WhatsApp Settings may soon become way easier to navigate

andreasc
-
0
WhatsApp Settings may soon become way easier to navigate
[ad_1]
Ah, WhatsApp: a staple of modern online communication! Regardless if you are in need of texting, calling or video conferencing, the Meta-owned messaging app can get it done. This is likely why the app makes its way on most of the best smartphones out there.

But there are other factors that need to be taken into consideration too. For example, end-to-end encryption is appreciated by users. But the constant stream of new features, introduced by regular updates, is also key in keeping WhatsApp in a leading position.

Often enough, though, with new features, new options get introduced too. These ultimately make the WhatsApp Settings menu their home, and as such, it has gotten a tad cluttered over the years. The latest WhatsApp Beta for Android, however, seems to be aiming to fix that issue with the implementation of a search bar. 

The team of WABetaInfo — often responsible for spotting hidden WhatsApp features — has shared a report about the latest Beta update for Android, namely version 2.23.8.20. This version introduces a functional search bar in the Settings menu of the messaging app.

It seems to work pretty similarly to the search bar in Android’s very own Settings app, where users can type in keywords in order to find a specific setting quickly, instead of browsing through everything with the hopes of finding it “manually”.

This addition is great not only because it alleviates the hassle of searching for that one setting you need to get to, but also because it is pretty much future-proof. More features are bound to come to WhatsApp and the search bar is likely to work for them as well, making it more valuable for the user experience. 

All that being said, the Settings search bar is currently rolling out for the Beta version of the app. While we don’t know when it will reach the live version of WhatsApp, if you are excited to try it out, you can always enroll in the Beta testing group on Android.


[ad_2]
Source link

Pay $20K To Infect Android Devices via Google Play

andreasc
-
0
Pay $20K To Infect Android Devices via Google Play
[ad_1]
Infect Android Devices

In recent times, it has been observed by the security researchers at Kaspersky’s SecureList that the official Google Play store’s security has become increasingly vulnerable to the schemes of the threat actors. 

These shady actors have exploited various loopholes to develop tools that can effectively Trojanize the existing Android applications, making them susceptible to exploitation. 

Methodology

While here, the most shocking and alarming thing is that the threat actors are selling all these malicious wares for excessive sums of up to $20,000 on the dark web.

A recent study conducted between 2019 and 2023 revealed a concerning trend in cybersecurity. 

EHA

The research has uncovered a prosperous marketplace where buyers and sellers engage in the trading of:- 

  • App developer accounts
  • Botnets
  • Malicious Android applications

Certain wares, especially those extremely useful, are sometimes going for several thousands of dollars. As far as hiding malware and unwanted programs are concerned, the following categories are the most popular:

Malicious Services Offered

Various products, services, and deals are available on the dark web for customers with different needs and budgets, just like they are on legitimate online marketplaces.

Apart from this, threat actors have been observed buying a range of illicit products on the dark web, with developers’ Google Play accounts and source code for app development tools being among the most popular.

These accounts are often obtained through shady means, such as hacking or the use of stolen identities, enabling the threat actors to upload their malicious innovations to Google Play.

To be listed in Apple’s or Google’s app stores, software must undergo intensive testing before being uploaded.

Below we have mentioned all the major services offered in these marketplaces:-

  • Google Play loaders
  • Binding service
  • Malware obfuscation
  • Installations
  • Other illicit services

Average Prices

During the research analysis, the security analysts discovered a wide range of price tags offered on the dark web for Google Play-related services.

For hassle-free trading and proceedings, they also accept payments through various methods. There are also some sellers who hold auctions as a means of selling their goods.

There are several options for providing services, including sharing the final profit, renting services, and selling them for a one-time fee.

Here below, we have mentioned all the average price tags:-

  • A loader can cost between $2,000 and $20,000.
  • A binding service usually costs about $50 to $100 or $65 per file.
  • Obfuscation of 50 files may cost around $440.
  • The average price tag for installation ranges between $0.25 to $1.

Recommendations

The following steps should be taken to stay protected against mobile threats:-

  • Installing apps from unknown sources should not be enabled.
  • Don’t grant an app permissions that it doesn’t need to perform its main functions without checking its permissions.
  • Protect your device from malicious apps and adware with a reliable security solution.
  • When an update becomes available for your operating system and important apps, immediately update them.
  • Always use strong and unique passwords.
  • Ensure to enable the 2FA wherever possible.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Related Read:


[ad_2]
Source link

Android App Trojans Sold on Dark Web for $25-$20,000

andreasc
-
0
Android App Trojans Sold on Dark Web for $25-$20,000
[ad_1]

Researchers analyzed both clear and dark web hacking forums and discovered that Russian language threat actors are particularly interested in buying and selling these exploits.

The Google Play app store’s security mechanisms are being compromised by cybercriminals who are developing tools to trojanize Android apps and sell them on underground cybercrime marketplaces.

A recent blog post from cybersecurity firm Kaspersky, published on April 10th, 2023, revealed findings from an extensive study of Clear Net and Dark Web forums, highlighting the vulnerabilities in app store security – Most of these forums are Russian speaking.

The blog post stated that despite the vetting process for software uploaded to Google or Apple app stores, no security solution can be considered 100% foolproof. Every scanning mechanism has inherent flaws that can be exploited by threat actors, allowing them to upload malware to Google Play.

Researchers at Kaspersky monitored activities between 2019 and 2023 and found a thriving market on the Dark Web for buyers and sellers exchanging access to app developer accounts, infected Android apps, and botnets, with prices ranging from a few hundred to several thousand dollars.

One of the methods used by attackers to infect apps with malware involves uploading a harmless app to the app store to gain approval and attract a large number of users. Once the app is approved, the attackers release an update to the app that contains malicious code.

Another method is compromising legitimate app developers by hijacking their accounts and infecting existing apps with malware. Weak password policies and lack of two-factor authentication (2FA) make these accounts easy targets for cybercriminals.

Credential leaks are also used to obtain login details to breach accounts and corporate development systems. Kaspersky researchers found that access to a Google Play account can be purchased for as little as $60, while more lucrative accounts, services, or tools come with a higher price tag.

Loaders, which deploy malicious code into Android apps, are particularly sought-after products on the Dark Web marketplace, with prices ranging from $5,000 to $20,000 depending on their capabilities and complexity.

Sellers often highlight features like user-friendly UI, victim country filters, easy-to-use control panels, and compatibility with the latest Android OS to attract buyers. Some sellers even offer video tutorials for their products.

Android App Trojans Sold on Dark Web for $25-$20,000
What cybercriminals are offering (Image: Kaspersky)

The blog post also revealed that cybercriminals may supplement trojanized apps with functionality to detect debuggers or sandbox environments. If a suspicious environment is detected, the loader may stop its operations or notify the cybercriminal, indicating that it has likely been discovered by security investigators.

In addition to loaders, other illegal services offered on Dark Web forums include Virtual Private Servers for redirecting traffic or controlling compromised devices, with prices starting at $300, and web injectors, available for $25 to $80. Cybercriminals can also obfuscate their malware for $440, while the cost of processing a single file is around $30.

Kaspersky emphasized that while Google Play does not allow the selling of malicious applications on its platform, app takeovers and infected applications on official stores are still available due to loopholes in enterprise security and innovative hacking methods.

Therefore, users are advised to avoid installing unknown apps and to check for permissions to ensure that apps only access the required functions.

The increasing trend of cybercriminals exploiting the flaws in Google Play app store security to sell malicious apps on the Dark Web highlights the ongoing “cat and mouse game” between security scanners and attackers.

Despite efforts to patch vulnerabilities, attackers continue to find new flaws, underscoring the need for constant vigilance and strong security measures to protect app stores and users from malware threats.

  1. Hackers selling Bitcoin ATM Malware on Dark Web
  2. Hacking tools and phishing pages sold on dark web for $2
  3. Teen “Hackers” on Discord Selling Malware for Quick Cash
  4. Amazon Still Selling T95 TV Box with Pre-Installed Malware
  5. Fraud & hacking guides are the most sold item on dark web

[ad_2]
Source link

Galaxy S21 FE & A53 5G widely getting April update in the US

andreasc
-
0
Galaxy S21 FE & A53 5G widely getting April update in the US
[ad_1]

More Samsung Galaxy smartphones are receiving the April 2023 Android security patch in the US. The Galaxy S21 FE and Galaxy A53 5G are the latest to join the party. This month’s security update has already reached dozens of other Galaxy models stateside.

Samsung usually releases the latest updates for its Galaxy devices in international markets first before bringing them to the US. But it has mostly been the other way around this month. The April SMR (Security Maintenance Release) debuted in the US for many devices before other markets.

The Galaxy S22 series, Galaxy Z Fold 4, Galaxy Z Flip 4, Galaxy S21 series, Galaxy Z Fold 3, Galaxy Z Flip 3, and Galaxy Note 20 series are among those. The story is the same for the Galaxy S21 FE and Galaxy A53 5G as well.

The April SMR for the Galaxy S21 FE is rolling out widely in the US. The update for the carrier-locked units comes with the firmware build number G990USQS6EWC3, while that for the unlocked variants is G990U1UES5EWC2. Samsung isn’t pushing anything apart from this month’s security fixes to the device (more on that later). Galaxy S21 FE users in other markets can also expect to receive the latest security patch over the next few days.

Coming to the Galaxy A53 5G, Samsung began seeding the April SMR to this premium mid-range device in the US last week. But the initial rollout was limited to unlocked units in Puerto Rico. The company has now expanded the rollout to the mainland US, starting with carrier-locked units on Comcast’s network. The new firmware version for the phone is A536USQS4CWC8 (via). The updated build number for the unlocked Galaxy A53 5G in Puerto Rico is A536U1UEU4CWC4.

The April update for Galaxy devices patches more than 70 vulnerabilities

This month’s security update for Galaxy devices is one of the biggest releases in recent months. It contains patches for more than 70 vulnerabilities. These include at least four critical Android OS flaws and one critical Galaxy-specific flaw. The vast majority of the remaining fixes are labeled “high-severity” by Google and Samsung. Overall, the April SMR patches 23 Galaxy-specific and 50 Android OS issues.

All of these security fixes should be available to all users of the aforementioned Galaxy devices in the US within the next few days. As usual, you can check for updates from the Settings app. Go to the Software update menu and tap on Download and install. If you don’t see any updates today, wait a few days and check again.


[ad_2]
Source link

iPhone 15 Pro may not offer solid-state buttons after all

andreasc
-
0
iPhone 15 Pro may not offer solid-state buttons after all
[ad_1]

Pretty much everyone knows by now that the iPhone 15 Pro and Pro Max are expected to feature solid-state buttons. Plenty of sources said it, reliable sources. Well, there has been a change in plans, it seems. Apple allegedly ditched the solid-state buttons plan for the iPhone 15 Pro series.

The iPhone 15 Pro may not feature solid-state buttons after all

Why is that? Well, it seems like the company ran into some technical issues. This information comes from multiple sources, actually, reliable sources. The Haitong Tech analyst, Jeff Pu, shared the news (via 9to5Mac), and Ming-Chi Kuo reported something similar.

PU said that this change came into action due to a more complex design. The new buttons would require three new haptics engines inside the iPhone. Apple needs time to sort out the issues, and manufacture the needed parts. So, we’ll probably have to wait until next year’s ‘Pro’ iPhones.

While PU specifically talked about the volume buttons, Ming-Chi Kuo seems to be referring to solid-state buttons in general. So, the power/lock button will likely stay physical as well. We’re not sure about the customizable action button that is rumored to replace the mute switch, however.

This is a rather weird turn of events, that’s for sure

This is all rather weird. The iPhone 15 Pro CAD-based renders did appear, showing solid-state buttons, and the action button too. Apple seemed ready to implement the changes, but it seems like the company will have to backtrack.

It will be interesting to see whether Apple will keep the mute switch, or make the change to the action button. Either way, this is not supposed to mess with Apple’s release cycle. The new iPhones are expected to launch in September, as expected, despite this road bump. Apple will once again launch four models, the iPhone 15, iPhone 15 Plus, iPhone 15 Pro, and the iPhone 15 Pro Max (which could carry the ‘Ultra’ name instead).


[ad_2]
Source link

Fake Google Chrome Error Screens To Inject Malware

andreasc
-
0
Fake Google Chrome Error Screens To Inject Malware
[ad_1]
Fake Google Chrome Error Screens

Researchers detect a new malware campaign that uses a web page with fake Google Chrome error screens, and the campaign actively distributing malware since Feb 2023.

With the help of social engineering techniques, threat actors trick victims into executing the malware on the system. In this case, several Japanese websites are compromised to distribute the malware.

The Malware eventually drops a Monero miner with the function of the following:

  • Copy itself to C:\Program Files\Google\Chrome under the name updater.exe
  • Launch legitimate conhost.exe and process injection
  • Persisted using task scheduler and registry
  • Windows Defender exclusion settings
  • Stop services related to Windows Update
  • Interfering with communication of security products by rewriting the Hosts file.

Malware Infection Process:

Attackers compromised and defaced several legitimate websites, and the malicious code was injected with the help of the following parameters.

EHA

The link has a mtizndu2 parameter and is supposed to be a lowercase MTIzNDU2 base 64 encoded version of 123456.

In this case, Script tags load and execute JavaScript code of the following and the attackers use some obstruction technique to analyze the code.

The following code has using for this attack:

According to the NTT Data report, “In addition to access control using cookies, the loaded JavaScript code contains a function to narrow down the target and a process to redirect to a URL that displays a fake error screen.”

Attackers also used a Cookie key (c122eba0264bfd7e383f015cecf59fbd) for access control, and the MD5 value is “yagamilight” for the same.

In the Results, victims will see a fake Error screen of the following; JavaScript code downloads a ZIP file.

The Zip file is named as ” chromium-patch-nightly” and pretends to be a patch update for Chrome.

The language of the fake error screen displayed varies depending on the website to be defaced. In addition to Japanese, SOC has confirmed Spanish and Korean and supports multiple languages. Researchers said.

Researchers believe that some of the websites that have been defaced include Japanese websites, and the impact is widespread and serious. It may continue in the future, so be careful.

IoCs

  • 38[.]147.165.60
  • 103[.]150.180.49
  • 156[.]251.189.56
  • 38[.]147.165.50
  • 162[.]19.139.184
  • yhdmb[.]xyz
  • fastjscdn[.]org
  • chromelistcdn[.]cloud
  • chrome-error[.]co
  • xmr.2miners[.]com

Building Your Malware Defense Strategy – Download Free E-Book

Also Read:


[ad_2]
Source link

Sony Xperia 1 V launch timeline revealed; it doesn’t look promising

andreasc
-
0
Sony Xperia 1 V launch timeline revealed; it doesn’t look promising
[ad_1]

The Xperia 1 V is Sony’s upcoming flagship handset, and its launch timeline just surfaced. The thing is, it seems to follow the path the Xperia 1 IV set, and that’s not exactly good. There’s still hope, though. Let me explain.

The Sony Xperia 1 V launch timeline has just been revealed, kind of

This information comes from Zackbuks, a tipster. He shared the info via Weibo. It seems like the Xperia 1 V will launch around the same time as the Xperia 1 IV last year. In other words, it may launch in May, and go on sale in June.

That doesn’t sound too bad, right? In the worst case scenario, it may take over a month for it to get released. Well, the thing is, the Xperia 1 IV launched in June in the UK, but it didn’t arrive in the US until September.

Sony just can’t seem to get itself organized when it comes to smartphone launches. The company has been having such issues for years. Things were even worse with the Xperia 1 III.

The phone got released in China in early June 2021, while it took Sony until mid-August to push it out in the US and the UK. It’s also worth noting that Zackbuks is talking about the Chinese market, and China (and Japan) usually get the company’s phone sooner than others.

Let’s hope Sony learned its lesson

So… what’s the bottom line? Well, we may be in for yet another rather odd release schedule when it comes to Sony’s flagship offering. Sony will hopefully do things differently this time around, but it doesn’t seem like it.

Sony has been making some really compelling phones over the years, and yet… thanks to its release cycle, and odd marketing choices, not many people got them. That’s a bit odd for such a huge company that provides almost every major smartphone out there with camera sensors.

Let’s hope Sony learned its lesson from past years. Let’s hope the Xperia 1 V release timeline will be much different.


[ad_2]
Source link

Exynos 2400 to feature more advanced packaging tech

andreasc
-
0
Exynos 2400 to feature more advanced packaging tech
[ad_1]

After skipping the Exynos 2300, Samsung seems all set to launch the Exynos 2400 later this year. The next-gen flagship Exynos processor will reportedly debut in the fourth quarter of 2023. The Exynos 2200 that powered the Galaxy S22 series in some markets was launched in early 2022.

Samsung skipped the Exynos 2300 likely because its mobile division decided to not use an Exynos processor in the Galaxy S23 series. The 2023 Galaxy flagships are powered by an overclocked version of Qualcomm’s Snapdragon 8 Gen 2 globally. However, the company seems to have found new customers for its flagship chipsets and is now pursuing the Exynos 2400.

According to tipster @Tech_Reve on Twitter, the Exynos 2400 will use FoWLP (fan-out wafer-level packaging) packaging technology. It eliminates the need for a printed circuit board (PCB) in a chip setup. The chips are mounted directly on silicon wafers. The benefit is thinner, higher-performance semiconductors that consume less power. This helps extend the battery life of the device while simultaneously delivering better performance.

The Exynos 2400 could be a deca-core chipset

This isn’t the first time we are hearing about Samsung’s Exynos 2400 plans. Rumors are that it will be a deca-core (ten CPU cores) chipset featuring one ARM Cortex-X4 prime core, two Cortex-A720 high-frequency mid-cores, three Cortex-A720 low-frequency mid-cores, and four Cortex-A520 efficiency cores. That’s all we know as yet about the Exynos 2400. There’s no information on the CPU speeds and the rest of the setup, such as the GPU. Samsung recently extended its partnership with AMD. This hints at an AMD-powered GPU in the Exynos 2400, but there’s no confirmation about it.

However, all rumors have so far hinted at a late 2023 launch for the new Exynos processor. That’s just ahead of next year’s Galaxy S24 launch. While a few reports claimed that Samsung will use the Exynos 2400 in its next-gen flagships, there’s little chance of that happening. The Korean firm is likely to ship the devices with a Snapdragon chip globally. It should once again obtain an overclocked version of the latest Qualcomm processor (Snapdragon 8 Gen 3). The two firms have already signed a multi-year agreement.

Having said all this, it’s still too early for Galaxy S24 and Exynos 2400 rumors. These products are likely in the development stage currently, meaning that Samsung could make changes where it deems them appropriate. We advise you to take this information, including the CPU configuration of the new chipset, with some caution. Stay tuned for more reports confirming or denying these early rumors.


[ad_2]
Source link

The Opera browser on iOS now features a free VPN service

andreasc
-
0
The Opera browser on iOS now features a free VPN service
[ad_1]

VPNs are extremely useful if you don’t want someone to be able to track your internet activity. They create a virtual network on top of the one you’re already using, hiding your real IP address and making you nearly untraceable. However, most VPN services are paid. Many VPN companies let you test their services for free, but at the end of the day, you need to pay real money in order to be untraceable on the web.But today, we have good news for you if you are an iPhone user who wants to use a VPN but doesn’t want to spend cash on one. The iOS version of the Opera browser now features a free VPN service (via 9to5Mac). You only need to download the Opera browser on an iPhone or an iPad running iOS or iPadOS 12.0 or later and enable the new feature. Opera’s VPN service is subscription-free and doesn’t require logging into an account or installing additional extensions.Furthermore, Opera claims that its free VPN feature is a no-log service, meaning it does not collect any personal data or browsing history, ensuring user privacy and security. Opera’s free VPN also comes with a built-in adblocker, which means you will browse the web without any pesky ads popping out on your screen.

Opera has also mentioned that the global rollout of the new free VPN feature on iOS may take a few weeks to reach all users. So, don’t panic if you don’t see the new VPN service on your iPhone’s Opera browser yet.


[ad_2]
Source link

iPhones Hacked Via iOS Zero-Click Exploit To Deploy Spyware

andreasc
-
0
iPhones Hacked Via iOS Zero-Click Exploit To Deploy Spyware
[ad_1]
iOS Zero-Click Exploit

Microsoft Threat Intelligence experts say a threat group is associated with “QuaDream,” an Israeli-based private sector offensive actor (PSOA). 

It employed a zero-click exploit called END OF DAYS to compromise the iPhones of high-risk individuals.

Reports say QuaDream sells a platform called REIGN to governments for use in law enforcement. A collection of malware, exploits, and infrastructure called REIGN is explicitly made to exfiltrate data from mobile devices.

Specifics of the QuaDream’s Spyware

According to Citizen Lab researchers, compromised devices belong to “at least five civil society victims of QuaDream’s spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East.

EHA

Bulgaria, Czechia, Hungary, Ghana, Israel, Mexico, Romania, Singapore, United Arab Emirates, and Uzbekistan were among the nations where Citizen Lab could identify operators for QuaDream systems.

In a report from Meta from December 2022, QuaDream was referenced. 250 accounts connected to the company were purportedly removed as a result.

The report claims that Meta saw QuaDream testing how to break into iOS and Android mobile devices to ” exfiltrate various types of data, including messages, photos, video and audio files, and geolocation.”

“The captured samples targeted iOS devices, specifically iOS 14, but there were indications that some of the code could also be used on Android devices”, reports Microsoft.

“Victims include journalists, political opposition figures, and an NGO worker. We are not naming the victims at this time.”

Notably, to avoid detection, the surveillance malware used in this campaign, identified by Microsoft as “KingsPawn,” was also built to destroy itself after use and wipe out any traces on the iPhones of victims.

“We found that the spyware also contains a self-destruct feature that cleans up various traces left behind by the spyware itself,” Citizen Lab said.

“Our analysis of the self-destruct feature revealed a process name used by the spyware, which we discovered on victim devices.”

Additionally, spyware has a wide range of functions, such as recording calls and surrounding audio and enabling threat actors to search the victims’ cell phones.

Capabilities of QuaDream’s Spyware

  • Get device information (such as iOS version and battery status)
  • Wi-Fi information (such as SSID and airplane mode status)
  • Cellular information (such as carrier, SIM card data, and phone number)
  • Search for and retrieve files
  • Use the device camera in the background
  • Get device location
  • Monitor phone calls
  • Access the iOS keychain
  • Generate an iCloud time-based one-time password (TOTP)

It’s crucial to practice basic cyber hygiene to avoid mobile device compromise. The latest software updates for the device, enabling automatic software updates if available, installing anti-malware software, and being cautious about not clicking links in any unexpected or suspicious communications are all aspects of specific best practices.

“Lockdown Mode offers enhanced security for iOS devices by reducing the attack surface available to threat actors,” researchers recommend.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Related Read:


[ad_2]
Source link
1...1,3171,3181,319...1,470Page 1,318 of 1,470