Researchers have discovered a major security vulnerability in the WiFi protocol that risks data exposure to snoopers. They demonstrated two attack strategies exploiting the flaw, which could allow an adversary to meddle with traffic, client connections, and more.
WiFi Protocol Vulnerability Exposes Data
According to a recent study, the existing WiFi protocol IEEE 802.11 has an innate security vulnerability in its design that risks users’ privacy. The researchers from Northeastern University and imec-DistriNet, KU Leuven, have shared their findings in a detailed research paper.
The researchers observed the flaw in the WiFi protocol’s built-in power-save mechanisms that conserve power for receiving devices in sleep mode. During such phases, the WiFi devices buffer or queue WiFi frames, however, in a rather unsecured state. That’s because the 802.11 standards lack appropriate security contexts for buffered frames.
Hence, an adversary may trick an access point into leaking frames in plaintext, exposing users’ data. The adversary may also manipulate the WiFi frames’ header to disconnect the target client (receiving device) or induce a denial of service.
Moreover, an attacker may also trick target access points to encrypt frames before queuing, thus evading WiFi’s encryption.
To demonstrate this vulnerability, the researchers designed different attack strategies, which they confirmed to work against a wide range of operating systems. At the same time, they used WiFi devices from popular vendors, such as Cisco, Asus, and D-Link, in their study. The team also made the exploit code public on GitHub as MacStealer tool.
Following this research’s public disclosure, Cisco acknowledged the matter via a dedicated advisory. Besides admitting the vulnerability’s impact on its WiFi devices, Cisco also confirms the proposed remedial strategies from the researchers to be working for Cisco devices. Also, they recommend implementing TLS encryption on the data in transit to render any intercepted data unusable for potential attackers.
The researchers will present their findings at BlackHat Asia 2023, scheduled for May 9-12, 2023.
If you’ve been looking for a TV lately, then Amazon has you covered. Today, it is discounting its 4-Series Fire TV models, by a pretty wide margin. Some of the models are at all-time lows right now. Which is really impressive. Right now the 43″ model is on sale for $239, that’s down from $369. While the 50″ is down to $259, from its regular price of $449. And finally, the 55″ model is down to just $339, which is down from its regular price of $519.
You’re probably wondering why you would want to buy the Amazon 4-Series Fire TV? Well, aside from the price, these are actually really good TVs. Despite being part of Amazon’s mid-range TV lineup, they are worth picking up for a second bedroom, or even in your main entertainment space.
As mentioned above, the 4-Series does come in three sizes, 43-, 50-, and 55-inches. So not the largest, nor the smallest in TV sizes here. But definitely something for everyone.
These are 4K TVs, with HDMI 2.0 included. There’s also a HDMI 2.1 eARC port included, but it does not support [email protected] for gaming, unfortunately. And that’s because the TV actually only does 60Hz.
There’s HDR support here with HDR10, but no Dolby Vision. Amazon saves the Dolby Vision for its higher-end TVs, which makes sense. At this price, you wouldn’t really expect to have Dolby Vision.
On the audio side, there is support for Dolby Digital Plus. It’s okay, but not the best there is. TV speakers in general aren’t that great. So if you want to get Dolby Atmos, you can hook up a soundbar to this TV, using that HDMI eARC port found on it.
Finally, it is running on Fire TV. Giving you access to all of your favorite apps. These include Amazon Prime Video, Netflix, YouTube, YouTube TV, Hulu and so much more. It also has Alexa included, and Alexa is always-listening. Now you can turn that off if you wish. Then you’ll need to press the microphone button the remote to access it.
The Amazon 4-Series are really great TVs to have in your home, especially at these prices.
Considering the surge in temperatures around the world, Google search plans to roll out heat alerts. This feature will come in handy for locals as well as those visiting an area at any time of the year. Making use of this feature will be straightforward as it will only require users to search for a keyword.
In this case, that keyword will be ‘heatwave’ and it will pull up the temperature of various areas. It can be your exact location or a place that you wish to visit or are just curious about. Armed with this tool, you will be able to stay clear of areas where there is a temperature surge.
This is an innovative idea from Google, and it will also be a functional feature. Some representatives from Google have also shared a thing or two about this coming feature and what users can expect. There are also a few other existing features similar to this that netizens can also put to good use.
Get notified on temperature surges with the heat alerts coming to Google search
This amazing feature will be available for use in certain regions in the coming months. The senior director of products for health and social impact at Google search, Hema Budaraju, has confirmed the coming of this feature. It aims at helping people adapt to the climate changes currently plaguing the world.
Over the past few years, the temperature in most areas of the world has seen a significant spike. This can come as a shock to tourists and locals who haven’t been keeping up to date with the local news. Most people don’t turn on the TV to check what the weather will be like, but they are constantly on their smartphones.
It will make a lot of sense to give such people weather alerts directly to their smartphones. This is exactly what Google search is doing with the coming heat alerts feature. So, instead of turning on the TV to check the weather forecast, you can simply search ‘heatwave’ via the Google app and get the temperature of your area.
If the temperature in your region is high, you will get an alert informing you to stay indoors. Knowing that heat is now the leading cause of weather-related casualties, it is good to have a feature like this. Tourists or those aiming to travel for different purposes to regions with soaring temperatures will also get alerts not to make that trip.
Once available, this feature will help protect the lives of millions of Google search users. The heat alert Google search feature will be joining the flood and wildfire alert features that launched some months ago. This shows Google’s technological efforts toward improving the health of its users.
Twitter is in a turbulent period of growth, thanks to all of the changes that Elon Musk is making to the social media platform. But the competition — which is ever growing — is taking all of this as an opportunity to increase their user bases substantially.
Twitter Blue — the subscription service that grants users the ever-coveted blue checkmark — has launched, but its full effects are due on April 1. Just in time for April fools, everyone who has earned a checkmark will be forced to pay in order to keep it. Quite the number, eh?
But ex-Twitter employees aren’t just sitting around, doing nothing about it. The company’s previous CEO is launching his own version of Twitter, called Bluesky. But while that platform is still under development, T2 — an invite-only alternative, also founded by Twitter employees — has rushed to launch in order to seize this unique opportunity.
Despite it being early to say Musk saved Twitter, it is as popular as ever. | Image credit – PhoneArena
So, T2’s plan is pretty simple: the platform is offering a free verified checkmark on their service, to anyone, who has previously earned it on Twitter. Naturally, this is a limited time offer, as after the upcoming changes, that data won’t be available anymore. This also means that anyone who’s taken advantage of Twitter Blue won’t make the cut in T2’s eyes.
An important note here is that this will carry over for anyone, who is still on the T2 waitlist too. Said wait may be worth it too, as the company has been teasing some upcoming changes. A redesign, for starters, and other milestones too, introduced by the newly-onboarded ex-Discord exec, who is acting as T2’s CTO (chief technology officer).
It will take quite a lot of time, effort and updates to get anywhere near Twitter’s core user base, but providing something of immense value for free is a great way to lure users in. After all, possibly thousands will be losing their checkmark in less than a day. Why not gain something out of it? After all, it’s free.
We take a look at research for an IoT attack called NUIT, capable of hijacking voice assistants via ultrasonic attack.
A new form of attack named “Near Ultrasound Inaudible Trojan” (NUIT) has been unveiled by researchers from the University of Texas. NUIT is designed to attack voice assistants with malicious commands remotely via the internet.
Impacted assistants include Siri, Alexa, Cortana, and Google Assistant.
This attack relies on abusing the high sensitivity of microphones found in these IoT devices. They’re able to pick up what is described as the “near-ultrasound” frequency range (16kHz – 20kHz), and this is where NUIT lurks.
A NUIT sound clip can be played on the targeted device’s speaker which allows for the voice assistant to be attacked on the device itself, or even another device altogether.
There are 2 different ways to launch this attack. One is where NUIT is happening on the targeted device itself. This could be, for example, a rogue app or an audio file. Below you can see a video where the NUIT attack results in an unlocked door.
The second form of attack is where the first device containing a speaker is used to communicate with a second device containing a microphone. This is the daisy-chain style approach, where all of the cool technology in all of your devices slowly comes back to haunt you. As researchers note, a smart TV contains a speaker and a quick blast of YouTube could be all that’s needed. Even unmuting a device during a Zoom call could be enough to send the attack signal to your phone sitting next to the computer as the meeting is taking place.
In terms of being successful via NUIT attack, social engineering plays a large part. Bogus websites, apps, and audio could all be entry points for voice assistant shenanigans.
Once access to a device is gained, an attacker lowers the device’s volume. This is so the device owner is unable to hear the assistant responding to commands being sent its way. Meanwhile, the speaker needs to be above a specific noise level so the attack can actually take place. As long as all of this takes place, the bogus command length has to be below 77 milliseconds or it won’t work.
In terms of current impact, researchers say that Siri devices “need to steal the user’s voice”. Meanwhile, the other 16 devices tested can be activated through use of a robot voice or indeed any other voice at all for that matter.
The NUIT attack is listed as being due to appear at the upcoming USENIX Security Symposium in August, which will give a complete overview of how this works. For now, the advice for possible defences against this new form of attack listed by the researchers include the following:
Use earphones. If the microphone can’t receive malicious commands, then the compromise can’t take place.
Awareness is key. Be careful around links, apps, and microphone permissions.
Make use of voice authentication. If you’re on an Apple device, now is the time to fire that up.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
OPPO released two book-style foldables thus far, the Find N and Find N2. The OPPO Find N3 is expected to launch later this year, and it may be larger than expected.
The fact the OPPO Find N and Find N2 were so compact was a part of their charm. When folded, they are perfect for one-handed use, when unfolded, you have a large 7.1-inch display to work with.
Those two phones managed to interest quite a few people, even though they only launched in China. I’ve reviewed both devices, and they do feel entirely different to use than any other book-style foldable, in a good way. On top of that, the build quality is outstanding.
The OPPO Find N3 may be larger than expected with an 8-inch display
Based on the latest rumors, however, the OPPO Find N3 may be larger than its predecessors. This info comes from Digital Chat Station, a well-known Chinese tipster. He claims that an 8-inch main display will be included. It will allegedly offer a resolution of 2268 x 2440 pixels, and a 120Hz refresh rate.
If true, that would basically bring the phone to the level of the Galaxy Z Fold 4 and other book-style foldable in terms of size. For some, that’s great, for others, not so much. The OPPO Find N and Find N2 were basically the only ones in the segment. Not a single other book-style foldable was close size-wise.
The Snapdragon 8 Gen 2 SoC is also rumored
In any case, the tipster shared some more info about the device. He claims that the Snapdragon 8 Gen 2 will fuel the phone. On top of that, a 50-megapixel main camera (Sony’s IM890 sensor) is tipped, along with a 48-megapixel ultrawide camera (Sony’s IMX581 sensor), and a 32-megapixel telephoto camera.
20-megapixel and 32-megapixel selfie cameras were also mentioned by the tipster. The same goes for a 4,805mAh battery. The Find N3 will be very thin, if the tipster is to be believed.
It remains to be seen if this info is accurate, though. The Find N3 is not expected to arrive until the very end of the year.
With its impressive range of accessories and gadgets, Ranvoo has now become one of the most popular small appliance brands in China. Thanks to the ever-evolving range of products coming from Ranvoo, it is now on the brink of becoming one of the most renowned names across the world. Ranvoo’s ‘Beyond the Limit’ ideology is what sets it apart from thousands of other brands out there. The brand takes its ever-increasing customer base seriously, constantly innovating and crafting products to meet the requirements of the dynamic market.
The latest addition to Ranvoo’s stellar range of products is the Ranvoo AICE 3, a neckband air conditioner. As a successor to Ranvoo AICE 1 and Ranvoo AICE 2, this brand new neckband air conditioner comes with a set of better, upgraded features. Let’s have a sneak peek into what’s new in the Ranvoo AICE 3:
The Ranvoo AICE 3 Neckband Air Conditioner
A neckband air conditioner is basically an air-conditioner on the move. It is a collar-like gadget that gently sits below the collarbones. Designed to keep the wearer cool at all times, neckband air conditioners are the next-in-thing, thanks to their portability and the amazing features they offer.
Ranvoo’s AICE 3 neckband air conditioner is the perfect blend of technology and art – it is not only bundled with user-friendly, accessible features but also has a super cool design and appearance. Designed to keep you cool and make you look cool at all times, the key features of the Ranvoo AICE 3 neckband are as follows:
1. Instant and Effective Cooling
The AICE 3 by Ranvoo is a fast-acting product. Featuring top-notch 4-core semiconductor technology, patented air-duct design, and 4 high-speed fans, the AICE 3 has a powerful cooling effect and can alter the temperatures instantly. The tastefully designed product is capable of blowing cool air directly onto the wearer’s neck and can cool down up to 10℃ in the cooling mode and up to 4℃, making it 25% cooler than its predecessors.
2. Comfortable, Full Body Cooling
The presence of 2 cooling thermal pads ensures the wearer can use the AICE 3 comfortably for long hours. It features Ranvoo’s self-developed algorithm, which makes the cooling process quick and efficient. Just because it’s a neckband doesn’t mean the cooling is restricted to the upper half of the body – the new 360° air outlet design in the AICE 3 renders cooling from top to toe!
3. Three Modes to Meet Your Needs
You wouldn’t have to control the AICE 3 manually, as the sensors automatically switch to a suitable temperature. There are three modes – fan mode, cooling mode, and heating mode. These ensure your body is at a comfortable temperature at all times. As a cherry on top, this product has a hot pack function. This means that when you’re tense or your upper body hurts, you can use the neckband on the heating mode, to help relax the muscles in your neck and shoulders.
4. Easy, Accessible, and User-friendly
Comfort and user-friendliness are the prime focus of every Renvoo product, and the AICE 3 is no exception! It has a flexible wearing angle, that you can adjust according to your comfort. The neck air conditioner has a circumference of 12-17 inches, which makes it well-suited for different neck sizes and types of clothes. The gadget is quiet, and its silent 32dB operation makes it perfect to wear around your neck.
5. Desktop-Friendly Design
In case you need it while working and don’t want to wear it around your neck, you can set it up at your desk. The AICE 3 is compatible with a dedicated stand that can help transform it into a desktop air conditioner. As this device does not make a lot of noise, it is apt for usage on your work desk.
6. Quick Charging, Efficient Functioning
The AICE 3 features a powerful 7000mAh battery, which requires only 2.5 hours to fully recharge. In the fan mode, the neckband sustains for around 12 hours, whereas it works effectively between 2.5 to 6 hours in the cooling mode. If you opt for the warming mode, the AICE 3 lasts for 3.5 to 6 hours.
If you need to use the neckband on the move, you don’t need to worry about it running out of charge! Simply plug it into a power bank to charge it. So, even if you’re traveling, you can use this gadget to stay cool as a cucumber.
7. Packed With Smart Features
The Ranvoo AICE 3 isn’t just another neckband – it is a smart neckband packed with a bunch of smart features. The 1.9-inch touch control color screen allows you to monitor, adjust and control the settings of the AICE 3 swiftly. Apart from this, you can also control the neckband air conditioner via the RANVOO AIVE app!
The presence of photo-electric sensors, motion sensors, and 4 more sensors in the neckband makes it easy to monitor your health status, no matter where you are. The neckband air conditioner allows you to keep track of your heart rate, blood oxygen levels, and body temperature and maintains your step count too. The app also stores all critical health information, so that you can access it later for analysis.
Now that we’ve run you through the key features of the Ranvoo AICE 3, the next obvious question that comes to your mind is – how much does this amazing product cost? The Ranvoo AICE 3 is priced at $399 – and considering the impressive features it is packed with, this product at $399 is an absolute steal!
The Ranvoo AICE 3 will be launched in the market very soon, and if you wish to purchase this cool gadget, you can claim it at the early bird price, which is 30% off the selling price on the official website! The first 100 backers can avail of this offer and get the amazing Ranvoo AICE 3 at just $279 only! Ranvoo has kickstarted a crowdfunding campaign for the AICE 3, all those backing this project can contribute to the fund right here!
And yes, here’s the most exciting part – after reaching the crowdfunding target amount, Ranvoo team will be sending all the backers a surprise gift too! Feel free to reach out to Ranvoo for more details.
The Meta-fueled controversy train takes breaks here and there, but doesn’t really stop. A while back, the company that owns Facebook and Instagram was fined about $423 million dollars by Ireland’s Data Protection Commission, which is the primary privacy regulator of the European Union (EU).
As you may have guessed, this was related to the way Meta was utilizing user-collected data. When the fine was officialized, the company pretty much threatened to have Facebook and Instagram removed from app stores in Europe.
I guess you’ve noticed how that never happened, so after that attempt failed, Meta had no other choice but to make some changes. And as reported by the Wall Street Journal, it looks like denizens of the EU will probably, maybe be allowed to disable ad tracking for their accounts.
And in typical Meta fashion, there is a catch. If you are interested in getting rid of those pesky ad trackers that are gulping up all of your preference statistics, then you’d have to submit a form, which basically acts like a plea to have you opt out of tracking.
Facebook’s popularity in the EU has seen a steady decline in recent years. | Image credit – PhoneArena
Meta, however, reserves to the final call, as it will quote “evaluate the submission and decide whether to implement the change“. This is bound to get privacy activists roaring, not only because this leaves out the user’s choice in the hands of a corporation, but also because it means that users will still be opted in by default when making an account.
An important note to make here is that currently, you’ve got an option to disable a form of tracking on these social platforms, but that is entirely different. If you’ve got that toggled off, it basically limits Facebook — for example — from using data on you, gathered from your activity outside of the platform, for targeted advertising.
In contrast, this new opt-out form, if accepted after being submitted, will severely limit the data that the social platforms can use. As in, they’ll still use general, public info about you such as your age group and general location, but won’t track what is the last video you’ve liked on Facebook, YouTube or any other websites or apps.
This is a mixed bag of a solution if there ever was one, but it is still an attempt for Meta to stay relevant, despite all of the limitations being put down by regulators worldwide. Europeans should start seeing notifications for the ability to opt out starting next Wednesday, so if you are interested, keep your eyes peeled.
Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks.
Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks.
The 3CX Desktop App is a Voice over Internet Protocol (VoIP) type of application which is available for Windows, macOS, Linux and mobile. Many large corporations use it internally to make calls, view the status of colleagues, chat, host web conferences, and for voicemail. 3CX is a Private Branch Exchange (PBX) system, which is basically a private telephone network used within a company or organization.
The 3CX website boasts 600,000 customer companies with 12 million daily users, which might give you an idea of the possible impact a supply chain attack could have.
The discovered attack is very complex and probably has been going on for months. While attribution in these cases is always difficult, some fingers are pointing to North Korea. It is likely the attacks have been ongoing since one of the shared samples was digitally signed on March 3, 2023, with a legitimate 3CX Ltd certificate issued by DigiCert.
While it is almost certain that Windows Electron clients are affected, there is no evidence so far that any other platforms are. On the 3CX forums, users are being told that only the new version (3CX Desktop App) leads to the malware infection, because the 3CX Phone for Windows (the legacy version) is not based on the Electron Framework. Electron is an open source project that enables web developers to create desktop applications.
Update March 31, 2023: an independent researcher and 3CX have confirmed that the Mac version of the desktop client is compromised as well.
According to a 3CX spokesperson, this happened because of an upstream library it uses became infected.
The main executable is not malicious itself and can be downloaded from 3CX’s website as part of an installation procedure or an update. The 3CXDesktopApp.exe executable, however, sideloads a malicious dynamic link library (DLL) called ffmpeg.dll.
The ffmpeg.dll in turn is used to extract an encrypted payload from d3dcompiler_47.dll and execute it. The malware then downloads icon files hosted on GitHub that contain Base64 encoded strings appended to the end of the images, as shown below.
Base64 strings embedded in ICO files (image courtesy of BleepingComputer)
The d3dcompiler_47.dll file has all the functionality of the legitimate version, with the payload appended. This warrants that it would alert users to the fact that something is wrong with their software.
While research is ongoing into the full payload, it is clear that a backdoor is created on affected systems.
What needs to be done?
After initially playing down the alerts on its user forums as a possible false positive, 3CX has now posted that it is working on an update.
Malwarebytes detects the malicious DDLs as Trojan.Agent (ffmpeg.dll) and Trojan.Compromised3CX (%LOCALAPPDATA%\PROGRAMS\3CXDesktopApp\*\d3dcompiler_47.dll).
We will keep you updated here, but as a user you might want to keep an eye on 3CX’s blog and forums to learn about new developments, and when an update is available.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Samsung‘s Galaxy Tab S8 series flagship Android tablets are receiving the One UI 5.1 update in the US. The rollout began a few days back and had reached users on T-Mobile, MetroPCS, Xfinity Mobile, and Dish networks at the time of this writing. The company will gradually push the update to units on more networks in the coming days.
One UI 5.1 is the latest version of Samsung’s custom Android skin. Debuting with the Galaxy S23 series in February, the company has already seeded this update to dozens of other Galaxy smartphones and tablets. The Galaxy Tab S8 series started picking it up in late February. Following the release in international markets, the Korean firm is now pushing One UI 5.1 to the Galaxy Tab S8 lineup in the US as well.
This update for the latest flagship Samsung tablets in the US comes with the firmware build number ending with BWC1. As detailed by the company in its official changelog, One UI 5.1 brings plenty of goodies to the Galaxy Tab S8 devices. For starters, new selfie effects in the camera app let you quickly change the tone of your selfies. The Gallery app alo gains a Shared Family Album and revamped info display.
The Galaxy Tab S8 lineup is also getting enhanced image remastering with One UI 5.1. The feature has been a subject of controversy recently due to it adding a row of fully-grown teeth to an infant’s photo. But it has its positives as well. Image remastering lets you remove shadows and reflections from photos. You can even remaster downloaded GIFs to improve their resolution and clarity.
One UI 5.1 also brings improvements to multitasking, Modes and Routines, Samsung DeX, Samsung Internet, widgets, Settings, and more. The Galaxy Tab S8 series is picking up the February 2023 Android security patch as well. If you’re using this tablet in the US, you should receive all of these goodies and security enhancements over the next few days. You can manually check for updates from the Settings app.
Samsung is readying the Galaxy Tab S9 series
The Galaxy Tab S8 series debuted in February last year. Samsung didn’t launch a successor this February but the Galaxy Tab S9 series is expected to arrive in the second half of 2023.
Like last year, we will reportedly get three models this year too. The Galaxy Tab S9, Galaxy Tab S9+, and Galaxy Tab S9 Ultra should be accompanied by the Galaxy Z Fold 5 and Galaxy Z Flip 5 foldables. New smartwatches and tablets should also debut at the same event sometime in August or September. We will keep you posted with all the latest information about these devices.
Base64 strings embedded in ICO files (image courtesy of BleepingComputer)
