The most interesting security-related news of the week from May 15-21.
Last week on Malwarebytes Labs:
Stay safe!
Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Samsung has some major foundry-related announcements lined up for next month. The company plans to unveil its improved 3nm and 4nm chip manufacturing processes at the 2023 Symposium on VLSI Technology and Circuits. The event is scheduled to take place between June 11 and 16 in Kyoto, Japan.
According to the program details published by the organizers of the six-day event, Samsung will announce its second-generation 3nm process (SF3) during the conference. The company is employing the GAA (Gate-All-Around) fabrication technology in its 3nm chips. The second-gen solution will use more advanced Multi-Bridge-Channel Field-Effect Transistors (MBCFET) with additional optimizations over the current process (SF3E).
Compared to Samsung’s current 4nm EUV (Extreme Ultraviolet) chips (aka SF4), which employ the FinFET fabrication tech, SF3 chips bring a 22 percent improvement in speed and are 34 percent more power efficient. These chips also allow for a smaller logic area, with the company claiming a 21 percent decline in chip size. The Korean firm doesn’t detail the difference in speed and power efficiency between SF3 and SF3E 3nm chips, though.
Additionally, Samsung will debut its most upgraded 4nm chips (SF4X) at the VLSI Symposium 2023 next month. These chips will seemingly be targeted at the HPC (High Performance Computing) application. The next-gen solutions will bring a ten percent boost in performance while simultaneously reducing power consumption by 23 percent. “This SF4X
technology provides tremendous performance benefits for various applications in a wide operation range,” the official paper states.
Samsung is desperate to improve its foundry share. The Korean behemoth is the world’s second-largest semiconductor foundry, but it only has a market share of about 15 percent. In comparison, its arch-rival TSMC captures about 60 percent of the market. The company is hoping for 3nm chips to improve its share. It is betting on the use of the more advanced GAA tech to lure customers to its side. TSMC is sticking to the FinFET architecture for one more generation. It plans to switch to the GAA tech with 2nm solutions in 2025.
There are already reports that Samsung has won orders for some of Qualcomm’s Snapdragon 8 Gen 4 chips for next year. Google may also stick to Samsung for the Tensor G4 after briefly considering a switch to TSMC. So early signs are looking quite promising for the Korean behemoth. But only time will tell whether it can get any closer to its Taiwanese rival in the semiconductor foundry business over the next few years.
If you’re using one of the affected products from the Cisco small business range, you need to patch immediately.
Vulnerabilities have been found and fixed in the web-based user interface of various Cisco products in the Small Business Series. These nine issues are tied to the web-based user interface of the products, and in a worst case scenario could lead to denial of service (DoS) conditions or arbitrary code execution.
The vulnerabilities affect all of the below if running vulnerable firmware:
The four vulnerabilities above could allow an unauthenticated remote attacker to execute arbitrary code on an affected device. This is because of improper validation of requests sent to the web interface. A crafted request sent through the web interface could result in the attacker executing arbitrary code with root privileges on an affected device.
The four vulnerabilities above could allow for a denial of service (DoS) condition on an affected device. As above, this is due to crafted requests being improperly validated when sent to the web interface.
This final vulnerability could allow a remote attacker to read unauthorised information on an affected device. This is, as with the other flaws, improper validation of requests sent to the web interface.
Two products confirmed as being not vulnerable to the issue are:
However, for those web-based user interfaces that are affected, Cisco has released software updates to fix the vulnerabilities. Cisco states that product users “should obtain security fixes through their usual update channels”.
There are no workarounds to address these vulnerabilities. In other words, if you’re unable to apply an update for the time being, your devices will remain vulnerable until they’re applied.
Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Samsung‘s recent budget 5G smartphone, the Galaxy A14 5G is receiving the latest security patch. The company has released the May 2023 SMR (Security Maintenance Release) for the phone in Asia and Latin America. A wider rollout should follow soon. The Galaxy Tab S6 Lite, meanwhile, is now widely picking up this month’s security update.
The May 2023 update for the Galaxy A14 5G comes with the firmware build number A146BXXU2BWE1 in Asia. The rollout is live in India, Sri Lanka, and a few more countries in the region. Samsung’s official changelog mentions that the device is getting some system stability and reliability improvements along with the latest security fixes. Users in Latin America, meanwhile, don’t appear to be getting anything extra here. The update carries the build number A146MUBS2AWE1. Note that the Galaxy A14 5G has already picked up One UI 5.1 in Asia but not in Latin America.
This update for the Galaxy A14 5G should soon expand to other regions, including Europe and the US. Meanwhile, Galaxy Tab S6 Lite users in several markets can now look forward to receiving the May SMR. Samsung first released the latest security patch for the affordable tablet in its homeland South Korea last week. But today, the update is widely available in Asia, Africa, Australia, Latin America, and Europe (via). The new firmware build number is P615NKOS5FWD2. The update doesn’t bring any additional goodies and isn’t yet available for the 2022 version of the Galaxy Tab S6 Lite.
While the May update may not contain anything notable on the user-facing side, there are plenty of hidden goodies here. More precisely, the May SMR brings more than 70 vulnerability fixes to the Galaxy A14 5G and Galaxy Tab S6 Lite. As detailed in Samsung’s monthly security bulletin, over 50 of those are Android OS patches coming from Google and partner vendors. The remaining patches are Galaxy-specific coming directly from the Korean brand. At least six security issues patched this month were labeled critical by the respective vendors.
If you’re using either of these Samsung devices or any other for that matter, you can manually check for updates from the Settings app. Go to the Software update menu and tap on Download and install. If the device finds a pending OTA (over the air), you will be prompted to download it straightaway. But if you don’t see any update, wait some time and check again. You may also get a notification once the OTA release reaches your unit.
There are a lot of benefits to ChatGPT, but many in the security community have concerns about it. Malwarebytes’ CEO Marcin Kleczynski takes a deep dive into the topic.
If you haven’t heard about ChatGPT yet, perhaps you’ve just been thawed from cryogenic slumber or returned from six months off the grid. ChatGPT—the much-hyped, artificial intelligence (AI) chatbot that provides human-like responses from an enormous knowledge base—has been embraced practically everywhere, from private sector businesses to K–12 classrooms.
Upon its launch in November 2022, tech enthusiasts quickly jumped at the shiny new disruptor, and for good reason: ChatGPT has the potential to democratize AI, personalize and simplify digital research, and assist in both creative problem-solving and tackling “busywork.” But the security community and other technology leaders have started raising the alarm, worried about the program’s potential to write malware and spread mis- and disinformation.
Do you think your organization should embrace ChatGPT? Or do you believe implementing the platform will compromise your company’s cybersecurity posture? Read on to learn more about the pros, cons, conversations, and controversies surrounding ChatGPT, including a call to (halt) action from technology leaders.
Artificial intelligence (AI) was once a science fiction cautionary tale—stories consistently warned against designing machines capable of surpassing human ingenuity. But over the last 20 years, AI has transitioned from the stuff of nightmares to mainstream adoption. From the first Roomba in 2002 to the first virtual assistant (Siri) in 2011, AI has slowly and steadily penetrated the consumer technology market, often with little comprehension from buyers that artificial intelligence is actually powering the functionality behind their favorite devices.
As of November 2022, people can no longer ignore the artificial elephant in the room. Enter: ChatGPT. Developed by OpenAI, ChatGPT (Chat Generative Pre-Trained Transformer) is an AI-powered chatbot that uses an enormous and sophisticated language model to generate human-like responses in text format. ChatGPT amassed an incredible 100 million users within two months of its explosive launch, and its website receives over 1 billion visitors per month.
Unlike other chatbots, which are typically only able to produce canned replies on a few subjects, ChatGPT can mimic the style of celebrity CEOs, craft business pitches, compose music and song lyrics, answer test questions, simulate an entire chat room, write computer code, and much more. For example, Malwarebytes asked ChatGPT to write the opening paragraph of a novel about an antiquated antivirus program that relies on signature-based detection to stop new and emerging threats.
Here’s what the program came back with:
“The antivirus program blinked to life, its archaic interface flickering on the outdated CRT monitor. The program’s once cutting-edge signature-based detection technology was now decades out of date, unable to keep pace with the rapidly evolving landscape of digital threats. But for the small team of programmers responsible for maintaining the program, it was still their best line of defense against the unrelenting tide of new and unknown viruses that threatened to breach their systems. As they watched the program scan through the code, line by line, they knew that they were fighting an uphill battle – but they had no other choice but to keep trying.”
Such articulate, detailed responses caused a near frenzy upon ChatGPT’s initial release. Many corporate customers and app developers have rushed to implement the platform, and its newer Dall-E program for generating images, into their business processes and products. However, the security community and those wary of artificial intelligence’s steady drumbeat forward have warned organizations to exercise caution over a myriad of potential risks.
Because of its meteoric rise into public consciousness and rapid adoption, the generative AI chatbot has been the subject of continuing, complex conversations about its impact on the cybersecurity industry, threat landscape, and humanity as a whole. Will ChatGPT be the sentient harbinger of death some have claimed? Or is it a unicorn that’s going to solve every business, academic, and creative problem? The answer, as usual, lies somewhere in the gray.
AI can be a powerful tool for cybersecurity and information technology professionals. It will change the way we defend against cyberattacks by improving the industry’s ability to detect and respond to threats in real time. And it will help businesses shore up their IT infrastructure to better withstand the constant stream of increasingly-sophisticated attacks. Most effective security solutions today, including Malwarebytes, already employ some form of machine learning. That’s why some in the security community argue that generative AI tools can be safely deployed to strengthen an organization’s cybersecurity posture as long as they’re implemented according to best practices.
ChatGPT can increase efficiency for cybersecurity staff on the front lines. For one, it can significantly reduce notification fatigue, a growing concern within the field. With companies grappling with limited resources and a widening talent gap, a tool like ChatGPT could simplify certain labor-intensive tasks and give defenders back valuable time to commit to higher-level strategic thinking. ChatGPT can be trained to identify and mitigate network security threats like DDoS attacks when used in conjunction with other technologies. It can also help automate security incident analysis and vulnerability detection, as well as more accurately filter spam.
Malware analysts and reverse engineers could also benefit from ChatGPT’s assistance on traditionally challenging tasks, such as writing proof-of-concept code, comparing language- or platform-specific conventions, and analyzing malware samples. The chatbot can also help engineers learn how to write in different programming languages, master difficult software programs, and understand vulnerabilities and exploit code.
ChatGPT’s security applications aren’t limited to Information Security (IS) personnel. The program can help close the security knowledge gap by assisting in employee training. Cybersecurity training is crucial for organizations interested in mitigating cyberattacks and fraud, yet IT departments are often far too busy to offer more than a single course per year. ChatGPT can step in to offer insights on identifying the latest scams, avoiding social engineering pitfalls, and setting stronger passwords in concise, conversational text that may be more effective than a lecture or slide presentation.
Finally, ChatGPT has the potential to assist law enforcement with investigating and anticipating criminal activities. In a March 2023 report from Europol, subject matter experts found that ChatGPT and other large language models (LLMs) opened up “explorative communication” for law enforcement to quickly gather key information without having to manually search through and summarize data from search engines. LLMs can significantly speed up the learning process, enabling a much faster gateway into technological comprehension than was previously thought possible. This could help officers get a leg up on cybercriminals whose understanding of emerging technologies have typically outpaced their own.
Not long after ChatGPT was first introduced, the inevitable hand wringing by technology decision-makers took hold. In a February survey of IT professionals by Blackberry, 51 percent predicted we are less than a year away from a successful cyberattack being credited to ChatGPT, and 71 percent believed nation states are likely already using the technology for malicious purposes.
The following month, thousands of tech leaders, including Steve Wozniak and Elon Musk, signed an open letter to all AI labs calling on them to pause the development of systems more powerful than the latest version of ChatGPT for at least six months. The letter cites the potential for profound risks to society and humanity that arise from the rapid development of advanced AI systems without shared safety protocols. More than 27,500 signatures have since been added to the letter.
However, even when ChatGPT is engaged in ominous activities, the outcomes at present are rather harmless. Since OpenAI allows developers to modify its official APIs, some have tested a few nefarious theories by creating ChaosGPT, an internet-connected “evil” version that runs actions users do not intend. One user commanded the AI to destroy humanity, and it planned a nuclear winter, all while maintaining its own Twitter account, which was ultimately suspended.
So maybe ChatGPT isn’t going to take over the world just yet—what about some of the more realistic security concerns being voiced, like the ability to develop malware or phishing kits?
When it comes to writing malicious code, ChatGPT isn’t yet ready for prime time. In fact, the platform is a terrible programmer in general. It’s currently easier for an expert threat actor to create malware from scratch than to spend time correcting what ChatGPT has produced. The fear that ChatGPT would hand script kiddies the programming power to produce thousands of new malware strains is unfounded, as amateur cybercriminals lack the knowledge to pick up on minor errors in code, as well as the understanding of how code works.
One of our researchers recently embarked on an experiment to get ChatGPT to write ransomware, and despite the chatbot’s initial protests that it couldn’t “engage in activities that violate ethical or legal standards, including those related to cybercrime or ransomware,” with a little coaxing, ChatGPT eventually complied. The result: snippets of ransomware code that switched languages throughout, stopped short after a certain number of characters, dropped features at random, and were essentially incoherent and useless.
Since the primary focus of ChatGPT’s training was in language skills, security pros have been most anxious about its ability to generate believable phishing kits. While the chatbot can produce a clean phishing email that’s free from grammatical or spelling errors, many modern phishing samples already do the same. The AI tool’s phishing skills begin and end with writing emails because, again, it lacks the coding talent to produce other elements like credential harvesters, infected macros, or obfuscated code. Its attempts so far have been rudimentary at best—and that’s with the assistance of other tools and researchers.
ChatGPT can only pull from what’s already in its public database, and it has only been trained on data up until 2021. Even today, there are simply not enough well-written phishing scripts in the wild for ChatGPT to surpass what cybercriminals have already developed. In addition, OpenAI has safety protocols that explicitly prohibit the use of its models for malware development, fraud (including spam and scams), and invasions of privacy. Unfortunately, that hasn’t stopped crafty individuals from “jailbreaking” ChatGPT to get around them.
Just because some of the worst fears about ChatGPT are overhyped doesn’t mean there are no justifiable concerns. According to the NIST AI Risk Management Framework published in January, an AI system can only be deemed trustworthy if it adheres to the following six criteria:
However, risks can emerge from socio-technical tensions and ambiguity related to how an AI program is used, its interactions with other systems, who operates it, and the context in which it is deployed.
There are many inherent uncertainties in LLMs that render them opaque by nature, including limited explainability and interpretability, and a lack of transparency and accountability, including insufficient documentation. Researchers have also reported multiple cases of harmful bias in AI, including crime prediction algorithms that unfairly target Black and Latino people and facial recognition systems that have difficulty accurately identifying people of color. Without proper controls, ChatGPT could amplify, perpetuate, and exacerbate toxic stereotypes, leading to undesirable or inequitable outcomes for certain communities and individuals.
AI systems suffer from a deficit of verifiable measurement metrics, which would help security teams determine whether a particular program is safe, secure, and resilient. What little data exists is far from robust and lacks consensus among AI developers and security professionals alike. What’s worse, different AI developers interpret risk in different ways and measure it at different intervals in the AI lifecycle, which could yield inconsistent results. Some threats may be latent at one time but increase as AI systems adapt and evolve.
Despite its struggles with malicious code, ChatGPT has already been weaponized by enterprising cybercriminals. By January, threat actors in underground forums were experimenting with ChatGPT to recreate malware variants and techniques described in research publications. Criminals shared malicious tools, such as an information stealer, an automated exploit, and a program designed to phish for credentials. Researchers also discovered cybercriminals exchanging ideas about how to create dark web marketplaces using ChatGPT that sell stolen credentials, malware, or even drugs in exchange for cryptocurrency.
There are few ways to know in advance if an LLM is free from vulnerabilities. In March, OpenAI temporarily took down ChatGPT because of a bug that allowed some users to see the titles of other people’s chat histories and first messages of newly-created conversations. After further investigation, OpenAI discovered the vulnerability had exposed some user payment and personal data, including first and last names, email addresses, payment addresses, the last four digits of credit card numbers, and card expiration dates. While OpenAI claims, “We are confident that there is no ongoing risk to users’ data,” there’s no way (at present) to confirm or deny whether personal information was exfiltrated for criminal purposes.
Also in March, OpenAI massively expanded ChatGPT’s capabilities to support plugins that allow access to live data from the web, as well as from third-party applications like Expedia and Instacart. In code provided to ChatGPT customers interested in integrating the plugins, security analysts found a potentially serious information disclosure vulnerability. The bug can be leveraged to capture secret keys and root passwords, and researchers have already seen attempted exploits in the wild.
Compounding worries that vulnerabilities could lead to data breaches, several top brands recently chastised employees for entering sensitive business data into ChatGPT without realizing that all messages are saved on OpenAI’s servers. When Samsung engineers asked ChatGPT to fix errors in their source code, they accidentally leaked confidential notes from internal meetings and performance data in the process. An executive at another company cut-and-pasted the firm’s 2023 strategy into ChatGPT to create a slide deck, and a doctor submitted his patient’s name and medical condition for ChatGPT to craft a letter to his insurance company.
Both privacy and security concerns have prompted major banks, including Bank of America, JPMorgan Chase, Goldman Sachs, and Wells Fargo, to restrict or all-out ban ChatGPT and other generative AI models until they can be further vetted. Even private companies like Amazon, Microsoft, and Walmart have issued warnings to their staff to refrain from divulging proprietary information or sharing personal or customer data on ChatGPT as well.
Finally, cybercriminals wouldn’t be cybercriminals if they didn’t capitalize on ChatGPT’s wild popularity. Because of its accelerated growth, ChatGPT was forced to throttle its free tool and launch a $20/month paid tier for those wanting unlimited access. This gave threat actors the ammunition to develop convincing social engineering schemes that promised uninterrupted, free access to ChatGPT but really lured users into entering their credentials on malicious webpages or unknowingly installing malware. Security researchers also found more than 50 malicious Android apps on Google Play and elsewhere that spoof ChatGPT’s icon and name but are designed for nefarious purposes.
While vulnerabilities, data breaches, and social engineering are valid concerns, what’s causing the most anxiety at Malwarebytes is ChatGPT’s ability to spread misinformation and disinformation on a massive scale. That which enamors the public most—ChatGPT’s ability to generate thoughtful, human-like responses—is the very same capability that could lull users into a false sense of security. Just because ChatGPT’s answers sound natural and intelligent doesn’t mean they are accurate. Incorrect information and associated biases are often incorporated into its responses.
OpenAI CEO Sam Altman himself expressed worries that ChatGPT and other LLMs have the potential to sow widespread discord through extensive disinformation campaigns. Altman said the latest version, GPT-4, is still susceptible to “hallucinating” incorrect facts and can be manipulated to produce deceptive or harmful content. “The model will boldly assert made-up things as if they were completely true,” he told ABC News.
In the age of clickbait journalism and social media, it can be challenging to discern the difference between fake and authentic content, propaganda or legitimate fact. With ChatGPT, bad actors can use the AI to quickly write fake news stories that mimic the voice and tone of established journalists, celebrities, or even politicians. For example, Malwarebytes was able to get ChatGPT to write a story in the voice of Barack Obama about the earthquake in Turkey, which could easily be modified to spread disinformation or collect fraudulent payments through fake donation links.
In education, mis- and disinformation are especially troubling byproducts of ChatGPT that have led some of the biggest school districts in the US to ban the program from K–12 classrooms. From its lack of cultural competency to its potential to undermine human teachers, academia is understandably apprehensive. For every student using ChatGPT to research debate prompts or develop study guides, there’s another abusing the platform to plagiarize essays or take exams.
The education industry might be willing (for now) to let teachers use ChatGPT for simple tasks like creating lesson plans and emailing parents, but the tool will likely remain off-limits for students, or at least highly regulated in public schools. Educators are aware that over-reliance on AI-powered tools and generated content could lead to a decrease in problem solving, creativity, and critical thinking—the very skills teachers and administrators aim to develop in students. Without them, it’ll be that much harder to recognize and avoid misinformation.
Suggesting that ChatGPT is low risk and unworthy of the security community’s attention is like putting your head in the sand and pretending AI doesn’t exist. ChatGPT is only the start of the generative AI revolution. Our industry should take its potential for disruption—and destruction—seriously and focus on developing safeguards to combat AI threats. Halting “dangerous” research on advanced models ignores the reality of rampant AI use today. Instead, it’s better to demand NIST’s criteria for trustworthiness and establish regulation around the development of AI through both government intervention and corporate security innovation.
Some artificial intelligence regulation is already on the books: the 2022 Algorithmic Accountability Act requires US businesses to assess critical AI algorithms and provide public disclosures for increased transparency. The legislation was endorsed by AI advocates and experts, and it sets the stage for future government oversight. With AI laws proposed in Canada and Europe as well, we’re one step closer to providing some important guardrails for AI. In fact, expect to see changes (aka limitations) implemented to ChatGPT in the near future in response to a country-wide ban by the Italian government.
Just as cybersecurity relies on commercial software to defend people and businesses, so too might generative AI models. New companies are already springing up that specialize in AI vulnerability detection, bot mitigation, and data input cleansing. One such company, Kasada Pty, has been tracking ChatGPT misuse and abuse. Another new tool from Robust Intelligence, modeled after VirusTotal, scans AI applications for security flaws and tests whether they’re as effective as advertised or if they have issues around bias. And Hugging Face, one of the most popular repositories of machine learning models, has been working with Microsoft’s threat intelligence team on an application that scans AI programs for cyberthreats.
As organizations look to integrate ChatGPT—whether to augment employee tasks, make workflows more efficient, or supplement cyberdefenses—it will be important to note the program’s risks alongside its benefits, and recognize that generative AI still requires an appreciative amount of oversight before large-scale adoption. Security leaders should consider AI-related vulnerabilities across their people, processes, and technology—especially those related to mis- and disinformation. By putting the right safeguards in place, generative AI tools can be used to support existing security infrastructures.
Awareness alone won’t solve the more nebulous threats associated with ChatGPT. To bring disparate security efforts together, the AI community will need to adopt a similar modus operandi to traditional software, which benefits from an entire ecosystem of government, academia, and enterprise that has developed over more than 20 years. That system is in its infancy for LLMs like ChatGPT today, but continued diligence—plus a learning model of its own—should integrate cybersecurity in a symbiotic relationship. The benefits of ChatGPT are many, and there’s no doubt that generative AI tools have the potential to transform humanity. In what way, remains to be seen.
Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Back in February, Paramount announced that it would be raising the prices of its Paramount Plus subscription service plans later this year. That meant users would indeed be seeing more money leave their accounts every month to continue enjoying what Paramount Plus has to offer.
The only thing is Paramount didn’t mention when exactly the changes were happening. As part of the announcement, Paramount said that prices for Paramount Plus would be increasing sometime in Q3. That’s a pretty broad window though. And could be anytime between July and September. Now the company has given a more firm date, stating that prices will be going up in June. Specifically on June 27, The Verge reports.
For those who were either unaware or simply don’t remember, these increases apply to the ad-supported and premium plans. The previously $4.99 ad-supported plan will now cost $5.99 a month. Meanwhile the premium plan will go up from $9.99 to $11.99. The premium plan will stay ad-free.
There’s one segment of subscribers who won’t see a price increase. And that’s anyone who was already subscribed to Paramount Plus Premium with Showtime. The changes happening on June 27 will simply be doing away with the $9.99 ad-free Premium plan that didn’t have Showtime included. But Paramount already offered an $11.99 plan that did included Showtime.
So the change here is that anyone who wants an ad-free experience will need to go with the more costly plan option. Even if they don’t plan to watch any Showtime content. Although, if you’re planning to keep Paramount Plus Premium and just pay the higher fee, you might as well take advantage of what’s being offered.
Showtime does have some pretty good content to watch after all. That being said, this is also just another streaming service raising prices in a sea of options that have already done the same thing. So it won’t be surprising if people decide to cut things off.
After over six months in existence, the Matter 1.1 update is finally here for users. Since the rollout of this feature, a ton of users have put it to use across their smart home devices.
For over six months, those using the Matter smart home connectivity feature have had a hard time using this platform. Most major smart home devices are yet to fully support this feature as manufacturers are slow to roll out support. This makes it hard for devices to seamlessly connect despite not coming from the same manufacturer.
According to the CSA, this Matter 1.1 update will improve the all-around user experience. But it seems like it fails to improve the experience as it focuses on a different issues.
According to users using the latest Matter 1.1 update, it fails to impress. The CSA says that this update helps create an improved path forward for developers. This leads users to expect much from this update, but… they may be disappointed.
The Verge points out in a recent article that the Matter 1.1 update falls short in an important area. After testing out the new update, The Verge made some observations. This update focuses on fixing a bug that displays various devices as being offline despite being connected to the platform.
Regardless of how small this fix might be, it is a significant improvement for users. With this fix, users will be able to tell what devices are connected to the Matter platform for controls. But the issue of running smart home devices from different manufacturers on Matter proves challenging for most users.
The source says that it’s hard to get the multi-admin control to work properly: “It’s anything but easy to get a device paired to one platform working on another.” This seems to be a result of different flows for various smart home platforms, as Matter finds it hard to decide which platform to work with.
The CSA seems to be relying on platforms like Google Home, Amazon Alexa, Samsung SmartThings, and Apple Home to fix this issue.
Learn more about EDR and MDR and which is right for your business.
Did you miss our recent webinar on EDR vs. MDR? Don’t worry, we’ve got you covered!
In this blog post, we’ll be recapping the highlights and key takeaways from the webinar hosted by Marcin Kleczynski, CEO and co-founder of Malwarebytes, and featuring guest speaker Joseph Blankenship, Vice President and research director at Forrester.
Want to learn more about EDR and MDR and which is right for your business? Be sure to watch the full webinar recording on-demand and get valuable insights from industry experts on how to improve your security operations and protect against ransomware and fileless malware.
Samsung‘s May 2023 update is available for a bunch of Galaxy smartphones in the US. The company is widely rolling out the latest security patch to the Galaxy S20 series, Galaxy Z Fold 2, and Galaxy Note 10 series. It has already updated dozens of other models to the new SMR (Security Maintenance Release).
The May SMR is available for both carrier-locked and unlocked variants of the Galaxy S20, Galaxy S20+, and Galaxy S20 Ultra in the US. Samsung is pushing the update with firmware build numbers G98*USQS4HWE1 and G98*U1UES4HWD5 for the two variants, respectively (via). The rollout is already live on most networks, with the remaining few following soon. The devices aren’t getting anything apart from the latest security fixes (more on that later).
The pattern remains the same for the Galaxy Z Fold 2. Samsung has widely released the May SMR for both carrier-locked and unlocked units of its 2020 foldable. Users can look forward to receiving the update with the build number F916USQS2JWE4 or F916U1UES2JWE3 depending on their variant. Once again, there aren’t additional goodies here. This update is all about the latest batch of monthly security fixes from Samsung and Google.
If you’re using a Galaxy Note 10 or Galaxy Note 10+ in the US, the latest security patch is available for your phone as well. That’s regardless of whether you have a factory-unlocked unit or a carrier-locked one. Samsung has got all of you covered. The new build number for the former group is N97*USQU7HWE1, while that for the latter is N970U1UEU7HWE1. For a change, this update contains more than the May security patch.
Unfortunately, nothing much on the user-facing side of things again. According to Samsung’s official changelog, the latest update for the Galaxy Note 10 series in the US brings revised Terms & Conditions. The company says that you are agreeing to those revised terms for your device, which include the Dispute Resolution Agreement with arbitration terms, by installing this update.
The May 2023 update for Samsung’s Android smartphones contains fixes for more than 70 security issues. These include at least six critical flaws, some of which allowed remote code execution. If you’re using any of the aforementioned Galaxy devices stateside and haven’t received the May SMR yet, you should soon. Watch out for a notification about the OTA (over the air) release in the coming days. You can also manually check for updates from the Settings app.
Android TV boxes are a popular way for users to revive their old TVs and prolong their lifetime by converting them into smart ones. However, according to a new report from TechCrunch, popular Android TV boxes from Chinese companies like AllWinner and RockChip come preloaded with malware capable of launching coordinated cyberattacks.
Security researcher Daniel Milisic first uncovered this problem when he purchased an AllWinner T95 box last year and discovered that the firmware was infected with malware, which enabled bad actors to establish a connection with the TV box and install any desired app or payload. While not as well-known as Google’s Chromecast or Amazon’s Fire TV Stick, these Chinese Android TV boxes have received positive reviews due to their affordable price and advertised features.
The default payload found on these compromised Android TV boxes is clickbot, a type of malware that generates revenue by automatically clicking on ads in the background. Therefore, as soon as a user powers on their TV, the malware receives instructions from servers and starts making money.
However, upon further investigation, Milisic also discovered that his T95 box was part of a larger botnet comprising thousands of compromised Android TV boxes worldwide. In addition to the AllWinner T95, other models from AllWinner and RockChip, such as the AllWinner T95Max, RockChip X12 Plus, and RockChip X88 Pro 10, also come with pre-installed malware.
While the investigation did prompt the bad actors to take down the command-and-control servers, Milisic claims that the botnet could easily resurface with new infrastructure at any given time. Therefore, it is the responsibility of retailers like Amazon to ensure that the products they sell do not pose any harm to consumers. On the other hand, users should also exercise caution before purchasing an Android TV box from Amazon and, if possible, only consider reputable brands like Google and Nvidia. Although cheaper options may seem tempting due to their affordability and customization options, compromising data security and privacy is not worth the risk.