March update live for Galaxy Z Fold 2 and Galaxy A12 in the US

andreasc
-
0
March update live for Galaxy Z Fold 2 and Galaxy A12 in the US
[ad_1]

Samsung is rolling out the March 2023 Android security patch to the Galaxy Z Fold 2 and the Galaxy A12 in the US. The latest security update has already been pushed to all other recent foldables and flagship models stateside. The new release contains more than 60 vulnerability patches.

The March SMR (Security Maintenance Release) for the Galaxy Z Fold 2 in the US is currently limited to carrier-locked units. The update comes with the firmware build number F916USQS2JWC1 and is available for users on Sprint and T-Mobile networks. Samsung should expand the release to factory-unlocked units in the coming days. The firmware version may vary slightly but the content will remain the same.

Speaking of content, don’t expect any new features or improvements here. The 2020 foldable model is only getting this month’s vulnerability fixes. It recently picked up the One UI 5.1 update with tons of goodies. Samsung is now improving the security level of the phone. Those with an unlocked Galaxy Z Fold 2 in the US know that their device hasn’t received One UI 5.1 yet. The March SMR for your foldable may arrive bundled big update.

Coming to the Galaxy A12, the story is a little different. It’s an entry-level phone that arrived on the market at the far end of 2020. The device debuted running Android 10 out of the box. It picked up updates until Android 12 and that’s all it will ever get. Samsung will not push Android 13 to it, and that eliminates the possibility of One UI 5.1 as well. Security updates also come a few and far between for this phone.

But as we speak, Samsung is pushing the March SMR to the Galaxy A12 in the US. The update is available for the unlocked variant with firmware version A125U1UES5CWC3. As you can see in the official changelog, the entry-level handset isn’t getting anything apart from the latest security patch. A wider release covering carrier-locked units should follow in the coming days.

March update for Galaxy devices patches more than 60 vulnerabilities

The March SMR for Galaxy devices contains fixes for more than 60 vulnerabilities across the Galaxy lineup. About 20 of those issues are Galaxy-specific and were duly patched by Samsung. The rest are issues in Android OS and other partner components that various Android OEMs use. They affect the entire Android ecosystem. Respective vendors of those components patched the issues. If you’re using the Galaxy Z Fold 2 or Galaxy A12 in the US, you can check for a new update with all of these vulnerability patches from the Settings app.


[ad_2]
Source link

FBI launches investigation against TikTok for spying on journalists

andreasc
-
0
FBI launches investigation against TikTok for spying on journalists
[ad_1]

It’s no secret that over the past few years, TikTok has been under a lot of scrutiny regarding its data privacy practices. However, when reports of the company firing employees for using the app to spy on the locations of two journalists emerged last year, it sparked a new wave of controversy. Now, the FBI and the Department of Justice are also looking into the matter and have launched an investigation against TikTok over national security concerns.

The incident was first confirmed in an internal ByteDance investigation, where the company found out that some employees accessed data on American journalists’ TikTok accounts to figure out which employees were leaking information to reporters. While ByteDance says they immediately fired the involved employees, this security lapse has caused US lawmakers to question the company’s privacy practices as they worry that the Chinese government is using TikTok to gather intelligence on US citizens.

The details of the investigation are still unclear, but Forbes says TikTok has already received subpoenas from the Department of Justice, and the FBI has also started conducting interviews related to the matter.

In response to the investigation, ByteDance stated, “We have strongly condemned the actions of the individuals found to have been involved, and they are no longer employed at ByteDance. Our internal investigation is still ongoing, and we will cooperate with any official investigations when brought to us.”

Mounting pressure on TikTok

This development also comes at a time when US regulators have been mounting pressure on ByteDance to sell off the US division or face a complete ban. However, TikTok has rejected the demand for divestiture, stating that it won’t address the government’s concerns. Instead, the company proposed “Project Texas,” a $1.5 billion initiative that would store US user data domestically and subject the company to an auditing process conducted by American tech giant Oracle.


[ad_2]
Source link

The Malware That Infects Systems with Multiple Families

andreasc
-
0
The Malware That Infects Systems with Multiple Families
[ad_1]

Currently, DotRunpeX malware appears to be primarily distributed through phishing emails and malicious Google Ads, presenting a significant threat to users’ systems.

A new malware that distributes multiple known malware families, including Agent Tesla, FormBook, Ave Maria, NetWire, LokiBot, Raccoon Stealer, Remcos, RedLine Stealer, Vidar, and Rhadamanthys, has been discovered by Checkpoint researchers.

Dubbed DotRunpeX, the malware is a new injector written in .NET, created using the Process Hollowing technique, and used to infect systems with different malware families.

The researchers noted that DotRunpeX is being actively developed. Its infection chain invades the system as a second-stage malware, usually deployed via a downloader or loader delivered via malicious attachments in phishing emails.

Additionally, it can leverage malicious Google Ads that appear in search results to direct unsuspecting users when they search for commonly used software such as LastPass and AnyDesk and send them to copycat sites delivering trojanized installers.

DotRunpeX: The Malware That Infects Systems with Multiple Families
A malicious Google Ad and phishing email that drop the malware (Image: Check Point)

Though the injector is fairly new, there are several similarities it shares with its previous versions. For example, the injector’s name is derived from its version information, which is the same for both versions across all samples the researchers analyzed. They also noted that it contained ProductName – RunpeX.Stub.Framework.

Their analysis revealed that each malware sample had an embedded payload of a specific malware family to be injected, which becomes possible by abusing the vulnerable procexp.sys process explorer driver incorporated into the malware for obtaining kernel mode execution.

They analyzed publicly shared data by independent researchers regarding DotRunpeX but learned that the malware was misattributed to a well-known malware family. Furthermore, they learned that the first-stage loader and the second-stage loader had no connection.

The most recent activity of DotRunpeX was detected in October 2022. It was noticed that using the KoiVM virtualizing protector adds an extra obfuscation layer. These findings were somewhat similar to a malvertising campaign discovered by SentinelOne in February 2023. In that instance, the loader and injector components were referred to as MalVirt.

Researchers suspect that the malware may be operated by Russian-speaking groups, given the references to the language in its code.

  1. New YTStealer Malware is Hijacking YouTube Channels
  2. YouTube Tutorial Videos Spread Vidar, Raccoon Malware
  3. Adsense abused: 11,000 sites hacked in a backdoor attack
  4. Google Drive behind most malicious Office doc downloads
  5. Google Ads drop FatalRAT in fake messenger, browser apps

[ad_2]
Source link

Google Workspace plans get increments along with improvements

andreasc
-
0
Google Workspace plans get increments along with improvements
[ad_1]

All Google Workspace plans have seen an increase from their previous pricing. The new prices are now being implemented, a few weeks after Google announced them. So, if you use Google Workspace for collaboration with your team, you’d pay a slightly increased plan when your subscription renewal is due.

Regardless of the Business plan you subscribe to, your payment will see an increase. But, the increment varies from one plan to another, with the Business Plus plan seeing the highest increase. Well, if you subscribe to the Enterprise, Education, and annual payment, this price increment won’t affect you.

This price increment comes in light of the AI integrations coming to the Workspace services. For this reason, Google is stepping up the subscription plans on all tiers. Here is everything you need to know about this subscription price increment on Google Workspace.

Everything concerning the new Google Workspace plans

Google Workspace, previously known as G Suite, has undergone yet another change. This time the change alters the pricing of the Workspace subscription plans. If you aren’t already aware, Workspace is simply a productivity tool from Google for your business team.

Lots of businesses rely on this service for collaboration with their team on various projects. To make use of this feature, business owners need to pay for a subscription plan. This plan gives them access to collaboration tools on various Workspace apps like Google Mail, Meet, and other applications.

There are a total of five Google Workspace plans for prospective users to choose from. These plans are Business Starter, Business Standard, Business Plus, Enterprise, and Education. Users then get to pick what best suits their business and team needs.

All plans have got a subscription price increment, except the Enterprise and Education plans. The Business Starter plan previously priced at $6 is now $7.20 getting a $1.20 price increase. Next is the Business Standard, previously priced at $12, which is now $14.40 raising the plan by $2.40. Lastly, the Business Plus plan, which was $18 per month, is now $21.60 making it the highest increment.

For the businesses currently on the annual subscription, they won’t be affected by this increment. The main reason for this increment is a result of the new Google Generative AI feature that is being introduced to the Workspace platform. This marks a new era for AI and Google Workspace with a ton of tools to make cross-collaboration easier.


[ad_2]
Source link

TikTok CEO argues division from ByteDance won’t solve security concerns

andreasc
-
0
TikTok CEO argues division from ByteDance won’t solve security concerns
[ad_1]

It’s no secret that TikTok’s mishandling of user data has put the company in a lot of trouble, including the US government’s push for the app to divest from its parent company, ByteDance, or face a national ban. However, TikTok CEO, Shou Zi Chew, has now claimed that even if they sell off the US division, concerns over data privacy and security would persist. Instead, the company aims to address the issues with the help of Project Texas.

“I do welcome feedback on what other risk we are talking about that is not addressed by this, and so far I haven’t heard anything that cannot actually be solved by this,” said Chew in a statement to The Wall Street Journal.

Chew’s remarks came in response to fears that China could gain access to user data through TikTok. Lawmakers worry that the Chinese government might compel ByteDance to share user data and demand changes to the content that TikTok’s algorithms show to Americans. Furthermore, the FBI’s recent investigation into ByteDance’s alleged access to the data of US journalists has added to the existing concerns and criticisms of the company’s data handling practices.

What is Project Texas?

While the company’s CEO has denied the US government’s request for divestiture, TikTok hopes to address the security concerns with Project Texas. The initiative aims to protect US user data by routing it through domestic Oracle servers and allowing third-party oversight of the app’s algorithms. TikTok claims they have invested billions of dollars in this project and are also looking forward to expanding the project in the EU.

Despite these safeguards, a former employee of TikTok’s trust and safety team has claimed there are significant flaws with Project Texas, as the Chinese government could still access US user data through TikTok. In response to these concerns, Chew argued that the project will prevent China from accessing US user data, regardless of any changes to Chinese law.

“The idea behind Project Texas is it won’t matter what the Chinese law or any law says, because we’re taking U.S. user data and we’re putting it out of their reach. You’re talking about real concerns, I think these are the real solutions,” said Chew.


[ad_2]
Source link

Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles

andreasc
-
0
Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles
[ad_1]

We take a look at multiple vulnerabilities highlighted by Google’s Project Zero team, and what you can do to ward off the threat of attack.

Google’s Project Zero is warning of multiple significant vulnerabilities found across many models of mobile devices including Samsung Galaxy, Google Pixel, Vivo, and several forms of wearable and vehicles using certain types of components.

Between late 2022 and early 2023, Project Zero reported 18 vulnerabilities in a chip powering those devices. Of those 18, a total of four vulnerabilities are tagged as “top-severity” which could allow for silent compromise over the network.

Which devices are affected?

The list of impacted technology is as follows:

  • Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series
  • Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series
  • The Pixel 6 and Pixel 7 series of devices from Google
  • Any vehicles that use the Exynos Auto T5123 chipset

The four most severe vulnerabilities could allow attackers to remotely compromise a device, with no physical interaction required at any stage of the proceedings. The only thing an attacker requires for the compromise to take place is knowledge of the intended victim’s phone number.

The other fourteen, while still bad, are nowhere near as severe, and for them to be successful requires either a malicious mobile network operator or an attacker with local access to the device.

Meanwhile, the Google Security research team believes that the most severe vulnerabilities would allow skilled attackers to create an operational exploit in a short space of time.

Patching and scope of threat

While Google mentions that patching will be dependent on manufacturer, PIxel phones (for example) have already been patched against CVE-2023-24033 in the March security update. If a patch isn’t forthcoming for your own device yet, Google has some suggestions to help keep your technology safe from harm. If your device allows you to, switch off two settings called:

  • Wi-Fi calling
  • Voice-over-LTE (VoLTE)

This will prevent the risk of exploitation. One potential ramification of disabling VoLTE is that in recent years it has become something of a necessity for some mobile networks. If you’re able to turn it off, then based on the information available you may experience poor call quality and lack of certain features and functionality. On the other hand, VoLTE is “not available everywhere on every network, or on every handset” so it may not matter too much anyway depending on your make and model.

As for scope, depending on where your device is from you may not be running the vulnerable type of chip needed for the exploit to be successful. The Verge notes that phones sold outside of Europe and some African countries” use something else altogether. In those instances, you should be fine.

Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Samsung’s Galaxy S23 trade-in offer massively reduces the cost

andreasc
-
0
Samsung’s Galaxy S23 trade-in offer massively reduces the cost
[ad_1]

If you are trying to purchase any device in the Galaxy S23 series, then you might want to consider the new Samsung trade-in offer. The available offers can earn a buyer up to $700 to assist them with their purchase. But only a few buyers have access to these offers on the Samsung website and official retail stores.

Samsung fans will find these trade-in offers very interesting, as it rewards them for being loyal customers. So if you are a Samsung fan, head over to their official smartphone website and grab yourself a new Galaxy S23 series device. Two devices in the series are available for purchase with this new trade-in offer.

These devices are the S23 and the S23+ both of which are great flagship devices. In this article, we will take a look at the available trade-in offers for Samsung users. Which devices will be accepted, and which ones have the best trade-in value?

The new Samsung trade-in offer has a lot to offer existing Samsung users

The new Samsung Galaxy S23 and S23+ are both impressive devices that pack a ton of features. If you are into smaller yet powerful devices, then the S23 is the perfect choice for you. But, if you want something bigger with a larger battery, then the S23+ will suit your taste.

Both devices make use of the Snapdragon 8 Gen 2 processor for Galaxy devices and pack 8GB memory capacity. They also feature the same rear and front-facing camera setup, bringing similar imagery performance. The smaller S23 retails at $799 and the larger S23+ retails at $999 without the new trade-in offer.

If you already own a Samsung device (smartphone or tablet) purchasing either the Galaxy S23 or S23+ will be more affordable. Samsung’s new trade-in offer is a trade-in offer for these devices that can help you pay just $99 for the S23 and $299 for the S23+ (128GB option). To get this amazing deal, all you need to do is trade your current device back to Samsung while purchasing any of the S23 devices.

All Samsung devices from the Galaxy S7 down to the Z Fold 4 are on a trade-in promotion. With any device within this range, you can get a discount ranging from $110 to $700 on the Galaxy S23 series. This massive discount is courtesy of the new Samsung trade-in offer.

To Apple users, there is no need to feel left out as Samsung is also giving you a similar trade-in offer. From the iPhone 6s to the iPhone 14 Pro Max, this trading offer gives you a $30 to $700 discount. If you are considering switching over to Android, this is the best time for you. Simply trade in your iPhone and get the latest Samsung flagship devices.

Pixel, OnePlus, and LG users also get similar deals, with the Pixel 7 Pro having the highest trade-in offer. It is good to note that the new Samsung trade-in offer is exclusive to certain regions. Head over to the official website in your region to see if you can benefit from this trade-in offer. You also stand a chance to win the Samsung Galaxy S23 Ultra by clicking on this link.


[ad_2]
Source link

Snapdragon 7+ Gen 2 yields much better AnTuTu score than its predecessor

andreasc
-
0
Snapdragon 7+ Gen 2 yields much better AnTuTu score than its predecessor
[ad_1]

The Snapdragon 7+ Gen 2 got announced last week, and its AnTuTu score just surfaced. Abhishek Yadav, a tipster, shared the AnTuTu score of the SoC, and compared it to what its predecessors offered.

The Snapdragon 7+ Gen 2 offers a much better AnTuTu score than its predecessor

The tipster said that the Snapdragon 7+ Gen 2 managed to reach a score of 1,000,000, while the Snapdragon 7 Gen 1 scored 600,000 on AnTuTu. The Snapdragon 778G managed to hit 555,000 points.

As you can see, the difference between the Snapdragon 7+ Gen 2 and Snapdragon 7 Gen 1 is much bigger than the difference between the Snapdragon 7 Gen 1 and Snapdragon 778G.

That could be one of the main reasons why Qualcomm went with the Snapdragon 7+ Gen 2 name, instead of using the Snapdragon 7 Gen 2 name as everyone expected. The company completely skipped over the Snapdragon 7 Gen 2 naming.

This processor comes with a 1+3+4 architecture, and it’s a 4nm processor. The Kryo CPU included here offers a 50% performance improvement, claims Qualcomm, while the Adreno GPU also offers a performance boost.

This chip is also more power efficient

The chip is also more power efficient, as Qualcomm states a 13% improvement over its predecessor. The Auto Variable Rate Shading (VRS) is included here, and the same goes for Volumetric Rendering and Snapdragon Sound with Qualcomm aptX.

The Qualcomm AI Engine offers a 2x improved AI performance, while there’s also an 18-bit Triple ISP included. Qualcomm also included the Snapdragon X62 5G modem on the inside, and Bluetooth 5.3 support.

This chip has support for LPDDR5 RAM up to 3,200MHz, and Quick Charge 5 technology. It also supports displays up to QHD+ resolution and 120Hz refresh rate. Qualcomm does expect quite a few phones to utilize this chip.


[ad_2]
Source link

Google Calendar will let you add custom birthday reminders

andreasc
-
0
Google Calendar will let you add custom birthday reminders
[ad_1]

Google Calendar is always here for you when you need to remember important dates like a birthday. Right now, Google is working on a new feature that will help you set up custom reminders so you can surprise that special someone on their special day.

Right now, this feature is not available to the public. We’re not even sure it’s in testing. According to Android Police, you can only access the feature in version 2023.08.2-511758217 of the app. Even then, you’ll need to enable several flags. So, you’ll want to take this information with a grain of salt.

Google Calendar will make setting birthday reminders better

If this feature comes out, you’ll see a popup appear when you open the app. It will give you the option to add a birthday when making a reminder. This might seem weird to some people because you’re able to get birthday reminders automatically. When you add a birthday to a contact, the calendar will automatically make a birthday reminder.

However, this feature will give you more options when setting up a reminder. You’ll have just as much control over it as if you’re making standard reminders. So, when adding a birthday reminder, you can choose what kind of notification to get. Also, you’re able to set what date you want it to go off.

So, if you want to get a reminder of the birthday beforehand or afterward, you can. This could be helpful if you’re bad at remembering birthdays. You could get an early reminder and make preparations.

At this point, we don’t know when the company plans on launching this feature. For all we know, Google could pull it before launch. If you’re excited about the feature, then you might want to keep an eye on your app. Make sure that it’s always up to date.


[ad_2]
Source link

iPhone 15 Pro Max to have the thinnest bezels on the market

andreasc
-
0
iPhone 15 Pro Max to have the thinnest bezels on the market
[ad_1]

According to a well-known tipster, Ice Universe, the iPhone 15 Pro Max will have the thinnest bezels on the market. The tipster did share some specific info too, but it’s interesting he mentioned only the Pro Max, not the regular Pro. This could suggest the iPhone 15 Pro will have thicker bezels than its sibling.

The iPhone 15 Pro Max tipped to have the thinnest bezels on the market

In any case, the iPhone 15 Pro Max’s bezels will be 1.55mm thick, says the tipster. Thus far, out of the phones that are available, the Xiaomi 13 Pro holds the lead. Xiaomi’s latest flagship has bezels that are 1.81mm thick.

For comparison’s sake, the tipster did share the bezel thickness of the Galaxy S22, S23, and the iPhone 14 Pro. The bezels on those three phones measure 1.95mm (S22 & S23) and 2.17mm (14 Pro).

The upcoming iPhones will probably have uniform bezels, by the way, as we’re used to seeing from Apple. That means that every single bezel on the iPhone 15 Pro Max will measure 1.55mm.

The iPhone 15 Pro seemingly won’t have the same bezel thickness

We do hope that the iPhone 15 Pro won’t have noticeably thicker bezels than the Pro Max. Well, presumably that they’ll be thicker at all, as the tipster mentioned the ‘Pro Max’ model specifically.

The iPhone 15 series is expected to launch in September this year. This time around, all phones in the series will include a Dynamic Island, even the non-Pro models. That is a feature that was reserved for the iPhone 14 Pro and Pro Max last year.

All phones will also include a Type-C port at the bottom, due to the new EU rule. The ‘Pro’ iPhones are tipped to include solid-state buttons this time around, and perhaps even some new materials for the frame, we’ll have to wait and see.


[ad_2]
Source link
1...1,3741,3751,376...1,474Page 1,375 of 1,474