The Samsung Galaxy Tab S9 Plus appeared in CAD-based renders recently. Even the S Pen for the Galaxy Tab S9 series got certified. Well, now, the Galaxy Tab S9 Ultra specs leaked, and they do reveal a truly powerful tablet.
The Galaxy Tab S9 Ultra specs appear to reveal a powerful tablet
This information comes from Ice Universe, a well-known tipster. Chances are they’re accurate, as he has an excellent track record. That being said, the ‘Ultra’ model will be the most powerful Galaxy Tab S9 model, of course.
The tipster says this tablet will include a 14.6-inch WQXGA+ (2960 x 1848) display. That will be an AMOLED display, of course, and will offer at least a 120Hz refresh rate, even though that wasn’t mentioned.
In any case, the tipster says that the Snapdragon 8 Gen 2 for Galaxy will fuel the device. An 11,200mAh battery will be included, while 45W wired charging will be supported. The charger won’t be included in the package, though, almost certainly.
The Galaxy Tab S9 Ultra will feature 16GB of LPDDR5X RAM, and will also be IP68 certified for water and dust resistance. It will measure 208.6 x 326.4 x 5.5mm, while it will weigh 737 grams.
It will have the exact same dimensions as its predecessor
So, it will have the same exact dimensions as its predecessor, the Galaxy Tab S8 Ultra. It will, however, be a bit heavier than that device, for about 10 grams or so.
It seems like Samsung plans to announce three tablets once again. Three Galaxy Tab S8 tablets arrived last year, and the same will happen with the Galaxy Tab S9 series this year.
The thing is, Samsung opted not to announce the Galaxy Tab S9 series alongside its Galaxy S23 devices this year. Those tablets will arrive later on. Now, there’s a chance Samsung will announce them in the near future, but it’s more realistic it will wait until August. Those tablets could arrive alongside the company’s brand new foldables, the Galaxy Z Fold 5 and Flip 5. It remains to be seen.
According to a new report, iOS 17 could end software support for several iPhones. The same goes for iPadOS 17 and some iPads, actually. This information comes from MacRumors, who got it from Fame_G_Monster, who allegedly has a good track record.
iOS 17 will seemingly end software support for several iPhones, here’s a list
The source did list the devices that will be dropped. Based on this info, iOS 17 will end support for the iPhone 8, iPhone 8 Plus, and the iPhone X. On the other hand, iPadOS 17, is expected to drop support for the first-gen 9.7-inch and 12.9-inch iPad Pro, and the fifth-generation iPad.
Devices mentioned here, both iPhones and iPads, were released between November 2015 and November 2017. This would basically end support for almost all devices with a Bionic A11 chip (and older).
There are some exceptions, though. The sixth-generation and seventh-generation iPad models with the A10 Fusion chip, and the second-generation 10.5-inch and 12.9-inch iPad Pro with the A10X Fusion chip.
iOS 17 will debut on June 5, during WWDC keynote
Having said that, iOS 17 is expected to debut on June 5. That is when Apple will host its WWDC keynote. This update could end up delivering more features than initially anticipated. Don’t expect it to deliver as many changes as iOS 16, though.
The most notable change mentioned thus far is… alternative app stores. The EU basically pushed Apple’s hand on this one. The EU wants Apple to allow alternative app stores on the platform, though that doesn’t mean those stores will compete with the App Store.
This is more so that users can download games from alternative app stores, such as Epic’s store. It remains to be seen what will happen with all that, however. Apple has a game plan, but it’s unclear what it is exactly.
All new CarPlay will be coming, and support for Apple’s AR/VR headset is expected too. We do expect a number of other changes, some of which will hopefully be customization-related.
Researchers from Checkpoint found a new and previously unknown ransomware variant dubbed “Rorschach” with highly sophisticated features that target U.S. companies.
Rorschach ransomware carries technically unique and customized features and one of the fastest ransomware observed by the speed of encryption that was never found in ransomware history.
Interestingly, Threat actors behind the ransomware implemented unique features that have nowhere been found in any known ransomware.
Rorschach developed a partially autonomous that allows it to eliminate the manual actions usually performed by the other ransomware strains; instead, it automates some functions, such as creating a domain group policy (GPO).
Researchers initially found this Rorschach ransomware strain while investigating the ransomware incident in a U.S.-based company.
It was deployed using a signed component of a commercial security product, and the ransomware didn’t associate with any ransomware groups and affiliates.
Rorschach Ransomware Technical Analysis
During the behavioral analysis, as it is partially autonomous, researchers noted that the ransomware spreads itself automatically soon after it gets executed on the Domain controller and the event logs from the infected machines.
Rorschach can change the behavior based on the operator’s needs based on built-in configuration as well as numerous optional arguments.
Researchers believe that the ransomware inspired by the most infamous ransomware families also added some unique functionality, such as direct syscalls.
Rorschach uses Cortex XDR Dump Service Tool, a commercial security product from Palo Alto used for DLL side-loading to deploy in the targeted victim’s machine.
During the execution phases, Rorschach employed 3 files of the following:
cy.exe – Cortex XDR Dump Service Tool version 7.3.0.16740, abused to side-load winutils.dll
winutils.dll – Packed Rorschach loader and injector, used to decrypt and inject the ransomware.
config.ini – Encrypted Rorschach ransomware which contains all the logic and configuration.
Rorschach ransomware execution process
To make the analysis hard, Rorschach utilizes SUSPEND mode to run the spawns processes, deliver the falsified arguments, and make the execution unique by replacing it with the actual argument and rewritten in memory.
The above technique is used to perform the following operation.
Attempt to stop a predefined list of services using net.exe stop.
Delete shadow volumes and backups to harden recovery using legitimate Windows tools such as vssadmin.exe, bcdedit.exe, wmic.exe, and wbadmin.exe
Run wevutil.exe to Clear the following Windows event logs: Application, Security, System, and Windows Powershell.
Disable the Windows firewall using netsh.exe
Rorschach is employed the unusual technique to evade defense mechanisms. Also, the ransomware automatically creates a Group Policy, spreading itself to other machines within the domain.
Encryption Process
Rorschach uses an encryption method that is a highly effective and fast hybrid cryptography scheme that is mixed of curve25519 and eSTREAM cipher hc-128 algorithms for the encryption process.
This method helps Rorschach to encrypt the specific portion of the file instead of the entire file. “The WinAPI CryptGenRandom is utilized to generate cryptographically random bytes used as a per-victim private key. The shared secret is calculated through curve25519, using both the generated private key and a hardcoded public key. ” Checkpoint said.
” Rorschach’s encryption routine suggests not only the fast encryption scheme mentioned previously but also a highly effective implementation of thread scheduling via I/O completion ports.’
As a result of the speed test, Rorschach encrypts the files within 4 minutes, 30 seconds, when LockBit v.3 took 7 minutes.
Ransom Notes
Rorschach ransomware is not clearly associated with any known ransomware group, and the ransomware note is entirely different.
According to the report, the resulting ransom note was completely different. The note was very similar to those issued by DarkSide, which probably led to this new ransomware being named “DarkSide,” despite the group being inactive since May 2021.”
Apple has shared the first look of its first retail store in India, called Apple BKC.
Apple has been rumored to open its first-ever retail store in India for months now. The company has now officially confirmed that it will be opening the store soon and shared a picture showcasing the store. The store is located at the Jio World Drive Mall in Bandra Kurla Complex, Mumbai. The store’s façade is decorated with the iconic interpretations of Kaali Peeli taxi art that is unique to Mumbai.
The barricade also features illustrations of various Apple products and services that customers will be able to discover in-store. Apple had initially planned to debut its first retail outlet in India in 2021 but had to delay the opening due to the COVID-19 pandemic and government regulations.
However, it is expected that the store will finally open later this month. In addition, the company is reportedly planning to open another store in New Delhi in the coming months. The Mumbai store is said to be approximately 22,000 square feet, making it a flagship Apple retail store.
In recent years, India has emerged as an increasingly important market for Apple. Although the company had a limited presence in the country previously, it is now expected that India will become a significant contributor to Apple’s revenue in the future. Apple’s contract manufacturing partners have also ramped up the local assembling of iPhone and other products in the country.
The company is now set to open its first-ever retail store in the sub-continental country soon. To celebrate the opening of the store, Apple has also created special wallpapers based on the illustrations of the barricade as well as a music playlist.
Facebook has released a rather interesting new feature to Messenger, it now allows you to play multiplayer games during video calls. There are 14 titles available at the moment, but we expect that number to grow.
Playing multiplayer games during video calls is now possible in Facebook Messenger
Do note that this feature is now available for Android, iOS, and the web as well. You don’t need to install any add-ons or anything of the sort. So that’s great, you can simply launch a game, and get at it.
There are some interesting titles available at launch. Words With Friends is available, and so is Mini Gold FRVR. Those are games that pretty much everyone is familiar with. Even some newer titles can be played, such as Card Wars and Exploding Kittens.
Another thing worth noting is that each of these games can be played by 2 or more people. As far as the maximum player numbers are concerned, well, it all depends on the game you’re playing.
So, how do you fire it up? Well, you’ll need to start a video call first, of course. Once you do that, simply tap the group mode button, and tap the ‘Play’ icon. Find the game you want to play, and fire it up.
Games are not new for Facebook Messenger, but this implementation is
Games on Messenger are not new, however, multiplayer games during video calls are. Facebook is hoping this new feature will stick. In other words, the company is hoping people will actually use it.
The company did promise more free games are coming down the line. In fact, Facebook Gaming said more such titles are coming later this year, so stay tuned for that.
It’s also worth saying that each of these games has been optimized for the Messenger interface. This feature should be available to you already, so try it out if you’re interested.
We’re quickly approaching Summer, and it’s peak camping season. While you probably already have all of the camping essentials, like a tent, a grill and more. We’re here to help you make your camping experience even better with some other cool products that you should pick up to elevate your camping experience. So here are seven must-have products for the best camping gear in 2022.
Best Camping Gear
In this list, we have a couple of power stations, one that is much bigger than the other of course. As well as a cool wood burning electric stove that also has USB-C ports available to charge your phone. Of course, there’s also a Yeti cooler and water bottle here too. So without further ado, here are the best camping gear for 2022.
The Jackery Explorer 290 is a great portable generator to take camping with you. Especially if you need just a little bit of power. As the name indicates, this battery is able to provide 290-watts of power ow continuous 200W and peak 400W output. All while being small and compact.
This battery does offer up a few ports. There’s two USB-A ports, we’d like to see USB-C here but for the price it’s not a deal-breaker. There’s also a 120V AC outlet, along with a car outlet Jackery has also included a screen to help you see how much juice is left.
Whether you have a dedicated campsite that you go to every time, or are traveling and visiting a new campsite every night, this portable grill is a good buy. It’s a portable propane grill. This one has eight adjustable burners. So it’s not super large, but it will get the cooking done.
It has a total of 20,000 BTUs, and does fold down pretty flat. So it won’t take up much space in your van, if you’re doing van life this year.
This is the most expensive product on this list, and it’s not hard to see why. The ECOFLOW Delta is a massive power station that can keep you going for probably a week of camping. It’s a 1260Wh battery pack with 6 1800W AC outlets, There’s four USB-A ports, and two USB-C ports. There’s also a car socket on the backside.
So what can this thing power? Well a lot of things. It can power an electric fry pan for up to an hour and a half. Your laptop for about 23 hours, power your drone up to 23 times. And charge your camera about 65 times. This can also be used as a home backup in case the power goes out. It can power a CPAP machine for around 18-22 hours, or a fridge for 10-20 hours.
If you’re buying the ECOFLOW DELTA, then this solar panel is going to be a good buy to go with it. As it can help replenish the juice used by the Delta, thanks to the Sun. This is a 160 Watt solar panel that can be put out to collect juice and fill your ECOFLOW Delta, or really any other ECOFLOW power station.
It’s a pretty compact solar panel, weighing in at around 15.4lbs. It also comes with a kickstand case to protect the panels and prop them up to get the most amount of sun possible.
You can’t go camping and not make s’mores right? This caddy from HERSHEY’s is perfect. While it does not come with chocolate, marshmallows or graham crackers inside, it does make it a great place to hold all of it, while you are making S’Mores.
It includes a removable tray and carrying handle. Making it perfect for camping, picnics, tailgating and more.
This is a pretty cool product to pick up. This is a camp stove that can turn fire into electricity and then charge your phone. Pretty great if you’re going camping with as little stuff as possible.
There are internal jets that have four fan speeds to circulate air for improved combustion.
You have to keep your food cold while you are out camping, right? And what’s better than a YETI cooler? This is the first ever YETI cooler that is on wheels. Making it easier to take it camping, to the beach or out to a picnic. It also has a durable welded aluminum arm with comfortable grips, so it isn’t so uncomfortable to wheel around.
It also has permafrost insulation, which helps to keep your ice, as ice. That’s thanks to the pressure-injected commercial-grade polyurethane foam in the walls and lid.
If you don’t need something quite as large as the ECOFLOW Delta, Anker is here with its 521 Portable Power Station, and this one is actually portable.
This has 256Wh of power, and thanks to it being a LiFePo4 battery, it’s going to last a lot longer, over 6,000 recharges. There are two AC outlets, a 60W USB-C outlet, as well as two USB-A ports and a car socket. It also has a very bright light below the ports that make it easier to see what’s happening. Which is a really nice touch, especially in a power outage.
This power station has actually come in handy for myself a few times, even though I don’t really ever go camping. That’s because of the powerful storms that rolled through Michigan last year, leaving us without power for a few days. And the Anker 521 Portable Power Station helped run fans, and charge my laptop without any issues.
Whether, you’re camping or not. It’s important to stay hydrated, and that’s where the YETI Rambler comes into play. This is a 360z water bottle, that is also vacuum insulated to keep your cold drinks cold and hot drinks hot. YETI does not claim how long that will last, just “until the last sip”. Again, if you’re camping, you’re probably going to be drinking quite a bit of water, so that won’t matter as much.
This one also has the chug cap, so you can pop it off and chug as much water as needed.
The popular communication software business 3CX has admitted a supply-chain attack, potentially affecting its customers too. As the attackers trojanized the legit app version, deleting the 3CX Desktop App remains the only working fix for now. The exact impact of this incident on other firms currently remains unclear; however, investigations are underway.
Recently, 3CX disclosed a severe cyberattack that risks the security of its customers. 3CX admitted the presence of malware in its software, following a supply-chain attack, and urged the customers to simply uninstall the app until the matter receives a fix.
3CX is a popular PBX provider serving a huge customer base globally. Its support for Windows and Linux systems alike makes it feasible for various businesses to integrate 3CX in CRMs.
A community alert from the firm’s CEO, Nick Galea, on 3CX forums revealed that the threat actors potentially infected the 3CX desktop app with a malware, affecting the Windows Electron client. As the firm investigated the matter, it advised the customers to use the Progressive Web App (PWA) client instead which remained immune to this attack.
Diving deep into what happened
While it initially seemed like an abrupt disclosure following a sudden attack, SentinelOne elaborated that they could detect the threat even early. According to their post, they decided to investigate the matter after the SentinelOne app started blocking malicious threats with the 3CX desktop app. Some users even shared their complaints on 3CX forums following these alerts. Yet 3CX officials didn’t acknowledge the matter.
As the incident gained traction and the investigations progressed more, it turned out that the threat actors potentially exploited an already-known Windows vulnerability to infect the 3CX app. Analyzing the matter revealed the presence of a malicious DLL in the app, which downloaded further malware, like infostealers, on the target device.
Sophos, in its own post, also explained the incident, hinting at the potential abuse of ffmpeg.dll for the DLL sideloading attack, The researchers also attribute the attack to the Lazarus Group. Whereas CrowdStrike, in its own analysis, mentioned LABYRINTH CHOLLIMA as the threat actor behind the attack.
Ironically, the said Windows vulnerability, despite numerous exploits and a working fix available for a decade, still threatens numerous systems. That’s because, as Bleeping Computer elaborated, the patch for this bug remains available as an “opt-in” feature only, requiring manual configuration. Thus, the probability of blanket immunity to this vulnerability exploit remains very low.
What Next?
For now, Galea advises 3CX users to abandon the desktop app for the PWA client until the matter gets resolved. Meanwhile, 3CX has hired Mandiant for investigating the matter.
CISA has published the first results of its pre-ransomware notifications that were introduced at the start of 2023. And they appear to be working.
CISA (Cybersecurity and Infrastructure Security Agency) has published the first results of its pre-ransomware notifications that were introduced at the start of 2023.
Even though this initiative is relatively young, CISA says it has notified over 60 entities across the energy, healthcare, water/wastewater, education, and other sectors about potential pre-ransomware intrusions, and we’ve confirmed that many of them identified and remediated the intrusion before encryption or data loss occurred.
In order to develop the pre-ransomware notifications, CISA established the Joint Cyber Defense Collaborative (JCDC) to “unify cyber defenders from organizations worldwide”. The team proactively gathers, analyzes, and shares actionable cyber risk information.
The success of the operation relies on a few key factors:
Sharing intelligence by the cybersecurity research community, infrastructure providers, and cyber threat intelligence companies about potential early-stage ransomware activity.
Getting that information to the victim organization and providing specific guidance about containing the threat.
The time cybercriminals take from the initial security breach to the full-fledged ransomware attack.
Basically, the more information organizations give about early-stage ransomware activity, the better the information the JCDC can provide. This information also helps to keep lists like the known to be exploited vulnerabilities catalog up to date and helps create ransomware vulnerability warnings which inform organizations that a vulnerability used by ransomware threat actors is present on their network.
But how do pre-ransomware notifications work in real life?
Let’s take the fake IRS mail we reported about last week as an example. My colleagues found an email being sent out with the title of “IRS Tax Forms W-9” which appears to have been sent from “IRS Online Center”. In reality, the attachment contains a malicious macro. Enabling the content of the attachment will result in Emotet being downloaded onto the system.
The JCDC can in turn share this information with potential victims. “Have you seen this mail? Did anyone open the attachment? Did they use the “Enable Content” button? Here is what you can do to prevent your systems from getting encrypted. These are the tactics, techniques, and procedures (TTPs) and Indicators of Compromise (IOCs) you need to look for. And this call-to-action can be pretty specific because they know that any potential victims should be looking for Emotet.
For many non-profit organizations that can’t afford their own security team or an external Managed Detection and Response (MDR) service, this is very helpful and, as CISA concludes, has proven its usefulness. While the pre-ransomware notifications service is aimed at US organizations, JCDC works with international Computer Emergency Readiness Team (CERT) partners to enable a timely notification when it concerns a company outside the US.
The more information we share, the better the information JCDC can provide gets. Any organization or individual with information about early-stage ransomware activity is urged to contact Report@cisa.dhs.gov. If your organization is interested in participating in these collaborative efforts to stop ransomware, please visit cisa.gov/JCDC-faqs or email cisa.jcdc@cisa.dhs.gov.
Every US ransomware incident should be reported to the US government. You can find information on reporting at stopransomware.gov.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Samsung is hard at work on making its Fold series foldable smartphones thinner and lighter. The company has developed a new type of hinge that allows the device to shut without a gap when folded. It also helps reduce the weight of the fold and eliminated the display crease. We now have some numbers that tell you how the upcoming Galaxy Z Fold 5 stacks up against last year’s Galaxy Z Fold 4 in terms of weight and thickness.
According to a new report coming out of Samsung’s homeland South Korea, the Galaxy Z Fold 5 will weigh about 250 grams. The company hasn’t quite achieved it just yet, with the current prototype unit weighing in at 254 grams.
But, work is underway to cut some more weight before the product enters the final production stage. Even if Samsung fails to reduce the weight any further, the new foldable will be nine grams lighter than the 2022 model (263 grams).
It may not be a massive weight reduction, but it’s pretty big in the grand scheme of things. The Galaxy Z Fold 5 is a huge smartphone with two screens, big batteries, and several moving components inside.
There’s little scope to bring the weight below 250 grams. However, Samsung has still found a way to make the device significantly thinner without compromising on waterproofing or anything else.
The Galaxy Z Fold 5 will reportedly be just 13.4 mm thick when folded. In comparison, the Galaxy Z Fold 4 is unevenly thick and measures 14.2-15.8 mm when folded, with the hinge area being thicker.
That’s a 2.4 mm reduction in thickness in the hinge area this year. When unfolded, last year’s foldable measured 6.3 mm thick. We expect that to remain unchanged with the upcoming model.
The Galaxy Z Fold 5 will address another complaint with Samsung foldables
Weight and thickness weren’t the only complaints of Samsung’s foldable users. They have also been demanding the company work on removing or at least reducing the display crease. And the firm is addressing all of these complaints this year. The new “waterdrop” hinge in the Galaxy Z Fold 5 will allow the display to fold in the shape of a water droplet, eliminating the crease.
Overall, the Galaxy Z Fold 5 will bring several subtle improvements to Samsung’s Fold lineup this year. The company’s push for a thin and light foldable means there will not be a built-in slot for the S Pen.
It is said to be working on a new S Pen that fits inside the thin foldable while also giving you a feeling of a real pen when writing. Next year’s Galaxy Z Fold 6 may bring it. Samsung’s fifth-gen foldables will debut in the second half of 2023.
If you’re someone who frequently books flights, you know how frustrating it can be to book a flight only to find out later that the price has dropped significantly. But what if you could get a refund for those flights that you booked through Google Flights? Google is currently testing out its new price guarantee program, which aims to do just that.
Now, when searching for flights on Google, you would notice a small shield icon with a dollar sign next to certain flights. Therefore, if you book one of these flights, Google will monitor the price every day until the departure date, and if the price drops, Google will refund you the difference via Google Pay. While other travel sites like Orbitz also offer partial refunds under certain circumstances, Google’s program is unique because it continuously monitors flights and provides automatic refunds.
However, the program is currently only available for flights departing from the US, and users must have a US billing address and phone number to be eligible. Additionally, the maximum refund amount is $500 per year, and Google will not reimburse differences that are less than $5.
“Now, we’re going a step further with a new pilot program for price guarantees in the U.S. If you see a flight with the price guarantee badge, it means we’re confident that the price you see today won’t get any lower before takeoff,” says Google.
Exploring hotels on Google
In addition to the price guarantee program, Google has also launched a new feature that allows users to explore hotels in an area through a “swipeable story format.” With this format, users can swipe through full-screen images of hotels, similar to how they would view stories on Instagram and quickly access reviews and other information. When users are ready to book, they can easily do so by tapping a link that takes them directly to the hotel’s website. Furthermore, Google Maps will now allow users to search for attractions and view pricing information, as well as purchase tickets for these attractions directly from the listing.
