It’s official, the Xiaomi 13 Ultra will launch on April 18

andreasc
-
0
It’s official, the Xiaomi 13 Ultra will launch on April 18
[ad_1]

Xiaomi has officially announced that its new flagship will launch on April 18, we’re talking about the Xiaomi 13 Ultra, of course. That date was mentioned recently by a Chinese retailer, and it turns out that info is true.

The Xiaomi 13 Ultra will launch on April 18, it’s now official

Do note that this is not just a China launch, though. The phone will launch both in China and globally on April 18. Xiaomi’s CEO is sticking to its promise from last year, the Xiaomi 13 Ultra will be available outside of China.

The press event will kick off at 7 PM GMT+8, in other words, at 7 PM China time. That translates to 1 PM CET / noon BST / 7 AM EST / 4 AM PST. Yes, the company will livestream the event, in case you’d like to tune in. We still don’t have the link for it, though, but we’ll share it prior to the event.

Now, the Xiaomi 13 Ultra appeared in CAD-based renders yesterday. Those images basically confirmed the device’s design. Xiaomi essentially confirmed those pics are accurate by sharing images of the Xiaomi 13 Ultra camera module, which you can see below.

The device will include four camera on the back, with Leica lenses

The Xiaomi 13 Ultra will feature a curved display, and a curved backplate. It will also have a huge, circular camera island on the back. Four cameras will sit inside it, and all four will have Leica lenses on top.

Xiaomi is tipped to add a periscope telephoto camera on the Xiaomi 13 Ultra, in addition to the three cameras it used on the Xiaomi 13 Pro. Rumors also mentioned that a variable aperture will be added to the main camera.

The Snapdragon 8 Gen 2 will fuel this handset, while the same 6.73-inch panel from the Xiaomi 13 Pro will be used. That is a 120Hz display, which is curved. LPDDR5X RAM and UFS 4.0 flash storage will also be utilized.

A 4,900mAh battery was mentioned, as was 90W wired, and 50W wireless charging. Yes, you’ll get a charging brick in the retail box. This phone will be IP68 certified, and it will ship with Android 13 out of the box. Xiaomi’s MIUI 14 skin will be included on top of it.


[ad_2]
Source link

OpenAI launches bug bounty program to enhance platform security

andreasc
-
0
OpenAI launches bug bounty program to enhance platform security
[ad_1]

Software vulnerabilities and bugs are a significant challenge for companies, as hackers often use them to gain unauthorized access to sensitive data. Now, in an effort to make its systems more resilient towards these bugs and vulnerabilities, OpenAI has announced a bug bounty program that will reward users for finding security vulnerabilities. The bounty program will run on the Bugcrowd platform and will offer cash rewards of up to $20,000 for exceptional discoveries and $200 for low-severity findings.

OpenAI says that the program will focus on vulnerabilities related to privacy and cybersecurity in the company’s web domains and APIs. Additionally, the company is also interested in discovering weaknesses in how ChatGPT processes user data, which will also include third-party access via its API.

Researchers can report bugs in OpenAI’s Application Programming Interface (API) and ChatGPT directly on the Bugcrowd platform. However, OpenAI has requested researchers to report model issues via a separate form unless they have a security impact. This is because model safety issues require significant research and a broader approach, and they are not discrete bugs that OpenAI can directly fix.

Limitations of the program

The bug bounty program has some limitations, as OpenAI will not accept jailbreaks for ChatGPT or text prompts intended to trick the AI program into violating its own rules. Furthermore, the company will also not accept reports of ChatGPT misbehaving or making up facts under the program.

Although OpenAI’s reward amounts may be lower than other tech giants such as Google and Apple, which can pay up to $2 million for the most severe vulnerabilities, the bug bounty program provides users with an opportunity to contribute to the improvement of the platform and protect themselves and others from potential security risks.

“We invite you to report vulnerabilities, bugs, or security flaws you discover in our systems. By sharing your findings, you will play a crucial role in making our technology safer for everyone,” says OpenAI.


[ad_2]
Source link

Spotify announces new integration with Strava

andreasc
-
0
Spotify announces new integration with Strava
[ad_1]

One of the most popular fitness apps for iOS devices, Strava is finally getting Spotify integration. Starting today, mobile users on any platform can play, pause, resume, skip, and browse Spotify content from the record screen on Strava.

The new integration means that Spotify users will no longer need to switch between apps to listen to their favorite songs while working out. The integration doesn’t just stop at music, it includes podcasts and audiobooks too, which can all be listened to while tracking your workout activities on Strava.

One of our biggest goals at Spotify is to be everywhere our listeners are – whether that’s on a run, in the gym, or anyplace in between. This integration with Strava is another way we’re moving with our listeners and allowing them to seamlessly connect to the music and audio they love,” said Ian Geller, VP of Business Development at Spotify.

Spotify also revealed some of the top-streamed tracks and artists on user-generated playlists with the terms “workout,” “run,” “exercise,” “cardio,” “cycling,” and “gym” in the United States, the United Kingdom, India, France, Spain, Germany, and Japan between March 1 and March 31.

“I’m Good (Blue)” by Bebe Rehxa and David Guetta, “INDUSTRY BABY (feat. Jack Harlow)” by Lil Nas X and Jack Harlow, and “Unholy (feat. Kim Petras)” by Sam Smith and Kim Petras were some of the top-streamed workout songs from the past month.

We’re excited to partner with a global leader like Spotify to seamlessly integrate music and movement on the platform. This new feature further solidifies Strava’s position at the center of connected fitness and continues to demonstrate the power of the global community of active people on Strava,” said Mateo Ortega, Strava’s Vice President of Connected Partnerships.

In related news, Spotify has decided to celebrate the important change by allowing Strava to take over its popular Workout playlists starting April 20. This means that Spotify users will be able to listen to Strava-curated sounds next week.


[ad_2]
Source link

KFC owner suffers ransomware-related data breach

andreasc
-
0
KFC owner suffers ransomware-related data breach
[ad_1]

US fast-food corporation Yum! Brands, which owns franchises including KFC, Pizza Hut and Taco Bell, has suffered a data breach following a ransomware attack.

The cyber attack, which took place on January 18, 2023, involved a malicious actor gaining unauthorized access to Yum! Brands’ network. The ransomware attack resulted in approximately 300 restaurants within the UK being temporarily shut down due to the IT systems affected by the attack.

Once discovered, Yum! Brands said the attack “took steps to lockdown impacted systems, notified federal law enforcement authorities, worked with leading digital forensics and restoration teams to investigate and recover from the incident and deployed enhanced 24/7 detection and monitoring technology”.  

After the incident was contained, the fast-food corporation initiated an investigation into the attack to see if any personal data had been stolen. It determined that the files accessed by the malicious actor during the attack contained private customer data.

The data stolen in the breach includes the names and ID card numbers of some customers including driver license numbers. In a notice of the breach sent to those affected, Yum! Brands said there was “no evidence of identity theft or fraud” being committed with the stolen data.

In a report filed with the US Securities and Exchange Commission regarding the attack, Yum! Brands said that it had “incurred, and may continue to incur, certain expenses related to this attack including expenses to respond to, remediate and investigate this matter”. The organization said it “does not expect this event to have a material adverse impact on its business, operations or financial results”. 


[ad_2]
Source link

Unmasking NIS2: Europe’s Secret Weapon Against Cybersecurity Threats – Latest Hacking News

andreasc
-
0
Unmasking NIS2: Europe’s Secret Weapon Against Cybersecurity Threats – Latest Hacking News
[ad_1]

As cyber threats continue to grow, Europe, with its highly digitalized economy, has become a prime target. In fact, the number of cyberattacks on European businesses has soared to unprecedented heights, with a 108% increase in attacks against key sectors since 2020. To combat this alarming trend, the European Parliament has introduced NIS2, a new cybersecurity directive aimed at enhancing the Union’s cyber resilience.

NIS2 brings tighter requirements and a renewed emphasis on risk management and incident response, forever changing the way EU businesses tackle cybersecurity. In this blog post, we’ll delve into the far-reaching consequences of NIS2 for European cybersecurity and provide essential insights to help businesses adapt and thrive in this new regulatory landscape.

Unpacking The NIS2 Directive

NIS2, short for Network and Information Security Directive, is a new EU cybersecurity directive aimed at improving cybersecurity in the European Union. Adopted and entered into force on 16 January 2023, the directive sets out new cybersecurity requirements for organizations categorized as critical infrastructure.

Building on its predecessor NIS1, which was adopted in 2016, NIS2 expands its coverage to include sectors such as energy, transport, healthcare, finance, public administration, water supply, and many more. While the previous directive only focused on so-called essential services and digital service providers, NIS2 eliminates this distinction and instead divides affected entities into two categories: essential entities and important entities, where size, societal function/sector, and annual turnover is the deciding factor for whether NIS2 applies to a given organization.

In addition, NIS2 strengthens requirements for risk management, incident reporting, and cooperation between EU Member States in case of cyber incidents. Overall, NIS2 represents a significant step forward in EU cybersecurity regulations, and organizations that fall under its scope should take note of the new requirements to ensure compliance.

How NIS2 Will Impact EU Cybersecurity

NIS2 is set to have a significant impact on EU cybersecurity by mandating far-reaching security measures to improve risk management and incident response practices, increasing regulatory oversight, and introducing an unprecedented element of management compliance accountability. Some of the ways NIS2 will change EU cybersecurity include:

New cybersecurity requirements for businesses:

  • NIS2 introduces a core set of 10 minimum measures that organization must implement to manage risk, including measures such as access control, incident management, and business continuity management.
  • Businesses are required to conduct due diligence on the security of supply chains to ensure that third-party suppliers also adhere to NIS2 security standards.
  • Early-warning reports must be submitted within 24 hours of an incident.

Increased focus on risk management and incident response:

  • Businesses must develop incident response plans that cover various scenarios and conduct regular security assessments to identify vulnerabilities and weaknesses.
  • Reporting of incidents to competent authorities is required, and must include all relevant information, such as the scope and impact of the incident, the systems and data affected, and the measures taken to contain and mitigate the incident.

Greater regulatory oversight and enforcement:

  • Designated national authorities will be responsible for ensuring compliance with the directive through audits and inspections.
  • The authorities will have the power to request information, conduct investigations, and issue fines or penalties for non-compliance.

Personal liability for management bodies:

  • Management bodies, including directors and senior managers, may face personal liability for cybersecurity incidents resulting from their failure to implement security measures or to respond adequately to a cyber threat.
  • This means that they may be held accountable and face legal or financial consequences for their actions or inactions related to cybersecurity.
  • The personal liability requirement aims to encourage management bodies to take cybersecurity seriously and to prioritize the implementation of appropriate security measures to protect EU citizens’ personal data.

 

NIS2 and EU businesses: Implications and Opportunities

The overall impact of NIS2 on EU businesses is going to be massive.

With an estimated 160.000 affected entities across 15 different sectors, critical infrastructure organizations across all of Europe will have to address this new regulatory reality.

What’s more, all third-party suppliers providing services to these organizations must also meet the new requirements, multiplying the actual number of affected companies. Adding to the seriousness of this major policy change, executive teams will be forced to put cybersecurity on the board agenda because of the unprecedented introduction of management compliance accountability, which makes management bodies personally liable for non-compliance.

These changes will undoubtedly cause a surge in cybersecurity investments, compliance consulting, and relevant cybersecurity training as boards realize the potential business-crippling, legal consequences of negligence and non-compliance.

NIS2 will be a reality check for organizations that have been lacking in their security efforts. The directive will usher in a new security standard that – if widely implemented – will increase European businesses’ ability to withstand the destructiveness of tomorrow’s cyberthreats.

How To Prepare for NIS2

To prepare for compliance with NIS2, European critical infrastructure operators and providers in their supply chain must first conduct comprehensive risk assessments. This will help identify vulnerabilities and weaknesses that needs to be addressed following the new NIS2 standards. It will also provide insights into the effectiveness of existing security measures, which is another crucial element of the new requirements.

Member States have until 17 October 2024 to transpose the directive into national law. This gives affected organizations 16 months to assure that their cyber defense level is on par with the directive’s requirements.

Denmark-based business password management solution, Uniqkey, has published the infosite nis2directive.eu, offering accessible information on NIS2 to the public. The site includes all information relevant to the NIS2 directive, sourced from official, public sources, and curated for easy consumption. They also offer a practical whitepaper on the subject for anyone looking for tangible, tool-specific suggestions for how to achieve NIS2 compliance.

If you’re a European business operating within any of the 15 covered sectors – or providing services to any such organization – getting familiar with the Directive’s requirements will be essential to surviving the upcoming regulatory transition.


[ad_2]
Source link

April Pixel Watch update rolls out bringing security upgrades

andreasc
-
0
April Pixel Watch update rolls out bringing security upgrades
[ad_1]

Users of the Google Pixel Watch are getting the April update with improvements. This update is coming alongside the April update for Pixel smartphones, and both updates are similar. For some reason, the new features and improvements are not bulky but seem to hit the nail on the head.

Basically, this update comes along with important security patches. This is also the case with the April update for Pixel devices, it is a security update. Some users might find it annoying that the new update only brings security improvements to the smartwatch.

This might be the case because the previous update comes with tons of features. Well, a security update is also essential for your smartwatch, hence making this update quite important. Pixel Watch users can make do with the features rolled out with the previous update.

Details on the April update for the Google Pixel Watch 

The latest update to the Pixel Watch comes with security upgrades for users around the world. There are no new features with this update, just a security improvement. The previous update came with a ton of new features for users to benefit from.

Some of these features include new Watch Faces, rotating the digital crown to wake, touch sensitivity, alarms, and so on. These features improve the overall user experience whilst making this smartwatch from Google more interesting to use. Considering the number of new features the previous update came with, it is hard to complain about the lack of new features with this new update.

This update’s security improvements help to patch up some loose ends and ensure user data security. A similar security upgrade is rolling out for Pixel devices that are eligible to receive updates. Just like the update made available for the Pixel Watch that coming to Pixel devices patches up any security flaws.

For Pixel watch users, to ensure that you get this update, you need to make sure your Watch is running on Wear OS 3.5. To confirm this, head over to your watch’s system update page in settings and refresh it. If you aren’t up-to-date, all pending updates will be listed for you to install.

If you are up-to-date, then you can proceed to install the April update. This update is currently rolling out to Pixel Watches globally, so if you are yet to get yours, don’t panic. The update will become available to users globally in the coming days.


[ad_2]
Source link

Google TV adds FAST Channels to the Live Tab

andreasc
-
0
Google TV adds FAST Channels to the Live Tab
[ad_1]

Today, Google is announcing a big new update for Google TV. The big change here is that Google is adding FAST channels into the Live Tab. That includes channels from Tubi, Plex, Haystack and Google TV into that tab. With that change, this means you’ll be able to browse over 800 channels of free and premium programming. This includes news channels like NBC, ABC, CBS and FOX.

There’s definitely going to be content there for everyone. From blockbuster movies, to popular series, and even sports available for free. That’s the beauty of FAST channels.

You can “favorite” channels to show at the top of the guide

Also part of this update today, Google is adding the ability to favorite channels, which will now show up at the top of the guide. Making it easier to find those channels the next time you look for something to watch.

Google will also organize all of the channels into an easier and faster browsing experience. With over 800 channels available, it could be pretty tough to find a good channel and something to watch. So this should make it a lot easier.

On top of that, Google is also keeping the premium live TV subscriptions in the Live Tab. That includes YouTube TV and Sling TV. Basically, the Live Tab will now show ALL of the channels that you have. Which is what it should have always been, but with the rise of FAST, it’s great to see Google TV adding support.

Google says that the new live TV experience is rolling out to Google TV devices in the US. That includes Chromecast with Google TV, as well as Google TV sets from Sony, TCL, Hisense and Philips. Google says that they plan to bring this new experience to eligible Android TV devices later this year.


[ad_2]
Source link

Third-party app brings the Pixel Launcher’s search experience to all Android phones

andreasc
-
0
Third-party app brings the Pixel Launcher’s search experience to all Android phones
[ad_1]
There are non-Pixel Android users who would love to have the search experience of the Pixel Launcher on their phones. And now a third-party app called the Pixel Search app brings this experience to other Android phones. Tech journalist Mischaal Rahman tweeted (via AndroidAuthority) that “This app looks great! The search feature of many OEM launcher apps isn’t nearly as good as the Pixel Launcher’s unified search. This new app seems to replicate the Pixel Launcher search experience quite well!”
The app’s developer writes, “Pixel Search is the ultimate search app that allows you to find anything on your phone with ease. You can quickly search through your apps, contacts, web suggestions, and files without having to open multiple apps. Pixel Search is designed with a clean and intuitive interface that makes it easy for anyone to use.” Once installed, users can open Pixel Search by tapping on the icon or its Material You-themed widget. The widget also includes a shortcut to Google Discover and Google Voice search.
The Pixel Search app brings the Pixel Launcher's search experience to non-Pixel phones. Image credit AndroidAuthority - Third-party app brings the Pixel Launcher's search experience to all Android phones

The Pixel Search app brings the Pixel Launcher’s search experience to non-Pixel phones. Image credit AndroidAuthority

Pixel Search has the familiar search field on the top of the display, just like the Pixel Launcher, and right underneath are the icons for the last four apps visited-just like the Pixel Launcher. And if you tap on the three-dot icon on the right of the display, you can change the theme, change the app you want to use for searches and select a quick launch option that will automatically open the first search result. The latter is a feature that search on the real Pixel Launcher doesn’t have.

One thing that the Pixel Search app can’t do is search for system settings. But apparently, this is something that the developer is looking to add in the future. Speaking of the developer, Rushikesh Kamewar has already listed 15 additional apps in the Google Play Store. And by the way, the Pixel Search app is free.

[ad_2]
Source link

Major Hack Hits South Korean Exchange GDAC, $13.9M Stolen

andreasc
-
0
Major Hack Hits South Korean Exchange GDAC, $13.9M Stolen
[ad_1]

According to GDAC, stolen cryptocurrencies include 61 Bitcoins, 350.5 Ethers, 10 million of the WEMIX gaming currency, and $220,000 worth of Tethers.

South Korean cryptocurrency exchange and blockchain platform GDAC has fallen victim to a devastating hack, resulting in the theft of approximately $13.9 million worth of various cryptocurrencies.

GDAC CEO Han Seunghwan made the announcement on April 10 2023, revealing that the attack had occurred on the morning of April 9th 2023, when the hacker gained control of some of the exchange’s hot wallets.

The stolen cryptocurrencies include 61 Bitcoin, 350.5 Ether, 10 million of the WEMIX gaming currency, and $220,000 worth of Tether. This amounts to around 23% of GDAC’s total custodial assets, as stated in the announcement. In response to the attack, GDAC has halted all deposits and withdrawals and has initiated emergency server maintenance.

GDAC has taken swift action by reporting the hack to the police, informing the Korea Internet & Security Agency (KISA), and notifying the Financial Intelligence Unit (FIU) of the loss incurred due to the attack. The exchange is also urging other crypto exchanges not to honour any deposits made from the address used by the attacker.

Seunghwan expressed the challenges of confirming the timeline for resuming deposits and withdrawals, citing the ongoing investigation as a reason for the uncertainty.

Unfortunately, this incident is not isolated, as centralized exchange hacks continue to plague the cryptocurrency industry. In January 2022, Crypto.com suffered a hack that resulted in a loss of over $15 million.

In November 2019, the South Korean cryptocurrency exchange UPbit was hacked after which attackers managed to steal $50 million worth of Ether. Nevertheless, the GDAC hack will only harm investors’ trust in online crypto exchanges.

As the cryptocurrency market continues to grow, security remains a critical concern. Exchanges and investors alike must remain vigilant and implement robust measures to safeguard against potential cyber threats. GDAC’s unfortunate experience serves as a reminder of the importance of stringent security protocols in the ever-evolving landscape of cryptocurrencies.

  1. Bitcoin falls after Korean exchange loses $40M to hack
  2. BitGrail crypto exchange hacked; $160m in Nano stolen
  3. Coincheck crypto exchange hacked; $534 Million Stolen

[ad_2]
Source link

A week in security (April 3

andreasc
-
0
A week in security (April 3
[ad_1]

The most interesting security related news from the week of April 3 – 9.

Last week on Malwarebytes Labs:

Stay safe!

Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link
1...1,3181,3191,320...1,470Page 1,319 of 1,470