the OnePlus Watch 3 smartwatch, OnePlus Pad Pro tablet, and the OnePlus Buds Pro 3 earbuds.


[ad_2]
Source link

Motorola’s Moto Tag ready for launch with FCC’s sign of approval

andreasc
-
0
Motorola’s Moto Tag ready for launch with FCC’s sign of approval
[ad_1]

In 2017, Motorola launched a smart object tracker called the Moto Tag. Seven years later, the company is gearing up to introduce an upgraded version, seemingly with the same name. The new model has already received a few regulatory certifications, hinting at an imminent launch. The FCC also recently certified it, further supporting the theory.

The FCC clears Motorola’s Moto Tag for launch

The Federal Communications Commission certified the Moto Tag with the model number XT2445-1, which we have seen in other certifications in the past. As usual, the listing doesn’t reveal a massive amount of details about the upcoming smart tracker. However, we got a confirmation that it will feature a standard button watch battery bearing the identifier CR2032.

Most smart trackers use this commonly available lithium battery. This ensures that you won’t have problems finding a replacement battery once the original one drains out (these batteries aren’t rechargeable). The CR2032 battery boasts a rated capacity of 210mAh and a rated voltage of 3V. It may not seem much, but it is big enough to power the tracker for months before you need to replace it.

Of course, the battery life will depend on how often you use the product and the connectivity method. The Moto Tag boasts Bluetooth LE and Ultra Wideband (UWB) connectivity options, with the latter being more power-hungry. It is more effective in finding lost objects, though. You get granular tracking support compared to Bluetooth. It’s nice that Motorola is offering both technologies.

The FCC listing doesn’t reveal anything else about the Moto Tag. There’s no mention of Find My Device support. However, Google recently said that Motorola is preparing a smart tracker with support for its crowd-sourced network that uses Android phones to locate lost objects or trackers. The search giant said the device will debut later this year. This is a massive hint at the Moto Tag being that product.

Motorola has a major launch event scheduled for June 25

Motorola has yet to announce a launch date for the Moto Tag. It hasn’t even teased any such product. However, the firm has a major launch event scheduled for Tuesday, i.e., June 25, in China. It is expected to unveil the Razr 50 series foldables at the event. There is no reason why the Moto Tag won’t debut alongside the new foldables. Thankfully, we won’t have to keep guessing for much longer. Stay tuned for more from Tomorrow’s Motorola event.


[ad_2]
Source link

Don’t hold your breath for full-frame camera sensors in smartphones

andreasc
-
0
Don’t hold your breath for full-frame camera sensors in smartphones
[ad_1]

If you were hoping to see full-frame camera sensors on smartphones at some point soon, well, don’t hold your breath. Sony just clarified things by saying that it won’t happen, at least not anytime soon.

Sony makes is clear that smartphones won’t get full-frame cameras… at least not in this decade

In a presentation by the company, which is titled ‘Imaging and Seeing Solutions Segment’, Sony demonstrated the evolution of smartphones in videography, and how it’s connected to the sensors. This presentation was presented by the Sony Semiconductor Solutions Corporation’s Director, President, and CEO, Terushi Shimizu.

For this decade, up until 2030, Sony’s president exponential growth in mobile video shooting. It was clarified that the industry has to focus on sub-cameras to improve smartphone videography.

In that presentation, five characteristics were highlighted for mobile camera performance. Those characteristics are Sensitivity/Noise, Dynamic range, Power consumption, Resolution, and Readout speed.

Still images are excellent, Sony believes, but videos need work

Sony did highlight that as far as photography goes, the quality of smartphone cameras comes close to the human eye thanks to large sensors and AI. In some cases it’s even possible to surpass that point, says Sony.

The videos, on the other hand, are a completely different beast. Sony sees room for performance. Sony believes that video quality is left behind compared to still imagery, as real-time performance is required. Video performance is more directly related to the image sensors.

In one of the slides Sony shared, the elevation of sensor size through the years was shown. It shows the growth of sensor sizes in the main and sub-cameras on smartphones from 2019 to 2023.

We’ve reached a limit in terms of sensor size, at least until 2030

As part of that slide, Sony makes it clear that we’ve basically reached a limit in terms of sensor size, at least until 2030… for smartphones, of course. Improvements from this point on, up until at least 2030, will be based on AI, more or less.

Why is that the case? Well, other than the physical size of large sensors, those camera sensors also need more cooling. That’s not so easy to achieve in such a small body (smartphones). So, don’t hold your breath for full-frame sensors, at least not anytime soon.


[ad_2]
Source link

Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data

andreasc
-
0
Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data
[ad_1]

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying reports, which affects tens of thousands of organizations and grants access to employee, customer, and potentially confidential data. 

By exploiting this vulnerability, attackers can extract information beyond what is visible in the reports, including additional data attributes, records, and details behind aggregated or anonymized data. 

The vulnerability was reported to Microsoft by Nokod Security, but they consider it a feature rather than a security issue, while Power BI semantic models expose all underlying data, including hidden tables, columns, and detailed records, even when only aggregated data or a subset of the data is visualized in the report. 

It grants unintended access to sensitive information for any user with access to the report, regardless of sharing permissions or filtering applied in the report view, which applies to both internal and publicly shared reports. 

Details Of Exploitation:

Public Power BI reports trigger data retrieval upon execution through a POST request to the “/public/reports/querydata” endpoint on the wabi-west-europe-f-primary-api.analysis.windows.net server. 

In contrast, organizational reports leverage a different endpoint on pbipweu14-westeurope.pbidedicated.windows.net, specifically “/webapi/capacities/<capacityObjectId>/workloads/QES/QueryExecutionService/automatic/public/query”, which likely relies on a capacity object identifier for authorization. 

JSON representation of the requested data

It triggers individual API calls with JSON payloads specifying queries in a proprietary format, by targeting data in the report’s underlying semantic model, where users can request data from both visible and hidden columns/tables, as long as they’re part of the model. 

The first example demonstrates retrieving the “name” column from the “Products” table and filtering for products containing the letter “c,” highlighting how each visual effectively executes a custom query to fetch its specific data requirements. 

Accessible columns and values

An attacker can exploit Power BI reports to access hidden data. While removing filters and aggregations in visualizations is simple, adding unseen data requires knowledge of the data schema. 

This schema can be retrieved from a public report’s “/conceptualschema” endpoint or an organizational report’s “/explore/conceptualschema” endpoint, which exposes the entire semantic model, including hidden columns and tables, even if the report creator marked them as hidden, which empowers the attacker to craft further requests to access the hidden information. 

A vulnerability exists where a SQL table hidden within a Power BI report can still be accessed through the “query” API even though it’s not returned by the “conceptualschema” API. 

Bing for example, returned over 160,000 results

According to Nokod Security, the vulnerability is particularly concerning for organizations that share reports containing confidential information like financial data or healthcare records. 

Finding dozens of reports that could be used against people from different groups, like universities and government websites, showed that the underlying data model can be accessed through API calls and can reveal private data like PII and PHI.  


[ad_2]
Source link

Xiaomi is the latest company to ditch in-box chargers… or is it?

andreasc
-
0
Xiaomi is the latest company to ditch in-box chargers… or is it?
[ad_1]

A lot of smartphone manufacturers are not including chargers with the smartphones they sell. Those companies include two largest smartphone OEMs in the world, Apple and Samsung, amongst others. Well, Xiaomi seems to be the latest company to ditch in-box chargers.

Xiaomi seems to be the latest company to ditch in-box chargers

Just to be clear, Xiaomi did not officially announce this is happening. However, the company’s new Redmi 13 phones are shipping without a charger in the retail box, at least in Europe.

That is a clear sign Xiaomi is up to something. If we had to guess, we’d say that other Xiaomi smartphones will start shipping without a charger too, at least in Europe. Xiaomi may make an exception for its flagship offerings, though, it remains to be seen.

Xiaomi does note that using its 33W charging combo (Type-A) is recommended to charge the Redmi 13, as this phone does support 33W charging. Still, you’ll have to buy it separately.

Consumers don’t like this trend, of course. Everyone likes having everything they need to use a smartphone included in the box. Sure, some people have an extra charger lying around, but not everyone.

People usually sell their chargers with their phones, so this creates a problem

When reselling their smartphones, people usually sell them with chargers they came with. Therefore they don’t have extra ones lying around. Techie people are a different story, of course.

Still, this creates a hurdle for the vast majority of people. Some could argue that users are already used to it, though, as a number of well-known companies have been doing this for years. Companies usually say that the main reason for this move is to reduce e-waste, though that’s arguable.

It remains to be seen if Xiaomi will start doing this with all of its devices, or just some of them. This could also be a test of sorts, we’ll see.


[ad_2]
Source link
1...106107108...1,470Page 107 of 1,470