The price of the new 4K Chromecast model will remain the same
As per the report, the price of the new Chromecast is unlikely to change. That means the new model will also be available for $49.99. Google could use the previously announced Amlogic S905X5 chipset in the new 4K Chromecast with Google TV. The chipset is two generations newer with a more efficient 6nm process than the 12nm Amlogic S905X3 that powers the current model.
Given that the company retired Android 13 for Google TV last year, the upgraded model might come with Android 14. Not to forget, the present model of Google’s 4K Chromecast runs on Android 12.
A new remote with more buttons is also coming
Google might pair the new Chromecast with an improved remote too. Although the news outlet didn’t mention its specs, one can make assumptions based on the leaked video that surfaced in the Android 14 beta. The alleged video featured an identical remote that Google ships with the present 4K Chromecast model.
However, there were a few changes in there. The leaked image of the remote featured extra buttons with one specific star button which could allow users to fiddle around the TV input or directly open their favorite app. Additionally, the volume keys previously placed on the side of the remote were seen on the remote’s face.
The device was unveiled in 2020 but hasn’t seen an upgrade since. So, it is safe to assume that it could be one of the major reasons behind the upcoming launch. 9to5Google hasn’t detailed further specs of Google’s new 4K Chromecast with Google TV. But, chances are there that the device could come with increased storage and RAM.
It’s a big Gemini news day for Android users, with back–to–back revelations on developing features. Although not officially announced by Google, there have been some additional new features revealed, recently discovered via the enabling of experimental flags.
According to PiunikaWeb (as spotted by AssembleDebug), one of the helpful new features coming to Gemini is the ability to display responses in a floating window. This means that when you ask Gemini a question, its answer won’t take over your entire screen as it does now. Instead, it will appear in a small window, similar to how Google Assistant works. This way, you can keep using the app you were on without having to switch back and forth.
Gemini responses in a floating window | Credit: PiunikaWeb
But that’s not all that Google is cooking up for Gemini on Android. As per Android Authority in collaboration with AssembleDebug, Gemini is getting another feature that will make it a strong competitor to Google Assistant: the ability to schedule commands. Named “Live prompts” in the UI, with this feature you will be able to set reminders for Gemini to perform certain tasks at specific times.
Gemini Live prompts | Credit: Android Authority
This could potentially be a game-changer feature as it puts Gemini at a closer footing to Google Assistant and perhaps the one thing that can persuade Assistant loyalists to flip that switch on Android. Being able to set routines and reminders, like, for instance, asking Gemini to show you tomorrow’s weather forecast every morning before you leave for work, is something that is seriously lacking in the app right now.
Considering Google’s focus on AI and the company’s recent restructuring to do so, it wouldn’t be crazy to think that much of this will be covered during Google I/O next month. I am definitely looking forward to hearing how the company plans to take Gemini to the next level and become a much more powerful and user-friendly virtual assistant.
“Based on initial targeted data sampling to date, the company has found files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America.”
UnitedHealth also announced support for affected people.
On Wednesday February 21, 2024, Change Healthcare experienced serious system outages due to the cyberattack. The incident led to widespread billing outages, as well as disruptions at pharmacies across the United States.
The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the worst ransomware attacks against American healthcare and caused widespread disruption in payments to doctors and health facilities.
Despite the ongoing investigation, which expectedly will take several more months of detailed analysis, UnitedHealth said it had decided to immediately provide support. The company says it continues to monitor the regular web and the dark web for any published data.
The chief executive of UnitedHealth Group, Andrew Witty, is expected to testify in Congress in May about the matter. Meanwhile the company says it has made strong progress restoring services impacted by the event and is prioritizing the restoration of services that impact patient access to care or medication.
Affected people can visit a dedicated website at changecybersupport.com to get more information, or call 1-866-262-5342 to set up free credit monitoring and identity theft protection.
Protecting yourself from a data breach
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
Set up identity monitoring.Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.
Malwarebytes has a new free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.
We don’t just report on threats – we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection
Samsung has long been using recycled materials in Galaxy devices to reduce its carbon footprint and help create a sustainable future. All Galaxy devices launched in 2022 and later feature recycled materials. The company uses recycled plastic, paper, metals, glass, and other materials in packaging and various device components. The newly launched Galaxy S24 series takes these efforts one step further, incorporating new materials during manufacturing.
Samsung’s Galaxy S24 series uses more recycled materials than before
According to Samsung, the Galaxy S24, Galaxy S24+, and Galaxy S24 Ultra feature components made with recycled cobalt and rare earth elements such as Neodymium. These are the first Samsung products to use these materials. The Plus and Ultra models have over 50% recycled cobalt in their batteries. Speakers on all three models are made of 100% recycled Neodymium.
This is on top of using other types of recycled materials in various components. The Galaxy S24 series features repurposed materials in its speakers, case, S Pen cover, S Pen’s knob holder, Power and volume buttons, SIM tray, camera deco, screen, back glass, and battery. Samsung says it sourced recycled plastics from discarded fishing nets, water barrels, and PET (Polyethylene Terephthalate) bottles.
The Korean firm started incorporating ocean-bound discarded fishing nets in its phones in 2022. It has teamed up with several organizations to collect and repurpose those nets and discarded water barrels, PET bottles, and Thermoplastic Polyurethane (TPU). By the end of 2024, it aims to use nearly 100 metric tons of recycled plastics. This is equivalent to 10 million empty PET bottles.
The Galaxy S24 series also incorporates aluminum recycled from scrap metal generated during manufacturing. Samsung expects to use around 110 metric tons of recycled aluminum in the new flagships this year. The weight is the equivalent of 9 million soda cans. The devices also come in a packaging box made using 100% recycled paper, something Samsung has done for a few years now.
The new flagships will use 2,760 metric tons of recycled paper in 2024
If Samsung achieves its Galaxy S24 sales target for 2024, it might use more than 2,760 metric tons of recycled paper in packaging boxes for the devices. That is the same amount of paper as 552 million pieces of A4-sized sheets. “If stacked on top of one another, that would be approximately the same height as 71 Burj Khalifas, which is the tallest building in the world,” Samsung says. The company vows to continue using recycled materials in its products in the coming years.
Google employees got a memo from the big man himself, CEO Sundar Pichai. The memo was also posted as a blog post from the company. In it, we see that Google is currently restructuring in order to better facilitate AI development.
The blog post was a lengthy one, but it shed some light on what the company plans to do for the future of its artificial intelligence. It’s split up into four parts, but much of it has to do with a large-scale restructuring that the company is going through. We’re not 100% sure if this has anything to do with the recent round of layoffs that the company went through.
Recently, we got news that Google was planning on letting go of a number of people. Along with that, we also found out that several roles were being moved to different locations including Mexico City, Dublin Ireland, and Atlanta, Georgia. Google has been letting go of people left and right this year, and we have no idea if the layoffs are going to end anytime soon.
Google is restructuring and focusing on its AI development
Let’s not mince words; when a company says that it’s restructuring, a lot of the time, it results in jobs being lost. However, we can’t save for certain that this is what’s happening with Google.
As part of the announcement, Google stated that it’s going to be merging some teams and departments. Pichai says that the company will “consolidate the teams that focus on building models across Research and Google DeepMind.” So, all of these teams will be under Google Deepmind.
Also, the company is moving the Responsible AI teams in Research over to Google Deepmind. So, it wants to streamline much of its AI endeavors and place more teams under one roof. Google also moved other responsibility teams to its trust and safety team.
At this point, there’s no telling if these moves will result in any changes for user-facing products. It doesn’t seem likely. In any case, Google believes that this will make the company work more efficiently and better achieve its goals. Whether that’s true remains to be seen.
In any case, we don’t expect these changes to have any effect on Android or its apps.
Pavel Durov, the billionaire founder and CEO of Telegram, has a theory on why iPhone’s market share in China will “keep shrinking”.
As you probably know, Apple removed Telegram from its China app store. China’s Cyberspace Administration has forced Apple to boot a number of encrypted messaging apps like Meta’s WhatsApp and Threads, as well as private chat apps Telegram and Signal, from the App Store.
This, however, has not caused any decrease in Telegram downloads from China, according to Durov. He criticized Apple instead for its “walled garden” app policies.
Durov asserted that Beijing’s action targeted Apple rather than Telegram. He emphasized the advantage of Android phones, which allow users to sideload apps outside of official app stores like Telegram. Hence, Durov predicts, more users in China will switch to Android due to this restriction, leading to a shrinking iPhone market share in China:
It was a move against Apple itself: the Chinese authorities are forcing more of their citizens to switch from iPhones to Android smartphones produced by Chinese companies such as Xiaomi. Unlike iPhones, most Android phones allow sideloading apps outside app stores — such as the direct version of Telegram — so more users from China will migrate to Android.
In China, users must use VPNs to bypass the country’s censorship system, known as the “Great Firewall,” to access Telegram. Despite these challenges, Durov highlighted that Telegram remains popular in China among resourceful users who find ways to access the platform.
Mostbet real alfilerazo mərc etməyiniz ötrü gərək olan bütün alətləri təklif edir. Bu kateqoriya xüsusilə ona ötrü yaradılıb ki, nə vaxtsa oynadığınız istəkli oyunlarınıza hər zaman dönmək üçün çıxışınız olsun. Hər 30 AZN-lik para toplama ötrü AZN məbləğlərdən izafi müftə fırlatmalar da əldə edəcəksiniz. Ümumilikdə, bu bonusdan 10 kərə yararlana bilərsiniz, bu, təzə istifadəçilərə tətbiq olunan boş bonusdur. Qazandıqlarınızı iki daxil artırmağa imkan verən vahid bonus əldə edəcəksiniz. İstifadəçi vəziyyətə bağlı olaraq lap sərbəst və əlçatan olanı açaraq özü üçün daha əlverişli platformanı seçə və ya hamısından istifadə edə bilər.
Lakin bu növ göstəricilər kollektiv və ya handikap üçün təklif olunan ehtişamli dəyərlərə üçün səviyyələnir.
Amma akumlyatorların köməyi ilə dumansiz favoritlər üzərində oynamağı unutmayın.
Bu, onlara oyunöncəsi mərclərə nisbətən ən yaxşı varidat əldə etmək, eləcə də izafi baş verən hadisələrə mərc eləmək imkanı verir.
Bunun üçün sadəcə xarici App Store-a iç olun və axtarış qutusuna şirkətin adını iç edin.
Bunun ötrü şirkətin ekspress-betlər üçün lap uyar şərtləri təklif etdiyini də artıq edirik mostbet seyrək casino.
Buna baxmayaraq, etimadli güzgü saytından istifadə etdiyinizə arxayın olmaq çox vacibdir.
Əgər siz əməli casinonun atmosferi coşğunluq etmək istəyirsinizsə, onda mütləq bu bölməni ziyarət etməlisiniz. Lakin onlarda əsl xüsusiyyət odur ki, oyuna başlayanda casinodan canlı yayım görəcəksiniz. Beləliklə, siz kompüterə əksinə yox, çəkiliş aparan əsl alverçi ilə oynayacaqsınız.
Bədii Mərc
Həmçinin qeydiyyatdan keçən ara promotional kodumuzu baxdırmaq tövsiyə olunur. Artıq hesabınızın balansınızı artıra biləcəksiniz və əsla bir məhdudiyyət olmadan actual pulla oynamağa başlaya biləcəksiniz. Şirkət həmçinin müvafiq sənədlərlə əsl olunan başqa məlumatları weil tələb edə bilər.
Bu mahiyyət bizə həqiqətli hədis ötrü zəmanət verir, həmçinin qanun pozuntusuna çixiş vermədən ölkəmizdə xidmətdən istifadə etməyə imkan verir.
İstifadəçi vəziyyətə bağlı olaraq daha sərbəst və əlçatan olanı açaraq özü ötrü lap oxşar platformanı seçə və ya hamısından istifadə edə bilər.
Buraya slotlarda əvəzsiz fırlanmalar, artıq depozit və ya uduş tirajlarına başlanğıc daxil ola bilər.
Bundan sonra siz vəsaitdən istifadə edərək, mostbet casino və ya bets-də oynaya bilərsiniz
MostBet, Curacao lisenziyalı № 8048/JAZ altında Bizbon N.V. Azərbaycanda daha yaxşı onlayn kazinolardan biri Mostbet-dir.
Canlı rejim bukmeker kontorunun üstünlüyü deyil, amma lap tanımlı qarşıdurmaları tapa bilərəm. Qeydiyyatdan sonra ofisdəki ümumən mövcud variantlardan istifadə edə bilərəm. Mirror eyni haqsız bukmeykerdir, buna ötrü Roskomnadzor vaxtaşırı bu nüsxə saytlarını bloklayır. Hamar mərc etmək ötrü uyar iş bağlantılarını harada tapa biləcəyimə ehtiyacım mal. Uduşlarımı geri götürmək ötrü Mostbet Azerbaycan şəxsi hesabında “Çıxarma” bölməsini seçirəm.
E-poçt Vasitəsilə Qeydiyyat
Buraya slotlarda əvəzsiz fırlanmalar, artıq depozit və ya uduş tirajlarına müqəddimə batil ola bilər. Bununla belə, uduzsanız, bütün pullar ard qaytarılacaq ki, bu da belə mərcləri de-fakto pulsuz edir. Burada bukmeker kontoru oyunçuya həqiqi haldan daha qocaman hadisələr seçimi təklif edir. Alınan pul müvəqqəti də geri qaytarılmalı olacaq, buna üçün də onu bütöv hüquqlu cashback adlandıra bilməzsiniz. Daimi oyunçular 20-dən lap promosyonun mövcud olduğu bonus proqramından yararlana bilərlər. 4% marja və 99,2% RTP şirkətin başqa rəqibləri arasında ən yüksək göstəricidir.
Mostbet bukmeker şirkətinin loyallıq proqramının üzvü var-yox Azərbaycandan qeydiyyatdan olmuş oyunçu ola bilər. Bizə nüfuz etmirsinizsə, üçüncü üz mənbələrindəki başqa istifadəçilərin rəylərinə baxın mostbet azerbaycan qeydiyyat. Mostbet bir çox bonuslar və aksiyalar da təklif edir, beləliklə, mərc edərkən müştərilərə izafi üstünlüklər təqdim edilir. Bu gur hədis müştərilərə çarxları fırlatmağa və əzəmətli mükafatlar sormaq şansına yiyə olmağa imkan verir. Lisenziyasının olmamasına baxmayaraq, MostBet bukmeyker Azərbaycan qanunlarını pozmur.
Android Və İos üçün Mobil Proqram Mosbet
Üstünlük şirkətin var-yox tanınmış turnirləri yox, həm də həvəskarları əhatə etməsi olacaq. Günün istənilən vaxtında bədii rejimdə yüksək möhkəm axınlar və siğma bahalarından istifadə edərək matçları aramaq mümkün olacaq. Sonra, məlumatları yükləmək üçün bir tip açılacaq, bunların arasında prosedurdan ötmək üçün 4 seçim olacaq. Həmçinin, bonus növünü seçməyi unutmayın – siz idman mərcləri və ya kazino üçün təqdimat arasından seçim edə bilərsiniz. Bundan artıq, hər hansı bir idman tədbirinə mərc qoymaqla sizə digər platformaların təqdim etdiyi lap cah-calalli əmsallarla mərc etməyə zaminlik verilir.
Bunun üçün sadəcə rəsmi App Store-a iç olun və axtarış qutusuna şirkətin adını daxil edin.
Bir ən oyunçular görə genuine kəşf bədii kazino mostbet 309 landa bilər.
Bu səbəbdən bax: əksəriyyət oyunçular vur-tut proqramlardan istifadə etməyi üstün tuturlar.
Əgər sizin pis tək həftəniz varsa və qırmızı rəngdə qalmısınızsa, o vaxt şirkət itirilmiş pulun 20%-ə qədərini geri qaytaracaq.
Şəxsi hesabınıza iç olun və depozit bölməsinə klikləyin mostbet azerbaycan.
Qazandıqlarınızı iki müddət artırmağa imkan verən tək bonus əldə edəcəksiniz. Saytda qeydiyyatdan cəld sonra, siz əvəzsiz spins — slots-da müftə spins ilə kredit olunacaq. Pulsuz spins cəld sındırıla bilər və zəfərli gələn para izafi wagering olmadan əsl say transfer olunacaq. Pulsuz spins ilə yanaşı, daha rəhmli hədiyyə sizi gözləyir — əvvəl depozit bonus.
Mostbet-az91: İdman Mərcləri Və G
Siz həmçinin hadisələri mahiyyət verən kimi izləməyə və mərclərinizi buna əlaqəli yerləşdirməyə imkan verən obrazli yayım seçimlərindən yararlana bilərsiniz. Sayta daxil olduqdan sonra sizə gərək olan” “bütün məlumatları əldə edəcəksiniz. Mostbet 314 bukmeker kontorunun əsl bonus alin mostbet xüsusiyyətlərindən biri də video verilişlərin olmasıdır mostbet seyrək casino. Hər bir online oyunun oyunçularının adları, turnirləri və matçları real həyatdakı tərəf müqabillərini inad etdirir.
Belə ki, siz vebsayt versiyasında kupon yaradərkən onlar ekranın sağ hissəsində yer alır.
Şifrənizi itirsəniz, saytda qeydiyyatdan keçdiyiniz mobil telefon nömrənizi daxil edərək onu hər müddət bərpa edə bilərsiniz.
Sağ blokda hədis kuponu ötrü və Canlı-kazinoda daha populyar slotlar və oyunlar bölməsi üçün yer ayrılmışdır.
When cyber attacks strike, it’s rarely a single computer that suffers. Nowadays, cybercriminals set their sights on corporate networks, aiming to infiltrate and compromise multiple systems. But how do these bad actors manage to breach large networks?
It all starts with a foothold. Whether through brute-force attacks on remote desktop protocols, exploiting vulnerabilities in public-facing applications, or cleverly crafted phishing emails that lure unsuspecting employees, cybercriminals find their way in. Once inside, they start their lateral movement—exploring the network, seeking out valuable assets, and spreading their reach.
The traces of this lateral movement are crucial clues for cybersecurity teams. They help identify compromised assets, assess the extent of the breach, and shore up vulnerabilities to prevent further damage. By understanding the tactics employed by these threat actors, you can pinpoint where to look for signs of compromise on affected machines, and with the right computer forensics tools, analyzing these areas becomes more efficient.
Most common lateral movement techniques
Lateral movement is a critical phase in a cyber attack, where hackers pivot from their initial breach point to other systems within the network. This maneuver allows them to access more resources and escalate their attack, amplifying the potential damage.
This phase is a prime opportunity for cybersecurity teams. It’s when threat actors’ activities are most exposed, offering a chance to detect the techniques and tools being used. Here are some key areas of interest for cyber incident response investigators:
To move laterally, nefarious actors often exploit remote services like Remote Desktop Protocol (RDP). These services allow them to transfer files, execute commands, or seize control of other machines within the network.
Attackers may use the Server Message Block (SMB) protocol, which Windows networks use for sharing resources like files and printers, to move laterally and spread malware.
Attackers frequently abuse legitimate tools and processes already on systems to conduct malicious activities, making detection more challenging. Examples include PsExec and PowerShell.
You can find evidence of RDP usage on compromised machines by reviewing entries from the Windows registry and events logs.
Digital forensics tools are invaluable in this process. They extract and categorize data acquired from computers, making it easier to locate relevant digital artifacts for cyber incident investigations.
For instance, this is how Belkasoft X displays outgoing RDP connections from the supplied data source:
Figure 1: Information on outgoing connection extracted from Windows Registry shown in Belkasoft X
The registry path for RDP connection details is typically found at:
Software\Microsoft\Terminal Server Client\Servers
In the highlighted example, the Administrator account was used for logging in to the host with IP address 192.168.1.79 via RDP. But what about incoming RDP connections? Yes, those can be uncovered too!
To find details on incoming connections, you can analyze the Windows Event Logs, specifically the Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational logs.
Since we know the Administrator account was involved, we can apply a filter to the security logs to focus on events associated with that account.
Figure 2. With the filter applied the tool only shows the entries of interestFigure 3. Security logs narrowed down to Administrator actions
If a trojan is suspected, further investigation is necessary. You can delve into record details in the Artifacts window on the Structure tab.
Figure 4. Information on an incoming connection extracted from Windows Event Logs shown in Belkasoft X
Analyzing SMB/Windows Admin Share
RDP might be popular, but it is hardly the only technique adversaries employ for lateral movement. SMB/Windows Admin Share is another technique that is widely used. Threat actors use the SMB/Windows Admin Share technique during the reconnaissance phases of their attacks to learn more about potential targets in the network, especially if they already possess privileged credentials. The technique also comes in handy when attackers have to transfer their tools or malware from an initially compromised host to other hosts.
The easiest way to uncover behavior pointing to SMB/Windows Admin Share exploitation is to search for c$, d$, or admin$ keywords. Digital forensics tools allow you to run searches against all records in the case. Here is an example of a c$ usage record found by Belkasoft X under the Recent inputs in the start menu prompt category.
Figure 5. Evidence of a network share usage extracted by Belkasoft X
If you know that the administrator account was compromised, you can also go into its registry file, examine the RunMRU key (which maintains the list of entries executed through Start > Run command), and check for entries with c$, d$, or admin$ keywords.
Investigating PsExec and PowerShell usage
When cyber attackers move laterally through networks, they often rely on executing scripts or malware on remote hosts, frequently using tools like PsExec and PowerShell.
PsExec, a free Microsoft tool, allows users to run programs on remote computers. While it is a handy tool for system administrators to manage networked systems, it is also attractive to threat actors for its ability to execute commands, scripts, or binaries on remote systems.
The popular adversary frameworks like Cobalt Strike use techniques similar to PsExec too. Actually, PsExec and corresponding Cobalt Strike modules use a mixture of two techniques: admin shares and new service creation.
When a new service is created in a system, Windows generates logs for event ID 7045. Event ID 7045 corresponds to event ID 4697 in security events, and by examining it, you can find execution details. Belkasoft X has a section dedicated to entries with this ID. See System log, 7045 below.
Figure 7. Evidence pointing to Cobalt Strike’s PsExec execution shown in Belkasoft X
Another Cobalt Strike module similar to PsExec involves PowerShell, which is also quite popular among all sorts of threat actors. This module is known as psh_psexec. It got captured in the PowerShell Event logs and other logs in event ID 7045 from the system log:
Figure 8. A service created by Cobalt Strike’s psh_psexec command
These services are detected easily because recognizable names and arguments are used to start them.
Conclusion
Most cyberattacks are characterized by activities involving lateral movement. In this phase, threat actors typically explore networks to find the most vulnerable elements. The techniques we reviewed in this paper see a lot of use, and the chances of you encountering them—in an incident response engagement—are pretty high.
When you know where to look (sensitive locations and files from the registry and event logs) and use the right tools, uncovering lateral movement becomes more straightforward.
McAfee cybersecurity researchers have discovered a malicious scheme exploiting GitHub’s comment section, where threat actors host malware and disguise download links as legitimate Microsoft repositories.
This incident reminds me of a similar event that occurred in June 2027, during which Russian hackers exploited the comment section of Britney Spears’ Instagram profile to host malware.
According to McAfee, cybercriminals have been exploiting GitHub’s file upload logic since February 2024 to host and distribute malware through automatically generated download links containing the repository owner’s name and ownership details.
These repositories contain password-stealing malware disguised as seemingly innocuous files. More troubling, the repositories also included comments with download links crafted to mimic official Microsoft software repository URLs.
Screenshot: McAfee
GitHub’s comment feature stores files on its servers, creating real-time access links to them. This can trick potential victims into thinking they are clicking on a link from a trusted developer. Users don’t need to send comments or bug reports as the file is already uploaded and available.
What to do About it?
GitHub’s CDN files remain unchanged even after comments are posted or deleted, and downloaded URLs keep functioning. This issue allows threat actors to create sophisticated lures, as most software companies use GitHub and the file URL contains the repository name.
Unfortunately, the only available solution is to disable comments, but this leads to more issues as legitimate users often report bugs or provide quality suggestions, and comments can only be disabled for up to six months at a time.
Why This Matters:
This deceptive tactic leverages the trusted nature of both GitHub and Microsoft. Users visiting these repositories might be tricked into downloading malware, believing they are getting legitimate Microsoft software.
This could have serious consequences, as downloaded malware could steal user credentials, compromise systems, steal browsing data and crypto funds or launch further attacks.
However, the good news is that according to Bleeping Computer, GitHub has removed the malware associated with Microsoft’s repositories.
How to Protect Yourself?
To protect yourself, download software directly from the developer’s official website, avoid clicking on links in comments or third-party websites, verify file hashes, and use a robust security solution with real-time malware scanning. If unsure about a download link, visit the official Microsoft website to ensure system safety.
Cyber Intelligence Team Manager at Cofense, Max Gannon, commented on the issue stating, “This is a very clever tactic for threat actors to take advantage of, especially because GitHub has provided no way for companies to mitigate the threat.“
“The only thing that can be done is for individuals to exercise caution when clicking any link, regardless of where it appears to go or who it appears to be from,“ For example, if you stopped and thought about it, a .zip file containing cheat software is not likely to be directly hosted on a Microsoft repository,“ Max explained.
The Google Contacts app has three tabs at the bottom of its interface – Contacts, Highlights, and Fix & manage. In the upcoming update, Google is replacing the Fix & manage tab with the Organize tab.
This change was first noticed and shared by AssembleDebug about a month ago. At that time, this change was under testing and was enabled with a flag (45621130). Now, Google has started the public rollout of this feature in the app version 4.29 for Android.
Tools are more descriptive in the Organize tab
All the tools in the Fix & manage tab were in a 2×4 grid format and did not provide much information about what a particular tool would do. However, in the new Organize tab, the tools have been arranged in a list format, with each tool providing a brief description of its functionality.
For example, the Emergency contacts tool comes with the description, “Choose who others can call using your phone’s safety app.” This concise description gives an idea of what to expect when tapping on this tool. Similarly, the Bin tool description states, “Recently deleted Google Account contacts,” indicating that accessing this tool will display all recently deleted account contacts.
Furthermore, the Organize tab has two sections — Google and This Device. In the Google section, you will find options such as Merge and fix, Reminders, Emergency contacts, Family group, Restore contacts, and Bin. In the This Device section, options include Contacts ringtones, Manage SIM, Import from file, Export to file, Blocked numbers, and Settings.
There is also a search field in the Organize tab
You also have a search field in the Organize tab to match the Contact and Highlights tabs. This means you can search for your contact from the Organize tab, which was previously only possible from the Contacts and Highlights tabs.
Google Contacts is one of those Google apps that doesn’t receive major updates frequently. However, it seems like Google is now paying attention to their Contacts app. It wasn’t too long ago that Google rolled out Contacts ringtones in Google Contacts. And now, by replacing the Fix & manage tab with the Organize tab, Google is indicating that they have big plans for their Contact app.
