Ulefone has just shared the Armor 26 Ultra durability tests in a video format. You can check out the said video below the article, as it has been embedded. It has a duration of a minute and a half, and it has some really “fun” tests in it.
The Ulefone Armor 26 Ultra durability test video is actually quite fun to watch
Ulefone is always trying to think of new and fun ways to torture test its devices. In this video, you’ll see a paper burning on a phone. In addition to that, Ulefone decided to use the Armor 26 Ultra’s screen as a hammer, and stab it with a knife… in addition to other tests.
Drop tests are also included here, of course. The Armor 26 Ultra got thrown down a flight of stairs and from various distances. It was even frozen and then thrown from a specific distance. In this video, Ulefone also proved that the Armor 26 Ultra is water-resistant.
This phone is IP68/IP69K & MIL-STD-810H certified
Yes, the phone is both IP68/IP69K and MIL-STD-810H certified. That not only means that it can survive under water, but also that it can withstand dust, and be dropped from a specific height (up to 1.8 meters).
Ulefone also included the Gorilla Glass 5 on top of the Armor 26 Ultra’s display. That display protection is obviously enough for this phone to be used as a hammer, which says a lot about Corning.
It has a gigantic battery on the inside
The Armor 26 Ultra is one of the company’s newest smartphones, and in addition to being a tank, it also has a 15,600mAh battery. The phone supports 120W charging, and it is fueled by the MediaTek Dimensity 8020 SoC.
It comes with 12GB of RAM, but you can expand that up to 24GB thanks to virtual RAM. The phone includes 512GB of internal storage. It is also worth noting that it comes in regular and Walkie-Talkie versions.
This handset will soon be on sale as part of the Ulefone Summer Sale. Various other devices will be discounted up to 69%, by the way. You can find all the relevant links below.
SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a threat actor to read sensitive files on the host machine.
This vulnerability existed in the SolarWinds Serv-U File Transfer solution and was assigned with CVE-2024-28995 – 8.6 (High).
This vulnerability affected multiple SolarWinds Serv-products in both Windows and Linux platforms.
However, it was fixed in the latest version, SolarWinds Serv-U 15.4.2 HF 2. The company also recommends that users upgrade their products to the latest version.
Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot
According to the reports shared with Cyber Security News, this vulnerability affected Server-U FTP server 15.4, Serv-U Gateway 15.4 and Serv-U MFT Server 15.4.
The Serv-U is a C++-written application that contains the majority of the code in the Serv-U.dll binary.
On analyzing this binary further, it was discovered that there was a modified function sub_18016DC30.
This modified version of this function processes a file path with added checks. The check was written in such a way that it checks particularly for the double dot path segment (\..\) and if found, it is sanitized.
Further investigations concluded that most of this function’s use cases contain two HTTP request parameters, InternalDir and InternalFile,both of which call the vulnerable function.
However, when providing a directory traversal payload to these parameters on a vulnerable version of Serv-U, the application processed the payload and triggered the directory traversal vulnerability.
This vulnerability can also be modified to reach an arbitrary file on the target server that could reveal sensitive information.
As an added fact, if the Serv-U application is installed on a Windows machine, the system data will be stored in the following path C:\ProgramData\RhinoSoft\Serv-U\.
Further, Serv-U-StartupLog.txt on the system data folder contains the application logging information emitted during application startup and will also include the target Serv-U server’s version number.
On a Linux platform, this vulnerability can be triggered to read.
Users of SolarWinds Serv-U are recommended to upgrade to the latest version or apply the 15.4.2 Hotfix 2 to remediate this vulnerability.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
The Motorola Razr 50 series launch date has been confirmed
Do note that this confirmation comes via Motorola from China, as it’s a launch event in China. The global variants of the phone(s) will launch later on. The devices in question are the Motorola Razr 50 and Razr 50 Ultra.
In addition to the launch date, the Motorola Razr 50 Ultra also paid a visit to the FCC, TUV Rheinland, and Dekra certifications. Those listings revealed that the phone will have a 4,000mAh battery, and come with nano SIM + eSIM combo, at least in some markets. 68W charging is also expected.
We know what the phones will look like
We also know what the phone will look like already. Evan Blass confirmed the design of the phone a while back. It will have a huge display on the back, with thin bezels. The cameras will be included inside it, but everything else will be covered by the display, basically, as you can see below.
That is said to be a 4-inch cover display, in addition to a 6.9-inch main display. The main display on the Razr 50 Ultra will offer a 165Hz refresh rate. The Snapdragon 8s Gen 3 SoC is said to fuel the Motorola Razr 50 Ultra. The phone will be equipped with 12GB of RAM and 256GB of internal storage.
The Razr 50 will be inferior to the ‘Ultra’, but still very powerful
The Motorola Razr 50, on the other hand, is rumored to include the MediaTek Dimensity 7300X chip. It will also ship with 8GB of RAM and 256GB of internal storage. A 50-megapixel main camera is expected, in addition to a 13-megapixel ultrawide unit. On the front, you’ll find a 13-megapixel snapper.
The vanilla Razr 50 model will have a 3.63-inch cover display and a 6.9-inch main display with a 120Hz refresh rate. A 4,200mAh battery is tipped for the Motorola Razr 50.
After a long wait, Qualcomm’s highly anticipated Snapdragon X processors are finally making a market debut. Windows PCs powered by Snapdragon X Elite and Snapdragon X Plus will start hitting shelves next week. This is a big deal because these are the only chips rated powerful enough for Microsoft’s new AI PC ecosystem Copilot+. Artificial intelligence is a big deal today, you know. However, Snapdragon X may have an anti-climactic end if ARM wins its legal battle against Qualcomm.
ARM threatens to disrupt the Snapdragon X AI PC wave before it takes off
This high-profile legal battle began after Qualcomm acquired Nuvia, a designer of CPUs based on the ARM architecture, in 2021. The $1.4 billion acquisition laid the foundation for Snapdragon X. However, ARM alleged that Qualcomm misused a licensing deal Nubia had signed before the acquisition. According to the British firm, Nubia had licensed a technology from ARM to design server chips but Qualcomm scrapped the plans and reassigned the team to develop a laptop processor.
ARM says Qualcomm’s Snapdragon X chips are “a direct technical descendant of Nuvia’s chip” based on its technology. Since neither Qualcomm nor Nubia renewed the licensing contract after the acquisition, the license stands canceled. As such, Qualcomm’s using the technology for its PC processors is a violation of its intellectual property. ARM formally filed a lawsuit over the matter in August 2022 after the parties failed to negotiate a new licensing contract.
Qualcomm, on the other hand, says its broad license for Arm technology already covers its Snapdragon X chips. “Arm’s complaint ignores the fact that Qualcomm has broad, well-established license rights covering its custom-designed CPUs, and we are confident those rights will be affirmed,” Ann Chaplin, the company’s general counsel, said in a statement in 2022. A Qualcomm spokesperson recently told Reuters its position has not changed since ARM filed the lawsuit two years ago.
There’s a real concern in the industry
ARM’s lawsuit against Qualcomm has hardly progressed in these two years. However, there’s still a real concern that this licensing dispute could abruptly halt the shipment of new Snapdragon X-powered AI PCs. Attendees at Computex 2024, where Qualcomm unveiled its AI PC vision inviting executives from several big companies to the stage, were discussing the potential supply disruption if ARM wins the legal battle. Qualcomm’s vision and plans could come to a standstill.
“It’s definitely a real risk,” said Doug O’Laughlin, the founder of Fabricated Knowledge, a chip financial analysis firm. “The more successful (the laptops are), the more fees ARM can get eventually.” Qualcomm has signed deals with around 20 PC makers for AI PCs powered by the Snapdragon X Elite and Snapdragon X Plus. Nearly two dozen laptops are expected to go on sale starting on June 18. An ARM victory would deal a severe blow to the plans.
“ARM’s claim against Qualcomm and Nuvia is about protecting the ARM ecosystem and partners who rely on our IP and innovative designs, and therefore enforcing Qualcomm’s contractual obligation to destroy and stop using the Nuvia designs that were derived from ARM technology,” an ARM spokesperson said. The SoftBank-owned British company wants to destroy Snapdragon X before Qualcomm and Microsoft even realize the dream of Copilot+ AI PCs.
Interestingly, despite all this, ARM and Qualcomm have a close relationship in the industry. ARM is Qualcomm’s biggest supplier, while Qualcomm is ARM’s second-biggest customer. Hopefully, the two firms will find a solution that doesn’t disrupt the emerging AI PC ecosystem. The trial is scheduled to begin in the federal court in Delaware in December. However, some industry experts believe the companies will settle the case out of court in the coming months.
Ariana Grande, a beloved pop singer, joined the South Korean super-app Weverse.
Usually, when we talk about the thing called super-app, we mean an app through which you can do various everyday-related things. Ordering a cab, ordering food, sending and receiving money, and much more: a super-app combines messaging, social media, e-commerce, financial services, and more.
The aforementioned Weverse, however, is substantially different from a “traditional” super-app. Weverse, as the latest Reuters report tells us, is a superfan platform owned by HYBE, the entertainment firm behind K-Pop sensation BTS.
On Weverse, the report continues, artists can write posts, livestream, and sell merchandise directly to their followers.
For example, the app gained significant attention when BTS member Jin’s livestream, following his military service, drew over 2 million views in just 10 minutes despite initial technical issues.
Launched in 2019, Weverse had an average of over 10 million monthly active users in the third quarter of 2023. Impressively, nine out of ten Weverse users are based outside of South Korea, highlighting its global reach.
The “traditional” super-app
The super-app as a concept is a mobile application that integrates multiple services and functions into a single platform, streamlining various digital interactions for users. Originating in Asia with pioneers like WeChat in China and Grab in Southeast Asia (it’s very popular in Singapore, where I enjoyed using it!), super-apps combine messaging, social media, e-commerce, financial services, and more.
The goal is very simple, almost brilliant, one could say: the consolidation of services into one app means that users should not have the need to switch between multiple applications and spend more time in this single super-app.
This allows users to perform a wide range of activities, such as booking a ride, making payments, shopping online, and communicating, all within the same app. Super-apps leverage their extensive user bases to gather valuable data, which can be used to refine services, improve user experience, and offer personalized recommendations.
WhatsApp is constantly rolling out updates to enrich the experience of its massive user base, which exceeds two billion. Now, the messaging app under Meta’s umbrella has introduced fresh features to enhance video calling on both desktop and mobile versions.
Better calling across desktop and mobile
WhatsApp will introduce a series of new improvements in the coming weeks. One standout feature is the ability to share your screen with audio, which is perfect for watching videos together. Now, when you share your screen, you can also share the audio, enhancing the experience significantly. And speaking of audio, another enhancement is coming to WhatsApp: Meta recently introduced the MLow codec to enhance call reliability and now this technology is being integrated into WhatsApp.
The MLow codec from Meta is a new tool designed to improve audio quality, particularly beneficial for users on slower connections. With MLow, audio becomes clearer overall, even if your network is slow or you use an older device.
Additionally, calls made on mobile devices now come with improved noise and echo cancellation, making it easier to have conversations in noisy environments.
If you want to learn how to join a group call on WhatsApp, check out the video above | Video credit – WhatsApp
WhatsApp’s new ability to host video calls across various devices mirrors Apple’s FaceTime, where iPhone and iPad users can also gather up to 32 participants. However, platforms like Google Meet and Zoom allow up to 100 participants, even on their free plans.
By consistently introducing updates like those mentioned above, WhatsApp stays ahead in the competitive landscape. These enhancements not only improve user experience but also make the app more appealing, drawing in new users, which, after all, is the end game of every business.
YouTube, the world’s most popular online video platform, is constantly experimenting with new features. Just recently, YouTube started testing AI summarizer on Shorts, and now the Google-owned service has even more features in the works.
YouTube is trying out new features like AI live chat summaries, Google Lens search, and more
AI is the big buzz these days, and YouTube is jumping in on the action. It’s now testing AI-powered live chat summaries to help you quickly catch up and dive into the conversations during live streams.Using AI, this feature analyzes the live chat and gives a summary of the ongoing conversation. This allows you to join in with a better context. For instance, if you join late for something like Google’s I/O live conference, you can quickly catch up on everything you’ve missed so far using the live chat summary.
This experiment is being tested with a small group of viewers who join eligible live streams in English with highly active live chat discussions. Currently, this experimental feature is only available in some countries.
Coming up next is the ability to use Google Lens to search on YouTube. If you are part of the experiment, you will notice a Lens button in the search bar. Simply tap the Lens button to search using your camera and get relevant YouTube content as your results.
You’ll also have the option to get additional details about the visuals by clicking “Search on Google.” This test is currently being introduced to a limited number of viewers using YouTube on Android phones.
YouTube is also trying out channel QR codes to make it simpler for creators to share their channels. If you’re a creator involved in this trial, you can share your channel QR code by:
Finding the “You” tab in the bottom app menu,
Selecting the chip below your handle labeled “Share your channel”,
Choosing “QR code” from the menu that appears.
Viewers can discover and share creators’ QR codes by:
Tapping the three-dot menu on the creator’s channel page
Selecting “Share”
Choosing the QR code option
The QR codes can be scanned both online and offline. Initially, this feature is being introduced to a limited number of creators but will be gradually expanded later on.
Finally, the video platform is experimenting with user-generated effects in Shorts. Creators with access to this feature can personalize and enhance Shorts, creating and sharing their own effects directly on YouTube Shorts. If this feature is available to you, you’ll find it within the Effects button when you are creating a Short.
In 2020, YouTube jumped into the short-form video game with Shorts to compete with TikTok and Instagram | Image credit – PhoneArena
YouTube is currently testing these features using YouTube feature experiments, giving select groups of users the chance to try them out before they’re widely available. However, not all features tested necessarily make it to public release.
Bringing these features to its large user community would definitely elevate the YouTube experience. For example, imagine how handy Google Lens within YouTube could be – just point your camera at your friend’s latest smartphone and instantly dive into a review.
YouTube’s feature experiments allow the platform to boldly test new ideas. This approach lets the Google-owned platform gauge its potential without risking a negative impact on its broad user base.
Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery efforts following a recent cybersecurity breach.
With the assistance of third-party cybersecurity experts, the company has identified that attackers accessed files from a small number of file servers used primarily for daily and routine tasks.
These compromised servers represent only seven out of approximately 25,000 servers across Ascension’s network.
While the investigation is ongoing, it is believed that some of the files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for specific individuals.
However, the specific data affected may vary from person to person.
Cause of the Breach
The breach was traced back to an employee who inadvertently downloaded a malicious file, mistaking it for a legitimate one.
Ascension has emphasized that this was an honest mistake, not a deliberate act.
Importantly, no evidence suggests that data was taken from the company’s Electronic Health Records (EHR) and other clinical systems, where full patient records are securely stored.
The company is conducting a thorough review of the potentially impacted files, which will take considerable time.
Support for Affected Individuals
To provide peace of mind to its patients and associates, Ascension is offering complimentary credit monitoring and identity theft protection services to anyone who requests them.
This offer is available to all Ascension patients and associates, regardless of whether their data was involved in the incident.
Individuals interested in enrolling in these services can contact the dedicated call center at 1-888-498-8066.
Ascension has assured that this offer is a proactive measure to reassure its community and does not imply that any specific individual’s data has been compromised.
Ascension remains committed to transparency and will notify affected individuals and regulatory bodies once the data analysis is complete.
The company regrets any disruption or concern caused by this incident and is dedicated to addressing the situation seriously.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection for Amazon Simple Storage Service (Amazon S3).
This new feature expands GuardDuty Malware Protection to detect malicious file uploads to selected S3 buckets, enhancing the security of cloud storage.
Enhanced Malware Detection for S3
Previously, GuardDuty Malware Protection provided agentless scanning capabilities to identify malicious files on Amazon Elastic Block Store (Amazon EBS) volumes attached to Amazon Elastic Compute Cloud (Amazon EC2) and container workloads.
With the new update, AWS customers can now continuously evaluate new objects uploaded to S3 buckets for malware and take action to isolate or eliminate any malware found.
Amazon GuardDuty Malware Protection uses multiple AWS-developed and industry-leading third-party malware scanning engines to provide malware detection without degrading the scale, latency, and resiliency profile of Amazon S3.
This managed solution removes the operational complexity and cost overhead associated with automating malicious file evaluation at scale.
Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot
Simplified Security Management
With GuardDuty Malware Protection for Amazon S3, development, and security teams can work together to configure and oversee malware protection throughout their organization.
This feature is particularly useful for select buckets where newly uploaded data from untrusted entities is required to be scanned for malware.
Users can configure post-scan actions in GuardDuty, such as object tagging, to inform downstream processing or consume the scan status information provided through Amazon EventBridge to implement isolation of malicious uploaded objects.
Scanned Objects
To get started, users can enable Malware Protection for S3 in the GuardDuty console, select the S3 bucket name, and choose the objects they want to scan.
After scanning a newly uploaded S3 object, GuardDuty can add a predefined tag with the key as GuardDutyMalwareScanStatus and the value as the scan status, such as NO_THREATS_FOUND, THREATS_FOUND, UNSUPPORTED, ACCESS_DENIED, or FAILED.
GuardDuty Malware Protection
To enable GuardDuty Malware Protection for an S3 bucket, users must create and attach an AWS Identity and Access Management (IAM) role with the required permissions.
Permission Details
These permissions include EventBridge actions to create and manage the EventBridge managed rule, Amazon S3 and EventBridge actions to send S3 Event Notifications to EventBridge, Amazon S3 actions to access the uploaded S3 object and add a predefined tag, and AWS Key Management Service (AWS KMS) key actions to access the object before scanning.
Once the IAM role is created or updated, users can enable the protection in the GuardDuty console.
The protected bucket’s protection status will show as Active, and users can view all S3 malware findings to see the generated GuardDuty findings associated with their scanned S3 bucket.
Users can follow the recommended remediation steps in the Findings details panel if a malicious file is detected.
Findings Info
Things to Know
GuardDuty Malware Protection for S3 buckets can be set up even without GuardDuty enabled for the AWS account.
However, enabling GuardDuty provides full monitoring of foundational sources, such as AWS CloudTrail management events, Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, DNS query logs, and malware protection features.
Security findings can also be sent to AWS Security Hub and Amazon Detective for further investigation.
GuardDuty can scan files from various Amazon S3 storage classes, including S3 Standard, S3 Intelligent-Tiering, S3 Standard-IA, S3 One Zone-IA, and Amazon S3 Glacier Instant Retrieval.
The feature supports file sizes up to 5 GB, including archive files with up to five levels and 1,000 files per level after decompression.
Amazon GuardDuty Malware Protection for Amazon S3 is now generally available in all AWS Regions where GuardDuty is available, excluding China Regions and GovCloud (US) Regions.
Pricing is based on the GB volume of the objects scanned and the monthly number of objects evaluated.
A limited AWS Free Tier is available, which includes 1,000 requests and 1 GB each month for the first 12 months of account creation for new AWS accounts or until June 11, 2025, for existing AWS accounts.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
With an app that so many people rely on such as Google Maps, any issue or bug that prevents any features of the app from running smoothly has to be fixed right away. Starting late last month, Google Maps users found themselves unable to create journeys with multiple stops on Android devices. Once you set up the first part of the journey on the app by having a starting spot and a destination, press the “+” button below the first destination and add another destination. You can add up to nine stops.
When the feature is working, a Google Maps user arriving at his initial destination taps on the button that says “Continue” and gets directions to the next location. However, the feature has not been working since late May and while the “Continue” button does appear on the screen, pressing on it doesn’t do a darn thing. The only thing that users can do in this situation is to shut the Google Maps app and re-enter the next destination after reaching the last one.
None of the tricks tried by Google Maps users worked and per Autoevolution, once reports about this issue started to get posted on social media and other boards, Google started working on a solution and reportedly, it did come up with a fix that it disseminated through a Google Maps update to Android users. We know that the update has exterminated the bug because those who complained about the problem in online discussion groups are now saying that they can once again create and navigate journeys on Google Maps with multiple stops.
The version of Google Maps on my Pixel 6 Pro has not yet received the update
The version of Google Maps for Android that includes the fix is 11.131.0102 build 1067550236. To see which version of Google Maps is on your Android phone, go to Settings > Apps > See all xxx apps. Scroll down to Maps and tap on it. You should be on the App info page for Maps (which is Google Maps). Scroll all the way to the bottom and you’ll see which version of the app you are using. If you haven’t received the update yet, it should be reaching your Android phone soon. As for iOS users using Google Maps, this is not an issue for them.
.webp)
.webp)
