Google Patched Four Security Flaws With Chrome Browser 114

andreasc
-
0
Google Patched Four Security Flaws With Chrome Browser 114
[ad_1]

The tech giant Google recently released a major security update for its Chrome browser. With Chrome 114, Google patched four different security vulnerabilities affecting various components of the Chrome browser.

Google Chrome 114 Security Update Arrives

The recent Google Chrome 114 browser update brought numerous security fixes with it. Specifically, the firm addressed four different issues affecting the browser’s security.

As elaborated in Google’s Chrome release blog, three of the four vulnerabilities achieved a high-severity rating. They even made the researchers win huge bounties for reporting the flaws.

The first of these is CVE-2023-3420 – a type confusion vulnerability in Chrome’s V8 component. Google acknowledged the researcher Man Yue Mo of GitHub Security Lab, who reported the vulnerability to Google in early June. Moreover, the firm also rewarded the researcher with a $20,000 bug bounty.

The second vulnerability patched with this Chrome release includes CVE-2023-3421 – a use-after-free flaw in Media. Google rewarded the researcher Piotr Bania of Cisco Talos for reporting this vulnerability with a $10,000 bounty.

Next, the post mentions another high-severity use after free flaw in Guest View. This vulnerability (CVE-2023-3422) caught the attention of a researcher with the alias “asnine,” who reported the flaw to Google in early June. The firm appreciated asnine’s work with a $5000 bounty.

Google has not shared the details about the fourth security issue. Besides, the firm didn’t reveal any other details about the three flaws besides stating the CVE IDs and the nature of the bugs. This has been a norm of the firm to avoid sharing details about browser vulnerabilities, giving the users ample time to update their devices and prevent potential exploits.

These security fixes arrive with Google Chrome for desktop version 114.0.5735.198/199 for Windows and version 114.0.5735.198 for Mac and Linux.

In addition, the firm also patched the same vulnerabilities with Chrome for Android version 114.0.5735.196. Thus, Android user should also update their devices with the latest Chrome version to receive the patches.

Let us know your thoughts in the comments.


[ad_2]
Source link

WhatsApp chat transfer is now as simple as scanning a QR code

andreasc
-
0
WhatsApp chat transfer is now as simple as scanning a QR code
[ad_1]

WhatsApp is making it easier to transfer your chat histories between two phones running the same OS (Android to Android or iOS to iOS). You can now move all your chats and attachments to a new phone by simply scanning a QR code. The new feature seems to have already been rolled out widely.

Until now, transferring your WhatsApp messages required a cloud backup. You first need to back up all the data to a cloud service (Google Drive on Android and iCloud on iOS) from your old phone. Then, set up WhatsApp on the new phone using the same phone number and download the backup. It’s a bit tedious process that also involves moving your messages to a third-party service. On top of it being a privacy risk, a WhatsApp backup may hit your cloud storage limits as well.

With the new QR code-based system, things are a lot simpler. Once you have set up your WhatsApp account on a new phone using the same phone number, you will get a QR code on the screen to transfer your messages from the old phone. To transfer, go to Settings > Chats > Chat transfer on your old phone and scan the QR code. You may need to grant some additional permissions to the app to use this feature. Note that you must keep both devices unlocked, connected to the same Wi-Fi, and near each other.

According to the company, you will not receive new messages during the transfer process. All incoming messages are paused, and you will receive them on the new phone once the transfer is completed. WhatsApp assures that “data is only shared between your two devices and is fully encrypted during transfer” (via). As said earlier, this feature doesn’t work for cross-platform transfer of WhatsApp messages from iOS to Android or vice versa. These transfers are a little complex.

WhatsApp’s QR code-based chat transferring system is rolling out widely

WhatsApp was first spotted working on this feature in April, with some beta users getting access to it early. Meta CEO Mark Zuckerberg recently announced a public rollout of the new chat transferring system. While the official announcement didn’t reveal its release date or minimum version requirement, the new feature is already rolling out widely.

It’s available on some of our devices at Android Headlines without needing a WhatsApp update (running version 2.23.11.77 for Android). This suggests the company is pushing the change through a server-side update. But if the feature hasn’t yet shown up for you, you can click here to download the latest version of the app from the Google Play Store.


[ad_2]
Source link

ChatGPT might help you with planning your next trip on Booking.com

andreasc
-
0
ChatGPT might help you with planning your next trip on Booking.com
[ad_1]

Planning your trip can sometimes be a stressful and time-consuming endeavor which can ruin the whole experience. With Artificial Intelligence (AI) becoming increasingly integrated into our lives, it was inevitable for major travel companies like Booking.com to leverage AI to assist their users.

Booking.com has recently launched an AI Trip Planner powered by OpenAI’s ChatGPT. The Next Web spotted this new feature, which is currently available for beta testing in the US starting from June 28th. The AI Trip Planner essentially functions as a chatbot that helps users create their travel plans.

​​The AI Trip Planner is built upon Booking.com’s existing machine-learning models and incorporates ChatGPT to create a more conversational tone. The concept is simple: you can interact with the chatbot, providing details about your desired destination, travel companions, duration of the trip, and preferred experiences. In response, the chatbot generates a customized plan for you, offering various accommodation options, places to visit, and even restaurant recommendations.


Initially, the AI Trip Planner’s chat functionality is being rolled out to Genius loyalty members in the US and is currently available only in English. Whether this feature will be expanded to other countries and languages remains unclear.


Utilizing AI for travel planning is not entirely new, as there are already apps like Roam Around or Wonderplan that offer similar capabilities to Booking’s AI Trip Planner. Booking.com suggests that the Trip Planner is just the beginning, hinting at potential future features that integrate AI even further.


Having started as a startup in Amsterdam, Netherlands, back in 1996, Booking.com has since evolved into one of the world’s largest digital travel companies, boasting a platform with over 28 million listed places. While the AI Trip Planner can assist you in navigating through this vast number of options, it’s worth noting that a chatbot may overlook certain unique experiences that only a human can recommend.


[ad_2]
Source link

A New Tool to Detect Fake WiFi Access Points

andreasc
-
0
A New Tool to Detect Fake WiFi Access Points
[ad_1]
Snappy Detect Fake WiFi

A new tool named “Snappy” developed by cybersecurity experts, can assist in identifying rogue WiFi access points that aim to steal data from users who are unaware.

Tom Neaves, a security researcher with Trustwave and an enthusiast of wireless and RF technology, claims it is simple for determined attackers to fake the MAC addresses and SSIDs of reliable access points on open networks.

CSN

It is too simple for an attacker to set up their own Access Point with the same SSID and have the users connect to it, which is an issue for users, especially for those utilizing open wireless networks (coffee shops, supermarkets, etc.).

Particularly if the attacker is also spoofing the legitimate Access Point’s MAC address, the user truly has no way of knowing they are not on the genuine one.

In this case, Man-in-the-middle attacks allow threat actors to intercept and examine transmitted data since they are in control of the router.

Notably, a Media Access Control address (MAC address) is a unique identification issued to a network interface controller (NIC) for use as a network address in communications within a network segment.

This is widespread use in most IEEE 802 networking technologies, such as Ethernet, Wi-Fi, and Bluetooth.

MAC addresses are sometimes referred to as the built-in address, Ethernet hardware address, hardware address, or physical address since device makers typically assign them.

Each address may be saved either by a software mechanism or in hardware, such as the read-only memory on the card.

Snappy, created by Neaves, is an indispensable tool that effectively distinguishes authentic access points from suspicious ones.

With Snappy’s recognition capabilities, this common issue can now be easily resolved by identifying if it is the same access point that was used previously.

To create a signature, he needed to identify several components (elements, parameters, tags, etc.) in the beacon frame that were sufficiently distinct between access points both individually and collectively to serve as a fingerprint.

He says the idea of a signature, however, would not function if these values changed throughout time and remained constant to themselves.

Elements that characterize an access point

He discovered several static elements by examining Beacon Management Frames, including the vendor, BSSID, supported rates, channel, country, maximum transmit power, and others, that alter between various 802.11 wireless access points but remain constant for a particular access point over time.

The researcher calls the tool snap.py (Snappy), using the word “snap” (as in “snapshot”) to use this item and also not at all/only once substantially inspired by the Python file extension “.py,” which properly rounds off the situation.

Additionally, he reasoned that he could combine these components and hash them with SHA256 to produce a distinctive signature for each access point that a scanner tool could use to identify matches and mismatches.

Snappy in action, a SHA256 hash created for the wireless access point

In addition to the process for producing SHA256 hashes of wireless access points, Snappy can also identify access points made by Airbase-ng, a tool that attackers employ to make fake access points to intercept packets sent by connected users or even to snoop on their network traffic.

As long as Python is available, running Python scripts on laptops should be simple, but users of mobile devices will need to go above and beyond to find specialized interpreters and emulators.

“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.


[ad_2]
Source link

Pixel 8 series to offer bigger batteries & faster charging

andreasc
-
0
Pixel 8 series to offer bigger batteries & faster charging
[ad_1]

According to a new report, the Pixel 8 series will not only offer bigger batteries, but faster charging too. This information is provided by Kamila Wojciechowska in collaboration with Android Authority.

Both the Pixel 8 and Pixel 8 Pro will offer bigger batteries

Based on this information, the Pixel 8 will offer a 4,485mAh battery, while the Pixel 8 Pro will ship with a 4,950mAh unit. As a reminder, the Pixel 7 and 7 Pro offered 4,270mAh and 4,926mAh batteries.

This is a rather noticeable step up for the Pixel 8, and a small step forward for the Pixel 8 Pro. Still, it’s really nice to see, of course. In regards to charging, the Pixel 8 will support 24W wired charging, while the Pixel 8 Pro will offer 27W wired charging.

Faster wired charging is also expected, but wireless charging will remain the same

Considering that the Pixel 7 and Pixel 7 Pro supported 20W and 23W wired charging, respectively, this is also an improvement. Where we will not see a boost is in the wireless charging section. The Pixel 8 will support 20W wireless charging, while the Pixel 8 Pro will come with 23W wireless charging support. Do note that you’ll be able to take advantage of this only via Google’s proprietary charger, though.

In case you end up using regular Qi charging, via some other charger, both phones will end up being locked to 12W charging. So, the Pixel Stand is the way to go. We’re not sure if Google plans to announce a new charger or not.

Both devices will likely launch in October

As a reminder, both of these smartphones will likely launch in October. Both of them will also be fueled by the Google Tensor G3 SoC. That chip will be a considerable step up over the Tensor G2. Chances are it will still not be nearly as powerful as the Snapdragon 8 Gen 2.

If you’d like to know more about both of these smartphones, check out our Pixel 8 and Pixel 8 Pro previews.


[ad_2]
Source link

Elon Musk imposes temporary read limits on Twitter

andreasc
-
0
Elon Musk imposes temporary read limits on Twitter
[ad_1]

Elon Musk has decided to impose temporary read limits on Twitter, and the users simply lost it. Truth be said, this is a rather odd turn of events, but the reactions were something to behold.

Elon Musk announced temporary read limits on Twitter, and managed to upset a lot of people

The owner of Twitter, Elon Musk, announced the change on Saturday. He first imposed read limits for verified users of 6,000 posts per day. That limit was set to 600 posts per day for unverified users, and 300 posts a day for new unverified users.

Musk said this change is “temporary”, and that it’s here “to address extreme levels of data scraping & system manipulation”. Following that announcement, users all over the platform flipped out.

Some of them really got angry, and decided to leave the platform, even some well-known ones, like Macaulay Culkin (that’s just one random example). Most users just complained, though, while some even took this opportunity to highlight alternative platforms. Needless to say, this is a really odd move by Musk. That’s hard to deny.

That limit was quickly upped, twice

Still, even though it’s an odd turn of events, it’s only a temporary limitation. Twitter quickly upped the limit, twice, during the same day, actually. It first increased the limit to 8,000 pots for verified, 800 for unverified, and 400 for new unverified.

Later that day, on June 1, the limit was raised to 10,000 posts for verified, 1,000 for unverified, and 500 for new unverified. Since then, we didn’t get any more info from Elon Musk, at least at the time of writing this article.

Everything Elon Musk is doing these days is under the microscope, especially changes related to Twitter. That is to be expected, as Twitter is a social media network after all. This should not have happened at all, but some users did end up overreacting, as the change is only temporary.


[ad_2]
Source link

Spotify reportedly plans to add music videos to its app

andreasc
-
0
Spotify reportedly plans to add music videos to its app
[ad_1]

Spotify is working on a new feature that will allow users of its music streaming services to watch and listen to full-length music videos in its app. While the company hasn’t confirmed the information, it’s common for Spotify to thoroughly test new features before making them official.

According to a new report by Bloomberg, Spotify is considering adding music videos to its app, but that doesn’t mean that the feature is already being tested. The move is meant to put Spotify in a better position against competitors like YouTube and TikTok.

Currently, Spotify is looking for partners that will help it bring music videos to its streaming service, at least according to people familiar with the company’s plans. If the rumor ends up being accurate, it will confirm what seems to be a trend for Spotify: complete focus on video content.

Spotify is trying to keep up with other players in the market by adding features that proved to be very popular among users of competing services. In that regard, Spotify launches “clips” at the beginning of the year, a new feature that would allow artists using its music streaming service to publish videos shorter than 30 seconds as a means to keep in touch with their fans.

After heavily focusing on podcasts until a few months ago, it looks like Spotify has turned its attention to video content in an attempt to appeal to different audiences. Either it will succeed or not, it depends on its approach and how well its partners will react to Spotify’s business proposal.

Although it might not be something that will bring to many customers to the platform, it could convince those that are already subscribed to not consider switching to other music streaming services due to lack of new features.


[ad_2]
Source link

Google Maps turns previous Android Auto “issue” into a great feature

andreasc
-
0
Google Maps turns previous Android Auto “issue” into a great feature
[ad_1]

Great news for drivers as Google Maps’ latest update brings back a previous “issue” that made it possible to use the maps app on your smartphone and car display at the same time. This specific feature was originally added to the app early this year, but it was reportedly unintended behavior.

As such, Google “fixed” the issue removing the ability to use Maps on phone and car display simultaneously in a follow-up update. It took Google several months to figure out that what was deemed as a bug was actually a great feature that should have been available for Android Auto users a long time ago.

That being said, it looks like Google Maps users can finally use the app on Android Auto and their Android smartphones, at least according to the latest reports coming from Reddit users (via Android Police).

If you’re still getting the “Your phone can’t display Google Maps while Android Auto is running” message, it means the feature has yet made it to your device yet. It’s unclear why Google decided to restrict Android Auto users to either having Maps shown on their phones or car display, but it might have to do with safety concerns.

As many of you probably know already, Android Auto provides minimal information on the car display such as turn-by-turn navigation, distance remaining (ETA), and music controls. Google wanted Android Auto users to focus on driving rather than what’s on their car display, hence the not so many details offered.

However, using Google Maps for navigation on an Android phone provides more information, thus requiring more attention from the driver. That was probably one of the reasons that Google decided not to allow Google Maps to run at the same time on Android Auto and Android phones, but that seems to have change as the search giant accepted the fact that drivers may be helped with navigation by their companions.


[ad_2]
Source link

WhatsApp adds new Chat Transfer feature, but there’s a catch

andreasc
-
0
WhatsApp adds new Chat Transfer feature, but there’s a catch
[ad_1]

WhatsApp has been rolling out new features to its messaging app like there’s no tomorrow. Several updates were released last month alone (not counting the beta version), which is unusual even for one of Google’s most popular apps. Over the weekend, WhatsApp announced yet another new feature is making its way to Android and iOS users: Chat Transfer.Announced on Twitter, the new feature allows WhatsApp users to transfer their full chat history without having to leave the app. However, there’s a big catch, as the feature can only transfer data across the same operating system, so if you’re planning to switch from Android to iOS or vice versa, the new Chat Transfer feature will not work.

If you’re an Android or iOS user who wants to switch to a different operating system, you can transfer your WhatsApp chats using apps like Move to iOS. The new feature announced over the weekend has the same functionality, but it makes it possible to transfer WhatsApp chats without having to leave the app, albeit only across the same operating systems.

To take advantage of the new feature, you must set up a new account on your new phone and choose the Chat Transfer option to create a QR code. Then, simply scan the QR code provided with the old phone and wait for the phones to connect and the data to be transferred to the new smartphone.

According to Google, the ability to transfer WhatsApp chats without having to leave the app is available starting today, although it may take a few weeks to show up for everyone, so be patient if you didn’t get it yet.


[ad_2]
Source link

Submarine Cable Growing Popularity Intensifying Cyber Attacks

andreasc
-
0
Submarine Cable Growing Popularity Intensifying Cyber Attacks
[ad_1]
Submarine Cable Cyberr Attack

Submarine cables installed on the ocean floor facilitate the transmission of data and voice between land-based stations.

International communication has relied on submarine cables since the first one was laid across the English Channel in 1850. This cable was used to transmit telegraph messages between England and France.

CSN

Using fiber-optic cables for telecommunications has proven to be a superior option compared to satellite-based alternatives. These cables are not only faster and more reliable but also more cost-effective.

They consist of thin strands of glass that transmit data as light pulses encased in layers of plastic, steel wires, copper sheathing, and polyethylene insulation.

Reports indicate that there will be a significant rise in traffic, with a projected compound annual growth rate of approximately 28% from 2022 to 2030, resulting in a monthly data consumption of 603.5 million terabytes.

Submarine Cable Cyber Attack
Submarine Cable service systems

Expansion Poses Cyber Security Risks

A report by Recordfuture states that Chinese state-owned enterprises have been striving for a larger share in the global submarine cable network since the beginning of the 21st century.

China is currently increasing its ownership and operation of cables around the globe, which gives them more control over the deployment of submarine cables in specific locations.

Every year, there are more than 100 submarine cable faults where the cables get damaged or severed completely, disrupting data transmission.

Most of these damages are physical and tend to happen by accident, frequently caused by fishing boats.

Given their resources and motives, state-sponsored organizations pose the greatest risk of deliberate espionage and sabotage.

To optimize the performance of submarine cables and improve their operations, owners are utilizing network management tools to manage their infrastructure efficiently.

Submarine Cable Cyber Attack
Maps of Submarine Cable

Network management tools are connected to the internet, making them vulnerable to targeted attacks from state-sponsored adversaries, ransomware groups, hacktivists, and other cyber threat actors.

In April 2022, an attempted cyberattack against a submarine cable operating system in Hawaii was foiled by federal authorities. The attack was made possible by a breach of a third party’s credentials.

According to a prediction by Record Future, there is a significant likelihood of espionage activities aimed at the entire submarine cable system. This encompasses the landing station infrastructure, submarine cables, third-party providers, and the hardware and software that link all these elements.

It’s important to stay alert and take necessary precautions to prevent any unauthorized access or data breaches.

Submarine cable networks and operating systems may potentially be at risk from non-state actors like hacktivists and ransomware gangs.

“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.


[ad_2]
Source link
1...1,1231,1241,125...1,475Page 1,124 of 1,475