Google Meet is getting an important update for many users. The app has just received support for 52 languages to translated captions and 11 more languages for closed captions.
If you’re a Google Workspace customer or a simple user with a personal account, you’ll benefit from the expanded support for closed captioning to include the following languages in beta:
Azerbaijani
Czech
Greek
Icelandic
Kazakh
Lao
Lithuanian
Malay
Serbian
Swahili
Ukrainian
With the addition of these 11 languages, closed captioning now supports a total of 87 languages, although keep in mind that some are still in beta.
Moving on to translated captions, Google Meet is getting support for 52 languages. According to Google, only Gemini for Google Workspace customers are getting support for these languages, which can be translated to and from any other fully supported language.
In addition, Google announced that it’s rolling out full language support to 6 previously launched languages: Dutch, Indonesian, Japanese, Swedish, Turkish, and Vietnamese.
With the latest update, Google Meet translated captions now fully support 69 languages, allowing for over 4,600 language pairs.
Along with the update, Google also revealed that starting January 22, 2025, translated captions in Google Meet will be exclusively available to Gemini for Google Workspace customers.
Until then, translated captions will be available in the following Gemini add-ons: Gemini Enterprise, AI Meetings and Messaging, and Gemini Education premium.
As far as close captioning goes, the new languages are now available to all Google Workspace customers and users with personal Google accounts, so you don’t really have to pay for it.
A new botnet named Zergeca has emerged, showcasing advanced capabilities that set it apart from typical Distributed Denial of Service (DDoS) botnets.
Discovered by the XLab Cyber Threat Insight Analysis (CTIA) system on May 20, 2024, Zergeca has already demonstrated its potential to cause significant disruption.
This article delves into the intricate details of Zergeca, its functionalities, and its implications for cybersecurity.
Discovery and Initial Analysis
On May 20, 2024, while many were celebrating a holiday, the XLab CTIA system captured a suspicious ELF file located at /usr/bin/geomi.
This file, packed with a modified UPX and uploaded from Russia to VirusTotal, initially evaded detection by antivirus engines.
Later that evening, another Geomi file with the same UPX magic number was uploaded from Germany.
The multi-country uploads and the modified UPX packer raised red flags, prompting further investigation.
Zergeca’s Capabilities
Upon analysis, it was confirmed that Zergeca is a botnet implemented in Golang.
The botnet’s name, Zergeca, is inspired by the swarming Zerg in StarCraft, reflecting its aggressive and expansive nature.
Zergeca is not just a typical DDoS botnet; it supports six different attack methods and boasts additional capabilities such as proxying, scanning, self-upgrading, persistence, file transfer, reverse shell, and collecting sensitive device information.
Unique Network Communication Features
From a network communication perspective, Zergeca exhibits several unique features:
Multiple DNS Resolution Methods: Prioritizes DNS over HTTPS (DOH) for Command and Control (C2) resolution.
Smux Library: Utilizes the uncommon Smux library for C2 communication protocol, encrypted via XOR.
During the investigation, it was discovered that Zergeca’s C2 IP address, 84.54.51.82, had been serving at least two Mirai botnets since September 2023.
This suggests that the author behind Zergeca accumulated experience operating Mirai botnets before creating Zergeca.
The primary methods used by 84.54.51.82 to propagate samples include exploiting Telnet weak passwords and specific known vulnerabilities such as CVE-2022-35733 and CVE-2018-10562.
DDoS Statistics and Targets
From early to mid-June 2024, Zergeca primarily targeted regions such as Canada, the United States, and Germany.
The main type of attack was ackFlood (atk_4), with victims distributed across multiple countries and different Autonomous System Numbers (ASNs).
Zergeca botnet primarily targeted regions such as Canada, the United States, and Germany
The reverse analysis of Zergeca revealed that the botnet is designed for the x86-64 CPU architecture and targets the Linux platform.
The presence of strings like “android,” “darwin,” and “windows” in the samples, along with Golang’s inherent cross-platform capabilities, suggests that the author may eventually aim for full platform support.
Zergeca achieves persistence on compromised devices by adding a system service named geomi.service.
This service ensures that the Zergeca sample automatically generates a new geomi process if the device restarts or the process is terminated.
String Decryption and Communication Protocol
Zergeca uses XOR encryption for many sensitive strings.
The XOR key is initially set to EC 22 2B A9 F3 DD, but only the first six bytes are used.
The decryption process can be automated by identifying specific patterns in the decryption-related code blocks, restoring all encrypted strings efficiently.
Zergeca uses Smux for Bot-C2 communication. Smux (Simple MUltipleXing) is a Golang multiplexing library that relies on underlying connections like TCP or KCP for reliability and ordering, providing stream-oriented multiplexing.
Silivaccine Module
To monopolize the device, Zergeca includes a list of competitor threats, covering miners, backdoor trojans, botnets, and more.
Zergeca continuously monitors the system and terminates any process whose name or runtime parameters match those on the list, deleting the corresponding binary files.
OZI.A
COM.UFO.MINER
KINSING
KTHREADDI
kaiten
srv00
meminitsrv
.javae
solr.sh
monerohash
minexmr
c3pool
crypto-pool.fr
f2pool.com
xmrpool.eu
………
Zombie Module
Zergeca resolves the C2 IP address using the geomi_common_utils_Resolve function, which supports four resolvers: Public DNS, Local DNS, DoH, and OpenNIC.
After obtaining the C2 IP, the bot reports sensitive device information to the C2 and awaits commands, supporting six types of DDoS attacks, scanning, reverse shell, and other functions.
The discovery of Zergeca highlights botnets’ continuous evolution and increasing sophistication.
With its advanced scanning, persistence features, and multi-functional capabilities, Zergeca poses a significant cybersecurity threat.
Cybersecurity professionals must stay vigilant and proactive in identifying and mitigating such threats as the botnet continues to develop.
IOC
Sample
23ca4ab1518ff76f5037ea12f367a469
9d96646d4fa35b6f7c19a3b5d3846777
d78d1c57fb6e818eb1b52417e262ce59
604397198f291fa5eb2c363f7c93c9bf
f68139904e127b95249ffd40dfeedd21
d7b5d45628aa22726fd09d452a9e5717
6ac8958d3f542274596bd5206ae8fa96
pathced with "xlab" at the end of file
980cad4be8bf20fea5c34c5195013200
sample captured on 2024.06.19, support ddos vector 7
60f23acebf0ddb51a3176d0750055cf8
Domain
ootheca.pw
ootheca.top
bot.hamsterrace.space
IP
84.54.51.82 The Netherlands|None|None AS202685|Aggros Operations Ltd.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
Ulefone’s Summer Sale will be over soon, but there’s still time to grab up to 69% on the company’s products. The sale will end on June 23, so in two days from the point of publishing this article.
Various different products are on offer, but the main focus is on the Ulefone Armor 25T Pro and Armor 26 Ultra. Both of those are very compelling offerings from the company and some of the best phones Ulefone has to offer.
The Ulefone Summer Sale is almost over, but there’s still time to grab up to 69% off
Both of these phones are rugged devices, they’re different, though. The Ulefone Armor 25T Pro comes with thermal imaging and infrared night vision capability thanks to its rear camera setup. The phone also has a 6.78-inch fullHD+ display with a 120Hz refresh rate.
The MediaTek Dimensity 6300 5G SoC fuels this phone, while it includes up to 12GB of RAM. It also comes with 256GB of storage, which is expandable. A 6,500mAh battery sits inside of this phone. 33W wired and 30W wireless charging is supported, while Android 14 comes out of the box. This phone can be yours for only $289.99, at the moment (40% off).
The Ulefone Armor 26 Ultra comes in standard and Walkie-Talkie versions. It has a truly impressive speaker on the back and a gigantic 15,600mAh battery. You can recharge that battery via 120W wired charging, and a charger is included.
The device offers 12GB of RAM, but you can expand that up to 24GB RAM thanks to virtual RAM. This phone also has a 200-megapixel main camera and much more. The standard version of the phone will cost you $359.99, while the Walkie-Talkie model costs $419.99.
The Ulefone Armor Pad 3 Pro and Ulefone Note 18 Ultra are also worth noting. That tablet and smartphone are currently priced at $279.99 (50% off) and $149.99 (50% off), respectively.
If you’d like to check out all the devices that are on sale, check out the link below. Ulefone also published the Ulefone Note 18 Ultra unboxing video, in case you’re interested.
Chargeasap, the Australian consumer electronics startup specializing in smartphone charging accessories, has launched a revolutionary new product. The Zeus 280W USB-C GaN Charger is the world’s first and smallest 280W charger with four output ports. It features three USB-C ports and one USB-A port, eliminating the need for multiple bulky adapters to charge your electronics.
Chargeasap launches the world’s first & smallest 280W charger
Founded in 2016, Chargeasap makes chargers, power cables, and other charging accessories for various electronic products, including smartphones and laptops. The firm’s newest offering is a GaN (gallium nitride) charger capable of delivering a power output of up to 280W. It features three USB-C ports, two of which can simultaneously charge your devices at 140W. The third USB-C port delivers 100W of maximum power.
Additionally, you get a USB-A port rated to charge compatible devices at up to 65W. These ports should be enough to simultaneously juice up your smartphone, laptop, tablet, and other devices. Chargeasap says it has equipped the charger with a laptop-first power distribution system, ensuring that the C1 port will always be prioritized at 140W to ensure uninterrupted fast charging for your PC.
Chargeasap’s Zeus 280W USB-C GaN Charger also features an OLED screen that provides a real-time display of charging volts and amps. The firm has included over-current, over-voltage, over-temperature, and short-circuit protection technologies. Despite all these technologies and power, the product only measures 89 x 59 x 44mm (3.5 x 2.16 x 1.73 inches) in dimension, making it the world’s smallest 280W charger.
At 380 grams (0.83 pounds), it is also relatively lightweight. According to Chargeasap, the charger features the Navitas GaNFast NV6127 Power IC technology. The product has “four of these industry-leading chips,” allowing for “superior efficiency and faster charging speeds in a more compact form factor.” Chargeasap ships the charger with four different types of travel adapters so it fits perfectly in the wall socket no matter where you live.
Price & availability
Chargeasap’s revolutionary 280W GaN charger is now available in white and black colors at Amazon UK for £160. The firm plans to sell it through Amazon US within the next couple of weeks. The charger will cost $219 in the States. Chargeasap may also release the product in other European countries in the coming weeks. The startup is currently working on another adapter that will allow this charger to be connected via a C7 cable instead of being plugged directly into the wall socket. It plans to launch it within two months.
About a year ago, Samsung launched the Samsung News app. It delivers daily news updates, a custom news feed based on what you are into, and podcasts from news and entertainment channels – all right there in the app. Now, with the US election season almost here, Samsung is revamping the app to keep you ahead of the curve.
Samsung News brings dedicated news coverage of this year’s presidential elections, La Liga, and more
In a new update, Samsung enhances its News App with expanded coverage for major upcoming events, such as the 2024 United States Presidential Election. Plus, the company is also launching new sports content for soccer fans across the US.
Samsung News has become a daily touchpoint for millions of people looking for easy to access updates from their favorite local and national news outlets. This year we’re making it even easier to keep up to date with breakout programming around the most important global events, and new content from even more premium partners.
– Avner Ronen, Vice President of Product Development for Samsung, June 2024
Samsung News is rolling out a special tab in the app designed to be your go-to hub for extensive election coverage. This new tab, prominently featured on the Samsung News navigation bar, offers real-time updates from reliable sources, a calendar highlighting crucial dates like debates and party conventions, detailed candidate profiles, and ongoing updates on presidential polls.
You can start your day with the Morning Briefing and wrap up with the Evening Briefing | Image credit – Samsung
In addition, Samsung News is teaming up with La Liga, one of the world’s biggest soccer leagues, as its latest content partner. As La Liga’s 94th season gets underway, you can dive into a collection of the most current and popular news stories about your favorite teams and players.
Samsung News has also expanded its roster of partners to include new names like Yahoo Sports, ESPN, CNBC, and Good Morning America. This latest update is now accessible to all users across the US.
With more people turning to mobile platforms for daily news and sports updates, updates like these are welcomed. They ensure users receive timely and relevant information on the topics that matter most to them.
As a precautionary measure, all module versions should be considered potentially vulnerable.
Active Exploitation and Warnings
Alarmingly, malicious actors are actively using this exploit to deploy webskimmers, which are designed to steal credit card information from unsuspecting customers.
PrestaShop website owners are urged to take immediate action to mitigate the risk of data theft and unauthorized access.
Mitigation and Recommendations
To protect PrestaShop installations from this vulnerability, upgrading to the latest version of the pkfacebook module is highly recommended.
Additionally, PrestaShop users should consider the following security measures:
Upgrade PrestaShop to the latest version to disable multi-query executions and enhance overall security.
Ensure that the pSQL function, which includes, is properly implemented to protect against Stored XSS vulnerabilities.
Change the default database prefix ps_ to a longer, arbitrary prefix to make it more difficult for attackers to guess.
OWASP 942’s rules on a Web Application Firewall (WAF) will be activated to strengthen security further while being aware of potential conflicts with the back office functionality.
PrestaShop website owners are advised to address this critical vulnerability swiftly and implement the recommended security measures to safeguard their online stores and protect customer data from potential breaches.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
OnePlus has announced a press event for June 27, and it will seemingly announce 4 new products during it. The company announced the event via its Weibo page, which means the event will take place in China.
OnePlus will unveil 4 new products on June 27, and the OnePlus Watch 3 will be one of them
A tipster, Ishan Agarwal, revealed which products are coming. The OnePlus Ace 3 Pro, OnePlus Watch 3, OnePlus Pad Pro and OnePlus Buds Pro 3 will become official.
The arrival of the OnePlus Watch 3 is particularly weird. Why? Well, because the OnePlus Watch 2 launched back in February. Unlike the first-gen model, the OnePlus Watch 2 was actually praised.
There’s simply no reason for OnePlus to announce its successor. We were quite skeptical when the device surfaced on TENAA, as it would make more sense for OnePlus to announce a different watch… that won’t be the case, though, it seems.
The OnePlus Ace 3 Pro is also coming
The OnePlus Ace 3 Pro is also worth noting. That device will likely get re-launched as the OnePlus 12T, for global markets. You can check it out in the gallery below.
You can see it will include a curved display with thin bezels. It will also have a centered display camera hole, and a camera oreo on the back, in the top-left corner. Its physical buttons will sit on the right side, while an alert slider will be included on the left.
Based on the information shared online, the phone will be fueled by the Snapdragon 8 Gen 3. It will include a 6.78-inch 1.5K LTPO OLED display with a 120Hz refresh rate.
The phone will also ship with Android 14 out of the box. A large 6,100mAh battery is tipped, as is 100W wired charging. A 50-megapixel main camera will be backed by an 8-megapixel ultrwaide unit, and a third 2-megapixel camera.
A recent rise in data breaches from illegal Chinese OTT platforms exposes that user information, including names and financial details, is vulnerable to exploitation by criminals.
The leaked information can be used for phishing attacks, financial fraud, and even harassment, as these illegal OTT services often operate under the radar.
This makes it difficult to hold them accountable and further increases the risk of user data exposure.
Illegal Chinese OTT services are leaking user data through vulnerabilities in HFS (HTTP File Server) used for file sharing.
Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot
HFS, a standalone executable web service, allows uploading and sharing videos and files but suffers from security weaknesses that expose this data.
It is especially concerning for servers using the unstable 2.3 beta version of HFS, which is riddled with vulnerabilities and easily compromised by hackers.
Users can potentially identify illegal servers located in China by leveraging the asset search function within a tool called Criminal IP, which exploits a vulnerability in some web servers, specifically those using the “HFS” (HTTP File Server) protocol.
Search results on Criminal IP for HFS
By crafting a query like “title: “HFS/”” within Criminal IP, the tool searches for servers with this signature, potentially revealing unsecured or malicious servers operating in China, relying on the assumption that servers employing outdated or vulnerable protocols are more likely to be involved in illegal activities.
Personal information exposed in TXT files
HFS server version 2.3 beta, used by illegal OTT platforms, exposes sensitive user data in plain text files within the server’s output folder, named “Login Denied” and “Authentication Code,” which contain user information including names, addresses, phone numbers, and even credit card details, potentially impacting a large number of South Korean users and raising security concerns for the platform and its users.
Illegal Chinese OTT sites operating while changing domains
Domain fluxing is a method of quickly changing domain addresses that illegal OTT service operators use to avoid being caught and to get around government oversight, which makes it harder to shut down these bad services and leaves users open to data breaches because there are not strong security protocols in place.
According to Crmininal IP, to counter these evasive tactics, law enforcement and content providers should focus on identifying and blocking these services at the network level, independent of their ephemeral domain names.
It can be achieved through techniques such as IP address blocking, traffic filtering, and collaborating with internet service providers (ISPs) to disrupt the distribution of illegal content.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
The US government will ban the sale of Kaspersky antivirus products to new customers in the United States starting July 20, with a follow-on deadline to prohibit the cybersecurity company from providing users with software updates after September 29.
The move follows years of allegations that the cybersecurity firm served as a hacking conduit for Russian intelligence agencies—allegations that the company has consistently denied.
While current US Kaspersky customers will see no immediate impact from the ban, the September 29 software update deadline signals a bigger change. Without available updates, any cybersecurity product becomes less secure over time, and means the company won’t be able to protect customers against the newest threats.
In a briefing call with reporters on Thursday, US Department of Commerce Secretary Gina Raimondo offered consolation and advice to current customers of the antivirus products:
“You have done nothing wrong, and you are not subject to any criminal or civil penalties. However, I would encourage you, in as strong as possible terms, to immediately stop using that software and switch to an alternative in order to protect yourself and your data and your family.”
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interested and allies,” the company said. “The company intends to purse all legally available options to preserve its current operations and relationships.”
The ban, first reported by Reuters and released Thursday, includes “AO Kaspersky Lab,” “OOO Kaspersky Group,” and “Kaspersky Labs Limited.”
According to the US Department of Commerce, all three Kaspersky entities are being banned “for their cooperation with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence objectives.”
In October 2017, The New York Times reported that Israeli intelligence officers managed to catch Russian government hackers using Kaspersky to conduct clandestine searches across the globe. That reporting followed a bombshell investigation from The Wall Street Journal that claimed that Russian hackers stole classified NSA materials from a contractor’s personal computer which had Kaspersky software installed on it.
In the same Thursday briefing call, Secretary Raimondo cited the threat of Russian influence in the Department’s decision to ban Kaspersky:
“Russia has shown it has the capacity and… the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans and that is why we are compelled to take the action that we are taking today.”
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
On the left-hand side, you have album info: name, band, artist, release date, track count, total length, and description from Wikipedia that you can expand. You then have a play/pause button, and options to download, save to the library, share, and an overflow menu.
Songs appear at the right.
Playlists are getting the same treatment for a dense look that takes advantage of the larger screens on laptops and desktops. This is a great new addition to the YouTube Music web player look, and it makes it more convenient just like the app.
YouTube Music has been getting some update love recently in order to better rival the likes of Spotify and Apple Music. For example, YouTube Music is now working on an AI feature that will let you ask for music, and also you’ll be getting the option to upvote playlists just like Spotify soon.
Izzy, a tech enthusiast and a key part of the PhoneArena team, specializes in delivering the latest mobile tech news and finding the best tech deals. Her interests extend to cybersecurity, phone design innovations, and camera capabilities. Outside her professional life, Izzy, a literature master’s degree holder, enjoys reading, painting, and learning languages. She’s also a personal growth advocate, believing in the power of experience and gratitude. Whether it’s walking her Chihuahua or singing her heart out, Izzy embraces life with passion and curiosity.
.webp)
.webp)
.webp)
