May update widely rolling out to Galaxy A33 5G, A32 & more

andreasc
-
0
May update widely rolling out to Galaxy A33 5G, A32 & more
[ad_1]

Samsung is pushing the May 2023 Android security patch to a host of budget and mid-range devices. According to SamMobile, last month’s security update is now available for the Galaxy A33 5G, Galaxy A32, Galaxy A23, Galaxy A13, Galaxy A13 5G, Galaxy A12, Galaxy A12 Nacho, and Galaxy A04s in various parts of the world. Some of these devices have already received the May SMR (Security Maintenance Release) in a few markets.

The Galaxy A33 5G was one of the first non-flagship Samsung phones to get the May update. The company began the rollout in the first week of May for users in Latin America. The update came with the build number A336MUBS4CWD4. The rollout reached users in Thailand last week with the build number A336EDXS6CWE3. Last month’s security update for the Galaxy A33 5G isn’t available in any other markets.

Meanwhile, Samsung is pushing a second May update to the phone in Latin America. The latest firmware version is A336MUBU5CWE1. It’s unclear if this release contains a critical bug fix or anything else. The official changelog doesn’t give us any clue. The Korean behemoth may release this update widely in the coming weeks.

The May update for the Galaxy A32 contains added goodies, though. Rolling out in Samsung’s homeland South Korea, it brings improvements to the SOS feature, including location accuracy (see changelog). The updated build number in the region is A325NKSU3DWE3. Samsung may push this update in other regions soon. The May SMR isn’t yet available for the Galaxy A32 5G in any market.

The Galaxy A23 and Galaxy A23 5G, meanwhile, both received Samsung’s May 2023 update in a few markets early last month. The company is now expanding the release for the former to more regions. The update bears the build number A235MUBU3CWE2 in Latin America and A235NKSU2CWE4 in South Korea. The rollout for the 5G version hasn’t expanded outside of Europe.

Samsung’s May update is also available for the Galaxy A13, Galaxy A12, and more

Joining the aforementioned mid-range Galaxy devices in Samsung’s May 2023 update party are the Galaxy A13, Galaxy A13 5G, Galaxy A12, Galaxy A12 Nacho, and Galaxy A04s. All of these devices are getting the new SMR widely, though the company hasn’t released the patch for the US versions of these devices (not all of them were released in the US). The Galaxy A13 5G recently received One UI 5.1 stateside. If you’re using any of these phones, you can check for new updates from the Settings app.


[ad_2]
Source link

Cortana is leaving Windows soon

andreasc
-
0
Cortana is leaving Windows soon
[ad_1]

Be honest, you typically forget that Cortana exists, don’t you? Microsoft’s digital assistant was not quite able to keep up with the likes of Amazon Alexa, Google Assistant, and Siri. Well, according to a new report from XDA Developers, it appears that Cortana is leaving the Windows operating system.

Microsoft’s Cortana was a useful tool to help you navigate your Microsoft products, but it just didn’t have the staying power that other assistants have. Over the past couple of years, we’ve seen Cortana sink into obscurity. While that’s not great news, Microsoft is looking to move forward and implement the GPT-4-powered Copilot into its products.

Cortana is leaving the Windows operating system

Microsoft has been making a huge push into AI with ChatGPT being the engine. The company introduced Windows Copilot last week, and we were all led to expect that this would be the replacement for Cortana. Out with the old, and with the new.

However, Microsoft’s Aaron Woodman told XDA Developers that Copilot was not going to be a replacement for Cortana. He seems to have been pretty sturdy in his statement, which makes it all the funnier that a support document from the company states that Cortana on PC will lose support later on this year.

Microsoft didn’t give an exact date or much of a ballpark; it said in late 2023. Since we’re approaching the halfway mark of the year, it seems that Cortana only has a few more months on Windows.

The voice assistant isn’t quite baked into the operating system. Rather, it sits as its own Standalone app. It’s very out of the way, so most people might not have known about it.

If you are an avid Cortana user, then you may want to say your final goodbyes over the next couple of months. However, Cortana leaving Windows does not mean that it’s going away completely. Microsoft pointed out that Cortana will still be available on Outlook mobile, Teams display, Teams mobile, and Teams rooms. However, we’re not exactly sure how long it’s going to be supported on those platforms either.


[ad_2]
Source link

Update now! MOVEit Transfer vulnerability actively exploited

andreasc
-
0
Update now! MOVEit Transfer vulnerability actively exploited
[ad_1]

A critical vulnerability in Progress MOVEit Transfer is being used to steal large amounts of data

On May 31, 2023, Progress Software released a security bulletin about a critical vulnerability in MOVEit Transfer.

The security bulletin states:

“a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to MOVEit Transfer’s database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements.“

This means the vulnerability could lead to an attacker gaining escalated privileges and unauthorized access to the environment.

MOVEit Transfer is a widely used file transfer software which encrypts files and uses secure File Transfer Protocols to transfer data. As such it has a large userbase in the healthcare industry and many others. Progress advertises MOVEit as the leading secure Managed File Transfer (MFT) software used by thousands of organizations around the world to provide complete visibility and control over file transfer activities.

To give you an idea of the possible impact, a Shodan search query for exposed MOVEit Transfer instances yielded over 2,500 results, most of which belong to US customers.

Shodan search for MOVEit servers

Several researchers have observed that this vulnerability is being exploited in the wild. BleepingComputer says it has information that cybercriminals have been exploiting the zero-day in the MOVEit MFT software to perform massive data downloads from organizations.

The method used to compromise systems is to drop a webshell in the wwwroot folder of the MOVEit install directory. This allows the attacker to obtain a list of all folders, files, and users within MOVEit, download any file within MOVEit, and insert an administrative backdoor user into, giving attackers an active session to allow credential bypass

The Cybersecurity and Infrastructure Agency (CISA) is urging users and organizations to review the MOVEit Transfer Advisory, follow the mitigation steps, apply the necessary updates, and hunt for any malicious activity.

Several researchers have provided methods to make the hunt easy. These are the ones I could find:

Note: A Sigma rule is a generic and open YAML-based signature format that enables a security operations team to describe relevant log events in a flexible and standardized format. YARA rules are a way of identifying malware (or other files) by creating rules that look for certain characteristics.

Mitigation

All MOVEit Transfer versions are affected by this vulnerability. See the table below for the security patch for each supported version.

The method recommended by Progress is to:

1. Disable web traffic

Disable all HTTP and HTTPs traffic to your MOVEit Transfer environment. More specifically, modify firewall rules to deny HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443 until the patch can be applied. It is important to note, that until HTTP and HTTPS traffic is enabled again:

  • Users will not be able to log on to the MOVEit Transfer web UI 
  • MOVEit Automation tasks that use the native MOVEit Transfer host will not work
  • REST, Java and .NET APIs will not work
  • MOVEit Transfer add-in for Outlook will not work
  • SFTP and FTP/s protocols will continue to work as normal
  • Administrators will still be able to access MOVEit Transfer by using a remote desktop to access the Windows machine and then accessing https://localhost/.

2. Review, Delete and Reset

  • Delete unauthorized files and user accounts
  • Delete any instances of the human2.aspx and .cmdline script files.
  • On the MOVEit Transfer server, look for any new files created in the C:\MOVEitTransfer\wwwroot\ directory, and for new files created in the C:\Windows\TEMP\[random]\ directory with a file extension of [.]cmdline
  • Review logs for unexpected downloads of files from unknown IPs or large numbers of files downloaded.
  • Reset Credentials
  • Reset service account credentials for affected systems and MOVEit Service Account

3. Apply the Patch

Patches for all supported MOVEit Transfer versions are linked below. Please note, the license file can remain the same to apply the patch.


4. Enable we traffic, verify, monitor

Enable all HTTP and HTTPs traffic to your MOVEit Transfer environment. Then confirm the files have been successfully deleted and no unauthorized accounts remain by following follow the steps under “Review, Delete and Reset” again. If you do find indicators of compromise, you should reset the service account credentials again. Monitor network, endpoints, and logs for IoCs (Indicators of Compromise).

Malwarebytes

Malwarebytes blocks traffic to five malicious IP addresses—138.197.152.201, 209.97.137.33, 5.252.191.0/24, 148.113.152.144, 89.39.105.108—that were found to look for vulnerable systems, and detects the malicious C:\MOVEitTransfer\wwwroot\human2.aspx as Exploit.Silock.MOVEit.

showing Malwarebytes blocks 148.113.152.144

Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Google Pixel Watch rear plate is randomly falling off

andreasc
-
0
Google Pixel Watch rear plate is randomly falling off
[ad_1]

Google Pixel Watch is dealing with a design fracture. The users are complaining about the Pixel Watch rear plate randomly coming off without apparent reason. The number of complaints has been on the rise for the last few months.

Pixel Watch was one of the most anticipated gadgets from the Pixel family, and it’s arguably among the best Android watches you can buy right away. However, the wearable is now facing a loose rear plate that frustrates users. The owners on Reddit are sharing their experiences with the issue.

Yet, the reason behind it is known, but some users say the rear plate came off while removing the watch from the charger. So Google must indeed check the Pixel Watch chassis and its connection with the back plate. The number of impacted customers is yet to be discovered, but it doesn’t seem to be a widespread issue.

Pixel Watch rear plate is coming off, and no one knows why

The history of some complaints goes back to about two months ago, and Google has not yet officially reacted to this issue. A handful of users say they got a replacement after contacting Pixel support. However, not all impacted owners are this much lucky. Some customers claim that Pixel support charged them $300 to file a warranty claim, and in some cases, the replacement request was denied.

Such issues could impact users’ purchasing decisions and direct them toward rival watches like Samsung Galaxy Watch 5 and Apple Watch Series 8.

As long as we can remember, it’s not unusual for Pixel devices to come up with quality issues after launching to the market. Recently, users complained about Pixel 7 Pro volume buttons falling apart, preventing them from adjusting the volume. In another case, users reported the Pixel 7’s rear camera glass breaking without any external force applied.

If Google wants Pixel devices to hang in the same crowd as Samsung and Apple products, it needs to improve built quality to prevent similar issues in the future.


[ad_2]
Source link

Twitter head of safety and content moderation resigns

andreasc
-
0
Twitter head of safety and content moderation resigns
[ad_1]

Ella Irwin, the Twitter head of safety and content moderation, has resigned from her position. News of her resignation hit the internet a few hours ago and is raising some dust among netizens. Her time at Twitter as the head of safety and content moderation didn’t last up to a year.

She took over from the previous occupant of that position, Yoel Roth, in November last year. Now as she exits the company, someone else would have to fill up her role, and details on that are not available. The reason behind her departure from Twitter is unknown, as she holds back from sharing with two sources of this information.

These sources both confirm that Twitter is not also providing information on Ella Irwin’s exit from the company. But there are some similarities between Ella’s exit and that of Yoel, the previous occupant of that position. Netizens are also connecting the dots between Ella’s resignation and a recent issue that questioned Twitter’s freedom of speech claims.

Twitter’s head of safety and content moderation leaves the company following a freedom of speech-related issue

According to Elon Musk, one of his main objectives for purchasing Twitter was to grant users freedom of speech. This sounds very ideal because all users of Twitter have an opinion and what to be heard. Despite the opposition Elon got from certain groups, there were still a few people that gave their support and were confident in Elon’s dream.

One such person was Yoel Roth, the then head of safety and content moderation at Twitter. But after the purchase of Twitter, Yoel tendered his resignation, saying that his “optimism ultimately faded.” This faded optimism is a result of Elon’s style of doing things and his desire to take action on his own.

After taking over the safety and content moderation team, Ella Irwin was firmly on Elon’s side. But in less than a year of her occupying her position at Twitter, she is already stepping down. Netizens are now linking her resignation to the issue involving the folks at the Daily Wire and Twitter.

Ahead of the debut of their film “What is a Woman”, the team at Daily Wire reached out to Twitter for promotion. After initially agreeing to offer a promotion package for the film, Twitter then turned back on their words. They then informed the Daily Wire that the promotion will not pull through, and the film will be flagged as hateful content.

This decision came after Twitter reviewed the film, which questions the actual identity of a woman. According to Twitter, the film misgenders girls and transgender people, hence the need to restrict its reach on the platform. This action is against the freedom of speech that Elon Musk was fighting for prompting his Twitter purchase.

Is this issue the main reason behind Ella Irwin’s exit as Twitter’s head of safety and content moderation? There is no backing to this claim, as the two events might have occurred within the same period. But the issue has raised a lot of dust on the internet, as some argue that Twitter is trying to restrict the voice of its users.


[ad_2]
Source link

Android 14 may let you see detailed battery health stats

andreasc
-
0
Android 14 may let you see detailed battery health stats
[ad_1]

Android 14 may bring an iPhone-like battery health feature to Android-powered smartphones and tablets. Google has developed new APIs that enable Android devices to report detailed battery stats, including cycle count, charging status, state of health (estimated percentage of the original capacity), manufacturing date, charging policy, and more. It’s unclear if the company plans to integrate the feature in the system settings app or leave it to OEMs or third-party developers to come up with their custom solutions.

Google has been working on a battery health feature for Android since last year

Android expert Mishaal Rahman first spotted an in-development battery health feature in an Android 13 QPR (Quarterly Platform Release) beta build last October. While the feature was missing from the first Android 14 beta build, Google added new system APIs to Beta 2 that serve a similar purpose. Digging deeper into the new release, Rahman found that these APIs can be used by any third-party app to pull up battery stats.

Using this information, an Android developer with the Twitter handle @narektor created a simplistic proof-of-concept app to check the functionality of the new APIs. The open-source app aptly named Batt is available to download from GitLab. It works on Android 14-powered devices and can show a detailed battery report. You can see a few screenshots shared by users who tested this app in the Twitter thread below.

As pointed out by Rahman, there’s no way to verify the accuracy of the data reported by the app. All it does is give you information returned by the APIs in an easily apprehensible way. The APIs also rely on the stats tracked by the charging IC and HAL’s (Hardware Abstraction Layer) support for the feature. Moreover, some of the data, such as the manufacture date and the date of first use, appear to be default data provided by Google with no actual tracking happening.

It’s unclear if Google will bake this feature into the OS

This is the closest we have ever been to a battery health feature on Android. Now that Google has developed APIs that can report battery stats, we hope the company would go the distance and bake the feature into Android’s Settings app. That would be more convenient than a separate app for the same purpose. OEMs can build custom power management features and charging recommendations around it. We will let you know when we have more information. The stable Android 14 release is still a few months away.


[ad_2]
Source link

T-Mobile is bringing yet another fee for its users

andreasc
-
0
T-Mobile is bringing yet another fee for its users
[ad_1]

T-Mobile has been lauded as the “Un-carrier”. It offered cheaper rates compared to Verizon and AT&T, and it’s always been the more fun of the carriers. However, there’s nothing fun about fees. According to a new report, T-Mobile is adding a new in-store fee.

T-Mobile has had some turbulent times lately. Being a T-Mobile customer is getting more expensive as time goes on, and being an employee is not much better. The company has been letting go of a ton of workers along with other tech companies. Also, we can’t forget about the several data breaches that the company has suffered in recent history. Hopefully, things will change for the company as we approach the second half of the Year.

T-Mobile is adding an in-store fee

The company has been hard at work closing down its brick-and-mortar stores. This means fewer employees to help customers and fewer stores for people to receive in-person assistance. This is, as expected, a move to stave off Financial losses.

This is unfortunate for the people who lost access to these stores. However, people who do have access to the stores or also met with some unfortunate News. According to The Mobile Report, T-Mobile will be adding an additional fee for people who want to pay their bills in-store. This will be a $5 fee on top of their bill.

That seems like a pretty big smack to the face, seeing as T-Mobile has been adding different device connection charges to people’s bills lately. Also, the company removed the auto-pay discount. It seems that T-Mobile is looking for more ways to squeeze money out of its customers, and you can bet that they will be upset.

While the turbulent economy is affecting companies, it is, of course, affecting the millions of users who rely on T-Mobile’s services. Houses are more expensive, groceries are more expensive, gas is more expensive, Etc. So, an extra $5 fee on top of their monthly bill doesn’t make things any better. The company will start charging this fee on July 19th.


[ad_2]
Source link

The weather widget on Android Auto’s new Coolwalk redesign may be making a comeback

andreasc
-
0
The weather widget on Android Auto’s new Coolwalk redesign may be making a comeback
[ad_1]

Google began its roll out of the “Coolwalk” Android Auto redesign earlier this year which brought a split-screen view to users’ dashboards. Unfortunately, with that rollout Android Auto lost the always helpful weather widget on smaller displays, but newly found source code reveals it may be coming back.

The report comes to us from 9to5Google after Reddit user u/shmykelsa spotted the changes in the code a few days ago. Coincidentally, this is the same user that first discovered the Coolwalk design before it was widely rolled out.

The weather card or widget was part of older versions of Android Auto but has since then been re-added and then removed again, but only on displays that didn’t meet a certain resolution criteria. This left those of us with standard-sized head units at a disadvantage, as the icon would only show on displays with more vertical space.

The card’s function, besides displaying the weather, extends to giving you a readout of weather conditions when tapped. This functionality can be very helpful, particularly if you are in the middle of driving and cannot take your eyes off the road.
This same functionality is currently only available with the one weather app that is compatible with Android Auto, which is WeatherRadar and The Weather Channel which will be available in the future. Other than that, unless you have a car with a large display head unit, you’re out of luck.

However, according to the code found that corresponds to a new inactive flag, Google is looking to enable the weather card on all screen sizes. Since force enabling the flag doesn’t yet yield any results, it is unknown if this widget will be reduced in size to accommodate for the smaller real estate.

Image Credit - u/shmykelsa (Reddit) - The weather widget on Android Auto's new Coolwalk redesign may be making a comeback

Image Credit – u/shmykelsa (Reddit)


Google has not yet officially announced when or if the weather icon will be brought back to Android Auto’s Coolwalk redesign. However, the fact that Google is considering doing so is a positive sign for users who miss being able to see or listen to the weather at a glance while driving.

[ad_2]
Source link

Kaspersky Reveals iPhones of Employees Infected with Spyware

andreasc
-
0
Kaspersky Reveals iPhones of Employees Infected with Spyware
[ad_1]

According to Kaspersky, this is an ongoing investigation, and the perpetrators are yet to be determined.

The CEO of cybersecurity giant and antivirus vendor Kaspersky, Eugene Kaspersky, revealed in a blog post that dozens of iPhones used by their senior employees contained spyware capable of recording audio, capturing images from messaging apps, geolocation, and more.

The company noted that iOS devices on its WiFi network had become targets of threat actors who launched zero-day exploits as part of Operation Triangulation. The researchers discovered the oldest traces of infection in 2019, and it is believed that the attack is still active.

How Was the Activity Discovered?

Kaspersky researchers noted suspicious activity on several iPhones while monitoring network traffic for mobile devices on their corporate WiFi network through the KUMA (Kaspersky Unified Monitoring and Analysis) platform.

To investigate further, they created offline backups of these devices since they couldn’t inspect them from the inside and discovered an infection using the Mobile Verification Toolkit’s mvt-ios. This utility provides information about the sequence of events, allowing researchers to recreate the incident.

Digging Deeper…

The attack begins with iOS phone users receiving an iMessage with an attachment that contains the exploit. Upon clicking, it triggers a vulnerability that leads to code execution without involving user input, making it a zero-click attack.

The malicious code downloads new payloads after connecting with the C2 server, which can include privilege escalation exploits. The final payload is a feature-rich APT platform.

“The analysis of the final payload is not finished yet. The code is run with root privileges, implements a set of commands for collecting system and user information, and can run arbitrary code downloaded as plugin modules from the C&C server,” the researchers wrote in their blog post.

Various Vulnerabilities Used to Get Deeper Access

Multiple vulnerabilities are combined to allow attackers deeper access to the compromised device. Once the final payload is downloaded, the message and the malicious attachments initiate self-deletion. The malware cannot maintain persistence if the device is rebooted, but researchers observed reinfection in some samples.

The exact nature of the bugs used in this attack chain is unclear, but one of the flaws could be the kernel extension vulnerability (CVE-2022-46690) patched by Apple in December 2022.

Apple’s Response

Kaspersky’s findings were published the same day the Russian security services released a statement blaming the US for exploiting Apple devices to launch reconnaissance operations.

“Several thousand telephone sets of this brand were infected….. In addition to domestic subscribers, facts of infection of foreign numbers and subscribers using SIM cards registered with diplomatic missions and embassies in Russia, including the countries of the NATO bloc and the post-Soviet space, as well as Israel, SAR, and China, were revealed,” Russian intelligence claimed.

However, Apple’s spokesperson refuted these allegations, stating that none of their products have ever contained a backdoor, and Apple would never collaborate with governments.

Regarding Kaspersky’s report, Apple stated that the issue was detected in some versions of iPhones (iOS version 15.7 and below), whereas currently, iOS devices run version 16.5.

Patrick Wardle, an iOS and macOS security researcher, told Wired that Kaspersky remained hacked by an iOS zero-day exploit for five years, and the issue has been discovered now, indicating that it is pretty challenging to detect zero-day exploits.

Kaspersky noted that this difficulty is caused by iOS’s locked-down design, making it tough to inspect iOS’s activities. This is an ongoing investigation, and the perpetrators are yet to be determined. Stay tuned for an update…

  1. Israel hacked Kaspersky Labs
  2. Kaspersky spots CIA malware
  3. US: Kaspersky is a national security threat
  4. WikiLeaks’ Vault 8: CIA Impersonated Kaspersky Lab
  5. Kaspersky Reveal How NSA Hacking Tools Were Stolen

[ad_2]
Source link

Original Galaxy Z Fold gets its first update in months

andreasc
-
0
Original Galaxy Z Fold gets its first update in months
[ad_1]

The original Galaxy Z Fold is reaching the sunset of its lifetime. With the 5th generation of Samsung foldables set to come out soon, the first foldable seems like a distant memory. However, Samsung still delivers software updates to it. The original Galaxy Z Fold is getting the May security update, according to Sam Mobile.

Now, the original Galaxy Z Fold is nearing the end of its lifetime with about a year of software updates left. Being on Android 12, it’s not going to receive any more major Android upgrades. Now, it’s just coasting on the remaining security updates that it will receive until sometime in 2024.

If you are still rocking this phone, and miraculously haven’t broken it yet, you may want to consider getting a newer model. The Galaxy Z Fold 5 is expected to launch sometime this July. However, if you’re looking to save some money and buy an older variant, then you may want to consider getting the Galaxy Z Fold 4 or the Galaxy Z Fold 3. If you do some digging, you can find a refurbished Galaxy Z Fold 3 for under $700.

The original Galaxy Z Fold is getting the May security update

This is going to be the first update for this phone outside of Korea in several months. The update for this phone has the version number F900FXXU6HWE2, and it was spotted in the French version of the phone. However, we expect it to make its way throughout Europe over the coming weeks.

The update itself will bring the usual slew of bug fixes and security patches. It will help keep the system running smoothly and make it more secure from attackers. However, as you can expect, that may be pretty much it. Since this phone is so old, we can’t expect Samsung to add any additional features to its software.

If there are going to be any new features added to one UI, we expect them to be added into One UI 6 running on Android 14. We’re waiting on the beta for that to launch, but there has been a delay. We’re not sure when Samsung is going to launch the One UI 6 beta.


[ad_2]
Source link
1...1,2011,2021,203...1,471Page 1,202 of 1,471