OnePlus has started rolling out a new update to the OnePlus 12 and OnePlus 11 handsets, with Photo Collages and much more. The update is actually quite hefty at 676.68MB. You may want to use a WiFi connection for this one.
A new update is rolling out to the OnePlus 12 & OnePlus 11, with Photo Collages & much more
For the OnePlus 12, it’s marked as Oxygen OS 14.0.0.604. On the flip side, the OnePlus 11 is getting an update marked as Oxygen OS 14.0.0.601. The changelogs are very similar, actually.
Now, first and foremost, yes, this update brings a new security patch on both devices, a security patch for March 2024. There’s much more included here, though, it’s not just about the patch.
Once you install this update, you’ll be able to create photo collages in the Photos app. That way you won’t need a third-party app, like you did thus far. Well, unless you want a lot of customization, as this integration is rather basic.
OnePlus has also added a ‘Partial screenshot’ option for the Smart Sidebar if you use it. You can now also press and hold the Volume Down button to turn on the flashlights when the screen is off.
The “app-specific volume” feature has been added, along with camera improvements
The “app-specific volume” feature has been added too. It will allow you to adjust volume for individual apps, which is a nice touch. The update also improves the volume bar’s design, and ease of use. General system stability has been improved too.
This update will also improve the clarity of photos taken using 2x in Portrait mode. The color accuracy of photos taken with the front-facing camera in warm-light environments has been improved too.
As you can see, there’s plenty to look forward to here. If you’d like to check out the full changelogs, and perhaps even download an update manually, click here.
On 14 March, Meta announced it would abandon CrowdTangle, saying the tool will no longer be available after August 14, 2024. While most people have never heard of CrowdTangle, among journalists the tool is considered essential. Its popularity largely depends on the ability to monitor social media activity around important elections.
This makes the timing of the change a bit awkward to say the least. Not just in the US, but in many countries around the world there are major elections in 2024.
Data analysis tool CrowdTangle was created to show publishers which posts on Facebook pages were getting the most engagement. However, researchers and journalists later discovered that monitoring which stories spread most quickly, also provides the means to find the source of disinformation and watch how it spreads.
Meta bought CrowdTangle eight years ago, and the tool helped journalists and researchers learn more about the content on Meta’s platforms, including Facebook and Instagram. It was the first major tool that let the public analyze trends on the social media platforms in real time.
But it also produced negative consequences for Meta. If content performed well, Meta received accusations of promoting that content in its algorithm. In 2021, CrowdTangle underwent some changes and the team that ran it, including founder and CEO Brandon Silverman, was dismantled.
Arguably, the only thing keeping CrowdTangle alive at that point was Article 40 of the European Union’s Digital Services Act, which requires very large platforms and search engines to share publicly available data with researchers and nonprofit groups.
So, in November of 2023, Meta introduced the Meta Content Library as a replacement for CrowdTangle to “help us meet new regulatory requirements, data-sharing and transparency compliance obligations.”
In an interview, Meta’s president of global affairs Nick Clegg said that the Meta Content Library is a better tool for researchers than CrowdTangle in almost every way. For starters, it includes data about reach, which he said offers a better picture of what content on the platform is most popular.
Researchers who have used both CrowdTangle and the Content Library are torn, they say that both tools have their strengths and weaknesses. However, the audience for the Content Library is much more limited: aside from certain fact checkers, journalists won’t have direct access.
In an open letter, Mozilla has called on Meta to keep CrowdTangle functioning until January 2025. At the time of writing, 156 universities, researchers, disinformation trackers, privacy watchers, and other social media followers have signed the request.
They fear that the absence of CrowdTangle will undermine the monitoring of election disinformation in a year that approximately half the world’s population will vote.
We don’t just report on threats – we help protect your social media
Cybersecurity risks should never spread beyond a headline. Protect your social media accounts by using Cyrus, powered by Malwarebytes.
The Pixel Watch 3 will include a larger battery… technically
Google’s watch was certified with the model number G1QME. Now, we cannot be sure this is the Pixel Watch 3, but it almost certainly is. Based on the provided information, the watch will include a 307mAh battery.
The Pixel Watch 2 includes a 304mAh battery, so the difference here is almost negligible, to be quite honest. The difference is only 3mAh. As a side note, the first-gen model included a 294mAh unit.
The watch is expected to arrive in two different sizes
Many people have complained that the Pixel Watch and Pixel Watch 2 are simply too small for them. I’d agree with that statement, and I’m used to considerably larger watches. Well, now we’ll have options, it seems.
The Snapdragon W5 Plus Gen 1 SoC is expected to fuel the Pixel Watch 3
The company’s upcoming smartwatch is expected to utilize the Snapdragon W5 Plus Gen 1 processor from Qualcomm. WearOS will come pre-installed, of course, and the battery life should improve further.
The first-gen model had a really poor battery life. The Pixel Watch 2 did improve upon that, but the third-gen model should really bring a notable improvement. We cannot be sure at this point, but it all points in that direction.
Google will once again release a circular smartwatch, even though we still don’t know what will it look like. The company is expected to make some changes, just so it doesn’t release an identical-looking watch three years in a row. We don’t expect major design changes, though.
Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user devices into proxy nodes, potentially engaging in malicious activities without their knowledge.
This discovery has raised significant concerns about the safety of free VPN apps on the Google Play Store.
The Satori Threat Intelligence team from HUMAN, a cybersecurity firm, has identified a series of VPN apps that enroll user devices into a proxy network through a Golang library dubbed PROXYLIB.
This operation was first revealed in May 2023 when a single free VPN application, Oko VPN, was found to exhibit malicious behavior and subsequently removed from the Play Store.
Proxylib Process
Further analysis led to the identification of 28 related applications, all of which have now been removed from the Google Play Store.
However, the threat persists as the actors behind PROXYLIB continue to evolve their tactics, techniques, and procedures (TTPs).
A recent article by HumanSecurity discovered malicious activity in Oko VPN, a free VPN application available on the Google Play Store.
How PROXYLIB Operates
The PROXYLIB applications establish a bidirectional connection to a proxy network, effectively turning the device into a residential proxy node without the user’s consent.
The apps masquerade as legitimate services, often as free VPNs, and use permissions such as FOREGROUND_SERVICE and BOOT_COMPLETED to maintain persistence.
The native library, libgojni.so, handles incoming requests and maintains communication with command-and-control (C2) servers.
This allows the device to relay web requests to various online platforms, which can be used for activities like ad fraud, mainly targeting video streaming services.
Two apps from the first variant of PROXYLIB (Source: HUMAN Threat Intelligence)
The LumiApps SDK Connection
A subsequent version of PROXYLIB was found to be distributed through an SDK called LumiApps.
lumiapps[.]io landing page
This service allows users to upload an APK and add the SDK automatically without needing the source code.
The modified APKs are then distributed outside the Google Play Store, often as “mods” or patched versions of legitimate apps.
Documentation on integrating the LumiApps SDK into an application during development
The threat actor behind PROXYLIB is believed to be monetizing the network through Asocks, a residential proxy seller.
By selling access to the proxy network created by the infected devices, the actor incentivizes developers to integrate the LumiApps SDK into their apps, thus expanding the network.
Country selection menu
Protecting Yourself from Proxylib Attacks
Android users are now automatically protected against PROXYLIB attacks by Google Play Protect, which is enabled by default on devices with Google Play Services.
Google Play Protect can warn users or block apps exhibiting malicious behavior, even if they originate from outside the Play Store.
HUMAN continues to collaborate with Google and other entities to mitigate the impact of PROXYLIB.
They recommend that users only download mobile apps from official marketplaces and avoid clones or “mods” of popular apps.
The Ongoing Battle Against Cyber Threats
Despite removing the identified applications, the threat actor behind PROXYLIB remains active.
HUMAN’s Bot Defender has blocked a significant amount of traffic from IPs associated with Asocks, which are used in various attacks, such as account takeovers and web scraping.
The IP address of the infected device
HUMAN emphasizes the importance of vigilance and recommends that users stay informed about the potential risks of free VPN apps.
The company pledges to continue monitoring for adaptations of PROXYLIB, and attacks carried out through residential proxy networks.
While free VPN apps may seem appealing, users must exercise caution and conduct due diligence before downloading such applications to protect their devices and personal information from being exploited by hidden proxy networks.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
A federal court in Montana has fined a man $9.9 million after he was found responsible for causing thousands of unlawful and malicious spoofed robocalls.
Sometimes there is good news. Well, for almost everybody except for the robocaller who was found guilty of unlawful robocalls to people in states including Florida, Georgia, Idaho, Iowa and Virginia in 2018. The court also imposed an injunction prohibiting any future violations of the Truth in Caller ID Act and Telephone Consumer Protection Act.
Scott Rhodes spoofed his telephone number, so it appeared to his targets that he was calling from a local phone number. If they picked up, they were presented with recorded messages. Those messages included highly inflammatory and disturbing content, often directed at certain communities, that intended to offend or harm the recipients.
Those messages typically addressed tragic and controversial events that took place in the region. Many consumers who received the calls found the calls so disturbing, they submitted complaints to FCC and other law enforcement regarding unwanted and harassing robocalls.
The FCC traced the unlawful spoofed robocalls to Scott Rhodes, a resident of Idaho and Montana, and in January 2021, the FCC imposed a $9,918,000 forfeiture penalty against Rhodes. In September 2021, the Justice Department sued Rhodes in the District of Montana to recover that penalty and obtain an injunction.
In October 2023, the United States moved for summary judgment, and the court subsequently entered an injunction and the full $9,918,000 forfeiture penalty against Rhodes, after concluding based on a de novo review of the evidence that Rhodes committed the violations found by FCC. When a court hears a case as “de novo,” it is deciding the issues without reference to any legal conclusion or assumption made by the previous court to hear the case.
Principal Deputy Assistant Attorney General Brian Boynton, head of the Justice Department’s Civil Division commented:
“The department is committed to protecting consumers from deceptive robocalls. We are very pleased by the court’s judgment, and we will continue working with the FCC and other agency partners to vigorously enforce the telemarketing laws that prohibit these practices.”
It is important to not engage in any conversation or respond to any prompts to minimize the risk of fraud. Even the smallest snippets of your voice being recorded, can be used in scams against you or your loved ones.
We don’t just report on phone security—we provide it
The OnePlus Nord CE4 images and specs just surfaced, ahead of launch
You can check out the images in the gallery below the article. The phone is coming in two colors, gray and light blue with a marble-looking backplate. The phone will have two cameras on the back, and three circular cutouts.
Its display will be flat, and a centered display camera hole will also be included. The sides of the phone will be flat, with chamfered edges. All the physical buttons will sit on the right-hand side, and no, an alert slider won’t be included.
What about its specifications? Well, we’ve already heard some details, but Ishan Agarwal shared quite a bit of information along with the aforementioned images.
Two color options are coming, and the Snapdragon 7 Gen 3 will be in use
He confirmed that the two aforementioned colors will be called Dark Chrome and Celadon Marble. The phone will feature a 6.7-inch 120Hz LTPS AMOLED display. It will almost certainly offer a fullHD+ resolution.
The Snapdragon 7 Gen 3 processor will fuel the phone, while the device will be available with 8GB of RAM and come in 128GB and 256GB storage flavors. OnePlus will utilize LPDDR4X RAM and UFS 3.1 flash storage.
OnePlus opted for a rather large battery, and blazing-fast charging
A 5,500mAh battery will be included on the inside, while the phone will support 100W charging. OnePlus’ and OPPO’s SuperVOOC charging will be in use, and a charger will be included. The phone will be able to reach a full charge in only 30 minutes (approximately).
Android 14 will come pre-installed on the device, along with OnePlus’ OxygenOS 14 skin. A hybrid dual SIM card slot will be in use. You’ll either be able to use two SIM card simultaneously or use one of the slots for a microSD card, in case you need more storage.
A 50-megapixel main camera (Sony’s LYT-600 sensor) will be backed by an 8-megapixel ultrawide shooter (Sony’s IMX355 sensor). On the front, you’ll find a 16-megapixel camera.
Federal Office for Information Security (BSI) in Germany has announced that at least 17,000 Microsoft Exchange servers across the country are exposed to one or more critical vulnerabilities.
This figure only scratches the surface, as several servers remain unaccounted for, potentially harboring similar risks.
The BSI’s findings underscore a pressing cybersecurity crisis, urging immediate action from server operators.
BSI LogoClaudia Plattner, President of the BSI, expressed grave concerns over the widespread vulnerability of such crucial infrastructure.
“The presence of tens of thousands of vulnerable installations of such relevant software in Germany is unacceptable,” Plattner stated.
She emphasized the dire consequences of neglecting cybersecurity, including jeopardized IT systems, services, and sensitive data.
Plattner’s call to action is clear: cybersecurity must be at the top of the agendas for companies, organizations, and authorities.
CVE-2024-21410 VulnerabilityFor nearly half of the Exchange servers, the vulnerability status concerning the critical vulnerability CVE-2024-21410 remains uncertain.
These systems are at risk unless operators have enabled extended protection since August 2022 or implemented alternative security measures.
The responsibility to assess and mitigate this vulnerability lies squarely with the server operators.
The BSI also highlighted another vulnerability in Microsoft Exchange that was recently addressed by security updates.
Failure to install these updates exacerbates the threat landscape. To combat this, the BSI’s CERT Association has been proactively informing network operators in Germany about vulnerable Exchange servers within their networks through daily, automated emails.
The Scope of Vulnerability
The BSI’s study reveals a concerning landscape: approximately 45,000 Microsoft Exchange servers in Germany are accessible online without restrictions.
About 12% operate on outdated versions that no longer receive security updates.
Furthermore, 25% of all servers run on current Exchange 2016 and 2019 versions but are behind on patch updates, leaving them susceptible to multiple critical vulnerabilities.
At least 37% of all Microsoft Exchange servers accessible from the Internet in Germany are vulnerable.
Impact on Various Sectors
The vulnerabilities have far-reaching implications, particularly affecting schools, universities, medical facilities, legal and tax advisory services, local governments, and medium-sized businesses.
Cybercriminals and state actors exploit these weaknesses to disseminate malware, conduct cyber espionage, and launch ransomware attacks.
The BSI’s study serves as a critical wake-up call for securing Microsoft Exchange servers against existing vulnerabilities.
Operators are strongly encouraged to update to the latest Exchange versions, install all available security updates, and configure their servers securely.
As cyber threats continue to evolve, the importance of proactive and comprehensive cybersecurity measures has never been more evident.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Both smartphones were announced in China. Vivo kept its foldable smartphones available in China only, but this generation could spread its wings. It would be about time, as OnePlus, OPPO, HONOR, and more China-based companies already delivered their foldables to markets outside of China.
The world’s lightest book-style foldable could get a global variant
Why do we think it’s coming to more markets? Well, Vivo hasn’t confirmed anything just yet. We do have two reasons to believe that both smartphones are coming to more markets.
Devices in both India and Indonesia do come with global software on them, though it could be slightly adapted to the country the phones are launching in, of course. The point is, Google services do come pre-installed.
It remains to be see what other markets will the phones arrive to
It remains to be seen if Vivo aims to offer these two foldable smartphones in other markets, but at least we’ll have global variants this time around. If you really end up wanting one, you can always import it.
The Vivo X Fold 3 Pro is the more powerful of the two phones. It comes with the Snapdragon 8 Gen 3 SoC. The Vivo X Fold 3 is fueled by the Snapdragon 8 Gen 2, but it’s both thinner and lighter than its sibling.
The VIvo X Fold 3 is lighter than the HONOR Magic V2, quite a bit, and the Magic V2 held the crown thus far. It is thinner than the Magic V2 when unfolded, but also 0.1mm thicker when folded, which is negligible. Vivo really pushed the ante with the Vivo X Fold 3.
Qualcomm has just announced the third generation of the S5 and S3 Sound platforms used in Snapdragon Sound. These sound offerings not only promise audio enhancements, but also accessibility. Also, as is tradition nowadays, Qualcomm also threw around the word “AI”. To quote, users can expect “almost 50x more AI power” from the new Sound Platforms. The 3rd-gen S3 is also going to improve budget audio gear, bringing it up to par with flagship products in some aspects.
What is Qualcomm introducing in the new Sound platforms?
Qualcomm’s 3rd-gen S5 and S3 Sound Platforms will drastically improve wireless audio gear. The S5, which is the more premium of the two, will now have a better DAC. DACs are digital-to-analog converters, and affect how good a device’s audio output is. The 3rd-gen S5’s new DAC will lead to crisper, richer sound with a wider range of audio reproduction.
Also, the new S5 Sound Platform will have a whopping 40% lower noise floor. The noise floor in audio gear is the sum of unwanted signals – like electronic interference – producing unwanted noise. The lower the noise floor, the less static you hear when no sound is being played. Qualcomm is also bringing its latest and greatest adaptive active noise cancellation to the S5 Sound Platform. On the accessibility side, the 3rd-gen S5 will also feature hearing loss compensation.
Qualcomm’s S3 Sound Platform is often found in budget audio products. What’s exciting is that the 3rd-gen S3 will now feature the Qualcomm Voice & Music Extension Program, like the S5. This will allow budget audio gear to ship with features usually only found in more expensive offerings. These include echo cancellation, spatial audio, and health tracking of varying kinds; like heart-rate monitoring. All things that will make for even more amazing Bluetooth audio gear.
What does AI bring to the table?
Text and image generation AI models are the rage nowadays. There are also audio-focused AI models that can mimic voices. Qualcomm has found some smart uses for AI in its Sound Platforms, and these are sure to become standard very soon. As reported by TechRadar, AI will intelligently filter through wanted and unwanted noise for ANC. This means manufacturers and users could design custom noise cancellation filters. Imagine a filter for cancelling out background traffic noise, but not the sound of ongoing conversations.
Two other ideas put forward by Qualcomm for AI use in its Sound Platforms revolve around microphone use. The first use case is for the audio gear to only listen to your voice in a crowded space. So, if a user is on a call, the microphone will intelligently transmit only their voice. The second use case builds on the first one; AI being able to understand spoken commands. Touch controls are still a contentious talking point in audio circles. Qualcomm wants its Sound Platforms to allow users to control their audio gear via their voice.
The 3rd-gen S5 and S3 Sound Platforms from Qualcomm are exciting stuff for audiophiles. Bluetooth has had its fair share of criticism, most of it not entirely undeserved. But advancements like these bring us closer to a world where wireless audio is just as good, if not better than wired.
Despite AMD’s growing market share with Zen CPUs, Rowhammer attacks were absent due to challenges in reverse engineering DRAM addressing, synchronizing with refresh commands, and achieving sufficient row activation throughput.
Researchers addressed these through ZENHAMMER, the first Rowhammer attack on recent AMD CPUs.
ZENHAMMER reverse engineers non-linear addressing uses crafted access patterns for synchronization, and schedules instructions carefully to increase throughput while bypassing mitigations.
Evaluations demonstrated ZENHAMMER finding bit flips on 7 out of 10 DDR4 devices on Zen 2/3 CPUs, enabling Rowhammer exploitation on current AMD platforms.
Besides this, it also triggered the first Rowhammer bit flips on a DDR5 device.
ZENHAMMER – First Rowhammer Attack
There have been cases of recent Rowhammer attacks that were used to bypass in-DRAM mitigations on Intel CPUs by exploiting particular architectural details, though such attacks have not been recorded against modern AMD Zen microarchitecture CPUs.
However, several crucial aspects including physical-to-DRAM address mapping, DRAM command observability, and memory instructions behavior on AMD platforms through extensive experiments were discovered.
Researchers used this information to design ZENHAMMER, it’s the first-ever successful Rowhammer attack against AMD Zen CPUs.
The goal of the researchers was to trigger bit flips on AMD Zen platforms using DDR4 memory, allowing comparison with well-studied Intel systems.
A crucial requirement for effective Rowhammer is knowledge of the DRAM address mapping from physical addresses to DRAM locations, enabling precise attacker row selection.
Since AMD and Intel memory controllers use different mappings, determining the AMD mapping posed the researchers’ first key challenge in constructing a Rowhammer attack on these platforms.
While Intel systems have all DRAM-adding bits within the lower 21 bits, AMD Zen systems utilize up to 34 bits, making exploitation challenging without knowing these bits.
Experts describe a technique combining the bank conflict side channel with reverse-engineered DRAM mappings to detect consecutive same-bank rows crucial for Rowhammer.
By coloring 2MB transparent huge pages (THPs) based on bank conflicts and using known address functions on the lower 21 bits, experts can identify same-bank rows within each THP color.
On a Zen 3 system, THP coloring takes around 39 seconds per attack, while detecting same-bank rows is a one-time 18ms cost per memory configuration.
The evaluation results reveal how well ZENHAMMER’s optimizations for causing bit flips on AMD Zen 2 and Zen 3 processors work as compared to the earlier methods.
By refining hammering instruction sequences and fence scheduling policies, ZENHAMMER dramatically raised the number of devices showing bit flips and the patterns that triggered them, particularly in the case of Zen 3 where no bit flips were reported before.
In comparison with Intel Coffee Lake on some devices, ZENHAMMER was less effective though its optimizations have shown themselves more powerful for some DIMMs even exceeding Coffee Lake’s best-performance bit flip counts.
These findings indicate that successful Rowhammer attacks require platform-specific optimizations beyond just increasing activation rates.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
![lumiapps[.]io landing page](https://gbhackers.com/wp-content/uploads/2024/03/image-84.png)
