Zyxel has released a security advisory about two critical vulnerabilities that could allow an unauthorized, remote attacker to take control of its firewall devices.
Zyxell has released a security advisory for multiple buffer overflow vulnerabilities. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on the affected Zyxell firewalls.
Affected users should patch as a matter of urgency, and we urge you not to expose the management interfaces of network edge devices to the Internet, in order to reduce their attack surface.
The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVEs patched in these updates are:
CVE-2023-33009: A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1.
CVE-2023-33010: Another buffer overflow vulnerability in the ID processing function in the same Zyxel firmware versions.
A buffer overflow is a type of software vulnerability that exists when an area of memory within a software application reaches its address boundary and writes into an adjacent memory region.
Both vulnerabilities received a CVSS score of 9.8 out of 10. In case that isn’t enough reason for you to act urgently, it is worth remembering that it only took four days for the first active exploitation to take place after Zyxel patched CVE-2022-30525 last year.
The security advisory lists the vulnerable firewall series that are within their vulnerability support period:
ATP versions ZLD V4.32 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.
USG FLEX versions ZLD V4.50 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.
USG FLEX50(W) / USG20(W)-VPN versions ZLD V4.25 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.
VPN versions ZLD V4.30 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.
ZyWALL/USG versions ZLD V4.25 to V4.73 Patch 1 are covered by ZLD V4.73 Patch 2.
How to install updates
Login to your ZLD appliance and go to Configuration → Licensing → Registration → Service and click the Service License Refresh button. This must be done before you can access your myZyxel account to download new firmware patches. This will sync necessary info with the myZyxel server (info like running firmware version, MAC Address, S/N, etc.).
Once in your account dashboard, find the ZLD router you wish to download firmware for and click on the Download button under the “Firmware Update” column.
Once downloaded, there may be up to four ways you can update the firmware, you can update the firmware manually via the Web GUI, you can FTP into the router and upload the firmware, you can utilize the Automatic Cloud Firmware update feature introduced on firmware version 4.25, or upgrade via USB flash drive.
We don’t just report on vulnerabilities—we identify them, and prioritize action.
If you’re thinking of buying a new Android flagship, both OnePlus and Sony have rather compelling ones to offer. We’ll compare those two phones in this article, the OnePlus 11 vs Sony Xperia 1 V. The Xperia 1 V arrived earlier this month, while the OnePlus 11 arrived to global markets earlier this year. Both devices are compelling in their own ways, though they’re quite different, especially when it comes to their designs.
We’ll talk about their designs here, and also their displays, performance, battery life, cameras, and audio performance. Before we get down to that, however, we’ll list the specifications of both smartphones. Before we begin, do note that the OnePlus 11 is considerably more affordable than Sony’s flagship. There’s a lot to talk about here, so let’s get started, shall we?
Specs
OnePlus 11
Sony Xperia 1 V
Screen size
6.7-inch QHD+ LTPO3 Fluid AMOLED display (120Hz refresh rate, curved, 1,300 nits peak brightness, LTPO down to 1Hz)
Both smartphones are made out of metal and glass, but they both look and feel different. The OnePlus 11 offers that classic glass sandwich design. Its front and back glass plates are curved, and the frame is thinner on the sides because of that. Those glass panels curve into the frame. The phone’s rear camera setup does stand out, however, due to its design. It’s a circular camera island that connects to the frame of the phone, in a way. The device also has thin bezels, and a display camera hole in the top-left corner.
The Xperia 1 V, on the other hand, has flat sides all around. Its sides do have vertical lines embedded into them (into the frame), and that helps with the grip. On the back, there is a glass panel included, but it has a dotted pattern. Yes, those dots do protrude on the back, every single one of them, and they do add grip too. The Xperia 1 V has a vertically-aligned cameras on the back, in the top-left corner. On the front, the top and bottom bezels are a bit thicker than on the OnePlus 11, but the Xperia 1 V does not have a display camera hole or notch because of it.
The Xperia 1 V is tall and narrow, while the OnePlus 11 has a more regular width for its display size. The Xperia 1 V is a bit taller than the OnePlus 11, while it’s noticeably narrower. It’s also noticeably lighter at 187 grams, compared to 205 grams of the OnePlus 11. The OnePlus 11 has Gorilla Glass 5 on its back, while the Xperia 1 V includes Gorilla Glass Victus 2. The Xperia 1 V is IP65/IP68 certified, while the OnePlus 11 offers IP64 certification. They both feel like quality products, but you’ll realize that the in-hand feel is entirely different in comparison.
OnePlus 11 vs Sony Xperia 1 V: Display
The OnePlus 11 features a 6.7-inch QHD+ (3216 x 1440) LTPO3 Fluid AMOLED display with a 120Hz refresh rate. That panel is curved, and it can project up to 1 billion colors. It offers a 120Hz refresh rate, and supports Dolby Vision. HDR10+ content is also supported, while the display is protected by the Gorilla Glass Victus. This panel has a 20:9 aspect ratio, and it gets up to 1,300 nits of brightness at its peak.
The Xperia 1 V, on the other hand, includes a 6.5-inch 4K (3840 x 1644) OLED display. That display is flat, and it offers a 120Hz refresh rate. It can project up to 1 billion colors, and it has HDR support. The display’s aspect ratio is 21:9, and the panel is protected by the Gorilla Glass Victus 2.
Both of these displays are excellent. They’re more than sharp enough, though do note that the Xperia 1 V will use its 4K resolution for 4K content only. The displays are vivid, offer good viewing angles, and the blacks are deep. The Xperia 1 V does offer better display protection, while both displays do get bright enough, though they’re not amongst the brightest in the business. You’ll be more than happy with either of these two panels, to be quite honest.
OnePlus 11 vs Sony Xperia 1 V: Performance
You will find the Snapdragon 8 Gen 2 SoC in both of these phones. That is Qualcomm’s most powerful processor at the moment. On top of that, both phones offer LPDDR5X RAM and UFS 4.0 flash storage. In other words, the best of the best. The OnePlus 11 offers up to 16GB of RAM, while the Xperia 1 V comes with 12GB RAM as the standard and only option.
You’ll be glad to know that both phones perform admirably. They simply fly through everyday tasks, while they can handle gaming sessions too, without a problem. They are immensely smooth, though their software is different. They’re both based on Android 13, but have different overlays on top. You can even play games like Genshin Impact without a problem here, and we did not notice any excessive heating or anything of the sort. Both of these phones are also future-proof, based on their specs.
OnePlus 11 vs Sony Xperia 1 V: Battery
There is a 5,000mAh battery inside each of these two phones. The battery life is not the same, though. The OnePlus 11 offers outstanding battery life, one of the best we’ve seen this year. It stands side-by-side with the Galaxy S23 Ultra, as we’ve managed to cross the 10-hour screen-on-time mark on a number of occasions. This phone can really go far when it comes to battery life.
The Xperia 1 V doesn’t offer bad battery life, not at all. You should be able to get 7.5+ hours of screen-on-time without a problem. It’ll all depend on your usage, of course. You may even get entirely different results, who knows. You will use your phone differently, with different apps included, and with different signal strengths, so… your numbers will likely be different.
When it comes to charging, things are rather interesting. The OnePlus 11 offers much faster charging, but no wireless charging. It supports 100W wired (80W in the US) charging. The Xperia 1 V offers 30W wired charging, 15W wireless charging, and also reverse wireless charging. The OnePlus 11 also offers a 100W charger in the box, unlike the Xperia 1 V, which does not come with a charger at all.
OnePlus 11 vs Sony Xperia 1 V: Cameras
The OnePlus 11 features a 50-megapixel main camera, a 48-megapixel ultrawide unit (115-degree FoV), and a 32-megapixel telephoto camera (2x optical zoom). The Sony Xperia 1 V, on the other hand, features a 48-megapixel main camera, a 12-megapixel ultrawide unit, and a 12-megapixel telephoto camera (3.5x-5.2x continuous optical zoom). The OnePlus 11 is backed by Hasselblad, while you’ll find ZEISS optics on the Xperia 1 V.
Having said that, both of these phones do a fantastic job when it comes to images, but they do provide different results. The images from the OnePlus 11 do end up looking a bit warmer as a general rule, while the Xperia 1 V provides a more natural bokeh. They both shoot really detailed, and well-balanced shots, which are properly exposed. Demanding HDR situations are not a problem for either phone. The Xperia 1 V does do a bit better with glare from street lights at night, though.
Speaking of low light photos, the OnePlus 11 has a tendency to brighten up such scenes quite a bit, while the Xperia 1 V wants to keep things a bit more natural in the process. The images end up looking different, but great nonetheless. The photos from the Xperia 1 V end up looking less processed in general, especially photos from the main camera. Ultrawide cameras are great on both phones, though we did prefer shots from the OnePlus 11 most of the time. Telephoto images are definitely better on the Xperia 1 V, the phone’s telephoto camera is outstanding.
Audio
You will find a set of stereo speakers on each phone, but with different implementations. On the OnePlus 11, the main speaker is bottom-firing, while the earpiece basically acts as a secondary speaker. The Sony Xperia 1 V has two front-firing speakers.
Both phones provide good sound output, detailed and loud enough. The Xperia 1 V is our preference, though, mainly due to the fact the phone has front-firing speakers, so the sound does seem more pleasant. The Xperia 1 V also has a 3.5mm headphone jack, while both smartphones support Bluetooth 5.3 for wireless connections.
Folks over at Technizo Concept have released another smartphone design via their YouTube channel. This time around it’s the iPhone 16 Pro Max, and this particular model has a display on its frame.
Do note that this won’t happen with the real model, but it’s a fun design to take a look at. The rest of the design is probably quite close to what we’ll get with the final iPhone 16 Pro Max design.
This iPhone 16 Pro Max concept includes a display in its frame
In any case, this phone has flat sides, and three cameras on the back that protrude quite a bit. Now, on the right-hand side, you’ll notice a power/lock button, and the volume up and down keys.
Those volume keys are usually on the left side when it comes to iPhones. In this particular case, the designer moved them to the right because of the second display. There is a small cover display on the left-hand side of the phone.
That display sits right below the ‘action button’, which will replace the alert slider on iPhones. In any case, the display is quite narrow, as it needs to fit in the phone’s frame.
That side-facing display would allow for quick app launches, media control, and more
This panel, as shown here, allows for quick app launches, controlling music playback, and more. Considering it’s quite tall, a lot of info can be stuffed into it, actually.
Now, the designer did envision a periscope camera on the back, in addition to main and ultrawide units. That periscope camera is tipped to debut on the iPhone 15 Pro Max, so it’ll almost certainly be a part of the iPhone 16 Pro Max too.
The iPhone 16 Pro Max is expected to launch next year, most likely in September. We’re still not sure Apple will use that name, however, as a rebrand to ‘Ultra’ is a possibility. We’ll have to wait and see.
Signal is one of the best encrypted messaging apps for Android, if not the very best in the business. Its extensive privacy features make it the preferred messaging platform for millions of people around the world. The developers behind the app are now giving you all one more reason to keep loving it. The latest version of the app lets you pick a custom icon and name for it, camouflaging its existence on your phone.
If you have installed version 6.21.3 of the Signal app for Android (link below), navigating to Settings (under your profile avatar in the top left corner of the screen) > Appearance > App Icon presents you with 12 icons for the app. One of them is the original Signal logo, while there are seven more named Signal. Those are essentially tweaked versions of the original icon, with different color combinations and minor redesigns. But the other four options are where the real fun lies.
Those icons are named News, Notes, Weather, and Waves and come with corresponding icons. If you pick any of these, the Signal app will no longer look like the Signal app on your phone’s homescreen and app drawer (via). The app will disguise itself in your selected name and avatar. Only you will know it’s your messaging service and not an app to read/watch the news, take notes, or check the weather. That’s an additional layer of privacy even before you open the app.
Notifications will still show the default Signal app icon and name
Signal notes that notifications from the app will always show the default icon and name. So you cannot completely hide the existence of the app on your phone. But this feature does give you more privacy. It’d be even better if it adds more such alternate icons and names. We hope it does, so users can regularly switch between them without frequent repetition. Of course, you can already customize app icons with custom ROMs and launchers on Android, but that’s a completely different story.
In the case of Signal, you’re getting 12 custom icons to choose from without putting much effort or paying a penny. Most other platforms charge money for that, including Signal’s rival Telegram. Even then, you don’t get a custom name or a completely unrelated icon for the app. Kudos to Signal for its efforts while still being supported by donations with no ads or investors. Click the button below to download the latest version (v6.21.3) of the app from the Google Play Store.
Ever since the release of ChatGPT and its subsequent integration into various Microsoft services, every tech giant has been trying to develop something similar. Now, TikTok is reportedly conducting tests on a new AI chatbot named Tako, which will not only recommend videos to users based on their queries but also allow them to ask various questions about a video using natural language processing.
The folks over at Watchful.ai first discovered the AI chatbot, and based on the screenshots, TikTok will position Tako above the profile icon to the right of a video. And when a user taps on the icon, Tako will open up a chat screen where the chatbot interacts with users and responds to various queries. Additionally, the chatbot will also suggest prompts to initiate conversations.
For example, while watching a video of King Charles’ coronation, Tako might suggest asking, “What is the significance of King Charles III’s coronation?” However, it is important to note that TikTok has not yet confirmed the exact type of model powering its new chatbot.
Zachary Kizer, a TikTok spokesperson, confirmed the reports, stating, “Being at the forefront of innovation is core to building the TikTok experience, and we’re always exploring new technologies that add value to our community.” Additionally, he clarified that the company is testing Tako in a limited capacity in the Philippines and that it is not available to users in North America or Europe. Moreover, the company has also ensured that the chatbot will not be available to underage users.
TikTok is already preparing to launch
Although TikTok clarified that it is currently only testing the chatbot, the company has filed a trademark application for “chatbot software” under the name Tako, suggesting an imminent launch. However, this race to build an advanced AI chatbot has sparked debates about potential threats, including abuse, manipulative language, and lies. As a result, the White House and other government entities are already exploring ways to monitor AI development, and companies like Google and Microsoft also need to implement measures to ensure the responsible development of these AI systems.
Zyxel informed its customers about the security flaw on 25 April 2023 and announced patches for impacted firewalls, which included USG Flex, ATP, ZyWALL/USG, and VPN.
A variant of the Mirai botnet has successfully hacked various Zyxel Firewalls after exploiting a newly patched operating system command injection vulnerability (CVE-2023-28771). The bug has affected many Zyxel network devices, and now that the Mirai botnet is controlling it, the problem can worsen as it can lead to launching DDoS attacks.
According to Palo Alto Networks’ Unit 42 researchers, who analyzed the downloaded samples, the Mirai botnet sample hacking Zyxel firewalls is called IZ1H9, which was discovered in August 2018. Researchers dubbed it the most active of all Mirai variants.
The botnet client first inspects the network portion of the compromised device’s IP address and avoids execution for a specific list of IP blocks. This includes government networks, tech firms, and internet providers.
The malware prints “Darknet” onto the console to make its presence felt. It also can ensure the device runs just one instance of the malware. If a botnet process is found on the device, the Mirai botnet client will terminate its current process and start a new process from its list of processes belonging to other variants of the Mirai botnet and other families.
Any product running vulnerable firmware can be exploited even if the user configures the VPN or is in a default state. Mirai operators now own various Zyxel SMB VPN Boxes.
How Was the Bug Discovered?
The vulnerability impacting Zyxel devices was discovered by Trapa Security. It occurred due to inappropriate message handling features in some firewalls that could allow an unauthorized actor to remotely execute OS commands by transmitting specially designed packets to the device. The Internet Key Exchange – IKE is the vulnerable component, explained a report from Rapid7.
Zyxel informed its customers about the security flaw on 25 April 2023 and announced patches for impacted firewalls, which included USG Flex, ATP, ZyWALL/USG, and VPN.
Users Must Immediately Patch Devices
CVE-2023-28771 was patched in April 2023. However, many users have yet to apply the fix, leading to this mass exploitation of vulnerable devices. Researcher Kevin Beaumont informed about the mass exploitation of this vulnerability by the Mirai botnet variant on Thursday, impacting several SMB appliances.
Security experts have urged Zyxel network services users to patch the flaw immediately. A few days back, Rapid7 had warned about the possibility of the bug being exploited in the wild. They do not claim that 42,000 instances of internet-exposed web interfaces of Zyxel devices have surfaced. But Rapid7 researchers believe the number of compromised devices may be much higher. The Mirai malware targeting Zyxel firewalls is distributed as a Unix and Linux executable in linkable format (.elf).
Zyxel is a Taiwanese networking device manufacturer. The company recently fixed two more flaws impacting its firewalls- CVE-2023-33009 and CVE-2023-33010. Both buffer overflow flaws can let an adversary launch a DoS attack or execute arbitrary code on the device.
OLED is considered to be the best technology for TVs right now, even though QLED is trying to give it a run for its money. The biggest advantages that OLED has, is that it doesn’t use a backlight. Which allows the black colors to actually be black, versus a dark gray that you’d find on a LED or LCD TV. It also provides more true-to-life colors.
A big reason for this is because OLED panels light up each individual pixel, instead of the entire display. This is why most smartphones have moved to a form of OLED (mostly AMOLED).
But OLED comes at a price. You’ll be hard-pressed to find an OLED TV that costs under $1,000. And there’s really only a couple of TV makers that use OLED. Of course, LG and Sony are the big names in that group. But there are others out there.
Top 8 Best OLED 4K Smart TVs
Here are the best OLED 4K Smart TVs that you can find right now. From LG, Sony, VIZIO, Panasonic and much more.
As mentioned already, these TVs are not cheap, but you do get what you pay for here. So it’s important not to cheap out on something like a TV. Especially if you are looking for a good viewing experience.
The LG B2 OLED is one of the cheaper OLED TVs from LG for the 2022 model year (the 2023 models should launch around July 2023). It sports the a7 Gen 5 AI processor, so you can catch every detail with the smooth, crisp picture brought to you by the new processor. It can also adjust your viewing and audio settings automatically with AI picture and AI Sound, while AI 4k Upscaling will authentically calibrate every scene.
Experience gaming like never before with features that help you beat the competition. It’s NVIDIA G-SYNC and FreeSync Premium Compatible for real-time action and virtually no tearing .Game Optimizer gives you easier access to all your game settings, while the latest HDMI allows for fast gaming speeds. Plus, you’ll get low input lag and fast response times with Auto Low- Latency Mode and HGiG.
The LG C2 OLED is the company’s newest and mass production OLED TV for 2022. So this is the latest and greatest in terms of OLED. It sports the new α9 GEN 5 AI PROCESSOR 4K, which is able to adjust the picture and sound automatically, and give you the best experience possible.
It still runs on webOS, which gives you plenty of great apps to use. Like Netflix, Hulu, Disney+ and more. There’s also support for the Google Assistant and Amazon Alexa on-board. If you use any of LG’s other smart home appliances and products, then you’ll feel right at home with the ThinQ platform built-in. Controlling your washer from your TV.
You’ve probably noticed that the Sony X95K is about twice the price as every other TV on this list, and there’s good reason for that. This is the only QD-OLED TV on this list. As it is one of the only QD-OLED 4K TVs on the market today. QD-OLED is a newer technology, hence the price increase here. But basically, it is able to offer superior luminance which provides a brighter and more vibrant viewing experience compared to traditional OLED.
Sony claims that this TV has their best color yet. Which would make sense, with them using QD-OLED here. It also still comes with XR OLED Contrast Pro, allowing you to feel the beauty of OLED with immersive depth and realism, pure black and life-like brightness.
There’s also HDMI 2.1 included here, making it great for next-gen consoles like the PlayStation 5 and Xbox Series X|S. There’s support for [email protected], VRR and ALLM.
With the VIZIO H1, you can bring your favorite entertainment to life with over a billion shades of color for intense colors and exceptional color accuracy.
With a luxurious bezel-less frame, a profile as thin as 4mm, and intuitive cable management system, VIZIO OLED is the ultimate in next-generation beauty.
As well as 4K 120Hz gaming support, ProGaming Engine automatically optimizes Xbox and Playstation® gameplay with a unique suite of gaming features that provide smoother graphics & more responsive gaming with VRR.
This is the latest and greatest from LG. It is an OLED EVO TV, which is the “next innovation in OLED”. It brings about a brighter, punchier viewing experience with the latest next-generation panel from LG.
This is the G3 model because it uses the gallery design. Allowing your TV to become art when you’re not using it. And it’s possible because of how good OLED actually is. OLED has over 8 million pixels available here. And because it is OLED, each pixel turns on and off individually.
It still runs on webOS, which is going to give you the apps that you know and love. That includes Netflix, YouTube, Hulu, Amazon Prime Video and much more. It also supports Google Assistant and Amazon Alexa.
The A2 series from LG is OLED for less. This is their lower-end OLED TV, and it starts at under $900. That’s different compared to previous years, where the A-series was the more mainstream model. But for the 2022 and 2023 model year, the A-series is more of a cheaper option.
LG has outfitted the A1 with its a7 Gen 5 AI processor, which is going to allow you to catch every detail with smooth, crisp picture. It can also upscale non-4K content to 4K. So you can really take full advantage of this display.
LG has Game Optimizer available on this OLED TV. Which gives you easier access to all your game settings and you’ll get HDR Gaming, Auto Low-Latency Mode, plus HGiG for detailed gaming picture.
The Sony Bravia A80K has unmatched processing power, the Picture Processor X1 Ultimate analyzes content to bring out OLEDs intense contrast with pure blacks, peak brightness and natural colors.
There’s also Google TV built-in with this one. Sony moved over to Google TV with the 2022 model TVs. So now you’re getting a better version of Android TV here. Still all of your favorite apps are available, including Netflix, Hulu, Amazon Prime Video and much more.
With 4K X-Reality PRO, you can experience a more natural picture with 4K X-Reality PRO & Object-Based Super Resolution. See exactly what the creator intended with the advanced color and gradation of TRILUMINOS Display.
The Sony A90J is a great OLED TV, it’s a 2021 model with Dolby Vision. Which is going to give you a really incredible picture. That’s also thanks to XR Triluminos Pro and XR OLED Contrast Pro, which make it a brighter OLED TV.
Sony runs on Google TV, so you’re getting over 700,000 movies and TV shows right there onto your TV. There’s also support for Google Assistant and Amazon Alexa.
Windows 11 is about to get a huge influx of Android apps on the Amazon App store for Windows, as it’s now open to all developers.
This week, Microsoft announced that it would be opening up the program for all developers who wanted to do so, to submit their Amazon App Store apps to the Windows 11 platform. As 9To5Google points out, this should lead (hopefully) to a lot more Android apps on Windows 11, as there are currently around 50,000. That’s no small number of course, but it’s far less than what Amazon offers in the app store. Not to mention far less than there are Android apps in general.
Developers will need an open Amazon Developer account to submit apps to Windows 11
While there were limitations on this before, it seems Microsoft is easing up. Noting that the main requirement now is just that developers need to have an Amazon Developer account to submit the apps to Windows 11.
If they meet that requirement, then submissions can be made. This likely means that Microsoft feels the Amazon App Store is in a good spot. And push forward by opening the door for any developer that wants to expand their app’s reach.
Apps of course do need to be tested and approved before they’re published on Windows. So submitting them isn’t guaranteeing they’ll be distributed to Windows users. For new developers, Microsoft has set up a pretty explanatory guide. On top of that, Amazon has plenty of useful information on getting through the process as well.
Running Android apps on Windows 11 may not be ideal for some users. But for others it might be a nice change of pace. For one, you get to use the apps with a larger display. It also might be more comfortable to use your favorite apps on a desktop.
Italian eyewear brand Luxottica, parent company of Ray-Ban and Oakley, has confirmed that the data of more than 70 million customers was accessed in 2021.
The data was exposed after a third-party data storage provider used by Luxottica suffered a cyber attack. It has not currently been made public how the hackers gained access to its network, or which company the third party was. The data breach and theft was revealed after a malicious actor posted a database of the information for sale on the dark web from April 30 to May 12.
In a statement to cyber security news site BleepingComputer, Luxottica confirmed the breach, saying it was the result of a cyber attack in 2021 against a third-party contractor that stores its customer data. The eyewear company also shared that the data accessed includes the names, email and home addresses, phone numbers and dates of birth of its customers. The data, however, did not include any payment information or other sensitive or compromising information, like social security numbers or login credentials.
The company said it discovered the breach through “proactive monitoring procedures” and immediately reported it to the Federal Bureau of Investigation (FBI) and the Italian police once it was revealed. According to Luxottica, the owner of the site that hosted the stolen information has now been arrested, the website shut down and an investigation into the cyber attack launched.
Luxottica has additionally informed the Italian Data Protection Authority (Garante per la protezione dei dati personali) about the breach and will be “considering other notification obligations”. The company says it “remains confident that its systems were not breached and its network remains secure”.
An investigation into how the breach took place remains ongoing.
Top admin of hacking forum arrested
There have been crackdowns against dark web sites in the recent months, with the FBI shutting down notorious dark web hacking site, BreachForums after arresting its top admin in March of this year.
The administrator of the site, who went by ‘Pompompurin’ and was named as Conor Brian Fitzpatrick by the FBI, was allegedly arrested by the Bureau on March 15 on suspicion of hosting and running the forum. BreachForums was thought to be the reincarnation of RaidForums, a similar dark web site that was investigated and subsequently shut down by the FBI in April 2022.
It has been used by a number of hackers to break news of data breaches they have committed and as a marketplace for selling the data stolen in these breaches. Large databases of victims’ information have been posted to the site, including those involved in the Medibank data leak, which affected over 9.7 million people.
On March 21, a new admin for BreachForums, who uses the screen name ‘Baphomet’ made a post via the site’s official Telegram channel. Baphomet said it was the “final update for Breached” and that he would be “taking down the forum”.
“I believe we can assume that nothing is safe anymore. I know that everyone wants the forum up, but there is no value in short term gain for what will likely be a long term loss by propping up Breached as it is,” he added.
The reference to “nothing [being] safe” was likely an allusion to the fact that the FBI has taken control of the forum. When the FBI shut down RaidForums in April 2022, the organization seized all its servers and domains, allowing them access to all posts before it was shut down.
Proofpoint’s security researchers have identified indications of sophisticated threat actors focusing their attention on small and medium-sized enterprises and service providers operating within that particular ecosystem.
The researchers recently issued a cautionary message in their latest report regarding a collection of increasingly severe threats SMBs face.
Researchers utilized Proofpoint Essentials telemetry, caging a vast range of more than 200,000+ small and medium businesses, to identify distinctive APT trends that present significant risks to SMBs worldwide.
Specifically, they highlight the risk posed by well-funded APT groups, as well as the alarming possibility of supply chain attacks originating from managed service providers that are compromised.
Proofpoint’s advisory carries significant concern, as it sheds light on the vulnerability of SMBs, which frequently operate without dedicated security teams, making them susceptible to malware attacks, similar to defenseless targets.
Persistent Threat Actor Groups
The researchers successfully detected numerous advanced persistent threat (APT) actors, exclusively focusing their attention on small and medium-sized businesses (SMBs), with a notable presence of threat actors affiliated with the national interests of the following countries:-
Organizations prioritize network security by addressing business email compromise (BEC), cybercriminals, ransomware, and common malware found in the daily inflow of emails received globally.
Advanced persistent threat actors conduct targeted phishing campaigns associated with strategic missions, but, still their widespread understanding remains uncommon.
While the specific missions include:-
Espionage
Intellectual property theft
Destructive attacks
State-sponsored financial theft
Disinformation campaigns
Emerging APT Trends
Proofpoint researchers analyzing one year of APT campaign data have identified Russian, Iranian, and North Korean threat actors conducting phishing campaigns against SMBs, revealing three notable trends in attack types and tactics employed against these businesses.
Here below, we have mentioned those three notable trends:-
APTs exploit hacked SMB infrastructure for phishing attacks.
APTs target SMB financial services with state-aligned, financially motivated attacks.
APTs target SMBs for supply chain attacks.
The Exploitation of SMBs’ Infrastructure
In the past year, Proofpoint researchers noted an increase in instances where SMB domains or email addresses were impersonated or compromised, often through successful attacks on web servers or email accounts, either by harvesting credentials or exploiting unpatched vulnerabilities.
Upon achieving a successful compromise, the compromised email address was subsequently employed to transmit malicious emails to subsequent targets.
If a threat actor managed to compromise a web server hosting a domain, they would exploit the legitimacy of said infrastructure, utilizing it to host or distribute malicious malware toward a target unrelated to the initial compromise.
In a notable finding, Proofpoint researchers discovered that the APT actor TA473 (Winter Vivern) exploited compromised SMB infrastructure to conduct phishing campaigns aimed at US and European government entities between November 2022 and February 2023.
Government entities have fallen victim to email account compromises due to exploiting unpatched Zimbra webmail servers.
Not only has TA473 employed compromised small and medium business (SMB) infrastructure to send emails, but they have also utilized compromised SMB domains to distribute malicious malware payloads.
Apart from this, more threat actors groups like TA422 and TA499 actively exploited several SMBs.
By impersonating Ukrainian President Volodymyr Zelensky, TA499 attempted to lure a prominent American celebrity into a video conference call regarding the conflict in Ukraine.
State-aligned threat actors, particularly those associated with North Korea, pose an ongoing threat to the financial services sector by targeting institutions, decentralized finance, and blockchain technology in financially motivated attacks aimed at stealing funds and cryptocurrency, in addition to espionage, intellectual property theft, and destructive attacks.
Proofpoint identified a phishing campaign executed by the North Korea-aligned TA444, targeting a medium-sized digital banking institution in the United States, with the funds obtained likely being utilized to support various aspects of North Korea’s government operations.
Proofpoint’s recent publication highlighted TA444’s deceptive tactics, including impersonating ABF Capital in an email that contained a malicious URL, leading to the distribution of the CageyChameleon malware, showcasing their innovative approach during the latter half of 2022.
TA450’s focus on regional managed service providers (MSPs) in Israel suggests a consistent pattern in their geographic targeting, emphasizing their ongoing interest in exploiting supply chain attacks against vulnerable MSPs to gain access to downstream small and medium-sized business (SMB) users.
APT actors present a real threat to today’s small and medium businesses by compromising their infrastructure, engaging in state-aligned financial theft, and targeting regional MSP supply chains.
APT actors pose a real threat to SMBs today, targeting their infrastructure, conducting financial theft, and attacking MSP supply chains
This research aids business owners and regional MSPs in adopting agile email phishing protection, detecting targeted attacks, prevent spam, and effectively combating cybercrime threats.
