You need to check your phone for these popular apps sending pictures and other info to China

andreasc
-
0
You need to check your phone for these popular apps sending pictures and other info to China
[ad_1]
Although Play Store is generally a trusted place for downloading apps on Android phones, every now and then malicious apps manage to sneak into the app marketplace. The latest fishy apps that were found hiding on Play Store are File Recovery & Data Recovery and File Manager.
Cyber security company Pradeo says that these apps came from the same developer and were downloaded by 1.5 million users. They look like file management apps but are actually spyware and silently send user information to servers based in China.
File Recovery and Data Recovery was downloaded more than a million times, whereas 500,000 people installed File Manager. The apps asserted that they wouldn’t collect any data from smartphones, but Pradeo found that this was a false claim.

Equally alarming is that the apps said that any collected data would not be deleted even after user request, which goes against data protection laws.

Pradeo’s analysis showed that the apps collected personal data such as:

  • Contacts saved in the device
  • Email and social network contacts
  • Pictures, audio, and videos compiled in the app
  • Real-time user location
  • Country code
  • Name of the network provider
  • Operating system version number (possibly to exploit vulnerabilities)
  • Device model
Most of this info is not required for file management and data recovery operations. The apps do not ask for user permission for collecting this data. The apps also hide their home screen icons to make it difficult to delete them. Both apps transmit data more than a hundred times, which is a frighteningly large amount.

Since malicious apps often require user input for successful attacks, File Recovery & Data Recovery and File Manager employ a tactic whereby the victim’s device restarts and the apps launch in the background.

Per a Bleeping Computer report, the apps were removed from Google Play only recently. Needless to say, if you have these apps on your phone, delete them right away. If you don’t see them on the home screen, go to the app list in settings to get rid of them.

[ad_2]
Source link

First OnePlus foldable to run a special version of OxygenOS

andreasc
-
0
First OnePlus foldable to run a special version of OxygenOS
[ad_1]

According to a new report, the very first foldable smartphone from OnePlus will run a special version of OxygenOS. This information comes from SnoopyTech, a tipster, who claims OxygenOS Fold will come pre-installed.

The very first OnePlus foldable will run a special version of OxygenOS

That information was actually corroborated by Max Jambor, a well-known tipster, which only adds more credibility to the table. What’s interesting, however, is that the phone itself will be called the ‘OnePlus Open’.

That information got shared by Max Jambor, actually. It would kind of make more sense for the phone to be called the OnePlus Fold or V Fold, as suggested earlier, to go along nicely with the software name. Not that it’s all that important, but it is something you notice.

OxygenOS Fold will be an adapted version of OxygenOS for a foldable device. Chances are we’ll see plenty of similarities with the build that comes on the OPPO Find N2. OPPO is OnePlus’ sister company after all and ColorOS and OxygenOS are very similar in general.

The OPPO FInd N2 could be an indication of what’s coming software-wise

If the OPPO Find N2 is anything to go by, we’ll get some useful features on board. Entering a split screen mode will be as easy as swiping with two fingers across the screen. Windowing apps will also be a piece of cake, and so on.

The OnePlus Open is coming in Q3 this year, most likely in August. The phone’s design surfaced recently, thanks to CAD-based renders. That design leak managed to create some hype, that’s for sure.

The phone’s specs will also be quite appealing, based on rumors. The Snapdragon 8 Gen 2 or 8+ Gen 2 will be thrown into the mix, along with two 120Hz displays. LPDDR5X RAM will also be included, as will UFS 4.0. Check out our OnePlus Fold aka OnePlus Open preview, if you’d like to know more.


[ad_2]
Source link

Pitaka case for the Pixel Fold adds MagSafe compatibility

andreasc
-
0
Pitaka case for the Pixel Fold adds MagSafe compatibility
[ad_1]

If you purchased the Google Pixel Fold, and have been looking for a great thin case, well, Pitaka has you covered. The company’s minimalistic MagEZ Case 3 is now available for the device, and it adds MagSafe compatibility to the package.

The Pixel Fold gets MagSafe compatibility thanks to a Pitaka case

This case is really thin, and yet it does add MagSafe support to the equation. Pitaka managed to squeeze in magnets on the back. This case comes in two pieces, one for the front side of the phone, and the other for the back.

Once you install this case, your Pixel Fold will become compatible with all third-party MagSafe chargers and mounts, basically. Well, all third-party MagSafe accessories, basically.

This case may be thin, but it’s tough too. Pitaka used 600D aramid fiber here, which is not only lightweight and less than a millimeter thin, but it’s quite tough. It’s actually said it’s five times tougher than steel, and five times lighter too. As if that’s not enough, this case is also grippy.

The case itself is available in a black color, though there are a number of accents you can choose from. The Twill, Overture, and Rhapsody options are available to choose from.

The company has a number of MagEZ accessories to go with this case

Pitaka also offers a number of other MagEZ accessories to go with this case. The MagEZ Slider, MagEZ Battery Pack, MagEZ Car Mount Pro/Lite, and MagEZ Card Sleeve. The first one is particularly interesting, as it’s both a powerbank, and a magnetic stand.

Do note that the MagEZ Case 3 for the Pixel Fold is not cheap, though. Considering the materials used here, and the functionality it provides, however, it may be worth it for you.

The MagEZ Case 3 for the Pixel Fold will set you back $79.99, should you choose to get it. You can grab one from the link below.

Buy Pitaka’s Pixel Fold case (Pitaka)


[ad_2]
Source link

Save 20% on Everyday Essentials with $50 Purchase

andreasc
-
0
Save 20% on Everyday Essentials with $50 Purchase
[ad_1]

Ahead of Prime Day next week, Amazon is offering a pretty sweet deal on products you’re going to need anyways. Basically, you can spend $50 or more on everyday essentials and school supplies and get 20% off. The only caveat here is that you do need to be a Prime member to take advantage of this.

Here’s how it works. Head to this link and add items to your cart. The offer will automatically be added to your cart, and then checkout. It’s just that simple. 20% off isn’t too shabby either, and pretty good for everyday essentials.

So what’s included in this offer? Well, everyday essentials and back to school supplies. This includes products from 365 by Whole Foods like Maple Syrup, cereal, Hemp Seed, as well as things like paper towels, melatonin and so much more. For those shopping for back to school, you’ll also find things like pens, pencils, folders and a whole lot more available as part of this deal. So it’s a really good time to pick up some stuff.

What’s so great about this deal is that these are things you’d be buying anyways. Now, you can save 20% off of them. Not to shabby at all for a Prime Day deal. We remember back in the day when deals were only available on things no one wanted to buy.

Speaking of Prime Day, that happens this coming Tuesday and Wednesday, July 11 and 12. It’ll start at midnight PT on July 11 and last until 11:59PM PT on July 12, and have thousands of deals available. As always, we will be here rounding up the very best deals available for Prime Day. So you can spend your money wisely, and avoid buying things that you really don’t need.

You can shop this everyday essentials and school supplies sale over on Amazon by clicking the link below.

Everyday Essentials Sale – Amazon


[ad_2]
Source link

Twitter Employees Musk fired speak out following Threads launch

andreasc
-
0
Twitter Employees Musk fired speak out following Threads launch
[ad_1]

When Elon Musk bought Twitter, he laid off (or fired) about 80% of the workforce. Twitter was pretty bloated, so Musk made that change. He got rid of thousands of engineers, many of which Meta then hired to work on Threads.

Now that Threads has launched, some of these ex-Twitter employees are starting to speak out. Of course, they are staying anonymous for now, but one stated that “it feels like revenge time.” They continued that “anything is better than the Twitter we have now.”

Another former Twitter Data Scientist, Melissa Ingle said that “this thing is going to be a monster.” However, she is not yet entirely convinced on Threads just yet, since it shows you posts from people you do not follow yet.

Another former employee, Manu Cornet, had stronger words about Threads, and is not as excited about it. Stating that “Threads introduces nothing new as far as I’ve seen”. While another anonymous ex-Twitter employee said that “I fundamentally don’t understand its existence in the market. Seeing it as a Twitter like raft makes sense, but the problems already arising with EU regulators and it, and its lack of purpose, seem to signal its not there to last.”

Despite this, Threads crosses 70 million signups in under 48 hours

Despite some former Twitter employees being skeptical about Threads, users are flocking to it. Gaining 70 million sign ups in under 48 hours is nothing to be ashamed of. Even if Instagram is the main reason for it. Mastodon has been seen as the “Twitter replacement” since Musk took over in October, and it has only amassed around 13 million accounts.

The real question here is going to be how many stick around. As we’ve seen with Mastodon and Bluesky, lots of people sign up, but not many post or post often. Making it feel more like a ghost town. Which is a throwback to Google+.


[ad_2]
Source link

Threads is at the top of the app stores

andreasc
-
0
Threads is at the top of the app stores
[ad_1]

Needless to say, Meta’s Threads is a pretty popular platform. It launched just a few days ago, and it’s already amassed millions of users. In fact, Threads is popular enough to make it to the top of both of the app stores.

Threads is the new social media platform from Mark Zuckerberg’s Meta, and it borrows heavily from Twitter (but, what new social media platform isn’t?), and that could land it in some legal trouble.

Elon Musk’s legal team is threatening to sue Meta over alleged misappropriation of trade secrets. The company claims that Meta hired former Twitter employees, those in possession of Twitter trade secrets, to build Threads. If this is the case, then Meta did commit a serious federal crime, as did the alleged employees. However, that’s yet to be officially confirmed.

Threads is at the top of the app stores

Legal matters aside, Threads is really gaining some serious traction as time goes on. It’s probably the fastest-growing social media site on the internet. As of this morning, the platform boasts more than 66 million signups. That’s impressive, but we can’t forget that it’s riding on the back of Instagram’s 1 billion+ users.

In order to get a grasp of how popular the app is, it’s at the top of its respective categories in both the Google Play Store and Apple App Store.

In the Google Play Store, Threads is #1 in the Free Social Media category. On the Apple side, it’s the #1 app in the Social Networking category. This is for the list of iPhone apps. The app is available on the iPad as well, but not many people are downloading it on the iPad for understandable reasons.

Right now, Threads is far from perfect. While the app has become a new platform for people to bad-mouth Elon Musk, there’s still a ton of stuff that it’s missing. There are no hashtags, DMs, or general searches. Also, if you want to delete your Threads account, you’ll need to delete your Instagram account in the process. However, that could change.

If you’re looking to download Threads, you can do so with the link below.

Download Threads


[ad_2]
Source link

1.5M Download File Management App Transfers Data to China

andreasc
-
0
1.5M Download File Management App Transfers Data to China
[ad_1]
File Management App China

Cybersecurity researchers recently found 2 malicious applications on the Google Play store, installed by 1.5M users, collecting excessive data beyond what is required for promised features.

The two malicious apps, both by the same publisher, are designed to exfiltrate data that is sensitive in nature and transmit it to the various malicious servers that are established in China autonomously.

CSN

The behavioral analysis engine of Pradeo identified these two malicious spyware applications. While their description on the Data Safety section of Google Play claims that there is “No data collection from users’ devices.”

Fake Claim (Source – Pradeo)

Malicious File Manager Apps

Here below, we have mentioned the two malicious applications along with their Google Play store download counts:-

  • File Recovery and Data Recovery (com.spot.music.filedate): 1 million downloads
  • File Manager (com.file.box.master.gkd): 500,000 downloads
Malicious Apps (Source – Pradeo)

Data Exfiltration

Here below, we have mentioned the types of data that are exfiltrated by these two apps are:-

  • Contact lists (From the device and all connected accounts)
  • Media compiled in the application: Pictures, audio, and videos
  • Real-time user location
  • Mobile country code
  • Network provider name
  • Network code of the SIM provider
  • Operating system version number
  • Device brand and model

While the most shocking thing is that each of the applications excessively transmits the data collected, surpassing the normal state with more than a hundred transmissions.

Apps’ data transmission (Source – Pradeo)

Though some data collection may be justified for performance and compatibility, but the apps collect some unnecessary data beyond the scope of file management or data recovery needs.

Here the most strange thing is that the unnecessary data collected by the spyware apps is collected without the permission of the user, as they are collected secretly.

To make the removal difficult, the apps hide their icons from the home screen of the affected device, and they also exploit the approved permissions to operate discreetly in the background and reboot the device.

Sneaky Behaviors of the App

Here below we have mentioned all the behaviors that are sneaky in nature and used by the threat actor to increase its success rate:-

  • Looking legitimate
  • Requiring less user interaction
  • Preventing uninstallation

Recommendations

Here below we have mentioned all the recommendations:-

  • Make sure to avoid downloading the apps without any reviews that lack reviews from thousands of users.
  • To know the true nature of the application, make sure to go through the reviews thoroughly.
  • Before approving or accepting any permissions make sure to carefully read them.
  • Make sure to educate team members about the risks associated with mobile threats.
  • To provide users with secure flexibility, ensure enable automated mobile detection and response.

“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.


[ad_2]
Source link

Best Prime Day Apple Deals 2023

andreasc
-
0
Best Prime Day Apple Deals 2023
[ad_1]

While Amazon Prime Day is taking place on July 11 and July 12 this year, deals aren’t waiting for Prime Day. Including a number of deals on Apple products, that you can take advantage of right now.

So in this article, we are rounding up all of the best Apple Amazon Prime Day deals, and will be updating this throughout Prime Day as well. So make sure to bookmark this article, if you’re looking for some Apple deals this Prime Day.

Best Prime Day Apple Deals 2023

So what kind of deals can you expect on Apple products for Prime Day? Well, Apple products are pretty rarely discounted. Really only happening around big shopping holidays like Prime Day, Black Friday and Cyber Monday.

However, there are some pretty sweet deals on laptops, smartphones, AirPods and more. For instance, the Apple MacBook Pro 13-inch M2 model is on sale for $1,099. That’s going to save you $200 off of its regular price. Then there’s the Apple iPad 10.2, this is the ninth-generation model which is now on sale for $279. That’s $50 off of its regular price and does come down to an all-time low.

There’s other iPad deals too, including the iPad Air. This one is on sale for $559, which is an all-time low. Not a super huge discount, but that is the cheapest we’ve seen the iPad Air since it was released a little over a year ago. And we’re not expecting to see another iPad Air until next year, so it’s not old by any means. And it also runs on the M1 chipset, so it is a pretty powerful iPad right now.

These are just some of the very many Amazon Prime Day deals available today, and you can check out more here. If you need an Amazon Prime free trial, you can grab that here (students get 6-months free, here).


[ad_2]
Source link

Solar monitoring systems exposed: Secure your devices

andreasc
-
0
Solar monitoring systems exposed: Secure your devices
[ad_1]

We take a look at reports that 130,000 solar monitoring devices are sitting exposed online.

Researchers who go looking for devices exposed to the Internet report “tens of thousands” of solar photovoltaic (PV) monitoring and diagnostic systems can be found on the web. The systems are used for everything from system optimization to performance monitoring and troubleshooting.

No fewer than 134,000 products from an assortment of vendors were found to be exposed, though as Bleeping Computer notes, this does not necessarily mean they’re all vulnerable right now.

However, new vulnerabilities are discovered all the time and anything that’s attached to the Internet when a vulnerability is discovered represents a serious risk (and at least some of the products on display have been impacted by vulnerabilities in the past.) Devices left exposed online can lead to all manner of other issues too. Whether people poking around to get an idea of how your systems work, or directly tampering, it’s almost never good.

While many of the currently discovered devices may not be vulnerable to a remote takeover, there may be enough information to hand to figure out some of the workings of the systems in question.

Indeed, the research highlights that around 7,000 devices belonging to one particular brand are in the list. A separate report linked by Bleeping Computer found 425 examples of said device making use of a firmware version known to be vulnerable to attack. As per said report, which cleverly makes use of a copyright string on the product’s landing page to work out which versions are vulnerable:

It turns out that less than one third of the internet-facing SolarView series systems are patched against CVE-2022-29303.

This, in addition to mention of other issues affecting this brand of device like being able to upload PHP web shells (allowing for remote access), does not make for great reading. Especially when we consider that this is just one product, while the products left exposed include:

Solar-Log, Danfoss Solar Web Server, SolarView Contec, SMA Sunny Webbox, SMA Cluster Controller, SMA Power Reducer Box, Kaco New Energy & Web, Fronis Datamanager, Saj Solar Inverter, and ABB Solar Inverter Web GUI.

Exposed devices can end up being a pretty serious issue. Even in cases where the device isn’t exposed online, things can still go awry. A few years back, Australia’s early warning network was compromised (most likely by a targeted phishing attack) and messages galore were fired out by SMS, email, and phone announcing that the service had been hacked.

Road signs and other forms of public communication are often found wanting in the security stakes. It’s such a problem that it’s not unusual to see the Department of Homeland Security issuing warnings about the need to update Emergency Warning Systems. Last August, FEMA was similarly banging the drum for the swift application of software updates.

If you’re responsible for deploying any of the above systems, it may well be beyond time to check what (if anything) is exposed online and whether or not you need to start patching.

Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Follow the Official Google and YouTube Accounts on Threads

andreasc
-
0
Follow the Official Google and YouTube Accounts on Threads
[ad_1]

Threads launched on Wednesday evening, and it’s already garnering some pretty popular brands on the platform. Which is something that other Twitter clones had been unable to really do.

Some of those brands include Google and YouTube. Official Google accounts have joined Threads with @Google as the official Google account. There’s also Google for Developers as @googlefordevs, Google Workspace as @googleworkspace, and YouTube as @YouTube, just to name a few.

So far, the Google and YouTube accounts haven’t really posted a whole lot of anything. As the Google account has only posted a “Hey” and then a post of the Chrome Dino, and reminding users that they can access it on Chrome by going to chrome://dino.

Some of the more notable names missing here include Android and Pixel. Those will likely follow in the coming days, or maybe even later today. Don’t forget that you can follow Android Headlines on Thread as @Androidheadline.

Threads surpasses 70 million users

This afternoon, Meta CEO, Mark Zuckerberg announced that Threads had surpassed 70 million signups. Which is an insane number for being live for under 48 hours. But that’s the magic of tying it to Instagram, versus starting from the ground up.

Although the Zuck has been grateful to have this many people sign up for Threads, he remains humble about the number. As he, and everyone else knows, that the number of users isn’t what will make the platform successful. It’ll be the content, and features, which we’ve yet to see how that will play out. However, if there is a company that can compete with Twitter, it’s going to be Meta. They have the user-base, the money, and the platform. Instagram has 2 billion monthly active users, Facebook has 3 billion, while Twitter has 300 million.

How long until Threads surpasses Twitter on an accounts front? Likely a few more days. Which is pretty incredible to think about, in the grand scheme of things.


[ad_2]
Source link
1...1,1041,1051,106...1,476Page 1,105 of 1,476