SAS Airlines was been hit by a cyber attack. The airline has confirmed that its websites and apps were impacted by the attack – Read on for the latest updates on the cyber attack and how it may have affected SAS customers.
The Scandinavian airline SAS was hit by a crippling cyber attack, after which its website and app went offline. It is suspected that the incident may have leaked the airline’s customer data from the app briefly. The incident occurred on Tuesday 14th February evening.
Reuters reported that the airline urged customers to refrain from using its mobile app, as they might receive incorrect information. Reportedly, some users, including customers from Norway, logged into the wrong accounts and accessed data or other customers. The company’s website remained offline for some time.
SAS’s head of press, Karin Nyman, stated that the issue had been fixed now. The airline didn’t provide details of the incident; however, users have posted resentful comments on its Twitter account in response to the company’s Valentine’s Day message.
The airline asked its Twitter followers if they dreamed of a trip to the “world’s most romantic city this Valentine’s Day?” to which one user replied:
“Well, I’m just dreaming of being able to actually book flights on your website or in the app at the moment,” and shared a screenshot of the downed website.
Some users posted about a technical glitch in the airline website that prevented them from buying tickets; it is not yet clear whether these complaints were resolved or not.
It is worth noting that several Scandinavian media outlets were hit by hackers on the same day that SAS was attacked. This includes SVT, a popular Swedish television channel that became a victim of a DDoS attack by a group named “Anonymous Sudan”.
The hackers stated that the cyber attack was a response to the recent Quran-burning incident near the Turkish embassy in Stockholm.
Popunders are the ideal vehicle to serve ad fraud. In this case, we investigate a scheme where a webpage you can’t see is loading a bunch of ads while code mimics user activity by scrolling and visiting links.
WordPress is an immensely popular content management system (CMS) powering over 43% of all websites. Many webmasters will monetize their sites by running ads and need to draw particular attention to search engine optimization (SEO) techniques to maximize their revenues.
But some people will take a shortcut to gaining traffic by engaging in legal but sometimes fraudulent practices. In this instance, we identified someone buying popunder traffic to promote their websites. A popunder is a very common occurrence online and consists of launching a secondary page under the current one. In itself, it could be considered simply an annoyance and is not malicious except when the website that is being launched uses various techniques to defraud advertisers.
We discovered a few dozen WordPress blogs using the same plugin that mimics human activity by automatically scrolling a page and following links within it, all the while a number of ads were being loaded and refreshed. The blogs would only exhibit this invalid traffic behavior when launched from a specific URL created by this plugin, otherwise they appeared completely legitimate.
In this post, we share the technical details behind this ad fraud scheme and any clues pointing to the developer of this WordPress plugin.
Key findings
About 50 WordPress blogs have been backdoored with a plugin called fuser-master
One of the blogs performing this ad fraud had 3.8 M visits in January, with an average visit duration of 24:55 minutes and 17.50 pages per visit
This plugin is being triggered via popunder traffic from a large ad network
The WordPress sites are being loaded in a separate page underneath and display a number of ads
The plugin contains JavaScript code that mimics the activity of a real visitor: scrolls the page, clicks on links, etc.
The code also monitors for real human activity (mouse movement) and will immediately stop the fake scrolling when that happens
Figure 1: Diagram summarizing ad fraud case
Fuser-master WordPress plugin
Recently we blogged about ad fraud involving a popunder as well, except in that case it was using an iframe to hide the ads. Here, there is nothing hidden at all and the ad fraud can only be deduced when the page is being scrolled down, and back up at random intervals. Because it is a popunder, anyone becomes an unwitting accomplice and does not see any of the fraudulent behavior.
In this investigation, we won’t be spending time on the ad network facilitating these popunders but we have a fairly good idea of which one it might be based on anti-debugging code that they used. What makes popunders particularly enticing for ad fraud is the fact they allow content to be loaded and remain until further action. Unlike the main browser window where a user can easily navigate away from the current website they are visiting, the popunder will remain open for several minutes or even hours, until it is closed.
We were able to trigger the popunder several times and noticed that the fraudsters were using several different blogs that all had the same thing in common, namely they used a plugin called ‘fuser-master’. There aren’t many references for this plugin such as where to download it or who its author might be. We were only able to find one mention from themesinfo.com which is a WordPress theme detector.
Figure 2: A list of websites using the fuser-master plugin
Not all the sites listed in the gallery still exist or are fully functional, but that still gave us a good indication of what was being used to turn standard blogs into ad fraud robots. It’s worth mentioning again that when visited at their homepage, all these blogs are static in nature, meaning we don’t see this kind of zombie activity where the page is scrolling by itself. In the next section, we will look at the URL entry point that triggers that specific behavior.
User check and redirect
All of these blogs appear typical when visited directly, so they would likely pass both a manual and human verification. However, when a special URL (the entry point) is entered with the corresponding parameters, they turn into ad fraud. Below you can see the URL path and its parameters that are being used on all the blogs where that plugin has been installed:
/wp-content/plugins/fuser-master/entrypoint.php?
First, the current user is checked to determine if they should be allowed to enter into the ad fraud scheme or not:
Figure 3: Pre-check for cookies
The fraudsters are using open redirects from Google and Twitter in an interesting way. A keyword from an array corresponding to related Google search terms is picked and added to a Google search URL:
Figure 4: SEO trick
That keyword is chosen randomly and makes up the dynamic redirect URL:
Figure 5: Keyword used in redirect
The next web request is the actual redirect code which also drops some cookies. The URL and code for the redirect will vary based on the different options set up previously:
Figure 6: Google open redirect
Figure 7: Twitter open redirect
The popunder will effectively load the blog via the entrypoint, then immediately leave it to re-enter via a Google open redirect as if someone had clicked on one of the search results. This is what it looks like:
Figure 8: Animation showing open redirect mechanism
Faking user activity
As mentioned previously, the blogs will only exhibit their ad fraud nature when visited via the fuser-master plugin’s entry point. We know that this happens when a user was browsing the web, clicked on a page and a popunder was launched. The blog will open up in a new window behind the current window, which means the user is completely unaware of what is happening.
It becomes quickly obvious that there is something odd when the popunder is exposed. We notice some scrolling back and forth and somewhat randomly which truly mimics what a human would do when reading an article. When looking at the code we can see that it checks for user activity (more on that later) and only performs this scrolling activity if it has not detected real mouse movements on the page:
Figure 9: Code for automated scrolling
Had the popunder been the same blog without this fake scrolling there would be no reason to suspect mischief. Of course the fraudsters aren’t interested in a static page without any kind of user interaction as their goal is monetization via ads. This invalid traffic needs to look as valid as possible in order to not get flagged by anti ad fraud solutions:
Figure 10: Animation showing automated scrolling
Another interesting aspect of this fraud is how at regular intervals, a new article is being viewed. This makes sense in the context of a standard visitor to a blog continuing on the site by following other articles that they might be interested in reading. Looking at the fuser-master’s code, we see that it tries to get all internal URLs from the currently loaded page and places these links into an array. If we observe what’s happening, see that after a certain number of scrolling up and down, a different article gets loaded and the scrolling resumes. This fake activity could last from minutes to hours, until it is interrupted by the real human who’s currently at their computer.
Freeze game
At some point, the real user will close their browser or the page that was in front of the popunder. When that happens, all fake activity suddenly stops and the blog becomes static. This is a clever trick to avoid suspicion and reminds us of the ‘freeze’ game kids play. The fraudsters are able to detect when the mouse is being placed over the current page and can quickly stop the code from running.
Figure 11: Monitoring for real user activity
Figure 12: Stopping fake activity after real user is detected
Same web developer built those blogs
Looking through the Internet Archive, we identified an Indian web developer behind several of these sites. Some of the older posts were written by him and the layout such as the scroll bar style and test ads are also identical. There is nothing that definitely proves that this web developer created the ad fraud plugin although he had the technical skills to do so and based on his community WordPress identity was involved in a number of posts about various SEO plugins.
Figure 13: Demo blog using a similar template reused elsewhere
In addition, his own business website also features those blogs in his portfolio and while hovering over the thumbnails we can’t help but notice a scrolling technique very similar to what we saw previously with the ad fraud.
Figure 14: Portfolio showcasing some of the blogs
We contacted one of his supposed customers to let them know about the fuser-mater plugin running on their site. While we did not hear back from them, within about an hour the plugin had been removed from their WordPress installation.
Figure 15: Fuser-master plugin was deleted shortly after our notification
If the web developer wanted to earn from this ad fraud scheme, he would need to have his own publisher IDs and overwrite the ones used by his customers, however we could not immediately verify that this was the case. It’s also possible that the plugin is sold as an “add-on” and that some of his customers are fully aware of it, but we could not prove that either.
Contrary to the previous ad fraud case we looked at, this one does not simply use Google ads. Instead they are going through a number of ad platforms which makes their publisher ID and potential revenue more difficult to figure out. We do know that one of the websites featured in this investigation (momplaybook[.]com) had 3.8 million visitors in January, spending an average of 24 minutes and looking at 17 pages on the site (stats by SimilarWeb).
Figure 16: Malwarebytes Browser Guard
Visiting that same website, Malwarebytes Browser Guard blocked over a thousand ad trackers after a few minutes of sitting idle on the main page. The majority of requests came from Google’s DoubleClick and OpenX which we have informed.
Conclusion
While popunders are a legitimate form of advertising, their very format is susceptible to abuse. For ad fraud in particular, popunders allow websites to be loaded and serve ads that will never be viewed by real humans.
The plugin we identified during this investigation is relatively simple and allows anyone with an ordinary WordPress blog to increase their earnings dramatically. Because regular visitors will come to the blog via a different flow (standard search or referral link), none of the fraudulent behaviors will be shown. All that is needed is to purchase ad space via a large popunder distributor and use the special entry point URL that triggers the fuser-master plugin.
We have shared details about this invalid traffic case with other partners in the industry.
Samsung’s Galaxy A series of phones have been really popular among those looking to save. Also, we can’t rule out Galaxy S users hopping down to the Galaxy A line in the face of the fumbling economy. Well, the Galaxy A23 5G is now being offered at Verizon.
There are two purchasing options that you can choose from. Firstly, you can buy the phone outright for the price of $349.99. However, if you can swing an extra $9.72/month, you can get it on a contract. Just know that this is a 36-month plan. The company may do a credit check, and if it’s not the best, you might have to pay a down payment.
The Galaxy S23 5G is at Verizon, what does it have to offer?
So, since this is a phone that’s meant for budget-conscious folks, you can expect the specs to be rather subdued. This phone is rocking a decently large 6.6-inch LCD display with a 1080 x 2400 resolution. What’s notable about it is the fact that it runs at 120Hz.
Moving onto the internals, the Galaxy A23 5G uses the Snapdragon 695 5G SoC, so you can expect pretty middle-of-the-road performance, but it shouldn’t be bad. This phone has 4GB of LPDDR4X RAM and 64GB of storage. You can expand it up to 1TB with a microSD card.
As for the camera, we’re looking at a quad-camera package. The main camera is a 50MP camera, and it’s accompanied by a 5MP ultrawide, 2MP macro, and 2MP depth camera. At the front, there’s an 8MP selfie camera.
Keeping the lights on, we have a 5000mAh battery. That will keep it powered for a while on a single charge. Speaking of charging, the Galaxy A23 5G supports 25W fast charging.
On the software side, this phone is launching with Android 13 running on One UI 5 out of the box. This means that you’ll have a pretty up-to-date software experience. All in all, the Galaxy A23 5G is a decent phone, and if you’re a Verizon customer, you can pick it up.
YouTube TV is Google’s own streaming live TV service. And it offers over 85 channels, live.
This product was designed for those that are looking to cut the cord from cable and be able to still watch cable channels. Without being tethered to their cable box, and be able to watch it anywhere.
YouTube TV is heralded as one of the best streaming live TV services on the market right now, despite the pretty regular price increases it has seen. It now costs $64.99 per month, after costing just $35 a few years ago. It’s the only streaming service that has PBS, and it is also the only one with an unlimited cloud DVR service. Making this a really incredible service for those that are looking to cut the cord from Comcast, Cox, AT&T, Verizon and other cable operators.
What is YouTube TV? And should you ditch cable for Google’s TV service? We’ll attempt to answer that, as well as other questions, like the cost, cloud DVR limitations, multiple screen limitations and more. Here’s everything you need to know about YouTube TV.
Table of contents
What is YouTube TV?
YouTube TV is Google’s attempt at capturing the cord-cutting audience. It’s a streaming Live TV service that offers 85+ channels, and continues to add more every few months. It also has YouTube Originals available.
YouTube TV initially launched in 2017, and it was restricted to a handful of markets in the US. The reason for the slow rollout, was gathering all local channels. Google did not want to launch in a market that did not have all of the locals. That includes ABC, NBC, CBS and FOX. Initially, Google was offering around 60 channels for $35 per month. In 2018, ahead of its nationwide launch, it increased prices from $35 to $40, but those that got in on the $35 price were grandfathered in.
In 2019, Google made YouTube TV available in all 210 markets in the US. It also added nine networks from Discovery, and raised the price from $40 to $50 per month. This also ended the grandfathered-in pricing for those that were paying $35. Google forced everyone to start paying $50.
In 2020, YouTube TV was able to strike a deal with ViacomCBS to bring over their channels to the service. Bringing over all of their channels meant another price increase. Going from $50 to $65 per month, and bringing the total number of channels to 85+. On March 17, 2021, YouTube TV added the rest of the ViacomCBS Channels to the service. These include BETher, Dabl, Nicktoons, Nick Jr, teenNick, MTV2, and MTV Classic.
YouTube TV is pretty unique for a couple of features that it offers and most of its competitors do not. The biggest one being an unlimited Cloud DVR. Allowing you to record just about everything. The other big feature is it’s availability. It’s available on almost any platform.
YouTube TV costs $64.99 per month for the base package. That includes 85+ channels, and all of its features.
There are some premium networks you can add-on, as well as the Sports Plus package. Sports Plus is priced at $10.99 per month and gives you an additional eight networks. The premium networks that are available include HBO and HBO MAX for $14.99. Showtime for $11/month, STARZ for $7/month, Cinemax for $10, Epix for $6/month, Curiosity Stream for $3, AMC Premiere for $5, Shudder for $6, Sundance Now for $7, Urban Movie Channel for $5 and AcornTV for $6. These all come with a free trial, anywhere from five days to 14 days. So it’s pretty easy to check out these premium channels before paying for them.
YouTube TV announced its new Spanish Plus package on May 10, 2022. It’s actually a package that can be an add-on, or purchased by itself without the base plan.
Spanish Plus includes 29 Spanish channels including: FOX Deportes, ESPN Deportes, Discovery en Español, beIN SPORTS en Español, CNN en Español, and more.
Currently, Spanish Plus is available for $9.99 per month for the first six months, $14.99 per month after for the add-on. Or you can get the package by itself for $24.99 per month for the first six months, and $34.99 per month after.
Sports Plus Package
Google added the Sports Plus package in September 2019. This is a new add-on for YouTube TV that will allow you to add even more sports networks. Included in this package is NFL RedZone, beIN SPORTS, FOX Soccer Plus, VSiN, Outside TV+, PokerGO+, MAVTV, TVG, Stadium, GOLTV, Billiard TV, SportsGrid, PlayersTV, Fight Network, IMPACT Wrestling. It’s available for $10.99 per month.
Update : On April 8, 2021, YouTube TV added FightNet and Impact Wrestling. For the same $10.99 per month.
Entertainment Plus Package
YouTube TV announced the Entertainment Plus package in February 2021. This package bundles HBO MAX, SHOWTIME and STARZ for $30 per month. Individually, these would cost you $35 per month, so you’re saving $5 here. Not a big savings, but a great way to bundle them with YouTube TV.
Supported Devices
4K Plus
On June 28, 2021, Google debuted another new add-on for YouTube TV – 4K Plus. This is an add-on that adds three main features. Of course, the ability to stream in 4K. Though that will be limited, at least at first, since most content is not available in 4K. But you can rest assured that the Olympics will be available in 4K.
It also brings offline downloads with almost no restrictions. Google says anything that you can record to your cloud DVR, you can download for offline viewing.
The third feature is that you’ll be able to watch unlimited streams with this package. Instead of the three concurrent streams that YouTube TV normally has.
This package is going to cost an additional $19.99 per month, and is available now.
Standalone channels
Announced on September 30, 2022, YouTube TV is allowing you to subscribe to some standalone channels without paying for the base plan on YouTube TV. Meaning you can subscribe to just these channels, without having to pay $65 per month on top of it. Those channels include:
HBO MAX
Showtime
STARZ
NBA League Pass
Cinemax
Epix
Hallmark Movies Now
Acorn
CuriosityStream
Outside TV Features
ALLBLK
Shudder
Sundance Now
IFC Films Unlimited
Dove
CONtv
Docurama
Law & Crime
VSiN
Update: In February 2023, YouTube TV announced that MLB Network and MLB.TV won’t be returning for the 2023 season. So you can’t buy the standalone MLB.TV package through YouTube TV any longer.
What devices are supported?
YouTube TV is available on a large variety of devices right now, and it is still adding more to its list.
As of today, YouTube TV is available on Android, iOS, Android TV, Apple TV, Chromecast, Fire TV, Roku OS, PlayStation 4 and Xbox One. As far as smart TVs go, it is available on many smart TVs from LG, Samsung, Hisense, Sharp, TCL and VIZIO that are 2016 and newer. Not to mention the fact that any TV that has Android TV, Roku or Fire TV built-in will also work – which includes almost every Hisense and TCL Smart TV from recent years.
On September 30, Google announced that the new Chromecast with Google TV will have a pretty tight integration with YouTube TV. With a new “Live” tab on the home screen that shows the current TV listings for what is live. At launch, only YouTube TV works with this tab, but Google plans to add more to that tab in the future. Like Sling TV, FuboTV and others.
Update: As of April 30, 2021, Roku no longer carries YouTube TV. Existing users can still use YouTube TV, for now. However, you do still have the option to Cast to your Roku device. This is in result of the carriage dispute between Google and Roku. This should only be a temporary thing, hopefully.
YouTube TV has steadily been adding new channels to its service since its inception in 2017. Currently it has over 85 channels, and covers the majority of the top 100 most popular cable channels.
Recent YouTube TV changes
YouTube TV added ViacomCBS channels: BET, CMT, Comedy Central, MTV, Nickelodeon, Paramount Network, TV Land, and VH1. Five of the 14 ViacomCBS channels have not yet arrived on YouTube TV, but will be very soon. Those include BET Her, MTV2, Nick Jr, Nicktoons, TeenNick and MTV Classic.
YouTube TV lost all Fox regional sports networks on October 1: After trying to renegotiate with Sinclair following its extension, YouTube TV lost access to all Fox regional sports networks. These include: Fox Sports Arizona, Fox Sports Carolinas, Fox Sports Detroit, Fox Sports Florida, Fox Sports Indiana, Fox Sports Kansas City, Fox Sports Midwest, Fox Sports New Orleans, Fox Sports North, Fox Sports Ohio, Fox Sports Oklahoma, Fox Sports Prime Ticket, Fox Sports San Diego, Fox Sports South, Fox Sports Southeast, Fox Sports Southwest, Fox Sports Sun, Fox Sports Tennessee, Fox Sports West, Fox Sports Wisconsin, SportsTime Ohio, and the YES Network. It’s worth noting that Fox, FS1 and FS2 will remain on YouTube TV though.
NFL Network came to YouTube TV in September 2020: Without any sort of price increase.
YouTube TV debuted new Sports Plus package in September 2020: YouTube TV debuted its first add-on package in September with Sports Plus. For $10.99 per month you can add NFL RedZone, Fox College Sports, GolTV, TVG, MAV, Stadium and Fox Soccer Plus.
MLB.TV comes to YouTube TV: In February 2021, YouTube TV announced that it was bringing MLB.TV to its service (as an added cost). It is available as of March 2021. With subscribers getting a free preview throughout March. MLB.TV costs $24.99 per month or $129.99 for the season.
Scripps Networks come to YouTube TV: In January 2023, YouTube TV announced that Scripps networks were coming to the service. That includes Ion, Bounce TV and Scripps News. That’s in addition to Newsy, which has been on YouTube TV for a few years already.
YouTube TV has a number of great features, some of which none of its competitors even have. As a result, it really helps make it stand out among the competition. Here are some of the bigger features for YouTube TV.
Unlimited Cloud DVR
Cloud DVR
By far the most popular feature for YouTube TV is its unlimited Cloud DVR. Which is included in the $64.99 price.
Because it is unlimited, you can record virtually anything and everything on YouTube TV, and watch it later. You can also record as many shows at the same time as you want. Something that is not possible with traditional TV.
Finally, with YouTube TV, you can also opt to start from the beginning or join live, if it is a show that you are recording. So if you come home late to watch The Masked Singer that starts at 8PM, you can start from the beginning and fast-forward through commercials until you catch up to the live recording. It is a really useful feature to have.
Dolby Digital 5.1
On August 27, 2021, YouTube TV announced that it had rolled out Dolby Digital 5.1 to all users.
Currently the compatible devices list is still pretty short. But it will be available on all devices that work with Dolby Digital 5.1 and YouTube TV in the very near future.
This feature is going to improve the audio quality from both live and on-demand content on YouTube TV. This also makes YouTube TV only the second streaming service to offer it for live content, along with DIRECTV Stream.
Google has started rolling out Dolby Digital 5.1 to more Roku and Android TV devices in June 2022.
Multiple Users
Another feature that sets YouTube TV apart is multiple users. Most streaming services do have multiple users support, but not quite in the same way.
With YouTube TV, you can invite up to five people to your subscription. So instead of sharing your password with other people, they can sign in with their own Google account. That is much smarter than sharing passwords, especially for something like your Google account, which is used for almost everything on the web.
While you can have up to five accounts on your YouTube TV account, you are still limited to only three simultaneous streams on YouTube TV. So not everyone can watch at the same time. But three screens is also more than its competitors offer, without paying for an upgraded plan.
Voice Control via Google Assistant
As expected, YouTube TV is integrated with Google Assistant. So if you have a Google Assistant device like a Nest Mini or Nest Audio, you can use it to start YouTube TV on your TV. If you have a Chromecast or Nest Home Hub, you can tell the Assistant to start playing YouTube TV on that screen.
You also have the ability to control other functions, like selecting a TV channel to watch live, starting a show, recording a show and even using playback functions like pause, resume and rewind.
On-Demand
YouTube TV does have an on-demand section of different movies and TV shows. If something you recorded is available as on-demand, you can choose between those two options. For example, if election coverage interrupted your recording of Ellen’s Game of Games, you can opt to watch the on-demand version instead.
The main difference between on-demand and DVR though, is that you cannot fast-forward through commercials on on-demand content. Though some won’t have commercials – like FOX shows for some reason. On DVR content, you can fast-forward or rewind to your heart’s content.
Picture-in-Picture on Mobile
Surprisingly, most other streaming live TV services do not offer this feature, but YouTube TV allows you to do picture-in-picture on mobile. So you can continue watching your show while you are on Twitter or Facebook, or replying to your friend’s text message.
This works on Android smartphones and tablets. However, it doesn’t yet work on iOS. It’ll work on iPads and iPhones starting with iOS 14.
Dark Mode
As with everything these days, there is a dark mode for YouTube TV on both desktop and mobile. This can be very useful for when you are watching TV or scrolling through the app at night or in a dark room.
Mark shows as viewed
Since you can’t “delete” shows from your DVR – they will auto-delete after nine months, and be replaced with a newer recording if that show played on TV again – mark as viewed is really useful.
You can “Mark as Watched” on any movie or TV show on YouTube TV, from the desktop or mobile versions of the service. This means that it won’t show up as “new” in your library any longer. As a result, it makes it easier to view your new shows in your library, to catch up on what’s new.
No offline viewing
This is likely no real surprise, but YouTube TV does not allow for offline viewing. Most streaming Live TV services do not allow for this, since it is live. But it would be nice to be able to download your DVR’d content to watch offline, if you are going to be flying somewhere with no internet, or taking the subway to work. Hulu with Live TV does it, but there are some serious caveats to it.
Multiple channel sorting options
YouTube TV has always offered the default view for sorting channels, and then a Customized view. Which was a pain to actually do. Imagine dragging and dropping channels when there are over 100 channels in the list.
But on January 18, 2022, Google started rolling out a few more options. Like the ability to sort by “Most Watched” and then A-Z and Z-A. The Most Watched option takes into effect your DVR watching habits too.
When you look at the channels and the pricing of YouTube TV, it is a pretty good deal. The only downside here is that there’s no telling when the price may go up again. But if the recent Sports Plus package addition is anything to go by, it looks like Google is planning to add some more premium packages. Instead of giving everyone, every single channel and just raising the price.
I am a subscriber of YouTube TV and have been since almost the beginning, so my opinion here is a little bit biased, but I feel that this is the best value. There’s over 85 channels here, including the majority of the top 100 cable channels available. As well as cloud DVR, where you can save literally everything (and I do) to watch later. Not to mention the fact that it is available on almost every platform you can think of.
If you’re looking to check out YouTube TV, use this free trial to check it out before paying for it. Google gives everyone a free seven-day trial. But right now, if you sign up before October 15, 2020, you can get that doubled to 14 days.
Starting next month, Apple is changing App Store pricing in certain countries. The price changes will be seen with apps in the App Store and with in-app purchases. Apple released a note to developers in which it points out that it deals with 44 currencies across 175 iOS app storefronts. Obviously, the tech giant needs to deal with always fluctuating foreign exchange rates and changes that are made to the tax policies of the countries it serves.
Apple has made similar changes to App Store pricing in the past for the same reasons. For example, last month Apple made a huge change to App Store pricing by adding 700 new price points for developers. This change was first made available last month for apps offering auto-renewable subscriptions. Other apps and in-app purchases will be able to use the new price points starting this spring.
As for the changes announced by Apple on Friday, the company told developers that “apps and in-app purchases (excluding auto-renewable subscriptions) on the App Store will increase in Colombia, Egypt, Hungary, Nigeria, Norway, South Africa, and the United Kingdom.” This increase will start on February 13th.
Meanwhile, a drop in the value-added tax rate from 15% to 12% in Uzbekistan will lead to a drop in app and in-app pricing. Apple tells developers not to worry because “Your proceeds will be adjusted accordingly and will be calculated based on the tax-exclusive price.”
Fluctuations in foreign-exchange rates is one reason why Apple often changes prices in the App Store
In Ireland, Luxembourg, Singapore, and Zimbabwe, app and in-app prices won’t change but developers’ proceeds will fluctuate due to the following tax changes:
Ireland: Reduction of value-added tax rate on electronic newspapers and periodicals from 9% to 0%
Luxembourg: Reduction of value-added tax rate from 17% to 16%
Singapore: Increase of goods and services tax rate from 7% to 8%
Zimbabwe: Increase of value-added tax rate from 14.5% to 15%
At the end of the current month, Apple says that proceeds will increase for local developers in Cambodia, Kyrgyzstan, Indonesia, Singapore, South Korea, Tajikistan, Thailand, and Uzbekistan.
Apple reminds developers that they can change the prices of their apps and in-app purchases (which include auto-renewable subscriptions) anytime using App Store Connect. The company also reminds developers selling subscriptions that they can also leave pricing the same for existing subscribers.
SideWinder is apparently an India-based advanced persistent threat (APT) group known for spreading malware, infiltrating networks, and stealing sensitive information.
Security researchers at Group-IB have finally been successful in connecting a series of phishing campaigns between June and November 2021 to an Indian Advanced Persistent Threat (APT) group, SideWinder.
The suspected state-sponsored group has targeted 61 government, military, law enforcement, and other organizations across the Asia-Pacific region, according to a report from Group-IB.
Also known as Rattlesnake, Hardcore Nationalist (HN2), and T-APT4, the group is considered one of the oldest national-state groups, going as far back as 2012. In January 2020, the group was found to be infecting Android devices with malware through the Play Store.
In another attack reported in February 2022, SideWinder was observed collaborating with another group called ModifiedElephant and targeting unsuspecting users by planting incriminating evidence on their devices.
In June of last year, the group’s custom tool, SideWinder.AntiBot.Script, was used in previously undocumented phishing attacks against Pakistani organizations. The group was also linked to an attack on the Maldivian government in 2020.
Like many others, SideWinder also uses spear phishing as its initial attack vector, sending phishing emails containing malicious attachments or URLs to victims. Two of these campaigns featured emails in which the group impersonated a cryptocurrency firm, said Group-IB.
If a user clicks on the link attachment, a malicious document, an LNK file, or a payload is subsequently downloaded onto their computer. The LNK file downloads an HTA file, which then downloads the payload. This payload could be either a remote access Trojan (RAT) or an information stealer, according to Group-IB’s technical analysis.
Further, two new custom-made SideWinder tools discovered by Group-IB during the campaign were SideWinder.RAT.b, a RAT, and SideWinder.StealerPy, an info-stealer.
The info-stealer is capable of collecting Google Chrome browsing history, credentials saved in the browser, the list of folders in the directory, meta-information, the contents of docx, pdf, and txt files and more.
The APT group’s motive seems to be linked to India’s cryptocurrency market, Group-IB’s report speculates.
“Interestingly, Group-IB analysts discovered two phishing projects mimicking crypto companies. SideWinder’s growing interest in cryptocurrency could be linked to the recent attempts to regulate the crypto market in India.”
However, Group-IB cannot confirm how many, if any, of these phishing campaigns were successful. Nevertheless, users and organizations must take precautions against SideWinder’s attack, starting with the following steps:
Keep your software up to date: Make sure your operating system and all your software are up to date with the latest security patches. This will help protect you against known vulnerabilities that could be exploited by SideWinder.
Use strong passwords: Use complex and unique passwords for all your accounts and enable two-factor authentication whenever possible. This can help prevent unauthorized access to your accounts and make it more difficult for SideWinder to gain access.
Be cautious of phishing emails: SideWinder often uses phishing emails to trick users into clicking on a malicious link or downloading a malicious attachment. Be cautious of emails from unknown senders, and do not click on links or download attachments unless you are sure they are safe.
Use anti-malware software: Install and use anti-malware software to help detect and prevent SideWinder attacks. Make sure your anti-malware software is up to date and set to automatically scan your system on a regular basis.
Limit access to sensitive information: Limit the number of people who have access to sensitive information, and use encryption to protect data that is transmitted or stored.
Train employees:Train employees on how to recognize and avoid SideWinder attacks. Educate them on safe browsing habits, how to identify phishing emails, and the importance of keeping software up to date.
SSL Checker helps you in troubleshooting common SSL issues and SSL endpoint vulnerabilities. With the free SSL certificate checker tool, just you need to submit the domain name or IP address along with the port number to analyze the configuration and security of the website.
These diagnostics tools help you in finding vulnerabilities in SSL Suites, Weak Ciphers, and protocols. SSL analyzer tools make sure that your SSL/TLS certificate is installed correctly and doesn’t give any errors to users.
How SSL Works
The SSL markets continue to grow, according to the new report, 80% of the web page that loads in Chrome and 70% of the page that loads on Android devices are with HTTPS.
Free SSL Checker Tools & Keywords
SSL Labs
In-depth scan Ciphers, Protocols Certificate status
Here is the list of the Ten Best SSL analyzers that save you hours of troubleshooting time and headaches.
SSL Labs
SSL Security Test
SSL certificate Decoder
COMODO SSL Analyzer
Certificate Analyzer
DigiCert SSL Checker
AppSec SSL Analyzer
GocertsSSL
SSLShopper
Cheap SSL Checker
OpenSSL & SSLyze
testssl.sh
SSL Labs
The SSL Labs is powered by Qualys, with the tool you can check your website for certificate and configuration and your browser for SSL installation.
You can start the analysis by just entering the domain name or the Ip address of the target server, it runs an in-depth scan and provides you with a detailed analysis report.
The report details the certificate installed, serial numbers, Certificate Transparency, Revocation status, Signature algorithm, DNS CAA, certification path, ciphers, protocols, and Handshake Simulation.
It also checks for the possible subdomains of the domain, chain, and vulnerabilities like heartbleed and POODLE OVER TLS.
Also, it do checks for standard Industry practices such as CAA, Support for TLSv1.3, Ciphers, HSTS, and other standard practices.
SSL certificate Decoder
The decoder link powered by Namecheap is the best source for all your SSL-related troubleshooting needs.
It contains an SSL Checker, SSL Converter, CSR Decoder, DCV checker, Certificate & key checker, and decoder. link is a single-stop solution for all of your digital certificate needs.
COMODO SSL Analyzer
Gives you a crystal clear report that Certificate Details, status, web server software used, Protocol Versions, Ciphers, and Protocol Features.
Its clean design and rapid response are the advantages of this SSL Checker, by default it checks with port 443, but you can change it.
Certificate Analyzer
The Certificate Analyzer is powered by Trustwave, all you need is just to enter the domain name and the port number and click on test my server.
It does a basic installation check and provides you with a report about the certificate installed on the server.
DigiCert SSL Checker
DigiCert SSL Checker OR Symantec SSL checker (Acquired) helps you in locating the problems with the installed SSL certificates and also checks for certificate status, Expiration, ciphers, andcommon vulnerabilities.
It’s a simple tool, if you want to check the installation with port 443 then just need to enter the domain name alone, if it is for the port number, then you need to provide the port number also like domain.com:8443.
AppSec SSL Analyzer
Like other SSL checkers, AppSec is not web-based, you can download and launch the application from your computer.
It checks for the domain and/or IP address, and tests vulnerabilities related to the encryption algorithms. The latest version is AppSec Labs SSL Analyzer version 2.0.
GeocertsSSL
GeocertsSSL SSL checker is yet another simple SSL installation checker that checks for the certificate chain, DNS,and Certificate Common Name.
It also includes tools such as a CSR decoder, Certificate decoder, and certificate key matcher. All you need is just to enter the domain name, and port number and click on search.
SSLShopper
With the SSLShopper SSL Checker tool, you can diagnose installation problems with the SSL installation and it helps you to make sure that certificate is correctly installed, valid, and trusted.
It also tracks the server type and the IP address of the domain, along with the chain. To use the SSL Checker with the port you just need to enter the server’s hostname.
Cheap SSL Checker
The Cheap SSL Checker is a simple SSL checker tool that verifies the SSL installation details such as common name, issuer, validity, server type, certificate chaining, etc.
To run the scan simply you need to enter the IP address or the domain name.
OpenSSL & SSLyze
You can also use the following OpenSSL command to run an installation check
SSLyze is the Fast and Complete SSL Scanner to find Misconfiguration in the servers configured with SSL.
sslyze –regular domain.com
testssl.sh
It is a free command line tool that checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and more.
Final Words
With SSL Checker you can diagnose all the issues related to issues and ensure the certificate is installed correctly on the server.
With Hogwarts Legacy becoming the popular game it was expected to be, online criminals have resorted to old tricks to get users clicking.
Hogwarts Legacy, the much-anticipated Harry Potter video game, has finally landed on major gaming platforms. But, as with all games like this, it comes with a steep price tag, so it’s no surprise to suddenly see websites peddling “cracked” versions of the game for free.
These sites are easily accessible via a quick Google search.
“hogwarts legacy crack” sample search result by Google (Source: Malwarebytes | Stefan Dasic)
Cracked games are games that are rendered playable due to tampering or file modification. They’re also generally available for free. Essentially, they’re pirated games, which is illegal in some states. Malware Intelligence Analyst Stefan Dasic looked into the above websites claiming to share the cracked PC version of the game.
One website, games-install[.]com, asks users for an activation key once they’ve downloaded the “game”. In order to access the key, the site says the user must verify themselves via a survey.
Everything falls apart at that point. Either the survey leads to a dead end, or ask users to enter their data, such as a phone number. Suffice it to say the website is a survey scam.
This is what happens when you try and download a “free” version of Hogwarts Legacy (Source: Malwarebytes | Stefan Dasic)
Dasic said the sites from the above screenshot all resolve to gameportpc[.]ru, which redirects to changing sites that are seen hosting a file named Hogwarts_Legacy_Setup.exe.
When users click the “Download” button, they find that they have downloaded a copy of the legitimate 7-Zip file compression program.
If you visit the same gameportpc URL, however, the downloaded filebecomes a Trojan dropper, which then drops adware.
Malwarebytes detects the Trojan and adware as Trojan.Dropper and Adware.Agent.Generic, respectively. We also block the websites we’ve seen pushing fake Hogwarts Legacy game cracks.
A new render based on a CAD model reveals Apple’s forthcoming iPhone 15 Pro details. Also, another leaked image shows off the device’s USB Type-C.
Yesterday, 9to5Mac claimed to have obtained exclusive renders of the iPhone 15 Pro, showing several minor design changes.
For example, the iPhone 15 Pro’s front-facing glass now curves around the edges to create a more seamless transition to the frame. Similarly, the frame’s edges are now more curved to look like the 14 and 16-inch MacBook Pros and the M2 MacBook Air.
Besides making the iPhone easier to hold, the new curved edges could also prevent accidental touches. But that’s not all.
The render shows a similar camera layout as the current iPhone 14 Pro models. However, it also indicates a thicker camera bump than the current flagship devices. This suggests that Apple could upgrade the iPhone 15 Pro’s camera system with new lenses or sensors.
According to the render, Dynamic Island is still on the iPhone 15 Pro, and the side buttons appear capacitive. Despite the thinner bezel, we’re still expected to get the same 6.1-inch display — but in a slightly smaller body.
So, the switch from Lightning port to USB-C is perhaps the most exciting change in 9to5’s render of the iPhone 15 Pro.
An iPhone 15 Pro With a USB Type-C Charging Port
The render shows what looks like a USB-C port, marking a significant change from Apple’s proprietary Lightning connector. This information aligns with another leaked image provided to MacRumors and later shared on Twitter by Unknownz21.
According to the leaker, Apple could replace the E75 Lightning Controller with an E85 Port Controller as part of its transition to USB-C. Besides showing the port, the leaked image confirmed the minor design changes from 9to5Mac’s render. However, it suggests that Apple could use titanium instead of stainless steel.
Although the design changes reportedly focus on the iPhone 15 Pro models, the entire iPhone 15 lineup is expected to get the port update. It includes the iPhone 15, iPhone 15 Plus, and the iPhone 15 Pro Max.
The Xiaomi 13 Lite surfaced quite recently in real-life images, and now the device appeared in renders, courtesy of Roland Quandt. These Xiaomi 13 Lite renders show us the phone in all color options, actually.
The Xiaomi 13 Lite has just surfaced in all color options
We still don’t know what will their official names be, but these are black, blue, and pink color variants. As suspected, the Xiaomi 13 Lite will essentially be a rebranded Xiaomi Civi 2, design-wise, at least.
The phone will have a flat display, with thin bezels, and a pill-shaped camera hole at the top. Its physical buttons will sit on the right-hand side, while you’ll notice three cameras on the back. Don’t expect Leica lenses to be a part of the package, though, even though they are included in the Xiaomi 13 and 13 Pro.
The Snapdragon 7 Gen 1 SoC will be included, along with a 120Hz display
These images clearly confirm that the Snapdragon 7 Gen 1 will fuel the device. The phone will include a 120Hz AdaptiveSync AMOLED display, and a 50-megapixel main camera. That much is confirmed.
Based on this info, we can easily figure out that the specs will be the same as on the Xiaomi Civi 2, if not identical. So, we’re expecting a 6.55-inch panel here, with a 120Hz refresh rate. The Gorilla Glass 5 will protect that panel.
In terms of RAM, the Xiaomi Civi 2 comes in both 8GB and 12GB RAM variants, but we’re not sure the Xiaomi 13 Lite will be available in both flavors. We’ll have to wait and see. We do know that the base model will include 128GB of storage and 8GB of RAM, and that it will cost €499. That is the info that the tipster shared, along with the images.
A 50-megapixel main camera will sit on the back, while 67W charging will be supported
Now, in addition to that 50-megapixel main camera, we’ll also get a 20-megapixel ultrawide unit on the back, and a 2-megapixel macro camera. Two 32-megapixel cameras will sit on the front side.
A 4,500mAh battery is also expected, and the phone will support 67W wired charging. The charging brick will be included in the package. Don’t expect wireless charging to be on offer, though. This handset may launch during MWC 2023, along with global variants of the Xiaomi 13 and 13 Pro.
Figure 6: Google open redirect 
Figure 7: Twitter open redirect
