French law to report cyberincidents within 3 days to become effective soon

andreasc
-
0
French law to report cyberincidents within 3 days to become effective soon
[ad_1]

A French law has been announced that requires victims of a cyberincident to report within 72 hours after discovery. We have heard similar proposals that may come through

The pressure on victims of cybercrime to notify authorities in a timely manner is increasing from many sides and for multiple reasons.

On January 24, 2023 France passed a law (Article L12-10-1 of the Insurance Code) that victims of cybercrime are required to report the incident within 72 hours after discovery, if they want to be eligible for compensation by the insurance for losses and damages caused by the attack. In accordance with French law these provisions come into force three months after the announcement of this law. That effective date will be April 24, 2023.

Earlier, we saw a proposal from the Securities and Exchange Commission (SEC) to amend Form 8-K to require registrants to disclose information about a material cybersecurity incident within four business days after the registrant determines that it has experienced a material cybersecurity incident. Form 8-K is known as a “current report” and it is the report that companies must file with the SEC to announce major events that shareholders should know about.

In the take-down of the Hive ransomware group the international law enforcement agencies stressed how crucial it was that victims filed timely reports about the cybercrimes committed against them.

Cyber liability insurance

Cyber liability insurance is a type of insurance policy that protects businesses from the expenses incurred after the result of a data breach, including stolen or damaged intellectual property.

It may strike us as weird that the compensation by the insurance is what’s at stake here, but it’s incorporated in US law as well. The Cybersecurity Information Sharing Act was one of the initial Federal laws passed in 2015 to enable sharing of personal information on cyberincidents. And many states have enacted their own legislation to address cyberrisks in depth, from exclusions to penalties.

Every US state has a Data Breach Notification law that must be complied with when a certain number of consumers’ personally identifiable information (PII) is compromised. A few states have added requirements specifically for insurers to notify the state’s insurance department.

Insurance companies

The amount of money involved in cyberincidents is enormous. Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

Covering these risks that amass to trillions of dollars per year is not something insurance companies will take on lightly. Their clients will have to show they were careful, protected, and diligent to be eligible for compensation. And now they will have to file a timely report.

Definitions

The French law has been criticized because some of the key definitions in the law are unclear or at least need further specification.

What a cyberincident is, in the context of this law, is rather clear, though. Accessing or remaining fraudulently in all or part of an automated data processing system, with the stipulation that when the result is either the deletion or modification of data contained in the system, or an alteration of the functioning of this system, the punishments are higher.

The responsible authority however, is unclear. Is it law enforcement, through the Ministry for the Interior’s general crime reporting portal, or does it depend on the nature of the crime? Time will tell. (This lack of clarity is also the norm in the United States, where some laws go into effect without having a clear model for how the laws will be enforced.)

Another point of discussion is put forward by 72 hours after discovery. Is this 72 hours after your log files show signs of an unauthorized access, or 72 hours after your staff was able to determine with certainty that it indeed was a security incident?

The details will undoubtedly be hammered out, but until then it seems prudent to err on the safe side.

Money talks

According to Malwarebytes security evangelist and ransomware expert Mark Stockley this kind of legislation could make a difference.

“Why? Because money talks and the foundation of combatting the ransomware problem is understanding it. That requires victims to come forward and report it. Timely reporting allows us to understand the big picture, but it also gives law enforcement the best chance to learn about the tools, techniques and practices of the attackers, and to share what they’ve learned.”

This is likely one of the reasons behind this law. As Mark continued to explain:

“Failure to report can cause serious problems: In 2017, one of the early ‘big game’ ransomware gangs, SamSam, was widely reported to be targeting government and healthcare institutions, because it seemed to attack them much more often. It later transpired that it didn’t attack them more often at all, but the government and healthcare sectors were much more likely to report an attack.”

If this new law turns out to help fight cybercrime, you can be sure that similar types of regulation will follow suit around the globe.

Communication

This new law will also affect the playbook by which an organization is going to act after identifying a breach. In most cases the investigation by internal or external experts will not have finished by the time you have to disclose that there has been an incident. This means it will likely need an extra step in your communications, where the first one will tell at least the responsible authority that something has happened. Depending on who that authority is and what form this notification has to be done in, others may have to be briefed as well.

A later communication can then disclose the details about what happened, how it could happen, and what the possible consequences are. But that type of information typically requires more investigation than you’ll be able to gather in three days.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


[ad_2]
Source link

Advanced menstrual cycle tracking is coming to the Galaxy Watch 5

andreasc
-
0
Advanced menstrual cycle tracking is coming to the Galaxy Watch 5
[ad_1]

The Samsung Galaxy Watch 5 does a great many things for a smartwatch, but advanced menstrual tracking isn’t one of them. That is however changing as today, Samsung announced that it will be adding advanced menstrual cycle tracking to the list of features the Galaxy Watch 5 offers.

Menstrual cycle tracking will be temperature-based which means big changes for the way periods are tracked using the device. Currently, it’s possible to track your period using the Galaxy Watch 5. But the capability is reliant on manual entry of data using the Samsung Health app. This method is less accurate for predictions. Going forward, this can all be done automatically, and the skin temperature tracking should provide a more accurate prediction. Of course, users should have the option to keep this disabled if they prefer.

The advanced tracking feature is powered by Natural Cycles fertility technology, as Samsung partnered with Natural Cycles to bring the feature to the Galaxy Watch 5.

Advanced menstrual cycle tracking will hit the Galaxy Watch 5 soon

This feature isn’t quite available but it will be soon. Samsung says users can expect to access it sometime in the second quarter. That means it’s only a few months away. However, the company doesn’t give an exact date of arrival. When it does launch though it will go live in 32 markets across the globe. This includes the US, UK, Korea, and many other countries across Europe.

Users can access the new temperature-based tracking capabilities from within the Samsung Health app. And it’ll be available on both the Galaxy Watch 5 and Galaxy Watch 5 Pro. The feature will be free to use, although you will need to set up the Samsung Health app initially if you’ve never used it before. For the full list of available countries where the advanced menstrual cycle tracking will be available visit Samsung’s official post.


[ad_2]
Source link

Opera is integrating ChatGPT in its browser with Shorten

andreasc
-
0
Opera is integrating ChatGPT in its browser with Shorten
[ad_1]

As the new era of browser wars continues to rage on with search giants like Google and Microsoft making their own AI chatbots, Opera is also making a big bet on artificial intelligence with the latest announcement of a new feature called “Shorten,” which uses the power of ChatGPT to generate summaries of webpages and articles.

With the addition of Shorten, Opera users will now have access to a bulleted summary of the webpage they’re looking at by simply tapping an icon located to the right of the address bar. However, Jan Standel, VP of marketing and communications, did not specify when the feature will be available when talking to The Verge. He did mention that the company is working on other ways to enhance the Opera experience with artificial intelligence. But the exact details of these additions have not been disclosed yet.

“We are excited to see the rapid roll-out of developer programs for solutions such as Google Bard, for example, and are starting to build and roll out new experiences in web browsing that not very long ago seemed impossible to achieve,” said Per Wetterdal, Opera’s head of strategic partnerships and AI.

Increasing competition in the browser market

Ever since the launch of AI tools like ChatGPT and Microsoft’s announcement of its integration into its Bing browser, search engine giants like Google, for the first time in decades, are fearing their domination. This move by Opera to incorporate AI into its browser comes in the same week when Microsoft started accepting invitations to preview the redesigned Edge browser with an “AI-powered copilot” that will be able to summarize web pages.

In response to this competition, Google also unveiled its own AI chatbot named Bard, powered by LaMDA (Language Model for Dialogue Applications). However, Bard’s debut was less than ideal as it gave an inaccurate response in the company’s demonstration, resulting in a drop in Alphabet’s stock by over 8% and a loss of $100 billion in market value in a single day.


[ad_2]
Source link

Without more U.S. subscribers to Twitter Blue, Musk might consider bankruptcy after all

andreasc
-
0
Without more U.S. subscribers to Twitter Blue, Musk might consider bankruptcy after all
[ad_1]
Just the other day Twitter CEO Elon Musk said that thanks to his purchase of the company, he has saved Twitter from bankruptcy and now has the company on a breakeven path. Still, it seems that not everything is working out as the multi-billionaire wants it to. According to The Information, only 180,000 Twitter users in the states were paying for a monthly Twitter Blue subscription by the middle of last month. That works out to about .2% of the social media site’s monthly active users.
Twitter Blue costs $8 per month or $7 per month if you pay for an annual subscription. A subscription allows you to add a blue checkmark to your account and gives you early access to new features including the Edit Tweet feature that allows subscribers to edit a tweet after posting it. Those who sign up via Apple’s App Store or the Google Play Store have to pay $11 per month or an extra $3 monthly to cover the 30% “tax” that both tech giants charge for in-app processing.
Twitter has only signed up 180,000 Twitter Blue subscribers in the U.S. - Without more U.S. subscribers to Twitter Blue, Musk might consider bankruptcy after all

Twitter has only signed up 180,000 Twitter Blue subscribers in the U.S.

Musk reportedly told Twitter employees that he wants half of the company’s revenues to come from subscriptions. However, at the current rate, Twitter Blue will bring in only $27.8 million a year which is a long way from half of the company’s 2022 revenue of $4.4 billion. To pump up subscription income, Musk is reportedly looking at adding a higher membership tier that would allow users to browse the site with no ads.

Another plan is for Musk to charge businesses $1,000 a month for a gold verification badge and an extra $50 per month for any accounts associated with the business. Considering that Twitter is paying out over $1 billion a year in annual interest costs to cover the loans that Musk took out to pay for his acquisition, a lot more Twitter users-individuals and businesses-will need to feel that it is worthwhile to lay out the money each month to become a paid subscriber.

If this becomes too difficult a task for Musk, he might feel compelled to pull the plug on his acquisition and put Twitter in bankruptcy after all.


[ad_2]
Source link

Mailchimp suffers another cyber attack

andreasc
-
0
Mailchimp suffers another cyber attack
[ad_1]

Marketing automation company Mailchimp has reported that it has been the victim of a social engineering attack-related data breach. This marks the second attack of this kind the company has suffered in less than a year. 

The breach took place on January 11 and, according to Mailchimp, involved an “unauthorized actor accessing one of [the] tools used by Mailchimp customer-facing teams for customer support and account administration”.  

Following this, the malicious actor launched social engineering attacks on Mailchimp employees and contractors used by the company. Through these attacks, the hacker was able to steal employee credentials and then used this login information to gain access to “select Mailchimp accounts”.

Mailchimp reported that the attack was targeted and limited to 133 accounts. In the wake of the attack, Mailchimp suspended access for those accounts compromised in the attack to protect users’ data, and notified the owners of the accounts of the suspicious activity. All those affected were notified by Mailchimp by January 12, and the company has been working with them to safely reinstate their accounts.

Mailchimp has not published any information on the users targeted by the attack, however evidence suggests that cryptocurrency and finance companies were the intended victims. Cryptocurrency company and developer of the Bored Ape Yacht Club NFT collection, Yuga Labs, warned its community on January 19 that it had been a victim of the social engineering attack.

In a series of tweets, the cryptocurrency company explained that its account was “one of many compromised” in the attack and specified that while the company does not frequently use Mailchimp, it wanted to warn its customers out of an “abundance of caution”. The company went on to clarify that while its data may have been accessed, there was currently no data that it had been exported.

This social engineering attack and data breach mirrors a similar attack against the company in March 2022, which also saw cryptocurrency and finance companies targeted.

Mailchimp’s 2022 data breach

On March 26, 2022, Mailchimp was the victim of a data breach following a social engineering attack. The attack saw the hackers gain access to and export data from Mailchimp accounts, which the malicious actors then used to target customers of businesses that used Mailchimp for business-related services.

Mailchimp said that the cyber security incident was “propagated by a bad actor who conducted a successful social engineering attack on Mailchimp employees, resulting in employee credentials being compromised”. 

The bad actor also attempted to send a phishing campaign to a user’s contacts from said user’s account using the information they obtained during the attack.

Mailchimp reported that 319 accounts were viewed and audience data was exported from 102 of those accounts. An investigation revealed that the businesses targeted were those within the cryptocurrency and finance industries.

As a result of the hack, bitcoin hardware wallet Trezor had an inside compromise of a newsletter database hosted on Mailchimp. Due to the compromise, its users were targeted by a malicious phishing attack on April 3, 2022.

This attack included false information about Trezor experiencing a “security attack”. It then prompted victims to download and connect their Bitcoin wallets to a Trezor suite lookalike app, in addition to entering their seed phrases into the app.

Trezor  stated: “For this attack to be successful, users had to install the malicious software on their devices, at which point their operating system should identify that the software comes from an unknown source. This warning should not be ignored as all official software is digitally signed by SatoshiLabs.”  

The company went on to say that users should only be concerned about their Bitcoin funds if they had entered their seed phrases into the malicious app. 


[ad_2]
Source link

Hisense PX1 4K UST Projector Review: Magnificent

andreasc
-
0
Hisense PX1 4K UST Projector Review: Magnificent
[ad_1]
  • Update: An earlier version of this review mentioned that this was the PX1-Pro, it is actually the PX1, which is $700 less. The review has been updated to reflect that now.

On paper, the Hisense PX1 looks decent, but I didn’t think I was going to like it as much as I have. It doesn’t get overly bright, coming in at 2,000 ANSI Lumens. I’ve checked out UST projectors that have been much brighter. But, this is another example of why you shouldn’t read to much into specs. Because the PX1 is actually quite bright.

Now, before writing this review, I used this projector for well over two months. I’ve used it in a couple different rooms in my home, to see how it works in brighter and darker rooms. So with that said, let’s see if you should spend your hard earned money on this projector.

Hisense PX1 Review: Hardware

The Hisense PX1 is a bit cheaper than some of its competitors, like the BenQ V7050i. Their retail prices are about $1,000 apart, though BenQ does have that cool motorized panel that protects the lasers when not in use. So when I first got the PX1, I figured that the hardware build quality might suffer, to hit a lower price point. I was wrong.

The PX1 does have a plastic look to it, but it is very much not plastic. Some parts are, but majority of it is aluminum. And it does look really nice sitting in my living room. On the front, you’ll find a huge speaker grille, which is great to see, since it does have Dolby Atmos support. On the top, there’s a power button, and of course the lasers. With the back being where all the ports live. Which we’ll talk about in a moment. On the bottom there are four feet that are adjustable, so you can make the picture as straight as possible.

Now as far as ports go, there’s quite a few. There’s the port for power of course, at the bottom. In addition to that, we have a Coax port for cable, Audio In, Audio Out, LAN, a USB 2 port, as well as two HDMI ports. Both of these are HDMI 2.1 ports, though only the first HDMI port is an e-ARC and HDMI 2.1 port. There’s also a few serve ports available for Hisense to work on your projector.

Hisense px1 pro projector review AM AH 3

There are only two HDMI ports here, which isn’t the best, but the fact that both are HDMI 2.1 ports is really great to see. For me, I’ve had a Fire TV Cube plugged into one port, and for the last week, the other has had a Sonos Beam 2 connected. Which means if I wanted to use one for my PS5, I’d have to unplug one, which is unfortunate.

Hisense PX1 Review: Video quality

This is a tri-laser projector from Hisense. That’s more lasers than most other projectors on the market. Which does help quite a bit with picture quality. It also uses a single DLP chip that is able to take advantage of TI’s XPR fast-switch pixel shifting, which allows it to give you a full 4K resolution. Some other projectors will claim that it is 4K, but it actually is not. With Hisense, that’s not the case.

Hisense uses red, green and blue lasers for its primary colors and rotates them through in sequence, giving you a really great picture quality here. Hisense claims that it is able to cover 107% of the gamut of the BT.2020 spec. This is a spec that was defined to target 4K projectors specifically.

Hisense px1 pro projector review AM AH 6

The PX1 is able to fit up to 130-inches of screen on your wall, and surprisingly, even at that size, there’s no issues with focus. It still looks amazing at that size. Some other projectors, once you get over 100 inches, will start to lose focus and sharpness. But not for Hisense.

Hisense PX1 Review: Audio quality

Inside the PX1, there is a 30W speaker inside, which is optimized for Dolby Atmos. That’s going to give you a really great experience. Though I did still prefer to use my setup of a Sonos Beam 2 and Sub Mini with the PX1. That’s not to say that the PX1 is not a good sounding projector, but having a dedicated Sub does make a difference.

Hisense px1 pro projector review AM AH 4

Hisense does offer sound for ARC, WiSA and on Bluetooth. So you don’t have to stick with Hisense’s own speakers. But if you don’t have a soundbar, or don’t want to buy one, then it’s not needed.

Hisense PX1 Review: Software

Like a lot of other ultra short throw projectors, the Hisense PX1 is powered by Android TV. That’s fine. Android TV is good, except when it comes to projectors. And it’s not a Google issue either, it’s a Netflix issue. You see, Netflix will only certify devices that sell a certain amount – and it’s a high number, well over a million. So just having Android TV doesn’t mean that Netflix will work. In fact, you’ll need to sideload the mobile version of Netflix, which looks bad and acts even worse on a big screen like this. Not to mention it’s a lot of extra steps to launch the app every time.

Outside of the Netflix issues, the software is pretty good. Hisense did include a good amount of storage here and RAM, compared to the Chromecast. So that won’t be an issue. But that is also why I’ve been using the PX1 with a Fire TV Cube and a Chromecast with Google TV.

Hisense px1 pro projector review AM AH 5

Should you buy the PX1?

This year, I’ve been lucky enough to review a handful of projectors, mostly UST projectors, and the PX1 is my new favorite. It beat out the AWOL Vision projector, but not by much. Even though the PX1 isn’t as bright, it does have more accurate colors, which makes the picture itself look a lot more rich and contrasty. Making it my pick. It’s also smaller, than some other projectors on the market.

You should buy the Hisense PX1 if:

  • You are looking for a nice projector to put in your living room.
  • You are looking for a projector to play PlayStation 5 or Xbox Series X games at the full 4K/120fps.
  • You want a huge screen in your living room or den.

You shouldn’t buy the Hisense PX1 if:

  • You don’t like how dim projectors are compared to TVs.
  • You don’t want to spend nearly $3,000 on a projector.

[ad_2]
Source link

Hackers Using Geotargeting Tools to Launch Attacks

andreasc
-
0
Hackers Using Geotargeting Tools to Launch Attacks
[ad_1]

According to Avanan, a Check Point Software Company, hackers are employing geotargeting tools to tailor phishing attacks to certain regions.

Geo Targetly is a legitimate online service that offers its own URL shortening service, similar to Bitly, called Geo Link. Using this service, scammers can conduct specialized attacks based on the geography and language of the victim.

How are Threat Actors Improving Phishing Tactics By Geo-Targeting Websites?

According to the researchers, in this assault, visitors are redirected through the geo-targeting platform Geotargetly, where they are presented with personalized, regional phishing pages.

Email Sent to Users in Colombia

Researchers say utilizing the user’s location, the tool is utilized to display advertisements. As a result, advertisements displayed to users in France would differ from those seen to users in the US. Hackers can now launch geo-specific phishing content and send their targets harmful emails that are regionally and linguistically tailored.

EHA

In the aforementioned example, the original email originates in Colombia, so if the user is in Colombia, they will be forwarded to a page that looks like it is from the Colombian government. This is how it goes:

https://lh4.googleusercontent.com/pdZxbYJ2HkZolnlQtpbnPmoXL-xc9xdjT4KVhT0H8RtMRNFxkwreSc2bZ29rCD4l0yQ-yIi_z7JCYL3YY06QhJVnhhiHnNzEb5Tzc40w7lXJWgr_50QL90ajMTWzoU0bZ6kq89oXmZJoJBlIsFO4AyY
Redirected to a Colombian government look-a-like page

“What is interesting is the ability for hackers to customize their attacks by region and to attack multiple users in multiple parts of the world at once”, Avanan researchers.

Hackers Utilizing the ‘Spray-and-Pray’ Method

The threat actors frequently use the ‘spray-and-pray’ method. Throw a lot of stuff at the wall and see what sticks the idea. Volume is the name of the game, and you’re hoping for a few occasional successful phishes.

“The ‘spray-and-pray’ method allows for the ability for hackers to target a large number of people at once, and ensure that it’s relevant, and localized. It’s spraying without the praying”, researchers explain.

In this case, a hacker can make a phishing link that takes users in a specific region to a fake login page that resembles the real one using the Geotargetly redirect. 

The likelihood that a user may fall for the assault is increased by this personalization. The content would be appropriate for their language and location, and the redirect is legitimate.

Hence, it is now more likely that ‘spray and pray’ tactics would succeed, enabling hackers to operate effectively on a worldwide scale.

Recommendations

Security experts can take the following precautions to protect themselves from these attacks:

  • Check URLs in email and in the browser before proceeding
  • Confirm with IT if the site is legitimate.

Network Security Checklist – Download Free E-Book


[ad_2]
Source link

Hackers are stealing millions with Trojan malware

andreasc
-
0
Hackers are stealing millions with Trojan malware
[ad_1]

Several weeks ago, I received a phone call from my friend who is a business owner and works in the cargo industry. He informed me that US$24,000 had vanished from his bank account during the previous night. The bank customer care team could not assist and suggested that my friend file a report with the police.

The funds were transferred using a mobile app. The transaction was verified via a text message and appeared to be completely legitimate. My entrepreneur friend asked me to help since I have a cybersecurity background.

However, it was too late to do anything. The hackers used a banking Trojan to steal the money. The rogue app penetrated my friend’s smartphone long before the security incident happened.

To prevent similar issues in the future, it is good to understand the tactics and principles utilized by hackers who deploy this type of malware.

The emergence of banking Trojans

Malware that can redirect incoming SMS messages, including those with TAN codes, to hackers has been prevalent for approximately 15 years. There have also been Trojans that utilize USSD commands in order to transfer money from bank cards connected to phones. However, these viruses were not as advanced as their desktop counterparts.

What is Trojan malware?

The first sophisticated banking Trojan for Android devices appeared in 2011. It was the SpyEye banking Trojan that worked in conjunction with SpyEye malware for Windows. This “teamwork” helped malefactors to trick the multi-factor authentication mechanism.

SpyEye operated as follows:

  • When the user of an infected Windows system opened a banking website in their browser, malware on the desktop computer would perform a web injection, inserting code into the webpage.
  • The modified page displayed a message stating that due to increased cyber threats, the bank has implemented new security measures and the user is required to download a small app (approximately 35 KB) onto their phone for authorization.
  • This software piece was the SpyEye banking Trojan, created to intercept incoming SMS and resend them to hackers. Although the bank website address in the browser was correct and the HTTPS connection was established, the injection happened on the user’s side.

This scheme was not perfect as malicious actors needed to synchronize the mobile app and desktop components. However, the creators of SpyEye were able to overcome this issue.

For a few months, SpyEye caused severe concern among users of banking services, but its activity gradually decreased once it was added to most antivirus databases.

The state of banking Trojans today

Eventually, IT professionals at banks gained appropriate programming skills and banking applications migrated from desktops to mobile phones as Android and iPhone apps. This made it easier for malware creators to develop mobile banking Trojans, as they no longer needed to focus on infiltrating Windows systems.

Each owner of a smartphone with a banking app installed is a potential target for banking Trojans that, like other types of malware, often masquerade as useful and popular programs. Developers of banking Trojans do not advertise their malicious capabilities, which usually do not become apparent until later or after an app update.

In one instance, a banking Trojan was disguised as a program that combined multiple client apps for several major banks. Why use multiple apps when you can download just one?

There have also been instances where malicious elements were inserted into modified versions of genuine bank apps. These apps were distributed by fake bank websites that looked exactly like the real ones.

Mobile banking Trojans can also be spread through phishing SMS messages. There are many ways to trick users. For example, malefactors may offer to buy a product from a user registered on a classified ads site. Hackers may gather personal information about the recipient through leaked user data bases, so they are able to address the victim by their name and lower their guard. Potential victims are encouraged to click on a link within the message. Once they do so, they are redirected to an intermediate page that determines their device model and mobile service provider. They are then redirected to a fake page with an MMS message composed using their mobile carrier style. Upon clicking the faux MMS button, the Trojan is downloaded.

Some older mobile banking Trojans were quite basic in their methods. If the malware needed administrator rights to run, it would continually display a window demanding those rights until the harassed user agreed. Today, hackers may use various tactics to deceive potential victims. For example, a banking Trojan may cunningly request admin privileges by showing a Google Play alert saying that the app version is outdated and there is a need to use the latest version. Once the victim clicks “Yes,” malware is granted admin privileges.

Another banking Trojan fools victims into activating Accessibility Services that offer special features for people with disabilities. Once given the necessary permissions, the malware gains admin rights. Once inside a device, the Trojan remains in memory, waiting for the mobile banking app to be launched. Upon detecting this event, the Trojan identifies the running app and displays fake login and password forms on top of the real app. The entered data is sent to the hacker’s server.

Mobile banking Trojans can contain HTML code for several dozen pages that mimic the interfaces of popular banks. After this, the banking Trojan has to intercept a one-time password sent via SMS. Eventually, it gets access to the bank account. Actual messages sent by banks are hidden from users.

If the Trojan cannot directly access the bank account, it may instead steal bank card details. Sometimes it is done with the help of false windows that ask to add a bank card to Google Play. While anti-fraud systems used by reputable websites make it difficult to make purchases using stolen card details, it is still possible to pay for small items like online games or music on less popular sites that do not thoroughly check payment details.

Inside the mind of a Bankbot

Bankbots are a subcategory of mobile banking Trojans that have the ability to receive and execute various commands on an infected device. These commands can be transmitted through HTTP (in JSON format), SMS or even a Telegram channel. These commands allow the bankbot to disable SMS interception, silence the phone, send messages to specified phone numbers or execute USSD commands. Many bankbots can install additional APK files on a phone, infecting a device with new malware that has much more malicious features.

In addition, most such malicious apps may send SMS history, the entire address book, and other private info to the hacker’s server, as well as redirect incoming calls to a different phone number controlled by criminals. Some bankbots also have self-defense features that attempt to disable security tools like antivirus software. Bankbots often have a web-based admin panel that provides its operators with statistics on infected devices and information obtained from them.

A growing threat

The proliferation of mobile devices has spawned a thriving underground industry for creating banking Trojans. Dark web advertisements offer banking Trojans and other mobile malware strains like spyware and keyloggers for rent. Malefactors offer complete tech and admin support. Dark marketplaces advertise Trojan builders and kits that allow inexperienced criminals to create a Trojan masquerading as a specific bank app. This has led to a sharp increase in the number of banking Trojans and the likelihood of infection. Usually, rogue apps have admin privileges, and it is hard to find and remove them without doing a factory reset.

It is not uncommon for users to download malware from official sources like Google Play, as the technology for checking apps is not foolproof. Besides, Android is known to have numerous vulnerabilities that hackers can exploit.

While mobile security solutions can detect unauthorized app activity, it is the personal decision of each user to install a particular software on their phone.


[ad_2]
Source link

One UI 5.1 is available for Galaxy S20 and Galaxy Z Flip 4

andreasc
-
0
One UI 5.1 is available for Galaxy S20 and Galaxy Z Flip 4
[ad_1]

Samsung is on a roll today. The company has released the One UI 5.1 update to a host of Galaxy smartphones. After the Galaxy S22, Galaxy S21, Galaxy Z Fold 4, Galaxy Z Fold 3, and Galaxy Z Flip 3, the new One UI version is now available for the Galaxy S20 series and the Galaxy Z Flip 4.

Like earlier rollouts, Samsung has initially released the One UI 5.1 update for the Galaxy S20, Galaxy S20+, and Galaxy S20 Ultra in Europe. The new firmware build number for the phones is G98**XXUFHWAK (via SamMobile). The rollout for the Galaxy Z Flip 4 has also begun in Europe. The updated firmware version for the foldable is F721BXXU1CWAC. The February 2023 Android security patch, which fixes more than 50 vulnerabilities, is part of the package. Samsung should expand the rollout to more markets, including the US, in the coming days.

One UI 5.1 brings plenty of new features and improvements. We have new tools in the stock camera app, while the Gallery app adds a Shared Family Album. The update also adds new editing features, including support for the remastering of downloaded GIF files for enhanced resolution and clarity. Samsung Notes supports collaboration during a video call on Google Meet with One UI 5.1. Bixby Text Call is also available in English. There are some foldable-specific features as well. Check out our coverage of One UI 5.1 features to know what else you’re getting with this update.

This is the last major update for the Galaxy S20 series

One UI 5.1 is the final major feature update for the Galaxy S20 series. Samsung launched the phones in early 2020 with Android 10 out of the box. Over the past three years, the devices have received updates to Android 11, Android 12, and Android 13. They aren’t covered under the company’s extended support policy that guarantees four generations of major Android upgrades. As such, the Galaxy S20 trio will not get Android 14. That also means no more major feature updates.

The Galaxy S20, Galaxy S20+, and Galaxy S20 Ultra will only receive security updates going forward. Those updates will come for at least one more year, if not longer. But right now, users have a major feature update to look forward to. As usual, you can check for updates from the Settings app. Simply navigate to Software update > Download and install and you’ll be prompted to download the latest available OTA (over the air) update. If you don’t see any updates, wait a few days and check again.


[ad_2]
Source link

The 15-inch MacBook Air is coming in April

andreasc
-
0
The 15-inch MacBook Air is coming in April
[ad_1]

It appears that the new 15-inch MacBook Air is set to be announced in April. This is based on information released by display industry analyst Ross Young. Who has said that the display production for this model is underway.

The April time-frame doesn’t sound as crazy as you might think. Apple does typically have an event around March/April to announce their Spring products. Usually including a new color for the iPhone (purple and green in recent years), along with new spring bands for the Apple Watch and some other features. So to see the 15-inch MacBook Air announced here would not be a surprised.

People want a larger MacBook Air

Currently, with the Apple Silicon transition, Apple is actually missing a spot in their laptop lineup. Those that want something larger than a 14-inch laptop, have to pony up and buy the 16-inch MacBook Pro with a M2 Pro chipset inside, which is close to $3,000. But what about an entry-level type laptop, with a 15-inch display? That’s what the MacBook Air 15 could really solve for Apple. And it could even be under $2,000. Especially since it would use the M2 most likely.

With it coming in April, we could see it sticking with the M2, or jumping to the M3. Apparently, the M3 is just about ready, and it is going to be on the next-generation 3nm process from TSMC. Whereas the M2 is really just a critiqued version of the M1. So it’s more of a stop-gap for Apple.

Now there’s also the chance that Apple could opt to announce this at WWDC in June. Sometimes Apple does unveil hardware there, but not all of the time. It’s every once in a while, but that is likely where the new Mac Pro will be announced, the last Mac that needs Apple Silicon.


[ad_2]
Source link
1...1,4361,4371,438...1,452Page 1,437 of 1,452