LightSpy Hackers Indian Apple Device Users to Steal Data

andreasc
-
0
LightSpy Hackers Indian Apple Device Users to Steal Data
[ad_1]

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple device users.

This sophisticated mobile spyware, suspected to have origins in China, is being used for espionage, targeting a select group of individuals, including journalists, activists, politicians, and diplomats across Southern Asia.

The implications of such targeted attacks are vast, raising alarms about potential geopolitical motives behind the campaign.

Technical Details of the Attack:

Infection Vector: The initial infection is believed to have occurred through compromised news websites featuring content related to Hong Kong.

Visitors to these sites unknowingly download the malware, initiating the infection process.

Weaponization: Upon infection, a first-stage implant gathers device information and facilitates the download of further stages, including the core LightSpy implant and various plugins.

Document
Stop Advanced Phishing Attack With AI

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

These plugins are designed for specific spying functions, enhancing the malware’s ability to gather sensitive data from the infected device.

Hashes (md5, sha-256):

  • 4b973335755bd8d48f34081b6d1bea9ed18ac1f68879d4b0a9211bbab8fa5ff4
  • 2178d673779605ffb9cf7f2fa3ec8e97

File Information:

  • File Name: None
  • File Size: 430816 bytes
  • File Type/Signature: Mach-O64
Loader’s signature.
Loader’s signature.

Blackberry’s recent blog post highlights the resurgence of the espionage campaign, LightSpy.

This campaign is targeting Southern Asia, with a possible focus on India.

Execution Chain

The execution begins with a Loader, which loads the encrypted and decrypted LightSpy kernel.

This kernel acts as a complex espionage framework, capable of supporting various plugins for extended functionality.

These plugins are securely retrieved from the attacker’s server, decrypted, and executed within the system.

Hashes (md5, sha-256):

  • 0f66a4daba647486d2c9d838592cba298df2dbf38f2008b6571af8a562bc306c
  • 59ac7dd41dca19a25a78a242e93a7ded

File Information:

  • File Name: C40F0D27
  • File Size: 1252656 bytes
  • File Type/Signature: Mach-O64
LightSpy's sound recording plugin.
LightSpy’s sound recording plugin.

The F_Warehouse framework underpins LightSpy and offers many capabilities, including file exfiltration, audio recording, network surveillance, user activity tracking, application inventory, image capture, access to credentials, and device enumeration.

LightSpy Capabilities

One of LightSpy’s more invasive features is its ability to covertly record audio through the device’s microphone, capturing private conversations and surrounding sounds.

LightSpy meticulously tracks the browsing history of both Safari and Google Chrome, providing attackers with detailed insights into the victim’s online activities.

LightSpy's browsing information plugin.
LightSpy’s browsing information plugin.

The malware explicitly targets data from popular messaging applications like Telegram, QQ, and WeChat, aiming to intercept private communications and gather sensitive information.

Code working with Telegram’s data.

Shell Command Execution

Beyond data exfiltration, LightSpy can execute shell commands received from the attacker’s server, potentially allowing complete control over the compromised device.

The presence of comments in Chinese within the plugin code suggests that the developers behind LightSpy are native Chinese speakers, hinting at the involvement of state-sponsored actors.

Code’s comments in Chinese language.
Code’s comments in Chinese language.

LightSpy communicates with a server at hxxps://103.27[.]109[.]217:52202, which hosts an administrator panel accessible on port 3458.

LightSpy's admin panel.
LightSpy’s admin panel.

The return of LightSpy, maintained by the “F_Warehouse” framework, marks a significant escalation in mobile espionage threats.

The expanded capabilities of this malware pose a severe risk to individuals and organizations in Southern Asia.

The evidence pointing towards Chinese-speaking developers specifically targeting individuals potentially involved in sensitive activities underscores the need for increased vigilance and robust security measures.

Understanding the tactics and techniques employed by LightSpy is crucial in mitigating its impact and protecting sensitive information.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.


[ad_2]
Source link

Huawei rebranded its flagship lineup after 12 years

andreasc
-
0
Huawei rebranded its flagship lineup after 12 years
[ad_1]

Huawei has decided to rebrand its flagship smartphone lineup after 12 years. We’re talking about the ‘Huawei P’ lineup. We were expecting the Huawei P70 devices to arrive in the near future, but that won’t be the case. Well, they’ll arrive, but under a different name.

Huawei has decided to rebrand its flagship smartphone lineup after 12 years

Huawei has decided to rename the ‘Huawei P’ series into the ‘Huawei Pura’ smartphone lineup. This name signifies “purity and beauty” in Spanish, and it’s pronounced “piurua”. This is a huge change for the company following a 12-year stint with the ‘Huawei P’ series devices.

Do note that Huawei did not officially confirm the names of its upcoming flagships, but Digital Chat Station did. He’s one of the most reliable tipsters out of China.

Four Huawei Pura 70 series smartphones are on their way

According to one of the best-known tipsters in the business, four devices are coming. Huawei will release the Huawei Pura 70, Pura 70 Pro, Pura 70 Pro+, and Pura 70 Ultra. The ‘Ultra’ model will be a successor to the Huawei P60 Art that launched last year.

The Huawei Pura 70 Ultra will likely have the same specs as the Pura 70 Pro+, but it will include a different design. The Huawei Pura 70 Pro and Pura 70 Pro+ will differ in both battery life and photography departments.

The phones are right around the corner, but we still don’t have the launch date

You’re probably wondering when will these devices arrive. Well, we’re still not sure, as reports have been circulating regarding Huawei’s plans to postpone the launch event. This rebrand could have something to do with it.

The Huawei P70 series was rumored to arrive in April. We’re in the middle of April at the moment, and that didn’t happen. Huawei did announce some products a couple of days ago in China, including its very compelling new ultrabook.

The Huawei Pura 70 series could arrive later this month, though chances are Huawei will make the phones official next month, or even a bit later than that.


[ad_2]
Source link

Epic vs Apple continues: The iPhone maker denies violating App Store court order

andreasc
-
0
Epic vs Apple continues: The iPhone maker denies violating App Store court order
[ad_1]

The clash between Epic Games, the maker of Fortnite, and Apple appears to persist, despite the Supreme Court’s decision to not hear appeals from either side.

However, just last month, the Epic vs Apple saga continued as Epic filed a motion asking the court to hold Apple in contempt. The Fortnite creator claimed that Apple had not adequately followed a court order to permit developers to link to external payment platforms, known as Apple’s anti-steering rules.

Apple rejects claims of a violation


Reuters reports that the iPhone maker has denied breaching the court order regarding its App Store and has urged a federal judge in California to dismiss a request by Epic Games to hold it in contempt.Apple presented its arguments in a filing to US District Judge Yvonne Gonzalez Rogers in Oakland, who oversaw Epic’s lawsuit in 2020. The lawsuit accused Apple of breaching antitrust laws due to its stringent controls on how consumers download apps and make payments within them.

In its filing, Apple criticized what it described as an attempt by Epic to make Apple’s “tools and technologies available to developers for free.” It stated that Epic aimed for the court to “micromanage Apple’s business operations in a way that would increase Epic’s profitability.”

Apple further stated:
 

Epic’s motion is its latest attempt to gain access to the iOS platform and user base for free… Epic does not even suggest an alternative amount that Apple should be allowed to charge developers for use of and access to its tools and technologies.


Apple already told the court it did what was asked back in January, letting developers apply for an entitlement to add a link to their own website. But Epic thought this was just a “sham” because Apple still wanted to stop developers from seeking alternatives to the App Store with its rules.

Last month, Elon Musk’s X, Meta, Microsoft, and Tinder’s owner Match Group echoed Epic’s arguments, informing Rogers that Apple was in “clear violation” of the court’s order. In a related case against Alphabet’s Google, brought by Epic, a judge in San Francisco is anticipated to issue a separate injunction affecting the Google Play Store later this year.


[ad_2]
Source link

This Startup Aims To Simplify End-to-End Cybersecurity, So Anyone Can Do It – GBHackers on Security

andreasc
-
0
This Startup Aims To Simplify End-to-End Cybersecurity, So Anyone Can Do It – GBHackers on Security
[ad_1]

The Web3 movement is going from strength to strength with every day that passes. Slowly but surely, it’s building a new iteration of the internet that promises to give power back to the people through the concept of decentralization and data ownership. Yet for all of its promises, Web3 has become an incredibly dangerous place to navigate, with the industry ceaselessly being targeted by cybercriminals, hackers and fraudsters. 

The never-ending stream of Web3 security scandals hitting the headlines in the past couple of years has eroded much of the trust in the industry. In 2023, Web3 cyberattacks cost organizations and users more than $1.7 billion, according to a recent report by Chainalysis. The analysis highlighted 751 incidents involving Web3 projects that year, with the average cost of those incidents coming to $2.45 million. However, some of the attacks were far worse than others, with the top ten most damaging incidents accounting for $1.11 billion of the total losses. 

Web3 attacks come from multiple sources, with the 47 private key compromises identified being the most damaging, responsible for $880.9 million of the losses. Exit scams, phishing attacks and code vulnerabilities accounted for the rest of the industry’s losses. 

Cybersecurity Has A Complexity Problem

If Web3 is to live up to its billing as the future of the internet, it’s going to need to win over the public’s trust, and the only way to do that is by countering the aforementioned threats. But one of the main challenges is that the cybersecurity industry is awash with thousands of different products and services, causing considerable confusion for companies as they struggle to determine which blend of products they should rely on. 

With so many application monitoring services, observability tools, identity and access management solutions and firewall products around, companies have added numerous cybersecurity products to their arsenal, to the point where they’ve lost control. Their security is dependent on a mishmash of siloed tools that have no way to correlate with one another, leaving their defenses littered with holes. Although there’s a natural tendency to think that adding more defenses equates to stronger security, Web3 project leaders might do well to consider a more refined approach. 

Simplifying Cybersecurity For The Web3 Era 

Enter Resonance Security. This startup has created a powerful, full-spectrum cybersecurity platform that aggregates numerous tools and cybersecurity solutions, and combines them with automated security risk analysis to identify the most pressing vulnerabilities. Once that’s done, it then uses AI to suggest the best way to plug those gaps. By leveraging an AI concierge, Resonance can guide even novices through the necessary steps required to implement effective security. 

Resonance is led by its founder and chief executive officer Charles Dray, an entrepreneur who was among the first to realize that Web3 security can only be achieved by marrying it with traditional Web2-based cybersecurity solutions and techniques. 

Dray began his career in the traditional financial industry, where he spent time shoring up the defenses of major banks such as Citi, JPMorgan Chase and SMBC, only to pivot to the blockchain industry when he came to recognize the possibilities of decentralized finance and Web3. Having joined the Web3 security ecosystem, as one of the earliest Web3 security pioneers, he quickly recognized the urgent need for a more comprehensive solution. 

Resonance has spent the last couple of years building such a solution, and it’s ready for prime time with the debut of V1 of its platform, following a successful, year-long beta phase. The central element of Resonance V1 is its automated security risk analysis tool that provides each organization with an overall security score via a simple, easy-to-understand dashboard. This dashboard serves as the nerve center of the customer’s security efforts, and the security score helps to pinpoint the most urgent vulnerabilities and prevent cyberattacks effortlessly. One of the main advantages of this approach is it means Resonance can be used by any individual to test their project’s cyberdefenses, even if they have no background or experience in security at all. 

Identifying threats is the first order of business for Web3 security and Resonance provides the tools needed to do this extremely thoroughly. It’s a specialist in “offensive security”, with its engineers being among the best auditors in the business. Resonance provides blockchain and code audits that involve a detailed analysis of the underlying code used by Web3 platforms. In addition, its auditing services extend to smart contract code written in Cadence, Rust, Solidity and other common programming languages. These audits are crucial for any Web3 dApp to identify bugs and protect their users from vulnerabilities. 

Don’t Forget Web2!

With the code audits out of the way, Resonance goes further and conducts penetration testing on behalf of its customers, searching for vulnerabilities in the Web2 stack that hosts their dApps. This marriage of Web2 and Web3 security is essential, because every dApp still relies on legacy technology, yet this is often overlooked by the majority of Web3 products, Dray revealed. 

“It’s important to keep in mind that Web2 is the “foundation” of Web3, but many builders seem to forget this,” Dray told CPOMagazine. “But building Web3 on a weak foundation will inevitably spell trouble. It’s alarming, but many Web3 projects we have seen just get a smart contract audit and stop there, forgetting about the Web2 parts.”

Resonance’s penetration tests involve searching for bugs in the underlying infrastructure of both applications and browser extensions, as well as the cloud environments they’re hosted in. 

When it comes to shoring up defenses, Resonance is equally thorough, providing a suite of CI/CD and cloud security tools that can be integrated into application development processes, with support for cloud platforms such as AWS, Microsoft Azure and Google Cloud. Its website also lists vetted cybersecurity products from third-parties that can easily be implemented by any user, regardless of their technical skills. Through this approach, the company is amplifying cybersecurity to protect its customers against any kind of threat, even if it hasn’t built its own solution. 

Finally, Resonance complements these offerings with an extensive cybersecurity education program that allows its customers to expand their knowledge and awareness of the kinds of threats they need to deal with, as well as any new attack vectors that evolve over time. 

Resonance says its security stack is the only platform Web3 projects will ever need to bolster their security, automating the entire process so project developers can focus on building out their services. It all starts with the security scan, which is complemented by audits and pen tests to identify the biggest security holes. Then the AI concierge takes over, prioritizing the most urgent vulnerabilities and recommending ways to fix them. The education is really just the icing on the cake. 

Dray said his company’s primary goal is to make full-spectrum cybersecurity easy to implement through its patent-pending algorithm, which considers each customer’s technical level, budget, scope and timeframe, before creating a custom plan of action. 

“Projects often lack the guidance to determine what they need to do, due to the overwhelming number of cybersecurity products and services and a lack of time,” Dray said. “They usually give up and focus on marketing and growth. We make it possible to continue to focus on that while still protecting against cyberthreats.”

A Unique Proposition

Although it’s still a new player on the Web3 cybersecurity scene, Resonance has already made a big impact, building up a loyal customer base during its beta phase. This initial success stems from its realization of how Web2 security issues contribute to many of the threats that impact Web3 projects. 

“From the outset, Resonance demonstrated a deep understanding of the intricacies involved in securing Kado’s flows and technology stack,” said Kado.Money Chief Executive Emery Andrew. “Their team exhibited not only technical expertise but also a genuine commitment to addressing our unique security concerns.”  

As the adoption of blockchain and Web3 technology accelerates, there is a pressing need for a specialized cybersecurity platform to address the numerous risks and dangers in the industry. Resonance’s unique selling proposition lies in its comprehensive risk analysis, its automated guidance, its powerful offensive and proactive security offerings, and its willingness to embrace partnerships. 

By bundling these capabilities into a single, easy-to-use platform, Resonance seems set to play a leading role in securing the next version of the internet.


[ad_2]
Source link

A week in security (April 8 – April 14)

andreasc
-
0
A week in security (April 8 – April 14)
[ad_1]
change social security number

April 12, 2024 – Wondering whether changing your SSN is an option. Read here what you need to qualify for a new SSN and what you need to get one.

mercenary spyware alert

April 11, 2024 – Apple has sent alerts to people in 92 nations to say it’s detected that they may have been a victim of a mercenary attack.

A 13-year-old girl is using her smartphone in the dark room. The content she is browsing projects in front of her.

April 10, 2024 – Don’t wait for an online harassment campaign to unfairly target you or a loved one. Take these proactive steps today to stay safe.

Introducing the Digital Footprint Portal

April 10, 2024 – Find out what sensitive data of yours is exposed online today with our new, free Digital Footprint Portal.

Black mask on white background.

April 9, 2024 – A man has pleaded guilty to assuming someone else’s identity for 35 years.


[ad_2]
Source link

Xiaomi 14T series specs leaked

andreasc
-
0
Xiaomi 14T series specs leaked
[ad_1]

Xiaomi is working on the new Xiaomi 14T series. The features of the smartphones have been leaked. You might be wondering what the next generation T series models will offer. Just like the previous 13T series, the 14T series will feature advanced camera hardware, a high-performance processor, and more. Now, as the Android Headlines team, we find some clues in the Xiaomi HyperOS source code.

Xiaomi 14T series specs

Xiaomi 14T series consists of 2 models: Xiaomi 14T and Xiaomi 14T Pro. Some details of the 14T Pro were revealed. The first one was that the device was a rebranded version of the Redmi K70 Ultra. The HyperOS code confirmed that both models have the same “rothko” codename. This suggests that the Redmi K70 Ultra and Xiaomi 14T Pro will be a smartphone with similar specifications.

Seems that the device will come with an “N12” internal model number. The Xiaomi 13T Pro had an “M12” model number. On the processor side, the Xiaomi 14T Pro will feature the Dimensity 9300 SOC. This will differentiate it from all its competitors. Dimensity 9300 will impress users with high power efficiency and extreme performance.

However, our findings show that the two models are not exactly the same. For one, the Redmi K70 Ultra doesn’t support wireless charging. Xiaomi will be adding wireless charging only to the Xiaomi 14T Pro. While this is a negative for users in China, people who will be using the global version of the device should have no worries. Xiaomi 14T Pro will support wireless charging.

We learned that the Chinese manufacturer won’t deal with Leica for the Redmi K70 Ultra in order to reduce costs. Because, while the Xiaomi 14T Pro will have a telephoto camera, the Redmi K70 Ultra will not. Xiaomi HyperOS source code shows that the Redmi K70 Ultra will come with a macro camera. We find that the telephoto camera will be used only on the Xiaomi 14T Pro. This also confirms that the Xiaomi 14T Pro will be powered by Leica.

We expect the Xiaomi 14T Pro to be sold in many countries. 3 different model numbers provide information about the regions where the smartphone will be sold. These model numbers are as follows: “2407FPN8EG“, “2407FPN8ER“, and “A402XM“. The first model number represents the 14T Pro that will be sold in the Global market. The other model numbers belong to the 14T Pro version that will be sold in Japan. Xiaomi will make a deal with Softbank for the 14T series, as it did for the 13T series. Unfortunately, the 14T Pro will not be sold in India.

Now let’s come to what is known about Xiaomi 14T. Xiaomi 14T’s codename will be “degas”. The codename “degas” is inspired by the name of the famous French artist Edgar Degas. Another thing we know about the Xiaomi 14T is that the phone appears in the HyperOS source code with the internal model number “N12A“.

We have spotted the Xiaomi 14T in the database with the model numbers “2406APNFAG“, and “XIG06“. This device will be officially available in the global market. Xiaomi tends to offer some smartphones in specific regions; for example, a model available in Europe may not be available in India, and vice versa. The Xiaomi 14T series is expected to be sold in many regions except India. It’s also worth mentioning this. The model number “XIG06” represents the Japan version of the Xiaomi 14T. This indicates that the device will also be sold in Japan.

In the Xiaomi T series, the main difference between the standard model and the Pro model usually lies in the processor and battery specifications. For example, the cameras used in the Xiaomi 13T and 13T Pro are exactly the same, and even the battery capacities are the same, both phones have a 5000 mAh battery. The scene will probably be the same for the Xiaomi 14T series, two different phones with similar specs but different chipsets. Xiaomi offered the Dimensity 8200 Ultra in the 13T, while the 13T Pro came with the Dimensity 9200+.

You might be wondering about the launch dates. The Redmi K70 Ultra is expected to be introduced to China in August. You can expect the launch of the Xiaomi 14T series to happen in September. There is no information about their prices yet. We will keep you informed of new developments. Stay tuned.


[ad_2]
Source link

Turning crypto into gold: Ethereum investment alchemy

andreasc
-
0
Turning crypto into gold: Ethereum investment alchemy
[ad_1]

The world of cryptocurrency has brought about a revolutionary change in the way we perceive and handle wealth. Ethereum, in particular, has emerged as a leader in this digital financial landscape, offering unique features that make it an attractive investment. In this article, we will delve deep into the concept of converting Ethereum into gold, a practice gaining traction among investors seeking to combine the allure of cryptocurrencies with the stability of tangible assets. Exploring the potential of https://ethereumcode.app/ can be a smart move for investors who wish to bridge the gap between themselves and premium investment education.

Ethereum’s Investment Potential

Before we explore the process of turning Ethereum into gold, it’s crucial to understand the underlying appeal of this cryptocurrency. Ethereum, created by Vitalik Buterin in 2015, is not just a digital currency but also a platform for building decentralized applications (DApps) and executing smart contracts. Its versatility has made it a favorite among developers and investors alike.

Several factors contribute to Ethereum’s investment potential:

Smart Contracts and DApps

Ethereum introduced the concept of smart contracts, self-executing agreements with predefined rules, and no need for intermediaries. This innovation has opened up countless opportunities in various industries, from finance to supply chain management.

Ethereum 2.0 and Proof-of-Stake (PoS)

Ethereum is in the process of transitioning from a proof-of-work (PoW) to a proof-of-stake (PoS) consensus mechanism. This shift aims to enhance scalability, security, and energy efficiency, making Ethereum even more attractive to investors.

Ethereum’s Ecosystem and DeFi

Ethereum’s vast and thriving ecosystem includes decentralized finance (DeFi) projects, enabling users to engage in lending, borrowing, and yield farming. The DeFi sector has seen explosive growth, with Ethereum as its foundation.

Converting Ethereum to Gold: Why the Interest?

With Ethereum’s rising popularity, why the growing interest in converting it to gold? Gold has long been considered a safe-haven asset, offering stability and a hedge against economic uncertainties. Here’s why investors are exploring the Ethereum-to-gold conversion:

Risk Mitigation and Portfolio Diversification

Diversifying an investment portfolio is a fundamental strategy for risk management. By converting Ethereum into gold, investors can balance the high volatility of cryptocurrencies with the stability of a tangible asset.

Hedging Against Market Volatility

Cryptocurrency markets are notoriously volatile. Gold, on the other hand, has a history of retaining value during market downturns, making it an attractive option for risk-averse investors.

Long-Term Wealth Preservation

Gold has been a store of value for centuries, maintaining its worth through various economic crises. Converting Ethereum into gold can serve as a long-term wealth preservation strategy.

Methods for Turning Ethereum into Gold

Now that we understand the motivations behind Ethereum-to-gold conversion, let’s explore the methods available for achieving this transformation:

Ethereum-Backed Stablecoins

Some platforms offer Ethereum-backed stablecoins, where each stablecoin is backed by a specific amount of Ethereum. These stablecoins provide price stability while retaining the underlying asset’s value.

Gold-Backed Cryptocurrencies

Several cryptocurrencies are backed by physical gold reserves. These tokens are often redeemable for physical gold, offering a direct link between Ethereum and the precious metal.

Digital Gold Services and Tokenization Platforms

Digital gold services and tokenization platforms allow investors to buy and trade digital representations of physical gold. These tokens are backed by real gold bars stored in secure vaults.

Each method has its pros and cons, with factors such as liquidity, security, and ease of use varying among them.

Security and Risks

Converting Ethereum into gold involves certain security considerations and potential risks that investors must be aware of:

Addressing Security Concerns

When opting for Ethereum-to-gold conversion, it’s crucial to use reputable and secure platforms. Ensure that your assets are stored in secure wallets and backed by reliable custodial services.

Regulatory Considerations

Cryptocurrency regulations vary by jurisdiction. Investors should be aware of the legal requirements and tax implications associated with converting Ethereum to gold in their country of residence.

Potential Risks

Market volatility, counterparty risk, and tax implications can pose challenges when converting Ethereum to gold. It’s essential to assess and mitigate these risks before proceeding.

Case Studies and Success Stories

To gain a better understanding of the practical aspects of Ethereum-to-gold conversion, let’s examine some real-life case studies and success stories. These examples will shed light on the strategies and experiences of individuals and companies who have successfully executed this investment alchemy.

Conclusion

In conclusion, the practice of turning Ethereum into gold represents a fusion of the digital and physical worlds of finance. Ethereum’s unique features and the enduring appeal of gold make this investment strategy intriguing for those seeking diversification and stability. As the cryptocurrency landscape continues to evolve, Ethereum’s role in bridging the gap between the digital and tangible assets is likely to gain even more significance. For investors, exploring Ethereum-to-gold conversion can be a strategic move towards building a resilient and balanced portfolio.


[ad_2]
Source link

Instagram moves Notes from DMs to your profile and rolls out new custom stickers

andreasc
-
0
Instagram moves Notes from DMs to your profile and rolls out new custom stickers
[ad_1]
Instagram is giving its Notes feature a makeover. Instead of staying hidden in the DMs tab, Notes will be showcased on users’ Profile pages. This update is all about boosting visibility, ensuring that users’ updates and thoughts are more easily seen.

As per the well-known tech news source Engadget, Instagram plans to roll out Instagram Notes, its short message status update feature, directly on a user’s profile page.

The app is also testing out “prompts” for Notes, enabling users to post questions for their friends to respond to in their updates, similar to the interactive “add yours” templates for Stories.


This update is expected to boost the visibility of the feature and provide users with another platform to engage with their friends’ updates. Notes function similarly to Stories, lasting for only 24 hours. However, they are visible only to mutual followers, meaning they’re not intended for as broad sharing as regular grid or Stories posts.


Additionally, the app is introducing a new Cutouts feature, enabling users to create stickers from objects in their photos, similar to how the iOS sticker feature works. These stickers can be shared on Instagram Story or in a Reel.


To make a custom sticker with Cutouts:


  • While crafting a reel or story, tap the Stickers icon at the top.
  • Choose the new Cutouts option.
  • Pick a photo or video with a clear subject.
  • A sticker will be made from the photo or video automatically. If it’s not what you had in mind, tap “Select manually” at the bottom left to choose the object you want for your sticker. Note: You can only select one object at a time for the sticker.
  • You can continue to create your reel or story or save your sticker for later use.
The newly created custom stickers will also be saved for later use.

[ad_2]
Source link

LightSpy Malware Attacking Android and iOS Users

andreasc
-
0
LightSpy Malware Attacking Android and iOS Users
[ad_1]

A new malware known as LightSpy has been targeting Android and iOS users.

This sophisticated surveillance tool raises alarms across the cybersecurity community due to its extensive capabilities to exfiltrate sensitive user data.

LightSpy is a modular malware implant designed to infiltrate mobile devices. With variants for both Android and iOS platforms, it represents a significant threat to user privacy.

The malware’s extensive functionality allows it to harvest a wide range of personal information from infected devices.

Technical Details of the Attack

LightSpy is engineered to siphon off a variety of data from the victim’s device, including:

  • GPS location data
  • SMS messages
  • Data from messenger apps
  • Phone call history
  • Browser history
Document
Stop Advanced Phishing Attack With AI

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

Moreover, LightSpy can remotely execute shell commands and record voice-over IP (VOIP) call sessions, adding to its surveillance capabilities.

Broadcom’s latest blog post highlights the LightSpy malware implant’s technicalities and impact on targeted devices.

The malware is known to spread through various means, including phishing campaigns and compromised websites.

Once a device is infected, LightSpy operates stealthily, often undetected by the user.

The modular nature of LightSpy means it can be updated with new capabilities post-infection, making it a remarkably resilient and adaptable threat.

Impact on Users

The implications of such a malware infection are severe.

Users’ private information can be compromised, leading to potential identity theft, financial loss, and personal safety concerns.

The ability to track browser history and communications in real time provides malicious actors with a wealth of information that can be exploited.

Users are advised to keep their security software up to date and to be cautious of unrequested communications that could serve as potential infection vectors.

The emergence of LightSpy malware is a stark reminder of the evolving threat landscape in the digital age.

Users of both Android and iOS devices must remain vigilant and employ robust security measures to protect their personal information from such sophisticated cyber threats.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.


[ad_2]
Source link

DOOGEE DK10 is the company’s new flagship rugged phone

andreasc
-
0
DOOGEE DK10 is the company’s new flagship rugged phone
[ad_1]

DOOGEE announced a new flagship rugged smartphone, the DOGEE DK10. The company says that the phone is “designed with premium materials, advanced features, and a rugged build to cater to outdoor enthusiasts seeking a blend of luxury and nature’s beauty”.

The DOOGEE DK10 is a new rugged phone that has a kevlar backplate (in one of its versions)

The phone has a circular camera island on the back and several different backplate iterations. One of them is kevlar, actually. A display camera hole sits on the front, and it’s centered, while it’s easy to notice this is a rugged device.

It has a ‘Morpho quad camera’ system on the back, as DOOGEE says the phone “combines state-of-the-art AI algorithms with advanced image processing technology”. The main camera on the phone comes from Samsung, it’s the S5KGN1 50-megapixel unit.

In addition to that camera, you’ll also find a 64-megapixel night vision camera, a 50-megapixel ultrawide unit (which doubles as a macro camera), and a 16-megapixel telephoto camera. A 50-megapixel selfie camera is also included here.

A 120Hz display is also included

This smartphone has a 6.67-inch 120Hz display, which offers a 2.5K resolution. This is an AMOLED panel, in case you were wondering. It’s protected by the Gorilla Glass Victus, and it’s flat.

The DOOGEE DK10 is IP68/IP69k and MIL-STD-810H certified. In other words, not only is it water and dust-resistant, but it can also take a hit. DOOGEE also included a “high-vibration X-axis linear motor” here.

The MediaTek Dimensity 8020 SoC fuels this smartphone. The device offers 512GB of storage and 12GB of RAM. You can expand its RAM via virtual RAM, though, if needed.

This handset supports 120W wired charging, along with 50W wireless charging

A 5,150mAh battery is also a part of the package, while the device supports 120W wired charging. On top of that, 50W wireless charging is also supported here, as is OTG reverse charging.

5G is also supported, as is Wi-Fi 6. A fingerprint scanner sits on the right-hand side, the phone’s power/lock button doubles as a fingerprint scanner.

The DOOGEE DK10 is available to purchase from both AliExpress and the company’s official website. We also have some discount codes for you, you’ll find all the necessary information below.

Buy the DOOGEE DK10 (AliExpress)

Discount code for AliExpress: 20DGDK10

Buy the DOOGEE DK10 (DOOGEE Mall)

Discount code for DOOGEE Mall: DK10AD


[ad_2]
Source link
1...180181182...1,452Page 181 of 1,452