This new Gmail app update will show you your top search results first

andreasc
-
0
This new Gmail app update will show you your top search results first
[ad_1]
Google has announced an update to the Gmail mobile app that introduces a change in the way users can search for messages. The recent update, currently being gradually rolled out, will present the most relevant search results first, followed by the remaining results in chronological order.

This new search feature will be powered by AI, using Google’s machine learning models to scan your emails for the search term. You will then be served results with the most recent and relevant emails shown at the top of the list in a new dedicated “Top results” section. The rest of the results will follow underneath in another dedicated section.

Image Source - Google - This new Gmail app update will show you your top search results first

Image Source – Google

Once active for your account, you can begin to enjoy this new experience on your smartphone by navigating to the Gmail search bar and typing in your preferred search keyword. The update will begin to roll out gradually starting today and for up to two weeks before all Gmail users have it. It will also be available to all Google accounts, meaning paid Google Workspace and personal ones, ensuring that all get to try it out.

Google added that this has been a highly requested feature by users and was added as part of the company’s efforts to improve search on the Gmail app. This fact surprised me, considering how well I’ve found Gmail search to be at this point. However, every case is different.

There is no mention in the announcement of any plans to expand this feature across the web version of Gmail at the moment, but I could definitely see this becoming a valuable addition to Gmail. AI is everywhere now and Google refuses to be left behind, especially when it comes to search and locating emails. Leveraging the power of AI in our daily lives, such as email is at this point, is the best way to ensure machine learning models are trained properly and become even more helpful.


[ad_2]
Source link

Threat Hunting Platform Security Onion

andreasc
-
0
Threat Hunting Platform Security Onion
[ad_1]

The third Beta version of Security Onion 2.4 is made available by Security Onion Solutions. A free and open platform for log management, enterprise security monitoring, and threat hunting is called Security Onion.

It consists of both their in-house tools, such as Alerts, Dashboards, Hunt, PCAP, and Cases, as well as other products like Playbook, FleetDM, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, Zeek, and Wazuh.

It has been downloaded more than 2 million times and is used by security teams worldwide to monitor and protect their organizations.

Overview of Security Onion 2.4 Beta 3

Security Onion Changes in 2.4.2 Beta 3

Beta 3 of Security Onion 2.4  add more Influxdb notifications, as well as links to SOC error messages that direct users to search for recent SOC-related errors.

Add a Protected checkbox when uploading an attachment, support for the Apple Silicon Elastic Agent Installer, and EQL to the playbook.

Additionally, it permits any Docker container to have additional hosts and custom bindings.

List of Alerts

It connects the log files from Docker containers to the Grid Interface. If a DNS record is discovered during setup, the user will also be prompted to confirm the manager nodes’ IP address. 

There are now quick links to common configurations. Supports authentication rate limiting, improves SOC configuration handling of lists, and Simplifies cloud detection.

For a complete list of changes in this release, check the Release Notes.

Few Known Issues That Ought To Be Fixed In The Next Releases

  • A 2.3 to 2.4 in-place upgrade is not possible. Data migration is still under investigation.
  • There will be no support for upgrades from this 2.4 Beta release to any other version. They will assist soup to upgrade 2.4 grids starting in RC1.
  • Ubuntu 20.04 support is not available until RC1. This has to do with a 3rd party dependency. 
  • ATT&CK Navigator doesn’t work correctly yet.
  • so-import-evtx imports logs but they don’t get parsed correctly.
  • The following installation modes are NOT supported at this time:
    • Heavy Node
    • Receiver Node
    • Analyst Workstation

“When we release the final version of Security Onion 2.4, we will announce an End Of Life (EOL) date for Security Onion 2.3. Security Onion 2.3 will continue to receive security patches and priority bug fixes until it reaches EOL”, reads the release notification.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

EHA

[ad_2]
Source link

Kick off summer with these beautiful Pastel Switch Joy-Cons

andreasc
-
0
Kick off summer with these beautiful Pastel Switch Joy-Cons
[ad_1]

Summer is just around the corner, and companies are getting up to show their summer spirit. Just after the massive success of Zelda: Tears of The Kingdom, Nintendo has another treat for its Switch users. The company is releasing some new beautiful pastel-colored Switch Joy-Cons to get Summer started off right.

This has been a good year for Nintendo, as the long-awaited Mario movie was a massive Success. It reached over a billion dollars worldwide. Also, Zelda: Tears of The Kingdom sold more than 10 million copies on its first day. We’re all waiting for what other exciting things the company has in store.

One thing we may be able to count on is a collection of original animated content. Late last year, Nintendo purchased the animation studio called Dynamo Pictures. The company plans on naming it Nintendo Pictures and producing animated content based on original Nintendo properties. We’re not sure when to expect that, but we should keep our fingers crossed.

Nintendo has new pastel-colored switch Joy-Cons to commemorate summer

There are a ton of different designs and colors for the Switch Joy-Cons. A lot of them come from third-party companies, but Nintendo launches its own designs from time to time. According to the company itself (via Engadget), Nintendo has some very beautiful pastel-colored Joy-Cons that you can hook up to your Switch.

Pastel joy cons 2

There are four colors you can choose from, but each side has its own dedicated colors. The left side Joy-Cons are Pastel Pink and Pastel Purple, and the right side Joy-Cons are Pastel Green and Pastel Yellow. Unfortunately, these are sold as pre-arranged sets, so you can’t mix and match them unless you buy both sets. Pastel Pink will only come with Pastel Yellow, and Pastel Purple will only come with Pastel Green.

These new Joy-Cons will be available for purchase on June 30th, so there’s a bit of a wait. When they launch, they will cost $79.99. You can learn more about them here.


[ad_2]
Source link

Scammers are already exploiting the verification systems in Gmail

andreasc
-
0
Scammers are already exploiting the verification systems in Gmail
[ad_1]

It’s no secret that over the past few years, Google has been actively working to prevent phishing email scams. And in line with these efforts, the company recently introduced a new feature in Gmail called Brand Indicators for Message Identification (BIMI), which allows companies to verify their identities and add a blue checkmark, giving users an extra layer of protection against scammers. However, it looks like threat actors have already found a way to exploit this system, raising some serious concerns.

The issue was first discovered by cybersecurity engineer Chris Plummer, who found that threat actors were able to deceive Gmail’s authentication systems, which allowed them to masquerade as legitimate senders and bypass security checks. As a result, Plummer quickly reported the bug to Google in the hope that it would investigate this critical flaw. Unfortunately, Google closed the report, claiming it was “intended behavior.” Frustrated by this response, Plummer took to Twitter to share his findings, where the report quickly gained attention and caused widespread distress and concerns.

“There is most certainly a bug in Gmail being exploited by scammers to pull this off, so I submitted a bug which Google lazily closed as “won’t fix – intended behaviour”. How is a scammer impersonating UPS in such a convincing way intended,” said Plummer on Twitter. 

Widespread Concerns

While Google is yet to issue a statement regarding Plummer’s report, the collective outcry on social media might prompt the company to reevaluate its initial dismissal of the issue. This is because, as users, we rely on these verification systems to safeguard our online interactions, and the ability to differentiate between genuine and fraudulent sources is crucial in protecting our personal information and avoiding scams.

However, until Google releases a fix, users should remain vigilant and take additional measures to protect themselves from potential scams. These measures include being cautious of emails asking for sensitive information, refraining from opening suspected links, double-checking email addresses, and enabling 2FA.


[ad_2]
Source link

Verizon customers can now get Netflix, Paramount+, and Showtime at a big combined discount

andreasc
-
0
Verizon customers can now get Netflix, Paramount+, and Showtime at a big combined discount
[ad_1]

Verizon has been trying hard for the last couple of years to keep up with T-Mobile’s generosity in the streaming space, and while the latest such offer is obviously not as compelling as giving away Netflix or Disney+ access for free, it can still add up to a pretty substantial discount in the long run.
The key condition is to want both a Netflix Premium and Paramount+ Premium with Showtime subscription, which you can currently get from the top wireless service provider in the US at a combined monthly cost of $25.99.
That’s not exactly the cheapest video streaming bundle on the market today, but if you do the math, Big Red says you’ll save a cool 70 bucks a year with its newest +play promotion compared with how much you’d separately pay for the two “premium” services.
For those unfamiliar with it, +play is basically Verizon’s one-stop shop for streaming platforms like Netflix, Paramount+, Max, AMC+, and Starz, as well as many other subscription services covering areas as diverse as education, lifestyle, and fitness.
This was the place where Verizon customers could get a free year of Netflix a couple of times in recent months, and it’s now the number one requirement to be able to claim the aforementioned streaming combo at a special price of 26 bucks a month.

Keep in mind that you will need to be a new subscriber of the Paramount+ Premium with Showtime service tier to be eligible for this promo, while both new and existing Netflix Premium users should have no problem taking advantage of the deal “for a limited time.”

Seeing as how everyone (still) has Netflix, that’s a very nice gesture on Verizon‘s part, and given that almost no one has Paramount+, this is a great opportunity for a lot of people to gain cheap access to shows like 1923, Tulsa King, or Mayor of Kingstown.

[ad_2]
Source link

Jetpack WordPress Plugin Patched A Critical Vulnerability

andreasc
-
0
Jetpack WordPress Plugin Patched A Critical Vulnerability
[ad_1]

The popular and one of the most-used WordPress plugins, Jetpack recently addressed a critical security issue. Despite no active exploitation, WordPress force installed Jetpack plugin updates to websites to patch the vulnerability.

Jetpack WordPress Plugin Vulnerability

Reportedly, the Jetpack plugin had developed a severe security flaw that risked millions of WordPress websites. The news surfaced online as the Jetpack team rolled out a major security update for the plugin, urging users to update.

According to the recently published security bulletin, the plugin developers discovered a critical vulnerability affecting Jetpack API during an internal security audit. Notably, the vulnerability existed in the plugin since its 2012 version 2.0 – around a decade ago.

Fortunately, the flaw remained hidden from adversaries, avoiding any security threats to the websites. Nonetheless, if exploited, the vulnerability would allow an attacker with author roles on a website to manipulate any files in WordPress installation.

For now, the plugin team refrained from sharing any details about the vulnerability to avoid potential exploitation attempts. The changelog on the plugin’s official page merely lists a REST API issue that the team fixed to ensure proper validation of all files uploaded via the API.

Upon noticing the vulnerability, the Jetpack plugin team quickly developed a patch for different plugin versions. Eventually, they released 102 different versions on the same day to address the site requirements of different WordPress users.

WordPress Force Installs Plugin Updates

Jetpack currently boasts over 5 million active installations, hinting at the huge number of websites at risk due to plugin vulnerabilities. Nonetheless, to avoid such threats, the plugin team collaborated with the WordPress security team to ensure the automatic roll-out of the patches.

Consequently, WordPress started force-installing Jetpack updates accordingly on the websites to prevent potential attacks.

While Jetpack confirmed detecting no active exploitation of the flaw, the developers still urge users to ensure updating their websites with the latest releases.

On a side note, another WordPress plugin, Beautiful Cookie Consent Banner, also recently addressed a serious cross-site scripting (XSS) issue. Therefore, all WordPress admins must review their sites for proper updates to all installed plugins to avoid security risks.

Let us know your thoughts in the comments.


[ad_2]
Source link

Xiaomi 14 Ultra to retain 1-inch camera sensor, earlier launch tipped

andreasc
-
0
Xiaomi 14 Ultra to retain 1-inch camera sensor, earlier launch tipped
[ad_1]

The Xiaomi 13 Ultra launched back in April, in China, and we’re waiting for its global announcement. As we’re waiting for that to happen, some information regarding its predecessor appeared. The Xiaomi 14 Ultra will retain a 1-inch camera sensor, it seems, while it could launch sooner than expected.

The Xiaomi 14 Ultra could retain the same 1-inch camera sensor

The information regarding the 1-inch camera sensor comes from Digital Chat Station, a well-known tipster. The phone could actually retain the same sensor as the current-gen model.

As a reminder, the Xiaomi 13 Ultra comes with a 50-megapixel main camera, Sony’s IMX989 sensor. It also includes Leica’s Vario-Summicron lens, and a 2-stop variable aperture (f/1.9-f/4.0).

Having said that, the tipster also noted that the M43 sensor, a 1.33-inch unit, is still too big for phones, and won’t be seen in one in the near future. He did note, however, that the Xiaomi 15 Ultra could arrive with a bigger sensor. We’re not sure if he meant the M43 or not, but there you have it.

The device could launch in Q1 2024, earlier than expected

Now, another piece of news has arrived from Ice Universe, another well-known tipster. He shared some information regarding the Xiaomi 14 Ultra. The tipster says that the phone could arrive sooner than we think.

The Xiaomi 13 Ultra launched back in April, and the Xiaomi 14 Ultra could arrive in Q1 2024. In other words, Xiaomi could announce it in January, February, or March.

Considering that Q1 is usually the timeframe Xiaomi announces its regular flagship smartphone series, the Xiaomi 14 Ultra could arrive alongside the Xiaomi 14 and Xiaomi 14 Pro. That would make all the sense in the world.

All three of those phones will be Xiaomi’s high-end offerings, most likely fueled by the Snapdragon 8 Gen 3 processor. It’s still too early to tell for sure, however, so… do note that.


[ad_2]
Source link

Snapdragon 8 Gen 3 launch date confirmed by Qualcomm

andreasc
-
0
Snapdragon 8 Gen 3 launch date confirmed by Qualcomm
[ad_1]

Qualcomm has already confirmed the launch date for its next-gen flagship SoC, the Snapdragon 8 Gen 3. The company has scheduled its Snapdragon Tech Summit, which automatically confirmed the Snapdragon 8 Gen 3’s arrival.

The Snapdragon 8 Gen 3 launch date has been confirmed

Qualcomm usually announces next-gen flagship chips during the Snapdragon Tech Summit, so the same is expected this year. The conference was scheduled for October 24, 25, and 26 in Maui, Hawaii.

The chip will probably launch on October 24, as Qualcomm usually does that on the first day of the Snapdragon Tech Summit. We’re still almost 5 months away from that launch, but the dates are official.

Having said that, the Snapdragon 8 Gen 3 (SM8650) will allegedly use a new 1+5+2 cores setup, compared to a 1+2+2+3 setup Qualcomm used in the Snapdragon 8 Gen 2. TSMC’s N4P process will be used for manufacturing.

This chip will utilize a new cores setup

The Snapdragon 8 Gen 3 is expected to utilize 1x Cortex-X4 prime core, 5x A720 performance cores, and 2x A520 power efficiency cores. On top of that, the Adreno 750 GPU will be a part of the package.

Based on some rumored info, the Adreno 750 GPU will bring significant improvements in the performance department. And it will offer 10MB L3 cache, compared to 8MB L3 cache from the Snapdragon 8 Gen 2.

The Xiaomi 14 series could be the first to utilize the Snapdragon 8 Gen 3 SoC, based on some info from a tipster. That wouldn’t be surprising at all. Do note that the Xiaomi 14 series will first launch in China, though.

The Snapdragon 8 Gen 2 proved to be an outstanding SoC, as was the Snapdragon 8+ Gen 1. Since Qualcomm transferred over to TSMC, things have improved considerably, and those two chips are proof on their own. The expectations for the Snapdragon 8 Gen 3 are quite high.


[ad_2]
Source link

Toyota Server Misconfiguration Leaks Owners Data

andreasc
-
0
Toyota Server Misconfiguration Leaks Owners Data
[ad_1]
Toyota Misconfiguration Data Leak

As per reports, On May 12, 2023, Toyota Motor Corporation discovered that they had been subject to a Potential data leak due to misconfiguration of the Cloud Environment on their Japanese side.

Toyota Investigated all of its cloud environments and found that some customer information was accessible externally.

Currently, there has been another incident at Toyota Motors. The company stated that this incident was also due to insufficient data dissemination and handling rules.

It was also mentioned that the company has now implemented a system for monitoring cloud configurations.

Toyota Motors confirmed that there wasn’t any secondary use of the data exfiltrated by the threat actors.

The company is currently working on resolving this issue by enforcing better rules for data handling and educating its employees.

Data Leak Incident List

1. Domestic Service Incidents In Japan

Map data updates, vehicle device IDs, and other information relating to navigation terminals were potentially accessible externally.

However, Toyota Motors stated this information alone would not be sufficient for threat actors to affect any vehicle.

Furthermore, Customers who subscribed to the G-Book with a G-Book mX or G-Book mX Pro compatible systems were subjectively impacted.

G-Link / G-Link Lite subscribers who renewed their Maps on-demand service between February 9, 2015, and March 21, 2022, are affected due to this incident.

Toyota stated that the number of impacted customers accounts for around 260,000. The cloud environments were suspected to be externally accessible over 7 years, from February 9, 2015, to May 15, 2023.

2. Overseas Service Incidents

Cloud environment for overseas dealers, which consists of files for maintenance and investigation of the system, was also externally accessible due to a misconfiguration.

These files contain the Address, Vehicle Identification Number (VIN), Email address, Phone number, Name, and Vehicle Registration Number.

After discovering this, Toyota Motors Corporation has immediately blocked external access. 

EHA

Countries that were affected due to this includes some of the Asian countries and Oceanic.

The misconfiguration and external access were discovered to be available from October 2016 to May 2023.

Vehicles that were affected due to this incident

VehiclePeriod of time it was on sale
LSOctober 2009 – September 2014
GSSeptember 2009 – August 2014
HSJuly 2009 – July 2015
ISJuly 2009 – August 2013
IS FDecember 2007 – May 2014
IS CMay 2009 – July 2014
LFADecember 2010 – December 2012
SCAugust 2009 – July 2010
CTJanuary 2011 – December 2013
RXJanuary 2009 – September 2015

Toyota Motors claimed that they have set up a customer service center to aid affected customers.

It was also mentioned that Toyota Motors will deal with the information protection laws and each country’s regulations.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


[ad_2]
Source link

The One UI 6.0 beta might not land this month

andreasc
-
0
The One UI 6.0 beta might not land this month
[ad_1]

It’s the time of the year when we’re testing out the newest version of Android, and Samsung is preparing to test Android 14 running on One UI 6.0. We were all getting our hopes up because we were expecting the beta to launch soon. However, according to Sam Mobile, the One UI 6.0 beta may not be landing in June.

It seems that Samsung is having trouble on both the smartphone and wearable software fronts. We recently got word that the beta for One UI Watch 5 was also delayed. Rumors pointed to this version of the wearable software landing sometime last month. However, the future of One UI Watch 5 is uncertain.

The One UI 6.0 beta may not be coming soon

At this point, there’s no official word to back up any claims, so you’ll want to take this news with a grain of salt. We’re still dealing with leaked information that could or could not be true.

Rumors pointed to the one UI 6.0 beta releasing for Galaxy users sometime in June. Since it’s June 1st now, it would have meant that the beta would launch very soon. A lot of those rumors came via Twitter, however, you can’t trust everything you hear on that platform.

The thing is that even business insiders who typically have their ears against Samsung’s door haven’t heard anything about a June release. If the company was planning on releasing One UI 6.0 in June, we would have heard something by now.

This is rather surprising, seeing as Samsung is one of the top Android manufacturers when it comes to timely software updates. We all know that Samsung often delivers its security patches before even Google. This is in stark contrast to several years ago when the company would take months to deliver the latest updates.

So, the fact that Samsung is struggling with updates strikes us as odd. In any case, if you’re holding your breath for the One UI 6.0 beta, you’ll want to hold tight. We have no idea when this is going to launch, but hopefully, it’s not too long.


[ad_2]
Source link
1...1,2021,2031,204...1,471Page 1,203 of 1,471