Apple Privilege Escalation Bug Let Attacker Execute Arbitrary Code

andreasc
-
0
Apple Privilege Escalation Bug Let Attacker Execute Arbitrary Code
[ad_1]
Apple Privilege Escalation

Trellix researchers discovered a new class of privilege escalation bugs based on the ForcedEntry attack, which exploited a feature of macOS and iOS to deploy the NSO Group’s mobile Pegasus malware.

The new class of bugs allows arbitrary code to be executed in the context of several platform applications, resulting in privilege escalation and sandbox escape on both macOS and iOS. 

The vulnerabilities range in severity from medium to high, with CVSS scores ranging from 5.1 to 7.1. Malicious applications and exploits could take advantage of these flaws to gain access to sensitive information such as a user’s messages, location data, call history, and photos.

The Citizen Lab, an interdisciplinary laboratory based at the University of Toronto’s Munk School of Global Affairs and Public Policy in Canada, revealed the existence of ForcedEntry – CVE-2021-30860 – in September 2021, after being the first to expose NSO’s malfeasance earlier.

EHA

However, Trellix claims that its Advanced Research Centre vulnerability team has noticed a group of bugs in iOS and macOS that circumvent Apple’s strengthened code-signing mitigations designed to prevent the exploitation of ForcedEntry.

According to vulnerability researcher Austin Emmitt, the new bugs involve the NSPredicate tool, which developers use to filter code, and around which, Apple tightened restrictions following the ForcedEntry on the side by introducing a protocol called ‘NSPredicateVisitor’.

NSPredicate, is an innocent-looking class that allows developers to filter lists of arbitrary objects. Reports say classes that implement this protocol can be used to check every expression to make sure they were safe to evaluate.

“These mitigations used large denylist to prevent the use of certain classes and methods that could clearly jeopardize security. However, we discovered that these new mitigations could be bypassed”, says Austin Emmitt.

“By using methods that had not been restricted it was possible to empty these lists, enabling all the same methods that had been available before”.

Apple assigned CVE-2023-23530 to this bypass. More importantly, it is discovered that almost every implementation of NSPredicateVisitor could be avoided. 

While there is no single implementation because nearly every process has its own version, the majority of implementations use the “expressionType” property to filter out function expressions. 

The problems that stem from the fact that this property can be set during the sending process and is trusted to be accurate by the receiver, rendering the checks ineffective. CVE-2023-23531 was assigned to this bypass.

New Bug ‘Class’ In Apple Devices

“The first vulnerability we found within this new class of bugs is in coreduetd, a process that collects data about behavior on the device”, researchers 

“An attacker with code execution in a process with the proper entitlements, such as Messages or Safari, can send a malicious NSPredicate and execute code with the privileges of this process”.

The user’s calendar, address book, and images are accessible to the attacker due to a process that runs as root on macOS. Contextstored, a process associated with CoreDuet, is likewise impacted by a very similar problem that has the same effect. 

This outcome is comparable to FORCEDENTRY, where the attacker uses a poor XPC service to run code from a process with more device access.

Moreover, the appstored daemons have weak XPC Services. These flaws could be used by an attacker in order to acquire access to a process that can connect with these daemons and enable the installation of any application, possibly even system software.

Also, researchers found XPC service OSLogService, which may be exploited to access potentially sensitive data from the Syslog. Most importantly, an attacker can make use of an iPad’s UIKitCore NSPredicate vulnerability.

“By setting malicious scene activation rules an app can achieve code execution inside of SpringBoard, a highly privileged app that can access location data, the camera and microphone, call history, photos, and other sensitive data, as well as wipe the device”, researchers

Final Thoughts

Researchers mention that the aforementioned flaws indicate a “significant breach of the security model of macOS and iOS”, which depends on each application having precise access to only the resources they require and contacting more privileged services to obtain any additional resources. Hence, both iOS 16.3 and macOS 13.2 fix these problems.

Network Security Checklist – Download Free E-Book


[ad_2]
Source link

HardBit ransomware tailors ransom to fit your cyber insurance payout

andreasc
-
0
HardBit ransomware tailors ransom to fit your cyber insurance payout
[ad_1]

We take a look at a ransomware infection which uses a novel approach to payments: asking for the victim’s insurance details.

Ransomware authors are wading into the cybersecurity insurance debate in a somewhat peculiar way. Specifically: urging victims to disclose details of their insurance contract, in order to tailor a ransom which will be beneficial to the company under attack.

HardBit 2.0: dismantling a device piece by piece

The ransomware, called HardBit 2.0, has been in circulation since sometime around November last year. Although there is no specific information as to how it arrives on a network, once it gets there is performs typical ransomware operations:

  • Encrypts files, branding them with the file’s custom logo
  • Gathers system/network data
  • Reduces overall security of affected systems
  • Disables recovery options and tamper protection, turns off multiple Windows Defender features, and interferes with several other security features including real time monitoring and Windows services related to backups like the Volume Shadow Copy Service.

What does the encryption warning message say?

HardBit 2.0 encrypts files and presents the following infection message on compromised desktops:

All your important files are stolen and encrypted! All your files have been encrypted due to a security problem with your PC. If you want to restore them, please send your ID for us.

Our contact information is written in the file “How to restore your files”.

You have 48 hours to contact or pay us. After that, you will have to pay double.

Please do not touch the key written under the help file in any way.

Just like Mortal Kombat ransomware, the attackers ask those who are hijacked to use Tox Messenger to communicate. The authors claim to steal data as well as encrypt it, although there’s no dedicated leak site to exploit this particular angle. In this case, it may be that most organisations targeted by the group would be too distracted by their “unique” approach to ransom demands to care.

A helping hand?

We’ve seen ransomware authors claim to care about their victims in the past. Some ransomware groups will remove themselves from impacted entities such as hospitals or critical services once those stories go public. Your mileage may vary with regard to whether this is a face saving PR move, or if they genuinely care about having going a little bit too far.

Here, they’re going out of their way to “help” by quizzing victims about the specifics of their cyber insurance policy. According to Varonis, there’s no outright demand for Bitcoin or another form of cryptocurrency. In its place is a long, rambling ransom note.

The note explains at length that their final ransom demand will be adjusted to ensure it falls inside of the insurance claim requirements. It paints the insurer as some sort of bad actor wanting to withhold money from the victim. If the scammers are told in private what the insurance total is, they’ll be able to ensure their demand for money is

A) at the top end limit of the ransom payout scale provided and

B) does not go past this limit, so the affected company receives every cent they’ve paid out. This is designed to be a mutually beneficial deal for both parties, as victim and attacker will receive as much as they possibly can.

There is, of course, no guarantee that the ransomware authors won’t use the reveal of potentially confidential insurance information against the victim at a later date. Anyone presented with this choice is really the living breathing definition of crossing some fingers and hoping for the best.

Malwarebytes detects this threat as Trojan.Crypt.Generic.

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; disable or harden remote access like RDP and VPNs; use endpoint security software that can detect exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Write an incident response plan. The period after a ransomware attack can be chaotic. Make a plan that outlines how you’ll isolate an outbreak, communicate with stakeholders, and restore your systems.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


[ad_2]
Source link

Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip

andreasc
-
0
Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip
[ad_1]

The OPPO Find N2 Flip launched globally quite recently. It arrived as a direct competitor to Samsung’s clamshell foldable. That’s why we’ll compare the two phones here, the Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip. Both of these phones are quite compelling in their own right, but are also different in a number of ways. We’re here to show you those differences, and hopefully help you make a purchasing decision.

We’ll first list the spec sheets of both phones, and will then move to compare them across a number of different categories. We’ll compare their designs, displays, performance, battery life, cameras, and audio performance. There’s plenty to talk about here, so, let’s get this show on the road, shall we?

Specs

Samsung Galaxy Z Flip 4OPPO Find N2 Flip
Screen sizeMain: 6.7-inch fullHD+ Dynamic AMOLED display (foldable, 120Hz)
Secondary (Cover): 1.9-inch Super AMOLED display (flat, 60Hz)		Main: 6.8-inch fullHD+ LTPO AMOLED (foldable, 120Hz)
Secondary (Cover): 3.26-inch AMOLED display (flat, 60Hz)
Screen resolutionMain: 2640 x 1080
Secondary (Cover): 260 x 512		Main: 2520 x 1080
Secondary (Cover): 720 x 382
SoCQualcomm Snapdragon 8+ Gen 1MediaTek Dimensity 9000+
RAM8GB8GB/12GB/16GB
Storage128GB/256GB/512GB (UFS 3.1), non-expandable256GB/512GB (UFS 3.1), non-expandable
Rear cameras12MP (f/1.8 aperture, 24mm lens, 1.8um pixel size, OIS, Dual Pixel PDAF)
12MP (f/2.2 aperture, 123-degree FoV, 1.12um pixel size, ultrawide)		50MP (f/1.8 aperture, OIS, 23mm wide lens, 1.0um pixel size, multi-directional PDAF)
8MP (ultrawide, f/2.2 aperture, 112-degree FoV)
Hasselblad color calibration
Front cameras10MP (f/2.4 aperture, 26mm lens, 1.22um pixel size)32MP (f/2.4 aperture, 22mm wide lens, 0.8um pixel size)
Battery3,700mAh, non-removable, 25W wired charging, 15W wireless charging, 4.5W reverse wireless charging
Charger not included		4,300mAh, non-removable, 44W fast wired charging, reverse wired charging
Charger included
DimensionsUnfolded: 165.2 x 71.9 x 6.9mm
Folded: 84.9 x 71.9 x 15.9-17.1mm		Unfolded: 166.2 x 75.2 x 7.5mm
Folded: 85.5 x 75.2 x 16mm
Weight187 grams191 grams
Connectivity5G, LTE, NFC, Bluetooth 5.2, Wi-Fi, USB Type-C5G, LTE, NFC, Bluetooth 5.3, Wi-Fi, USB Type-C
SecuritySide-facing fingerprint scannerSide-facing fingerprint scanner
OSAndroid 12
One UI 4.1.1		Android 13
ColorOS 13
Price$999.99£849 (€961/$1,025)
BuySamsungOPPO

Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip: Design

Both of these phones are clamshell foldables, and both fold right down the middle. In my OPPO Find N2 Flip review, I emphasized the build OPPO delivered, for a good reason. The phone feels very premium, and it folds flat, without a gap, unlike the Galaxy Z Flip 4. Its crease is also quite minimal, and barely noticeable, which is not something I can say for the Galaxy Z Flip 4. On top of that, the OPPO Find N2 Flip has a more prominent cover display.

All that makes the phone look and feel more premium than the Galaxy Z Flip 4. Don’t get me wrong, though, the Galaxy Z Flip 4 still feels great to use, and like a quality product. I just hope Samsung will figure out a way to make the next model gapless, and to also get that crease under control. Both phones feature flat sides, and two cameras on the back. Both feature a frame made out of metal, and actually have a similar feeling in the hand when unfolded. The Galaxy Z Flip 4 has Gorilla Glass Victus+ on the back, while we’re not sure about the Find N2 Flip.

They’re about the same height, but the Galaxy Z Flip 4 is considerably more narrow. It’s also a bit thicker in both folded and unfolded states. Well, at its thinnest point (when folded), it’s about the same thickness as the Find N2 Flip, but at its thickest, it’s noticeably thicker. They also have a similar weight. The Galaxy Z Flip 4 weighs 187 grams, compared to 191 grams of the OPPO Find N2 Flip.

The Galaxy Z Flip 4 offers IPX8 water resistance, while the OPPO Find N2 Flip includes an IPX4 rating. Neither device is particularly grippy, so you may consider using a case.

Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip: Display

The Galaxy Z Flip 4 features a 6.7-inch fullHD+ (2640 x 1080) main foldable display. That’s a Dynamic AMOLED 2X panel with a 120Hz refresh rate. It supports HDR10+ content, and gets up to 1,200 nits of brightness at its peak. The phone’s cover display measures 1.9 inches, and Samsung used a Super AMOLED panel here. It has a resolution of 260 x 512, and it’s protected by the Gorilla Glass Victus+.

AH OPPO Find N2 Flip KL image 69

The OPPO Find N2 Flip, on the other hand, features a 6.8-inch fullHD+ (2520 x 1080) Foldable LTPO AMOLED main panel. It also has a 120Hz display, and it supports HDR10+ content. It can reach a peak brightness of 1,600 nits. This phone’s cover display measures 3.26 inches, it’s a lot larger than the Galaxy Z Flip 4’s cover panel. It is an AMOLED panel protected by the Gorilla Glass 5. It has a resolution of 720 x 382 pixels, and gets up to 900 nits at peak brightness.

The main displays on both phones are great. They’re vivid, have good viewing angles, and don’t feel plasticky, as they do on some other foldable phones. They’re more than sharp enough, and the high refresh rate helps them feel premium too. The blacks are deep, and chances are you’ll be happy with either display. Do note that the Find N2 Flip does get a bit brighter, though. The touch response is also good on both. The cover displays are also good on both phones, though they feel entirely different to use. Both displays are quite limited in terms of functionality, though, at least at the moment. They are sharp enough, and quite vivid too.

Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip: Performance

The Samsung Galaxy Z Flip 4 is fueled by the Snapdragon 8+ Gen 1 SoC. Samsung also included 8GB of RAM here, along with UFS 3.1 flash storage. The OPPO Find N2 Flip, on the other hand, is fueled by the MediaTek Dimensity 9000+ SoC. The device comes in variants with up to 16GB of RAM, and also includes UFS 3.1 flash storage. Neither phone offers storage expansion, by the way.

The performance is great on both devices. They do have different chips, but both are 4nm processors, and both offer excellent performance, despite the fact they’re not the latest offerings from their respective companies. Even during heavy load, while you’re running a graphically intensive game, these two phones don’t slow down. They do great in regular, everyday tasks too, so there’s nothing to worry about in that department. In fact, it was difficult to get them to stutter at all, which only shows how good those chips are, and the same goes for software optimization. You should not worry about the performance on either phone.

Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip: Battery

Samsung packed in a 3,700mAh battery inside the Galaxy Z Flip 4. OPPO uses a 4,300mAh battery pack inside the Find N2 Flip. The Galaxy Z Flip 4 does have a smaller outer display, and the Snapdragon 8+ Gen 1 is excellent when it comes to power consumption. The two phones were quite similar in terms of battery life during our testing. We were able to push both phones to 7 hours of screen-on-time, and even a bit over that point at times. That’s not bad, but it’s not outstanding either.

Do note that we didn’t really play a lot of games, other than when we tested the performance of both phones. So, if you’re a gamer, count on worse battery life, in both cases. Also, your mileage may vary in general, of course. We use our phones in different ways, with different apps, and with different signal strengths. The good news is, neither phone offer bad battery life, generally speaking.

When it comes to charging, the OPPO Find N2 Flip is faster, but the Galaxy Z Flip 4 is more versatile. The Galaxy Z Flip 4 supports 25W wired, 15W wireless, and 4.5W reverse wireless charging. The OPPO Find N2 Flip comes with support for 44W wired charging, and also reverse wired charging. Do note that the Galaxy Z Flip 4 does not include a charger in the box, though, unlike the OPPO Find N2 Flip.

Samsung Galaxy Z Flip 4 vs OPPO Find N2 Flip: Cameras

Both of these phones have two cameras on the back. The Galaxy Z Flip 4 includes a 12-megapixel wide, and a 12-megapixel ultrawide camera. The OPPO Find N2 Flip has a 50-megapixel main camera, and an 8-megapixel ultrawide camera. The Galaxy Z Flip 4 tends to provide more saturated images in general, while the OPPO Find N2 Flip emphasizes specific colors quite a bit.

Samsung Galaxy Z Flip 4 AM AH 01

Hasselblad’s color tuning comes into play with the OPPO Find N2 Flip, and that is especially nice to see in low light shots. They look quite dramatic, which is a nice look. The Galaxy Z Flip 4 also does really well in low light, though it tends to brighten up shots a bit more. Both phones do a good job overall, and handle HDR situations well. Images from both phones do look a bit processed, which is something many people will prefer.

Their ultrawide cameras are not as impressive as the main units. If we had to choose one of the two, though, we’d go with the Galaxy Z Flip 4’s. The OPPO Find N2 Flip’s ultrawide camera tends to fall apart in low light, as the images end up looking soft, and often lack detail. Overall, both phones do a good job in the camera department, though.

Audio

There is a set of stereo speakers on both phones. Those speakers do sound good in both cases. The Galaxy Z Flip 4 does provide a slightly higher audio loudness, while it’s also supposed to be a bit sharper, though the difference is not that noticeable. The bass is a bit more noticeable, though.

What you will not find on either phone is an audio jack. Both phones do include a Type-C port, which you can use for wired audio connections. If you prefer to go wireless, the Galaxy Z Flip 4 offers Bluetooth 5.2, while the OPPO Find N2 Flip has Bluetooth 5.3 support.


[ad_2]
Source link

WhatsApp private newsletter feature is in its development stage

andreasc
-
0
WhatsApp private newsletter feature is in its development stage
[ad_1]

A recent report from WABetaInfo reveals that a WhatsApp private newsletter feature is in the works. According to the report, this feature is currently available via a WhatsApp beta update. At the moment, this beta update is only available to Android beta testers.

The feature might also make its way to iOS beta testers in the coming weeks. For now, there are few details as to the function of this feature that has made an appearance for WhatsApp beta testers. Other sources have reached out to Meta for details on this new beta testing feature.

While netizens wait for the actual details on this coming feature, WABetaInfo has tried to explain the use of this feature. More information about this feature will become available once it passes its early development stage. But in the meantime, here is what you can expect from this coming WhatsApp private newsletter feature.

Available information regarding the WhatsApp private newsletter feature

WABetaInfo says that this feature will help to improve the WhatsApp user experience. The newsletter feature will be a channel for broadcasting information. Users might be able to subscribe to and create various WhatsApp private newsletters.

Unlike the new Community feature, the coming private newsletter will be able to reach more people. In a way, this feature might be similar to a Status update, as broadcasters will be able to pick who to share information with. Others will also be able to subscribe to newsletters and get access to information the broadcaster shares.

Whenever a user is tired of getting updates from a particular newsletter, they can easily unsubscribe from the newsletter. WABetaInfo also says that this feature will have its section within the WhatsApp interface. This section is said to be located with the Status tab and will display all newsletters a user has subscribed to. It is important to take this information with a pinch of salt, as the conclusion was drawn from clues in the beta codes. Changes to the codes might be made before the newsletter feature rollout to users globally.

This new communication feature making its way to WhatsApp aims to improve the sharing of information. WhatsApp will also pack a ton of privacy settings into the coming private newsletter feature. More information about this beta testing feature will become available in the coming weeks.


[ad_2]
Source link

Samsung Launches Message Guard To Prevent Zero-Click Attacks

andreasc
-
0
Samsung Launches Message Guard To Prevent Zero-Click Attacks
[ad_1]

Samsung recently announced a new security feature to protect its users from cyber threats. Named “Message Guard,” the feature prevents zero-click attacks from targeting Samsung Galaxy smartphone users.

Samsung Message Guard Rolls Out To Galaxy Handsets

Sharing the details via a post, Samsung explained its latest strategy to protect users from zero-click attacks via “Message Guard.”

Zero-click attacks take over a target device without the victim user’s interaction. On smartphones, conducting zero-click attacks is trivial for the threat actors by sending simple messages, such as image files. Although conducting a successful zero-click attack requires the adversary to exploit an unpatched vulnerability, they often succeed in doing so. (NSO’s Pegasus malware is a classic example of such exploitation against iPhones.)

As elaborated in Samsung’s post, its Galaxy devices have largely remained safe from such severe attacks. Nonetheless, to ensure its users remain safe in the future, Samsung has launched Message Guard – an advanced “sandbox” that isolates an incoming file, preventing the embedded malicious code from execution. It then scans and processes the image to ensure it doesn’t harm the device.

The Message Guard feature won’t require user input to scan a file. Instead, it’ll run in the background to check incoming images in real-time.

The tech giant has further elaborated that the Message Guard feature isn’t the first security step from the firm. Instead, it already protects its Samsung Galaxy devices with Samsung Knox – its proprietary mobile security solution pre-installed in its flagship devices. This security solution prevents cyber threats via malicious audio and video files.

However, with Message Guard, the firm strives to elevate this protection by including image checks.

The new feature is available with the Galaxy S23 series and will gradually roll out to other devices. While it currently works on Samsung Messages and Messages by Google, the provider pledges to expand the support for other third-party apps soon.

Let us know your thoughts in the comments.


[ad_2]
Source link

The 5 most dangerous cyberthreats facing businesses this year

andreasc
-
0
The 5 most dangerous cyberthreats facing businesses this year
[ad_1]

Which of the myriad, extant cyberthreats should your business be paying the most attention to in 2023?

Which of the myriad, extant cyberthreats should your business be paying the most attention to in 2023? 

That’s the question we set out to answer in this year’s annual State of Malware report, and the answers might surprise you. To understand why, you need to know what makes this year’s report so different from previous ones.

Unquestionably, over the last five years, the most serious cybersecurity task facing businesses has changed from defending against waves of malicious, email-borne malware to stopping seasoned criminals armed with Ransomware-as-a-Service (RaaS).

RaaS attacks can be extraordinarily severe. They can bring entire organizations to a halt, come with ruinous ransoms, and may take months of dedicated effort to recover from. They represent an existential threat to businesses.

The worst-of-the-worst is LockBit, the first on our list of the most dangerous threats you face. LockBit’s largest known ransom demand in 2022 was $50 million, although multiple sources report even higher demands were made. Its victims included businesses of all sizes, from local law firms with a handful of employees to multi-national enterprises.

LockBit was the most widely used RaaS in 2022, by far. It accounted for almost a third of all known RaaS attacks, and more than three times as many as its closest competitor, ALPHV.

Known attacks by the top 5 RaaS groups in 2022
Known attacks by the top 5 RaaS groups in 2022

And yet, if you were to create a list of the most detected malware from last year, you wouldn’t see LockBit on it. In fact, you wouldn’t see any RaaS on it. In cybersecurity, what’s common and what’s serious have diverged markedly.

For that reason, lists of the most detected malware are gone from this year’s report. In their place, we asked our experts—our threat intelligence analysts, and the threat hunters in our Managed Detection and Response (MDR) team: What essential information do resource-constrained organizations need to know?

They came up with a list of the five worst-in-class malware threats spanning Windows, Android and macOS. The report explains what these threats do and why, what it takes to detect them, and what it takes to recover from an attack. Each of our five is an archetype, so if you prepare to stop them, you’re well prepared for anything, on any of your devices.

Compiling our report like this also led us to an important insight: The most dangerous attacks you will face are not from the strangest new malware, the most sophisticated, the most eye-catching, or the most prevalent.

Instead, the most dangerous threats come from a set of known, mature tools and tactics that an entire ecosystem of cybercriminals rely upon to take in billions of dollars a year. Criminals have come to rely upon these attack types and their vectors because they work, and they work because they are hard to defend against and difficult to remove.

The 2023 State of Malware report explains what they are, how they find their victims, and how to avoid becoming one of them.

To learn more about LockBit and how to defend against it, and to discover the four other threats you should prepare for this year, download the 2023 State of Malware report. In it you will also learn:

  • What it takes to stop what Europol called the “world’s most dangerous malware.”
  • Why there was a 300% increase in some new malware delivery methods.
  • How to catch the emerging, hard-to-detect attacks that don’t rely on malware.
  • Why security people are as important as security software.

Get the 2023 State of Malware report


[ad_2]
Source link

Samsung is already working on the next big One UI update

andreasc
-
0
Samsung is already working on the next big One UI update
[ad_1]

Samsung arguably offers the best software support in the Android space today. The pace at which it releases new security and feature updates is unmatched by any other OEM. The One UI 5.1 rollout is a testament to that. The Korean firm brought the latest One UI version to eligible Galaxy devices just over a week after the Galaxy S23 launch. As One UI 5.1 reaches more models around the world, the company has already started working on the next big One UI update.

Twitter user Tarun Vats (@tarunvats33) recently spotted a new One UI test build for Samsung’s Galaxy Z Fold 4. The company is testing the firmware for the South Korean version of its 2022 foldable. The updated firmware build number is F936NKSU1DWB9. For reference, the device currently runs the firmware version F936NKSU1CWB1. While these alphanumeric characters may not look meaningful to most, if you’re familiar with Samsung’s firmware numbers, you can already tell it’s a major One UI update and not just a regular feature or security update.

For the uninitiated, the fourth-to-last character in a firmware number determines whether it’s a major update. Every new Galaxy device ships with a firmware build that has “A” in that place. With each major feature update, that changes to B, C, D, and so on. If you closely look at the above-mentioned firmware numbers for the Galaxy Z Fold 4, the current build has “C” in the fourth-to-last place, while the test build has “D”. So we are looking at a major update here. It could either be a new One UI version (something newer than One UI 5.1) or a major Android update.

Samsung may be developing One UI 5.1.1 for its 2023 foldables

Unfortunately, we can’t tell what Samsung is developing. It usually debuts new foldables with a new One UI version (Galaxy Z Fold 4 debuted with One UI 4.1.1 while other Galaxy devices were on One UI 4.1). It’s possible that the company is working on Android 13-based One UI 5.1.1 or something along that line for the Galaxy Z Fold 5 and Galaxy Z Flip 5, which will arrive in the second half of the year. But we can’t rule out that the Korean firm is developing an early build of Android 14-based One UI 6.0.

Android 14 won’t be official until sometime after the new foldables arrive on the market. But Google will start releasing developer previews and beta builds within the next few months. Maybe we will get clarity on the new firmware build that Samsung is testing on the Galaxy Z Fold 4 around that time. We will keep you posted.


[ad_2]
Source link

The Samsung 837 store space in NYC has been reopened

andreasc
-
0
The Samsung 837 store space in NYC has been reopened
[ad_1]

After being closed for a while, the Samsung 837 store space in NYC has finally reopened. To celebrate this reopening event, Samsung is inviting its fans over to visit the store. On display at the store will be the Korean tech giant’s latest smart home appliances and devices.

This store offers fans the opportunity to have an in-person interaction with various Samsung products. The company will also use this avenue to advertise its products to the public. There is a lot to expect from Samsung after the reopening of this store in New York City.

Samsung is bringing its products closer to its fans with the reopening of their 837 store

Samsung is not only reopening its 837 store in New York City, but it’s also redesigning the interior. This will improve the experience whenever fans stop by to check out the latest smart home appliances and devices. Fans began trooping into the reopened store on the 22nd of February for the opening ceremony.

Visitors during this ceremony get the opportunity to be among the first people to step into the store since it closed down. To help combat the Coronavirus outbreak, Samsung made the wise choice to close down its experience store. The store was closed in March 2020 following the pandemic, but it is finally time for it to reopen.

This store will pack the latest Samsung devices for fans to interact with in an immersive environment. Products ranging from smartphones in different segments, Smart TVs, smart home appliances and so on will be on display. Visitors will get to experience how these gadgets and appliances work in their unique ecosystem.

The store will also retail these products to visitors that are willing to buy any. Fans can also benefit from the buy online and pick up in-store program that will soon kick off. If you are a Samsung fan living in or around New York City, you can always stop by the just reopened Samsung 837 store space.


[ad_2]
Source link

Spotify launches new feature powered by AI to enhance music curation

andreasc
-
0
Spotify launches new feature powered by AI to enhance music curation
[ad_1]

As more companies adopt AI (artificial intelligence), many services are getting new features that are now fully automated and less curated by human touch. Spotify’s new AI DJ is meant to bring personalization to a new level.

In an announcement earlier today, the music streaming service explains that its new feature is a personalized AI guide that “knows you and your music taste so well that it can choose what to play for you.” It might sound frightening at first glance, but it’s exactly what many customers are looking for when using Spotify on a daily basis.

Granted, the new DJ feature powered by AI is only rolling out in beta, it promises to provide customers with a curated lineup of music, as well as commentary around the tracks and artists that it thinks the user likes “in a realistic voice:”

Among the many capabilities of the AI DJ, Spotify mentions the ability to sort through the latest music. Not to mention that it can also look back at some of the old favorites and serve more songs that the user might not have listened to for a long time.

The AI DJ assesses your actions all the time and after each review, it tries to deliver a stream of songs picked specifically for you. More importantly, it refreshes the lineup based on feedback on a regular basis.

If you don’t like a song picked by the DJ, you can tap the dedicated button and it will skip to a new track. As with all these AI-powered features, the more you use the DJ, the faster it learns what you like, so the better your recommendations will be in the end.

The new DJ feature is available via the Music Feed on Home in the Spotify mobile app for iOS and Android devices. Simply tap Play on the DJ card and the app will do the rest. You’ll be getting music and short commentary on the songs and artists specifically picked for you. Don’t forget that you can skip a song by tapping the DJ button at the bottom right of the screen.


[ad_2]
Source link

How Covid-19 impacted cyber security

andreasc
-
0
How Covid-19 impacted cyber security
[ad_1]

Survey methodology and respondent profiles

The results in this report are from the Cyber Security Hub survey which we fielded to subscribers from May and June 2020 to benchmark actual results from H1 2020 vs. expectations for H2 2020. A balanced representation of the enterprise cyber security mindset, the largest segment of survey respondents (41 percent) describes their job function as cyber security. The next largest segment is IT at (27 percent) followed by corporate management at (9 percent).

Qualified respondents were truly cross industry coming from automotive, education, financial services, government, healthcare/life science, manufacturing, media/telecommunications, retail/consumer packaged goods (CPG), technology, travel/hospitality and utilities/oil and gas/energy.

Also read: CISO Stratgies for proactive threat prevention

Pandemic dynamic

There were potentially alarming responses to our global pandemic related questions in this mid-year survey. When asked “Has your approach to security changed as a result of the global pandemic and an increasingly remote workforce?” 40 percent said no.

Has your approach to security changed as a result of the global pandemic and an increasingly remote workforce?

Roughly two in five cyber security organizations have not changed their approach to security as a result of the global pandemic. Such a large percentage of the CISO community not having changed their approach to cyber security as a result of the global pandemic that has hurdled us all into a new workforce infrastructure is truly concerning.

How the cyber security landscape has changed due to the pandemic:

  • Network infrastructure use has changed
  • Endpoints have changed
  • Access management has changed
  • Collaboration tools have changed
  • The concept of insider threat has changed
  • Enterprise cloud infrastructure has changed- no matter where you were in your cloud migration
  • Data in transit has changed
  • Myriad threat vectors have changed
  • Vulnerability management has changed
  • Cybercriminal attacks have changed

Why did 40 percent of the cyber security community not change their approach?

In addition to an inert mindset change from a significant portion of the community, the reduction in staff due to financial pressures on companies during the pandemic was similarly concerning. A past potential insider threat now had the potential to become a nefarious external threat.

Has your IT/Security staff been reduced as a result of the global pandemic?

As reported on Cyber Security Hub in Why Is Top Cyber Security Talent Suddenly In Flight, when asked about the 19 percent unemployed DevOps/DevSecOps community Parag Deodhar, director of information security, Asia Pacific for VF Corporation noted: “when people do not have access to enough money, food or resources, there will be more actors coming up”. Deodhar explained also that the pandemic has expanded the threat landscape, meaning that “not only were folks pushed [towards cyber crime], but also, the landscape open[ed] up for folks as well.”

Jamal Hartenstein, who has worked with the department of defense on military bases as a part of joint task forces and has experience with every branch of service, notes that there was industry realization that organizations needed to be more proactive and better focus on detection and that the global pandemic has accelerated that focus.

When asked what about his perception, he explains that, “if you do not increase your security measures, you have exponentially just multiplied in magnitudes the risk based on all the threat and vulnerability and risk.”

Changing cyber security mindset

We asked survey respondents to share how their cyber security approach was changing. Here is a sample of their responses:

  • Fully remote working cyber security teams
  • Implementing a zero-trust network strategy to provide scalability and flexibility whilst improving network security
  • Adding contractors and outsourcing
  • Rethinking cyber security strategy through the context of the pandemic
  • Adjusting to changes in environment, operations and business
  • Constantly monitoring all situations to better understand the the issues and concerns
  • Introducing awareness programs, online trainings and increased system auditing
  • Changed training and awareness program to cater for changes in workforce practices, e.g. remote working
  • Focusing on what is needed to support remote working employes and ensuring that employees have safety in front of mind when returning to the office
  • Making adjustments for the fact most endpoints are now remote to ensure that they remain secure
  • An increased focus more messaging and content that will resonate better with a remote workforce-emphasize security controls that protect remote workers and mobile
  • Increasing security for both mobile and critical infrastructure
  • Increased use of multi-factor authentication
  • Greater emphasis on cloud-based protection to accommodate home-based workers
  • Working to combat the increased difficultly in quickly identifying and mitigating issues remotely
  • More expertise and focus on DevSecOps
  • Increased use of automation to detect changes to controls. This means we are automatically being notified of the change, responding to and addressing the incident, analyzing itand rectifying the control(s).
  • Streamlining the operational cost of IT to remove unnecessary spending and services that are not being used
  • More user training and simulated phishing campaigns
  • Proactively monitoring threats and regular updating our security strategy to combat new challenges
  • More stringent compliance with regards to minimum security requirements to prevent data leakage
  • Decreasing the time taken to follow through on incident reports from security and threat intelligence tools

In 2021, 40 percent of the cyber security community said they had not changed their mindset in the face of the global pandemic, while 20 percent of top cyber security talent was made redundant. With this in mind, it was unsurprising that 67 percent of the cyber security community reported their budgets were decreasing or staying the same.

May 2019-June 2020 cyber security budget reported as decreasing or staying the same

While over two thirds of cyber security professionals noted their budget was staying the same or decreasing in July 2020, just one year ago 59 percent reported an increase in budget in the Mid-Year Market repor 2019. This means the pandemic had a significant impact on cyber security spend.

In the wake of the global pandemic with attacks on the rise, it would be expected that cyber security budgets would increase to combat this. Those in the cyber security community, however, disagree with 62 percent expecting budgets will decrease or stay the same.

May 2019-June 2020 planned cyber security budget increase in the next 6 months

State of affairs

Overall state

Do you feel as though the overall state of cyber security, meaning resiliency, compliance, awareness, etc., is improving?

Taking a step back shows that the industry feels that things are positive and getting better. When asked “Do you feel as though the overall state of cyber security, meaning resiliency, compliance, awareness, etc., is improving?” 84 percent said ‘yes’.

Threat vectors

What is the most dangerous threat vector, in your opinion?

Security issues

Most security issues at my organization are caused by…

The top three areas of focus for respondents during the pandemic were security awareness, detection and incident response and access controls, inkeeping with the results of the last three Cyber Security Hub surveys. Just outside of that group is elevating cyber security with top-level management, a topic that was similarly highlighted over the previous two surveys.

As a majority of cyber security budgets had not yet shifted in the face of a momentous societal occurrence, how money is spent became all the more important. Endpoint security went from the fifth highest to the second highest spend in the from November 2019 to June 2020, most likely as a response to employees working from home and therefore increasing the chance of an endpoint being used as a vector for attack.

Solution priority

Last six months

Which solutions have been the biggest priorities for you in the last 6 months?

While compliance priority decreased 17 percent from 2019 to 2020, this may be because those in cyber security had finished making the inital major chanegs needed to comply with GDPR. The 9 percent increase in SIEM focus showed that the community was looking to further adopt automation tools, potential due to the decrease in workforce and need to streamline cyber security.

Executive Q&A

Expert perspective from Sam McLane, head of security engineering at Arctic Wolf

What are your thoughts on the top threat vector being email?

Whether it is cloud or devices perimeter, there is a level to which a human element can make them fail but it is rare. Generally, people who play with firewalls tend to be security savvy. So, if they make a mistake, for example opening up a hole for a vendor or for an audit and then not shutting it down, that is generally when they are overworked.

Corporate email and personal email relies on common security awareness and intelligence, and the lowest common denominator usually wins. Malicious actors can go and find the CFO administrative assistant’s Facebook page, find out who their kids are and what school they go to, then easily craft an email that will make the CFO think, “Hey, my secretary just asked me to contribute to her son’s scholarship fund on GoFundMe.”

People naturally want to trust and playing on that trust is so easy to do and to make it look good. Especially in this Covid-19 world while most of us are working from home, you drop your guard a little bit because you are in unfamiliar surroundings. You are in that home setting rather than that work setting. That is what scares the tar out of me about email.

What are your thoughts on industry talent?

If you have got a great team, each member usually does one thing well. Even if you have already got the technology in place, can one person take care of firewall, compliance, intrusion detection, threat intelligence? Can they execute on multiple things? Each of these takes time, and if each member has to take care of three of them, how are they actually going to get each done well?

Our biggest customer was bringing in three new technologies simultaneously. Each technology takes six months to get right. They tried to go it alone with vendor products and failed. When they came to us they said, “We missed a breach,” because either their SIEM or SOAR were not tuned properly, or they never got our end point fully deployed.

What is the answer to a perceived talent shortage?

I am not sure how much of a shameless plug this should be, but a different way to deal with the staffing issue depending upon where you are is to rely on third parties who may have more people. One of our key selling advantages is that because we deal with thousands of customers, I can take that really good smart security person, and maybe she can look at a bank in the morning and hotel chain in the afternoon and a web front the next day. So, we provide variety. We provide something always challenging to our talent. Complacency hopefully never sets in and I have got the staffing capabilities to have a person work on a project three months to avoid burnout. That is really difficult to do unless you are a Fortune 100 company.

“You drop your guard a little bit because you’re in unfamiliar surroundings.”

Sam McLane

Head of Security Engineering, Arctic Wolf

Cyber security and people

Challenges when building teams

When it comes to building out your security operations team, what is your biggest challenge?

 

There are two main issues that faced the cyber security community in building teams during the pandemic – a perceived shortage of talent and insufficient budget.

Skilled workers

The lack of skilled workers that culturally align with your organization is often cited as a “pain point” for security teams. What are you doing to win the war?

As nearly half of the community perceived a shortage of talent, it is important to consider what companies were doing to acquire talent during the pandemic. More than one in five respondents reported implementing mentor programs. Another 20 percent saw interns as the answer, with nearly 10 percent reported engaging with universities to procure employees.

It was not all change, however, as just under two in five noted that they were simply going to maintain current behaviors and activities to move forward.

Also read: Automating enterprise cyber security report

Security approach

Defense in depth vs. industry consolidation

Is “defense in depth” the answer or do enterprises desire more consolidation across their “point solutions”?

There was a marked shift in industry thinking from November 2019 to June 2020 around the concept of defense in depth. There was been a 10 percent composite swing from the concept of industry consolidation to defense in depth.

Industry frameworks

Do you leverage any of the following industry frameworks?

The industry craves standardization as so indicated by the continued increased use of industry frameworks.

mid_year_2020_ss29ZAjcUY0cONiLftxAhxSojrvbI7NDhAZONNBkD5MV 

Hacker sophistication

In 2020, the state actor hacker space was becoming ever more crowded. Unemployed cyber security talent was a new and looming threat. Dovetailing with cyber-criminal sophistication and collaboration was a brand-new wide-open threat landscape. This all put increased pressure on cyber security professionals.

Read the PDF report here


[ad_2]
Source link
1...1,4071,4081,409...1,452Page 1,408 of 1,452