Google keeps working on improving its app for Android and iOS. Now, Android Police reports that the company is developing a new toggle to switch between Search and Gemini AI for Android. The toggle already exists in the iOS version, and it’s long overdue for the Android version of the app.
Google working on a toggle for Gemini for its Android app
So far, generative AI has made its way into multiple Google services, including Gmail. Recently, the Google app on iOS got a useful toggle that allows you to switch between a standard search and using Gemini AI. However, the Android app doesn’t have the toggle.
This might change soon though, based on evidence found within an under-development version of the app. Leaker AssembleDebug has found the new toggle in the Google app for Android. The version of the app isn’t clear, but screenshots and videos show it works similarly to the iOS version.
So far, it is unclear when the toggle will be officially released. It could take weeks or even months for Google to refine it. Firstly, users on the beta version of the Google app should be getting a feel of it.
As for right now, Android users can access Gemini through the standalone app, while iOS users can access it directly via the Google app.
Izzy, a tech enthusiast and a key part of the PhoneArena team, specializes in delivering the latest mobile tech news and finding the best tech deals. Her interests extend to cybersecurity, phone design innovations, and camera capabilities. Outside her professional life, Izzy, a literature master’s degree holder, enjoys reading, painting, and learning languages. She’s also a personal growth advocate, believing in the power of experience and gratitude. Whether it’s walking her Chihuahua or singing her heart out, Izzy embraces life with passion and curiosity.
Cloudflare has announced its acquisition of Baselime, a pioneering observability platform designed to simplify the complexities of serverless application development.
This acquisition marks a milestone in Cloudflare’s journey towards creating a more intuitive and efficient cloud computing environment.
It leverages Baselime’s innovative approach to solving the behavior of distributed systems.
Revolutionizing Serverless Computing
The cloud computing paradigm has radically transformed over the past few years, with serverless architectures taking center stage.
This shift has enabled developers to build applications with remarkable speed and flexibility, eliminating the need to manage underlying infrastructure.
Cloudflare has been at the forefront of this revolution, offering services that simplify the development process for serverless applications.
However, the adoption of serverless technologies has introduced new challenges, particularly in understanding and managing the behavior of distributed systems.
Baseline was founded to address these challenges, providing developers with the tools to build, ship, and learn from their serverless applications effectively.
Cloudflare recently tweeted that they have integrated Baselime into their developer ecosystem.
Baselime’s observability capabilities makes it easier for developers to resolve issues with their serverless applications.https://t.co/akoL1CwZoI
— Cloudflare Developers (@CloudflareDev) April 5, 2024
A Synergistic Partnership
Cloudflare and Baselime’s synergy is evident in their commitment to enhancing the developer experience in the cloud.
DocumentRun Free ThreatScan on Your Mailbox
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
Cloudflare’s extensive portfolio of cloud computing services, including Workers, D1, R2, Queues, KV, Durable Objects, and AI, complements Baselime’s observability platform, which is designed to provide deep insights into the behavior of cloud applications.
By integrating Baselime’s capabilities into the Cloudflare ecosystem, developers will access built-in observability for every aspect of their serverless applications, from Workers to AI calls.
This integration promises to streamline the development process, enabling developers to detect, troubleshoot, and resolve issues in production quickly.
Core Concepts Behind Baselime’s Success
High Cardinality and Dimensionality
Baselime’s approach to observability is built on high cardinality and dimensionality, allowing developers to navigate their applications’ complexities easily.
Baseline offers a comprehensive view of application behavior by enabling detailed analysis of logs and distributed tracing with OpenTelemetry, facilitating faster and more accurate resolution of issues.
OpenTelemetry Integration
The adoption of OpenTelemetry, a set of standards for instrumenting applications, has been a game-changer for Baselime.
This integration gives developers a holistic view of their applications, from HTTP API performance to database query efficiency.
Cloudflare’s commitment to embedding OpenTelemetry directly into its Workers’ runtime further enhances the observability capabilities available to developers.
Baselime is a native OpenTelemetry built from the ground up to leverage OpenTelemetry data.
At the heart of Baselime’s philosophy is the belief that observability should not only be about collecting data but also about improving the developer experience.
By offering an exploratory solution that surfaces insights and facilitates real-time error tracking, Baselime aims to reduce the friction associated with traditional observability tools, making it easier for developers to identify and resolve issues.
As Cloudflare and Baselime embark on this exciting new chapter, the focus remains on pushing the boundaries of modern observability.
Integrating Baselime’s core capabilities into the Cloudflare ecosystem is just the beginning.
Plans include introducing advanced AI capabilities, direct codebase connections, and enhanced observability for large language models.
Secure your emails in a heartbeat! Take Trustifi free 30-second assessment and get matched with your ideal email security vendor - Try Here
For optimal security, auto-tracking security cameras are preferred. This exceptional feature offers more details of the incident that happened and the persons involved. But the question is: which security camera should you choose from dozens of options?
In this article, we will explore auto-tracking security cameras and the benefits they offer to help you understand whether you need them or not. We will also share the top picks you can go with for incredible features and surveillance.
What is Auto Tracking Security Camera?
An auto tracking security camera is equipped with a special feature called auto-tracking. It can automatically detect persons, pets, and vehicles using advanced sensors and algorithms. After detection, it starts tracking the movement. It captures the object’s movement within its field of view so you can understand what happened.
Some PTZ cameras can pan and tilt according to the object’s movement. They cover a wider area than normal cameras and reduce blind spots.
Benefits of Using Auto Tracking Security Camera
Auto-tracking cameras are preferred due to the following benefits.
Enhanced Surveillance Coverage
Auto-tracking cameras can cover a wider area and track every movement of the object. They focus on the right thing and offer better surveillance of the area.
If there is a PTZ feature, the cameras can rotate left, right, up, and down to a certain extent. They can rotate along with the object and capture more details of its movement.
If you install auto-tracking PTZ cameras, you will need fewer cameras than normal cameras. Some cameras even have an auto-patrol option that automatically rotates the camera between certain points.
Improved Accuracy
The cameras can move with the object to capture every detail of its movement. They reduce the blind spots, which is the common reason for no detection. They are equipped with advanced sensors and algorithms. So they can accurately detect the movement and start tracking.
Active Monitoring and Real-time Response
Auto-tracking cameras capture everything during the day and night. They also have color night vision or black-and-white to offer clear videos in low-light conditions.
You can actively monitor the movement of objects in the area. They accurately detect moving objects and send instant alerts to your device. You can check the live preview of the camera from any location and anytime through your smartphone.
Improved Incident Response Capabilities
After detecting any object, you get a notification in real-time. It is possible to prevent incidents and take action at the right time.
The cameras also have warning systems. They can turn on spotlights and ring the siren to deter intruders. Moreover, you can also talk to the person in front of the camera through two-way audio. There are microphones and speakers in the camera that facilitate communication through mobile applications.
Reolink Innovation in Auto Tracking Security Camera
Reolink has taken auto-tracking to the next level. They have introduced three tracking modes in their certain cameras.
The first mode is Digital Tracking. The camera tracks the object when it is within the range of the wide-angle lens. It does not pan or tilt if the object moves out of the range. It is recommended for a small area with a field of view less than 100⁰.
The second mode is Digital Tracking First. The camera starts to pan when the object reaches the edge of the wide-angle lens. It is recommended for large areas with more than 100⁰ field of view and within a 10m distance.
The third mode is PT Tracking First. The camera starts to pan and tilt when the object reaches the edge of the telephoto lens. It keeps the object at the center of the view. It is suitable for areas with more than 100⁰ field of view and within 10-15m distance.
Best Auto Tracking Security Camera: Unveiling the Top Models
Wireless Auto Tracking Security Camera – Argus Track
Reolink Argus Track is a 4K battery/solar-powered camera with auto-zoom. It tracks the motion of moving objects and zooms into them automatically to capture close-up views and important details.
You can see the normal and zoomed tracking video on the screen. Its PTZ offers 355⁰ pan and 50⁰ tilt, and 6X zoom for intricate details. Even at night, it captures true colors with optimal clarity.
It is a dual-band Wi-Fi camera for a smooth and stable viewing experience. It has a built-in rechargeable battery, so you can use the camera anywhere. It can also be connected to a solar panel and work as a standalone device.
Pros:
– Accurate detection of persons, vehicles, and pets – Instant alerts on your devices – Double-warning system to deter intruders – 355⁰ pan, 50⁰ tilt, and 6X hybrid zoom; a perfect PTZ camera – 10 minutes of solar charge offers 24 hours of uninterrupted performance – Compatible with Google Home
Cons:
– Not IP67 rated but still weatherproof for harsh conditions
Auto Tracking Outdoor Security Camera – E1 Outdoor Pro
Reolink E1 Outdoor Pro is a 4K Wi-Fi 6 PTZ camera. Its Wi-Fi 6 compatibility ensures low latency, super-fast transfer, and higher stability.
It offers 4K clear videos and 3X zoom to unveil intricate details. Its 355⁰ pan and 50⁰ tilt cover a wider area. It can do auto-tracking and capture every movement of the object. It also allows you to adjust the pan and tilt manually.
Pros: – Excellent colors and clarity at night – Equipped with spotlights and a siren to prevent theft – Real-time alerts and audio communication – Customized motion zones to send accurate alerts
Cons: – Requires a power cord (DC), so it is not suitable for places without power supply outlets nearby
Auto Tracking Security Camera System – RLK12-800WTM4
RLK12-800WTM4 is a complete auto-tracking security camera system with four cameras and one NVR.
All cameras offer 4K videos with normal and zoomed views. They use dual-band Wi-Fi for a smoother visual experience.
The NVR has 2TB storage, which can be expanded to 16 TB. It can connect up to 12 cameras, which makes scaling easier.
Pros: – Covers a wider area – Dual-tracking of the object for normal and close-up view – Gives clear videos at night through color night vision – Stable and fast dual-band Wi-Fi – Secure storage
Cons: – Not Wi-Fi 6, but it offers incredible speed and stability
FAQs
1. Are all PTZ cameras auto-tracking?
No, not all PTZ cameras have auto-tracking. The PTZ of some cameras has to be adjusted manually. It is better to look for the auto-tracking feature before buying.
2. What is intelligent tracking on a security camera?
Intelligent tracking uses advanced algorithms. It uses AI to detect objects and distinguish between persons, vehicles, and pets. After detection, it starts tracking the object and sends an instant alert to devices.
3. What is auto-tracking mode?
The auto-tracking mode automatically detects the movement of objects. It follows the movement within its field of view and captures every detail.
Conclusion
Auto-tracking security cameras are ideal for optimal surveillance and security. They can detect the motion of objects and start tracking movement. You can see the details of every movement along with instant alerts on the devices. They can cover a wider area and offer fine details of the object through zoom. They can also deter intruders and help you take action at the right time. Instead of a normal camera, you should go with auto-tracking. We have shared some of the best auto-tracking cameras you can select for incredible features and performance.
Generative AI is the trend these days, and for around a year and a half, the tech has been making its way into apps, phones, and what-have-you. Now, AI is also getting added to Spotify, and the tech will be helping you make playlists with a prompt, reports Android Authority.
Spotify testing generative AI to help you with playlist
The new feature is in its beta testing period and is currently available only to Premium users in Australia and the UK. Spotify announced the feature for Premium users on April 7. The new capability will allow you to create playlists with a prompt.
Examples of prompts include “relaxing music to tide me over during allergy season” and “a playlist that makes me feel like the main character”. As you can see, those are far from simple commands, and it would be very interesting what AI can include in such playlists.
Prompts for the AI can consist of places, animals, activities, colors, emojis, and even movie characters. The best prompts combine moods, artists, genres, and decades. The playlists can be further refined with follow-up prompts. Of course, Spotify has measures to prevent offensive prompts, but at this point, it is not clear what those are.
For now, the launch is in beta, so don’t get too hyped that it will come to you soon. We do hope more markets will be getting this fun and useful feature soon though, but Spotify has not disclosed a timeline for its release just yet.
Izzy, a tech enthusiast and a key part of the PhoneArena team, specializes in delivering the latest mobile tech news and finding the best tech deals. Her interests extend to cybersecurity, phone design innovations, and camera capabilities. Outside her professional life, Izzy, a literature master’s degree holder, enjoys reading, painting, and learning languages. She’s also a personal growth advocate, believing in the power of experience and gratitude. Whether it’s walking her Chihuahua or singing her heart out, Izzy embraces life with passion and curiosity.
The professional and personal online spheres are merging as social media platforms like Facebook, LinkedIn, and WhatsApp are now commonly used for work communication. Their integration creates cybersecurity vulnerabilities.
Threat actors can target employees on social media using their accounts accessed from work devices.
These accounts act as attack vectors, allowing unauthorized access to the organization’s systems.
– Advertisement –
A new LinkedIn threat combines breached users’ accounts and an evasive 2-step phishing attack.
A recent Python-based infostealer called Snake targets Facebook users with malicious messages.
By tricking users into downloading malware, Snake steals sensitive browsing data to hijack accounts.
It highlights how social media is a potential attack vector for stealing credentials and compromising corporate systems.
“Sales Proposal” Office Word document hosted on onedrive.live.com
LinkedIn is a social media platform for professional networking that is vulnerable to attacks due to the abundance of publicly available user data.
Attackers can harvest email addresses for surveys and use fake profiles to deliver malware through phishing attacks. Perception Point recently discovered a new attack that combines compromised user accounts with a 2-step phishing scheme to bypass detection.
DocumentRun Free Threat Scan on Your Mailbox to Stop Phishing
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
Compromised LinkedIn accounts had been exploited to launch social engineering attacks. The attackers sent messages to the victim’s network, pretending to be a trusted connection (1st degree).
An example of a deceptive message from a compromised account
The messages contain a malicious link disguised as a legitimate OneDrive document link, often using the lure of a confidential project to trick the victim into clicking it, leading to an account takeover.
Attackers use a hidden JavaScript payload that shows fake protection DDoS display screen
Phishing actors utilize a two-step attack. First, they trick victims into clicking a URL that leads to a legitimate OneDrive page hosting a malicious Word document.
Free Webinarfor DIFR/SOC Teams: Securing the Top 3 SME Cyber Attack Vectors - Register for Free
Second, the document embeds a URL redirecting victims through a fake Cloudflare verification prompt before landing on a phishing webpage designed to steal Microsoft 365 credentials.
3rr0r Hun73r – the threat actor behind the phishing website
The phishing page’s HTML code reveals it originates from a group called “3rr0r Hun73r” that creates and sells phishing kits.
Social media’s popularity creates a vulnerability for enterprises where hackers exploit employees’ social media use within work browsers to steal personal and corporate data.
Back in November, the Sunbird messaging app, which powered the Nothing Chats messaging app, shut down due to security concerns. The Sunbird app allowed Android users to use iMessage for messaging even down to having blue bubbles, high-quality images, read receipts, typing indicators, and more. While Sunbird promised users that they would have end-to-end encryption for user messages and files, users’ Apple login info was not encrypted obviously creating a huge security concern.
With 630,000 files vulnerable to this exploit, Sunbird decided to halt all of its services including its Play Store app. But Sunbird is re-launching its iMessage for Android app. In a press release, Sunbird announced that its messaging app has been relaunched and 165,000 Android users are on the waitlist. A small number of invitations have been disseminated.
Sunbird has updated its AV1 Message system which is now AV2 and it is designed to keep messages safe. As Sunbird notes, “Unencrypted messages are never stored anywhere on disk or in a database. When messages are decrypted to be passed to the iMessage and RCS/Google Messages network, they exist in that state only within memory for a limited period of time. In the front-end app, messages are only stored in an encrypted state within the in-app database.”
The bottom line as far as Sunbird is concerned is that “Since November, the Sunbird team has worked to migrate the iMessage implementation off of AV1 to the AV2 architecture. With the adoption of AV2, we believe that we’ve not only resolved the security vulnerabilities previously identified but also provided a secure and privacy-oriented foundation for Sunbird’s iMessage integration moving forward.”
You can join the Waitlist for Sunbird by tapping on this link and pressing on “Join the Waitlist.” You might wonder why this is necessary if Apple will support RCS later this year. The answer is simple; despite Apple adding support for RCS, those using the latter will still have green text bubbles. For those Android users concerned about getting teased for being green, outside of buying an iPhone, using Sunbird might be the next best solution.
The developers admitted that they could have used the downtime since November to release a quick fix to patch the vulnerabilities. But Sunbird said, “We recognized that such an approach would not align with our core values or our unwavering commitment to the privacy and security of our users.”Sunbird added, “We decided to take the opportunity to thoroughly reevaluate both our technical implementations and our organizational processes from the foundation up. This decision was driven by our belief in the paramount importance of trust and safety in our platform. It reflects our dedication to not just resolving the immediate issues at hand but also to ensuring that we uphold the highest standards of security and privacy for our community in the long term.”
A new threat actor dubbed “CoralRaider” targets victims’ financial information, login credentials, and social media profiles—including accounts for businesses and advertisements.
The group, which is of Vietnamese origin, has been active since at least 2023 and targets victims in several Asian and Southeast Asian countries.
In the recent campaign, the attackers used XClient stealer and RotBot, a customized version of QuasarRAT, as payloads.
The IP address, ASN, and active processes on the victim’s computer are among several tests that RotBot, a remote access tool (RAT), runs on it to avoid detection.
The XClient stealer offers significant information-stealing capabilities due to its plugin module and a variety of modules for conducting remote administration operations.
DocumentRun Free ThreatScan on Your Mailbox
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
Notable Tactics, Techniques, And Procedures (TTPs) Employed
According to Cisco Talos reports, the attacker utilized two Telegram bots: a “debug” bot for debugging and an “online” bot for receiving victim data.
On the other hand, the “debug” bot’s desktop image and Telegram looked identical to those of the “online” bot.
This demonstrated that, while testing the bot, the actor may have compromised their surroundings.
Telegram bots Used by attackers
Researchers’ investigation turned up two more pictures that showed several OneDrive folders.
An Excel file that most likely contained the victims’ data was examined in another picture. The spreadsheet contains multiple tabs in Vietnamese.
“CoralRaider had hardcoded Vietnamese words in several stealer functions of their payload XClient stealer”, Talos researchers shared with Cyber Security News.
“The stealer function maps the stolen victim’s information to hardcoded Vietnamese words and writes them to a text file on the victim machine’s temporary folder before exfiltration”.
This malicious campaign is aimed at victims in South Korea, Bangladesh, Pakistan, Indonesia, Vietnam, India, China, and other countries in Asia and Southeast Asia.
The Windows shortcut file serves as the campaign’s original vector. The actor’s method of giving the victims the LNKs is unknown at the moment.
Attack Flow
A malicious Windows shortcut file that downloads and launches an HTML application file (HTA) from a download site under the attacker’s control is the first step in the attack.
An embedded, obfuscated Visual Basic script runs when the HTA file is opened.
The PowerShell script that is embedded in the memory by the malicious Visual Basic script decrypts and sequentially runs three other PowerShell scripts that download and launch the RotBot, disable Windows and application notifications, bypass User Access Controls, and perform anti-VM and anti-analysis checks.
On the victim’s computer, RotBot is downloaded and launched under the guise of the Printer Subsystem program “spoolsv.exe.” The threat actor has assembled and customized a RotBot specifically for this campaign.
The XClient Stealer takes use of victims’ browser data, credit card numbers, and social network login passwords.
It targets the data files for Chrome, Microsoft Edge, Opera, Brave, CocCoc, and Firefox browsers through the absolute paths of the corresponding browser installation paths.
Lastly, the XClient stealer generates a ZIP package and saves the victim’s social media information, which is gathered into a text file in the local user profile temporary folder.
Use secure passwords and change them frequently to protect yourself from these dangerous attacks.
Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide
The U.S. Environmental Protection Agency (EPA) is suffering a major data breach allegedly by a hacker known as USDoD. The breach, affecting over 8.5 million users, raises concerns about identity theft, cyber espionage, and the chilling effect on environmental reporting.
The U.S. Environmental Protection Agency (EPA) is facing a significant security breach, carried out by a hacker operating under the alias USDoD. This alleged breach has resulted in the exposure of personal and sensitive information belonging to more than 8.5 million users, containing both customers and contractors.
The data breach brought to light on the morning of Sunday, April 7, 2024. Notably, USDoD has a history of engaging in high-profile data breaches, with previous incidents including the exposure of data from 87,000 members of InfraGard, a sensitive security program funded by the FBI and dedicated to safeguarding critical infrastructure in the United States.
“Hello Breachforums, this is your favorite TA and today Im proud to say that Im releasing epa.gov database of contact list. This is their entire contact of Critical Infra not only for the USA but for the entire globe.”
USDoD
Regarding the alleged data breach at the EPA, the hacker claims that they have successfully compromised and leaked the entire database of the agency. Analysis conducted by Hackread.com indicates that the data provided by USDoD appears to be legitimate; however, conclusive verification can only be provided by the U.S. Environmental Protection Agency.
USDoD on Breach Forums (Screenshot credit: Hackread.com)
Meanwhile, review of the leaked file reveals a 500MB Zip archive containing three CSV files labeled as “Contact,” “Inter_Contact,” and “Staff.” An assessment of these files reveals the presence of the following information:
Contact File (3,726,130 Records)
Zipcodes
Full names
Fax numbers
Phone numbers
Email addresses
Mailing addresses
Country, city, States
Inter_Contact File (9,952,374 Records)
Zipcodes
Full names
Phone numbers
Email addresses
Email domains
Country, City, State
Company name and address
Staff File (3,325,973 Records)
Zipcodes
Fill names
Job titles
Company names
Email addresses
Business Addresses
Phone numbers
Related industries
Country, city and States
Following the removal of duplicate records, the total number of accounts involved in the breach stands at nearly 8.5 million, specifically 8,460,182. Hackread.com has notified the U.S. Environmental Protection Agency (EPA) and CISA regarding the data breach. Any response received from either of the agencies will lead to an update to this article.
Screenshot from the leaked data (Credit: Hackread.com)
The Good and Bad news
The good news amidst this breach is the absence of passwords. However, the seriousness of the situation can be understood by the fact that the leaked data is now circulating within Russian hacker and cybercrime forums. This development not only open doors for state-sponsored cyber espionage but also poses a serious risks of identity theft, phishing scams, and targeted marketing campaigns.
Furthermore, the exposure of information regarding facilities or individuals reporting environmental violations raises serious concerns. Such disclosures could potentially deter future reporting and impede the EPA’s effectiveness in enforcing regulatory measures.
DevastatingFirst Quarter of 2024 for US So Far
The first quarter of 2024 has proven to be quite challenging for the United States, a nation that holds influential global power and consequently becomes an attractive target for cybercriminals. Despite ongoing efforts to strengthen its critical infrastructure, the country has faced a surge in successful cyber attacks, resulting in widespread disruption and compromise.
In January, EquiLend, a prominent financial technology firm, fell victim to a large-scale ransomware attack. As a result, it was confirmed that the incident also led to a data breach, exposing sensitive employee information.
March witnessed the cyber attack from IntelBroker hacker against Acuity Inc., a federal contractor, resulting in the exposure of critical records belonging to U.S. Citizenship and Immigration Services (USCIS) and U.S. Immigration and Customs Enforcement (ICE). Although initially denied, Acuity Inc. eventually acknowledged the hack.
In February, the same hacker targeted the security of Los Angeles International Airport, compromising the personal data of 2.5 million private plane owners. Shortly thereafter, in March, American Express disclosed a significant data breach involving third-party contractors, impacting its cardholders.
The latest alleged data breach occurred on April 4, 2024, when the IntelBroker hacker leaked personal data belonging to over 22,000 Home Depot employees on BreachForums.
According to a recent poll by the US Chamber of Commerce, 60% of small businesses are concerned about cybersecurity threats, and 58% are concerned about a supply chain breakdown.
Not surprisingly, small businesses in the professional services sector feel significantly more concerned about cybersecurity threats than those in manufacturing or services, but the poll explains that they also feel more prepared to handle them.
“The small businesses most concerned about cybersecurity threats include businesses with 20-500 employees (74%) and businesses in the professional services industry (71%). On the other hand, small businesses that are least likely to say they are prepared for cyber threats include businesses in the manufacturing sector (61%), female-owned businesses (68%), and businesses in average health (64%).”
Services businesses are right to be concerned. The most serious cyberthreat faced by organizations is ransomware, and on any given month, in almost any country, the services sector is the one hardest hit by ransomware.
However, while the services sector suffers more attacks than manufacturing, the difference has been steadily narrowing, so that it is almost insignificant
Known ransomware attacks by industry sector, February 2024
Small businesses are not sitting on their hands though. 49% say they have trained staff on cybersecurity measures in the past year, 23% think they are “very prepared” to handle cyberthreats, and 50% feel “somewhat prepared.”
It’s no surprise that small businesses are concerned—they have limited resources, and yet they need to be ready to fight off the same sophisticated criminal gangs as the biggest enterprises.
And, as you can read in our 2024 State of Malware report, cybercriminals continue to evolve their tactics. They like to use social engineering, and vulnerabilities in internet-connected devices and services, rather than old-fashioned malware to infiltrate systems and networks. And once they’ve broken in to a company network, they are increasingly turning to legitimate tools instead of malware to carry out their attacks, a tactic known as living-off-the-land (LOTL)
This requires a different approach and security solutions capable of dealing with these threats.
We don’t just report on threats—we block and remove them.
ThreatDown can help small business to be secure. Choose the ThreatDown bundle that’s right for your organization.
Google allows game emulators to be listed on its Play Store, but Apple didn’t until recently. Apple’s iOS ecosystem is extremely restrictive, especially to third-party apps, so the existence of game emulators in the App Store was something unthinkable until the European Union decided to shake things up a bit.Over the weekend, Apple revealed that game emulators can be listed on its App Store not only in the EU, but also in all other parts of the world. First spotted by The Verge, the change also extends to the downloadable games offered by these emulators, which must comply with “all applicable laws.”
Software offered in apps under this rule must: follow all privacy guidelines, including but not limited to the rules set forth in Guideline 5.1 concerning collection, use, and sharing of data, and sensitive data (such as health and personal data from kids); include a method for filtering objectionable material, a mechanism to report content and timely responses to concerns, and the ability to block abusive users; and use in-app purchase in order to offer digital goods or services to end users.
But that’s not everything that Apple decided to change about its apps store. The Cupertino-based company now says that mini-games and mini-apps within big apps like WeChat must use HTML5, so they can’t be native apps and games.
And finally, in a response to the European Commission, Apple promised to allow music streaming apps in the EU to include in-app links that redirect to outside purchases and pricing information.
