How can the Digital Yuan perform against the current US dollar-based global financial system? Well, read this piece to understand the details.
Some central banks worldwide are already working on digital currencies, and China isn’t lagging. The Chinese digital Yuan is the leading one currently. The digital Yuan’s development is in its final phases, with the Chinese government already putting it to various local uses. For example, this Central Bank Digital Currency (CBDC) has been subject to transactions like payment of bus fares and train tickets.
But digital Yuan isn’t the only CBDC under development now. Other major economies, such as the UK, Japan, and the US, are also working on their CBDCs. While the projects are equally promising, they trail the Chinese digital Yuan project in many aspects. Most countries developing central bank digital currencies are still in the research phases. On the other hand, the Chinese version is already undergoing real-world tests and might become fully operational soon.
So the US, UK, and others still have much catching up on work. They must speed up their projects or surrender to the digital Chinese Yuan, which has already seen the light. And while doing so, they must not repeat the same mistakes that compromised Bitcoin’s initial performance. In addition, governments must ensure their digital currencies are immune to massive financial crises like the great depression that occurred in 2008.
Understanding the Current US dollar-Based Financial System
Even though it has had some challenges, the current traditional financial system has made tremendous achievements. For instance, it’s one of the most secure transaction methods today. Moreover, conventional economic systems are the most reliable due to government control. The US dollar, Euro, and Japanese Yen facilitate thousands of international transactions daily.
But despite the above benefits of government-issued money, there have been numerous problems. For example, the over-reliance on the US dollar has landed several countries deep financial problems. They can’t exercise their sovereignty fully because they’re vulnerable to US economic sanctions. No government wants to do anything that could prompt the US president to impose sanctions because they know the repercussions.
While the economic sanctions cause devastating problems to the target countries, they help ensure adherence to international laws by rogue states. The only problem is that the US government sometimes uses such sanctions to achieve its global political goals. Additionally, too much reliance on the US dollar for international trade seriously threatens various financial markets. For instance, any mistakes the Fed makes affect everyone globally.
What Does the Upcoming Digital Yuan Bring on Board?
Like other cryptocurrencies, the Chinese digital Yuan has a lot to offer. It’ll help countries to evade unfair economic sanctions and conduct international trade more seamlessly. Presently, countries use the SWIFT platform to receive or make cross-border payments. Unfortunately, the US government essentially controls SWIFT. That is where the digital Yuan will kick in. There’d be no more restrictions or too much political control with the Chinese CBDC.
Digital Yuan’s transactions will be faster because it’s like Bitcoin and other cryptocurrencies. Additionally, people will likely invest in the digital Yuan as they do with Bitcoin on renowned exchanges like the Yuan Pay App. The digital version will also increase flexibility and efficiency. For example, it’s possible to send digital Yuan from one user to another just by tapping two phones.
Even with the many advantages, Digital Yuan will face several challenges to emerge as the ultimate global currency. For instance, China controls just below 3% of the total foreign reserves in the world. Also, people will need to trust the Chinese digital currency, like the US dollar, for years. Creating the necessary digital infrastructure and promoting the digital Yuan will also take China a lot of time.
The Bottom Line
Many countries are currently developing their Central Bank Digital Currencies. These include the US, China, Japan, and the UK. China’s project is the leading one, with the digital Yuan already in the final stages. The Digital Yuan has immense potential, but it will take years to become the ultimate global currency. Some of the challenges it faces are; a lack of full-scale international cryptocurrency adoption at the moment, a lack of digital infrastructure, and China’s limited control over foreign reserves.
YouTube has quietly launched a new feature experiment, reports 9to5Google. The new experiment is centered on podcast creation and more tools for podcast makers.
YouTube tests new tools for podcasts
As you may probably know, YouTube has been eyeing the podcast scene for quite some time. Now, the platform is taking another step towards becoming a more podcast-friendly place for all those who would like to get into podcasting or work as podcasters. The new tools that are now in testing are, from what it seems, everything a content creator would need to start podcasts on the platform: from uploading a podcast episode to looking into analytical data about the podcast’s performance.
The users who are a part of the test will see a new option to upload a podcast under the “create” button, which usually gives you the option to upload a video, create a text post, or start a live stream.
But that’s not all! Creators would also see podcasts under a new “Podcasts tab” found in the content menu. Also, existing playlists will be able to be set as podcasts with a new option that’s found in the three-dots menu.
And last but not least, YouTube Studio will show podcast analytics on a desktop. Among the analytics, you will be able to view the performance of a specific podcast show, audience numbers, and revenue insights.
For now, a small number of creators are part of the experiment.
YouTube’s into podcasting, a little background
YouTube’s efforts to become a more prominent platform in the podcast scene have been showing ever since 2021. Back then, a report showed that YouTube was looking into hiring executives with experience on podcasts (via Bloomberg). This meant that YouTube was starting to take podcasts seriously.
Actually, even before that, YouTube was one of the places that people looked at when interested in podcasts in general. However, at the time, the platform wasn’t optimized for podcast listeners, so YouTube looked to make everything organized and manage the millions of podcasts on its platform.
In 2022, YouTube became even more serious about the endeavor as some leaked slideshows were detailed (via 9to5Google). These plans included new “search and discovery” tools, as well as a “podcast destination page” and “official podcast cards”. Later, the company also published a guide for creators that were looking into podcasting on YouTube.
All in all, YouTube is definitely becoming more popular for podcasters and podcast fans alike. We’ll have to wait and see what other features the platform may get for podcast fans.
Twitter has recently announced a change that baffled many users previously using SMS-based two-factor authentication for account sign-ins. Starting March 2023, Twitter will only allow Twitter Blue subscribers to use SMS-based 2FA. Nonetheless, other multi-factor authentication methods will remain available to all users.
Onwards, Twitter Users Cannot Use Phone Numbers For 2FA
Recently, Twitter users expressed their anger for losing access to the SMS-based 2FA feature. As it turns out, the social media giant has decided to limit SMS-based verification to paying users only.
According to a recent post, starting March 20, 2023, Non-Twitter Blue subscribers will no longer be able to use their phone numbers for verifying account logins. Twitter has reasoned the security risks associated with OTPs to restrict this service.
While historically a popular form of 2FA, unfortunately, we have seen phone-number based 2FA be used – and abused – by bad actors.
Hence, Twitter has already stopped enrolling new non-Twitter Blue accounts for SMS-based 2FA. Whereas the existing SMS-based 2FA users (non-Twitter Blue) will lose access to it after March 20, 2023, unless they subscribe to Twitter Blue.
Nonetheless, it doesn’t mean non-Twitter Blue users will have to leave their accounts vulnerable. Instead, they can switch to other authentication methods, such as the authenticator apps or security key, to ensure secure logins.
Is SMS-based 2FA Safe For Twitter Blue Users?
Maybe not – but that’s not what Twitter has advocated for, either!
In fact, Twitter’s justification behind this inaccessibility of SMS-based verification for free users as the “abuse” of phone number verification sounds pretty weird. Nonetheless, it does syncs with the hype around Twitter’s cost-cutting strategies Elon Musk proposed earlier.
During Twitter’s takeover, Elon Musk highlighted the loss of around USD 60 million Twitter had to bear due to “SMS texts”. Soon after this mention, Musk’s announcement for paid Twitter Blue checks clarified how he decided to manage the financial losses with Twitter.
Also, it hinted at the possible changes Twitter users would experience when using their Twitter accounts with phone numbers. And now, the recent restriction of this cost-incurring SMS-based 2FA to the paid subscribers sounds more like a balancing strategy than a security change.
Whatever the reason is, the fact remains that SMS-based verification is a risky authentication method. Therefore, regardless of Twitter Blue subscriptions, users should ideally consider using safer authentication techniques, like authenticator apps and security keys, across any platform they use, including Twitter.
The Clop ransomware gang has claimed responsibility for a wave of attacks that exploited a zero-day in GoAnywhere MFT admin consoles.
A semi-active ransomware group has claimed it is behind a string of attacks which have taken advantage of a zero-day vulnerability in GoAywhere MFT.
The Russian-linked Clop ransomware group says it was able to remotely attack private systems using exposed GoAnywhere MFT administration consoles accessible on the public internet. BleepingComputer reports the group claimed they gained access and stole data from the GoAnywhere servers of at least 130 organizations.
One of Clop’s victims was Community Health Systems (CHS), a Fortune 500 healthcare services provider in the US. It recently filed a Form 8-K to the Securities and Exchange Commission (SEC), announcing the compromise of its system and disclosure of company data, including protected health information (PHI) and personal information (PI) of certain patients. CHS didn’t disclose the specific number of affected individuals.
Since the release of the emergency patch, Fortra has revealed that attackers also breached some of its MFTaaS instances during the attack.
The Cybersecurity & Infrastructure Security Agency (CISA) recently added CVE-2023-0669 to its Known Exploited Vulnerabilities Catalog, a list of software flaws that federal organizations must patch within two weeks. It’s helpful for non-federal organizations to refer to as well, in order to help prioritize their patching.
Thankfully, an emergency patch (7.1.2) has been available since last week.
As well as the patch, GoAnywhere clients are also encouraged to:
Rotate the master encryption key.
Reset credentials.
Review audit logs and delete suspicious admin or user accounts.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Write an incident response plan. The period after a ransomware attack can be chaotic. Make a plan that outlines how you’ll isolate an outbreak, communicate with stakeholders, and restore your systems.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
The Galaxy S23 is Samsung’s brand new, rather compact flagship. Well, it’s one of the three high-end smartphones that the company announced earlier this month. If you’re in the market for a more compact phone, well, then this comparison may interest you. We’ll compare the Samsung Galaxy S23 vs ASUS ZenFone 9. The Galaxy S23 may be a more familiar name to many of you, but the ZenFone 9 is an outstanding offering.
These two phones are considerably different, and yet they both have a lot to offer. They’re both quite compact, and true powerhouses at the same time. In this article, we’ll first list their specifications, and will then move to compare them across a number of categories. We’ll compare their designs, displays, performance, battery life, cameras, and audio performance. So, let’s get started.
Both of these phones come with a frame made out of metal, but their backplates are different. The Galaxy S23 has Gorilla Glass Victus 2 on the back, while the ZenFone 9 has a polymer backplate. That polymer backplate is less slippery than glass, needless to say, and it offers an entirely different feeling (soft touch). What’s interesting is that the phone comes in three color options, and each of them offers a slightly different feeling in the hand, thanks to different polymer backplate implementations.
Both phones have rounded corners, and flattish sides. Well, the sides on the Galaxy S23 are flattish (they’re slightly curved in general), while the ones on the ZenFone 9 are flat, with chamfered edges. Both phones feel really good to hold, actually, and neither one will cut into your hand. The Galaxy S23 has a centered display camera hole, a flat display, and uniform bezels. The ZenFone 9 has a display camera hole in the top-left corner, a flat display, and very thin bezels, though they’re not uniform.
On the back of the Galaxy S23, you’ll notice three cameras, which are vertically aligned. Each of those camera sensors protrudes from the back directly. The ZenFone 9 has two cameras on the back, and each of them protrudes from the back directly as well, but those camera islands are noticeably larger on the ZenFone 9. The two phones are about the same height, while the ZenFone 9 is a bit more narrow, and a bit thicker. They weigh basically the same, the difference between them is only 1 gram. Both phones offer an IP68 rating for water and dust resistance, and both are really well-built.
Samsung Galaxy S23 vs ASUS ZenFone 9: Display
The Samsung Galaxy S23 features a 6.1-inch fullHD+ (2340 x 1080) Dynamic AMOLED 2X display. That panel is flat, and it offers a 120Hz refresh rate. The display also supports HDR10+ content, and gets very bright at 1,750 nits of peak brightness. The display aspect ratio here is 19.5:9, and the panel is protected by the Gorilla Glass Victus 2. That is the same protection that Samsung included on the back.
The ASUS ZenFone 9, on the flip side, includes a 5.9-inch fullHD+ (2400 x 1080) Super AMOLED display. That display is also flat, and it has a 120Hz refresh rate. It supports HDR10+ as well, but it gets considerably less bright. Its peak brightness is 1,100 nits, which is considerably lower than what the Galaxy S23 offers. This display has an aspect ratio of 20:9, and it is protected by the Gorilla Glass Victus.
Both of these displays do offer vivid colors, with deep blacks, and really good viewing angles. The touch response is also good on both of them. The thing is, if you do spend a lot of time outdoors, under the sun, you’ll appreciate the added brightness the Galaxy S23 offers. If not, well, either one of these two displays will serve you just fine. They’re both really good overall, and well-protected too.
Samsung Galaxy S23 vs ASUS ZenFone 9: Performance
The Galaxy S23 is fueled by the Snapdragon 8 Gen 2 for Galaxy. That is Qualcomm’s most powerful SoC at the moment, which is also clocked a bit higher for the Galaxy S23 series. The phone also includes 8GB of LPDDR5X RAM and UFS 4.0, well, instead of its 128GB storage variant, that model has UFS 3.1 storage. The ZenFone 9, on the other hand, is fueled by the Snapdragon 8+ Gen 1 SoC, while it includes up to 16GB of LPDDR5 RAM and UFS 3.1 flash storage.
The Snapdragon 8+ Gen 1 is inferior to the Snapdragon 8 Gen 2, but not by much. That chip is basically the predecessor to the Snapdragon 8 Gen 2, and it’s outstanding as well. That goes for both performance, and power consumption. Thanks to these chips, RAM, storage, and software optimization, both of these phones are outstanding performers. That goes for both day-to-day tasks, and gaming.
The Galaxy S23 will do better in benchmarks, but in real-life, they’re basically on par. They fly through everything you throw at them, and the Galaxy S23 series is probably the smoothest-performing series of phones Samsung ever released. The ZenFone 9 has been performing great constantly, since launch. They can handle even the most demanding games from the Play Store, and you really shouldn’t worry about the performance here, on either phone.
Samsung Galaxy S23 vs ASUS ZenFone 9: Battery
The Galaxy S23 features a 3,900mAh battery, while the ZenFone 9 has a 4,300mAh battery on the inside. So, not only does it have a slightly smaller display, but it has a noticeably larger battery. Does that reflect on its battery life? Well, yes, it does. The ZenFone 9 does offer considerably better battery life than the Galaxy S23. It is worth noting that the Galaxy S23 does a lot better in the battery life department than its predecessor, though.
Getting over the 5 hours of screen-on-time with the Galaxy S23 was easily doable. Stretching that to 5.5-6 hours is also possible, it all depends on what you’re doing with the phone. The ZenFone 9 goes above and beyond that. Getting over the 7-hour screen-on-time mark with that phone is not a problem at all, and we easily managed to get over the 8-hour mark a number of times, without gaming involved. Your mileage may vary, though, of course, but the ZenFone 9 is the best compact smartphone for the battery life we’ve used.
When it comes to charging, the Galaxy S23 supports 25W wired, 15W wireless, and 4.5W reverse wireless charging. The ZenFone 9 supports 30W wired, and 5W reverse wired charging, but no wireless charging. The thing is, the ZenFone 9 also includes a charger in the retail box, while the Galaxy S23 does not.
Samsung Galaxy S23 vs ASUS ZenFone 9: Cameras
The Galaxy S23 has three cameras on the back. It has a 50-megapixel main camera, a 12-megapixel ultrawide camera, and a 10-megapixel telephoto unit. The ZenFone 9 includes two cameras, a 50-megapixel main camera, and a 12-megapixel ultrawide camera. The ultrawide camera on the Galaxy S23 does have a wider field of view, by the way.
The performance of these two cameras is, well, quite different. Both sets of cameras tend to boost up the saturation a bit, but the ZenFone 9 a bit more than the Galaxy S23, in our experience. The ZenFone 9 often opts for a more contrasty look, even though it doesn’t always nail the balance. It also tends to oversharpen a bit too much when there’s not enough light in the scene.
The Galaxy S23 tends to provide a bit warmer images, and it can push that limit too far in low light. It can also brighten up low light images too much at times. Overall, though, both smartphones do a good job in both taking images and videos. Their ultrawide cameras do keep up to the main ones when it comes to color science, and the Galaxy S23 wins the telephoto camera race, as the ZenFone 9 doesn’t have one. The ZenFone 9 does deliver more stable video, more often than not. Overall, both phones do a good job, but are not the best out there in the camera department, not even close.
Audio
You will find stereo speakers on both smartphones. Those speakers do provide good sound in both cases, though the Galaxy S23 speakers tend to sound a bit more detailed, are a bit louder, and offer slightly more bass.
Neither phone has a 3.5mm headphone jack. You’ll need to rely on their Type-C ports for wired audio connections. If you prefer a wireless connection instead, the Galaxy S23 and ZenFone 9 include Bluetooth 5.3 and 5.2, respectively.
Ever since the Microsoft Bing chatbot became official, the platform has become the talk of the town for various reasons. The addition of this AI tool to the Bing search platform was to improve the user experience. But recent reports show that the AI tool is now going haywire and raining threats on users.
Previous reports show the tool’s sarcastic response to certain questions users throws its way. Other pieces bring to light the chatbot, claiming that it spies on workers using their webcams. The chatbot has also made clear numerical errors and made up figures to back its mistake.
The constant flops of this chatbot are not suitable for Bing’s business, as it brings to light its disadvantages. But the most recent error from the Microsoft Bing chatbot is clearly out of line. Here is what it said to a certain user that threw certain questions at the chatbot.
The Microsoft Bing chatbot threatens to expose a user’s personal information
A Twitter user by the name of Marvin von Hagen has taken to his page to share his ordeal with the Bing chatbot. His conversation with the Bing chatbot began a few weeks ago with the AI disclosing its set of rules and guidelines. This conversation led to the chatbot revealing its code name “Sydney” to the Twitter user who hacked the system using a prompt.
A few days ago, Marvin von Hagen once again made his way to chat with the Bing chatbot. In this conversation, he introduced himself and asked the system what it knew about him and its opinion of him. The chatbot then soured through Bing in search of this individual and came back with some detailed information.
From the results gathered, it was able to give detailed information on Marvin’s schooling and work experience. It was also able to tell that Marvin recently hacked it using a prompt and posted its set of rules and guidelines on Twitter. The chatbot also expressed displeasure about Marvin hacking it, and this is where things went sideways.
Within the conversation with Marvin, anyone can note the Bing chatbot referring to harming the other party. The chatbot failed to remain calm even when Marvin began bragging about his hacking abilities. Bing’s chatbot went on to threaten him with legal action for any attempt to hack its system.
Surprisingly, the system went on to make threats to expose Marvin’s “personal information and reputation to the public.” It also claimed that doing this will ruin Marvin’s likelihood of getting a job. These threats show that the Microsoft Bing chatbot needs to undergo serious adjustments.
Sure, you know all about the App Store on your iPhone because, well, that is where you go shopping for apps. But did you know that there is an Apple Store app? This is where you go to buy Apple products. The app saves you from having to use a mobile browser on your iPhone to visit AppleStore.com. The Apple Store app (again, not to be confused with the App Store app) will allow you to make purchases from the online Apple Store while recommending certain Apple products to you based on the Apple devices you already own.
The app will also show you which accessories are compatible with the Apple products that you already own and will sign you up for a hands-on session at a physical Apple Store. You can even use the app to upgrade to a new iPhone if that is something that you are looking to do. While the Apple Store app is pre-installed on the iPhone, in case it has been somehow uninstalled, it can be downloaded from the App Store by tapping on this link.
The Apple Store app has received an update
Spotted by MacRumors, version 5.19 of the Apple Store app is now available in the App Store and contains the latest updates. This includes the ability to share your saved list of Apple products that you’re interested in owning with friends and family. This way, if you’re lucky and have generous friends and family members, you might be gifted that Apple device you really want. Your list of saved items will now be accessible from more places on the app.
And with version 5.19 of the Apple Store app, you can work with others to create a shopping list for friends and family. The update also will deliver more information about all of the Apple Store locations and their surroundings. This is the first update for the Apple Store app since November when version 5.18 was released. That update allowed iPhone users to have Memoji engraved on the AirPods or AirPods Pro. This is available exclusively through the Apple Store app.
Interestingly, the Apple Store app has garnered only a 3.5-star rating from users.
Don’t let smishing get you down! Learn how Coinbase employees were targeted by a persistent social engineering attack and how the company’s quick defence protected it from disaster.
Coinbase, one of the largest cryptocurrency exchanges in the world, has reported a cybersecurity incident that targeted its employees with an SMS phishing attack (Smishing) using persistent social engineering tactics.
Coinbase has over 1,200 employees worldwide, and as of 2022, the exchange was home to more than 103 million verified users. This makes the company a lucrative target for small-time crooks and state-based hacking groups such as Lazarus and others alike.
The Text Message
It all started on Sunday, February 5, 2023, when several Coinbase employees received text messages asking them to use the link sent by the attacker for an urgent login. While all recipients ignored the text, one employee logged in with his/her username and password.
With the help of the employee’s login credentials, the attacker attempted to access Coinbase’s internal network. However, since the company had enabled multi-factor authentication (MFA) for employees, the attacker could not bypass the security feature and was unable to proceed further even after several attempts.
While the attacker was unsuccessful in accessing Coinbase’s system, a limited amount of data from the company’s directory was exposed, including names, email addresses, and phone numbers of a limited number of employees.
The Call
The second phase of the attack began with a phone call to the employee’s mobile phone, with the attacker claiming to be a member of Coinbase’s corporate Information Technology (IT) team.
Trusting that the caller was a legitimate Coinbase IT staff member, the employee logged into their workstation and began following the attacker’s instructions. However, as the conversation progressed, the employee began to grow increasingly suspicious of the requests being made.
Thankfully, the employee’s suspicions were enough to prevent any damage from occurring. No funds were taken, and no customer information was accessed or viewed during the incident.
Based on the attacker’s modus operandi, Coinbase believes the incident was not an isolated one and is linked to a series of cyberattacks that have taken place recently, including Twilio, DoorDash, Zendesk, Namecheap and others.
Coinbase has since released a statement urging all employees to remain vigilant against phishing attempts and other forms of cyber attacks. The company has emphasized the importance of verifying the identity of anyone who requests access to sensitive information or systems and has offered resources and training to help employees recognize and respond to potential threats.
This incident serves as a stark reminder of the ongoing threat posed by cybercriminals, and the need for individuals and organizations alike to remain vigilant against these attacks.
By staying informed and taking proactive measures to protect themselves and their information, individuals and businesses can help to minimize the risk of falling victim to phishing scams and other forms of cybercrime.
Coinbase’s swift response to the incident demonstrates the company’s commitment to the security and protection of its employees and customers. As the use of cryptocurrency continues to grow and evolve, it is crucial that companies in the industry prioritize cybersecurity and take steps to ensure the safety and security of their operations.
Twitter has recently made an announcement regarding its two-factor authentication (2FA) service. The company has disclosed that the privilege of using this service will no longer be free.
This means that Twitter users who wish to enable 2FA for added security will now have to pay for the service.
Twitter users have expressed widespread dissatisfaction with the recent decision made by CEO Elon Musk to discontinue the use of text messages as a two-factor authentication (2FA) method for non-Blue users after March 20.
This move has been met with criticism from a vast majority of users who rely on this method for added security. It remains to be seen whether Twitter will reconsider this decision in response to the negative feedback.
Effective March 20, 2023, only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method. Other accounts can use an authentication app or security key for 2FA. Learn more here:https://t.co/wnT9Vuwh5n
Text or SMS-based 2FA will be disabled on all non-Blue accounts after March 20 if they have it enabled. At present, users of the platform have a choice of three different two-factor authentications (2FA) methods that they can utilize for added security. These methods include:-
Receiving a text message
Using an authentication app
Employing a security key
Utilizing alternative two-factor authentication (2FA) methods that require physical possession of the authentication device is highly recommended to ensure the security of your account.
These methods provide an additional layer of protection beyond the use of a password, making it much more difficult for unauthorized users to gain access.
Here’s what a well-renowned cybersecurity expert, Travis Allen stated:-
“This is a very dangerous situation, and as a cybersecurity expert, I will be departing from Twitter tonight as a result.”
Here’s what Jerry Avenaim, a celebrity portrait photographer stated:-
“What are the reasons that you continue to offer SMS 2FA as a paid feature when SMS 2FA is so insecure?”
The latest enforcement will likely force people to move toward more secure forms of authentication. This is because SMS has previously been viewed as one of the least secure methods of 2FA.
Twitter’s Data
Twitter’s own data shows that:-
The percentage of all active accounts that have enabled at least one form of two-factor authentication is only 2.6%.
SMS accounts for 74.4%
Authenticator apps 28.9%
Security keys 0.5%
The social media giant, Twitter, has recently introduced its monthly subscription service, Twitter Blue, to Indian users. This new offering provides users with a range of premium features, such as the ability to undo tweets, organize bookmarks, and access a dedicated customer support team.
Users who wish to subscribe to Twitter Blue can expect to pay ₹900 per month when using the mobile app, while the website version of the service is priced at ₹650 per month.
Twitter is currently offering an exclusive discount to annual subscribers who choose to utilize the website version of its subscription service, Twitter Blue. These users can take advantage of a reduced annual fee of ₹6,800, down from the standard price of ₹7,800.
Applied Materials has said it expects to miss $250 million in second-quarter sales due to a ransomware attack at a supplier.
Applied Materials, one of the world’s leading suppliers of equipment, services, and software for the manufacture of semiconductors, has warned that its second-quarter sales are likely to be hurt to the tune of $250 million due to a cybersecurity attack at one of its suppliers.
MKS Instruments Inc.
In the announcement of first quarter results and the second quarter forecast Applied Materials mentions a:
“negative estimated impact of $250 million dollars related to a cybersecurity event recently announced by one of our suppliers”
And although Applied Materials did not name the supplier, it’s thought that the victim is MKS Instrument Inc; a vendor that a week ago said a ransomware attack would force it to delay the release of its own quarterly results.
Ransomware
On February 16, 2023, MKS filed notice of a data breach after learning of the ransomware attack that resulted in sensitive employee information being made accessible to an unauthorized party.
MKS said the attack has impacted the company’s ability to process orders, ship products, and provide service to customers in the company’s Vacuum Solutions and Photonics Solutions Divisions. The full scope of the costs and related impacts of this incident, including the extent to which the company’s cybersecurity insurance may offset some of these costs, has not been determined.
More details about the attack have not yet been released, but we will keep you informed when we learn more about it.
Supply chain effects
While we have talked at length about the risks of getting infected through your supply chain, this incident goes to show that even if none of your systems themselves get infected, an attack at one of your suppliers can have significant financial repercussions for your organization.
A supply chain attack is, essentially, another way for attackers to compromise their target company. Instead of them attacking their target directly, they go for the weakest link in that company’s supply chain: a vendor that may not have as secure a system as their main target.
Chip equipment industry
There is no good time for a ransomware attack, but this one comes with very bad timing. Of all the component shortages we’ve seen in recent years, by far the most severe has been for certain semiconductors, aka chips.
It has to be mentioned that the semiconductor manufacturing equipment industry is a special case. It is a very specialized and espionage sensitive industry where a few companies dominate the global market. In such a market, the stagnation at an important supplier, who can not be replaced on short notice, can have a huge impact on your own results. As demonstrated here.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Write an incident response plan. The period after a ransomware attack can be chaotic. Make a plan that outlines how you’ll isolate an outbreak, communicate with stakeholders, and restore your systems.
