The very first official Google Pixel Fold images have just appeared to confirm the phone’s design. The Pixel Fold did surface in a very short hands-on video before, and also in CAD-based renders. The two images that appeared today seem to be officially official.
The Google Pixel Fold design gets confirmed via first official images
They come from Evan Blass aka @evleaks, one of the most prominent tipsters out there. If you check out the gallery below the article, you’ll get to see both renders he shared.
In the first image, the phone’s entire back side is shown, when the phone is in its unfolded state. That means we get to see both its cover display, and backplate. The phone basically looks like the Google Pixel 7 Pro and OPPO Find N2 had a baby.
The Find N2 form factor is obvious, add the Pixel 7 Pro’s camera visor on the back, and there you have it. The hinge is also visible here, albeit in an unfolded state.
The second image gives us another look at the phone’s cover display and hinge, but this time in a folded state. The bezels around the display don’t seem to be thick at all, and the display corners are rounded. There is a display camera hole here, and it’s centered up top.
The phone’s main display is not shown here, but we know what it will look like
What we don’t get to see in these images is the phone’s main display. Based on some previous leaks, and a recently leaked hands-on video, however, those bezels will be weird. The top and bottom bezels will be thicker than the side bezels. The good news is that there won’t be a camera hole there or anything of the sort.
The Pixel Fold will be made out of metal and glass. It will become official next month, during the Google I/O keynote, on May 10. That is also when it’s said to become available to pre-order. It is tipped to cost $1,799, and go on sale on June 27. If you’d like to know more about the device, check out our Pixel Fold preview.
Microsoft’s move to integrate ChatGPT into its Edge browser as the Bing AI Chatbot has prompted many companies to explore new ways of implementing generative AIs into their platforms. Now, during Meta’s latest earnings call, CEO Mark Zuckerberg stated that the company sees this rapid advancement in AI as an opportunity to introduce AI agents to billions of people in a meaningful way.
Although the specifics of how Meta will add generative AI to its apps are still unclear, Zuckerberg hinted that the company intends to incorporate it into chat experiences in WhatsApp and Messenger, visual creation tools for posts on Facebook and Instagram, and ads.
He also suggested that AI could greatly impact the WhatsApp customer support business, enabling tens of millions of AI agents to act on behalf of businesses and provide more efficient customer service experiences.
“I expect that these tools will be valuable for everyone from regular people to creators to businesses. For example, I expect that a lot of interest in AI agents for business messaging and customer support will come once we nail that experience. Over time, this will extend to our work on the metaverse, too, where people will much more easily be able to create avatars, objects, worlds, and code to tie all of them together,” said Zuckerberg.
Meta’s future plans
While Meta’s plans for integrating generative AIs into its services are ambitious, and it has already released an AI language model called LLaMA to researchers, the company is still yet to make a chatbot like OpenAI’s ChatGPT or Google’s Bard. However, Zuckerberg emphasized that generative AI will soon “touch every single one” of Meta’s products, indicating that the company is stepping up its efforts to develop the technology.
Furthermore, speaking on the speculations that Meta might abandon its metaverse project to focus solely on generative AIs, Zuckerberg stated that Meta has been focusing on both AI and the metaverse for years now, and they will continue to focus on both.
Google did an excellent job with a Pixel 6a, so we’re all looking forward to the Pixel 7a. This is going to be the company’s next mid-range phone that will come with a flagship processor and camera. Just weeks before its unveiling, the Pixel 7a shows up in some leaked hands-on images.
A leak of this caliber shouldn’t be surprising considering how close we are to the unveiling. We expect Google to introduce this phone during Google I/O which will take place on May 10th. We also expect Google to unveil the Pixel Tablet and the Pixel Fold during the event.
Pixel 7a was showing off in leaked hands-on images
These hands-on images confirm the design of the phone and they corroborate the other massive leak that happened just recently. In this new crop of images, we see the device in the flesh, even being held by a person in one of them. These images show the blue color of the phone.
In these images, we see that the back glass has a brighter shade of blue while it’s bolder for the camera visor. The visor, just like with the Pixel 7 phones, is made from metal, and it is an extension of the phone’s frame. Just like with the Pixel 7 phones, we see the cutout for the dual camera package and the LED flash.
Breaking 🔥
Google Pixel 7a in Sea Blue color hands on images with box are here to meet u all…
The rest of the images show the Pixel 7a inside of its box, which confirms that this phone, like other recent Pixel phones, will not be coming with a charger in the box. However, that should come as no surprise.
As per the images, the Pixel 7a will look almost exactly like the Pixel 6a in terms of shape and design. So, all of the buttons will be in the same spot, and the corners will remain rather sharp compared to other phones.
When it launches, the Pixel 7a may cost $499. This is a price increase from the Pixel 6a which cost $449. The higher price may make it a bit of a harder sell, but, given the state of the global economy, we can’t rule it out. unexpected. However, this does bring in the question of whether or not the Pixel 8 series will see a price increase over the Pixel 7 Series. Only time will tell.
The hot new social network is called Bluesky, which is actually a new startup from Twitter co-founder, Jack Dorsey. It looks exactly like Twitter, but it really only has the basics right now, which is likely why it is invite only right now. But it is gaining quite a bit of momentum. So today, we’re going to show you how you can get an invite code to Bluesky.
What is Bluesky?
Bluesky is a new microblogging platform, like Twitter. Which is actually backed by Twitter’s co-founder and former CEO, Jack Dorsey. Many users have commented on how Bluesky does look like a carbon copy of Twitter, but with less mess. And having Dorsey behind it, makes plenty of sense for that.
The platform runs on the “AT Protocol” which is a new protocol that Bluesky is working on. It runs on a decentralized system, that means that people will eventually be able to use this technology to create their own applications and communities with rules and algorithms customized to their liking. The goal here is to make a system where no single person nor algorithm reigns supreme over the users experience. Which is currently a big problem over on Twitter.
Bluesky’s chief executive, Jay Graber has stated in a blog post that the technology for Bluesky is a “foundation for the next generation of social apps” that aims to bring back the “openness and creativity of the early web.”
How to get an invite code to Bluesky
There are two ways to get an invite code to Bluesky. The first is by heading to their website here, and joining the waitlist. It’s currently unclear how long it’ll take to get off the waitlist. But there is a faster way to get an invite code.
The other way is going to be, getting a code from someone that has them. Once you get a code, you’ll be able to put into the site and start your account. Here’s what a Bluesky invite code will look like: bsky-social-xxxxx. This way you’ll know if you have a valid code or not. Keep in mind that only one person can use each code. So once it has been used once, it’s dead.
Currently, you’ll see a lot of spam on Twitter, Reddit and other social sites asking for Bluesky invites. Which means there are also scammers out there. In fact, we’ve come across a good number of users trying to sell invite codes for $50 or more. Don’t buy invite codes to Bluesky. Especially since you have no way of knowing if the invite code you’ll be given is going to be valid or not, after you’ve paid the money.
When do Bluesky users get invite codes to share?
Another hot topic with Bluesky has been, when do existing users get invite codes to share? Well, according Bluesky, users will get one invite code for every two weeks that they’ve been on the platform. So brand new users won’t have invite codes to share, but they should get some in a few weeks.
There’s no word yet on when Bluesky will launch, so it could be in this invite only phase for quite some time. The good news is, that everyone on Bluesky is commenting about how lightning fast it is. Likely because there’s no ads.
As per reports, cybercrime will reach $10.5 trillion by 2025, including all kinds of cybercrime activities like RaaS, Phishing, malware, and much more. It will be mandatory for organizations to protect themselves from these threats.
According to Google, “ChromeOS, this is the cornerstone of our security strategy: ChromeOS devices are secure out of the box.” ChromeOS has been implemented in organizations worldwide for security and protection against data leakage.
Key Principles of ChromeOS
ChromeOS has the following things already implemented.
Booting is verified by default
Automatically blocks untrusted executables
Copy and paste, screen capture, printing, or USB downloading is prevented by default.
Chrome Browser can be used by IT and Security teams to see the Chrome extensions installed on the users’ browsers. They can also set policies for the extensions and have an approval workflow if a user requests an extension.
Security teams can see the “Extensions score” for all the extensions the user uses in the browser environment.
Note: Excavator and Spin.AI are the tools used to check the Chrome extensions’ risk assessment.
Risk Assessment Source: Google
“Secure by Design, Secure by Default” was the title of the new cybersecurity guidelines released by the CISA, NSA, FBI, and other International government agencies, including the US government.
The guidelines stated that developers and vendors must be aware of securing the core product design instead of depending on the end user.
Google stated that ChromeOS has all the core security designed and implemented by default. Adding to the security part of ChromeOS, Google has released some more features in ChromeOS. IT admins can do the following:
As part of data protection, IT administrators can protect the data in specific confidential locations like the HR or accounting apps.
Prevent Screenshotting, copy and paste, and social media leakage.
Specific user groups can be prevented from printing and screen sharing. This can be done based on the business requirements.
Nick Peterson, Security Engineer at Google Security, said, “ChromeOS data controls allow us to better understand how sensitive data moves through our company. This allows us to better focus resources, improving security while also helping teams become more productive and effective.”
Additionally, Chromebook Users can manage their camera and microphone access from the settings page of the OS itself, providing one-click access to turn on/off the camera/microphone.
Privacy Controls
As for monitoring purposes, IT admins can use Crowdstrike Falcon Insight XDR to monitor threats inside the users’ devices. Login/Logout will also be monitored, which can be integrated with any preferred SIEM Tools.
Google stated that “ChromeOS devices, built to be secure by default, have had zero reported ransomware attacks. With these capabilities announced today, ChromeOS continues to innovate and make the modern workplace safe and trusted.”
Google has released a complete list of features for users to check and strategize their organizations’ security infrastructure.
VMWare has released fixes and mitigations for three “Important” and one “Critical” vulnerability in its Fusion and Workstation software.
Four vulnerabilities in virtualisation software have been fixed by VMware, including two which were exploited at the 20223 Pwn2Own contest. Three have been given the severity rating “Important”, with the last (CVE-2023-20869) is classed as “Critical”.
CVE-2023-20869 is “Critical” flaw that affects Fusion and Workstation. It is a stack-based buffer overflow issue in the functionality for sharing host Bluetooth devices with the virtual machine. As per the advisory, “A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host.” Needless to say, guest VMs are not supposed to be able to make the host machines they’re running on do things.
CVE-2023-20870 is an “Important” flaw that affects Fusion and Workstation. It’s another issue in the functionality for sharing host Bluetooth devices, but with this one an attacker can potentially read privileged information stored in the virtual machine’s hypervisor memory.
CVE-2023-20871 is an “Important” flaw that only affects Fusion. It allows an attacker who has read / write access to the host operating system to elevate their privileges to gain root access to the host operating system.
CVE-2023-20872 is an “Important” flaw that affects Fusion and Workstation. It allows virtual machines with a physical CD/DVD drive attached to execute code on the hypervisor, if the drive is configured to use a virtual SCSI controller.
Workarounds and updates
All four issues can be addressed by updating to the latest version of the affected software. At the time of writing these are VMware Fusion 13.0.2 and VMware Workstation 17.0.2. Workarounds are available for CVE-2023-20869, CVE-2023-20870, and CVE-2023-20872.
CVE-2023-20869 and CVE-2023-20870 can be mitigated by turning off Bluetooth support by unchecking the “Share Bluetooth devices with the virtual machine” option. The relevant support documents for each product are VMware Workstation Pro, VMware Workstation Player, and VMware Fusion.
CVE-2023-20872 can be mitigated by removing the CD/DVD device from the virtual machine. Alternatively, you can configure the virtual machine so that it does not use a virtual SCSI controller. After shutting down the virtual machine, the steps are:
To remove the CD/DVD device in VMWare Workstation:
Select VM > Settings
Click the Hardware tab
Select the CD/DVD and click Remove
To remove the CD/DVD device in VMWare Fusion:
Select a virtual machine in the Virtual Machine Library window
Click on Virtual Machine menu
Click Settings
Under Removable Devices in the Settings window, select CD/DVD > Advanced Options > Remove CD/DVD Drive.
To configure VMWare Workstation not to use a virtual SCSI controller:
To configure VMWare Fusion not to use a virtual SCSI controller:
Select a virtual machine in the Virtual Machine Library window
Click on Virtual Machine menu
Click on Settings
Under Removable Devices in the Settings window, Select CD/DVD > Advanced options > Bus type
You can configure the Bus type.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Podcasts on YouTube Music are finally here. The new feature is gradually rolling out to users in the US, the company announced on Thursday via a YouTube Community post. All Android and iOS users should receive this update within the next few days.
YouTube Music has been working on adding support for podcasts for a few months now. The company confirmed the plans in February this year. Subsequently, it was spotted making necessary tweaks to the app behind the scenes to make room for the new feature. Yesterday, it officially rolled out podcasts to YouTube Music users in the US.
According to the official announcement, YouTube Music will host audio versions of all podcasts that are already available on the main YouTube app. You can seamlessly switch between the two apps for audio and video versions of a podcast, similar to how you can transition between music and music videos. The Music app will offer podcasts on-demand, offline, in the background, and while casting.
To listen to a podcast, all you have to do is search with a keyword. You can also tap on the “Podcasts” at the top of the Home tab for unfinished episodes and recommended podcasts. The app lets you filter the shows according to categories such as comedy, business gaming, music, health & fitness, and more. The Explore tab also lets you find new podcasts. The more you listen, the better your personalized recommendations get.
YouTube says the podcast experience on YouTube Music is different from its music experience. The latter requires a Premium or Music Premium subscription to enjoy some features, such as background playback. You do need a Premium subscription for ad-free listening, though. Note that you may still experience host-read endorsements or sponsorship messages in podcasts.
Podcasts in YouTube Music are currently limited to the US
Podcasts are growing in popularity, with all major music streaming services trying to carve out a market for themselves. Google doesn’t want to be left behind in this race. After hosting podcasts in the main YouTube app, it is now bringing this new form of entertainment to its music app as well.
At first, Google is keeping this feature limited to the US. But it plans to expand availability in other markets as well. “For those of you outside the United States, rest assured that we plan to bring podcasts in YouTube Music to other regions in the future!” the company said in its official announcement. We will let you know when the feature rolls out in other markets.
Discover the top 5 security breaches in recent history and learn how they happened, who was affected, and what lessons we can learn from them. From the Equifax data breach to the Yahoo hack, stay informed about the biggest cyber attacks that have impacted individuals and businesses worldwide.
These security breaches serve as a stark reminder of the importance of taking cybersecurity seriously. Whether you’re an individual or an organization, it’s crucial to take steps to protect yourself from potential threats.
By staying informed about past attacks and understanding how they happened, you can better prepare yourself for the future. From implementing strong passwords to regularly updating your software, there are many practical steps you can take to safeguard your digital assets. So don’t wait until it’s too late – start taking cybersecurity seriously today.
Five Of The Most Notable Security Breaches In Recent History
Here are the most significant security Breaches in history.
Equifax (2017)
In 2017, credit reporting agency Equifax suffered a massive data breach that exposed the personal information of over 147 million people. The breach occurred due to a vulnerability in Equifax’s website software, which allowed hackers to access names, Social Security numbers, birth dates, addresses, and other sensitive information.
Yahoo (2013-2014)
In 2013 and 2014, Yahoo suffered two massive data breaches that exposed the personal information of all 3 billion Yahoo user accounts. The breaches included names, email addresses, dates of birth, and encrypted passwords, as well as security questions and answers that could be used to access other accounts.
Target (2013)
In 2013, retail giant Target suffered a data breach that exposed the credit and debit card information of over 40 million customers. The breach occurred due to a vulnerability in Target’s payment system, which allowed hackers to steal card data at the point of sale.
Marriott International (2018)
In 2018, Marriott International suffered a data breach that exposed the personal information of up to 500 million guests. The breach occurred due to a vulnerability in the hotel chain’s Starwood guest reservation database, which included names, addresses, phone numbers, email addresses, passport numbers, and other sensitive information.
Sony Pictures (2014)
In 2014, Sony Pictures suffered a cyber attack that exposed the personal information of thousands of employees and leaked sensitive emails and other confidential information. The attack was believed to be carried out by a group of hackers backed by the North Korean government in retaliation for the studio’s production of the film “The Interview.”
What Kind Of Information Is Typically Stolen During A Security Breach?
During Security Breaches, different types of information can be stolen depending on the target and the attacker’s goals. Some common types of information that can be stolen during a security breach include personally identifiable information (PII) such as names, addresses, phone numbers, social security numbers, and email addresses. Other sensitive information that can be targeted includes financial data, credit card numbers, and bank account details.
In some cases, hackers may also target login credentials such as usernames and passwords, which can be used to access online accounts or even entire networks. Intellectual property such as trade secrets, product designs, and customer data can also be targeted during a security breach, especially in industries such as technology, healthcare, and finance. In some cases, attackers may seek to install malware or other types of malicious software that can provide them with ongoing access to a compromised system or network.
How Can Businesses Protect Themselves From Security Breaches?
Implement strong passwords: Use complex passwords that are difficult to guess and change them regularly.
Conduct regular security assessments: Regularly assess the security of your network and systems to identify vulnerabilities and address them proactively.
Install anti-malware software: Install anti-malware software to detect and prevent malware infections.
Use firewalls: Install firewalls to protect your network from unauthorized access.
Educate employees: Train your employees on how to identify and avoid phishing scams and other social engineering attacks.
Implement access controls: Implement access controls to restrict access to sensitive data and systems to only authorized personnel.
Keep software up-to-date: Ensure that all software is up-to-date with the latest security patches.
Backup data: Regularly back up data to ensure that it can be recovered in the event of a security breach.
Use encryption: Use encryption to protect sensitive data both in transit and at rest.
By implementing these measures, businesses can significantly reduce the risk of a security breach and protect their sensitive information.
What Are The Legal Consequences Of A Security Breach?
The legal consequences of a Security Breaches depend on various factors such as the nature and extent of the breach, the type of data that was compromised, and the jurisdiction in which the breach occurred. In some cases, a security breach may violate data protection laws and regulations, leading to fines, penalties, and legal action.
For example, the General Data Protection Regulation (GDPR) in the European Union imposes significant fines for data breaches. Additionally, some countries have data breach notification laws that require companies to notify affected individuals and regulatory authorities in case of a breach.
Apart from legal consequences, a security breach can also have a significant impact on a company’s reputation and brand image. Consumers may lose trust in the company, leading to a decline in sales and revenue. Therefore, it is essential for businesses to implement robust security measures to prevent breaches and mitigate the consequences in case of an incident.
How Can Companies Regain The Trust Of Their Customers After A Security Breach?
When a company experiences a security breach, it not only affects its finances and reputation but also erodes the trust of its customers. To regain that trust, companies need to take responsibility for the breach, provide transparency, and take proactive steps to prevent future breaches.
One way to regain trust is to offer credit monitoring and identity theft protection services to customers affected by the breach. Companies should also be transparent about the steps they’re taking to prevent future breaches, such as investing in better security protocols, conducting regular security audits, and hiring external security experts.
Another important step is to communicate with customers in a timely and clear manner. Companies should provide regular updates about the breach, the steps being taken to address it, and any compensation or remediation being offered to affected customers.
In addition, if you are searching for a safe and secure VPN so you can try this ExpressVPN Warzone deal it is the best offer and is budget friendly and this deal is especially for Call of Duty: Warzone.
What Are The Financial Costs Of A Security Breach?
Security breaches can result in significant financial costs for businesses. These costs can include direct expenses, such as the cost of repairing systems and networks, paying for forensic investigations, and providing identity theft protection services to affected customers.
In addition, there may be indirect costs such as lost revenue due to decreased customer trust, damage to brand reputation, and legal fees. The cost of a security breach can vary depending on the severity of the breach, the amount and type of data compromised, and the size of the affected organization.
According to a report by IBM, the average cost of a data breach in 2021 was $4.24 million. This represents a significant increase from previous years and underscores the importance of investing in cybersecurity measures to prevent breaches from occurring. Small businesses may also be at risk, as they may not have the same level of resources to invest in cybersecurity as larger organizations.
How Can Companies Prepare For A Potential Security Breach?
Companies can take several steps to prepare for a potential security breach, including:
Conducting regular security audits and risk assessments to identify vulnerabilities in their systems.
Establishing a comprehensive incident response plan that outlines the steps to take in case of a breach, including who to notify and how to communicate with customers.
Implementing strong access controls, including multi-factor authentication and role-based permissions, to limit the number of people who can access sensitive data.
Providing regular cybersecurity training to employees, including how to identify phishing emails and other common tactics used by hackers.
Regularly updating software and security systems to address any known vulnerabilities.
Backing up important data to an offsite location to ensure that it can be recovered in case of a breach.
By taking these steps, companies can better protect themselves from Security Breaches and minimize the damage if it does occur.
What Is The Role Of Cybersecurity Professionals In Preventing Security Breaches?
Cybersecurity professionals play a critical role in preventing Security Breaches. They are responsible for implementing security measures, monitoring networks for potential threats, and responding quickly to any security incidents.
Their role includes conducting regular security assessments, identifying vulnerabilities, and implementing security protocols to mitigate risks. They also develop incident response plans, conduct security awareness training for employees, and stay up-to-date with the latest security trends and threats.
In addition, cybersecurity professionals work closely with other departments within a company, such as IT and legal, to ensure that security policies and procedures are aligned with business goals and regulatory requirements. They may also work with external partners, such as third-party vendors, to ensure that security measures are in place and that data is protected throughout the supply chain.
How Can Companies Ensure That They Are In Compliance With Relevant Data Protection Laws?
Data protection laws are becoming increasingly strict and complex. Companies must ensure that they are in compliance with all relevant laws and regulations to avoid potential legal and financial consequences.
To ensure compliance, companies should develop comprehensive data protection policies and protocols that address all aspects of data handling, from collection to storage and destruction.
One way companies can enhance their compliance with data protection laws is by engaging legal and cybersecurity experts who can offer guidance on best practices. Additionally, regular training and education programs can be implemented for employees to ensure that everyone within the organization understands their responsibilities and knows how to handle data securely. For instance, obtaining a 1-year ExpressVPN deal could be a practical step to improve the organization’s online security and protect confidential data.
It is also important for companies to regularly review and update their data protection policies and protocols as laws and regulations evolve. This will help ensure that they are always in compliance and prepared for any changes that may come.
How Can Customers Be Notified In The Event Of A Security Breach?
In the event of a Security Breaches, companies have a responsibility to notify their customers and users as soon as possible. The notification should include details about the breach, what information was affected, and what actions the company is taking to address the issue. Companies should also provide guidance to customers on how they can protect themselves, such as changing their passwords or monitoring their financial accounts.
In some cases, companies may also offer credit monitoring or identity theft protection services to affected customers. It’s important for companies to have a clear and comprehensive communication plan in place to ensure that customers are informed and have the necessary information to protect themselves.
The Cosmos cooperative bank in Pune, among the city’s oldest urban cooperative banks, has fallen prey to cyber fraudsters. Hackers gained access to the bank’s system and stole Rs 94 crore.
A court in Maharashtra’s Pune had found 11 persons guilty. Fahim Shaikh and Mohammad Saeed Iqbal Hussain Jafari of Bhiwandi, Fahim Khan and Shaikh Mohammed Abdul Jabbar of Chhatrapati Sambhajinagar, Mahesh Rathod of Nanded, Naresh Maharana of Palghar, U A Waz alias Anthony, Bashir Ahmed and Feroz Shaikh of Mumbai, and Abdulla Shaikh and Salman Baig of Thane were convicted.
The Largest Cyber Assaults on An Indian Bank
On August 11, 2018, numerous cloned debit cards of Cosmos Bank were used for thousands of ATM transactions from India and 28 other countries over seven hours.
Reports say a further set of 2,800 transactions totaling Rs 2.5 crore were done in various locations nationwide, while more than 12,000 ATM withdrawals totaling almost Rs 78 crore were made outside of India.
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) service was also used to transfer an additional Rs 13.92 crore to a Hong Kong-based organization on August 13, 2018.
According to the police investigation, Visa cards were used for transactions outside India, while RuPay cards were used for transactions within India.
Notably, in this case, which was reported to the Chaturshringi police station under the provisions of sections 120B, 420, 467, 468, 469, 471, and 34 of the Indian Penal Code (IPC) and the corresponding sections of the Information Technology Act, a total of Rs 94 crore was siphoned.
A bank official claims that early investigation indicates that the hacking activity originated in Canada.
According to the Indian bank, cybercriminals targeted its ATM infrastructure in the first intrusion. It did not disclose how the attack occurred.
Still, it did say that malware was used to disconnect the ATM infrastructure from the central switching system, preventing it from receiving real-time information about cash withdrawals from ATMs.
“We have filed a complaint and are also taking help from the National Payments Corporation of India (NPCI) and the RBI to see what can be done,” said Krishnakumar Goyal, a director of the cooperative bank.
He continued by saying that no clients were impacted and that the bank had suffered a loss due to the money being taken out of a pool account.
Pune Court Declares the Accused Guilty
The police arrested 18 people throughout their investigation for their claimed involvement in the cyberattack, who came from various areas. According to the authorities, one accused had passed away, and 17 were being held behind bars.
The majority of people arrested, according to the police, were primarily involved in following handlers’ instructions to withdraw cash from various ATMs using Cosmos Bank cloned cards. The police believe that some of the money they withdrew was given to them as a commission by the racketeers.
Fahim Shaikh, Fahim Khan, Shaikh Mohammed Abdul Jabbar, Mahesh Rathod, Naresh Maharana, Mohammad Saeed Iqbal Hussain Jafari, and Anthony were among the 11 found guilty and given simple imprisonment of four years and seven months, according to the press statement.
According to the release, Feroz Shaikh and Salman Baig received three years of simple jail, while Abdulla Shaikh and Bashir Ahmed received four years each.
Four additional people are still wanted in connection with the investigation, three of whom — Kunal Shukla, Abdul Bhai, and Sumer Shaikh — are believed to be in Dubai, according to the police.
Finally, the Pune City Police and Cosmos Bank successfully recovered Rs 5.72 crore that the scammers had fraudulently placed into a bank in Hong Kong after the malware assault.
Vulnerabilities in PaperCut printing management are being used in ransomware attacks.
A few days ago we wrote about two vulnerabilities found in PaperCut application servers. As we noted, exploitation was fairly simple so there was some urgency to install the patches. My esteemed colleague Chris Boyd literally wrote:
“Arbitrary code can be deployed, or even ransomware if that’s part of the attacker’s toolkit.”
As it turns out, there are already two flavors of ransomware preying on those that haven’t updated yet.
In a surprising turn of events for the ransomware landscape, Cl0p emerged as the most used ransomware in March 2023, coming out of nowhere to dethrone the usual frontrunner, LockBit.
Known ransomware attacks in March 2023, listed by gang
But don’t rule the habitual frontrunner LockBit out just yet. Microsoft Threat Intelligence said in a tweet that it’s “monitoring other attacks also exploiting these vulnerabilities, including intrusions leading to Lockbit deployment.”
PaperCut is printing management software that works by intercepting print jobs as they pass into a print queue. It’s used by large companies, state organizations, and education institutes because it is compatible with all major printer brands and platforms. This makes a vulnerability, especially one that is as easy to exploit, a virtual goldmine for ransomware peddlers, and puts a bullseye on anyone that is running an unpatched server.
Both the underlying vulnerabilities have been addressed with patches. If you update your PaperCut application servers, you are no longer at risk. From the Updating FAQ:
Please follow your usual upgrade procedure. Additional links on the ‘Check for updates’ page (accessed through the Admin interface > About > Version info > Check for updates) will allow customers to download fixes for previous major versions which are still supported (e.g. 20.1.7 and 21.2.11) as well as the current version available.
If you are using PaperCut MF, we highly recommend following your regular upgrade process. Your PaperCut partner or reseller information can also be found on the ‘About’ tab in the PaperCut admin interface.
If you’re unable to upgrade, PaperCut advises the following:
Block all inbound traffic from external IPs to the web management port (port 9191 and 9192 by default)
Block all traffic inbound to the web management portal on the firewall to the server. Note: this will prevent lateral movement from internal hosts but management of the PaperCut service can only be performed on that asset.
Apply “Allow list” restrictions under Options > Advanced > Security > Allowed site server IP addresses. Set this to only allow the IP addresses of verified Site Servers on your network. Note this only addresses ZDI-CAN-19226 / PO-1219.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
