After beta testing Proton Pass for some time, Proton has launched its password manager for all users. Describing its prominent features, the service explains how Proton Pass can even serve as a decent identity manager, offering password as well as email alias protection.
Proton Pass Password Manager Also Protects Users’ Identity
Earlier this year, Proton – the firm behind the popular freemium VPN ProtonVPN – announced launching its own password manager ‘Proton Pass.’ Initially, the tool remained confined to beta testing with an invite-only mode. But now, the firm has announced opening it up for Proton users.
As elaborated in a recent blog post, Proton users can now find Proton Pass available as a browser extension for all major browsers across desktops, Android, and iOS devices.
Proton Pass typically markets itself as a password manager, facilitating users to create strong passwords and safely store their credentials and other sensitive data. However, it has one unique feature that surpasses almost all existing password managers – identity protection.
Specifically, Proton Pass offers users to shield their email addresses when signing up on any website. It allows them to use a “hide-my-email” alias that masks the actual email address. Signing up with this alias saves users’ actual email addresses from possible data breaches a website may face. If such an incident happens, the breach would only expose the Proton Pass-created email alias, leaving the actual email address unaffected.
With this feature, Proton aims to save users from potential identity theft risks that may arise due to email address exposures.
Moreover, Proton Pass encrypts all fields, such as usernames and URLs, instead of other password managers that merely encrypt passwords. Such detailed encryption saves users’ information from intruders if they get access
The tool is currently free to all Proton users with premium subscriptions (Proton Unlimited, Business, Visionary, or Family plan). Whereas other Proton users can purchase a Proton Pass subscription for as low as $1/month until the end of July and $3.99/month afterward.
Meduza authors are pushing the malware as a subscription-based service, offering plans for 1-month, 3-month, and lifetime access.
Crimeware-as-a-Service (CaaS) operations have become the latest fad in the world of cybercrime, and the Meduza Malware is the newest weapon added to its ever-increasing arsenal.
Uptycs Threat researchers report that Meduza Stealer is under active development and boasts comprehensive data-stealing capabilities, along with advanced detection evasion techniques.
How Was Meduza Stealer Discovered?
Uptycs researchers discovered the Meduza malware while monitoring Telegram channels and Dark Web forums. Initial examination revealed that the stealer was developed by someone with the username Meduza. According to the malware admin, Meduza does not perform ransomware operations and only functions as an information stealer.
Meduza Targets- Windows Systems and Browsers
The malware is designed to target Windows-based systems and organizations. Currently, it targets ten countries and pilfers a wide range of system and browser data, from login credentials to browsing history, bookmarks, etc.
It also targets data stored by 2FA, crypto wallets, and password managers. All types of extensions are vulnerable to Meduza. Check out the list of countries it can and cannot target:
Russia
Kazakhstan
Belarus
Georgia
Turkmenistan
Uzbekistan
Armenia
Kyrgyzstan
Moldova
Tajikistan
What Makes Meduza Unusual?
Researchers noted that it has a “crafty” operational design since, unlike other common malware, Meduza’s binary doesn’t use obfuscation techniques, making it virtually undetectable. The malware administrator has employed highly sophisticated marketing tactics to generate hype and trust for Meduza malware.
“In a calculated move to gain trust and confidence, they have initiated static and dynamic scans of the Meduza stealer file using some of the industry’s most reputable antivirus software. Screenshots were then shared, demonstrating that this potent malware could evade detection by these top-tier antivirus solutions,” researchers wrote in the report published on June 30th, 2023.
This malware is being fiercely marketed across different cybercrime forums and Telegram channels. Most antivirus software cannot detect its binary dynamically and statically, making the situation much more problematic for security researchers. The pricing model for Meduza is the real game-changer.
The admin offers numerous subscription packages, such as 1-month, 3-month, and lifetime access plans, at competitive prices ($199 per month, $399 for a 3-month subscription, and $1,199 for a lifetime license).
The Meduza malware is being advertised on the infamous Russian cybercrime and hacker forum XSS.IS (Left) – Meduza author boasting about the malware’s AV-evading capabilities. (Images: Hackread.com)
Moreover, the stolen data is available on a user-friendly web panel. Subscribers can create customized binaries and access, download, and delete sensitive data, including IP addresses, geographical data, stored cookies, wallets, passwords, and OS build names directly from the panel.
Meduza Data Stealing Capabilities
After infecting the machine, the malware scans for geolocation data against a predefined list of excluded countries and aborts operations if a match is found. Meduza malware connects to its operator’s C2 server if it doesn’t match. It starts stealing data only after the connection is established. It steals data from various Windows APIs, including GetUserName, GetComputerName, GetCurrentHWProfile, and EnumDisplayDevices.
It also collects system build CPU computer details, execute path, geolocation, OS, RAM, hardware IDs, GPU, TimeZone, screenshot resolution, username, etc. It also collects browser info, miner’s registry info, password manager info, and installed games details, probably to gain extensive financial and personal data.
Meduza comes with a predefined browser list and checks the User Data folder to get browser-related data such as cookies, history, web data, login data for accounts, and local state. It also steals Telegram Desktop app data from these Windows Registry paths:
What’s worse, Meduza malware is also capable of collecting data from 19 password managers, stealing clients, Discord, 95 web browsers, and 76 cryptocurrency wallet extensions.
To stay protected, you must keep the OS, browsers, and installed applications updated so that vulnerabilities are time patched and use stronger passwords.
Nothing is still developing an identity for Nothing OS, and we’re expecting some notable changes coming with Nothing OS 2.0. However, it doesn’t mean that the company isn’t still working on the current version. According to a report from Gizmochina, Nothing is releasing Nothing OS 1.5.5. This version is going to bring some useful improvements that Nothing fans will enjoy.
We’re all waiting for the Nothing Phone (2). This phone is going to get its official announcement on July 11th. That’s not far away, so Nothing fans will be able to sink their teeth into this phone before too long. We expect it to have a similar design to the first-generation device. However, the most notable change will be the different Glyph interface.
Nothing OS 1.5.5 brings some welcomed improvements
Nothing OS is set to get a welcomed update that will bring some nice features for those sporting the Nothing Phone (1). Not only that, but the update will also bring your run-of-the-mill stability fixes.
Starting off with the features, this update will improve the accuracy of the face unlock feature. The changelog mentions that the update will improve its performance in darker environments. That’s a welcomed change, as it gets frustrating having to switch to different unlock methods when one fails.
This next change will help improve the battery life. It will reduce the Bluetooth power consumption when the device is in standby mode at night. There’s no use in having the Bluetooth function using battery power when you’re not using the functionality.
Perhaps the most notable change is the RAM expansion. The changelog states that you can increase the number of apps open in the background by 10%. While that number will vary depending on how much RAM each app uses, it’s still a welcomed change.
This most likely expands the RAM by using some of your storage as RAM. This is a common practice with phones nowadays, especially less expensive devices. With this, a phone can launch with a decent 8GB of RAM and expand it to 12GB or even 16GB using some of the storage.
Bug fixes
As for the minor changes, the update fixes a handful. The update fixes the issue where adaptive brightness randomly turns off. Other than that, the update fixes the issue preventing the camera from taking pictures and the various problems related to face unlock.
It’s no secret that Reddit’s recent decision to start charging exorbitant fees for its API access has sparked widespread outrage, resulting in whole communities abandoning the platform. However, despite the protests, it appears that Reddit has finally pulled the plug on API access, as multiple third-party apps have started showing error messages.
Christian Selig, the developer behind the popular Apollo Reddit client, expressed his frustration with Reddit’s demand for an astonishing $20 million per year for API access, equating to $12,000 for every 50 million API requests. Additionally, he also criticized the company’s lack of empathy and willingness to listen, suggesting that Reddit could have made an effort to find a solution that worked for everyone.
However, Reddit CEO Steve Huffman has repeatedly defended the company’s proposed changes, stating that the platform was not originally designed to support third-party apps and that they would not reconsider their position. As a result, well-known Reddit apps such as BaconReader and Sync have ceased operations, displaying only an error message stating “Request failed: client error (429).”
Subscription model, the way to go
While the recent API changes have caused the demise of many popular Reddit clients, some apps like Relay are considering adopting a subscription-based model to remain operational. Developer DBrady announced plans to transition to a subscription model in the coming weeks, emphasizing the importance of keeping the subscription price as affordable as possible. However, it is important to note that Relay’s pro version will remain free until they implement the subscription model.
Furthermore, Narwhal, another popular Reddit app, will also adopt a similar subscription-based model, with developer Rick Harrison assuring users that the subscription will cost $4 and $7 and will be ad-free. Additionally, Nara for Reddit is exploring a subscription-based model, but the specific details regarding pricing and implementation are still unclear.
Accessibility apps exempt
Although regular Reddit apps will have to pay for API access, the company has exempted accessibility-focused apps. This means that apps dedicated to assisting users with accessibility needs, such as Reddit for Blind, Luna for Reddit, and Dystopia, will continue to operate for free, ensuring continued accessibility to Reddit content.
In a class action complaint filed on Wednesday, it is claimed that OpenAI and Microsoft stole “vast amounts of private information” from internet users without their permission to train ChatGPT. The case seeks $3 billion in damages.
There is currently a class action lawsuit filed against OpenAI in a California federal court. The lawsuit claims that OpenAI collected 300 billion words from the internet without registering as a data broker or obtaining permission. The lawsuit consists of sixteen unnamed plaintiffs.
In simple terms, the complaint alleges that OpenAI used “stolen private information, including personally identifiable information, from hundreds of millions of internet users, including children of all ages, without their informed consent or knowledge.”
Microsoft is OpenAI’s major customer and business partner, paying the corporation billions of dollars to license AI technologies.
The businesses allegedly continue to “unlawfully collect and feed additional personal data from millions of unsuspecting consumers worldwide to continue developing and training the products,” according to the report.
Popular AI technologies created by OpenAI and utilized by Microsoft were mentioned in the case, including the language models GPT 3.5 and 4.0, the image model Dall-E, and the text-to-speech model Vall-E.
Data Allegedly Stolen By OpenAI
Names
Contact information (including phone numbers and email addresses)
Email addresses
Payment information
Social media information
Chat log data
Usage data, analytics
Cookies
“Defendants have been unjustly enriched by their theft of personal information as its billion-dollar AI business, including ChatGPT and beyond, was built on harvesting and monetizing Internet users’ personal data,” the lawsuit states.
“Thus, Plaintiffs and the Classes have a right to disgorgement and/or restitution damages representing the value of the stolen data and/or their share of the profits Defendants earned thereon.”
OpenAI and Microsoft To Adopt Additional Measures
The complaint demands that OpenAI and Microsoft adopt extra measures and stop violating people’s privacy.
The first step is to make clear what information is being gathered and how it will be utilized. Secondly, according to the plaintiffs, is to adhere to a set of moral standards and make up for the data that was taken.
Finally, the complaint demanded that internet users be given the option to refuse any data gathering and that any unlawful data collection end.
The complaint also refers to the “existential threat” that AI may pose in the absence of “immediate legal intervention.”
It refers to the recent appeals for action by well-known individuals who urged to halt or control the spread of AI systems.
“The proliferation of AI—including Defendants’ products—pose an existential threat if not constrained by the reasonable guardrails of our laws and societal mores,” the complaint says.
“Defendants’ business and scraping practices raise fundamentally important legal and ethical questions that must also be addressed. Enforcing the law will not amount to stifling AI innovation, but rather a safe and just AI future for all”.
So yet, neither Microsoft nor OpenAI have responded to the complaint that has been brought against them. The case has been filed, but it is unclear if the court will allow the legal processes to proceed.
“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.
Samsung has officially confirmed the rumored re-launch of the Galaxy S21 FE in India. The company took to Twitter to tease the device, which will come with a different processor this time around. Leaked promo materials have also hinted at a couple more changes.
The Galaxy S21 FE launched in early 2022 and is already quite old. Samsung has since debuted the Galaxy S22 and Galaxy S23 series flagships, a couple of new foldables, and countless budget and mid-range phones. But in a surprising turn of events, a rumor surfaced a few days back that the company plans to re-launch the so-called affordable flagship in India this month.
The rumor claimed that Samsung would bring the Snapdragon 888 variant of the phone to the South Asian country—the existing Galaxy S21 FE in the region ships with the Exynos 2100 processor. The company has now confirmed these rumors. It recently teased a phone with the Snapdragon 888 processor on Twitter. While Samsung didn’t explicitly name the device, we know what it’s referring to.
“Fast just got faster,” the teaser said. It essentially confirms that Samsung is upgrading an existing phone. The choice of words here also sounds like an admission from the company that the Exynos 2100 isn’t as fast as the Snapdragon 888. As said earlier, the Galaxy S21 FE already ships with the latter processor in several other markets. The Korean behemoth may be looking to clear its inventory from some of those regions.
The Snapdragon 888-powered Galaxy S21 FE in India will come with more changes
Samsung didn’t reveal the launch date of the Snapdragon 888-powered Galaxy S21 FE in India. It simply said that the phone is “coming soon,” without giving us any other information. But leaked promo materials state that the phone will have 256GB of storage on the base variant. There will not be a 128GB model. The company will also sell the device in a new Navy Blue color. It should join the existing options of White, Graphite, Lavender, and Olive.
Rumors are that Samsung will price the new Galaxy S21 FE at ₹49,000 (roughly $600) in India. That’s the same price tag the Exynos 211 variant originally debuted with, though it sold for as low as ₹32,999 (roughly $400) recently. Considering the price of the Snapdragon version, we expect the company to ship the device with newer software (Android 13 out of the box) and give it four major updates. Stay tuned for the official launch in the coming days.
Fans of epic, get ready to experience the power of Snapdragon 888 chipset in the phone you love. It’s made for the epic in everyday. Stay tuned to know more! #Samsungpic.twitter.com/nHH5eMGFVp
Ever since Elon Musk acquired Twitter, the platform has gradually descended into dismay with Musk’s erratic changes. However, the platform’s recent decision to limit the number of tweets a user can see in a day could very well be the final nail in the coffin as many users have started to flock towards alternatives like BlueSky, which has had to temporarily halt signups in order to address performance issues.
In a recent statement, the company stated, “We will temporarily pause Bluesky sign-ups while our team resolves the existing performance issues. We will update you on when invite codes will be available again. We are excited to welcome more users to our beta version soon!”
What is BlueSky?
Although similar in interface to Twitter, BlueSky, developed by former Twitter CEO Jack Dorsey, differentiates itself by allowing users to customize their algorithms and fine-tune their feeds to display a diverse range of posts. Additionally, the platform also utilizes an in-house, open-source framework called the AT Protocol, which promotes transparency by enabling users to understand its structure and ongoing development.
However, despite being in an invite-only phase, Musk’s recent decisions have caused signups for BlueSky to skyrocket. As a result, BlueSky’s status page currently states that the platform is experiencing “degraded performance,” with posts taking a significant amount of time to load.
Twitter is digging its own grave
While Twitter has always found itself in a slew of controversies, the platform’s decision to block browsing access for unregistered users and implement a temporary ‘view limit’ on the number of posts a user can see per day has sparked widespread outrage. This is because users who previously had unlimited access to tweets are now restricted to 600 tweets per day for unverified accounts, 6000 tweets per day for verified accounts, and a mere 300 tweets per day for new unverified accounts.
Elon Musk defended the decision by citing data scraping activities by AI startups, such as ChatGPT, which utilize Twitter data to train their models. Additionally, he also expressed concerns that this data exploitation was negatively impacting the experience of regular users.
Taking another step towards better user privacy, Brave browser limits how websites access local network resources. This measure will likely prevent websites from extensive user fingerprinting.
Brave Browser Limits Websites’ Local Resources Access
According to a recent post from Peter Snyder, Brave’s Senior Privacy Researcher and Director of Privacy, the privacy giant has decided to introduce another major privacy upgrade to its Brave browser.
Specifically, the Brave browser will control and manage websites accessing local network resources, starting with version 1.54.
As explained, access to localhost resources is usually unrestricted in most popular web browsers. These localhost resources include data (such as images, files, web pages, etc.) hosted on the device from other software instead of arriving from the web.
This free access empowers websites to perform various actions. For instance, public sites can query local network for user fingerprinting, to access information from other running software, or to test software. These actions may serve both legit or malicious purposes.
Brave limits this free access by extending the Web permissions API to control sites when accessing localhost resources.
Describing all major feature upgrades that the new Brave browser version will exhibit for users’ privacy, the post lists the following.
Automatic allowance of localhost resource access requests from a localhost context.
Blocking known scripts and sites from accessing local resources.
Introducing the “localhost” permission option (for advanced users) to empower the users to allow specific websites for localhost resources.
Displaying a list of trusted websites for localhost resource access.
With these gradual steps, Brave strives to enhance users’ privacy without much impact on the overall user experience. The feature will be available to desktop and Android users with Brave browser version 1.54.
This new upgrade is just another part of a broader plan for Brave to protect its users’ online privacy. Earlier this year, Brave also announced browser integration for Tor’s Snowflake feature to help users access the Tor network in a more safe and more private way.
Walmart, in recent years, has been working to build up its onn. brand to rival what Amazon Basics does. Basically giving you cheap electronics, that aren’t always terrible. Walmart has released a couple onn. branded Android TV sticks, and now it looks like a Google TV stick is on the way.
Walmart’s latest streaming stick has passed through the FCC, and now we know what to expect from this streaming stick. While “HDMI Stick” is not explicitly mentioned here, it’s pretty likely that it is one. The FCC mentions that it is a “Full HD Streaming Device Google TV with Bluetooth 5.0”. So that tells us it’s going to be pretty cheap. With only Full HD or 1080p resolution, I’d expect this to be closer to $20.
When could Walmart’s new Google TV stick launch?
The new onn. Streaming stick with Google TV has passed through the FCC, but that doesn’t mean much. There are a lot of products that pass through the FCC that we actually never end up seeing on store shelves. But this one is likely to launch at some point. The only question is, when?
This is likely going to launch very soon. Walmart will want to have this streaming stick on shelves ahead of the holiday season, which is honestly, fast approaching. So I’d expect it sooner rather than later.
Walmart’s option is likely going to undercut Google’s own option – the Chromecast with Google TV – but it will likely be missing some things. It’s unclear what that might be right now, but that might include the ability to Cast, or Google Assistant. We’ll have to see when it actually launches. The Chromecast with Google TV retails for $30, while Walmart’s existing 4K Android TV stick is about $20. So a FHD one should be cheaper, the question is, how much cheaper.
Ever since his Twitter takeover, Elon Musk has found new ways to get on the nerves of the platform’s users. This has given tons of users excuses to go try out other new and upcoming platforms. Of recent, a new competitor to Twitter, the Meta Threads app, briefly showed its face on the Google Play Store.
This has drawn the attention of various Twitter users considering new changes to the platform. A few days ago, Elon Musk took to his Twitter account to announce a change to the platform’s services that you can check out in this article. Most users on the platform have kicked against this change, labelling it as a means to force them behind a paywall.
Musk claims to promote free speech on Twitter, but still tries to impose fees on those wanting to share their thoughts. For this reason, most Twitter users are looking out to jump ship and board another vessel. Meta has seen this as an opportunity to scope up the angry tweeps leaving Twitter with their new app.
Available information on the Meta Threads app aiming to compete with Twitter
Taking to his Twitter account, a developer by the name of Alessandro Paluzzi showed off the Threads app on the Play Store. The app was only available on the Play Store for a while before it was taken down. But before it was taken down, Alessandro was able to take some screenshots to share with netizens.
From the screenshots, it is clear that this app will sync the user’s Instagram account to their Thread account. In other words, users would be able to log in with their Instagram username. This would be able to attract Instagram users to share their ideas more freely on a new platform without having to open a new account.
Users with Instagram accounts would also be able to connect with their followers on the Threads app. But unlike Instagram, this app will enable users to start conversations or make posts the way they would on Twitter. This involves, liking, commenting on, and sharing threads from other users across the platform.
Users can as well share images with write-ups and also join in on trending conversations. It turns out that this app has been in the works for a while now and will soon be available for public use. The Thread app would be the text-based Instagram platform for sharing your thoughts.
Even if you don’t have an Instagram account, Meta would let you create a Threads app account. So, if you are getting fed up with Twitter, you can anticipate the launch of this new social media platform. More information on the launch date of the Meta Threads app would be available in the coming weeks.
.png
)
