Billionaire Elon Musk has been on a crusade against bots on X. Because of this, we got the news that he was thinking of charging a small fee to use the platform. Well, it appears that he’s no longer just thinking about it. According to a new report, new users may have to pay a fee to post or otherwise interact on X. This comes shortly after the news that X was taking away the ability to hide verification checkmarks.
This is something that Elon Musk has been floating for a bit, but never really pulled the trigger on. Ever since before he bought the platform, which was then called Twitter, he has been working to eliminate all of the bots on the platform. So, that’s remained one of his missions ever since the $44 billion check cleared.
New users on X may have to pay a fee to post
Right now, you most likely don’t have to worry about paying the fee to make new posts. Elon Musk is only testing this new fee for the time being. He’s testing this fee in New Zealand and the Philippines. Users in those New Zealand have reportedly been prompted to pay $1.75, which is around $1 USD.
The company isn’t charging them per post, and it’s not arbitrarily charging users who’ve had their accounts for a while. Elon Musk is only imposing this fee on new accounts that are less than three months old. When a person makes an account, in order to start posting, commenting, or even liking posts, they will have to pay the $1 entry fee. This is something that Elon Musk feels will deter bots from coming onto the platform.
At this point, we have no idea if that’s going to work. There are some bots that already pay to use the platform, so this shouldn’t be much of an issue for them. Also, we have to remember that this could also deter new legitimate users from wanting to use X.
There are very specific times when people will pay social media apps. One would be a subscription service to gain extra functionality. However, why pay a fee to use basic functions for a social media platform that has historically been free to use?
We are just going to have to see how this whole situation plays out. This will, undoubtedly, lead to a lot more backlash for Elon Musk.
WhatsApp is always evolving to improve the way we connect with others, and its latest update is focused on enhancing organization and search within your chats. Following the recent update that gave us the ability to pin messages, Mark Zuckerberg has announced another exciting feature – dedicated chat filters.
These filters are designed to make it faster and easier to locate specific conversations within your chat history, especially when you have many of them going on. Currently, the below two filters are available:
Unread: Perfect for catching up on messages you might have missed. It displays all your individual chats that contain unread messages, helping you prioritize your responses and clear those notification badges.
Groups: Perfect for finding that important group conversation. With a single tap, you can see all your group chats in one place, allowing you to quickly access discussions with family, friends, colleagues, or any other group you’re a part of. This includes subgroups within Communities, ensuring you have a central location for all your group conversations.
Previously, searching for unread chats involved using the search bar and filtering by message status. This process, while functional, required additional steps. The new dedicated “Unread” filter eliminates these extra steps, placing readily accessible filter options at the forefront of the chat list. This is a significant improvement for users who frequently juggle numerous individual chats and want a quicker way to identify conversations that require their attention.
The “Groups” filter addresses another long-standing pain point for WhatsApp users. For those who participate in a significant number of group chats, navigating through the chat list to find specific groups could be time-consuming and cumbersome. The ability to filter group chats has been a particularly popular request from users, according to WaBetaInfo who first reported on this announcement.
If you are ready to try out this feature, make sure you have the most up-to-date version of WhatsApp installed on your Android or iOS device, which you can grab directly from the App Store or Google Play Store. These filters mark a positive step in response to longstanding user feedback, so seeing them finally implemented is a welcomed treat.
TA558, a financially motivated threat actor identified in 2018, is targeting several countries but with utmost priority in Latin America.
Over 320 attacks have been observed from this particular threat actor, which involve using various tools and malware and compromising legitimate FTP servers and SMTP Servers.
Among the 320 attacks, 45 of them were targeted on Mexico, 38 over Colombia and 26 over Chile.
The sectors of interest seem to be the Industrial sector (22%), Service sector (16%), and Public sector (16%).
In addition, the threat actor has also been using Steganography techniques with images and text files.
TA558 Hackers Compromised 320+ Organizations
The threat actor used the compromised SMTP servers to send phishing emails to victims and also utilized the same SMTP servers for C2 infrastructure.
Phishing email (Source: Positive Technologies)
Some of the SMTP servers used by this threat actor were found to have public directories that contained Malware logs of Stolen data.
DocumentStop Advanced Phishing Attack With AI
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by
other email security solutions. .
The log files contained combined logs of credentials from well-known browsers, email accounts, and remote access credentials.
Moreover, these credentials belonged to regular users, public institutions, and various businesses.
In the initial phases of the investigation, researchers discovered an XLAM file in a phishing email from a compromised SMTP server.
When the attachment is opened with Excel, an EXE file named “packedtpodododod.exe” was downloaded from a C2 URL using the Excel macros.
File opened and a GET request is sent (Source: Positive Technologies)
In addition, an RTF file was identified on the same C2 server alongside another EXE file, which is the exploit file for CVE-2017-11882.
When the final EXE file is downloaded and run, the final payload of the relevant malware, say AgentTesla, then uploads exfiltrated data to the C2 via FTP.
VB script file (Source: Positive Technologies)
Further analysis revealed that the threat actor was using multiple malware families such as AgentTesla, Remcos, XWorm, LokiBot, Guloader, Formbook and SnakeKeylogger.
Attack Scenarios
Two attack scenarios were identified by the threat actor. One involves using an Excel document and steganography, and the other involves a Microsoft Word document.
Among these attack scenarios, the attack using an Excel document was the main scenario, which starts with a phishing email sent to the victim from the compromised SMTP server containing a malicious file “Cerere de cotatie.xla”.
When this file is opened, two requests are made to the C2 server for downloading a DOC and an RTF.
Once the RTF file is downloaded, another VBS file is downloaded from a paste[.]ee server.
File from past[.]ee server (Source: Positive Technologies)
Following this, the VBS file proceeds to download and decode two image files that contain a base64 encoded malicious string that points to the next-stage payload.
The VBS file contains a PowerShell script to decode this base64 encoded string and proceeds to download the next-stage payload.
Image with encoded string (Source: Positive Technologies)
Finally, the AgentTesla malware runs on the system which checks the execution environment.
Further, it also checks if the victim’s IP address is real. If these checks are successful, the malware proceeds to steal data from browsers, email clients, and remote access services and uploads it to the C2 server using FTP.
However, the second attack variant involving a Microsoft Word document has a similar methodology, but it does not use steganography techniques using images.
Instead, it directly downloads the AgentTesla malware using the RTF document.
Other variants of the attacks using Remcos, LokiBot, FormBook, Guloader, Snake Keylogger, and XWorm also use the first attack scenario for downloading and executing the malware on the victim system.
Nevertheless, the C2 and download servers differ for every malware and attack variant.
On further investigation, the FTP servers used by the threat actors belonged to legitimate websites that were also compromised for using them as C2 servers for data exfiltration.
There were also several legitimate companies with thousands of followers on social media.
Compromised website for C2 FTP (Source: Positive Technologies)
Furthermore, the indicators of compromise can be viewed on the research blog published by Positive Technologies.
Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.
Google’s experimental generative AI search feature within Google Maps seems to be reaching more users. Announced in February, this tool aims to change how people find interesting places by providing personalized recommendations based on a vast database of information. However, early reviews suggest that the feature may still need some polishing.
According to Google, generative AI leverages large language models (LLMs) to understand natural language queries and analyze Google Maps’ massive repository of businesses, photos, reviews, and ratings contributed by the community. This, in theory, allows for tailored results far beyond the capabilities of standard keyword searches. For example, you could ask for “places with a vintage vibe in San Francisco” or “steakhouses for dinner in Monterey,” the results will include follow-up questions and even consider factors like weather.
However, based on early reviews, this is far from the truth. The initial rollout has drawn mixed reactions. Artem Russakovskii, founder of Android Police, expressed disappointment, citing failure to perform simple tasks like planning for a day. Others have also echoed this sentiment on social media, noting that the AI component doesn’t seem fundamentally better than traditional Google Maps or general Google searches. Concerns about AI generating inaccurate or non-existent places have also surfaced.
Speed appears to be a notable weakness, with users like Johanna Romero of Phone Arena reporting slow processing times for recommendations. Some users find the generative AI search results to be limited, potentially missing out on well-reviewed spots compared to a standard Google Maps search.
The potential and Google’s stance
The promise of personalized discovery powered by AI remains exciting. However, given its experimental nature, it is bound to have some of the issues users are experiencing. As more users gain access, their feedback will be crucial to refining its capabilities.
If you’re curious about the future of search within Google Maps, this generative AI experiment is worth exploring. Keep in mind that the feature might be inconsistent in its current form. By providing feedback, you can contribute to shaping the way people discover new places through Google Maps. But before jumping into generative AI search on Google Maps, take note of the following:
Generative AI: This technology can creatively generate text and answers, but results may occasionally be inaccurate or misleading.
Experimental feature: Google is transparent about this being under development. Patience and providing constructive feedback will be key for users who want to see it improve.
Traditional Google Maps: For reliable navigation and well-established search tools, you can always rely on Google Maps’ standard features.
Google Demand Gen will now include Generative AI tools for “creative and visual storytelling”. The tool currently includes the ability to generate images from existing images and text prompts.
Demand Gen platform gets Gen AI tools for image creation
Google introduced Demand Gen last year. It includes a broad spectrum of tools for advertisers. This platform simplifies and accelerates the creation of promotional messages. In other words, Demand Gen helps advertisers create visual stories that can be posted on YouTube, YouTube Shorts, Discover, and Gmail.
Needless to add, Google has some of the most immersive and entertainment-focused touchpoints. Hence, advertisers have highly promising platforms where they must catch user attention and retain the same for the longest possible time.
With Demand Gen getting the power of Gen AI, advertisers get an even more enhanced set of tools. Using these tools, brands can, “tell a compelling and engaging story in a fast-paced, non-linear digital landscape,” Google has indicated in a blog post announcing the feature inclusion.
The Gen AI tools within Demand Gen have Google AI powering them. Similar to Mid-Journey and countless other Gen AI tools, Demand Gen users gain the power of creating and editing high-quality and high-resolution image assets with a few text prompts.
Google is also allowing advertisers to insert their existing images to generate multiple options with an easy-to-use “Generate more like this” feature.
How to use Gen AI tools in Demand Gen?
Gen AI relies heavily on text prompts. Modern tools allow users to be exceptionally specific with their requests. Combined with the power of Google Analytics and other benchmarking tools, Demand Gen users can quickly churn out ad campaigns with highly searched keywords.
Generative AI tools allow users to quickly modify an existing image or create an entirely new one from scratch, in a matter of seconds. However, Google is well aware that its Google AI platform can be only as good as the content that it gets.
Hence, Google is urging Demand Gen users to adopt a “test-and-learn strategy” as they “fine-tune creatives” for their audiences and campaign goals. The search giant has categorically requested users to feed the Gen AI with “high-quality and relevant visuals”.
Ready to drive new demand with stand-out creatives? Our Creative Excellence Guide for Demand Gen Campaigns covers how you can optimize visual storytelling across our immersive surfaces → https://t.co/f5i5bdySZvpic.twitter.com/qS0M34Akum
Google has multiple safeguards that strictly follow its Ads Policies. Moreover, Google AI has “additional technical measures to ensure generative image tools in Google Ads produce novel and unique content,” Google assures.
Google has integrated the Gen AI tool directly within Google Ads campaign creator. Users can start creating their ad campaigns either by adding their images or entering specific text prompts to generate desired visuals.
Simply put, Google has made it easier for Demand Gen users to use Google AI and create captivating visuals without leaving the Google Ads platform. The company has clarified that its engine would never create two identical images. Moreover, all images that its Gen AI tool creates will have open-standard markup or digital watermarks, Google has assured.
Spotify’s AI DJ raised the bar for music streaming, and now Amazon Music is throwing its hat into the ring with Maestro. This new AI-powered playlist feature is currently rolling out in beta to select Amazon Music users in the US on iOS and Android.
If you’re part of the rollout, you’ll spot Maestro either on your home screen after updating the app, or by hitting the plus button to create a new playlist. However, where things get interesting is how you create them. Maestro uses natural language, meaning you don’t need technical terms to build your playlists.With Maestro, everything starts with a simple prompt telling it what you want to hear. Want a playlist bursting with energy? Type “songs to get me pumped!” or maybe “upbeat summer jams”. Maestro even understands emojis, in case you’re struggling to find the words to best describe your mood.
Image Credit: Amazon
However, Amazon is clear: this is a beta feature. Maestro, like any new AI tool, will probably have some hits and misses as it learns what you like. They’ve even built-in safeguards to try to block offensive language or prompts that are just too inappropriate.
As a brand-new feature, Maestro is currently accessible to a limited number of Amazon Music users across Free, Prime, and Unlimited tiers. If you’re in the beta, you’ll see the option front-and-center in the app. While Unlimited subscribers can instantly listen to and save their generated playlists, Prime and free-tier users get 30-second previews to help them decide if the playlist is a good fit.
The battle for your ears is getting interesting. Spotify jumped ahead with its AI DJ, but Amazon’s Maestro signals that the competition isn’t far behind. Soon, generating playlists based on moods, vibes, or even bizarrely specific requests might become the standard way we listen to music.
A new exploit campaign has emerged, targeting organizations that utilize Fortinet’s FortiClient EMS.
Dubbed “Connect:fun” by Forescout Research – Vedere Labs, this campaign leverages a critical vulnerability identified as CVE-2023-48788.
The campaign has been active since at least 2022 and has recently been observed exploiting the security management solution with increased vigor.
The Vulnerability: CVE-2023-48788
CVE-2023-48788 is an SQL injection vulnerability found within Fortinet’s FortiClient EMS. SQL injection is a type of attack that allows an adversary to interfere with an application’s database queries.
It can be used to view data that the attacker cannot normally retrieve, such as user information, or to manipulate database information.
Fortinet published an advisory about this vulnerability on March 12, 2024, and the proof of concept (PoC) for the exploit was made publicly available on March 21, 2024.
This disclosure seemingly acted as a catalyst for increased exploitation attempts by threat actors.
DocumentStop Advanced Phishing Attack With AI
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by
other email security solutions. .
The Connect:fun campaign is particularly notable for its use of ScreenConnect and Powerfun as post-exploitation tools, marking it as Vedere Labs’ first-ever named campaign.
The incident that brought this campaign to light involved a media company whose FortiClient EMS was vulnerable and exposed to the internet.
The attack was not an isolated event. Scanning activity from the IP address 185[.]56[.]83[.]82 was observed targeting FortiClient EMS across various customer networks.
This activity began on March 21 and persisted through several days, indicating a concerted effort by the attackers to exploit the vulnerability across multiple potential victims.
The exploitation of CVE-2023-48788 poses a significant threat to organizations, as it can lead to unauthorized access and control over the FortiClient EMS.
This control can result in further malicious activities, including data theft, lateral movement within the network, and potentially a full-scale breach of the organization’s cyber defenses.
Mitigation and Defense Strategies
In response to the Connect:fun campaign, organizations are urged to take immediate action to protect their networks:
Apply the Patch: Fortinet has released a patch to address CVE-2023-48788. Organizations should apply this patch without delay to close the vulnerability.
Monitor Traffic: It is crucial to monitor the traffic reaching FortiClient EMS for signs of exploitation. An intrusion detection system (IDS) can be instrumental in identifying and responding to malicious activities.
Web Application Firewall (WAF): Deploying a WAF can help block potentially malicious requests and provide an additional layer of security.
Leverage IoCs and TTPs: Indicators of Compromise (IoCs) and Tactics, Techniques, and Procedures (TTPs) shared by cybersecurity researchers can be used to detect and prevent attacks.
Organizations using Fortinet’s FortiClient EMS must take proactive measures to secure their systems against this and other similar threats.
Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.
Cloud infrastructure is the backbone of modern technology, and its security hinges on the tools developers use to manage it. However, a recently discovered vulnerability dubbed “LeakyCLI” exposes a critical weakness in these tools, potentially granting unauthorized access to sensitive cloud credentials.
This vulnerability affects the command-line interfaces (CLIs) used by major cloud providers like Amazon Web Services (AWS) and Google Cloud Platform (GCP). Security researchers at Orca Security identified LeakyCLI, which can inadvertently expose environment variables containing sensitive information like passwords and access keys within logs.
The Flaw and the Risk
CLIs are typically designed for use in secure environments. However, the integration with Continuous Integration and Continuous Deployment (CI/CD) pipelines, which automate development processes, introduces a security risk. LeakyCLI bypasses secret labelling mechanisms within CI/CD pipelines, potentially printing sensitive credentials to logs that shouldn’t contain them.
“CLI commands are by default assumed to be running in a secure environment,” explains an Orca advisory. “But coupled with CI/CD pipelines, they may pose a security threat.” This vulnerability creates a prime target for attackers employing social engineering tactics.
Deja Vu: Echoes of the XZ Utils Attack
In some way, the LeakyCLI vulnerability resembles a recent incident involving the open-source project XZ Utils, a popular data compression tool. In that case, a malicious actor gained the maintainer’s trust through flattery, claims of expertise, and ultimately, malicious code insertion. LeakyCLI exposes credentials, making them even more valuable to attackers who might also leverage social engineering to compromise projects.
Securing the Cloud: Recommendations for Developers
Security researchers recommend several measures to mitigate the risks associated with LeakyCLI:
Eliminate Secrets in Environment Variables: Instead of storing sensitive information like passwords and keys in environment variables, leverage dedicated secrets management services offered by cloud providers like AWS Secrets Manager or Google Cloud Key Management Service.
Multi-Factor Authentication (MFA): Enforce strong authentication protocols like MFA for all users accessing cloud resources and project repositories.
Granular Access Control: Grant users only the level of access required for their specific tasks within projects.
Code Reviews: Implement rigorous code review processes to identify and remove any vulnerabilities that might be introduced accidentally or maliciously.
Community Vigilance: Foster a strong and vigilant development community to identify suspicious activity and report potential threats promptly.
While both AWS and Google Cloud Platformwere notified of LeakyCLI, they maintain that the current behaviour falls within the expected design parameters. However, the security community is urging cloud providers to consider implementing additional protection within their CLIs to prevent sensitive information from leaking into logs, especially within automated CI/CD workflows.
The LeakyCLI vulnerability goes on to show how cloud security can be at risk. Therefore, developers and cloud providers alike must work together to implement robust security measures and remain vigilant against these ever-sophisticated threats.
Starting today, WhatsApp is rolling out chat filters which will keep all your messages organized. The new feature will be available from next week and will cater to users who tend to leave unread messages as it is. Worth noting that last month a new feature was rolled out for WhatsApp users which lets pinning multiple messages per chat.
Despite being among one of the best end-to-end encrypted Android messaging apps, WhatsApp never had a permanent solution for unread messages. Although you can see the badge count on the app’s icon, you still need to search within the app to spot such messages. But, with chat filters rolling out, WhatsApp users can take a sigh of relief.
WhatsApp’s new chat filters will help you keep up with all your unread messages
WhatsApp’s new chat filters will let users quickly go through all the unread messages. Now you don’t have to scroll through the extensive chat list to spot unread messages. The new update will let you choose from three different filters visible at the top of the chat list.
Talking of the new WhatsApp chat filters, there’s the “All” filter which will display the all-messages view that you usually see when you enter the app. Secondly, there is the “Unread” filter that will only show chats with unread messages. Notably, this will also feature all those messages that you marked as “unread.” The filter will make it easier for you to reply to all the WhatsApp messages that you haven’t replied to.
Lastly, you will see the “Groups” filter which will display both read and unread messages from all your group chats. It will make spotting your favorite group easy without looking out for them in the chat list. Not to forget, you’ll also see subgroups of Communities. Not to forget, the Groups chat filters will help WhatsApp users spot low-activity groups that often get hidden very down in the chat list.
Undoubtedly, the new filters will be handy for users who often miss reading chats and forget to reply. With new updates coming around, it is clear that Meta is more focused on elevating user experience in WhatsApp. In February, the company added a handy feature that lets Android users search WhatsApp messages by date. More recently, Meta has been also testing status update notifications in WhatsApp.
Most people use Marshall’s amplifiers, but the company makes more than those products. In fact, the company has a pretty popular line of high-quality headphones under its Major series. Marshall’s previous Major IV headphones were a great option for audio files, and the company has just one-upped itself. Marshall just launched its new Major V over-the-ear headphones along with its Minor IV earbuds.
The Marshall Major V headphones promise very great battery life
These are truly audiophile-level headphones. They aren’t designed to look sleek and slim, as they are very robust. The outer casing of these headphones resembles the casing of the company’s amplifiers. It’s a deeply textured material that both looks and feels high quality. They don’t only look robust, but they are also built very sturdily. They have a rugged design, and they’re also foldable so that you can pack them away whenever you need to travel.
This should come as no surprise, but these headphones are designed to give you high-quality audio. Marshall has a long lineage of quality audio equipment, and that is reflected and its wearable audio devices. These headphones have high-quality custom-tuned dynamic drivers that reduce noise and prioritize clarity. So, you’ll be able to hear your music much better.
One of the selling points of these headphones is the incredible battery life. Most over-the-ear headphones cap out at between 40 hours per charge and 65 hours per charge. However, Marshall is boasting over 100 hours of listening time on a single charge! That’s an incredible feat, and definitely a great reason to pick up these headphones. Obviously, battery life varies depending on usage. So, users may get above 100 hours while other users make it below that mark. They will be among the best Bluetooth headphones you can buy.
The Marshall Major V are available for pre-order today, and they will start shipping on April 23rd. They cost £129 (about $160 USD or $250 AU).
Marshall also announced the Marshall Minor IV
The company also took the wraps off of the Minor IV earbuds. This is a set of quality TWS earbuds. The Marshall Minor IV share the same aesthetic as the Major V, as the carrying case has the same textured material. With these, you can still expect a commendable 30+ hours of battery life with the charging case included. They’ve been improved since the previous iteration with a better fit and better internals.
Adding to that, these earbuds are water and dust-resistant. So, if you get caught out in the rain or have an extra long and sweaty workout session, your earbuds will be just fine.
Pre-orders for these earbuds also start today with shipping starting on April 23rd. These earbuds cost £119 (about $148 USD or $231 AU).
