There’s a new malware roaming free online right now. It hijacks people’s social media accounts, steals login credentials, and mines cryptocurrencies using people’s devices, reports TechRadar.
New malware exploits users’ YouTube and Facebook account
The info comes from researchers from Bitdefender’s Advanced Threat Control Team (ATC), which found a new strain of malware named S1deload Stealer. The malware tries to avoid being detected by antivirus programs by using DLL sideloading. In the second half of 2022, malicious users were able to infect hundreds of users.Bitdefender products detected more than 600 unique users infected with this malware between July and December 2022, Dávid Ács, a researcher from Bitdefender, stated.
The malware needs to be downloaded and run by the victims themselves. It was hidden in archives (.zip files) that allegedly had adult content. When the victims downloaded and run the “content”, they didn’t find what they were looking for but instead got their devices infected with an infostealer.
Here’s what this malware is capable of. First, it can download a headless Chrome browser that runs in the background. It opens YouTube vids and Facebook posts and rakes up views. It can also download and run an infostealer that decrypts login credentials saved in browsers, as well as session cookies.
When it comes to a Facebook account, it tries to analyze it. It looks for whether the account administrates any Facebook pages or groups, if it pays for ads, or if it’s linked to a business manager account. All in all, you can imagine this makes the account even more valuable.
And then it can go ahead and download, install, and run a cryptocurrency miner. It mines the BEAM cryptocurrency for hackers. By the way, the hacker can also use the stolen credentials to spam on social media and try to infect even more machines.
A more techy explanation of the malware’s actions can be found on Bleeping Computer’s article. The moral of the story: don’t download shady things from the internet.
There has been an emergence of a new security threat that has been causing havoc among the Asian shipping and medical laboratory industries.
It’s a never-before-seen threat group dubbed Hydrochasma, actively targeting the shipping and medical organizations that are engaged in research and treatment of the COVID-19 vaccine.
Symantec, a company under Broadcom, has been monitoring the activities of cybercriminals since October of last year. Their ultimate aim seems to be the acquisition of valuable information.
Modus Operandiof Attack
Hydrochasma’s modus operandi is unique in that they employ open-source tools and LotL techniques during their attacks. This enables them to carry out their malicious activities without leaving behind any traces that could potentially expose their identity.
This method of operation poses a challenge to those attempting to track and attribute the attacks to specific threat actors.
The origin and affiliation of this threat actor have not been determined, nor has any evidence yet been collected as to its origin.
The utilization of pre-existing tools seems to serve a dual purpose for Hydrochasma:-
To evade attribution efforts
To enhance the stealthiness of their attacks
By leveraging these tools, they can mask their activity and blend in with legitimate network traffic, making it more challenging for security experts to detect and respond to their malicious activities.
Attack Chain
Most likely, Hydrochasma infected its host with a phishing email in order to spread its infection. Initial signs of Hydrochasma’s presence on a targeted system are often indicated by the appearance of a lure document, with a file name that is crafted to appear as if it were an email attachment written in the native language of the victim organization.
This is an attempt to deceive the target into thinking that the document is legitimate and relevant to their work. Here below we have mentioned those attachment names:-
Product Specification-Freight-Company Qualification Information wps-pdf Export.pdf[.]exe
University-Development Engineer[.]exe
Once the attacker gains access to a machine, they utilize this access to deploy a Fast Reverse Proxy (FRP), which has the potential to expose servers that are located behind a firewall to the public web.
Tools Used
Here below we have mentioned all the tools that are dropped by the intruder on the affected system:-
Gogo scanning tool
Process Dumper (lsass.exe)
Cobalt Strike Beacon
AlliN scanning tool
Fscan
Dogz proxy tool
SoftEtherVPN
Procdump
BrowserGhost
Gost proxy
Ntlmrelay
Task Scheduler
Go-strip
HackBrowserData
It is extremely difficult to relate the activity to any specific threat group when a large number of publicly available tools are used.
There was no evidence that any data was taken from any of the targeted computers by Hydrochasma according to researchers from Symantec. Hydrochasma on the other hand utilizes certain tools that allow remote access to the system, which could result in data being extracted from the system.
This attack appears to have been motivated by a mission to gather intelligence, as indicated by the sectors targeted.
The Lehigh Valley Health Network stated it was the target of a cybersecurity attack by a ransomware gang known as BlackCat
In a statement issued Monday morning, Lehigh Valley Health Network said it had been the target of a cyberattack attributed to a ransomware gang known as BlackCat. The Network is made up of 13 hospital campuses, as well as other health facilities, and is based in Pennsylvania.
BlackCat
The ransomware-as-a-service (RaaS) group BlackCat, also known as ALPHV and Noberus, is currently one of the most active groups, and has been associated with Russia. In our recent February ransomware review it came in second after Lockbit, based on the number of known attacks.
In December, 2022, the Office of Information Security and Health Sector Cybersecurity Coordination Center issued an extensive Analyst Note which identified BlackCat as a “relatively new but highly-capable” ransomware threat to health care providers.
BlackCat uses double extortion and sometimes triple extortion to make victims pay the ransom. That means that besides encrypting files, the gang also threaten to publish the stolen data on a so-called “leak site”, and at times, threaten their victims with DDoS attacks.
The attack
According to the health network, the attack targeted the network supporting Delta Medix, a physician practice in Lackawanna County. The unauthorized activity was detected on February 6, 2023 and involved a computer system used for patient images for radiation oncology treatment and other sensitive information.
The health network is investigating the full scope of the attack, but says services have not been disrupted, although its websites seem to be offline for the moment. It was unable to say yet whether any specific patient’s personal or sensitive information was compromised, but promised to inform any affected individuals if it discovers that was the case.
No ransom
The Lehigh Valley Health Network said it has refused to pay a ransom, but did not disclose the demanded amount. According to the US Department of Health and Human Services (HHS) The BlackCat group has demanded ransoms as high as $1.5 million in previous cybersecurity attacks against the healthcare sector.
Dr. Brian Nester, the health network’s president and CEO said:
“BlackCat demanded a ransom payment, but LVHN refused to pay this criminal enterprise. We understand that BlackCat has targeted other organizations in the academic and health care sectors. We are continuing to work closely with our cybersecurity experts to evaluate the information involved and will provide notices to individuals as required as soon as possible. Attacks like this are reprehensible and we are dedicating appropriate resources to respond to this incident.”
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Write an incident response plan. The period after a ransomware attack can be chaotic. Make a plan that outlines how you’ll isolate an outbreak, communicate with stakeholders, and restore your systems.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
We’re used to seeing former members of major companies spin off and start their own ventures. Instagram co-founders Kevin Systrom and Mike Krieger started a company called Artifact, and its app is now available to everyone.
Artifact is a news curation app with the simple goal of giving you news articles based on your interests. A large part of the company’s marketing is that it uses artificial intelligence to deliver your news. It aims to give you exactly the kind of articles that you need without the noise.
This sounds like an interesting idea, but the app wasn’t ready for mass downloading just yet. You needed to join a waitlist if you wanted to gain access to the app. This was unfortunate for people who were excited about the app.
Fortunately, Artifact is now available for everyone to download
People who are tired of waiting for this app to make it to everyone should rejoice. Kevin Systrom just posted a tweet letting us know that the wait is now over. It was accompanied by a sizzle reel showing a little of what the app is about.
As stated before, it’s an article curation app that gives you articles about only what you want to see. When you get the app, you can enter it and start reading articles. However, if you want to transfer your data to another device, you have the ability to create an account. It’s not the whole email address and password shebang. You only need to use your phone number.
Then, you’re able to pick 10 or more topics that you want to receive articles about. At the moment, there are 54 topics that you can choose from. These include tech, science, TV & Movie, celebrities, cars, fashion, and so on. You have to pick at least 10 when you’re setting up your profile, but you can adjust your selection later.
After you set up your profile, you’ll see a main feed of articles that are curated by your reading history. Also, if you only want to read articles about a specific topic, you can select one of the tabs up top.
This is a useful app if you want to keep up to date with the latest headlines. Click on the link below to download it for the Google Play Store.
The console wars are a never-ending battle, making it difficult to choose the best system. But in 2023, three systems have risen above the rest: PlayStation 5, Xbox Series X, and Nintendo Switch OLED. All of them are different in terms of characteristics and price, so everyone can enjoy the gameplay without taking out loans and worrying about the question, “can you go to jail for debt” if you don’t pay them.
So if you’re looking for your perfect gaming companion – read on! With these consoles offering superior graphics and immense power – there’s something out there that will meet all of your gaming needs.
The popularity of the gaming industry
The gaming industry continues to gain popularity across the world, with Statista predicting an increase in worldwide video game users from 3.2 billion people in 2021 to 3.6 billion by 2026. This rapid growth trend will likely continue as many prominent companies have released new products and technology components over the past few years.
As these new innovations add value to the gaming experience, such as expanding online connectivity, increasing graphical capabilities, and offering immersive virtual experiences, it is no surprise that more people are hoping to jump into the action.
The market size of the video game industry already surpasses the movie box office revenues, with its revenue reaching over fifty-two billion USD globally in 2019 and expected to grow at a CAGR of 10.31%.
With web gaming becoming increasingly popular amongst gamers due to its ease of access, diverse gameplay options, and affordability through free-to-play titles, casual gamers can join in on all of the fun, allowing for even faster growth within this ever-growing entertainment sector.
Console vs. PC: what is better?
The answer largely depends on personal preference when choosing between a console or PC for gaming. Consoles are often preferred for those looking for a more cost-effective option and greater convenience.
Consoles also provide gamers access to exclusive titles that cannot be found on PC and easy-to-navigate menus and controllers designed specifically with gaming in mind. On the other hand, PCs offer their own benefits, such as faster loading times, higher graphical fidelity, and better modding support.
Additionally, PCs come with more customization options than consoles which may appeal to those looking for even further performance optimization beyond what is available out of the box. Ultimately both consoles and PCs provide an excellent platform for gaming, and which one you choose depends on your own specific needs and preferences.
The Xbox Series X
The Xbox Series X is the must-have console for the gamer who wants to experience gaming in its highest form. With 12 teraflops of processing power, games will run at up to 120 frames-per-second and 8K resolution, offering lightning-fast loading times and unbeatable graphics.
Plus, with over 50 classic games available via backwards compatibility, gamers can have access to a huge selection of classic titles from the last two generations of Xbox. With improved audio capabilities too, Dolby Atmos support provides incredible sound quality.
The new Quick Resume feature allows gamers to switch between games instantly and pick up where they left off. The Xbox Series X gives players all they need in their latest generation console.
The PlayStation 5
With the release of the PlayStation 5, gamers have more powerful hardware and incredible gaming options than ever before. With a high-performance CPU and GPU combination, games that look and feel realistic have never been better.
This next-generation console supports high-quality visuals while reducing the loading time, allowing players to get into the thick of their games faster.
Its graphics look impressive, and its innovative storage means far fewer downloads, so fans can start playing right away. Whether it’s triple-A exclusives or free-to-play titles, PlayStation 5 owners are sure to love having access to some of the best video games available today.
Nintendo Switch Lite
The Nintendo Switch Lite has become a must-have for families everywhere! Combining the best of both worlds – portability, and versatility – this console is the perfect blend of entertainment for busy households.
It provides access to a wide variety of family-friendly games that any age can enjoy, and it’s small enough to take on road trips or keep in the living room. Whether you’re looking for educational titles, racing games, puzzles, virtual reality experiences, or at-home sing-alongs, the Nintendo Switch Lite has something to offer everyone in your family.
With its child-friendly design and parental control options, it’s easy to see why it has become one of the most popular consoles for young gamers.
The Xbox Series S
The Xbox Series S is a great console for those looking for a budget-friendly option. It has an 8-core AMD Zambezi processor and 10GB of RAM, so you’ll see a noticeable performance increase over the previous Xbox One series models.
It also features faster load times, improved frame rates, and increased resolution. However, it is important to remember that while the Series S is great in terms of its value proposition, some of its more powerful rivals will be able to outperform it in various games.
Of course, with access to backward compatible games from all generations of Xbox consoles up to the Xbox 360, plenty of titles are available so long as you say within the Series S’ price range.
The Nintendo Switch with OLED
The Nintendo Switch, with an OLED display, is the latest handheld gaming console to take the industry by storm. This portable powerhouse provides the user with stunning visuals and superior performance, taking mobile gaming to a new level.
Supports for wireless Joy-Con controllers and HD rumble provide a more immersive experience than ever before. With its sleek design, strong battery life, ergonomic shape, and lightweight portability, you can be sure of an enjoyable gaming session no matter where you are. Whether on a plane or at home in your living room – the Nintendo Switch OLED allows gamers to have an amazing experience unlike anything else on the market today.
Conclusion
In conclusion, the market for gaming consoles has become more robust due to the recent production of new and improved consoles like Nintendo Switch OLED, Xbox Series X, PlayStation 5, Nintendo Switch Lite, and Xbox Series S.
While each console is designed differently with varying capabilities and features, they all offer exciting gameplay experiences that are sure to please gamers of any kind.
Whether you’re looking to invest in a powerful gaming console or a cheaper option that still delivers on performance, there’s an option out there for everyone. Researching and comparing the available consoles goes a long way towards finding what best suits your budget and gameplay needs.
So you probably know what a news feed client is. Even if you are not using one, basically any platform that can serve up a curated list of news topics from across different publications is considered a news feed. And nowadays, even if you aren’t interested in keeping up with the latest news, feeds are everywhere: even in your browser! Well, yesterday a new fighter entered the fray: Artifact. The app is created by two of the co-founders of Instagram, and is noteworthy for being powered by AI. Said AI is working in the background to get a grasp of what sort of stories you are into, while still offering some handy tools to filter out anything that isn’t to your liking.
So basically, the goal here is to help users create an ultra-curated feed of content. Sounds a tad familiar to some prolific social media networks, but let’s not digress.
Artifact is live right now and available for both iOS and Android smartphones. The app is free and will allow you to use it without signing up via phone number, but you can also do that if you’d like to save your profile. And we’ll get back to why that might be important a bit later on again.
Don’t worry, it has a dark mode too.
The setup process is really simple and easy to follow. The app provides you with a list of topics from which you can choose the ones you are interested in. Then you can add any paid subscriptions to news publications you might have. Naturally, the app will want to send you notifications about breaking news, but you can kindly decline the offer.
The AI will need some help in order to get to know you better though. You’ll have to read at least 25 stories per day for a 14-day period in order for it to start recommending the type of content you are looking for. It is kind of cool that the app has a dedicated section to show your progress towards this goal.
On that same section, you can also sign up through adding a mobile number in order to save your progress. And you might want to do that, especially if you’ve opted to complete the aforementioned 14-day challenge. The app has no indication of the sign-up costing anything, and it doesn’t look like it would pester you restlessly through SMS pokes.
The stats screens really look fresh and clean in terms of design.
Given that Artifact is developed by co-founders of Instagram, is it any wonder that it also has some social features? Not annoying ones, mind you. You can invite some friends to the app, and it will periodically let you know what type of content they are interested in, which is an interesting way of peeping on your buddies online.
In typical news feed fashion, you’ve got the ever-coveted Read Later list, but you also have a Reading History section, so that you can get back to an article that you’ve come to appreciate over time. If you use the app long enough, it will even provide you with stats like what your favorite publications and topics are, which is always neat. This may be the next hit Year in Review type of thing, but for non-audiophiles!
Overall, Artifact is simple to set up, very easy to navigate and the browsing experience is so fluid that it is kind of addicting. But again, is it any wonder, given who conceptualized it? While it is too early for us to tell if the AI is truly as good as it is made out to be, but even beyond that, Artifact is a great first choice for anyone looking to get into “the know”.
In the digital age, protecting your data is more important than ever. With hackers becoming increasingly sophisticated in their methods of stealing sensitive information, it’s essential that businesses and individuals alike take steps to secure their data. As transcriptions can contain large amounts of sensitive data, it’s important to take extra measures to secure them.
In this article, we’ll explore some of the basic steps you can take to protect your data with transcription security essentials.
What is Transcription Security?
Transcription security is the process of protecting transcription data from unauthorized access or manipulation. This includes not only physical measures such as encryption and secure servers but also virtual measures such as strict access control and rigorous review procedures. The goal of transcription security is to ensure that only authorized users can access and use the data. Secure transcription practices help protect the data from malicious actors, as well as accidental or deliberate misuse.
Are All Transcription Services Secure?
No. Not all transcription services are secure. In fact, many transcription services don’t provide adequate security measures to protect your data from unauthorized access or manipulation. It’s important to do your research when selecting a transcription service and make sure that they provide adequate security protocols.
How Can a Company’s Security Be Checked?
There are several ways to check a company’s security protocols. The most common method is to contact the transcription service and ask for a copy of their security policies and procedures. Make sure the security policies cover all aspects of data protection, such as encryption, access control, and physical security.
Additionally, check to see if the transcription service is compliant with industry-standard security certifications, such as HIPAA and ISO/IEC 27001. A secure transcription service will also offer regular vulnerability scans and penetration tests to identify and fix security flaws.
Moreover, you can research the company online to see if there have been any reports of data breaches or other security incidents. Also, you can consult a third-party security expert to assess the transcription service’s security systems.
Basic Steps You Can Take to Protect Your Data
In addition to selecting a secure transcription service, there are several basic steps you can take to protect your data:
Use strong passwords for all accounts
Using strong passwords and changing them regularly is an important step in protecting your data. Make sure to use a combination of upper and lowercase letters, numbers, and special characters for your passwords.
Regularly back up your data
It’s important to regularly back up your data in case of a security breach or other emergency. You should store the backups in a safe and secure location, such as an off-site server or cloud storage.
Limit access to data
Restricting data access to only those who need it is a key part of protecting your data. Make sure that all users have the appropriate permissions and that they only access the data they need. An example of a case where this might be important is if you are working with confidential medical or financial data, an employee with no need to access that information should not have access.
Enforce two-factor authentication
Two-factor authentication adds an extra layer of security by requiring users to enter a code sent to their phone or email address before they can access the data. This makes it much more difficult for unauthorized users to gain access to the data. Although hacks are still possible, two-factor authentication can help to deter malicious actors.
Regularly monitor your data for any suspicious activity
Monitoring your data for any suspicious activity is a key part of keeping it safe. Make sure to regularly review logs and other security systems to ensure that no one is attempting to gain unauthorized access. When it comes to cybersecurity on speech-to-text services, data can be compromised in many ways if not properly secured and monitored like phishing attacks, malware, and brute force attacks.
Keep all digital devices and software up-to-date
Outdated software and devices are much more vulnerable to security threats, so it’s important to keep them up-to-date. Make sure to regularly check for updates and patch any security flaws. Microsoft CEO Satya Nadella advised, “keep your systems up to date and be vigilant about monitoring your data.”
Conclusion
In conclusion, it’s important to select a transcription service that has strong security protocols in place. Additionally, you can take basic steps to protect your data, such as using strong passwords and regularly backing up your data. Finally, make sure to keep all digital devices and software up-to-date and regularly monitor your data for any suspicious activity. For individuals and businesses that are looking for a secure speech-to-text service, following these steps can help ensure that their data is protected and secure.
The LockBit gang has released a chat history showing its negotiations with Royal Mail.
The LockBit group has finally given up any prospect of extracting a ransom from Royal Mail and published the files it stole from the company in a recent ransomware attack. The leak brings weeks of negotiations to a close, leaving Royal Mail without a decryptor, and LockBit without a payday.
Malwarebytes regards LockBit as one of the five most serious cyberthreats facing businesses in 2023. It was the most widely used ransomware-as-a-service (RaaS) in 2022, by far. It accounted for almost a third of all known RaaS attacks last year, and the largest ransom demand it made was a staggering $50 million. In February 2023 it asked Royal Mail for $80 million.
Alongside the leaked files, the LockBit gang have released a chat history that shows the negotiations between the two parties. Perhaps the group is trying to justify its decision to call off the negotiation and leak the stolen files, or perhaps it’s a warning to other victims.
You could read this as a failed negotiation or a missed opportunity for Royal Mail, but I don’t. I think the chat between Royal Mail and LockBit shows something quite different.
I suspect that Royal Mail never intended to pay a ransom. It certainly showed no willingness to engage with the ludicrous $80 million that was demanded of it, and it seems to have had the LockBit negotiator dancing to its tune throughout.
The negotiation began on January 12, 2023, and like any Internet chat, the conversation takes place between two avatars who may or may not be who they say they are. When the LockBit negotiator asks who they’re talking to, the Royal Mail’s representative says “I work in our IT.”
Maybe they did work in IT, but having spent years working in IT myself, and after seeing how the Royal Mail’s representative conducted themselves, I will simply say they aren’t like anyone I ever met. Perhaps they’re just naturally good negotiators, or perhaps they listened to our recent podcast about ransomware negotiations, but there is every chance they were actually a professional ransomware negotiator.
In the podcast, ransomware negotiator Kurtis Minder reveals that the first job in a situation like this is to play for time, without annoying the representative of the ransomware gang. A good way to lower the temperature is to adopt the ransomware gang’s self-serving vernacular, he says, and the Royal Mail’s “IT guy” does this in subtle ways, such as referring to LockBit’s criminal activity as “penetration testing.” Ransomware gangs like that sort of nonsense for some reason—maybe it helps them sleep at night.
Playing for time is important because it allows the victim to gather as much information as possible, understand their options, and decide their best response. They need to understand which systems are affected, how the organization can function without them temporarily, and what it will take to restore or rebuild them. They will also have numerous stakeholders to involve and duties to fulfill: Legal obligations must be met, law enforcement involved, cyberinsurance rules followed, customers and suppliers informed, and so on.
Royal Mail consistently succeeds in playing for time with LockBit. Although the first 24 hours of the chat are peppered with urgent and vaguely menacing language designed to rush the victim—“don’t delay,” “hurry up,” “our patience is not infinite”—LockBit is quickly dragged into the weeds. The first two weeks of negotiation were almost entirely devoted to a tedious conversation about decrypting large files.
According to Royal Mail’s negotiator “my management have heard that your decryptor might not work on large files.” (This tactic of invoking a demanding or difficult to please manager will be familiar to anyone who’s ever haggled with a salesperson over a car.) Whether Royal Mail’s curiosity about large file decryption was genuine or a ruse, it created a role reversal in the conversation, with Royal Mail asking the questions and LockBit providing the answers, to prove that it can meet Royal Mail’s needs.
The Royal Mail negotiator also tried to earn trust by positioning themselves as a reasonable go between who’s trying to do the best for both parties. They consistently used language like “I am trying to help our Senior Team understand this,” “I am still trying to work with you here,” “I am doing what I can to drive things forward.”
When the conversation finally turned to money, it quickly found more weeds. This time the thorny undergrowth was formed by a disagreement about who LockBit had actually attacked. LockBit thought it was talking to Royal Mail. The victim told them they’re Royal Mail International, a loss-making subsidiary of Royal Mail with a vastly smaller turnover.
LockBit asked for a ransom of $80 million, 0.5 percent of Royal Mail’s annual global turnover. Royal Mail retorted that using LockBit’s calculation, a good “starting figure” would be $4 million, based on Royal Mail International’s finances.
At this point in the negotiation LockBit actually acknowledged what it was dealing with. “You are a very clever negotiator,” they wrote, “I appreciate your experience in stalling and bamboozling.”
They might have appreciated it, but they didn’t seem able to do anything about it. By this point in the negotiation, Royal Mail was dictating the timeline: “We will not have anything new to speak about until Monday,” “Please confirm you will wait for their [the board’s] decision on Monday”.
LockBit did as it was told and waited. Finally, the last message from Royal Mail arrived on February 6, 2023. It suggested that the company probably never had any intention of paying. “To be honest with you I have heard that they [the board] might not want to pay you for this,” it said. “In our perspective the files got leaked when you took them from our system, and paying you won’t undo that in any way.”
Ransomware attacks can be devastating, and it’s hard to say that being on the end of one is ever a “win” for the target. However, most experts agree that all you can ever do is reduce the chances an attack will occur and reduce the impact if it does. You can only ever play the hand you’re dealt, and we think given the hand they were playing, Royal Mail’s negotiation came as close to a win as a loss like this ever does.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Write an incident response plan. The period after a ransomware attack can be chaotic. Make a plan that outlines how you’ll isolate an outbreak, communicate with stakeholders, and restore your systems.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
Whether it’s to upgrade from your current device or finally start that workout program you’ve been meaning to get into, a new fitness tracker can help you stay on target and these are some of the best trackers you can find.
With the holidays now over, a fitness tracker might be just the ticket for staying in or getting back into shape. They’re designed to help you reach your fitness goals, and most of them do a pretty good job at it.
There are tons of fitness trackers out there though. Amazon is swimming in them. How do you separate the ones you should consider from the ones that aren’t worth your time?
That’s what this guide is here to help you do. We’ve picked the best fitness trackers to help you meet your fitness goals in 2022.
Best Fitness Trackers – Summary
Below you’ll find a short summary on the list of top 10 best fitness trackers we’ve picked. The summary includes the cost of each tracker, and where to buy if you’re short on time. Below the summary you’ll find a slightly longer description of each item along with the where to buy links.
The Smart Band 7 is another one of those trackers that’s great to have if you just want something simple yet functional. It’s stylish to the point that you can swap the band color out for a decent amount of options, and it does just the necessary basics when it comes to features.
While it won’t be as feature-packed as something like the Fitbit Charge 5, it also usually costs under $50. Which is less than of what the Fitbit Charge 5 costs. So there’s a huge incentive there to consider this over other trackers.
It’s capable of smartphone notifications, tracks 120 different activities, and has a new blood oxygen sensor as well as better battery life than the Mi Band 6. For those that don’t need a lot out of their tracker, this is a win/win.
If you’re looking for a tracker that will suit the majority of users, then the Inspire 3 from Fitbit is one you should consider. It’s Fitbit’s latest tracker in the entry level offering tier.
Featuring a big enough display for easy visibility of your activity data, time, and more as you wear the tracker during workouts or just daily life. The Inspire 3 features Fitbit’s popular Active Zone Minutes feature to help keep you motivated.
As you go through the day, any activities you do that get your heart pumping will rack up these minutes. Walking, running, and anything else really where you’re moving around should count. Then as the week ends Fitbit can tell you if you’ve reached your weekly goal.
The Inspire 3 also tracks sleep, and it has 24/7 heart rate tracking. It also comes with improved battery life that lasts for up to 10 days, and now comes with a full color AMOLED display.
The Garmin Vivosmart 4 is a little bit of an older tracker as it was officially released in 2018, but when it comes to Garmin this is the latest tracker the company has released that isn’t a full-on watch.
It’s also still a very capable tracker with all the necessary fitness-related features you’d need for keeping track of your exercise.
It comes with built-in Pulse OX sensor as well so you can measure your blood oxygen saturation levels, if that’s a feature you were looking for.
Garmin offers this device in a range of different color options just in case you wanted something other than the standard black model. And as long as you’re not using the Pulse OX sensor, the battery should last up to seven days.
In the market for a smartwatch that has fitness tracker features? Look no further than the Galaxy Watch Active 2.
We thought it was a great smartwatch and consider it the only smartwatch you should buy. If you want the best, Samsung has you covered.
From a simple and sleek design to meaningful and functional features like advanced sleep tracking and the touch bezel, the Galaxy Watch Active 2 is the perfect companion to anyone who wants to get into shape.
It can measure your stress levels too. Which is important if you have a busier life with a hectic schedule. Not to mention it’s comfortable. And it comes in a few different color options, with the added benefit of swapping out your band for something more stylish if the event calls for it.
Want to swap out your watch face? It can do that too. You can even take pictures and easily add those as your custom watch face through the companion app.
Amazon’s Halo tracker is one of the new kids on the block here. And it comes in at a pretty decent price.
What separates the Halo from other trackers on this list is its ability to recognize your tone when you speak. It then uses this data to tell you how you sound to others. For instance it can tell you if you sounded angry during a certain conversation at some point in the day.
It also tracks sleep, steps, and other activities. Though, it doesn’t have a display to interact with so all of the data it picks up from exercise and daily stuff is visualized in the companion app.
So this might be the perfect tracker for someone who doesn’t want yet another screen to have to interact with.
Most of the trackers on here are priced at a relatively affordable cost. None of those are the Fenix 7 series from Garmin though.
This is a premium multisport GPS watch and is the tracker to buy if you want the best of the best with nearly every feature under the sun.
The Fenix 7 comes in a series of different models, each having something a little different. They’re relatively close in features though.
For example all of them offer Garmin Pay so you can make mobile payments, Meanwhile the Fenix 7x Sapphire Solar allows you to charge the battery with solar energy. Meaning you can charge it as you wear it outside during exercises and adventures. So long as there’s enough sun around to provide the energy it needs.
The Fenix 7 series also offers mapping features, music integration, and PacePro technology for grade-adjusted pace guidance during your runs and outings. You can track your heart rate and measure your blood oxygen saturation levels too thanks to the integrated PulseOX and Heart Rate sensors.
The price for this one is steep. But if you’re serious about your fitness and want something that offers features that you won’t find elsewhere, the Fenix 6 is where to look.
The Amazfit Band 7 is a greattracker to go for if you want something that won’t cost you an arm and a leg. It comes with a slightly higher price than our previous favorite from Amazfit, the Band 5, but it also comes with notable upgrades. Such as the jump from 15 days of battery life to 18 days, as well as a larger color display for more glanceable interaction.
The tracker shows off important data like step counting, heart rate, the time, smartphone notifications and more. It even has Alexa built-in so you can use the tracker to not only ask Alexa questions, but control smart home appliances and devices like smart ovens, lights, or thermostats.
It also features blood oxygen saturation monitoring and you can customize the face with tons of different available options to choose from. And one of the best fitness trackers on this list.
The Garmin Lily is the perfect tracker for anyone that doesn’t want a fully-fledged fitness tracker or smartwatch on their wrist. It offers some of the more staple features you’ll find in most trackers like blood oxygen saturation tracking, heart rate tracking, and GPS while looking like a more traditional watch.
Because of the more traditional style it also more easily fits in with just about anything in your wardrobe. It comes in a variety of colors as well, and can even track stress, hydration, sleep and more.
The Charge 5 is Fitbit’s latest tracker in the long-running line of this model, bringing a few notable improvements to the table. Such as the all-new color OLED touchscreen, sensors on the sides of the tracker, stress management features, built-in GPS and more. It also comes with a free 6-month membership to Fitbit Premium. Which is a pretty good thing to have if you get invested in using this tracker every single day.
It’s also got silent alarms with Smart Wake, and a lot of the typical stuff like heart rate tracking, smart notifications, and sleep tracking. There’s plenty of band options for customization of the style too. Overall this is one of the best fitness trackers out there and one of Fitbit’s best to date.
Over the past few years, concerns over national security with Chinese-owned apps like TikTok have skyrocketed. In an effort to combat this problem and make consumers aware of the potential risks of installing an app, Florida Attorney General Ashley Moody has proposed a new policy to flag foreign-owned and developed apps with a special icon or designation.
Moody’s concerns over TikTok stem from the app’s data privacy practices and national security risks. While other states and government entities have taken steps to ban TikTok on government devices, Moody’s proposal focuses on informing consumers of the risks associated with foreign-owned and developed apps.
She also cited Pushwoosh, a Russian malicious code discovered in thousands of apps on the App Store, including those of The Centers for Disease Control and Prevention (CDC) and the US Army, as one of the major reasons that prompted her to write letters to Google CEO Sundar Pichai and Apple CEO Tim Cook.
Empowering Consumers to Make Informed Decisions
According to Moody, the lack of transparency in app stores poses a significant risk to American citizens. Her proposal aims to empower consumers by providing clear and easy-to-understand information about the origin of an app, enabling them to make more informed decisions about their data privacy and security. By adding a foreign-owned or developed designation to apps related to certain countries, consumers will have access to the highest level of transparency and protection.
“Consumers have a right to know if these countries are related to the origination, development, or ownership of these applications. Informing consumers of this foreign-based status allows consumers to decide whether or not they want to subject themselves, or this country, to the inherent and increased risks associated with such foreign applications,” reads her letter.
It’s not clear whether Apple or Google will flag foreign-owned apps in response to Moody’s proposal, as they already label the developer and include links to their website. However, with the growing concerns about data privacy and security, app stores need to take action to protect their users.
