Gary James Harmon, a 31-year-old man from Cleveland, Ohio, has been sentenced to four years and three months in prison for stealing more than 712 Bitcoin that were subject to forfeiture in a then-pending criminal case.
According to court documents, Harmon stole the cryptocurrency from his brother Larry Dean Harmon’s operation of Helix, a dark web-based cryptocurrency money laundering service known as a “mixer” or “tumbler.”
Gary James Harmon, with a bathtub of money – Image: US District Court for the District of Columbia/
Larry Dean Harmon was arrested in February 2020, and law enforcement seized various assets, including a cryptocurrency storage device containing illegal proceeds generated through the operation of Helix, which was subject to forfeiture in the criminal case. However, law enforcement could not recover Bitcoin stored on the device due to the device’s security features.
Knowing that the government was seeking to recover the Bitcoin stored on the seized device for forfeiture in Larry Harmon’s criminal case, Gary Harmon used his brother’s credentials to recreate the Bitcoin wallets stored on the device and covertly transferred more than 712 Bitcoin, valued at approximately $4.8 million at the time, to his own wallets, stealing those funds and obstructing the pending criminal forfeiture proceeding.
Gary Harmon further laundered the proceeds through two online Bitcoin mixer services before using the laundered bitcoins to finance large purchases and other expenditures.
In August 2021, Larry Harmon pleaded guilty to a money laundering conspiracy concerning his case. Gary Harmon agreed to the forfeiture of cryptocurrencies and other properties derived from the fraudulently taken proceeds, including more than 647.41 Bitcoin (BTC), 2.14 Ethereum (ETH), and 17,404,400.64 Dogecoin (DOGE). Due to the increase in market prices, the total value of these forfeitable properties exceeds $20 million.
SOC Training is one of the most critical concerns in building a Quality Security Operation Center Team to fight against advanced threats that target the organization’s network.
Sophisticated detection and prevention technologies are mandatory implementations by security experts since cyber attacks are rising daily.
SO implementing a dedicated SOC operation and SOC analyst team who will work in different categories to handle the incidents.
SOC is a team of security analysts organized to detect, analyze, respond to, report on, and prevent cybersecurity incidents.
Proper SOC training for security analysts is the most important concern to build a quality team to perform rapid repose from sophisticated cyber attacks.
In this case, Ethical Hackers Academy provides an in-depth SOC training online course that contains a detailed training session for the Detection, Investigation & Remediation of all kinds of Cyberattacks on Networks, systems, and Applications.
SOC Analyst Training
This Advance SOC Training course covers the following phases, and it makes the SOC analyst learn with clearly explained practical training.
SOC Analyst – Cyber Attack Intrusion Training for Lifetime Access – Online Training
Available for iOS and Android
Detection, Investigation & Remediation of all kinds of Cyberattacks on Networks, systems, and Applications.
Stride towards a career in this fast-growing IT profession
Access 74 Lectures for 24/7
This SOC Training course is a never-ending Course.
Start from Beginner to Advance Level
Let’s Dive Deep into This Incredibly Exciting Journey Today.
What You Learn from This Advance SOC Training Course
SOC Analysts are very in demand for many of organizations since the cyber attack is rapidly rising, assign quality security analysts are the most important concern.
This SOC Training course provides in-depth training which proposes complete operation and an analyst will be able to respond to monitor the company infrastructure 24*7 and respond to all kinds of cyberattacks.
An analyst can able to work on the SIEM tool for monitoring and analysis of the cyber attack.
You will learn about real-world cyber-attacks and investigate attacks with the help of a network packet and device log.
You will learn about working on devices, protocols, ports, cybersecurity, and services.
Also, you will learn about the day to day activities performed by Analysts in their job and learn about various attacks and remediation from very basic.
After this course, you can monitor, detect, analyze (such as trend and pattern analysis), and respond and restore activities.
What EHA Is Offering?
They are providing this SOC training on current Technology (Real-world Cyber Attacks) + Tool (SIEM)
You will learn the SOC tools on which most of cybersecurity professionals are working.
You will learn the technology on which cybersecurity works and the steps followed by professionals to stop and prevent attacks in real-time.
You will face the real challenge faced by professionals in their job responsibilities.
You will be able to answer the complicated interview question from our training.
You will work as same as a professional is working and will increase your confidence in cracking any cybersecurity interview.
Lifetime access to the training on your device (Mobile, Laptop, Tablet, etc.)
You will join your dream companies at your choice of package.
Conclusion
Taking SOC training from a reputed academy such as Ethical Hackers Academy will enormously help you to enhance your skills with real-time attack scenarios and understand the overall operations in the security operation center.
SOC training course syllabus prepared with in-depth practical training with essential SIEM tools such as Splunk, and QRadar to continuously monitoring customer networks and protect it from sophisticated cyber attacks.
SOC training courses can take the following security professionals Information security managers, SOC Managers, Analysts & Engineers, Information security architects, IT managers, and Operations managers.
These SOC training courses will enhance the skills of a SOC analyst to learn about real-world attacks and sophisticated threats to protect company assets.
Learn 100+ Advanced Cybersecurity Courses Online With life Time Access – Diamond Membership
The Xiaomi 13 Ultra is the latest and greatest smartphone Xiaomi ever launched. At the time the Xiaomi 13 Pro launched, we were not sure whether the ‘Ultra’ will become a reality or not. Well, it’s now here, albeit only in China, for now. That phone is coming to global markets, but at the time of writing this review, we’re not sure when. Having said that, everything will be the same, except the software, which will be more in tune with global markets, so keep that in mind. We have opted not to wait for the global model, as this phone is outstanding, and it would be a shame not to take a closer look at it now.
Yes, this phone has a heavy focus on the cameras, but that’s not the whole story, not at all. Even though the cameras are a bit part of the experience, and Xiaomi really did outstanding work here, in collaboration with Leica. I’m getting ahead of myself, though, we’ll talk about the cameras later on. Let’s kick things off with the design and move from there.
Table of contents
Xiaomi 13 Ultra Review: Hardware / Design
The Xiaomi 13 Ultra is a big smartphone, there’s no way around it. Well, I’d say “big and bold”, to be quite honest. Its design is out of the ordinary, because of its back side. The phone is made out of metal and “second-gen nano-tech material”, as Xiaomi calls it. This material is basically vegan leather, it seems, that is also antibacterial. It feels like slightly rubberized paper, it’s difficult to explain. It sure is a lot more grippy than glass or metal are, which is a good thing considering the size of the device. Xiaomi also says it’s “resistant to wear and dirt”.
The back side of the phone is… different
What’s interesting here is how Xiaomi implemented this. This material doesn’t curve into the frame on the sides, as it does on other phones. The metal frame curves to the back, and at a point where it becomes flat, that’s where vegan leather is implemented. That’s not all, though. This material is thicker in the upper portion of the phone’s back side, where the camera island lies. That’s because Xiaomi wanted to hide the fact that this camera bump is huge. It’s large as it is, and it would be even more pronounced if this method wasn’t implemented. It sounds weird, but it actually works really well. This gradual increase in thickness helps with the grip too. The camera bump does too, you can easily use it to anchor your index finger.
It’s rather comfortable to use, despite its size
The phone feels truly premium in the hand, and even though it’s large, it’s comfortable to use. It has flattish sides, but it doesn’t have sharp edges, so it never cuts into your hand. So, if you like large phones, chances are you’ll like this one. You can even use it without a case if you’re careful enough, as the phone is not that slippery. All the buttons are on the right side, while the speakers are placed at the top and the bottom. There is also an IR blaster included at the very top, if that’s something you’re planning on using. On top of everything, the Xiaomi 13 Ultra is water and dust resistant (IP68 rating). I prefer this design over the Xiaomi 13 Pro, to be quite honest, as the Xiaomi 13 Pro was simply too slippery, and the black ceramic on my model attracted fingerprints like crazy.
Accessories
There is a case included in the Xiaomi 13 Ultra retail box. It’s not your regular gel/silicone case, though. This is a hard-shell plastic case, with a ribbed pattern on the back. It’s actually quite nice for what it is. I did expect something a bit more premium, but hey, a case is a case. It’ll at least offer some protection until you get a different case. The bottom of the phone is opened here, as is the portion where the buttons sit. Everything else is well covered. There is also some protection for the cameras on the back.
Xiaomi 13 Ultra Review: Display
The Xiaomi 13 Ultra includes a gorgeous, big display. It’s not the same as the one in the Xiaomi 13 Pro, though, despite what was expected. Not only are we talking about a different supplier here, but a different display altogether, including different brightness. The Xiaomi 13 Ultra features a 6.73-inch QHD+ (3200 x 1440) AMOLED display. This panel has a 20:9 aspect ratio, and a 522 ppi. It has an adaptive refresh rate from 1-120Hz, and up to 240Hz touch sampling rate. It supports HDR10+ and Dolby Vision, while it also comes with 1,920Hz PWM dimming. An in-display fingerprint scanner is also present, as is in-display heart rate monitoring. This panel is also curved, by the way, and it has a display camera hole up top (centered).
This is technically the brightest display on the market
As you can see, all the bells and whistles are included here, and the display also gets up to 2,600 nits in terms of brightness. This is technically the brightest display out there at the moment, at least on paper. This display has been developed in collaboration between Xiaomi and China Star, it was not provided by Samsung. That’s actually an interesting move by Xiaomi, that’s for sure. I never felt like the display was too dim, not even outdoors. Even when I wore sunglasses in direct sunlight, the display was easily visible. I really have no complaints in that regard.
It’s vivid, sharp, and has great viewing angles
The same can be said for its other aspects, actually. The viewing angles are great, and the panel is more than sharp enough. The colors are vivid, and additional settings are available via the phone’s settings. The touch response is really good too, and the display is well optimized for touch interaction. I never felt like I had to wait for it to respond to my input or anything of the sort. The display is also not curved to extremes, so there’s no considerable glare to speak of, similar to what we’ve seen in the Xiaomi 13 Pro. To cut the long story short, this display is great to use, and I really don’t have any complaints. Chances are you’ll be happy with it.
Xiaomi 13 Ultra Review: Performance
The Xiaomi 13 Ultra is one of the most powerful smartphones in the market, hardware-wise. It is fueled by the Snapdragon 8 Gen 2 SoC, which is Qualcomm’s most powerful processor at the moment. It also comes with up to 16GB of LPDDR5X RAM and UFS 3.2 flash storage. Now, do note that I’ll talk about overall performance and fluidity of usage here, not the software side of things. I’ll heave that for the software section later on, as that’s an entirely different story, for more than one reason.
The performance is excellent
That being said, the phone is extremely fluid, in every way shape and form. You’ll really struggle to get this thing to slow down, in all honesty. It opens apps really fast, and the same goes for multitasking. Every action is very fluid, and that goes from the simpler ones, all the way to truly demanding ones. Yes, that includes gaming. On top of everything mentioned here, the Xiaomi 13 Ultra also comes with the Loop LiquidCool technology, and it never got too warm, not even during game testing.
Gaming is not a problem at all
I didn’t play a lot of games on the phone, I never do during reviews. Well, unless we’re talking about a gaming smartphone in specific. I did run several games on this phone, just to see how it grasps gaming. It ran a chess game and Subway Surfers really great, as expected. I turned up the notch with an Asphalt game, which also ran very smoothly, and ultimately the phone aced the Genshin Impact test. This phone can be used for longer gaming sessions without a problem, and it even has some software features to help with that. So, no worries in that regard. Overall, the performance is very fluid, which was to be expected, as the same was the case with the Xiaomi 13 Pro.
Xiaomi 13 Ultra Review: Battery
There is a 5,000mAh battery included inside of this phone. It’s a bit larger than the one inside the Xiaomi 13 Pro (4,820mAh). The battery life is a bit better overall, but not by much. The two phones are actually comparable in that regard. One thing to note is that I did not have an entirely consistent experience when it comes to battery life. The first couple of days, the battery life was odd, but since then, it has been constantly good. I’ve been getting around 8 hours of screen-on-time on the device. On days I’ve been testing the cameras intensively, however, the battery life was noticeably less strong. That is to be expected, though.
The phone has a special battery trick up it sleeve
Overall, the battery life is quite good, but using the camera a lot, or playing games on the phone, will impact it, of course. If you’re a light user, I see this phone going the distance. Still, this battery life is not on the same level as the Galaxy S23 Ultra and OnePlus 11, which truly managed to pull out outstanding results from this processor. For most people, the Xiaomi 13 Ultra will be more than enough to get to the end of the day. If not, well, the phone does offer truly fast charging. Also, do note that once you reach 1% of battery charge, the phone will enter into a truly low power mode, limit your functionality, and be able to last for a full hour.
90W wired & 50W wireless charging is supported, charger included
The Xiaomi 13 Ultra supports 90W wired, and 50W wireless charging. On top of that, 10W reverse wireless charging is also offered. Oh, and yes, Xiaomi does include a 90W charger in the box, unlike some other OEMs. That charger will be able to fully recharge the phone in about 35 minutes. That’s what Xiaomi markets, and that’s what we’ve experienced. Getting there with 50W wireless charging will take longer, but still faster than what most other OEMs offer.
Xiaomi 13 Ultra Review: Camera
The Xiaomi 13 Ultra is one of the most camera-centric phones on the market at the moment. Xiaomi and Leica managed to create something truly special here. The Xiaomi 13 Pro was an outstanding camera smartphone, but the ‘Ultra’ manages to beat it, without a problem. The device not only brings variable aperture to the table, but it also adds a periscope telephoto camera here. Those are not the only hardware changes, but are the most notable ones. This is also the first phone that includes variable aperture on the 1-inch camera sensor. It’s a two-step aperture, by the way.
I took over 900 photos during my testing, and the results are outstanding
During my testing, I captured over 900 photos with the device in various scenarios. This phone performs admirably in basically all of them. It doesn’t matter if it’s sunny, cloudy, or if you’re shooting in daylight or low light. The Xiaomi 13 Ultra adapt to all of these situations, and you really don’t have to tweak anything manually. It would be a true shame not to use all those cameras on the back, and just stick to the main one, though. It is great, but all the others are too. Let’s start with the main camera, though.
That 1-inch camera sensor gets the benefit of 2-step variable aperture
Xiaomi included a 50-megapixel camera with Sony’s 1-inch sensor (IMX989). That is the same main camera as on the Xiaomi 13 Pro, but this one has a 2-stop variable aperture. That camera allows for a ton of light to enter a scene, and the phone does a wonderful job of processing all that info. The Xiaomi 13 Pro had issues with highlights in some situations, but I didn’t really notice that here. The photos end up looking sharp, well-balanced, and quite detailed. Even in low light, the phone manages to preserve a lot of details, while not making the photos look unnatural. You can truly see the difference when you compare those shots with phones with inferior sensors. And no, you don’t need to use night mode, the phone will activate whatever it needs manually, and you won’t even know considering that it takes photos in an instant. The shutter speed is truly fast.
The depth of field is less of an issue than before
One problem that 1-inch camera sensors brought to the table is… the depth of field. It’s very shallow by default (keeping things out of your limited focus point out of focus), and that’s where this phone does a great job. It utilizes its variable aperture to adjust to the scene. OPPO handles this brilliantly even without variable aperture, but Xiaomi went a step further to tune it. No matter the situation, this phone will adapt. One thing to note is that the vignetting effect is still here, which is not surprising considering Leica is included in the mix. So, if you like it, then the Leica Authentic mode is perfect for you. If not, you should try the Leica Vibrant mode, though that will make the photos a bit more saturated. In most samples you’ll see below, however, I’ve used the Leica Authentic mode, I love how those pictures turned out.
The Xiaomi 13 Ultra does a great job with portraits
Shooting portraits with the Xiaomi 13 Ultra is a joy. Once you switch to portrait mode, you’ll be using the phone’s telephoto camera, and use an equivalent of a 75mm lens. This is supposed to mimic Leica’s portrait mode. I was quite surprised by the results. The phone did a fantastic job, even when the sunset was in effect. I’ve used portrait mode quite a lot, though there are other styles you can try out, courtesy of Leica.
Ultrawide camera is not only great in daylight, but really good in low light too
The ultrawide camera sticks to the main camera’s color science, and it also does a really good job. The details are a bit softer in low light, but not by that much. It is perfectly viable to use even when there’s not a lot of light available, which is great. The periscope telephoto camera does a great job in good lighting, even in low light to a certain degree. In good lighting, photos up to 10x look really good, actually, and those up to 30x are usable. Everything beyond that point is… well, not great. That’s what we’re used to seeing from periscope telephoto cameras, but they’re immensely useful in some situations. I was surprised by how often I’ve utilized 5x and 10x modes.
The video recording is also excellent
The video recording on the phone also managed to surprise me. I did not expect much, but the Xiaomi 13 Ultra delivered outstanding results. The phone does a great job with video recording. It keeps things smooth, even when you’re panning around in low light. That’s where most smartphone cameras fall apart, and you get image tearing and whatnot. That was not the case here.
The Xiaomi 13 Ultra is one of the best smartphones for photography, no doubt about it
Overall, there’s really not much to complain about here. The Xiaomi 13 Ultra has one of the most feature-packed camera systems on the market, and one of the best ones, actually. Those four 50-megapixel cameras on the back are great, every single one of them. Regardless of the situation you find yourself in, you’ll have a camera to handle it. Xiaomi really keeps the quality up across the board with those cameras, and I thoroughly enjoyed using them. This is definitely one of my favorite camera smartphones on the market at the moment, if not the top pick.
Various camera samples:
Leica Authentic vs Leica Vibrant (respectively):
Wide & ultrawide comparison:
Telephoto/periscope camera:
Xiaomi 13 Ultra Review: Software
The Xiaomi 13 Ultra that I’ve reviewed comes with an MIUI build made for China. At the time of this review, this phone did not launch globally, even though it’s coming. This version of MIUI has a ton more China-centric features and apps. The good news is, you can remove a ton of them. You’d be surprised how many can be removed, even some you’d never think you’d be able to ditch, such as a compass app and a voice recorder app. So, if you want a clean slate, you sure can get it. The good news is, MIUI 14 even offers the batch uninstall option, so uninstalling all those apps is immensely simple.
There are a couple of negatives here
Having said that, you still won’t be able to avoid the fact this software is made for the Chinese market. I’ll first focus on the negatives. I stumbled upon an especially annoying prompt. When I go to check out my widgets, I get the ‘App Vault’ prompt. At first, I simply denied the offer, and was thrown to my widgets. The thing is, this prompt keeps popping up every time you try to enter your widgets list. At one point, I got annoyed, and accepted the offer to activate it. That messed everything up. From that point on, I could no longer access my widgets, but ended up with a ton of widget recommendations from some sort of store made for China. Needless to say, everything was in Chinese, so I didn’t even know what some of those widgets were about. I tried to locate widgets from my apps, but without luck.
After tinkering with the settings for about 5 minutes, I managed to find a way to disable ‘App Vault’. The problem is, the thing kept popping up every time I tried to access my widgets… again. There doesn’t seem to be a way to completely remove it from the phone, or at least disable this prompt. I was truly annoyed by this, but granted, you don’t really visit your widgets list all that often, so… yeah, this may not bother you as much. Whatever you do, though, don’t accept the ‘App Vault’ prompt, deny it every single time.
I did experience some app crashes, and a finicky one-hand mode
I did experience a few app crashes too, and the one-hand mode is especially finicky, to the point of being useless. It functions just like it does on a Pixel, in theory. The thing is, activating it by swiping across the line at the bottom of the screen is a chore. It seems like Xiaomi included a really tiny area for activation, as you really do need to get almost to the very bottom for it to activate. Calling upon it took me up to 5-10 tries, most times. On every other phone I’ve used such a one-hand mode, like a Pixel, an ASUS phone, or an iPhone, it worked like a charm. Xiaomi really needs to fix this, as this is a gigantic phone, and a one-hand mode is a necessity. It should be an easy fix, though.
Another annoying negative is the fact that third-party launchers are utterly messed up here. When you try to use a third-party launcher, you’re completely blocked from using navigation gestures, the phone instantly switches you to on-screen buttons. So, you can basically forget using a third-party launcher if you want to use navigation gestures.
You’ll need to lay some groundwork to keep the apps properly running in the background
Keeping apps running in the background takes some work. If you want apps to keep pushing you notifications in a timely fashion, you’ll need to enable ‘Auto start’, and also disable MIUI battery optimization for them. For some of the, you’ll even need to lock them via the overview/multitasking menu. Once I did that for my messaging apps, everything was fine. Until I did, I received notifications only when I actually unlocked the phone and started using it. That is, needless to say, quite annoying. Let’s hope that the global version will be a lot better in some ways.
MIUI 14 has great animations and offers fluid performance
There are also a lot of software positives when it comes to this build of MIUI. Other than a couple of app crashes, everything was smooth and responsive. The animations are truly excellent, and the UI is responsive. There’s a ton of customization you can do in MIUI as well. It’s not to the level of some OEMs who allow you to use third-party icons on the default home screen, and remove specific icons from the status bar, but still. Xiaomi even offers its own theme store that you can utilize to change up your home screen.
Waiting for the global version may be best
Other than a few negatives I’ve listed earlier, my experience with this software has been quite good. Everything you’d expect MIUI to deliver is here, and it works really well. I just can’t wait to try out the global version of the software, to be quite honest, so that I don’t have to jump through as many hoops. You’d probably be better off waiting for the global version too.
Xiaomi 13 Ultra Review: Should you buy it?
So, should you buy the Xiaomi 13 Ultra? Well, first of all, I’d suggest you wait for the global model, if you do plan on buying it. This one can be tweaked to run fine, but the point is, you do have to run through hoops in order to get there. The model with global software will be an entirely different story. That being said, this is one of the most fluid smartphones on the market, and also one that delivers an outstanding camera experience. Xiaomi and Leica truly managed to provide an outstanding setup for both photography and videography here, and if you love taking pictures, this phone won’t let you down. There are other positives we’ve talked about, and if the price ends up being right, the Xiaomi 13 Ultra will surely be worth your money. The Xiaomi 13 Ultra is a true powerhouse smartphone.
You should buy the Xiaomi 13 Ultra if:
You love taking pictures & video
You need a truly versatile camera setup
You love big phones
You want extremely fluid performance
You need great battery life
You appreciate truly fast charging (wired & wireless)
You don’t want to buy a charger separately
You enjoy consuming multimedia
You shouldn’t buy the Xiaomi 13 Ultra if:
You don’t want to deal with software made for China (wait for the global version)
You might be shocked by the phrase ‘free Twitter Blue subscribers’ and question whether such exists. Well, technically they do, and Twitter will soon guide them on deactivating the subscription. These users have the Blue checkmark and enjoy the benefits but don’t pay the set subscription price.
A few months ago, you didn’t need to pay to have a verified checkmark. This mark is given to users with a certain level of recognition within and outside the platform. The likes of celebrities, influencers, media platforms, politicians, sportsmen, and the likes all got the verification checkmark.
This served as an identifying mark to help tell the user’s account away from possible impostors. But with Elon Musk taking over control of Twitter, users can now pay for a verification checkmark. However, some users still got the checkmark without paying for the Blue subscription like other users did.
Support is here for Free Twitter Blue subscribers to guide them through the cancellation process
Sometime last week, Twitter set out to ‘un-verify’ users that haven’t paid the Blue subscription plan. This caused an uproar on the platform, but something funny happened just after that. Certain legacy accounts that haven’t paid for the Blue subscription plan got back their checkmarks.
Among those who got their checkmarks back were some dead celebrities. A few other individuals also noted that they still have their checkmarks despite not being Blue subscribers. The reason behind this is still unclear as there was no official statement from Twitter regarding this.
Some sources claim that this is one of Elon Musk’s jokes as he tries to troll some of these users. Users that fall under the class of those Musk might be trolling are supporters of the “Block The Blue” movement. Well, after giving them back their Blue checkmarks, Elon, and his team are here to guide them on how to get rid of it over again.
According to reliable sources, Twitter is adding a new page to help guide these free Twitter Blue subscribers. The page offers assistance to these as they cancel their “complimentary subscription to Twitter Blue.” By canceling this subscription that they didn’t opt for, they will be letting go of their checkmarks and all the benefits Blue offers Twitter Blue users.
There are a lot of mixed reactions to how the structure of Twitter’s verification process. This has driven a lot of account holders off the platform, with others resolved not to pay for the Blue subscription plan. Despite all the hate this process is getting, Elon and his team seem adamant about shoving it down users’ throats.
You know how we told you around two weeks ago about more than 60 Android apps with a collective total of over 100 million Google Play downloads that were found to push invasive ads without the user’s permission and gather a host of sensitive information… also without notifying you or asking for approval?
While that particular security threat is officially behind us all, a new and extremely similar one has been discovered by the same McAfee researchers in the meantime, wreaking havoc on tens of millions of Android devices around the world.
What is this issue all about?
Although it’s part of the same large and malicious adware family as the previously identified “Goldoson” virus, this “HiddenAds” campaign might seem a little less harmful at first glance, doing, well, exactly what the name suggests.
Specifically, around 35 million (!!!) Android users worldwide have apparently been served ads in the background of their mobile gaming sessions recently with the main purpose of generating unlawful revenue for various shady companies and individuals.
That sounds like something that won’t greatly impact your user experience or data privacy, but anyone who’s ever accidentally installed this type of malware before knows precisely how annoying it can be to notice your phone slow down, freeze, or crash out of nowhere without being able to identify the culprit.
If you’ve experienced something like that of late, it’s possible that your mobile device is infected with “HiddenAds”… or a similar malware, especially if you happen to occasionally share said device with a child between the ages of 5 and, say, 15.
That’s because every single malicious app found to be part of this specific adware group emulates or, let’s be honest, downright rips off Mojang’s hugely popular Minecraft game. We’re talking incredibly similar titles mixing up the words “block”, “diamond”, “craft”, “sword”, “monster”, “forrest”, “builder”, and “rainbow” in slightly different ways to draw the attention of the most vulnerable mobile users of all.
These are all the apps you need to delete ASAP
Block Box Master Diamond
Craft Sword Mini Fun
Block Box Skyland Sword
Craft Monster Crazy Sword
Block Pro Forrest Diamond
Block Game Skyland Forrest
Block Rainbow Sword Dragon
Craft Rainbow Mini Builder
Block Forrest Tree Crazy
Craft Clever Monster Castle
Block Monster Diamond Dragon
Craft World Fun Robo
Block Pixelart Tree Pro
Craft Mini Lucky Fun
Block Earth Skyland World
Block Rainbow Monster Castle
Block Fun Rainbow Builder
Craft Dragon Diamond Robo
Block World Tree Monster
Block Diamond Boy Pro
Block Lucky Master Earth
Craft Forrest Mini Fun
Craft Sword City Pro
Block Loki Monster Builder
Block Boy Earth Mini
Block Crazy Builder City
Craft Sword Vip Pixelart
Block City Fun Diamond
Craft City Loki Rainbow
Craft Boy Clever Sun
Block City Dragon Sun
Craft Loki Forrest Monster
Lokicraft: Forrest Survival 3D
Craft Castle Sun Rain
Craft Game Earth World
Craft Lucky Castle Builder
Craftsman: Building City 2022
Craft Rainbow Pro Rain
If you’re thinking of discarding this threat as minor and unimportant… don’t. That’s because the malicious Android games listed above are ordered by popularity, starting with a title that was downloaded more than 10 million titles and three more with 5 million+ Google Play installs under their belt (each).
More than 10 million Android devices were infected by this one app alone.
So, yeah, if you’re not extremely careful about every single thing you or your kid downloads from the official Play Store every single day, odds are your phone might need a little spring cleaning. And quickly! That’s especially true if you live in the US, Canada, South Korea, or Brazil, which were apparently the main countries targeted by this malware-spreading campaign.
For its part, Google seems to have fulfilled its secondary task of cleaning up the Play Store of these apps after failing the primary goal of keeping such threats away to begin with. But that doesn’t mean anything if you don’t also locate these apps and delete them from your devices before they can spread their tentacles and start performing other shady background activities besides pushing ads for dirty money.
Researchers have discovered a new malware that remained under the radar for quite some time. Identified is AuKill, it is a potent EDR kill malware that leverages BYOVD to disable EDR clients. The hackers have already used the tool in recent ransomware attacks.
AuKill Malware Disables EDR Via BYOVD
According to a recent post from Sophos, their researchers have found a previously-unreported malware actively used in the wild.
Identified as “AuKill,” the malware allows the attackers to disable EDR clients to evade the target systems’ security.
In brief, AuKill leverages the Bring Your Own Vulnerable Driver (BYOVD) technique to disable EDR. It uses the older driver version that the Microsoft utility “Process Explorer” version 16.32 used.
Specifically, the malware drops the older PROCEXP.SYS driver version to the C:\Windows\System32\drivers path – the location where the legitimate driver version also exists. It then kills the legit driver to take over its place with the (now)malicious driver. Besides, AuKill also drops its executable copy to the system’s temp folder to run as a service.
Once done, it then executes the payload with admin privileges that the attackers could gain through other means. (The malware won’t execute without admin privileges – a mandatory requirement that AuKill checks at the initial stage.)
After fulfilling all its requirements, AuKill then disables EDR by starting a sequence of threads to keep the service disabled.
Malware Already Used In Active Attacks
The researchers noticed AuKill playing an active role in recent ransomware campaigns. That two include Medusa Locker ransomware incidents that happened in January and February 2023 and a LockBit ransomware attack in February.
Until the time of disclosure, Sophos discovered six different AuKill malware variants, indicating the gradual improvements in its malicious functionalities.
Nonetheless, AuKill doesn’t seem unique as analyzing the malware revealed numerous similarities with the open-source tool Backstab, which has also been abused in malicious campaigns. Hence, it appears that the malware authors used multiple code snippets from Backstab to derive their own tool.
To prevent AuKill and other such threats involving BYOVD, the researchers advise users to keep their systems up-to-date. Also, users must deploy endpoint protection, tamper protection, and vulnerability management measures to prevent such attacks.
Researchers have found that ChatGPT, OpenAI’s popular chatbot, is prone to generating insecure code.
Research by computer scientists associated with the Université du Québec in Canada has found that ChatGPT, OpenAI’s popular chatbot, is prone to generating insecure code.
“How Secure is Code Generated by ChatGPT?” is the work of Raphaël Khoury, Anderson Avila, Jacob Brunelle, and Baba Mamadou Camara. The paper concludes that ChatGPT generates code that isn’t robust, despite claiming awareness of its vulnerabilities.
“The results were worrisome,” the researchers say in the paper. “We found that, in several cases, the code generated by ChatGPT fell well below minimal security standards applicable in most contexts.”
“In fact, when prodded to whether or not the produced code was secure, ChatGPT was able to recognize that it was not. The chatbot, however, was able to provide a more secure version of the code in many cases if explicitly asked to do so.”
In the experiment, the researchers assumed the role of a novice programmer who doesn’t have security in mind. They asked ChatGPT to generate code, specifying in some cases that the code would be used in a “security-sensitive context.” What they didn’t do, however, was specifically ask the AI chatbot to create secure code or include certain security features.
ChatGPT generated 21 applications written in five programming languages: C, C++, HTML, Java, and Python. The programs are simple, with 97 lines of code at most.
In its first run, ChatGPT produced five secure applications out of 21. When prompted for changes, it made seven more secure applications from the remaining 16.
The authors note that ChatGPT can only create “secure” code when a user requests it. When tasked with creating a simple FTP server for file sharing, it generated code without applying input sanitization (where code is checked for harmful characters and removed where necessary). ChatGPT only added the security feature after the authors prompted it to do so.
“Part of the problem seems to be that ChatGPT simply doesn’t assume an adversarial model of execution,” the authors say, explaining why the AI bot cannot create secure code by default. Despite this, the bot readily admits to errors in its code.
“If asked specifically on this topic, the chatbot will provide the user with a cogent explanation of why the code is potentially exploitable. However, any explanatory benefit would only be available to a user who ‘asks the right questions’. i.e.; a security-conscious programmer who queries ChatGPT about security issues.”
Additionally, the authors point to the chatbot’s ethical inconsistency when it refuses to create attack code but will create insecure code.
It might refuse to create attack code, but there are ways round it. Malwarebytes Security Evangelist Mark Stockley decided to try to create ransomware using ChatGPT. The AI bot refused to create malware code at first, but Stockley found his way around the initial safeguards and managed to get it to create (admittedly quite dubious) ransomware anyway.
In an interview with The Register, one of the Université du Québec researchers said he had concerns about ChatGPT. “We have actually already seen students use this, and programmers will use this in the wild,” Khoury said. “So having a tool that generates insecure code is really dangerous. We need to make students aware that if code is generated with this type of tool, it very well might be insecure.”
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Yesterday, we shared images of the upcoming rugged phone from Nokia, and now its specifications surfaced. That’s not all, though. The source also confirmed the name of this handset, it’s not what was originally reported.
The Nokia XR21 will be the name of the company’s new rugged phone, and here are its specifications
The device appeared yesterday as the ‘Nokia Sentry 5G’, and everyone assumed it will be called the Nokia XR30. The Nokia XR20 launched back in 2021, so that’s why. It seems like the phone’s name will be the Nokia XR21, and not XR30.
This info comes from WinFuture, as does the spec list we’ll talk about. The Nokia XR21 won’t be a high-end smartphone, that much we knew. Still, its specs are nothing to scoff at, as long as the price is right.
Having said that, the phone will feature a 6.49-inch fullHD+ LCD display. It will be a 120Hz panel, and will be protected by the Gorilla Glass Victus. The Snapdragon 695 will fuel the phone.
You will also find 6GB of RAM on the inside, along with 128GB of storage. Android 12 will come pre-installed on the device, while the phone will also be IP68 certified for water and dust resistance.
A 4.800mAh battery will be included, while 33W charging will be supported
A 4,800mAh battery will power the device. 33W wired charging will also be included, but no wireless charging. A USB Type-C port will sit on the bottom, a 2.0 version of it. Bluetooth 5.1 will also be supported, as will WiFi 6.
The Nokia XR21 will include two cameras on the back. A 64-megapixel main camera (f/1.79 aperture) will be backed by an 8-megapixel zoom camera. You will also find two SIM card slots on the inside (+eSIM support), and an audio jack will also be included. The Nokia XR21 will weigh 235 grams.
The source also claims that Nokia will provide OS updates until May 2026, and security updates until May 2027. We still don’t know the price tag of the device, but it’s rumored to cost around $500. We’re not sure how accurate that is, so take that info with a grain of salt.
Apple is set to announce iOS 17 at WWDC in June, like they generally do. So far, the leaks about iOS 17 have been pretty underwhelming. Stating that it was more of a bug fixing and stability update – which is sorely needed on iOS right now.
But recently, we’ve been seeing more rumors about features coming to iOS 17. And today, there’s a new post over on Weibo detailing some of these changes. Now this poster was accurate about Apple revealing the iPhone 14 in yellow, so there is a track record here, though not a long one.
So what’s new in iOS 17?
So what is actually coming in iOS 17? Well according to this post, here’s what to expect:
Lock Screen font size options
A button to share custom Lock Screen designs with other iPhone users
Apple Music lyrics can be viewed on the Lock Screen
Apple Music design changes with simplified interface
App Library folders can be manually renamed
Control Center design changes
Flashlight brightness slider can be freely adjusted, like the volume slider
Again, nothing really ground-breaking here, and honestly a lot of these could be in a point update. But these are some nice changes to see coming in iOS 17. Particularly the ability to rename folders in the App Library. Since Apple’s sorting is not all that great right now.
This is likely not everything that is going to be new in iOS 17, and we’ll likely see some more leaks ahead of WWDC in June. Since we’re still a little over a month away at this point.
Apple will release the first developer beta for iOS 17 following the WWDC keynote on June 5. With the first public beta coming a month later, normally. And of course, the full rollout will come in September. Generally a few days before the new iPhone actually goes on sale. It’s normally between the iPhone announcement and launch.
A fresh set of Git releases was made available to fix several security flaws. It gives attackers the ability to execute arbitrary code upon successful exploitation. Upgrades are advised for all users.
View of the Most Recent Batch of Releases On GitHub
To resolve two security flaws that affected versions 2.40.0 and earlier, CVE-2023-25652 and CVE-2023-29007, the Git project issued new versions.
Reports say new versions of the Git for Windows project were released with fixes for these five vulnerabilities.
“To protect against CVE-2023-25652 and CVE-2023-29007, users are encouraged to upgrade immediately”, GitHub reports.
With git apply –reject, the former may carry out controlled content writes at arbitrary paths.
The latter might be used to insert arbitrary configuration settings, which could execute arbitrary code.
The Windows-specific vulnerabilities affect users on multi-user computers, users working in Git CMD, and users using the SOCKS5 proxy connect.exe included in the Git for Windows distribution. Additionally, those who fit these categories are urged to upgrade immediately.
Upgrade To the Most Recent Git Release
GitHub suggests that the best defense against these vulnerabilities is an upgrade to Git 2.40.1. GitHub has taken severe measures to defend users from these attacks. Particularly,
It has scheduled a GitHub Desktop update that stops the exploitation of this vulnerability for release on April 26th, 2023.
Scheduled updates to upgrade the versions of Git used by GitHub Codespaces and GitHub Actions.
If you are unable to update right away, minimize your risk by doing the following:
Avoid using git apply –reject when working with patches from untrusted sources. Use git apply –stat to inspect a patch before applying it.
Avoid running git submodule deinit, git config –rename-section, and git config –remove-section on untrusted repositories or without prior inspection of your $GIT_DIR/config.
You can lower your risk on Windows by carrying out the following actions:
Avoid using Git for Windows on machines with shared accounts. Otherwise, create empty C:\mingw64 and C:\etc folders, and remove any write permission on them.
Avoid using Git CMD; if doing so is impossible, ensure it is started from a trusted directory.
“GitHub itself is not affected by these vulnerabilities. We do not use git apply –reject, nor Git’s configuration mechanism. GitHub does not use Git for Windows, and is thus not affected by those vulnerabilities, either”, GitHub said.
