The Chinese video-sharing app TikTok has announced an update to its community guidelines that aim to make the platform safer. The update is coming in days when TikTok is in hot water by US lawmakers, and it might be banned in the country due to national security concerns.
Revamping community guidelines is a part of the company’s efforts to prevent a potential ban in the United States. TikTok has now made it more clear how creators and content will be treated. The app also made specific guidelines for AI-generated content and synthetic media.
The update will take effect on April 21, and the app describes it as the “most comprehensive update to our Community Guidelines to date.”
TikTok community guidelines put a restriction on AI-generated media
According to the new policies, any synthetic or manipulated media showing realistic scenes must be clearly disclosed. Users can use stickers and captions, such as “synthetic,” “fake,” “not real,” or “altered,” to distinguish synthetic content.
Additionally, TikTok bans the use of synthetic media that contains the likeness of any real private figure. TikTok defines synthetic media as “highly realistic” content created or modified by AI. A public figure is someone who is over 18 years old and holds a significant public role, like celebrities and government officials, etc.
“We do not allow synthetic media of public figures if the content is used for endorsements or violates any other policy. This includes prohibitions on hate speech, sexual exploitation, and serious forms of harassment.” TikTok added.
TikTok continues that using synthetic media of public figures is only allowed in certain contexts like educational content. Any use for political or commercial purposes is forbidden.
Besides regulating AI-generated content and synthetic media, TikTok also adds more transparency to existing policies. Each rule now has a brief section that clarifies what the app allows and doesn’t allow. For example, TikTok bans any misinformation on civic and electoral processes like voting, eligibility requirements of candidates, counting the ballots, etc.
TikTok hopes to prevent a potential ban in the United States by greater adherence to the country’s laws and becoming more transparent about its operations. The app CEO will appear before congress on March 23 to address national security concerns and relationships with the Chinese government.
Compromised online stores have been injected with skimmers hiding around the Google Tag Manager script. We identified a new one that looked similar at first but is part of a different campaign.
Threat actors often compete for the same resources, and this couldn’t be further from the truth when it comes to website compromises. After all, if a vulnerability exists one can expect that it will be exploited more than once.
In the past, we have seen such occurrences with Magecart threat actors for example in the breach of the Umbro website. Recently, while reading a blog post from security vendor Akamai, we spotted a similar situation. In the listed indicators of compromise, we noticed domains that we had seen used in a distinct skimming campaign which didn’t seem to be documented yet.
In fact, we saw instances of compromised stores having both skimmers loaded, which means double trouble for victims as their credit card information is stolen not just once but twice. In this blog post, we show how the newly found Kritec skimmer was found along side one of its competitors.
Original campaign using WebSockets
Researchers at Akamai reported on a Magecart skimmer campaign disguised as Google Tag Manager that also made the news with the compromise of one of Canada’s largest liquor store (LCBO). While details were not shared at the time, we were able to determine thanks to an archived crawl on urlscan.io that the skimmer was using WebSockets and is the same one as described in Akamai’s blog.
Kritec campaign
Akamai notes that they identified multiple compromised websites that had similarities. They also list nebiltech[.]shop in their IOCs which is a domain we sometimes saw injected near the Google Tag Manager script, but not within it.
We believe this is a different campaign and threat actor altogether. Here are some reasons why:
No WebSocket being used
Domains abusing Cloudflare
Intermediary loader
Completely different skimming code
To complicate things, we observed some stores that had both skimmers at the same time, which is another reason why we believe they are not related:
We started calling this new skimmer ‘Kritec’ after one of its domain names. It has an interesting way of loading the malicious JavaScript we had not seen before either. The injected code calls out a first domain (seen above encoded in Base64) and generates a Base64 response:
Decoding it reveals a URL pointing to the actual skimming code, which is heavily obfuscated (likely via obfuscator.io):
The data exfiltration is also done differently as seen in the image below. On the left, the stolen credit card data is sent via a WebSocket skimmer while on the right, it is a POST request:
Google Tag Manager variants
In the past months there have been several Magecart skimmers abusing Google Tag Manager in one way or another. We mentioned Akamai’s blog but it was also documented by Recorded Future. In those instances, the malicious was actually embedded in the Google Tag Manager library itself, which is very clever and difficult to detect.
While the Kritec skimmer hangs around the Google Tag Manager script, we believe it is not related to the other active campaigns. We have been documenting it recently and are reporting the abuse to Cloudflare which it uses to hide its real infrastructure.
Samsung‘s fifth-gen foldables are starting to take shape, literally. A couple of days back, we saw a design concept depicting the Galaxy Z Flip 5. The same source has now shown us what the Galaxy Z Fold 5 could look like.
As expected, this concept Galaxy Z Fold 5 design features a Galaxy S23-like rear camera layout. We have three cameras aligned vertically and all protruding out of the back panel individually. There’s no camera bump here. This has been Samsung’s design philosophy across its smartphone lineup in 2023, including budget models. The company is seemingly trying to create a brand identity for Galaxy smartphones here, irrespective of a device’s price bracket.
Rumors have long suggested that Samsung will introduce a new type of hinge with its 2023 foldables. The so-called waterdrop hinge allows the devices to fold flat with no gap. Effectively, it reduces the thickness of the foldable and also makes the display crease less visible. This has been one of the biggest requests from Samsung fans and foldable enthusiasts, and the company has responded. This design concept visualizes this much-anticipated change for everyone to see.
The rest of the stuff is fairly standard. We have a tall cover display, which is said to measure 6.2 inches diagonally, the same as last year’s Galaxy Z Fold 4. The 23.1:9 aspect ratio will likely remain unchanged as well. On the inside, we have an almost square folding display that should retain its 7.6-inch diagonal measurement. That’s based on early rumors that the Galaxy Z Fold 5 will not see any changes in length and breadth. It will only come thinner and lighter thanks to the redesigned hinge.
Snapdragon 8 Gen 2 for Galaxy will power the Galaxy Z Fold 5
Apart from the redesigned camera array and new hinge, the only other major upgrade that Galaxy Z Fold 5 will bring could be the processor. Rumors are that Samsung will ship the new foldables, including the Galaxy Z Flip 5, with the Snapdragon 8 Gen 2 for Galaxy chipset under the hood. That’s the same processor that powered the Galaxy S23 series. It’s an overclocked version of Qualcomm’s latest flagship chipset.
The rest of the package should include a 4,000mAh battery with 25W fast charging, a side-mounted fingerprint scanner, an IPX8 rating for water resistance, a 50MP primary camera, a 10MP zoom camera, a 12MP ultrawide lens, stereo speakers, and S Pen support (Fold Edition). The Galaxy Z Fold 5 will lack a built-in S Pen slot, though. Stay tuned for more information about the upcoming Samsung foldable duo.
It’s no surprise that ever since its release OpenAI’s ChatGPT has taken the world by storm, gathering over 100 million users in just two months. However, this popularity has come with its fair share of concerns, particularly when it comes to user privacy, as users recently discovered a bug in ChatGPT, which allowed users to see the chat history titles of other people.
The incident first came to light when many ChatGPT users and security researchers reported the issue on Reddit and Twitter, as they observed that the sidebar that usually displays user history was showing the history titles of other users too.
If you use #ChatGPT be careful! There’s a risk of your chats being shared to other users! Today I was presented another user’s chat history. I couldn’t see contents, but could see their recent chats’ titles.#security#privacy#openAI#AIpic.twitter.com/DLX3CZntao
OpenAI confirmed the incident to Bloomberg, noting that the bug did not expose confidential information and that they are still investigating the cause of the issue. However, reports suggest that an “unnamed, open-source software” caused the bug.
In response, OpenAI took down the chatbot on Monday for a few hours and replaced the chat history sidebar with a message stating, “History is temporarily unavailable. We’re working to restore this feature as soon as possible.” And although OpenAI’s status page says that they have restored the chatbot, the company is still working to restore the chat history feature.
Major security issue
This incident raises some serious privacy concerns regarding AI chatbots. And while ChatGPT maker OpenAI claims to remove personally identifiable information from the data and promises not to use the data from companies that pay for its API, this bug highlights that regular users are still vulnerable, and OpenAI can still access their data. Users of ChatGPT and other AI chatbots must be aware that the information they are sharing with the chatbot might not be as private as they previously thought. Therefore, it is always important to keep in mind the information you are sharing.
According to 9to5google, the team working on Google Assistant is now assigned to work on the company’s conversational chatbot Bard.
ChatGPT created momentum in tech that is reshaping the whole industry in a short time. Google, whose reign was in danger because of ChatGPT, launched Bard to catch up with the competition. The company has now tasked the Google Assistant development team to work on Bard and make it better.
While Google Assistant and Bard might seem like two separate services, they have many similarities. Both rely on conversational AI to perform tasks, and advanced language processing is the core part of both. Google Assistant has over 700 million monthly active users, and Google hopes the Assistant team could apply its experience and knowledge to turn Bard into a tough rival of ChatGPT.
The Google Assistant development team is now working on Bard
Vice president and general manager of Google Assistant Sissie Hsiao has just announced that early access to Bard is opening up in certain regions. This means Google is gradually preparing to open Bard to the public in the near future.
The Google Assistant development team is one of the most experienced teams within the company. Sissie Hsiao has been on Google since 2006 and has worked on various projects like Analytics, Search, and advertising. Appointing such an experienced team to work on Bard shows Google’s determination to AI competition, especially with ChatGPT and Microsoft Bing.
In the past few years, Hsiao and her team have been focused on improving the conversational features of Google Assistant. The app is now much better at processing language and understanding speeches at a high level.
Google also brought the Look and Talk feature to Nest Hub Max to replace the “Hey Google” hotword. To start a conversation, the feature looks for particular parameters like gaze direction, face match, and head orientation.
Bard is yet another experimental project for Google that serves as a data collection tool. Given the rapid growth of AI and its integration into different services, Bard might later find its way toward Google services.
A new report claims that the Type-C port on the iPhone 15 series will be limited. This information comes from Ming-Chi Kuo, a well-known Apple analyst.
This is not the first time we’re hearing this information, though, as a rumor appeared back in February too. This port will be limited in more than one way, actually, unfortunately. Let us explain.
Apple to limit iPhone 15 series’ Type-C port in more than one way
Apple is expected to include a Lightning-like authenticator chip in the iPhone, the same goes for the charging cable that comes with the device. That way, Apple will have control over what accessories can be used with the device.
As you may recall, the EU did push out a law that forced Apple to start using Type-C on iPhones, but the company found a way to make things a bit more difficult for users. Now, this doesn’t have to mean you won’t be able to charge the device with any Type-C cable, but the charging may be slower. We’ll have to wait and see.
Apple does something similar with wireless charging on iPhones. MagSafe-certified accessories can take full advantage of 15W charging. Non-certified Qi chargers can only charge phones at 7.5W.
The ‘Pro’ devices will offer a newer and much faster Type-C standard
What’s the other limitation that we mentioned? Well, this one applies to the vanilla iPhone 15 units only. It seems like their USB Type-C ports will be limited to USB 2.0 speeds. The iPhone 15 Pro series will offer a faster USB 3.2 standard.
Apple did the same thing on iPads, actually. Entry-level ones are capped at only 480Mbps, while the Pro ones can charge much, much faster than that. This will have an impact on your transfer speeds, of course, if you’re transferring data via a cable.
All iPhone 15 devices will have a Type-C port, and all of them will feature a Dynamic Island on the front.
After updating most of its eligible Galaxy smartphones to the March 2023 Android security patch, Samsung is now pushing the latest security release to its tablets. The Galaxy Tab S7 series has pipped others to the new SMR (Security Maintenance Release). The company should soon update the Galaxy Tab S8 series as well.
As of this writing, the March SMR for the Galaxy Tab S7 and Galaxy Tab S7+ is available to users in Latin America. According to SamMobile, which first reported this rollout, the update bears the firmware build numbers T87*XXS2DWC1 and T97*XXS2DWC1 for the two models, respectively. Both Wi-Fi-only and cellular variants seem to be picking up the new release. The publication confirms that the update is live in Argentina, Bolivia, Chile, Colombia, Guatemala, Mexico, Paraguay, Peru, and Uruguay. A wider release covering units in other markets, including the US, should follow in the coming days.
This update patches dozens of security vulnerabilities in the two Samsung tablets. The Korean firm’s monthly security bulletin mentions more than 60 patches for March SMR. As usual, some vulnerabilities only exist in select Galaxy models. Overall, Samsung patched 23 Galaxy-specific vulnerabilities this month, with the remaining patches coming from Google and other Android partners.
At least five Android OS issues patched this month were critical. If exploited in the wild, some of those could lead to remote code execution. Threat actors could remotely gain access to your phone without your knowledge.
Galaxy Tab S7 series gets March update as Samsung readies Galaxy Tab S9
Samsung launched the Galaxy Tab S7 and Galaxy Tab S7 in August 2020. The Galaxy Tab S8 followed in February last year with a third “Ultra” model. The Korean firm is now readying three more flagship Android tablets for launch later this year. We are expecting the Galaxy Tab S9, Galaxy Tab S9+, and Galaxy Tab S9 Ultra to arrive in August or September.
While we wait for the new tablets, users with one of the two 2020 models are getting the latest security update. To update your Galaxy Tab S7 or Galaxy tab S7+, go to the Settings app, tap on Software update, and then on Download and install. Your tablet will now connect to the internet to search for available updates. If it finds an update, you will be prompted to download it. If there’s no update available today, wait a few days and check again. Your tablet may also notify you when updates become available.
The PAC-12 has been struggling as of late. Not only are they losing two of their biggest draws in USC and UCLA to the Big Ten, but they’ve also been struggling to get a new TV deal. However, according to a report out of Forbes, it looks like Amazon, Apple and ESPN are in the running for the rights to PAC-12 football games starting this Fall.
Another report is citing that Amazon and Apple TV+ could split the streaming rights for games this fall, even if ESPN wins the rights. Basically, ESPN would air games on its family of networks, and then Amazon Prime Video and Apple TV+ would have the rights to stream the games. It’s unclear right now if that would be simultaneous or not.
The PAC-12 Network has always struggled with revenue
Since the PAC-12 Network started, it has always struggled with revenue. A big reason for that is likely the time zone, and the fact that their biggest market is not a big fan of local sports. Los Angeles is a huge sports market, but they don’t really watch USC or UCLA games. Both of which are played in LA. Just take a look at their games and you’ll see that there are only hundreds of people there instead of thousands.
In 2021, the Big Ten Network brought in $583 million, while the SEC Network had a revenue of $833 million in that same year. Meanwhile, the PAC-12 Network had just $37.7 million in 2021. Which is a far cry from the other Power-5 conferences.
Pile on the fact that the PAC-12 is also losing USC and UCLA in 2024, that makes it even tougher to get a good amount of cash for TV rights. It has been reported that the PAC-12 is looking to add San Diego State and SMU to the conference to replace those two teams. That would help build up their numbers a bit, while sticking to 12 teams. But, there’s also been talk about the Big Ten coming for a few more teams.
When it comes to streaming, the PAC-12 Network isn’t available everywhere. Currently, it’s on Fubo, Vidgo and Sling TV. And that’s it. Making it tough for PAC-12 fans to watch games.
In an effort to support the struggling ad business amidst the current challenging economic climate, Instagram is testing two experimental ad formats: ads in search results and Reminder Ads. These new formats will provide companies with more opportunities to promote their products or services.
As the name suggests, ads in search results will enable businesses to show ads to users who are actively searching for products, businesses, or content on Instagram. This means that when users search for a particular term on Instagram, such as “Galaxy S23,” they may see sponsored posts in the feed alongside the actual search results. Instagram intends to launch this feature globally once testing is over.
On the other hand, Reminder Ads will allow businesses to announce, remind, and notify users of upcoming events or launches. Therefore, when users opt into Reminder Ads for a particular event, they will receive notifications from Instagram one day before, 15 minutes before, and when the event begins. These notifications will appear like any other Instagram notifications and will be visible on the user’s lock screen.
Meta’s push towards increased ad revenue
It’s no secret that with the help of the new ad formats, Meta aims to increase its struggling ad revenue. In the Q4 2022 earnings report, Meta reported a decrease in ad revenue from $32.6 billion to $31.2 billion, with a year-on-year ad revenue drop from $114.93 billion in 2021 to $113.64 billion in 2022.
The company attributed this decline to weak advertising demand, which is caused by the uncertain and volatile macroeconomic landscape. However, Meta hopes to combat the decline with these new ad formats and job cuts. After laying off 11,000 workers in November, the company announced another round of 10,000 job cuts aimed at reducing operational costs.
While the new advertisement format will provide businesses with additional opportunities to advertise and increase revenue, it remains unclear whether users will welcome these new ads. Only time will tell if these new ad formats will be effective in boosting Meta’s ad revenue or not.
In the past few years Home Security Cameras have become a pretty popular product within the Smart Home space. Particularly because it means homeowners can keep an eye on their home without paying a monthly fee to a security company.
From smart doorbells, to outdoor cameras to indoor cameras, these Home Security Cameras come in all sorts of different products. And we have rounded up the Best Home Security Cameras that are currently available. These include those from brands like Arlo, Amazon, Ring, Nest and many more.
Top 10 Best Home Security Cameras
As mentioned, this list will offer up Home Security Cameras from brands like Arlo, Amazon, Ring, Nest, and a few others. It will also offer up some of the best video doorbells, wire-free cameras and indoor cameras. So there’s something for everyone on this Best Home Security Cameras list.
The Ring Video Doorbell Pro is the video doorbell to pick up for your home. It’s a really great gift, as you can watch and see who is taking your packages, or know who is at the door before they ring the doorbell.
With the Ring Video Doorbell Pro, you’re getting a wide-angle camera that can see all the way to the ground in front of your home. And the ability to interact with people via your smartphone, or even your Alexa products. Like the Echo Show or the Fire TV, which is really unique.
The Ring Indoor Cam is a pretty inexpensive security camera that you can add to your home. It comes in at under $60 but is routinely on sale for even less. Additionally, the Ring Indoor Cam has a nice base that can be used to sit on a table, or mount it on the wall or ceiling. It does record in 1080p video, and it will save it if you have Ring’s paid subscription.
The Arlo Pro 3 Spotlight Camera is the latest and greatest from Arlo. Which is a wire-free camera. So you can use inside or outside, which is the main reason why it is on our smart home gift guide this year. You can purchase the Arlo Pro 3 Spotlight Camera in a number of different options. Like three and five-camera kits. This is great for putting cameras around your home.
With the Arlo cameras being wire-free, that does mean you need to pop the battery out and recharge them every once in a while. These will normally last you around six months on a charge. And that is because it is not recording 24/7, but rather only recording when it sees movement.
There are many video doorbells on the market today, but the Arlo Smart Video Doorbell made our smart home gift guide because it works well with the other Arlo cameras. And it’s also less expensive compared to the other models.
There is a wide-angle camera built into this video doorbell, so it can see your entire front yard, and the ground in front of your door. Allowing you to see who is attempting to steal your Amazon packages. The Arlo Video Doorbell can send you notifications when it sees movement, as well as when someone presses the button on the doorbell. So even if they don’t want you to know they are there, you’ll know.
The Nest Cam Outdoor is hands-down the best home security camera that Google sells. It’s an outdoor camera, which means that it is weatherproof. It can take on those hurricanes, tornadoes, thunderstorms and even blizzards with ease. Unfortunately, it is not a wire-free camera though. So you are still going to need to run power to it.
With the Nest Cam Outdoor, you’re going to get 1080p footage from this camera. Which you can view in the Nest app on your smartphone – works with both Android and iOS. With Nest Aware, you can save more video from the Nest Cam Outdoor too. Though that is not a required subscription.
The Ring Spotlight Cam Battery is a good option to put outside of your home, maybe along the side of your home or outside the backdoor. It’s a spotlight camera, so it has motion-activated lights on either side. And since this is the battery-powered one, you don’t need to run power to it. But you will want to keep it near your home, so that the WiFi network can still get to it.
Like other Ring products, it will also work with the Ring app. And it’ll let you know when it sees movement. So you can see if you need to deal with it or not. It works really well with the Ring Video Doorbell too.
The Blink Mini is the cheapest camera on this list. And you’re probably wondering why this $35 home security camera is on this best of list, with many others that are over $100 – some of which are $200.
Well, the Blink Mini does the basics, and nothing more. It is a very small camera as you can tell by the name. Which offers two-way audio, and motion detection. It also only records in HD, and not 1080p or even 4K. Basically, you get what you pay for. And for most people, this is really all you need.
This is another good option for your side or backyard. The Ring Floodlight Camera is not battery-powered though, so you will need to run some power to it. But it does have two floodlights on either side of the camera, giving you a ton of light.
Much like other Ring products, this does also offer up the ability to get notifications about movement and when it sees people. It does also work with other Ring products too, so you can control it all in the same Ring app. Finally, it works with Amazon Alexa, so you can see the feed of the camera on your TV with a Fire TV device or on an Echo Show.
Like the Blink Mini, the Blink Outdoor is also fairly cheap, coming in just a penny shy of $100. It offers great battery life, and a small footprint. Though this one can do 1080p video recording.
Battery life on the Blink Outdoor is really impressive actually. We’re looking at two years on a single battery. This is because it does not record when there is no motion or humans detected in its view. So it saves a lot of juice that way.
The Wyze Cam is a 1080p indoor camera, that is pretty adjustable. So you can make it taller or shorter, and change where it is aimed. It’s a fairly small camera, so you can put it basically anywhere.
It does have two-way audio, so if it sees someone in your home, you can tell them to get out. Of course, with the app, you’ll still get the usual notifications when it sees movement. It also works with both Google Assistant and Amazon Alexa. Which is actually pretty rare.
Rounding out our list of the best home security cameras, is one that is aimed at pets. The Petcube Cam. It’s pretty inexpensive, and is ideal for keeping an eye on your pets. It will notify you when your pet is making noise – like barking. So you can see what’s happening.
The only downside to the Petcube Cam, is that it does not record any video, unless you pay for its subscription plan. That’s very different from most of the other cameras on this list here.
