Hackers Exploiting MS Office Editor Vulnerability Deploy Keylogger

andreasc
-
0
Hackers Exploiting MS Office Editor Vulnerability Deploy Keylogger
[ad_1]

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.

The group has been exploiting a known vulnerability (CVE-2017-11882) in the Microsoft Office equation editor (EQNEDT32.EXE) to distribute a keylogger, posing significant user risks worldwide.

The vulnerability in question, CVE-2017-11882, resides in the equation editor component of Microsoft Office.

This flaw allows attackers to execute arbitrary code by exploiting the equation editor, often embedded in Office documents.

According to the AhnLab Security Intelligence Center (ASEC) reports, despite being an old vulnerability, it remains a potent tool for cybercriminals due to its high success rate in executing malicious scripts.

The Kimsuky group has been leveraging this vulnerability to run a page with an embedded malicious script using the mshta process.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot.

The attack begins when a user opens a compromised Office document, triggering the equation editor to execute mshta.exe.

mshta.exe executed via the equation editor program (EQNEDT32.exe)
mshta.exe executed via the equation editor program (EQNEDT32.exe)

The Malicious Script

The mshta process connects to a page named error.php, which deceptively displays a “Not Found” message to the user, masking the execution of the malicious script.

The C2 server screen (mshta.exe)
The C2 server screen (mshta.exe)

The content of error.php, reveals the script’s major behaviors, including downloading additional malware via a PowerShell command, creating a file named desktop.ini.bak under the Users\Public\Pictures path, and attempting to register this file in the Run key under HKLM with the name “Clear Web History.”

However, due to an error in the script, this registration fails initially.

Content of the malicious script (error.php)
Content of the malicious script (error.php)

The Keylogger Deployment

Upon correcting the script for replication purposes, the desktop.ini.bak file is successfully created and registered.

This file is crucial for the keylogger’s operation.

Registration to the autorun registry
Registration to the autorun registry

The first downloaded malware, a PowerShell script, collects system and IP information and sends it to the C2 server.

It also can download and execute a keylogger from the C2.

The keylogger script creates the desktop.ini.bak file in the Users\Public\Music path to record users’ keystrokes and clipboard data.

It uses a mutex value “Global\AlreadyRunning19122345” to prevent duplicate instances.

The collected data is periodically sent to the C2 server, deleted, and recreated, ensuring continuous data exfiltration.

The Kimsuky group’s persistent exploitation of CVE-2017-11882 underscores the importance of patching vulnerabilities promptly.

Users must ensure their software is updated to the latest versions and avoid using software that has reached the end of service (EOS).

It is also crucial to refrain from opening suspicious document files and keep security solutions, such as V3, updated to prevent malware infections.

Implementing endpoint security products and sandbox-based APT solutions like MDS can significantly mitigate the risks of such cyberattacks.

IOC

MD5s

  • 279c86f3796d14d2a4d89049c2b3fa2d
  • 5bfeef520eb1e62ea2ef313bb979aeae
  • d404ab9c8722fc97cceb95f258a2e70d

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

Update now! Google Pixel vulnerability is under active exploitation

andreasc
-
0
Update now! Google Pixel vulnerability is under active exploitation
[ad_1]

Google has notified Pixel users about an actively exploited vulnerability in their phones’ firmware.

Firmware is the code or program which is embedded into hardware devices. Simply put, it is the software layer between the hardware and the applications on the device.

About the vulnerability, Google said there are indications it may be:

“under limited, targeted exploitation.”

This could mean that the discovered attacks were very targeted, for example by state-sponsored actors or industry-grade spyware. However, it’s still a good idea to get these patches as soon as you can. And whether you have a Pixel or not, all Android users should make sure they’re using the latest version available, because the June 2024 security update addresses a total of 50 security vulnerabilities.

Updates to address this issue are available for supported Pixel devices, such as Pixel 5a with 5G, Pixel 6a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel 8a, and Pixel Fold.

For these Google devices, security patch levels of 2024-06-05 or later address this issue. You can find your device’s Android version number, security update level, and Google Play system level in your Settings app.

You should get notifications when updates are available for you, but it’s not a bad idea to manually check for updates. For most phones it works like this: Under About phone or About device you can tap on Software updates to check if there are new updates available for your device, although there may be slight differences based on the brand, type, and Android version of your device.

Technical details

The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVE for this vulnerability is:

CVE-2024-32896: an elevation of privilege (EoP) issue in Pixel firmware.

An elevation of privilege vulnerability occurs when an application gains permissions or privileges that should not be available to them. This can be a key element in an attack chain when a cybercriminal wants to move forward from initial access to a device to a full compromise.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.


[ad_2]
Source link

Galaxy S24 FE gets Exynos 2400, Tab S10+ has a MediaTek chip

andreasc
-
0
Galaxy S24 FE gets Exynos 2400, Tab S10+ has a MediaTek chip
[ad_1]

A couple of upcoming Samsung devices popped up on Geekbench today. The Galaxy S24 FE and Galaxy Tab S10+ were benchmarked, revealing interesting pieces of information. The next-gen flagship tablet, in particular, caught us by surprise. It appeared with a MediaTek chipset, a first for the series. The Fan Edition phone is, expectedly, getting the Exynos 2400.

Galaxy Tab S10+ may run a MediaTek chipset

Samsung’s Galaxy S series flagship Android tablets have always used either its in-house Exynos chips or Qualcomm’s Snapdragon solutions. However, the next-gen models may no longer maintain this record. The newly spotted Geekbench listing for the Galaxy Tab S10+ shows it running a MediaTek processor, namely the Dimensity 9300+.

Spotted by MySmartPrice, the listing is for the US version of the tablet (model number SM-X828U). We exclusively reported in May that this model number belongs to the Galaxy Tab S10+, along with SM-X826B and SM-X826N. The latter two are the global and Korean versions, respectively. The Geekbench entry showed the device with Android 14 and 12GB of RAM.

But more importantly, it doesn’t have an Exynos or Snapdragon chip. Instead, it’s running MediaTek’s Dimensity 9300+, a flagship chipset featuring a peak CPU speed of 3.4GHz. Produced on TSMC’s 4nm process node, the chip is as powerful as Qualcomm’s latest, the Snapdragon 8 Gen 3. However, this comes as a surprise because of Samsung’s history.

Samsung Galaxy Tab S10 Plus MediaTek chipset geekbench

Unless this Geekbench entry is fake (it’s easy to fabricate these benchmarks), Samsung is all set to launch its first flagship tablet with a MediaTek chipset. Well, the Galaxy Tab S10+ may not launch at Unpacked next month, but you get the gist. It remains to be seen if the vanilla and Ultra models also switch to Dimensity chips. The new tablets may arrive later this year.

Galaxy S24 FE will ship with the Exynos 2400

Samsung’s flagship smartphones aren’t switching to MediaTek just yet. The company is readying the Galaxy S24 FE with the Exynos 2400, the same chipset that powers the Galaxy S24 and Galaxy S24+ in some global markets. Well, at least the global version (SM-S721B) will get the Exynos ship, Geekbench reveals. We don’t yet have a confirmation about the US version.

The Geekbench listing also confirms Android 14 and 8GB of RAM for the Galaxy S24 FE. It is unclear if Samsung also plans to release the phone in a 12GB RAM variant. The new Fan Edition device should go official in a few months. Recent developments suggest the Galaxy Tab S10 series will arrive around the same time. We will let you know when we have more information.

Samsung Galaxy S24 FE Exynos 2400 chipset geekbench


[ad_2]
Source link

Samsung preparing to launch AI-focused 2nm chips in 2025

andreasc
-
0
Samsung preparing to launch AI-focused 2nm chips in 2025
[ad_1]

Samsung‘s semiconductor foundry is on track to mass-produce 2nm chips in 2025 and 1.4nm chips in 2027. At the ongoing Samsung Foundry Forum (SFF) event in San Jose, California, the company revealed that its process technology development is progressing smoothly as planned. The Korean firm also announced two new process nodes and AI solutions for the next generation of electronics.

Samsung is preparing to introduce 2nm mobile chips next year

Samsung has long aimed to start 2nm mass production in 2025. Shortly after introducing its first 3nm chip in 2022 produced on its 3GAE process node, the company unveiled its semiconductor roadmap for the next five years. It planned to launch the second-gen 3nm process node (3GAP) in 2024. The Exynos 2500, which should power the Galaxy S25 series early next year, will probably be made on the 3GAP 3nm process.

The roadmap further revealed that Samsung will introduce 2nm chips in 2025, followed by a second-gen 2nm process node in 2026. Finally, in 2027, the company would enter the sub-2nm era, bringing a 1.4nm chip to the market. All this while, the Korean firm would be continuously increasing its production capacity for advanced chips. The total capacity is projected to grow over 3x between 2022 and 2027.

Samsung Foundry 2nm chips 2025 2

Samsung says its semiconductor technology is developing along these lines. At SFF, the company introduced an improved 2nm process node called SF2Z. Slated to enter mass production in 2027, it reduces voltage drop compared to the first-gen 2nm node (SF2), “enhancing the performance of HPC designs.” It also enhances power, performance, and area (PPA) thanks to backside power delivery network (BSPDN) technology.

The Korean tech titan also launched a high-value 4nm variant at SFF. Dubbed SF4U, the new 4nm process node “offers PPA improvements by incorporating optical shrink.” Samsung aims to start mass production on this node alongside its first-gen 2nm node in 2025. The company says it is also “actively shaping future process technologies below 1.4nm through material and structural innovations.”

Samsung Foundry 2nm chips 2025 1

The GAA transistor architecture has become imperative in the AI era

Samsung uses the gate-all-around (GAA) transistor architecture in its 3nm chips. The new architecture brings PPA improvements over FinFET, the older architecture used up to 4nm chips (TSMC still uses FinFET and plans to upgrade to GAA with its 2nm chips next year). The Korean firm aims to benefit from an early adoption of advanced transistor technology.

According to Samsung, “structural advancements like gate-all-around (GAA) have become imperative to meet power and performance demands” of the AI era. The company says its GAA process has matured significantly over the past two years, both in yield and performance. Its GAA production will substantially expand in the coming years as it moves to 2nm and 1.4nm semiconductor process technologies.

Samsung’s ongoing foundry event in the US also brought Samsung AI Solutions, a turnkey AI platform integrating the strengths of the company’s Foundry, Memory, and AVP (Advanced Package) businesses. Customers get high-performance, low-power, and high-bandwidth solutions that can be tailored to suit their AI requirements. The Korean firm plans to introduce an all-in-one, CPO-integrated one-stop AI solution in 2027.

Samsung Foundry 2nm chips 2025 3


[ad_2]
Source link

Indian Ex-Employee Jailed for Wiping 180 Virtual Servers in Singapore

andreasc
-
0
Indian Ex-Employee Jailed for Wiping 180 Virtual Servers in Singapore
[ad_1]

A Singapore court has sentenced a 39-year-old Indian national, Kandula Nagaraju, to two years and six months imprisonment for hacking into his former employer’s computer system and deleting critical data.

Nagaraju was part of a 20-member team at National Computer Systems (NCS) between November 2021 and October 2022, responsible for managing a quality assurance computer system containing 180 virtual servers and testing new software and programs before launch. Court documents reveal that Nagaraju felt “confused” and “upset” after getting fired in October 2022 over poor performance, believing that he had performed well.

Indian Ex-Employee Jailed for Wiping 180 Virtual Servers in Singapore
A snippet of Kandula Nagaraju’s experience letter was obtained by Hackread.com

Upset with the termination, Nagaraju returned to India and launched a series of cyberattacks against NCS between January and March 2023.  Operating remotely, he gained unauthorized access to the company’s systems multiple times.

The attacks unfolded in stages. First, Nagaraju accessed the system six times between January 6th and 17th, likely familiarizing himself with the architecture and exploring vulnerabilities. He then wrote computer scripts, essentially malicious programs, to test their effectiveness in deleting servers.

In February 2023, after finding a new job in Singapore, Nagaraju returned, rented a room with a former NCS colleague and used his Wi-Fi network to access NCS’ system once more. This act demonstrates a calculated and persistent effort to target his former employer.

As per the Singaporean news site CNA, the most damaging phase occurred in March 2023. Nagaraju accessed the NCS Quality Assurance (QA) system 13 times. Finally, on March 18th and 19th, he executed his pre-written script, resulting in the deletion of a staggering 180 virtual servers, one at a time. This act caused significant financial losses to NCS, estimated to be around SGD 918,000 (approximately USD 678,000).

Indian Ex-Employee Jailed for Wiping 180 Virtual Servers in Singapore
Kandula Nagaraju (Image credit: Boon Keong Ooi – TODAY)

The NCS team discovered the system was inaccessible the following day and the servers had been deleted. A police report was made on April 11, 2023, and several IP addresses were handed over. Nagaraju’s laptop was seized, and the script used to delete the servers was found. Investigations revealed that Nagaraju had searched for scripts to delete virtual servers on Google, which he used to code the script.

Disgruntled Employees – Threat Within!

The case highlights the dangers of disgruntled employees on a company’s cybersecurity, emphasizing the need for robust access control measures. Companies must also consider exit strategies for terminated employees, including timely removal of access privileges.

Nevertheless, this is not the first time that a disgruntled employee damaged the hands that fed them. In April 2017, an ex-Marriott employee hacked into the hotel reservation system from his apartment in New York City and reduced rates on more than 3,000 rooms from $159 – $499 per night … to $12 – $59.

In May 2018, Coca-Cola announced a data breach after one of its ex-employees managed to steal a hard drive containing the personal information of over 8,000 workers. In June 2018, Tesla sued an ex-employee for hacking and sharing gigabytes of data with 3rd parties. The stolen data included dozens of photos and a video of Tesla’s manufacturing systems.

In July 2018, Israeli authorities arrested a 38-year-old man for stealing secrets from the NSO Group, a Herzliya-based firm specializing in developing spyware, including the notorious Pegasus spyware, which helps governments spy on unsuspecting individuals and journalists worldwide. According to authorities, the stolen data was being sold on the dark web for a whopping $50 million.

In August 2020, an ex-employee and Indian citizen on an H1-B visa hacked Cisco’s Amazon Web Services (AWS) infrastructure and erased virtual machines. Sudhish Kasaba Ramesh pleaded guilty to damaging Cisco’s network.

  1. Preventing Insider Attacks on Your HR System
  2. Managing Insider Threats with Internal Monitoring
  3. Ransom Your Employer Email Scam Suspect Arrested 
  4. Data Security Threats – Strategies to Strengthen Your Defense
  5. Insider Threat Awareness: Protecting Your Business from Within

[ad_2]
Source link

Ivanti EPM SQL Injection Flaw Let Attackers Execute Remote Code

andreasc
-
0
Ivanti EPM SQL Injection Flaw Let Attackers Execute Remote Code
[ad_1]

In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote code execution vulnerability.

This vulnerability was assigned with CVE-2024-29824 and the severity was given as 9.6 (Critical).

Though ZDI did not mention any additional information regarding this critical vulnerability, they specified a function name that affected Ivanti EPM which was “RecordGoodApp”.

However, a proof-of-concept for this vulnerability has been published by Horizon3 researchers.

Technical Analysis – Proof Of Concept

According to the reports shared with Cyber Security News, this RecordGoodApp function existed in the PatchBiz.dll file present in the installation folder.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot.

Further, this DLL was dissected using Jetbrains dotPeek tool for further review. This Patchbiz.dll wa a C# binary.

RecordGoodApp Disassembly (Source: Horizon3)

On investigating the SQL statements in this binary, the first SQL statement was found to be vulnerable to SQL injection as it used string.Format for inserting the value of goodApp.md5 into the SQL query.

Additionally, the RecordGoodApp function was first called from the AppMonitorAction.RecordPatchIssue is present inside an IF ELSE statement.

AppMonitorAction.RecordPatchIssue (Source: Horizon3)

Further, the AppMonitorAction.RecordPatchIssue was called by Patch.UpdateActionHistory which was called from three different locations such as LANDesk.ManagementSuite.PatchBiz, LANDesk.ManagementSuite.WSVulnerabilityCore and StatusEvents.

Patch.UpdateActionHistory Usage (Source: Horizon3)

Among these locations, the StatusEvents.EventHandler.UpdateStatusEvents was the most interesting, as it had annotations with [WebMethod] inside the EventHandler class.

This EventHandler class inherits from the System.Web.Services.WebService declares that it can be used to hit UpdateStatusEvents over HTTP.

Triggering The Exploit

As a means of analysing the location of this EventHandler class, an IIS manager was used which provided the exact location of EventHandler.cs that was located in /WSStatusEvents endpoint. Visiting this endpoint provided a list of sample requests and responses.

IIS Manager WSStatusEvents (Source: Horizon3)

Further analysis revealed that this endpoint was sent with requests, finally showing one particular request that used the xp_cmdshell.

This xp_cmdshell can execute commands on the system, which can now be used to achieve Remote Code Execution on vulnerable Ivanti EPM.

Successfully exploiting using Burp (Source: Horizon3)

Horizon3 has released an exploit code to trigger this vulnerability, which is now available on GitHub.

Users can use the MS SQL logs to examine the usage of xp_cmdshell for any malicious purposes.

It is recommended that Ivanti EPM users upgrade their products to the latest version to prevent threat actors from exploiting this vulnerability.

MS SQL Logs as Indicators of Compromise of using xp_cmdshell (Source: Horizon3)

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

Galaxy Z Fold 6 Ultra won’t be limited to one market

andreasc
-
0
Galaxy Z Fold 6 Ultra won’t be limited to one market
[ad_1]

Samsung is undeniably a strong competitor in the smartphone market, especially with its powerful foldable devices. However, Chinese OEMs are rapidly catching up. To maintain its lead, Samsung needs to introduce a highly competitive foldable. Samsung actually seems to be working on an “Ultra” foldable phone. This is the first time an ‘Ultra’ model visiting the Galaxy Fold series. Previously, we shared with you that we discovered two devices in the Fold 6 series. Galaxy Z Fold 6 and Fold 6 Ultra. We know that Samsung is working on two distinct foldable devices, internally codenamed “Q6” and “Q6A.” Initially, we thought that Galaxy Fold 6 Ultra will be exclusive to Korea, but it appears Samsung plans to launch the Galaxy Z Fold 6 Ultra in the Chinese market as well.

Galaxy Z Fold 6 Ultra won’t be limited to Samsung’s home market

We spotted a new device in our database with the internal codename “Q6A” and the model number “SM-W9025. We already know that Samsung codenamed Galaxy Z Fold 6 Ultra as “Q6A”. Additionally, we previously reported the device will be available in Korea and Samsung will introduce Galaxy Z Fold 6 Ultra with the model number SM-F958N. It appears that the model number of Samsung’s upcoming foldable in China is quite different from the Korean variant, even though they bear the same internal codename. And there is a reason behind this.

Samsung introduces some of its devices in China under a completely different marketing name than in the global market. The previously announced Galaxy Z Fold 5 and Galaxy Z Flip 5 were released in China with a different market branding. Specifically, Samsung launched them as Galaxy W24 and Galaxy W24 Flip in China. We expect this device to be released in China as the “Galaxy W25 Ultra”. Note that the Chinese variant will have the same specifications as the Korean variant that we previously spotted. Therefore, we can easily say that the Galaxy W25 Ultra will be a Chinese clone of the Galaxy Z Fold 6 Ultra.

The New ‘Fold’ will be wider than its predecessor

The previous leaks also revealed Galaxy Z Fold 6 will come with a slightly refreshed design. While renders of the Galaxy Z Fold 6 series have surfaced online, and Samsung Kazakhstan even released official images of the Z Fold 6 and Z Flip 6. The “Galaxy Z Fold 6 Ultra” was interestingly absent on Samsung’s promotional images. This actually might reveal that only the regular Galaxy Z Fold 6 will be available globally, or that ‘Ultra’ is coming at a later date. We anticipate the Ultra variant’s introduction in 2025. Initially, we thought Galaxy Z Fold 6 Ultra would be a Korea-exclusive device, but it turned out to be available in China as well.


[ad_2]
Source link

CISA Warns of Scammers Impersonating as CISA Employees

andreasc
-
0
CISA Warns of Scammers Impersonating as CISA Employees
[ad_1]

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a surge in impersonation scams.

These scams often involve fraudsters pretending to be government employees, using their names and titles to deceive unsuspecting victims.

Recently, CISA has become aware of scammers claiming to represent the agency, attempting to exploit individuals and businesses.

Scammers’ Tactics

According to CISA, these impersonation scammers may contact potential victims through phone calls, emails, or other communication methods.

They often request money transfers via wire, cash, cryptocurrency, or gift cards.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot.

Additionally, they may instruct victims to keep the discussion confidential, adding a layer of urgency and secrecy to their fraudulent activities.

CISA emphasizes that its employees will never make such requests or ask for sensitive financial informa

CISA advises the public to remain vigilant and take specific steps if they suspect an impersonation scammer is targeting them.

Firstly, do not pay the caller or provide personal or financial information.

Secondly, take note of the phone number from which the call originated.

Thirdly, hang up immediately to avoid further interaction. Finally, validate the contact by calling CISA (844) SAY-CISA (844-729-2472) or report the incident to law enforcement.

By following these guidelines, individuals can protect themselves from falling victim to these scams.

CISA continues to work diligently to safeguard the public and raise awareness about the tactics used by scammers.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

Google patches a major Pixel security flaw, along with dozens more

andreasc
-
0
Google patches a major Pixel security flaw, along with dozens more
[ad_1]

Google has announced that it patched 50 Pixel security vulnerabilities with the June 2024 security patch, including a major flaw that hackers could (and did) exploit.

Google patched up a major Pixel security flaw

The company mentioned this high-level security vulnerability as ‘CVE-2024-32896’, and it’s part of the Pixel Firmware. Well, it was until Google patched it up.

Google did not release any additional information about the flaw itself, but the company did say that “there are indications that CVE-2024-32896 may be under limited, targeted exploitation”. In other words, wrongdoers have exploited it thus far.

50 security vulnerabilities have been fixed altogether

Now, as already mentioned, this security patch tackles 50 security vulnerabilities. This major flaw is a part of them, as are five that are related to a number of components in Qualcomm chipsets.

With this update, Google patched the denial-of-service (DoS) issue which impacted Modem, and numerous information disclosure flaws that affected GsmSs, ACPM, and Trusty.

The company is rolling out this update to a number of its devices, as we speak. It is rolling out as an OTA (Over-The-Air) update to the Pixel 5a 5G and newer smartphones. Basically all devices that are eligible to get Google’s security update at this point.

These are the devices that are getting the security update

To be more accurate, the devices receiving the update are the Pixel 5a 5G, Pixel 6a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel 8a, and the Pixel Fold.

Many of you are probably also aware that this is also Google’s Pixel Feature Drop update. Not all of these phones are getting those new features, though. Some of them are only eligible to get security updates at this point. The rollout is also gradual, as per usual, so the update could take a while to arrive to your device.


[ad_2]
Source link

Samsung’s Shortcut sneaker lets you control your phone with dance moves

andreasc
-
0
Samsung’s Shortcut sneaker lets you control your phone with dance moves
[ad_1]

Samsung has just announced a revolutionary sneaker that can control your phone. Called Shortcut, the sneaker has built-in sensors that detect dance moves to launch different preset actions on the paired Galaxy phone. The company calls it the “sneaker of the future,” and rightly so. If only it made the sneaker available widely (more on its availability later).

The Samsung Shortcut is certainly the sneaker of the future

Samsung developed the Shortut sneaker in collaboration with Cheil Benelux, Elitac Wearables, Brut Amsterdam, and sneaker designer Roel van Hoff. According to the company, Hoff designed the sneaker inspired by the Galaxy and the universe. The shoe contains materials resembling the textures and colors of meteorites and supernovae. The designer carefully crafted every detail as a reference to Galaxy products.

But Shortcut is more about the magic it carries. Samsung has fitted this futuristic sneaker with motion sensors that continuously track their position relative to each other. The sensors can identify any movement of the feet. Based on these movements, the sneaker launches the linked action on the connected Galaxy device. “For example, you can make calls or play music with the moonwalk by dancing,” Samsung explains.

The company doesn’t make it clear if you can customize these actions and feet movements. However, it confirmed that the Shortcut sneaker can trigger five shortcuts on the phone with five different movements of the feet. You may not be able to expand it, though Samsung says the sneaker will become smarter over time as more people use it to perform various dance moves, effectively improving its accuracy.

“The concept was developed to make life not only more efficient but also more fun,” Samsung said in a press release. “Roel van Hoff’s design already makes it a special sneaker, but in combination with this technology, we have managed to create something that the loyal Samsung community will hopefully love. Quite unique: the first sneaker in the world with which you can call your friends,” added Tim and Daniel, Creative Directors Cheil Benelux.

How to get this futuristic sneaker?

This is the tricky part. Samsung’s Shortcut sneaker is extremely limited, so much so that the company has made only six pairs. Moreover, the Korean firm isn’t selling it. Instead, it is giving away the shoe to Galaxy users in the Netherlands via a contest in the Samsung Members app. Galaxy users in the country can participate in the contest by July 9, 2024, for a chance to win the futuristic sneaker. Samsung will announce the six winners in the second week of July.


[ad_2]
Source link
1...134135136...1,471Page 135 of 1,471