Nothing has launched the Ear (2) in a new, black color variant. The repainted buds are available exclusively from the company’s official website and only for a limited time, perhaps in limited stock. It’s unclear how many units of those are up for sale, though.
The Nothing Ear (2) debuted in March this year as the company’s second pair of true wireless (TWS) earbuds. It followed the same signature design, with transparency being the biggest USP. But the buds came in just one color option, which was plain white. This may have been a dealbreaker for a few, more so because the first-gen Ear (1) was also available in black.
The company has now listened to its fans and released the Ear (2) in a black avatar. “Dark and mighty,” Nothing describes the black-colored earbuds. Sure enough, they look sleek in this new coat of paint. But in hindsight, it makes sense why the firm offered the Ear (2) only in white at launch. The black paint conceals some of the transparency, which is a key design element of the buds.
The signatory design of the Ear (2) doesn’t look as flashy in black as in white. The case, which gets a similarly dark paint job, also hides much of the transparency. People who prefer minimalist design might pick the black Ear (2), but those getting the buds solely for their transparency should not look beyond the white variant. After all, both of them offer the same set of specs and features.
Nothing Ear (2) specs and features
If you need a quick recap, the Nothings Ear (2) features 11.6mm dynamic drivers with a dual-chamber design. The buds boast Bluetooth 5.3 connectivity and support most audio codecs, including AAC, SBC, and LHDCs. They also come with Hi-Res audio certification and Dual Connection and are compatible with Google Fast Pair and Microsoft Swift Pair. The Ear (2) offers Adaptive ANC with multiple modes. You also get a transparency mode to hear external sounds.
Each bud has a touch panel to control music playback, answer and reject calls, and switch between ANC modes. Despite a lightweight design, the Ear (2) boast a decent battery life. You get over six hours of playtime with buds only, which goes up to 36 hours with the case. The playtime with ANC turned on drops to three hours and 22 hours, respectively. The earphones support quick charging and are IP54 rated for dust and water resistance. The Nothing Ear (2) is currently selling for $149.
YouTube is currently experimenting with a new feature designed to address a common issue: accidental taps. The appropriately called Lock Screen feature eliminates those by disabling touch input while you are watching a full-screen video. This feature is currently in testing and is only available to selected Premium subscribers.The new Lock Screen feature, which is being tested until the end of July, was first spotted by Cord Cutter News (via TechCrunch). It is accessible to Premium YouTube users on Android and iOS who have received an invitation to participate.
If you happen to be a Premium subscriber and have been granted access to the experiment, you can give it a try by navigating to the gear icon while in full-screen mode and selecting Lock Screen. This feature allows you to watch videos without the risk of accidentally tapping the screen and pausing or disrupting playback.
This new feature might be quite useful, as watching videos on smartphones or tablets can sometimes be frustrating due to accidental taps that pause the playback, which also happens quite often when, for example, a child uses the device to watch cartoons.
YouTube is making efforts to encourage more users to subscribe to its Premium plans by introducing exclusive features for paid subscribers or imposing certain restrictions on free users. For example, users with ad blockers installed are limited to watching only three videos.
Despite having over 2 billion monthly users on the platform, YouTube’s Premium subscriber base currently stands at 80 million. With these new updates targeting paid subscribers, YouTube’s parent company, Google, aims to entice more free users to embrace the benefits of paid subscriptions.
Considering that ads are already a significant part of the platform, it would be no surprise that YouTube can achieve this goal and convert even the most dedicated free users into paid subscribers.
In the age of total interconnectedness, digital dangers are all around. Email accounts have long become prime targets for cybercriminals aiming to take advantage of security flaws. Therefore, implementing strong email security measures has never been more crucial.
In this email security guide, we unveil ten essential measures to protect confidential communications, anticipate the unexpected, and find peace of mind in a world full of cybercriminals.ns
Email security essentials
Email is the foundation of communication and collaboration in organizations all over the world. But this fact makes it extremely attractive for attackers.
Startling figures demonstrate that an overwhelming 96% of phishing endeavors are aimed at it, leaving organizations vulnerable to data hacks and introducing them to malicious links, attachments, and viruses. As the situation is really grave, dedicating attention to Email security best practices is an absolute necessity.
Email Security Best Practices encompasses a variety of measures to protect sensitive personal and business data.
It includes safeguarding all elements, including the mail servers, mail clients, and the underlying infrastructure.
It is important to understand the kinds of dangers that are out there and the risks they can bring to protect your communications:
In email spoofing, criminals manipulate the header. At first glance, a message looks like regular mail sent by a known person. This familiarity can lure recipients into opening it and potentially exposing their devices to malware or other malicious activities.
Email phishing is the prevailing method of cyberattacks. According to Statista, almost a quarter of all phishing attacks targeted financial organizations in 2022.
This method implies sending deceitful texts to manipulate individuals into performing desired actions, such as interacting with harmful links or downloading malicious attachments.
Phishing tactics encompass specialized approaches like spear phishing and whaling, which target certain employees or senior executives within companies.
Business email compromise means that cybercriminals target organizations to orchestrate financial fraud. Attackers compromise accounts, impersonate executives, and manipulate employees into initiating unauthorized financial transactions.
All businesses, regardless of size, are vulnerable to BEC attacks such as CEO fraud, account compromise, false invoice schemes, attorney impersonation, and data theft.
Although most unsolicited spam emails are filtered, some may still make their way into users’ inboxes. These often carry malicious content, phishing attempts, or spoofed information, making them potentially harmful if users don’t know their nature.
10 Email Security Best Practices to Implement Strong Protection
Install feature-rich security software
Regularly train your employees
Enforce strong password policies
Deploy intelligent threat detection systems
Constantly check for updates and patches
Perform periodic security assessments
Use encryption
Monitor AI behavior for anomalies
Implement smart authenticity verification
Employ AI-enhanced filtering
Now, let’s explore efficient email security steps to prevent the above things from happening.
1. Install feature-rich security software
You must deploy advanced solutions equipped with comprehensive functionality to counteract a multitude of threats. Robust cloud security tools can perfectly serve this purpose.
Deploying such filters is a crucial first step in securing protection against unsolicited and potentially malicious messages. They employ sophisticated algorithms to detect and block spam, minimizing the risk of falling victim to phishing attempts, scams, and other unwanted communications.
Proactive malware detection
Efficient software incorporates advanced malware detection features to neutralize harmful attachments or links. Signature-based scanning, heuristics analysis, and real-time threat intelligence can all be combined to identify and block known malware strains and suspicious patterns and behaviors.
Rock-solid encryption mechanisms
Using encryption protocols ensures that your sensitive information remains protected during transmission. Thus, you render the content unintelligible to unauthorized parties, safeguarding it from interception and unapproved access.
2. Regularly train your employees
Another Email security best practices is constant training. If you regularly conduct comprehensive security awareness training, your workforce remains informed about phishing attempts, practices effective password management, and doesn’t perform actions leading to breaches. This is extremely important for fostering a culture of heightened awareness within your organization.
Recognizing phishing attempts
Train staff members to identify and respond to such endeavors. Provide them with practical examples and illustrate common phishing tactics. As a result of efficient training, your employees will develop a discerning eye for identifying suspicious things.
Implementing strong password hygiene
During training sessions, thoroughly explain to your staff members why robust passwords matter. Employees should regularly change them. Put a special emphasis on the non-sharing policy: they must never communicate passwords to third parties. Furthermore, they should create new ones for each account they are using.
Exercising caution with suspicious attachments and links
Train your staff to exercise vigilance when dealing with attachments and links, especially if they originate from unfamiliar or unexpected sources. Encourage the use of antivirus software to scan attachments before opening them and discourage downloading or executing files from untrusted origins.
Businesses often concentrate solely on phishing-related training, neglecting other crucial practices. To address this gap, adopt a holistic approach to training by encompassing various relevant topics.
3. Enforce strong password policies
This essential security measure defends against any unapproved access and breaches.
Raise employee awareness about the significance of crafting intricate passwords that are challenging to predict, encompassing a blend of uppercase and lowercase letters, numbers, and special characters.
By mandating passwords with a minimum length and level of intricacy, organizations greatly reinforce the resistance of accounts against brute-force attacks and unauthorized entry endeavors.
Establishing a policy of periodic password renewal is crucial for maintaining continuous account security.
Foster a culture where employees are encouraged to update their passwords at specified intervals, such as every 60 or 90 days, to reduce the risk of unauthorized entry.
Emphasize the significance of refraining from identical passwords and discourage the use of previously employed passwords.
With this preventive measure, organizations can bolster their defense against unauthorized entry attempts. Encourage employees to activate 2FA, which mandates the provision of an additional verification method, such as a unique code sent to their mobile device.
Password management solutions
Encourage the implementation of such software tools to facilitate generating, storing, and retrieving complex passwords. Not only do they make robust and hard-to-hack passwords, but also provide a secure repository where employees can safely store their login credentials.
4. Deploy intelligent threat detection systems
AI-based Email security best practices implies deploying state-of-the-art threat detection systems. If you opt for such solutions over conventional ones, you will effectively combat fraudulent activities and phishing attacks.
AI uses ML algorithms to spot trends, recognize abnormal behavior, and uncover attacks. These cutting-edge systems have impressive functionalities.
They can easily detect anomalies, thoroughly analyze behavior and content, successfully filter spam, and identify dangerous attachments and links.
They seamlessly analyze potential threats and draft efficient response plans. The integration of deception tools and collaborative threat intelligence sharing is also worth mentioning in this context.
5. Constantly check for updates and patches
Staying up to date with your software is essential in preventing potential risks. Upgrades are tailored to patch up known weaknesses, repair software glitches, and increase total system operation. Failing to update your mailing system could leave it open to threats and breaches.
Criminals continuously search for vulnerabilities in popular clients, making the policy of updates vital. Patches are released to specifically counter these vulnerabilities.
Applying them lowers your risk of becoming a target of an attack. Such updates often go with bug fixes and other vital security measures for email. As a result, they efficiently protect you against growing threats.
Software developers are vigilant in monitoring emerging issues. They constantly address and mitigate known issues. What’s more, updates also enhance the performance of your client.
6. Perform periodic security assessments
Carrying out a full-scale audit of your mailing system serves as an effective strategy to detect risks and implement necessary security measures for email. Here are vital steps to take:
Pinpoint possible risks
Commence by conducting a comprehensive examination of your current policies and protocols, while scrutinizing previous breaches, if any. Take into account both internal and external menaces, including phishing attempts, malicious programs, unapproved entries, and data breaches. Evaluate how they can affect your company’s workflows and sensitive data.
Assess the efficacy of your steps
Evaluate vital elements such as junk mail filters, antivirus and anti-malware tools, access management, cryptographic techniques, and verification procedures. Evaluate the congruence of your measures with industry benchmarks and recommended steps, taking into account both technological and nontechnical aspects.
Examine and improve usage patterns
Ensure that your policies encompass a wide variety of elements, like content, attachments, user actions, and rules for suitable applications. Make sure that your policies are current and detailed, and that everyone is aware of them. Assess how effective they are in reducing risks and make sure they comply with the applicable legal and regulatory standards.
Carry out rigorous testing of the entire infrastructure
Through the execution of penetration testing, vulnerability assessments, and simulations of social engineering, you have the opportunity to reveal weaknesses and possible entry points for malevolent attacks. It is of utmost importance to employ ethical hacking methodologies and seek the assistance of reputable third-party experts to perform these tasks.
Craft a sound action strategy
Drawing upon the outcomes of the audit, craft a tailored action strategy to effectively tackle the identified concerns. Make decisions according to the impact they could have on your business operations and private information. Double-check that your action plan is in line with the budget, resources, and business goals you have.
7. Use encryption
This is an essential way of keeping sensitive data secure by obscuring the content of messages, guaranteeing that only the intended viewers can access and comprehend the information. By implementing encryption, you prevent unauthorized individuals from reading or intercepting valuable data, including login credentials and financial details.
Email Security Best Practices Protect your login credentials and the messages you send and receive by encrypting the connection between your provider and the servers that transmit your messages across the Internet.
This way, you guarantee that even if intercepted, the content remains unreadable and useless to unauthorized individuals. This ensures the confidentiality and integrity of your communication.
Encrypt stored or archived messages
Backed-up messages stored in clients can be vulnerable to unauthorized access. Put encryption into place to protect their content, even if someone can access the storage.
8. Monitor AI behavior for anomalies
If you establish baseline behavior, you can promptly detect any deviations, providing an early warning system for potential attacks. Examining AI-generated patterns can identify any abnormal behavior that might point to malicious intent, like attempts to access data without permission or generating abnormal content.
By leveraging machine learning algorithms and systems for anomaly detection, organizations can analyze extensive data sets and detect deviations from typical behavior.
This empowers security teams to promptly respond to and mitigate potential threats. Through ongoing vigilance and active monitoring of AI behavior, organizations can strengthen their email security measures and effectively manage emerging risks.
9. Implement smart authenticity verification
Taking advantage of AI-based Email security best practices, organizations can successfully authenticate the source of messages and discover and stop any attempts to mislead recipients by using fake or AI-generated texts.
Smart authenticity verification systems utilize ML algorithms and pioneering pattern recognition techniques to analyze important attributes and sender details.
Examining these details alongside the patterns of legitimate senders, intelligent technology can recognize suspicious or bogus messages that try to act like reliable sources.
Through continuous adaptation and learning from new data, these systems remain at the forefront of countering the ever-evolving tactics employed by cybercriminals.
By closely examining critical factors like sender reputation, headers, domain authentication, and content analysis, AI has the capability to identify anomalies and inconsistencies that may signify fraudulent activity.
This robust approach safeguards recipients against impersonation attacks and preserves the integrity of communication channels.
10. Employ AI-enhanced filtering
AI Email security best practices comprise advanced filtering mechanisms that examine and comprehend patterns, content, and sender actions.
Leveraging extensive data, these systems consistently enhance their capabilities to combat novel and evolving threats.
Intelligent algorithms adeptly recognize dubious attributes, including deceptive subject lines, uncommon attachment formats, and malicious URLs, effectively sieving out harmful messages prior to their delivery to recipients’ email folders.
Powerful tools can identify slight clues of fake emails, including language forms, layout, and abnormalities in the sender’s conduct. Organizations can make use of them to shield their users from being affected by attacks and reduce the dangers posed by malicious content.
Conclusion
By incorporating the ten Email Security Best Practices for email described above, you can strengthen your resilience against digital risks. You should adopt a proactive stance in safeguarding your organization’s sensitive data and upholding the confidence of your partners and staff members.
For comprehensive support and specialized knowledge, turn to a reliable company delivering IT security consulting services. By doing so, you can address emerging threats, ensuring the protection and robustness of your infrastructure amidst the ever-evolving landscape of cyber threats.
The very first foldable smartphone from OnePlus could have a rather unexpected name. The device could be called the OnePlus Open, as tipped by Max Jambor, a well-known tipster.
The first foldable phone from OnePlus could have a rather unexpected name
Considering that we expected it to be called the OnePlus Fold or OnePlus V Fold, this is quite a surprise. That name was patented a while back, it seems, though OnePlus considered a bunch of different names too.
The Prime, Wing, Peak, and Edge names were also mentioned by the tipster. All of them got patented, but it seems like OnePlus settled on ‘Open’. It kind of makes sense, but it’s also surprising at the same time.
Many OEMs do go for the ‘Fold’ name for their book-style foldable. Samsung popularized it, and people tend to associate it with book-style foldables because of it. Well, OnePlus seemingly decided to go in the other direction.
We already know what the device will look like
As a reminder, the very first OnePlus foldable is set to arrive in Q3 this year. Its CAD-based renders did surface recently, revealing its design, which looks quite appealing.
This may be OnePlus’ first foldable, but don’t let that fool you. OnePlus is owned by BBK Electronics, the same company behind OPPO and Vivo. Both OPPO and Vivo have released some really compelling foldable phones thus far, so OnePlus definitely didn’t have to do things from scratch. It was able to learn from mistakes OPPO and Vivo made in the past.
The OnePlus Open will be quite a powerful phone. It is expected to ship with the Snapdragon 8 Gen 2 or 8+ Gen 2 processor, and includes both LPDDR5X RAM and UFS 4.0 flash storage.
Two 120Hz displays will be included, along with fast charging
Two 120Hz panels will be included on the device, and their sizes will be 7.8 and 6.3 inches, it seems. The company will also utilize a 4,800mAh battery, while 67W fast wired charging is also tipped. Wireless charging is also expected, by the way.
If you’d like to know more, check out our OnePlus Fold aka OnePlus Open preview.
Instagram’s highly-anticipated Twitter competitor is now available, and it’s called ‘Threads’. Ever since Elon Musk took over Twitter, he made a number of controversial moves, which pushed users to consider alternatives.
Threads, a Twitter alternative from Instagram, is now available
Well, Threads is one of those alternatives, and it’s arguably one that has the best chances of competing with Twitter. Why? Well, because it’s integrated with Instagram, and Instagram is used by tons of people.
If you have an Instagram account, getting to Threads is immensely simple. On top of that, you can also immediately follow all the people you follow on Instagram, with a touch of a button. Even if they’re still not on ‘Threads’, the service will remember you want to follow them.
On top of that, this app comes with quite a few features from the get-go, compared to many competitors. Bluesky, for example, is another app that has been considered as an alternative to Twitter, but it’s still light on features, and not everyone can open up an account yet (the invite system is in place).
It’s not available in the EU, well… not yet
That’s not the case with Threads. However, the app/service is not available all over the globe. If you live in the EU, you’re out of luck. Due to the app’s data-hungry preferences, it’s blocked in the EU, at least for now.
You can still open up an account if you sideload the app, though. You won’t find it in the Google Play Store, however, if you live in the EU, nor will you be able to log into it via an Internet browser.
If you live in a region where it is available, you can download it via the Google Play Store or App Store, depending on your platform. You can also access the web UI via Threads.net.
Instagram head, Adam Mosseri, said the following: “Obviously, Twitter pioneered the space… but just given everything that was going on, we thought there was an opportunity to build something that was open and something that was good for the community that was already using Instagram”.
This platform allows you to create text-based posts with up to 500 characters
Threads allows you to create text-based posts with up to 500 characters. You can also share photos and videos up to five minutes in length. The UI design is somewhere between Twitter and Instagram, basically, but it’s closer to Instagram’s UI.
There are two feeds you can choose from, recommended posts, and posts from people you follow. It’s the same deal you get as on Twitter. You also have the option to keep your posts private (for your followers), or allow everyone to see them.
Threads app/service is now available in over 100 countries, and the US is included, but the EU is not, as already mentioned. Based on Mosseri’s comments, however, Threads is coming to the EU, as soon as the company figures out how to do it properly.
Xiaomi is planning to launch its first electric car, and car in general, next year. We did not get an official confirmation from the company, but one of Xiaomi’s suppliers seemingly confirmed it.
The very first electric car from Xiaomi will allegedly launch next year
This information comes from CNMO, a Chinese news outlet. It is said that a supplier involved in the project says the pricing for the car is now finalized, suggesting that the launch will follow next year.
We do not know what the price will be, however. A price of CNY149,900 ($20,777) was tipped earlier, but it turned out to be completely false. Wang Hua, the head of Xiaomi’s public relations confirmed as much.
Xiaomi’s president, Lu Weibing, confirmed back in May that Xiaomi’s car production is steadily advancing. He also said that the project entered an accelerated development stage.
Xiaomi is allegedly planning to do more summer and winter tests this year. If everything goes according to plan, this car could launch in the first half of next year.
It will arrive to China first, and it remains to be seen if it will be sold elsewhere
One thing to note is that the car will launch in China first. If it ends up being a success, chances are that it’ll take Xiaomi quite a bit of time to offer it elsewhere, if that’s even what the company is planning to do.
More competition in the market is always welcomed, as the users are the ones who end up benefiting from it. So, it would be nice to see Xiaomi’s offering enter the electric car ring, for sure.
We’ve seen Xiaomi manufacture and sell all kinds of products, from portable air compressors and smart lights, to electric scooters, power banks, and smartphones. The company produced various other products too, though not all of them made it to global markets, not even close.
It would be nice to get confirmation from Xiaomi itself regarding its electric car project, but until then, these reports are all we have to go on.
Going to the movies is oftentimes way more entertaining than seeing the same flick on your home TV — except if you have one of those giga-huge setups, but most of us don’t. Anyway, this may be one of the reasons that some of the best phones out there are also big phones. Battery limitations may also be a factor, but hey — you get what I mean!Bigger things are sometimes just more entertaining. Hence, some years ago, stickers became all the rage. Emojis? Pfft! Tiny and insignificant! Stickers? Huge, bold and some of them were even animated! They were an all-new way to express yourself, because sometimes you just need to use the radical Kung Fury dinosaur sticker about teamwork.
While all of that was going on, WhatsApp commissioned some developers to draft up stickers and then worked on a way to associate emojis with them. And then in the next five years, absolutely nothing came out of that, but now WABetaInfo is actually reporting that a feature related to this is finally being developed.
Cool idea elevator pitch:
You probably know the general location of your most-used emojis by heart
You probably don’t use stickers that much
What if when you use an emoji, WhatsApp could recommend an associated sticker?
Boom. There it is. A floating menu appears on top and if you’d like to, you can tap any of the recommended stickers in order to replace your boring emoji with it instantly.
Let’s be honest: switching panes in order to use stickers is a pain. But if I select an emoji and get some neat recommendations, I might actually start using stickers instead. While this release doesn’t exactly solve any tier-one world-crisis level of issues — which, to be frank, WhatsApp doesn’t have that many of — it does something else that is really important: it saves you time. And any update to a thing’s UI that can do that for the user is just fine by me.
As of now, this update is available only to the WhatsApp Beta participants on Android. While we don’t know when it will be rolled out for the public, we’re certainly happy to know that it’s on the horizon.
A security flaw has been identified in the Linux kernel called “stockRot” (CVE-2023-3269). This vulnerability grants attackers access to the kernel and the ability to elevate their privileges.
It has been discovered that “Stack Rot,” a vulnerability in stack expansion, is present in Linux kernel versions 6.1 to 6.4.
The stack is a section of memory that operates on a LIFO (last-in-first-out) principle, which means that data such as your local variables and function calls are appended to or removed from the stack in reverse chronological order.
Vulnerability in Memory Management
There is a vulnerability in the memory management subsystem of the Linux kernel that can impact almost all kernel configurations. It can be triggered with minimal capabilities.
The maple tree, responsible for managing virtual memory areas, can undergo node replacement without properly acquiring the MM write lock, leading to use-after-free issues.
The Maple Tree is a B-Tree data type that is optimized for storing non-overlapping ranges; the maple tree is composed of maple nodes.
The StackRot vulnerability has been present in the Linux kernel since version 6.1 when the VMA tree structure was changed from red-black trees to maple trees.
“However, it should be noted that maple nodes are freed using RCU callbacks, delaying the actual memory deallocation until after the RCU grace period. Consequently, exploiting this vulnerability is considered challenging”, the researcher said.
Peking University security researcher Ruihan Li said no publicly available exploits target use-after-free-by-RCU (UAFBR) bugs.
He also added that this flaw could be exploited in the environment provided by Google kCTF VRP.
Patch Released
The flaw was fixed during the merge window for Linux kernel 6.5; the fix was merged into Linus’ tree.
The patches applied to o stable kernels (6.1.37, 6.3.11, and 6.4.1), effectively resolving the “Stack Rot” bug on July 1st.
“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.
In addition to announcing the RedMagic 8S Pro series handsets, the company has also shown off a new tablet. The RedMagic Gaming Tablet is, as its name says, a gaming tablet, to go along with the gaming smartphone the company announced.
The RedMagic Gaming Tablet is now official with a metal unibody design
This tablet is made out of metal, it has a metal unibody design. As you can see, its bezels are quite thin too. The device is only 6.5mm thick, and it weighs around 613 grams.
There is a 12.1-inch 2500 x 1600 LCD display included here, with a 144Hz refresh rate. That display offers up to 240Hz touch sampling rate, and 10-bit color depth. This display has a max brightness of 600 nits, by the way, and it offers eye protection against blue light.
The Snapdragon 8+ Gen 1 fuels the device, while 12GB and 16GB RAM models got announced. Those two variants come with 256GB and 512GB of storage, respectively. LPDDR5 RAM and UFS 3.1 storage is included here.
A 10,000mAh battery is also included, and 80W charging supported
A 10,000mAh battery is also included in the package, while 80W fast wired charging is supported. Yes, a charger is included in the box as well.
You will find a 16-megapixel camera on the back of this tablet, and a 13-megapixel one on the front. Android 13 comes pre-installed, along with the RedMagic OS 8.0.
The company included four speakers here too, along with DTS Ultra support. The ICE Cooling System is also a part of the package, as is the RedMagic game assistant, and the X Gravity Platform.
5G is supported here, and there’s a single slot for a nano SIM card here. Bluetooth 5.3 is supported, as is Wi-Fi 6. The device measures 279.68 x 181.91 x 6.5mm, while it weighs 613 grams.
It comes in a single color, and we’re still not sure if it’s coming to global markets
It comes in a single color, Night Knight, and its pricing starts at CNY3,999 ($552) in China. For those users who pre-order it in China, however, a CNY100 ($14) discount is ensured. It remains to be seen if this tablet will end up being offered globally. The RedMagic 8S Pro is almost certainly on the way to global markets.
The rapid rise and sophistication of ransomware enable threat actors to launch attacks more frequently and disrupt businesses and organizations that are lacking adequate preparation.
The researchers at Microsoft Incident Response recently investigated an intrusion in which it’s been the threat actor’s rapid attack progression, caused major disruptions for the victim organization in just five days.
To accomplish their goals, a wide range of tools and techniques were used by the threat actor during those five days to deploy BlackByte 2.0 ransomware.
TTPs Used
Here below we have mentioned all the TTPs used by the threat actor:-
Using existing tools to persist and gather information covertly.
For command and control (C2), setting up Cobalt Strike beacons.
Combining process hollowing with the utilization of vulnerable drivers to evade defensive mechanisms.
To enable long-term persistence, deployment of the backdoors that are custom-developed.
Deploying custom-developed tools to collect and exfiltrate data.
Attack chain
Exploiting the following ProxyShell vulnerabilities, the threat actor gained initial access to the victim’s environment through Microsoft Exchange Servers that are unpatched:-
BlackByte attack chain (Source – Microsoft)
By exploiting these vulnerabilities, the threat actor achieved the following abilities:-
Gain administrative access to the compromised Exchange host.
Retrieve user LegacyDN and SID data through Autodiscover requests.
To access the Exchange PowerShell backend, build a valid authentication token.
Using the New-MailboxExportRequest cmdlet to create a web shell and mimic domain admin users.
Upon device access, the threat actor established registry run keys to execute payloads upon user login each time. Here below we have mentioned those registry run keys:-
Here, to achieve persistence the threat actor used Cobalt Strike, and the Microsoft Defender Antivirus flagged sys.exe as Trojan:Win64/CobaltStrike!MSR, downloaded from temp[.]sh (hxxps://temp[.]sh/szAyn/sys.exe) which was detected as Cobalt Strike Beacon.
Threat actors use legit remote access tools to blend in, and in this instance, for persistence and lateral movement, AnyDesk was utilized.
This tool was installed as a service that ran from the following paths:-
C:\systemtest\anydesk\AnyDesk.exe
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
C:\Scripts\AnyDesk.exe
AnyDesk log file ad_svc.trace revealed successful connections with anonymizer service IP addresses associated with:-
It’s been used by threat actors commonly to hide their source IP ranges. Moreover, security analysts detected the utilization of NetScan, a network discovery tool, by the threat actor to conduct network enumeration.
Using the following command the attacker disabled Microsoft Defender Antivirus, allowing them to execute Trojan:Win64/WinGoObfusc.LK!MT file:-
Analysts found that explorer.exe is ExByte, a GoLang-based tool used in BlackByte ransomware attacks to collect and steal files from victim networks after reverse engineering it.
Capabilities of BlackByte 2.0 ransomware
Here below, we have mentioned the capabilities of BlackByte 2.0 ransomware:-
Antivirus bypass
Process hollowing
Modification/disabling of Windows Firewall
Modification of volume shadow copies
Modification of registry keys/values
Additional functionality
Recommendations
Here below, we have mentioned all the recommendations offered by the security researchers at Microsoft Incident Response:-
Prioritize patching for internet-exposed devices and establish a robust patch management process.
Deploy Microsoft Defender for Endpoint, an EDR solution, for real-time visibility into malicious activity across your network.
Enable cloud-based protection and configure your antivirus solution to block threats by ensuring regular updates for antivirus protection.
To safeguard against the disabling of Microsoft Defender Antivirus components, make sure to activate tamper protection.
Make sure to block all the traffic from the IPs that are listed in the IoC.
Make sure to block access from unauthorized public VPN services and incoming traffic from TOR exit nodes.
Limit administrative privileges to prevent authorized alterations to the system.
“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.
.png
)
