According to a report from the Telegram channel, Dozor, a Russian telecommunications company that offers services to power grids, oil fields, the Russian military, and the Federal Security Service (FSB), has been hacked.
The post that the unknown threat actors posted on the telegram group translated that they had taken down satellite terminals, rebooted switches, and the data on these servers were destroyed in the attack conducted by the threat actors.
Wagner Group Behind the Attack
Wagner is a Russian mercenary group founded and led by Yevgeny Prigozhin. The group made headlines when they marched toward Moscow after Prigozhin got into issues with the Russian Government.
The group also releases ransomware that doesn’t ask for money but encourages users to join PMC Wagner.
It appears that the same hacker group responsible for the Dozor hack also defaced several unrelated websites, leaving a message in support of the Wagner group.
According to Doug Madory, the person in charge of internet analysis at Kentik (a network monitoring company), Dozor-Teleport has been disconnected from the internet and is presently inaccessible.
As per the IODA project that monitors internet outages globally, the network has been offline since Wednesday at 10 p.m. EST.
Netblocks also confirmed the outage.
⚠️ Confirmed: Metrics show a disruption to satellite internet provider Dozor-Teleport which supplies Russia’s FSB, Gazprom, Rosatom and military installations; the incident comes amid a wave of cyberattacks by a group claiming affiliation with Wagner PMC 🛰️📉 pic.twitter.com/rSoRyUFsWm
The attackers also warned that more threatening activities were to come.
Image: Defaced Website
The defaced website states, “We agreed to a peaceful solution because we achieved the main thing — we showed our capabilities and full social approval of our actions. But what do we see instead? The current military leadership has not been removed from office, and criminal cases have not been closed … You kicked us out of the NWO zone, out of Russia, but you can’t kick us out of the network. We take responsibility for the hacking. This is just the beginning, more to come.“
FSB, Dozor and the ZIP file
Furthermore, the group posted a .zip file that contained 674 files of PDFs, images, and documents relating to the connections between the FSB and the Dozor.
To prove the authenticity of the attack, the group also posted the passwords that Dozor employees used for verifying with the FSB representatives, which changes every two months in 2023.
As per reports, Dozor’s internet connection went down at 2 UTC on Wednesday and still remains unreachable.
After this, the company switched to Amtel-Svyaz, the Moscow-based parent company of Dozor.
Cyber policy expert and Consultant. Oleg Shakirov mentioned that there is some suspicion against Wagner’s involvement in this as there is no history of such attacks with the Wagner group.
“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.
We’ve reached a point where most of the top social media platforms have some sort of paid subscription. There’s Twitter Blue and Meta has its verified platform for both Facebook and Instagram. Snapchat has Snapchat+, and the company just announced that it was able to cross the 4 million user milestone.
If you don’t know what Snapchat+ is, it’s just as the name implies. It’s Snapchat plus some extra features. The main thing about Snapchat+ is that users are able to try out new features before non-paying users. Also, Snapchat+ users also have their own exclusive features like a customizable app icon, the ability to designate a user as your BFF, and more. The service costs $3.99/month. You can sign up for it in the app if you’re interested.
Snapchat+ has 4 million users
It’s a tough job convincing people to spend money on a platform that was originally free. The app allows you to freely post your content and use its features, so when we heard that it was coming out with a subscription service, we were wondering if anyone would want to sign up.
However, according to an announcement from the company, it’s been able to rope in 4 million users. That’s impressive, Snapchat+ launched exactly one year ago today. Back in August last year, the company surpassed 1 million Snapchat+ users, so it’s clear that the platform is growing.
New features
Along with the announcement, Snap also unveiled some new features coming for Snapchat+ users. The first one is called Expressive Chat Messages. You’ll be able to have your message match your mood when you’re messaging someone. When you’re typing in your message, you can choose to make the text smaller or larger.
The next feature is called Custom Chat Colors. You’ll be able to choose different color schemes for the chat. There’s a large selection of solid colors that you can use, and there’s also a selection of dual-tone gradients that you can choose from.
If you are bad at shopping and don’t know the right products to get, Bing AI-generated buying guides are here to help. Possibly, with this feature, a lot of online shoppers will turn to AI for shopping guidance. The announcement of this feature was made on the Microsoft Bing blog a few hours ago, and it goes beyond telling you the right products to get.
Everybody likes a fair deal while shopping in a physical store or an online store. Microsoft knows this, and they train their Bing AI to find and display the best deals on a product to shoppers. But it doesn’t also stop there, it also gives a brief rundown on the reviews of the product.
As you know, reviews on products vary from one online store to the other. So, the Bing AI will bring you a summary of all reviews from each store, so you can better decide where to purchase the product you want from. Now the big question is how you can get to start using this amazing AI-generated shopping feature.
Allow Microsoft’s Bing AI-generated buying guides to assist you while you shop online
Microsoft says that their aim with this new feature is to “bring more joy to shopping” for users of Bing and Edge browsers. They are doing this by simplifying the shopping process by giving users what they need when they need it. Also, sorting out the right price and the best deals on products that users are shopping for.
This will entail bringing shopping features like coupons, cashback, and so much more to users. Accessing this AI-generated shopping experience is quite easy and doesn’t require much effort. All users need to do is identify a niche where what they are shopping for will fit, for instance, ‘baby toys.’
Now type that phrase into the Bing or Edge search box, and the AI will pull up the best picks for you. These picks will also bring into consideration various price ranges, allowing shoppers to pick the best for their budget. While shopping, users can engage the Bing chatbot from the sidebar to suggest what to consider in the products they are looking out to purchase.
The chatbot will also offer insight into what other shoppers think of a particular product. With its price match feature, the AI will monitor the product’s price and notify you once it drops. If you should purchase the AI-generated recommendations, then it’ll track your purchase.
This feature is already rolling out to Bing and Edge browsers on PC and mobile. Its full benefits will be made available gradually from one region to another. If you are a core Chrome user, then you should know that Google also has something similar.
YouTube Premium starts to honor its loyal users with badges, given for various usage landmarks. They come in the form of beautiful animated cards. You can’t use them to get any special privileges on the video platform, but nevertheless a refreshing idea.
Now, one can easily imagine how the memelords will react upon hearing that YouTube is blessing the very people that are paying for the app with web cards of no practical value. But, hey, what’s the world without humor?
The first one to report the brand new feature (via 9to5Google) explains that upon opening the app, a colorful addition on the Home feed hailed: “Congrats on your new badge!” Tapping the message gets the user to the badge visualization – a fullscreen card with details about the reward. ‘All the badges are animated and generally amusing’, notes the user.
If you, too, got a badge these past days, but somehow ‘lost’ it, or you just want to admire it once again, here’s how to get to your badge collection: on mobile, tap your profile avatar (top-right corner), then navigate to ‘Your Premium benefits’. Obviously, this applies only for active Premium members. Sidenote: the one to report this update is an Android user, if you’re on the iOS team and you’ve also got a badge, don’t keep it to yourself and show off in the comments section.
It’s also important to address that these badges are on mobile for now, they do not appear to be live on the web version of YouTube just yet.
‘Gotta collect ‘em all!’
So exactly how many badges are there? While features of that kind do change their characteristics in time (if they stick around long enough and don’t suffer TikTok Now’s fate), as of now there are 19 badges. The first one is ‘Team Premium’, which is self-explanatory: your paid membership puts that one in your collection automatically. Next, there’s ‘Trailblazer’, which rewards you because ‘…you joined Premium within its first 2 years of launching’. The ‘10 million club’ is reserved for those that were among the first 10 million Premium members.
We’re not going to list every single one of the rest, but they are named like ‘Worry-free watcher’, ‘Gold/Platinum listener’, etc. One of the funnier ones is titled ‘Efficiency expert’, which is reserved for those with ‘30 hours of picture-in-picture’.
The giant’s next step
YouTube is on the constant go when it comes to additions, new features, and bonuses. Just the other week, the Google-owned video platform announced that it’s offering smoother 1080p video streaming for its Premium users.
Recently, YouTube also hinted at the possibility of hosting mobile and desktop video games – a clear sign that the giant wants to go bigger and step into new territories.
Google has created a limited edition Pixel Fold handset. This version has been created to celebrate the 50th anniversary of hip hop, but you cannot buy one for yourself. This phone is officially called the Pixel Fold Hip Hop 50 edition.
Google created a limited edition Pixel Fold handset
The company actually created 400 of these units, and it used the ‘Obsidian’ shade to make it happen. Metallic accents have been added to the phone’s sides, and the camera bar on the back. You’ll also notice an emblem for the 50th anniversary of hip hop on the phone, it’s located on the camera bar.
Hip hop’s inception was back in 1973 when DJ Kool Herc used two record players to isolate and loop the percussion breaks of songs, it’s said. Since then, hip hop grew quite a bit, and also flourished into various subgenres of sorts.
In any case, I mentioned that you can’t buy one, but Google is giving them away. Google will give them out to select people through its #GiftFromGoogle program. The phone is packed in a suitcase record player, which was created by Victrola. The presentation is really nice, as you can see in the examples below the article.
It ships in a suitcase, with a bunch of additional goodies
Now, Google includes some additional goodies in that suitcase, not only the phone. The Pixel Watch and Pixel Buds Pro are included, as is the ‘It’s all G’ bling created by Simone I. Smith. A vinyl box set from Mass Appeal with five 45 RPM records is also a part of the package. Below all that, you’ll find a letter from Google, and a functional Victrola player.
As many of you know, Google announced the Pixel Fold during Google I/O 2023. The phone started to ship to consumers recently, and it’s the very first foldable device from Google. It’s quite expensive, though, as expected. Click here for more info.
Organizations increasingly adopt DevOps practices to streamline their software development and operations processes. DevOps, a term coined from the combination of “development” and “operations,” emphasizes collaboration, automation, and continuous improvement. It has gained significant traction across industries due to its ability to enhance productivity, accelerate time to market, and improve overall software quality.
According to the “2021 State of DevOps Report” by Puppet and CircleCI, high-performing organizations using DevOps practices experience 200 times more frequent software deployments, 24 times faster recovery from failures, and three times lower change failure rates than their low-performing counterparts. These impressive statistics demonstrate the tangible benefits that organizations can achieve through DevOps implementation.
Organizations must adopt best practices for DevOps implementation to stay competitive in today’s digital landscape. This article will explore key strategies and recommendations to help your organization embrace Microsoft Azure DevOps implementation and enjoy the associated benefits.
Best Practices for DevOps Implementation
As DevOps continues to evolve, staying updated with the best practices and industry trends is vital to ensure sustained success across software development and operations. Below are some of the most effective DevOps implementation practices.
Establish a Cultural Shift: Implementing DevOps requires a fundamental cultural shift within the organization. It involves breaking down silos between development, operations, and other departments, fostering collaboration, and promoting a shared sense of responsibility. According to a report by Gartner, by 2023, 70% of organizations that do not shift to a DevOps culture will fail to scale their digital initiatives successfully.
Prioritize Security and Compliance: With the increasing prevalence of cyber threats and data breaches, it is vital to incorporate security and compliance considerations throughout the DevOps lifecycle. Integrating security measures early in development and implementing robust security testing and monitoring practices help mitigate risks and safeguard sensitive data. A recent study by Forrester found that organizations embracing DevSecOps practices experienced 50% faster vulnerability remediation and 84% less time spent on unplanned work due to rework or security issues.
Foster Continuous Learning and Improvement: DevOps is a continuous learning and improvement journey. Encourage a culture of experimentation, feedback, and continuous learning within your organization. Conduct regular retrospectives, gather stakeholder feedback, and implement improvements based on lessons learned. Puppet’s “2019 State of DevOps Report” highlighted that high-performing DevOps organizations invest in learning and professional development, leading to increased employee satisfaction and reduced turnover rates.
Infrastructure as Code (IaC): Implementing Infrastructure as Code allows organizations to treat infrastructure provisioning and management as software development activities. By defining infrastructure configurations in code, such as using tools like Terraform or AWS CloudFormation, teams can automate the deployment and configuration of infrastructure resources. This practice ensures consistency, repeatability, and scalability, reducing manual errors and enabling faster and more reliable infrastructure updates.
Continuous Monitoring and Feedback Loops: DevOps encourages establishing continuous monitoring practices to gain real-time insights into the performance and health of applications and infrastructure. Organizations can proactively identify issues, detect anomalies, and optimize system performance by leveraging monitoring tools and techniques. Additionally, implementing feedback loops enables teams to gather insights from users, stakeholders, and operational data to inform and prioritize improvements.
Collaboration and Communication: Strong cooperation and effective communication are essential for successful DevOps implementation. Encourage cross-functional teams to work closely, breaking down barriers between developers, operations, quality assurance, and other stakeholders. Foster a culture of transparency, knowledge sharing, and open communication to ensure everyone is aligned with the goals, processes, and challenges involved in DevOps initiatives.
Version Control and Configuration Management: Version control systems, such as Git, provide a robust foundation for managing code, configuration files, and other artifacts collaboratively. Implementing version control enables teams to track changes, maintain a history of modifications, and facilitate collaboration across distributed teams. Additionally, utilizing configuration management tools like Ansible or Chef allows centralized control and consistency in infrastructure configuration management.
Test Automation and Continuous Testing: Automation is a cornerstone of DevOps and extends to testing practices. Implementing test automation enables organizations to achieve faster and more reliable testing, reducing the time and effort required for manual testing. By integrating automated tests into the CI/CD pipeline, organizations can validate code changes, ensure compatibility across environments, and detect issues early in the development cycle. This practice significantly enhances software quality and accelerates the delivery of new features and bug fixes.
Conclusion
DevOps implementation undoubtedly enables organizations to enhance productivity, accelerate time to market, improve software quality, and foster a culture of collaboration and continuous improvement. The tangible advantages of DevOps implementation showcase the significant performance improvements achieved by high-performing DevOps teams.
By breaking down silos, embracing automation, and implementing robust practices such as CI/CD, organizations can achieve faster feedback loops, reduce time spent on rework, and realize substantial gains in efficiency and speed. Prioritizing security and compliance throughout the DevOps lifecycle protects sensitive data and mitigates risks in an increasingly challenging security landscape. By incorporating these practices and continuously seeking opportunities for improvement, organizations can build a resilient and efficient DevOps culture that drives innovation.
Cloud service providers fundamentally changed the way we do business in 2023. Office 365 is one of the most popular cloud-based services catering to online businesses.
The suite’s advanced collaboration and productivity features make it a go-to service for businesses that want to transition digitally. But digital transformation is anything but smooth sailing.
Despite more businesses adopting these technologies, the increased adoption paints a target on their back. Namely, hackers and threat actors understand the value of Office 365 and similar services.
Considering these solutions can hold insurmountable amounts of data, it becomes a priority to enhance Office 365 protection.
But is Microsoft capable of protecting sensitive data, and what can we do to make our environments more secure? This article will discuss the ten experts’ best practices to enhance Office 365 security and promote a safe and secure environment. Let’s begin.
Enable MFA (Multi-Factor Authentication)
Office 365 Security
One of the most effective ways to strengthen Office 365 security is by enabling Multi-Factor Authentication. MFA improves the suite’s security by requesting additional verification from users.
The verification methods can be a one-time passcode from an authentication app, a fingerprint scan, or an email code.
So in case a threat actor has managed to compromise employees’ credentials, they would still require additional verification for full access to Office 365.
As a result, MFA is one of the more reliable security features in Office 365, capable of preventing unauthorized access to the suite and improving your organization’s security posture.
Enable Data Loss Prevention (DLP) Policies
DLP is another potent security feature found in the Security and Compliance Center. With DLP, we can create policies to allow organizations to identify and protect sensitive information within Office 365.
The way DLP works is through rules and conditions. Administrators can define rules and conditions to detect and prevent the unauthorized sharing or leakage of confidential data, such as financial records, personally identifiable information (PII), or intellectual property.
By implementing data loss prevention policies, businesses ensure compliance with data protection regulations and minimize the risk of data breaches. For example, suppose an employee is sending financial records through email.
In that case, a DLP policy can alert them of potentially sending confidential data and, in many cases, prevent them from doing so in the first place.
Utilize Advanced Threat Protection (ATP)
ATP is a standout security feature capable of protecting the suite against all kinds of malware and threats sent primarily through email. Advanced threat protection is part of Microsoft Defender for Office 365.
The feature aims to strengthen email accounts, defend against emerging phishing attacks and advanced threats, and utilize artificial intelligence and machine learning to stop email-based security threats. In addition, ATP is capable of stopping zero-day exploits.
With ATP, businesses use industry-leading AI that scans attachments, documents, and links to identify threats.
Enabling ATP can significantly enhance your defense against sophisticated cyber attacks, safeguarding your organization’s sensitive information.
Regularly Update and Patch Office 365
When it comes to utilizing the best practices and measures for Office 365 protection, we cannot forget the importance of updating the suite with the latest security patches.
Security updates are essential for a number of reasons, including anti-phishing protection, preventing security exploits from one of the many applications, and enhancing advanced protection.
As a general rule, tenant accounts should have auto-updating enabled. However, it is not enabled by default.
Admin accounts can go into each tenant and enable auto-updating to maintain a secure environment free of potential security exploits.
Educate Users on Security Awareness
Despite the numerous features available to you in Office 365, cyber threats can bypass your security measures and compromise your organization’s sensitive data.
Moreover, no matter how much we try, hackers find all kinds of ways to gain access to the suite and wreak havoc. In most cases, this is down to human error.
Human error remains a significant factor in security breaches. Without them even knowing, your employees are active targets for hackers and threat actors.
Therefore, educating them about security best practices and raising awareness about potential threats becomes essential.
You can conduct regular training sessions that cover topics such as recognizing phishing attempts and stopping phishing attacks, creating strong passwords, and exercising caution while sharing sensitive information.
Empowering your users with knowledge will help create a security-conscious culture within your organization.
Monitor and Analyze User Activities
Office 365 security allows you to implement robust monitoring and auditing capabilities. With the Unified Audit log feature, you can track user activities, identify suspicious behavior, and detect potential security breaches.
The monitoring features allow you to identify unauthorized login attempts, file access, and other user actions to respond to any anomalies and mitigate security risks effectively.
Employ Data Encryption
Encryption is yet another data protection and security feature and a critical aspect of the Office 365 suite. Encryption allows you to protect sensitive data by encrypting it both at rest and in transit.
Office 365 provides two encryption options that can be enabled to protect your data from unauthorized access.
Lastly, encryption works on emails, documents, and other files, adding an extra layer of security, even if they fall into the wrong hands.
Regularly Back up Office 365 Data
While Office 365 comes with built-in data redundancy features, it is still essential to have a comprehensive backup strategy in place.
Accidental deletion, retention policy gaps, malicious actions, and outages can result in costly data loss events.
Therefore, implementing a backup solution that periodically backs up your Office 365 data to an external location will prevent critical data loss and ensure you have access to the latest version.
Restrict External Sharing and Access
Review and configure external sharing settings in Office 365 to ensure that sensitive data is not inadvertently exposed to unauthorized users.
Utilize features like Azure Active Directory (Azure AD) Conditional Access and go into your Exchange Online configuration settings to control access to Office 365 services based on specific criteria, such as user location, device compliance, or IP address.
With these features, you create rules and external access policies to protect your Microsoft Office environment and ensure people only the access they need to perform their tasks.
Conduct Regular Security Assessments
Lastly, you can never be sure your Microsoft environment is fully safe if you don’t perform regular security assessments.
Through security assessments and penetration testing, we can identify vulnerabilities and weaknesses in Office 365 and take the appropriate actions to address them.
Conclusion
Enhancing Office 365 security is crucial for organizations to mitigate the ever-evolving cyber threats that target cloud environments. Fortunately, the Office 365 suite comes with advanced and robust security features.
But it requires an understanding of these features to ensure they’re implemented accordingly. These ten experts’ best practices and tips will help you do just that.
As the Galaxy S23 FE starts to take shape, Samsung appears to be preparing to re-launch the Galaxy S21 FE, at least in one market. The device will reportedly hit the Indian market with a different chipset next month. Not an entirely new processor, though. The company will seemingly bring the existing Snapdragon variant of the phone to India.
Like many other Samsung flagships launched in recent years, the Galaxy S21 FE also comes in two processor variants. Some markets got Qualcomm’s Snapdragon 888 SoC, while the phone shipped with the Korean firm’s in-house chipset Exynos 2100 in some others. As you might have guessed, buyers in India got the latter variant.
But a year and a half after the original launch in January 2022, Samsung is reportedly gearing up to re-launch the Galaxy S21 FE in India. This time, it will sell the Snapdragon variant in the South Asian country. The information comes courtesy of Twitter user @tarunvats33, who claims to have verified it with Samsung’s retail channels.
According to the source, Samsung plans to price the Snapdragon 888-powered Galaxy S21 FE at around ₹40,000 (roughly $490) in India, with sales beginning in July. As of this writing, the Exynos 2100 variant starts at ₹32,999 (roughly $400), though it was selling for even lower a few months back (during Samsung’s sales period).
The Snapdragon-powered Galaxy S21 FE would compete against the Galaxy A54 5G
At its rumored price, the “new” Galaxy S21 FE would cost as much as the Galaxy A54 5G in India. While it may be a no-brainer to pick the former, the latter benefits from being a newer device. It ships with Android 13 out of the box and will get updates until Android 17.
Since Samsung is essentially bringing an existing phone to India, it may not treat the Snapdragon-powered Galaxy S21 FE as a new device in the market. Hence, it is unlikely to arrive with Android 13 or any other changes. It’ll already be a year and a half old the day it hits store shelves in the country.
However, if Samsung goes the extra mile and re-launches the Galaxy S21 FE as a new phone powered by a new processor, it will easily cannibalize the sales of the Galaxy A54 5G. But, we have little hope. The company may be trying to clear the inventory from markets where it sold the phone with the Snapdragon chip. If the rumored timeline for the Galaxy S21 FE’s re-launch in India is accurate, we may hear more soon.
Reddit may have just issued a final warning to moderators of subreddits that are still private. The company has reportedly given those moderators a deadline to confirm if they plan to reopen the communities. The deadline ends later today. The firm hasn’t revealed the next course of action for moderators who keep their Reddit communities closed beyond the deadline. But it has previously threatened to remove those who don’t comply with guidelines defined by the Moderator Code of Conduct.
“Per Rule 4 of the Moderator Code of Conduct, moderators are required to be active and engaged within their communities. Given this, we encourage you to reopen. Please let us know within the next 48 hours if you plan on re-opening,” part of the message moderators received from a Reddit admin reads. “This community remaining closed to its members cannot continue,” the admin added in a separate note to one of the biggest Reddit communities that is still private, The Verge reports.
“Wanting to take time to consider future moderation plans is fine, but that must be done in at least a ‘restricted’ setting. This community will not remain private beyond the timeframe we’ve allowed for confirmation of plans here,” the Reddit admin warned. Another moderator was told that continued violation of the rule “will result in further action.” It sure looks like a final warning. Today’s deadline is notable because several subreddits recently wrote an open letter to the company for a response to their demands and concerns by June 29, i.e., today.
The Reddit community wants third-party apps back
The said open letter asks Reddit to “commit to exploring ways by which third-party applications can make an affordable return,” among other things (via). Several popular Reddit apps are shutting down at the end of this month due to the company’s API updates that require them to pay a hefty fee (about $20 million a year for some) to continue their operations. The firm has so far shown little regard for public disappointment. CEO Steve Huffman has been critical of third-party developers as well as moderators protesting the changes.
More than 8,000 subreddits went dark or private in a mass protest that began on June 12. Most have since re-opened or at least switched from private to restricted. But some moderators are still fighting. Reddit has been pushing them to reopen, threatening to replace moderators who don’t comply. Some have given in under pressure, but the company wants all subreddits back to normal as if nothing happened. It remains to be seen what’s to come next. Reddit’s proposed API updates will go into effect on July 1, 2023.
It’s an interesting evolution considering that Snapchat+ gained 1 million subscribers only two months after launch. At just $3.99 per month, Snapchat+ offers exclusive features that aren’t available in free version of the social app.
To make things even more appealing for its users and justify the monthly fee, Snapchat promised to bring new features to its premium service quite often. In the last year, Snapchat+ subscribers received access to more than 20 features, including custom app themes, unique app icons, as well as the ability to pin their #1 BFF.
Today’s announcement regarding the number of Snapchat+ subscribers also includes details about what’s coming for those who pay for the subscription service. Apparently, Snapchat plans to add “expressive chat messages” to Snapchat+ in the not-so-distant future. These are messages that allow users to express themselves using big reactions or small notes. Basically, Snapchat+ subscribers will be able to change the font size of their messages.
In addition, custom chat colors will be coming to Snapchat+ too, allowing users to pick the hue want to use when they message their friends. These two upcoming features are teased on Snap’s official website, so check them out if you’re paying for Snapchat+ or plan to become a subscriber.
.png
)
.webp)
