First Pixel 8a hands-on video shows us Bay & Mint models

andreasc
-
0
First Pixel 8a hands-on video shows us Bay & Mint models
[ad_1]

The very first Pixel 8a (hands-on) video has just surfaced, and it shows us two color options of the phone. Bay and Mint models are shown here, two of the most eye-catching colors that Google will offer.

The very first Pixel 8a video is here, and it’s a hands-on clip

This short video clip was shared by gsm_islame on Instagram and reshared by Arsene Lupin (a tipster) on X. You not only get to see the two phones but also their retail boxes here. The video itself is embedded below.

This video basically confirms all the leaks we’ve seen thus far. We’ve leaked the Pixel 8a a couple of times, exclusively. The design is very similar to the Pixel 7a, which is something you will quickly notice.

The Mint color looked a bit brighter in the renders. It looks a lot more appealing in this video, at least to us. Both of these colors look really nice, actually, and will give options to people who are tired of black, gray, and white combinations.

The Pixel 8a will have a flat display with a centered display camera hole. That is not something you can see here, but we’ve seen it in leaks. What you can see here is the back side of the phone. A camera visor is still here, with two cameras inside it. The backplate does curve towards the edges.

The phone is expected to launch next month during Google I/O

Google’s new mid-ranger is expected to launch during Google I/O next month. It will likely launch during the keynote on May 14, even though Google I/O is scheduled for May 15 as well.

The phone is said to feature a 6.1-inch fullHD+ OLED display with a 120Hz refresh rate. The Google Tensor G3 will fuel this smartphone, while the phone will retain the same camera setup as the Pixel 7a.

Android 14 will come pre-installed on the device, though the Android 15 update will follow later this year. Thanks to this video, you can see that a Type-C to Type-C cable will be included, and the same goes for a SIM ejector tool, and a Pixel Quick Switch adapter. A charging brick will not be included, as expected.


[ad_2]
Source link

Volkswagen Group’s Systems Hacked: 19,000+ Documents Stolen

andreasc
-
0
Volkswagen Group’s Systems Hacked: 19,000+ Documents Stolen
[ad_1]

The Volkswagen Group has fallen victim to a sophisticated hacking incident, with over 19,000 sensitive documents stolen.

Investigations point towards a possible involvement of Chinese hackers, raising concerns over international cyber espionage and the security of global automotive giants.

The Volkswagen Group reported a massive security breach in its IT systems late last week.

According to sources, the attackers managed to exfiltrate over 19,000 documents containing sensitive information related to the company’s operations, plans, and, potentially, details on electric mobility technologies, as reported by ZDFheute.

The breach was first detected by the company’s internal security team, who noticed unusual activity in their network.

Forensic experts suggest that the sophistication of the attack indicates a well-organized group with significant resources.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

Impact on Volkswagen

The repercussions of this breach for Volkswagen are manifold.

The stolen documents contain critical information that could affect Volkswagen’s competitive edge in the electric vehicle market.

There is also a significant risk of financial loss, both through potential disruptions in operations and through the impact on investor confidence.

The company has issued a statement assuring stakeholders that immediate measures are being taken to contain any further damage and that they are working closely with law enforcement agencies.

In response to the incident, Volkswagen has announced a comprehensive overhaul of its cybersecurity protocols.

The company plans to implement advanced real-time monitoring systems, increase its cybersecurity workforce, and enhance employee training on data security.

Volkswagen also collaborates with cybersecurity firms to analyze the breach and prevent future incidents.

This event has highlighted the need for robust cybersecurity measures in the automotive industry, which is increasingly reliant on digital technologies.

China’s Involvement

The investigation into the hack has revealed digital footprints leading to China, suggesting that the breach could be part of a larger pattern of cyber espionage targeting Western technology and industrial sectors.

While the hackers’ identity has not been officially confirmed, the attack pattern aligns with methods commonly used by Chinese hacking groups.

This incident adds to the growing tensions between China and the West over cybersecurity and intellectual property theft.

The breach of Volkswagen’s systems is a stark reminder of the vulnerabilities in global corporations’ digital infrastructures.

As companies continue to expand their digital footprint, the importance of safeguarding critical information cannot be overstated.

The incident affects Volkswagen’s immediate operational capabilities and has broader implications for international business security protocols and geopolitical relations.

Free Webinar: Mastering Web Application and API Protection/WAF ROI Analysis -  Book Your Spot


[ad_2]
Source link

Huawei Mate 70 & Pura 80 camera revealed by trusted source

andreasc
-
0
Huawei Mate 70 & Pura 80 camera revealed by trusted source
[ad_1]

The Huawei Pura 70 series was launched quite recently in China. As we’re expecting to see those devices become global, a trusted source has just revealed the Huawei Mate 70 and Pura 80 main camera sensors.

This information comes from Digital Chat Station, one of China’s most reliable tipsters. If it were a less trusted source, we’d be really skeptical, to be honest. In any case, let’s see what Digital Chat Station had to say.

The Huawei Mate 70 & Pura 80 main camera sensors tipped

He claims that Huawei will use the OmniVision OV50K camera on the Huawei Mate 70 series. The OmniVision OV50X camera sensor will be used on the Huawei Pura 80 series.

Now, we know that the OmniVision OV50K is a large 1/1.3-inch sensor that utilizes LOFIC technology. Thanks to that, it should be able to provide extremely fast autofocus speed. That sensor was used on the HONOR Magic6 Ultimate, in case you were wondering.

That camera sensor will likely be used as the main camera on the Huawei Mate 70 series. It is possible that all phones in the series will utilize that sensor, the source did not really specify.

What about the OmniVision OV50X? Well, that one is a bit of a mystery. We do know that it will incorporate LOFIC as well, but we’re not sure what else. We’re also not sure what will the sensor size be, exactly.

The Huawei Pura 80 series is about a year away at this point, so that is not surprising. Digital Chat Station somehow managed to get his hands on this detail so early in the game.

The Huawei Mate 70 series is coming later this year, most likely in August or September

The Huawei Mate 70 series is expected to arrive later this year. The Mate 60 series arrived at the very end of August, in China. The Mate 70 series is expected in either August or September. It remains to be seen if Huawei will make them global, though.

The Huawei Pura 70 series has plenty to offer, especially the Pura 70 Ultra model. It remains to be seen how Huawei aims to top that with the Huawei Mate 70 series.


[ad_2]
Source link

NVIDIA CEO predicts considerable popularity of humanoid robots

andreasc
-
0
NVIDIA CEO predicts considerable popularity of humanoid robots
[ad_1]

NVIDIA was one of the first gaming-oriented brands to implement artificial intelligence. The firm also carried out a test to see the benefits of adding generative AI into video games. The CEO of NVIDIA recently attended the CadenceLIVE Silicon Valley 2024 event where he made an interesting statement claiming that humanoid robots will gain immense popularity among the general population. He talked about the prices of these robots as well.

NVIDIA CEO believes humanoid robots will be more commonplace than expected

In an interview that took place in CadenceLIVE’s Silicon Valley event, the CEO of NVIDIA, Jensen Huang said that he expects the humanoid robots to become very common in the coming years. He further says that the increasing use of these AI robots will revolutionize industries and will change the way they work. Not only this, but more and more general population will also start using it.

The CEO indirectly predicted the price of upcoming humanoid robots as well. He says that we can get a cheap car for around $10,000 – $20,000 and we would be able to get a humanoid robot for the same price soon. For specific environments, he claims that getting robots over these cheap cars is much more sensible and versatile.

They are not going to be very expensive

If we look at the past trends, the prediction of the CEO isn’t totally wrong. Elon Musk previously said that their upcoming humanoid robot, the Optimus would be priced around $25,000. Do keep in mind that this is the first generation and the price is expected to decrease over time.

Many more industries will soon enter into the manufacturing of humanoid robots. This will increase the market competition and force the firms to price their robots very competitively. NVIDIA is also working on Project GR00T, which is going to be the basic model of humanoid robots, and if we consider the CEO’s comment, it surely will not have a heavy price.


[ad_2]
Source link

Hacker Offer Upto $300 To Mobile Networks Staff for Illegal SIM Swaps

andreasc
-
0
Hacker Offer Upto $300 To Mobile Networks Staff for Illegal SIM Swaps
[ad_1]

A SIM Swap Scam or SIM Cloning Scam exploits a vulnerability in a two-factor authentication (2FA) system that relies on SMS messages for verification codes, where attackers aim to gain control of the victim’s mobile phone number by convincing the victim’s mobile carrier to transfer the number to a new SIM card under the attacker’s control.

The attacker typically initiates the scam by acquiring the victim’s personal information, including their phone number, which can be obtained through various means, such as data breaches, social engineering attacks (e.g., phishing emails or smishing attacks), or by purchasing the information on the dark web.

Breakdown Of The Technical Aspects Of A SIM Swap Scam:

Once the attacker has the victim’s phone number and potentially other personal details (e.g., Social Security Number, date of birth), they contact the victim’s mobile carrier while impersonating the victim. 

Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot

To appear legitimate, attackers may use social engineering tactics to convince carrier representatives that they have lost their phone or SIM card and request a replacement. 

Weaknesses in the carrier’s verification process, such as relying solely on security questions with predictable answers or a lack of multi-factor authentication for customer service representatives, can increase the scam’s success rate.

As reported by Reddit, if the social engineering is successful, the attacker convinces the carrier to issue a new SIM card and activate it on their device, effectively porting the victim’s phone number to the attacker’s controlled SIM card.

With the phone number under their control, the attacker can intercept any SMS messages sent to the victim’s number, including 2FA codes for various online accounts (e.g., bank accounts and social media accounts).

Attackers can bypass 2FA security measures and potentially take over the victim’s accounts by gaining access to these codes.

Once attackers have access to the victim’s accounts, they can wreak havoc by stealing money by transferring funds from bank accounts, making unauthorized purchases using linked credit cards, or even committing identity theft by using the victim’s personal information for fraud.

Mitigate The Risk Of SIM Swap Scams:

Carriers can stop relying solely on knowledge-based authentication (e.g., security questions) and implement multi-factor authentication for customer service interactions.

This involves sending a one-time verification code to a trusted email address or registered device before processing any SIM swap requests.

Biometric verification using fingerprints or facial recognition can be a more robust way to confirm a customer’s identity during SIM swap requests.

Carriers can educate their customer service representatives on the tactics used in SIM Swap Scams and train them to be more vigilant in identifying and preventing such attempts.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.


[ad_2]
Source link

TikTok is reportedly readying an AI voice-cloning feature

andreasc
-
0
TikTok is reportedly readying an AI voice-cloning feature
[ad_1]

TikTok is preparing to join the AI race as it is reportedly working on an AI voice-cloning feature. The alleged feature will let users generate an AI version of their voice in just 10 seconds. According to the recent TheSpAndroid report, code-digging by AssembleDebug revealed a few code strings that point to the next big update coming to the platform.

TikTok might soon bring a new AI-powered voice-cloning feature

As per the report, the code digger came across two code references – Create Your Voice with AI and TikTok Voice Library. Although TikTok doesn’t have a name for the new AI feature, it seems pretty clear what these references are for.

AssembleDebug also showcased the introduction screen of TikTok’s AI voice-cloning feature which is attached below this article. The text on the shared screenshot reads “Create an AI version of your voice in just 10 seconds! You’ll be able to use it with text-to-speech in TikTok videos.”

The initial process of creating an AI clone voice will require users to read out some text in the TikTok app. This will eventually help the platform recognize their voice and create a synthetic voice accordingly. As per the source, users might have to record their voice once. However, an option to rerecord the voice will always be there.

Users will have full control over their AI voice

From the users’ point of view, tapping the Continue button will take users to the long TikTok Voice Library Terms pages. This page details how TikTok manages the voice recording of the users. Notably, TikTok will also keep all the AI voices private as the platform recognizes the consequences of its misuse. Users can also delete their AI voice from the platform’s server whenever they’d like.

In the process, a recording page will open when a user moves ahead by tapping the Agree button on the terms page. However, when AssembleDebug tried recording the voice, no text appeared, and the screen was reportedly blank. The manual recording by pressing the Record button also failed and threw some errors.

It’s worth noting that the AI voice-cloning feature can be handy for TikTok creators going forward. It will help with text narration in their video, eliminating the hassle of recording their voice every time. That said, there’s no official release date tipped for the feature.

All in all, one thing is sure TikTok is constantly trying to bring something new to catch up with other Android and iOS apps. More recently, the short video platform launched TikTok Notes, a new photo-sharing app inspired by Instagram.


[ad_2]
Source link

Critical Apache HugeGraph Flaw – Attackers Execute Remote Code

andreasc
-
0
Critical Apache HugeGraph Flaw – Attackers Execute Remote Code
[ad_1]

Security researchers have identified a critical vulnerability in Apache HugeGraph, an open-source graph database tool.

This flaw, if exploited, could allow attackers to execute arbitrary code remotely, posing a significant threat to systems using this software.

The vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) identifier, highlighting its severity and the need for immediate attention by users of Apache HugeGraph.

The specific details of the CVEs are given below.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin

This vulnerability, classified as a Remote Command Execution (RCE), poses a serious risk as it allows unauthorized remote execution of commands.

The issue is prevalent in environments running Java 8 and Java 11, making various installations vulnerable to potential attacks.

Recommended Actions:

  • Upgrade to Version 1.3.0: Users are urged to upgrade their Apache HugeGraph-Server installations to version 1.3.0.
  • This version addresses the RCE vulnerability and is optimized for Java 11, which offers improved performance and security features.
  • Enable Authentication System: Strengthening security configurations by enabling the authentication system is crucial.
  • This system helps verify and authenticate user access, providing an additional layer of security.
  • Implement Whitelist-IP/Port Function: To enhance the security of RESTful-API execution further, enabling the Whitelist-IP/port function is recommended.
  • This function restricts API access to only those IP addresses and ports that are explicitly allowed, significantly reducing the risk of malicious access.

CVE-2024-27349: Apache HugeGraph-Server: Bypass whitelist in Auth mode

This critical flaw affects all versions from the initial release 1.0.0 up to, but not including, the more secure 1.3.0 version.

The vulnerability allows attackers to bypass authentication mechanisms by spoofing legitimate user credentials, potentially leading to unauthorized access and control over the HugeGraph-Server.

Urgent Security Measures:

  • Immediate Upgrade Required: Users must promptly upgrade to Apache HugeGraph-Server version 1.3.0.
  • This version contains necessary fixes that address the authentication bypass vulnerability, closing the door on this particular method of system compromise.
  • Activate Whitelist-IP/Port: Enabling the Whitelist-IP/port function is strongly advised as an additional security precaution.
  • This security feature limits RESTful-API execution to trusted IP addresses and ports, providing a robust defense against unauthorized access.

CVE-2024-27347: Apache HugeGraph-Hubble: SSRF in Hubble connection page

This moderate severity issue allows attackers to send crafted requests from the server, potentially leading to unauthorized actions and information disclosure from internal systems that are otherwise inaccessible from the external network.

Recommended Remedial Actions:

  • Upgrade to Version 1.3.0: Users of Apache HugeGraph-Hubble must upgrade their systems to version 1.3.0 as soon as possible.
  • This updated version includes patches that effectively resolve the SSRF vulnerability, enhancing the server’s security against such exploitation techniques.

The discovery of this critical vulnerability in Apache HugeGraph underscores the importance of maintaining up-to-date software and implementing robust security measures. 

Organizations using HugeGraph should act swiftly to apply the provided updates and secure their systems against potential threats. 

Free Webinar: Mastering Web Application and API Protection/WAF ROI Analysis -  Book Your Spot


[ad_2]
Source link

Galaxy Tab S9, S9 FE, and A9 get April update in the US

andreasc
-
0
Galaxy Tab S9, S9 FE, and A9 get April update in the US
[ad_1]

Samsung‘s recent flagship and mid-range Android tablets are getting the April security update in the US. The new security patch is available for the Galaxy Tab S9 series, Galaxy Tab S9 FE series, and Galaxy Tab A9 series. The devices have already received the update in some international markets.

The April update is live for the Galaxy Tab S9, S9 FE, and A9 in the US

Samsung began its April 2024 SMR (Security Maintenance Release) rollout for Galaxy devices slowly but quickly picked up the pace. It is almost done updating all eligible smartphones launched in 2021 and later, including flagships and mid-rangers. The remaining few are also joining the party.

As spotted by SammyFans, the April security update is now available for the Galaxy Tab S9+, Galaxy Tab S9 FE, and Galaxy Tab A9+ in the US. More specifically, the update is rolling out to users on Verizon’s network. The new firmware build numbers are X818USQS2BXD2, X518USQS3BXD2, and X218USQS1BXD1, respectively.

It shouldn’t be long before Samsung covers all eligible units across the nation. As you can see on the official release notes provided by Verizon, the update is all about this month’s security fixes. The April SMR for Galaxy devices patches more than 40 vulnerabilities, including a critical Android OS flaw.

If you are using any of these Samsung tablets in the US or anywhere else and have yet to receive the latest security update, you should soon. Watch out for a notification in the coming days. You can also check for updates manually on your Galaxy device. Open the Settings app, go to the Software update menu, and tap Download and install.

All of these tablets will get the One UI 6.1 update

Samsung’s Galaxy Tab S9 series, Galaxy Tab S9 FE series, and Galaxy Tab A9 series debuted in the second half of 2023 with Android 13 on board. The company has already pushed Android 14 to all of them. The former lineup, which is a flagship offering, has also picked up One UI 6.1, the latest version of Samsung’s custom Android skin.

The One UI 6.1 update will also roll out to the other two lineups. They may not get the same set of AI features as the flagships but should pick up other changes. Samsung says it will begin a wider rollout of One UI 6.1 for eligible devices in May. It remains to be seen if the Galaxy Tab S9 FE and Galaxy Tab A9 series get it next month.


[ad_2]
Source link

Europol calls for Tech Giants to Get Lawful Access

andreasc
-
0
Europol calls for Tech Giants to Get Lawful Access
[ad_1]

The ongoing tension between privacy rights and public safety, Europol, along with European Police Chiefs, has issued a call for tech giants to provide lawful access to encrypted communications.

This development comes as major social media platforms, including those owned by Meta, begin to implement end-to-end encryption. This technology prevents anyone except the communicating users from accessing the messages.

The Challenge of End-to-End Encryption

End-to-end encryption ensures that digital conversations are private and secure from any third-party interception, including by the platforms themselves.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

However, this level of privacy raises significant concerns for law enforcement agencies:

  • Prevention of Crime: Encrypted platforms can become safe havens for illegal activities, including child exploitation, human trafficking, and terrorism.
  • Investigation and Prosecution: The inability to access message content can hinder the investigation and prosecution of crimes.
  • Evidence Gathering: Critical evidence necessary for legal processes may become inaccessible, potentially allowing criminals to evade justice.

Europol’s Call to Action

During an informal meeting of the Europol hosted by the UK’s National Crime Agency on April 18, a joint declaration was made, emphasizing the urgent need for a balanced approach to encryption that considers both privacy rights and public safety.

The meeting, which saw participation from police chiefs of all EU Member States and Schengen Associated Countries, highlighted several key points:

  • Public Safety: The primary concern is the potential increase in platforms used for harmful activities without the possibility of oversight or intervention.
  • Legal Access: This is the call for creating means through which law enforcement can legally access data, under strict conditions and oversight, to prevent or investigate serious crimes.
  • Cooperation with Tech Giants: There is a strong emphasis on collaboration between governments, law enforcement agencies, and technology companies to find solutions that balance privacy with security.

The Role of Europol and International Cooperation

Given its role in facilitating cross-border law enforcement cooperation within the EU and beyond, Europol’s involvement in this initiative is crucial.

The agency’s Executive Director, Catherine De Bolle, recently met with Graeme Biggar, Director of the UK National Crime Agency, to discuss ongoing cooperation post-Brexit.

These strategic exchanges are vital for maintaining and enhancing security across Europe.

This call for lawful access to encrypted communications will likely spark a heated debate about balancing individual privacy rights and collective security needs.

Tech companies, privacy advocates, and governments must engage in a nuanced dialogue to address these complex issues effectively.

As this situation develops, the global community will be watching closely to see how privacy and security can coexist in the digital age and what compromises, if any, are necessary to protect citizens while respecting their rights to private communication.

Free Webinar: Mastering Web Application and API Protection/WAF ROI Analysis -  Book Your Spot


[ad_2]
Source link

Roborock S8 MaxV Ultra: Solving Cleaning’s Biggest Problems

andreasc
-
0
Roborock S8 MaxV Ultra: Solving Cleaning’s Biggest Problems
[ad_1]

Roborock has taken the number one spot for robotic vacuum sales worldwide, according to Euromonitor, and has been releasing some rather incredible robot vacuums over the past few years, but at CES in January, the company had a few more tricks up its sleeves. The new Roborock S8 MaxV Ultra is a robot vacuum that eliminates a few more pain points and allows it to clean beyond limits.

See at Roborock

One of the big pain points for robot vacuums is their shape. Most robot vacuums are circular, which makes it almost impossible to get into the corners of rooms. However, the Roborock S8 MaxV Ultra has solved that issue. With the new FlexiArm Design Side Brush and the Extra Edge Mopping System, you’re getting 100% corner coverage, meaning the dirt in those corners doesn’t stand a chance. The Extra Edge Mopping System pops out from the side of the vacuum to make sure it gets the edge of the floors and those corners. It is effectively making the mop wider than the actual vacuum.

Pair the new Flexi-Arm side brush design with the powerful 10,000Pa suction, and you’ve got a robot vacuum that won’t miss any dirt, dust, or other debris in your home. That is about 25% stronger than the S8 Max Ultra and more than 50% as strong as most competitors.

roborock s8 maxv ultra features

The new RockDock Ultra makes cleaning more automated

Roborock has reinvented the robot vacuum auto-empty dock. The new RockDock Ultra doesn’t just empty the dustbin when it’s docked; it also refills the water reservoir, uses hot water to clean the mop, warm air drying, and an auto detergent dispenser. It literally does everything.

With the S8 MaxV Ultra, Roborock really wanted to clear out any limits and pain points when cleaning your home. Now, you really only need to tend to it when the dustbag in the dock gets full. Thanks to the PreciSense LiDAR Navigation and Reactive AI 2.0 Obstacle Recognition, the S8 MaxV Ultra is also able to map out your home and avoid obstacles.

Roborock has by far the best obstacle avoidance system that I’ve ever used, and it continues to get better and better. With Reactive AI 2.0 Obstacle Recognition, the vacuum uses a 3D structured light and an RGB camera to identify obstacles that it might come across. Whether that’s a cable, a scale, shoes, dog toys, or even dog waste, it will avoid them all. Meaning that you’ll never really need to “rescue” the vacuum.

PreciSense LiDAR Navigation can also scan and simultaneously create detailed maps to help it determine the most efficient cleaning route. The S8 MaxV Ultra uses DirTect Technology, which recognizes how dirty your floors are and increases suction power for dirtier or high-traffic areas.

Roborock’s VibraRise 3.0 Mopping System is able to get rid of the most stubborn messes. This mopping system has high-speed scrubbing of 4,000 times per minute. VibraRise 3.0 will also lift the mopping pad up when it detects carpet, so your carpet is not getting mopped. This makes it so much easier to mop and vacuum your home, as you don’t need to remove the mopping pad.

That said, Roborock is really removing all limits to cleaning your home. The only real input that you need to give to the S8 MaxV Ultra is when to actually clean your home. Of course, with the Roborock app, you can set up a schedule or even use your favorite virtual assistant to start cleaning your home since Roborock works with Amazon Alexa, Apple’s Siri, and Google Assistant. Cleaning your home has never been this simple.

Roborock’s S8 MaxV Ultra goes on sale through its website and Amazon on April 22 and costs $1,799. Roborock is going to offer a trade-in program where you can get up to $900 cashback when you trade in your Roborock Vacuum. And when you buy one S8 MaxV Ultra, you get one Roborock Flexi Lite free. Finally, Roborock is giving every S8 MaxV Ultra buyer a 5-year warranty, giving everyone peace of mind when purchasing an S8 MaxV Ultra robot vacuum.

See at Amazon


[ad_2]
Source link
1...148149150...1,452Page 149 of 1,452