Samsung showered millions of Galaxy users with love this week by releasing the One UI 5.1 update. Debuted with the Galaxy S23 series earlier this month, the new One UI version has been rolled out to the Galaxy S22, Galaxy S21, Galaxy S20, Galaxy Z Fold 4, Galaxy Z Flip 4, Galaxy Z Fold 3, Galaxy Z Flip 3, Galaxy S21 FE, and Galaxy S20 FE over the past couple of days. The company has now taken out time to officially announce the update.
In a Samsung Newsroom post, The Korean firm talked about the major new features that One UI 5.1 brings to Galaxy devices. The latest iteration of Samsung’s custom Android software (based on Android 13) adds to your Galaxy experience with several new features and improvements. It brings Expert RAW, the company’s flagship-grade camera app, closer to the stock camera app so you can quickly switch between the two as and when needed. You also get more options to play with in the default camera app.
Elsewhere, Samsung has added English support for Bixby Text Call. This feature transcribes audio calls in real time. Samsung Notes also allows collaboration during a Google Meet conference, while Gallery adds a Shared Family Album that makes it easier to share photos and videos with up to six family members. New editing features let you remaster photos the way you want.
You can even edit downloaded GIFs to improve clarity and resolution. Other highlights include a new dynamic weather widget, improved Modes and Routines, improved AR Zone and AR Emoji, and enhanced connectivity for the Galaxy ecosystem.
One UI 5.1 will roll out to more Galaxy devices
Samsung has been rather quick with its One UI 5.1 rollout. The company has already seeded the new One UI version to over a dozen Galaxy models, at least in some markets. Over the next few days, it will expand the release globally, including in the US. Moreover, the Korean firm will also release One UI 5.1 for more devices. The Galaxy Note 20, Galaxy Z Fold 2, and some Galaxy A series mid-rangers should get the update. Some features may be missing on certain models, but the majority will reach all.
“One UI 5.1 is the up-to-date example of Samsung’s commitment to providing Galaxy users with the latest innovations as soon as possible,” said Janghyun Yoon, the Korean firm’s EVP and Senior Executive of the Software Office. “Over the past several weeks, we worked closely with our service providers and carrier partners to bring One UI 5.1 to current Galaxy smartphones and tablets around the world within a few short weeks of the launch of the Galaxy S23 series”. We will keep you posted as the updates arrive.
You’ve undoubtedly heard a lot about Dolby Vision in the past few years. As we’ve seen more TVs and even monitors adding support, as well as smartphones and tablets. But what exactly is Dolby Vision? And is it something you have to have on your next major purchase (that has a display).
Here, we’re going to tell you everything you need to know about Dolby Vision HDR.
What is Dolby Vision?
To keep things simple, there’s really only one advantage that Dolby Vision has over HDR10, and that is the dynamic metadata to the core HDR image data. This metadata carries scene-by-scene instructions that a Dolby Vision-capable display can use to make sure it portrays the content as accurately as possible.
TVs that are capable of Dolby Vision combine the scene-by-scene information received from the source with an awareness of their own capabilities in terms of brightness, contrast and color performance.
Compared to HDR10 content which only delivers static metadata to your HDR TV. This metadata is relatively basic ‘global’ information on the content being shown. It also can’t provide a display with updates on how each specific shot or scene should be shown. HDR10 doesn’t carry the same facility for continually optimizing the picture to the capabilities of the screen its showing on either.
Basically, Dolby Vision gets more metadata that changes dynamically, giving it access to a greater creative palette. Which in turn allows it to provide a much better picture than traditional HDR.
Does it deliver better pictures?
In short, yes. It does.
Some tests have shown, compared to HDR10, that Dolby Vision has more tone definition in bright areas. Also more balanced, nuanced, and natural colors right across the spectrum. There’s better contrast range management and a greater sense of detail. That’s probably because of the color and light management improvements.
Of course, it really depends on what you’re watching and how you’re watching. Some tests have shown that physical media on 4K Blu-ray discs are flat with Dolby Vision, and look better using just HDR10.
But if you are streaming content from Netflix, Amazon Prime Video and others, you’ll likely have a much better experience with Dolby Vision.
How can you watch Dolby Vision content?
If you’re just streaming content from different streaming services, then all you need is a TV that supports Dolby Vision and a streaming device that also supports it. A good number of TVs do now have Dolby Vision support included. These include:
There’s also a number of 4K Blu-ray players and A/V receivers that also support Dolby Vision. So it’s not hard to find something that supports Dolby Vision to add to your setup. But which streaming services have Dolby Vision?
Currently, some titles on Netflix, Amazon Prime Video, HBO MAX, Disney+ and Apple TV+ are shot in Dolby Vision. That will expand in the coming years as Dolby Vision becomes even more popular.
Which brands do not support Dolby Vision?
Surprisingly, Samsung is one of the only brands that does not support Dolby Vision on its TVs. It’s even more surprising, because most of its recent flagship smartphones do support it. But the reason for this is because Samsung is actually backing a royalty-free version of a dynamic metadata HDR system called HDR10+.
You’ll notice that products with Dolby Vision and even Dolby Atmos included are more expensive. That is because of the royalty that brands have to pay to Dolby for this system and to use the name Dolby Vision on its product. It’s unclear how much companies are paying Dolby for royalties, and it likely depends on the size of the company too.
What content is available in Dolby Vision?
So what kind of content is available in Dolby Vision? There’s actually quite a few movies and TV shows available in Dolby Vision. There are two different kinds of movies that are available in Dolby Vision. First, those that were shot originally in Dolby Vision, and second those that were upgraded and remastered to Dolby Vision later on. You’ll find some very old Disney movies that are in Dolby Vision, that were made before Dolby Vision was a thing.
Here are some titles that are available in Dolby Vision:
The Batman (2022)
Ted Lasso
Turning Red
Dr. Brain
Cowboy Bebop
Foundation
Swan Song
Tick, Tick, Boom!
The Harder They Fall
Long Way Up
And more…
Apple has actually gone all in with Dolby Vision for TV+. Which is a bit surprising, considering Apple usually likes to make their own standard. But everything available on Apple TV+ does support Dolby Vision which is great. Also keep in mind that the iPhone 12 and later also shoot HDR videos in Dolby Vision.
Which smartphones and tablets support it?
We’re slowly starting to see more and more smartphones and tablets coming out with support for Dolby Vision as well as Dolby Atmos. Of course, it’s a bit more important on tablets. But here’s the list of smartphones and tablets with Dolby Vision support right now.
Smartphones
Xiaomi 11
Xiaomi 11 Pro
Xiaomi 11 Ultra
Apple iPhone SE
Apple iPhone 12
Apple iPhone 12 Mini
Apple iPhone 12 Pro
Apple iPhone 12 Pro Max
Apple iPhone 13
Apple iPhone 13 Mini
Apple iPhone 13 Pro
Apple iPhone 13 Pro Max
LG G6
As you see, very few smartphones support Dolby Vision, especially on the Android side. The only manufacturer that was really supporting it on every flagship, ended up leaving the market. And that was LG.
Tablets
Amazon Fire HD 10
Apple iPad Pro
Lenovo Tab 2 A10
Lenovo Tab 2 A8
Samsung Galaxy Tab S8 series
The future of Dolby Vision
So what’s next for Dolby Vision HDR? Well, Dolby itself wants to get this version of HDR in front of more eyes. We’re seeing more and more Dolby Cinemas opening up, here in the US, the majority of them are with AMC. And it provides a really incredible experience. With Dolby Vision and Dolby Atmos on the big screen.
The current HDR landscape is super confusing right now, and that likely won’t change. There’s HDR10, HDR10+, HLG, Dolby Vision, just to name a few. And we are probably going to see a bit more coming, especially with the IMAX Enhanced standard on its way.
What are Dolby theaters?
It’s not just TVs that have support for Dolby Vision HDR either. There are also Dolby theaters. AMC has a number of Dolby Cinemas throughout the US. And there is a dedicated theater in Los Angeles as well. The Dolby Cinema uses Atmos. As well as Vision. Giving you a great visual experience and a great audio experience.
If you haven’t tried watching a movie in a Dolby Theater yet, you should definitely try it. Once you do, you won’t want to go back to watching movies in a regular theater. If you are a member of the AMC A-List, you can actually watch movies in the Dolby Cinema as part of your subscription. This is great news, seeing as Dolby Cinema movies are generally a few bucks more. In my experience, they have been around $15-$18 depending on location. But with A-List, you can watch three movies per week for only $19.95 per month. So watch two movies and it pays for itself. Which is really cool.
Dolby Cinemas and theaters are likely to become a much more popular thing in the future too.
What is Dolby Vision IQ?
So what’s next? Well there’s Dolby Vision IQ. Which was announced at CES 2020. This is essentially a development of Vision, which is designed to optimize how content looks according to the brightness of the room your TV is in.
This means that Vision content, regardless of its overall brightness, should be easier to watch. Unlike those last few episodes of Game of Thrones, which were very dark. And really only looked okay on an OLED TV.
Additionally, if you switch from a bright live sport to a darker TV show, the TV will be able to adjust accordingly, giving you the best picture possible.
Apple Rewind. Like Spotify Wrapped, right? No, not really. Spotify keeps things under wraps and surprises you with stats at the end of the year, while Apple Rewind is a feature that lets you check what you are listening to most at all times.
Kind of redundant, since you’d be doing it in real time, but hey — remember that you can do it for the entire year! As in, if you feel like checking your playlist history from months ago, through this feature you can do that, so it’s not that surface level.
And if that got you interested in checking it out, you can do that right now. Apple Rewind for 2023 is live now, and it allows you to check pretty much what you are expecting: top songs, albums, artists and so forth. But it also starts automatically drafting you a playlist with your most played songs of the year, which is always neat.
Remember that your detailed listening habits are only available on the Apple Music website.
If you want to check out your very own playlist, you can open your Apple Music app, then under the Listen Now tab. At the very bottom, you should be able to see all of the yearly playlist that the service has drafted for you, ever since you were a subscriber and as far back as 2015, when Apple Music initially launched.
At the end of the year, however, Apple will give you a quick hit of dopamine and release a more in-depth overview of your musical journey. If you’d like to follow how the entire process is going, you can check back with the website every Monday, as usually the data is refreshed every Sunday.
9to5Mac also reminds that you’ve had to have reached a certain threshold of listening activity in order for the feature to kick in for your account. In other words: If you aren’t seeing anything by next Monday, you might want to add “Listen to more music” to your list of goals to achieve in 2023.
The cybersecurity researchers at Sucuri recently discovered a critical backdoor that has managed to infiltrate thousands of websites over the past few months.
A group of threat actors who are responsible for a malware campaign called “black hat redirect” has increased the scope of their operation by incorporating more than 70 fake domains that imitate URL shortening services.
The attackers have managed to infect a significant number of websites with this malware, with the current count surpassing 10,890.
Visitors are Being Directed to Hacked Sites
The primary goal of the operation remains ad fraud, which involves the use of illicit techniques to artificially boost the volume of traffic to web pages featuring AdSense IDs and Google ads. This activity is carried out with the intent of generating revenue through fraudulent means.
Recently, various Google products such as Google Ads, Google Home, and Google Drive have been used to disseminate malware and other harmful components. This has been confirmed as a factual occurrence and has raised concerns about the security and safety of these products.
GoDaddy’s subsidiary company first revealed the malicious activity in November 2022, after the company was acquired by the GoDaddy corporation.
This campaign began in September last year and is redirecting visitors to compromised WordPress sites to fake question-and-answer portals. This is a potential threat to the security and privacy of individuals who may unknowingly disclose sensitive information.
Apparently, this aims to increase the authority of spammy sites in search engines so that they will appear higher in search results.
Similar to the previous malware attack, it has been observed that the latest wave of malware is also attempting to redirect internet traffic through Google searches. By doing so, the attackers aim to make the redirected traffic occur legit.
Abusing URL Shorteners
Sucuri detected that all of the infected websites were using the WordPress content management system. As a result of this, legitimate files on the websites had been corrupted with an obfuscated PHP script.
The latest campaign has a significant feature that sets it apart from previous ones. In their redirects, it makes use of Bing search result links, Twitter’s link shortener service, and Google as well.
The campaign’s utilization of these services suggests a strategic move to evade detection by security measures. This indicates an expansion of the threat actor’s footprint.
Attack Analysis
Sucuri researchers have recently discovered more than 75 pseudo-short URL domains that are associated with redirected traffic. This discovery has been made over the course of the last two months.
It is important to highlight that the majority of malicious URLs discovered are linked to a single URL-shortening service. All the low-quality Question2Answer websites are completely related to cryptocurrency or blockchain technology.
It has been suggested that these advertisements may be part of an intentional pump-and-dump ICO fraud where new cryptocurrencies are advertised.
Despite the lack of conclusive evidence, researchers are confident that the main aim of ad fraud is to artificially boost website traffic in order to display Google ads and generate revenue through AdSense ID.
These malicious websites have been known to inject obfuscated code into critical files, such as wp-blog-header.php. This code can cause harm by manipulating the behavior of the affected website and potentially compromising the security of its users.
In order to ensure that the malware is not detected and disinfected, this code acts as a backdoor. In an effort to conceal itself, the malware adopts the strategy of pausing redirections for a period of 2 to 6 hours whenever an administrator logs in or a user visits an infected site.
This makes it difficult for website administrators to detect the presence of the malware, as its activity is temporarily suspended during these instances. In order to hide the malicious code, Base64 encoding is used.
AdSense IDs Used
Here below we have mentioned all the AdSense IDs that are used on the websites that are infected:-
Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors
The Patch Tuesday roundup from Microsoft for February 2023 includes three zero-days. Not exactly what we had in mind for Valentine’s Day.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. As far as we can tell, only two of the vulnerabilities were actually exploited in the wild.
The zero-days patched in these updates are:
Graphics component
CVE-2023-21823: A Windows Graphics Component remote code execution (RCE) vulnerability. An attacker who successfully exploited this vulnerability could execute commands with SYSTEM privileges.
Important to note here that this update comes from the Microsoft Store. So users that have disabled automatic updates for the Microsoft Store have to get the update through the Microsoft Store by following the guide titled Get updates for apps and games in Microsoft Store. Be sure to select the tab for the operating system installed on your device to search for updates.
The Microsoft update guide for this vulnerability specifically mentions OneNote for Android. At Malwarebytes, we’ve recently seen ASyncRAT campaigns using malicious OneNote (.one) attachments, so we hope to see that this update puts an end to that method of infection.
Microsoft Publisher
CVE-2023-21715: A Microsoft Publisher security features bypass vulnerability. An attacker who successfully exploited this vulnerability could bypass Office macro policies in Microsoft Publisher which are used to block untrusted or malicious files. The attack itself has to be carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer.
Although that makes it sound hard to abuse, Microsoft says it has detected exploitation of this vulnerability.
Windows Common Log File System Driver
CVE-2023-23376: A Windows Common Log File System Driver elevation of privilege (EoP) vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This means it can be very useful in a chain of vulnerabilities, but Microsoft gives no clues about any other vulnerabilities this EoP has been used in combination with.
Other patched vulnerabilities
Exchange Server: included are patches for three remote code execution flaws that are labelled as likely to be exploited. These vulnerabilities listed as CVE-2023-21706, CVE-2023-21707, and CVE-2023-21529 all require authentication.
Microsoft Word: an RCE vulnerability listed as CVE-2023-21716 with a CVSS score of 9.8 out of 10. An unauthenticated attacker could send a malicious email containing a Rich Text Format (RTF) payload that would allow them to gain access to execute commands within the application used to open the malicious file.
Unpatched
Microsoft has also disclosed a vulnerability listed as CVE-2023-23378 in the end-of-life (EOL) application Print 3D. EOL is an expression commonly used by software vendors to indicate that a product or version of a product has reached the end of usefulness in the eyes of the vendor. Print 3D was deprecated along with Windows 10 version 1903.
Microsoft has confirmed that it will not release a patch to fix the vulnerability and that customers should update to the 3D Builder app.
Other vendors
Other vendors have synchronized their periodic updates with Microsoft. Here are few major ones that you may find in your environment.
While Google Lens hasn’t been the talk of the town for several years, Google has been keeping up with it by delivering updates to it. Also, the company has been integrating the service into several of its other products such as Google Photos and the Chrome browser for desktops. So, in case you want to know the best uses for Google Lens, here’s a useful guide. It’ll be full of the basics and it might involve some stuff you didn’t know.
What is Google Len?
On the off chance that you’re unaware of what this is, here’s a little refresher. Google Lens is Google’s AI-powered camera application. It is separate from Google’s primary camera that centers around taking photos and videos. Google Lens is an application that’s meant to scan and ascertain what you see through the viewfinder and give you search results and additional context based on it.
You can point your phone at a cat, and Lens will tell you what type of cat it is. It was introduced during Google I/O 2017, and the company has been finding more ways to squeeze it into other Google products.
If you own a Pixel device, then you should have it integrated into your Google Search bar. Just tap on the camera icon in the bar. If you don’t have it integrated, you can download the standalone app from the Google Play Store. You can also use Lens on iOS by downloading the Google app on your iPhone or iPad and using the Len integration.
You can use Google Lens to do a lot of stuff, and most don’t really realize that. When you open the app, you’ll see a bit of an overview of the things that you can do.
Basic Google search
So, the core function of Google Lens is to search. It’s like putting a Google Search bar in the real world. When you open the Google Lens app, it will open right to the search function. Just tap on the Search with your camera button on the top half of the screen, and you’ll see the viewfinder expand to fill the screen.
You’ll then point your camera at what you want to search. When Lens scans the object, it will do a Google search on what it sees. You’ll get better results with more generic objects, animals, public figures, etc. So, if you see a certain flower, car, etc., you’ll be able to do a search.
Copy text from the real world
Say, you see a bit of text in the real world that you want to copy to your phone’s clipboard. Well, Google Lens will scan the text that’s in the viewfinder and allow you to copy it. The app will highlight all of the text that it sees. All you have to do is take a picture and pick which text you want to copy.
Instantly go to link
This functionality also lets you go straight to links that you see printed in the real world. Say, you see a business card with a person’s website printed on it. Well, if you scan it with Google Lens, you’ll be able to navigate right to that site on your phone. That saves you the trouble of typing it in yourself.
Real-time translation
One of the most impressive features of Lens is the ability to point the camera at any text that you want to translate. You can take a picture of the text, but the app will also translate the text right in the viewfinder in real-time. You’ll see the translation floating above the original text.
Find prices and where to products you see in the real world
Say, you see a dress or a phone out in the world, and you want to know where you can buy one, Lens makes that process easier. Using the Shopping tab, all you have to do is take a picture. At that point, Google will give you a ton of results showing you prices and how to buy the product.
Now, things get pretty hairy when you’re talking about products. When looking up products, Google will give you a bunch of results that look similar to what’s in your viewfinder, but there’s no guarantee that you’ll see the exact products you’re looking for. For exact results, the product will need to be something extremely distinctive.
Search for landmarks
If you need to know the name of a statue, building, mountain, or other notable landmarks, you can do so with Lens. Just point the camera at it, and you’ll see a little pin pop up over the landmark. It will tell you what it’s called. If you want more information, tap on the pin, and it will show you a Google search for it.
Identify food
That dish on TV looks delicious, but what is it? We often ask that question. All you have to do is point your phone at the food, and the app should be able to tell you what dish it is. As always, Google Lens will offer you extra context via search results.
This is neat if you want to know more about the dish like its origins. Also, you’ll be able to quickly look up recipes for it.
Help with homework
If you’re doing an assignment, and you need some assistance, you can scan the problem that you’re working on. Google will then give you search results on what it scans, and you should be able to find some helpful material. If it’s a math problem, Google will actually teach you how to do the problem. You’ll see the process of how to do the problem along with the answer at the bottom.
Scan QR codes
This one’s pretty self-explanatory. All you have to do is point your phone at the QR code that you want to go to. It will show the link for you to follow over the code.
Search for visual matches
If you take a picture of something, there’s a chance that someone else in the world has taken a picture that looks similar to yours. Whether it has a similar object in it, a similar color aesthetic, etc. When you take a pic, you’ll get results of other pictures posted to the internet that resembles yours.
Scan your pictures
You can do a lot with Google Lens through the viewfinder, and you can do all of the same stuff with pictures that you’ve already taken. When you open the app, you’ll see a grid with pictures you’ve taken on your phone. Just tap on the photo that you want to scan and the app will do it for you.
Hopefully, with this guide, you’ll be more inspiration for you to use Google Lens. It’s really a useful tool that might help improve your smartphone experience.
Microsoft’s new Bing chat powered by ChatGPT, has a browser compatibility requirement. You need to be using Microsoft Edge. It’s not a surprising move, as Microsoft wants more people to switch from Google’s beloved Chrome to Edge. And the AI-powered Bing chat is how it plans (or hopes) to convince people to make the switch.
At least, that’s the deal for now. There is of course another caveat or two to contend with. Right now Bing chat isn’t available to everyone. Not even people who use Edge. Microsoft officially announced the new tool last week and has since begun allowing users to sign up for access via a waitlist. Noting that multiple millions have already signed up. You currently need an invite to use the tool. So if you haven’t signed up yet, that should be your next course of action.
Though there’s no telling how long the wait may be. Microsoft says more than a million people signed up within the first 48 hours of access. And invites just started rolling out on February 14.
Bing chat browser compatibility will eventually open up
For now, you’ll need to use Edge if you want to access and converse with the new AI Bing chat. But it won’t be that way forever. Microsoft has confirmed that it will eventually open up the compatibility to other browsers. Which likely means Chrome, Opera, Firefox and others.
However, there is still a question of timing. Microsoft hasn’t said when it would make the new Bing chat available to other browsers. Just that it would. Some things to keep in mind though. Outside of Edge, you may need to set Bing as your default search. Currently, you can speed up your wait time in the signup queue by doing two things. One of which is setting Bing as your default search.
Although it isn’t required to set Bing as your default, Microsoft is clearly using it as a way to convince users. The signup queue is in the millions. Bypass that by setting Microsoft tools as your defaults. Seems pretty straightforward. With that in mind, when Bing powered by ChatGPT finally makes it to other browsers, it’s not too hard to believe that Microsoft would require those users to set Bing as a default if it wants access to the tool.
The recently concluded holiday shopping season may not have been as auspicious for the global smartphone market as we’ve come to expect over the years, but for some reason, the music streaming industry doesn’t appear to be suffering any consequences of a tough economic climate around the world.
Not yet, at least, and not as far as said industry’s heavyweight champion is concerned, with some of Spotify’s key success indicators actually surging higher than originally anticipated during the final quarter of 2022 compared to both the same period of 2021 and last year’s third calendar quarter.
There are now 205 million people worldwide paying for Spotify’s “Premium” service tier, up no less than 10 million from Q3 2022 and a cool 25 million versus Q4 2021. How does the new milestone compare to the competition? Unfortunately, there’s no way to know… for sure.
That’s because Apple effectively stopped making those kinds of figures public back in 2019, when around 60 million people were subscribed to the company’s paid Music platform. Of course, many unofficial guesses and estimates followed, with one from 2021 boosting that number to 78 million and one from last year circling 88 million.
What’s crystal clear is that Apple Music still has a loooooong way to go before hoping to catch up to Spotify’s usage digits, which also include 295 million ad-supported monthly active users (up from 273 million in Q3 2022) and a grand total of 489 (!!!) million Q4 2022 MAUs, representing a massive increase from 456 million the previous quarter and 406 million in Q4 2021.
It’s equally true that Apple is very clearly prioritizing the profitability of its “Services” division as a whole over the subscriber growth of each individual platform, while Spotify continues to bleed money as it brings in more and more listeners.
We’re talking a €231 million ($250 million) operating loss for the Sweden-based company behind the world’s most popular audio streaming product between October and December 2022 alone, and although things like “higher personnel costs” and “higher advertising costs” are blamed for this latest financial deficit, the truth is Spotify last posted a quarterly profit all the way back in 2019.
Looking ahead to the near future, Spotify doesn’t expect its financials to bounce back all of a sudden despite predicting another boost to 207 million premium subscribers and, yes, half a billion total monthly active users. Now that’s a number for the ages!
The ransomware encrypts all files on the infected system, including those in the trash bin and virtual machine files. It corrupts Windows Explorer, deletes folders and files from the start-up menu, and disables the Run Command.
Cisco’s Talos cybersecurity team has been tracking an unidentified threat actor behind a ransomware campaign that uses a variant of the Xorist commodity ransomware MortalKombat, as well as a GO variant of the Laplas Clipper malware.
The detailed advisory by Talos states that, once a computer is infected, it displays a Mortal Kombat 11 wallpaper along with a note instructing the victim to contact the attackers using qTox. For your information, qTox is an instant messaging app that is available for download via GitHub.
The email claims that the user’s payment has timed out and carries an attachment, which contains the malicious payload in a zipped file with a name that appears to be a CoinPayments transaction number.
Upon opening the attachment, a multi-stage attack chain is initiated, during which the actor delivers either malware or ransomware. The ransomware encrypts all files on the infected system, including those in the trash bin and virtual machine files. It corrupts Windows Explorer, deletes folders and files from the start-up menu, and disables the Run Command.
In case the email attachment drops Laplas Clipper alternatively, the victim’s cryptocurrency wallet is targeted. The malware monitors the computer’s clipboard for cryptocurrency wallet addresses.
If one is found, it is sent to the attacker’s server, where a Clipper bot creates a lookalike address owned by the hacker and then replaces the clipboard entry. This, according to Cisco Talos’ blog post, allows the threat actors to receive the funds that the user attempts to transfer into their own wallet.
“The loader script will run the dropped payload as a process in the victim’s machine, then delete the downloaded and dropped malicious files to clean up the infection markers.”
The campaign has reportedly been targeting individuals, small businesses, and large corporations alike in the United States, England, Turkey, and the Philippines.
The best way to protect yourself from being affected by similar ransomware campaigns is to be wary of suspicious emails from services you use. Until you ensure that the email you received is from a legitimate entity, it is highly advised that you do not click on any attachments.
Keeping the nature of this ransomware campaign in mind, Cisco Talos also encouraged companies to remain vigilant when performing cryptocurrency transactions.
Google Pay is getting a redesign, bringing a new look to the online payment app. This redesign is rolling out to users via an app update for Android devices. Along with this update comes a few tweaks to the Material You design on Google Pay to improve its interface.
Instead of rather subtle changes, the redesign brings very obvious changes to its user interface. These changes will affect how users interact with the app on a day-to-day basis. If you make use of Google Pay, then this redesign might require some work on your part.
There are changes in the positioning of buttons, icons, and tabs. Also, there is a new design layout that stands out from what users are familiar with. Here are all the new design changes to the Google Pay app.
Everything new with the Google Pay redesign
With the latest Google Pay app update, there comes some design tweaks. This update also brings Material You integration to the payment app. Major changes to the app modify the bottom bar and the overall layout.
For the new bottom bar, there is now a wave effect to indicate the menu that the user is currently on. Also, the current menu also gets the Material You theme to match the device’s wallpaper. This helps to improve the app’s user interface at a glance.
Other aspects of the redesign repositioning various buttons around the Google Pay app. The insight page also comes with redesigned tiles, all coming with Material You theming. Some buttons in the app are also slightly bigger than they were before this update.
Users of this payment app would be able to access this design improvement once they install the update. Sadly, the Google Pay app is only available to users in just three countries. In the future, more redesigns will be made to this app and will roll out to the public via the Google Play Store.
