10-core Snapdragon X Plus has surfaced on GeekBench ML listing

andreasc
-
0
10-core Snapdragon X Plus has surfaced on GeekBench ML listing
[ad_1]

The Snapdragon X Elite, a power-efficient 12-core chip from Qualcomm has been in the discussions for a while now. However, it might not be the only chip that Qualcomm is working on to power the next generation of Windows-on-Arm computers.

The Snapdragon X Plus spotted on the Geekbench ML listing could be a cut-down version of the Snapdragon X Elite

The latest news is that a new chip named the Snapdragon X Plus (X1P64100) has surfaced on GeekBench. It appears to be a slightly cut-down version of the Snapdragon X elite chip with a total of 10 cores (6 performance cores and 4 efficiency cores) with a base frequency of 3.42GHz. For those unfamiliar, the Snapdragon X Elite equips 12 identical cores, 10 of which reach up to 3.8 GHz and the other 2 reach an even higher 4.3GHz clock speed.

Snapdragon X Plus GeekBench ML listing
Source: Geekbench

Windows Latest speculates that in addition to the Snapdragon X Elite, the 10-core Snapdragon X Plus chip may power the Surface Pro 10 laptop. The Snapdragon X Plus will likely make the Surface Pro 10 a bit more affordable and consumer-friendly.

Zac Bowden previously reported that Microsoft has been working on two Snapdragon X products, the Surface Pro 10 and the Surface Laptop 6. The latest GeekBench listing reveals more information about the Snapdragon X Plus chip.

The new chip could power a “mid-range” variant of the Surface Pro 10 OELD

According to the Geekbench ML test of the Snapdragon X Plus chip, the machine codenamed “OEMMN OEMMN” (which according to Windows Latest represents the Surface Pro 10) equips 16GB of RAM. As Laptop Mag noted, it could be a new baseline for computers with Snapdragon X series chips. The device scored 2410 in the machine learning test with a balanced power plan. The device runs Windows 11 Pro Insider Preview.

The Snapdragon X Plus chip reportedly comes with an integrated Snapdragon X65 modem from 2021. In comparison, the Snapdragon X Elite-powered computers use an external modem. It could also equip a slightly less powerful NPU (neural processing unit). Theoretically, it should result in slightly inferior performance in AI-based applications. Nonetheless, Qualcomm hasn’t officially announced this new chip and not much is known about it either.


[ad_2]
Source link

Gemini for Android may soon allow you to upload PDFs and files other than just images

andreasc
-
0
Gemini for Android may soon allow you to upload PDFs and files other than just images
[ad_1]

Ever since its launch earlier this year, the Gemini app on Android has been striving to become better at what it does. Though not yet a full “Google Assistant” replacement for many, recently the app has been rumored to be gaining new capabilities, such as real-time responses, and now it seems like Google is planning to introduce another useful feature: document uploads.
Right now, the app allows uploading only images. But according to a recent finding by AssembleDebug (via Android Authority), Gemini might soon allow uploads of PDFs and other documents. This feature is currently under development and only discovered after enabling some flags. It’s not clear when it will be available to all users, and it is not yet fully functional even in its testing phase. However, there are screenshots available of what the feature will look like as shown below.

Credit: Android Authority

In these screenshots, we can see how the user was able to upload a PDF document and have Gemini analyze and then summarize the contents. I could see this being extremely helpful in cases where translation is needed or simply for ease of accessibility. In addition to uploading a file directly from your phone, we can see that there’s also an option to upload a file from Google Drive. 

Given that Gemini has a basic and an advanced tier, it is possible that this feature might be reserved for paying customers, meaning those that are Google One AI subscribers. It is also a possibility that this could be a Google Workspace advanced feature. However, we are just speculating here, as this feature has not been announced or teased by Google.

The discovery of this feature comes alongside other rumored Gemini app upgrades such as the aforementioned real-time responses as well as support for third party music streaming services like Spotify and Apple Music. There’s no official confirmation about the release date for either feature, but it’s exciting to see new functionalities coming to the Gemini app. This will bring even more value to those that have opted to use Gemini over other chatbots, but especially for those that have opted to pay for the advanced version.

[ad_2]
Source link

PoC Exploit Released For Critical Oracle VirtualBox Vulnerability

andreasc
-
0
PoC Exploit Released For Critical Oracle VirtualBox Vulnerability
[ad_1]

Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege Escalation and Arbitrary File Move/Delete.

This vulnerability was assigned with CVE-2024-21111, and the severity was 7.8 (High). 

However, Oracle has acted swiftly upon the report and has patched the vulnerability accordingly. Following that, Oracle also released a security advisory to address the vulnerability.

Recently Oracle Releases Security Update in 2024 – 372 Vulnerabilities Are Fixed

Now, a publicly available exploit proof-of-concept has been published, providing detailed information on the vulnerability.

Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot

PoC Exploit Released

This vulnerability existed in Oracle Virtualbox versions prior to 7.0.16, which allows a threat actor to escalate privileges to that of NT AUTHORITY\SYSTEM via Symbolic Link, which will either perform an arbitrary file delete or an arbitrary file move.

This is because Oracle Virtualbox allows every user to write to the installation folder C:\ProgramData\VirtualBox.

Moreover, Virtualbox attempts to move log files from the location as NT AUTHORITY\SYSTEM for backup actions with a maximum of 10 logs. 

In addition to this, Virtualbox also tries to delete the 11th log on the location as NT AUTHORITY\SYSTEM, which gives rise to these two bugs (File Delete and File Move) that can be utilized to attain privilege escalation.

As per the Proof-of-concept video shared for File Delete, the researcher uses a EXE file under the name “VBoxEoP_del.exe” which attempts to create a new log file (VBoxSDS.log.11) under the C:\ProgramData\Virtualbox directory and again attempts to delete the log file. 

This action combined together with an MSI file (Config.msi) provided the researcher with a new cmd terminal with the permissions of NT AUTHORITY\SYSTEM.

The scenario is similar to Arbitrary file move also, in which the EXE file attempts to move the files from the C:\ProgramData\Virtualbox directory.

It is recommended that Virtualbox users upgrade to the latest versions to prevent threat actors from exploiting this vulnerability.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.


[ad_2]
Source link

The Gemini app could be getting real time responses

andreasc
-
0
The Gemini app could be getting real time responses
[ad_1]

A while back, Google Gemini brought real-time responses for the web. This means that you’re able to see the response being typed out as the model is generating it. This contrasted with how the company used to simply show the text all at once. Well, according to a noted leaker, it appears that the Gemini app will also be getting real-time responses.

Though it may not seem like it with shorter responses, this feature definitely comes in handy with longer responses. If you’re looking to generate an entire essay or story, you’re going to want to get an idea of whether Gemini is going in the right direction. If Gemini generates the entire text at once, you may have to wait a few minutes before you can start reading it.

However, with real-time responses, you’ll start seeing text almost immediately. So, you can get a good idea of where it’s going right away. This is useful; if you notice that it’s not going in the right direction. Then, you can stop the generation then and there and make adjustments rather than waiting for the entire thing to be generated.

The Gemini app could get real-time responses

Right now, real-time responses are only available on the web version of Gemini. It’s unfortunate, as many people are likely to use the Gemini app over the site. It’s just a very convenient form factor.

Well, according to a new report, it appears that Google is working on bringing this feature over to the small screens. Popular leaker AssembleDebug released a screenshot (via PiunikaWeb) of the Gemini apps setting page, and it shows the real-time responses toggle up top.

Gemini real time responses

Along with the screenshot, PiunikaWeb was able to provide a screen recording of This capability. Just like on the web, you will see the text coming in gradually as Gemini is generating it. The text comes in rather quickly, which is a testament to Gemini’s speed.

At this point, we don’t know when Google is going to launch this for the app. However, since there’s already footage of it working on the device, it shouldn’t be too long.


[ad_2]
Source link

This company will be first to utilize Snapdragon 8 Gen 4

andreasc
-
0
This company will be first to utilize Snapdragon 8 Gen 4
[ad_1]

A tipster has just seemingly revealed which company will be the first to utilize the Snapdragon 8 Gen 4. This information comes from Yogesh Brar, and what he said here makes sense.

We now (think we) know which company will be first to utilize the Snapdragon 8 Gen 4

The tipster claims that Xiaomi will be the first company to utilize the Snapdragon 8 Gen 4. That simply means that it will retain the exclusive right to do so,  as it had it last year too, for the Snapdragon 8 Gen 3.

Furthermore, the tipster claims that OnePlus and iQOO will follow suit. So those two companies are expected to be second and third in line to get their hands on the upcoming Snapdragon 8 Gen 4.

Xiaomi aims to utilize that chip in the Xiaomi 15 and Xiaomi 15 Pro later this year. Those two phones will arrive to China in Q4, and likely to global markets. Well, at least the Xiaomi 15 will, if Xiaomi opts for the Xiaomi 15 + Xiaomi 15 Ultra combo in global markets.

OnePlus will utilize this chip in the OnePlus 13, while iQOO will use it in the iQOO 13, says Brar. That is basically everything the tipster shared with the public.

Qualcomm will use its custom ‘Oryon’ cores

The Snapdragon 8 Gen 4 will be the very first chip in which Qualcomm plans to use its own custom Oryon cores. Qualcomm’s exec even confirmed that the chip is coming in October.

This processor is allegedly codenamed ‘SUN’, and it’s expected to utilize 2+6 structure. It will be manufactured using TSMC’s 3nm process. This processor is said to launch without efficiency cores.

Qualcomm even showed us the Snapdragon 8 Gen 4 reference handset by accident not long ago. A recent rumor even hinted that OEMs will use larger batteries with the new chip. That info hinted at lower power efficiency capabilities compared to its predecessors. We’ll see how accurate that is.


[ad_2]
Source link

U.S. to Impose Visa Restrictions on 13 Individuals

andreasc
-
0
U.S. to Impose Visa Restrictions on 13 Individuals
[ad_1]

To combat the misuse of commercial spyware, the United States Department of State has announced visa restrictions on 13 individuals linked to developing and selling these invasive technologies.

This decision underscores a broader initiative by the U.S. government to address the proliferation of spyware that threatens personal privacy, national security, and human rights.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

Crackdown on Spyware Misuse

Matthew Miller, the Department Spokesperson, revealed the new measures in a press statement dated April 22, 2024.

These individuals and their immediate family members have been identified as critical players in the spyware industry, benefiting from or facilitating the misuse of technology that has targeted a wide range of individuals, including journalists, academics, human rights defenders, and U.S. government personnel.

The misuse of commercial spyware has been a growing concern globally, with numerous reports highlighting how such tools have been used to infringe on personal freedoms and conduct espionage.

The visa restrictions have been imposed under Section 212(a)(3)(C) of the Immigration and Nationality Act, following a policy approved by Secretary of State Antony Blinken in February 2024.

This legal framework provides the U.S. with the authority to deny entry to individuals whose activities potentially threaten the country’s foreign policy interests.

Broader U.S. Government Initiatives

The announcement is part of a comprehensive U.S. strategy to curb the dangers posed by commercial spyware.

This strategy includes visa restrictions, stringent export controls, sanctions, and the promotion of accountability measures.

The U.S. government has also limited its use of commercial spyware, which poses risks to national security and human rights.

The U.S. move to impose visa restrictions sends a strong message internationally about the seriousness with which it views the misuse of spyware.

It also sets a precedent for other nations to implement similar measures to protect individuals from digital threats and uphold human rights standards.

As the global landscape of technology and surveillance continues to evolve, the U.S. Department of State’s actions represent a critical step toward establishing a safer and more accountable digital environment.

The focus now turns to how other countries will respond to this initiative and whether an international consensus can be reached to effectively regulate the use of commercial spyware.

Free Webinar: Mastering Web Application and API Protection/WAF ROI Analysis -  Book Your Spot


[ad_2]
Source link

Elon Musk announces ranking feature for X notifications

andreasc
-
0
Elon Musk announces ranking feature for X notifications
[ad_1]

X plans to introduce a ranking option for notifications. Like your Home feed, you will get “For You” and “Following” options for notifications on the platform. Elon Musk announced this upcoming feature, which is currently in development.

X is working on a ranking option for notifications

X (formerly Twitter) has changed substantially since multi-billionaire Elon Musk took over the company in 2022. First and foremost, the platform got a new name. Subsequently, tweets were rebranded into posts and retweets into reposts. While it is the same social network app at its core, it feels a lot different now.

Another change is on the way, Musk has confirmed. “The notification tab is currently in chronological order only. We’re working on a ranking option there, like For you vs Following,” the X owner posted on Monday evening. He didn’t elaborate on the feature. But his words suggest X will group notifications from accounts you follow in one place, separate from other notifications.

Interestingly, the platform already has three sections in the Notifications tab, though they are designed to filter notifications rather than group them separately. By default, you land on the All section housing all of your notifications. The Verified section filters them to show notifications from verified accounts, including likes and comments, aka replies.

The Mentions section houses notifications for posts where you have been directly mentioned. If a verified account has mentioned you in a post or reply, you will find the notification in all three sections. It is unclear if the new ranking options will replace these or if X will keep them all, allowing users to sort notifications in multiple ways. The company may share more details soon.

Users want a more robust system for managing notifications

This upcoming change might lay the foundation for a more robust system for notification management on X. Replies under Musk’s post suggest users want a wide range of categories for sorting notifications, like Subscribers, Verified, Recent, Most liked, and more. “Sorting options on [the] engagement screen would be amazing too. When a post goes semi-viral, [it] would be helpful to see which repost was most impactful,” a user wrote.

It remains to be seen if X implements these suggestions. As Musk said, it is currently working on a ranking option for notifications. The planned change may arrive with a new update in a few weeks or months. We will keep a close eye on the development and let you know when we have more information to share. In the meantime, make sure to keep the X app updated on your phone so you don’t miss out on new features.


[ad_2]
Source link

Microsoft unveiled its Phi-3 family of AI models

andreasc
-
0
Microsoft unveiled its Phi-3 family of AI models
[ad_1]

Ever since the birth of the computer, we’ve seen the trend of groundbreaking technology coming down in size while getting more powerful. The computers in our pockets are exponentially more powerful than the large room-sized computers that were used back in the 60s. Well, this is happening with AI models. Microsoft just released the Phi-3 series of AI models, and they come in three sizes.

If this sounds familiar, Google released Gemini, a family of models that comes in three sizes. Recently, Meta launched its Llama 3 family of models, which also comes in different sizes. Companies are utilizing different sizes for their LLMs which makes them more versatile.

Where this really shines is on-device computing. There are several developers who don’t quite need large Internet-connected LLMs for their needs. Many people are just fine using smaller models that can easily fit on a computer.

Microsoft just released its Phi-3 AI models

Microsoft announced that these models are more powerful than the last iteration. One of the more interesting models in this family is the Phi-3 mini. It’s the smallest one in the family, and it’s designed to fit on smaller devices such as computers or smartphones. If it is small enough to fit on smartphones, then it could be a competitor to Google’s Gemini Nano.

The corporate vice president of Microsoft Azure, Eric Boyd, told The Verge that Phi-3 Mini is actually as capable as GPT-3.5. However, it’s in a much smaller form factor. According to the report, Phi-3 Mini has 3.8 billion parameters. The next model in the family is called Phi-3 Small, and that has 7 billion parameters. Lastly, Phi-3 Medium has 14 billion parameters.

If you’re using platforms like Microsoft’s Azure, Hugging Face, or Ollama, you have access to Phi-3 mini. We’re sure that these new AI models will help push Microsoft forward in the rapidly growing AI space. It’s one of the leaders of artificial intelligence, so, we’re excited to see what the company does next.


[ad_2]
Source link

Critical Flaw with API Portal Let Attackers Launch SSRF Attacks

andreasc
-
0
Critical Flaw with API Portal Let Attackers Launch SSRF Attacks
[ad_1]

A significant vulnerability in the Perforce Akana Community Manager Developer Portal has been found, allowing attackers to conduct server-side request forgery (SSRF) attacks.

Community Manager is an advanced solution designed to assist businesses in creating an API portal that will draw in, manage, and assist developers who create applications using their APIs.

Organizations frequently use this software to create and maintain developer portals for their APIs. 

Typically, an SSRF attack involves the attacker forcing the server to connect to internal services only found in the infrastructure of the company. 

Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot

In different circumstances, they might be able to force the server to establish a connection with any random external systems.

Sensitive information, such as authorization credentials, can leak as a result.

This critical severity vulnerability tracked as CVE-2024-2796, has a CVSS base score of 9.3. The vulnerability was disclosed by Jakob Antonsson.

The Akana Community Manager Developer Portal, versions 2022.1.3 and earlier, has a server-side request forgery (SSRF) vulnerability. 

When an SSRF attack is successful, the hacker can control the target web server to carry out harmful operations or disclose private data. 

This approach can cause significant damage to an organization, including sensitive data exposure, cross-site port attacks (XSPA), denial of service (DoS), and remote code execution.

Affected Software Versions

It has been confirmed that the following Perforce Akana Community Manager Developer Portal versions are impacted:

  • 2022.1.1 
  • 2022.1.2 
  • 2022.1.3

Patches Released

  • 2022.1.1 (CVE-2024-2796 Patch) 
  • 2022.1.2 (CVE-2024-2796 Patch) 
  • 2022.1.3 (CVE-2024-2796 Patch)

It is highly recommended that organizations utilizing the Akana Community Manager Developer Portal update to one of the patched versions right away.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP


[ad_2]
Source link

This Website is Selling Billions of Private Messages of Discord Users

andreasc
-
0
This Website is Selling Billions of Private Messages of Discord Users
[ad_1]

In a major privacy breach, private data including private messages of millions of Discord users are being sold on a clear web website. The website, Spy.pet, is an internet-scraping company, that has been collecting data from Discord since November 2023.

So far, as seen by Hackread.com, it has sold four billion public Discord messages which were publicly accessible and gathered from 14,201 servers, which are home to 627,914,396 users.

While it is unclear who owns the website, the very nature of the data – scraped messages – suggests a potential security flaw in how Discord interacts with bots or third-party applications.

What Does “Scraped Messages” Mean?

Scraping is a method where automated tools extract information from a platform, such as Discord, by exploiting weaknesses in bots or unofficial apps’ access and interaction with the targeted platform.

This can expose private chats, server chats, and direct messages, potentially exposing conversations between users or groups. Previously, scrapped databases from Chess.com, Clubhouse, LinkedIn, Mastodon, and GETTR also surfaced online.

What Information is at Risk?

Security experts suspect that the leaked data from Discord chats could expose personal information, private photos and videos, financial details, and company secrets. Users’ usernames, nicknames, and real names could be included, and sensitive media could be shared.

Additionally, financial details could be a target for scammers, and company secrets, especially if Discord is used for business communication, could also be exposed.

How does Spy.net Operate?

Spy.pet is a chat-harvesting platform that collects user data through profiles containing known aliases, pronouns, connected accounts, Discord servers, and public messages. Users must buy credits (costing $0.01 each and a minimum of 500 credits) to access profiles, and archives of conversations, and search for servers.

It only takes cryptocurrency for payments except for using a Coinbase link as it has banned Spy.net. In February 2024, the platform was DDoS’ed, but the owner claimed minimal damage.

This Website is Selling Billions of Private Messages of Discord Users
A screenshot from the website shows what it offers (Credit: Hackread.com)

How to Protect Yourself?

Discord is already investigating Spy.pet and is committed to protecting users’ privacy. The company plans to take appropriate steps if violations of its Terms of Service and Community Guidelines are found. 

Meanwhile, to protect yourself from potential risks, review your Discord privacy settings and ensure only authorized applications have access to your data. Change your password, enable two-factor authentication and be mindful of sharing personal information or sensitive content within Discord chats, even on private servers. If you suspect your account may have been compromised, report it to Discord immediately.

  1. Windows Users Alert: Skuld Malware Steals Discord Data
  2. Telegram and Discord Bots Delivering Infostealing Malware
  3. PureCrypter Malware Targets Governments Through Discord
  4. Scammers Selling Twitter (X) Gold Accounts Fueling Phishing
  5. Discord.io Admits Data Breach: Info of 760K Users Sold Online

[ad_2]
Source link
1...147148149...1,452Page 148 of 1,452