The operators of DarkGate successfully leveraged a patched Windows Defender SmartScreen vulnerability, identified as CVE-2024-21412, as a zero-day attack to disseminate the complex and ever-evolving DarkGate malware.
The vulnerability tracked as CVE-2024-21412, with a CVSS base score of 8.1, is a Microsoft Defender SmartScreen vulnerability revolving around internet shortcuts.
It enables an unauthorized attacker to bypass SmartScreen security measures by deceiving a target into clicking on a specially crafted file.
In mid-January 2024, the Zero Day Initiative (ZDI) discovered a DarkGate effort that used fake software installers to exploit this vulnerability.
The phishing campaign disseminated fake Microsoft software installers (MSI) that disguised themselves as legitimate applications, such as Apple iTunes, Notion, NVIDIA, and others, by using open redirect URLs from Google Ad technology.
A sideloaded DLL file found in the fake installers decrypted and infected users with the DarkGate malware payload.
This campaign was also a part of the larger Trend Micro’s Water Hydra APT zero-day analysis targeting financial institutions.
Trend Micro analysts revealed today that the very same Microsoft Windows SmartScreen vulnerability is being used by DarkGate operators for wider exploitation.
Notably, Microsoft officially released a security fix on February 13th, which addressed CVE-2024-21412.
The DarkGate Campaign
DarkGate is one of the most common, advanced, and active malware strains in the world of cybercrime.
It uses a malware-as-a-service (MaaS) service model. Threat actors with financial motivations have frequently targeted enterprises in North America, Europe, Asia, and Africa with this malicious malware.
“Using fake software installers, along with open redirects, is a potent combination and can lead to many infections”, Trend Micro researchers shared with Cyber Security News.
Attack Chain
Apart from investing in sponsored articles and ad space, threat actors have also been employing open redirection within Google DDM technologies.
Abusing open redirects could result in code execution; this is especially true when combined with security bypasses like CVE-2023-36025 and CVE-2024-21412.
Open redirects abuse the confidence that most users take for granted while using major web services and technology.
Open redirect inside phishing PDF
The operators of DarkGate use the Google DoubleClick open redirect to redirect a victim to a compromised web server that hosts the first .URL internet shortcut file to exploit CVE-2024-21412.
“The internet shortcut file uses the “URL=” parameter to point to the next stage of the infection process; this time, it is hosted on an attacker-controlled WebDAV server.”, researchers said.
Internet shortcut file exploiting CVE-2024-21412
The infection process proceeds to the following step, which points to a .MSI file in the path that contains a zip archive (ZIP).
This sequence of internet shortcut redirection that executes a Microsoft software installer from an untrusted source should properly apply MotW, which will, in turn, stop and warn users via Microsoft Defender SmartScreen that a script is attempting to execute from an untrusted source, such as the web.
“By exploiting CVE-2024-21412, the victim’s Microsoft Defender SmartScreen is not prompted due to a failure to properly apply MotW.
Next Stage of the DarkGate Infection
fake software installers using .MSI files”, researchers said.
It is imperative to exercise caution and warn users not to trust any software installer they download from sources other than the official website.
Both individuals and businesses need to be proactive in defending their systems against these kinds of attacks.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Threat actors can exploit ChatGPT’s ecosystem for several illicit purposes, such as crafting prompts to generate malicious code, phishing lures, and disinformation content.
Even threat actors can exploit ChatGPT’s exceptional capabilities to craft and launch a multitude of sophisticated and stealthy cyberattacks.
Besides this, they can also exploit the vulnerabilities in ChatGPT extensions or plugins to gain unauthorized access to user data or external systems.
Recently, cybersecurity analysts at Salt Labs found generative AI to be a new attack vector.
Threat actors could exploit vulnerabilities discovered in the ChatGPT ecosystem to access user accounts, even GitHub, with 0-click hacks.
Critical ChatGPT Plugins Flaw
At Salt Labs, researchers look at the familiar and choose ChatGPT as a starting point, assuming their results will have wider consequences for AI systems.
Document
Mitigating Vulnerability & 0-day Threats
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
They only studied ChatGPT and found some flaws in its plugin ecosystem, where these plugins refine the networks to interact with external sources.
Using such plugins gives rise to an unintentional risk of exposure of sensitive data, thereby allowing access to users’ accounts such as Google Drive and GitHub.
About Plugins in ChatGPT (Source – Salt Labs)
Research exposed three vulnerabilities, and here below we have mentioned them:-
Malicious plugin installation on ChatGPT users
Critical or 0-click account takeovers across many plugins
OAuth redirection manipulation
However, the focus was on recurring vulnerabilities stemming from a lack of security awareness by developers.
Cybersecurity analysts urge OpenAI to prioritize security guidelines for plugin developers.
Researchers exposed an OAuth vulnerability, allowing attackers to manipulate victims into installing malicious ChatGPT plugins.
The attack mirrors traditional OAuth redirect manipulation, where attackers substitute their credentials during the authentication flow.
OAuth authentication work (Source – Salt Labs)
When a user approves a new ChatGPT plugin, the approval code gets returned to OpenAI via a redirect URL.
An attacker could substitute this code with their own, tricking ChatGPT into installing the plugin on the victim’s behalf and granting access to messages and data.
This recurrent OAuth vulnerability persists due to oversight by many developers who believe it is insignificant. Experts emphasize the severity of this flaw within ChatGPT’s plugin ecosystem.
You have to enforce a state parameter if you use OAuth and wish to guard against this situation.
State parameter (Source – Salt Labs)
Researchers exposed an account takeover vulnerability across numerous ChatGPT plugins built with PluginLab.AI, including AskTheCode.
When users install these plugins and grant access to services like GitHub, the plugins create authenticated accounts storing the user’s credentials.
Attackers could exploit an authentication bypass to obtain the victim’s “member ID” from PluginLab and then issue unauthorized requests using this ID to generate valid authorization codes.
With these codes, attackers could hijack plugin sessions within ChatGPT and gain full access to connected private data, such as GitHub repositories.
The root cause was PluginLab’s failure to validate requests properly during the authentication flow.
Moreover, cybersecurity analysts have indicated that GPTs have not yet fixed this issue altogether.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Smartphones are getting increasingly powerful and there don’t seem to be many apps that can choke modern flagships. While the industry is looking towards even higher scores on benchmark apps, Google has reportedly seen the capable chips in a different way, that might actually bring value to users’ regular usage. You may already know that the Google Pixel 8 Pro and the Galaxy S24 series have some innovative and helpful AI features. Google even stressed the Pixel 8 Pro’s capability to run some relatively large AI models on-device.
Web page summarization could soon work on-device for the Pixel 8 Pro
Although Samsung’s Galaxy S24 series and the Google Pixel 8 Pro have access to many of those AI features from Google, a lot of them currently run on Google’s cloud servers and the list of on-device ones is “quite short”. Now Mishaal Rahman from Android Authority has discovered some evidence that implies that Google is working on running the web page summarization feature on-device for the Pixel 8 Pro.
The AI model that powers many of these AI features is Google’s Gemini. Gemini Nano, which is the smallest of the three Gemini versions (Gemini Nano, Gemini Pro, and Gemini Ultra) is actually the one that runs on-device on the latest flagships and this could be one of the reasons why the features are exclusive to the latest models.
Now, the Gemini Nano’s small size also implies its limited capabilities. This model is reportedly only capable of working with “small blocks of text”, although it is enough to summarize transcriptions of up to 15 minutes in the Pixel recorder. It should be enough to apply the web page summarization feature to most of the articles you read on the internet.
The Gemini Nano currently powers three AI features on the Google Pixel 8 Pro – generating summaries of the recordings, Gboard’s smart replies while chatting on WhatsApp, and message rewriting suggestions on Google Messages. On the Samsung side, the model runs many Galaxy AI features as well.
The way Gemini works on-device (Image: Google)
Running the AI features on the device should reduce the load on Google’s servers
Another reason behind not many smartphone models getting access to Gemini-based AI capabilities may be associated with the cost of running and maintaining the servers. If you think about YouTube, they have advertisements or subscription plans for you that also pay for those costs. The Galaxy S24 series devices have already been in discussions regarding a potential fee for the future to access the server-side AI features. However, that business model regarding the AI features has received a different response.
Running one of the Gemini-powered features on-device also essentially means utilizing a phone’s computing power that you own and manage. While for you, it may result in a faster response as it does not have to send and receive data through the internet as you use the feature. So, given your device can run the model, it’s worth running that on-device.
In recent news, Apple has announced that its innovative product, the Apple Vision Pro, will soon be adding support for 12 languages. This development has sparked rumors and excitement among tech enthusiasts, hinting that Apple may be gearing up to launch the Vision Pro in other countries to obtain global momentum.
The Apple Vision Pro will break language barriers
The decision to add support for 12 languages to the Vision Pro is a strategic move by Apple to expand its market reach and appeal to a more diverse global audience. By allowing users to interact with the device in their native language, the business is making the Vision Pro more accessible and user-friendly for people around the world.
By expanding language support, Apple predicts to break down barriers and make it easier for people around the world to use the Vision Pro in their native language. This move is not only a testament to Apple’s commitment to inclusivity but also a strategic decision to tap into new markets and reach a larger customer base.
The following languages may soon be able to use the virtual keyboard and autocorrect, according to visionOS code, as reported by MacRumors: Cantonese, Traditional, Chinese, Simplified, and English (Australia), English (Canada), English (Japan), English (Singapore), English (UK), French (Canada), French (France), German (Germany), Japanese, Korean.
What does this mean for Apple’s global expansion?
The addition of support for 12 languages to the Vision Pro suggests that the firm may be preparing to launch the device in other countries. This move would not only help Apple tap into new markets but also enable the company to establish a stronger presence on a global scale. By making the Apple Vision Pro available in multiple languages, Apple is positioning itself for success in the global marketplace.
The impact of global momentum on Apple’s brand
Launching the Apple Vision Pro in other countries would not only drive sales for Apple but also enhance the company’s brand reputation. By offering a product that caters to the needs of diverse international audiences, Apple is demonstrating its commitment to inclusivity and innovation. This, in turn, will solidify Apple’s position as a leader in the tech industry.
In conclusion, the decision to add support for 12 languages to the Apple Vision Pro is a strategic move that hints at Apple’s plans for global expansion. By making the device more accessible to users worldwide, the company is paving the way for the Vision Pro to make a significant impact on the global tech market. With its innovative features and advanced technologies, the Apple Vision Pro is set to redefine the way we interact with technology and the world around us.
This time around we’re taking a look at two powerful phones that are also more compact than most flagships. We’ll compare the Google Pixel 8 vs Xiaomi 14. The Xiaomi 14’s global variant launched quite recently, while the original model (for the Chinese market) launched back in October when the Pixel 8 arrived too. Both of these phones are quite powerful, but they are quite different at the same time.
They not only look different, and feel different in the hand, but they have rather different internals too. As we usually do, we’ll first list their specifications. Following that, we’ll compare their designs, displays, performance, battery life, cameras, and audio performance. That being said, let’s get to it!
Both of these smartphones are made out of metal and glass. The Xiaomi 14 does come with a vegan leather backplate too, but only in China. So, we’ll focus on its glass variant only. Both of these phones have flat displays with thin bezels, but the bezels are thinner on the Xiaomi 14, and they’re also uniform. Both devices do include a centered display camera hole at the top of their displays too.
If we flip them around, you’ll see far more differences. The Google Pixel 8 has a camera visor on the back. That visor connects to the phone’s left and right sides, the frame of the phone. There are two cameras included on the inside, and the visor is covered by metal. The Xiaomi 14 has a far more regular-looking camera island on the back. It’s located in the top-left corner, and it has a square shape. Both camera setups do protrude on the back. The Pixel 8 does not wobble on the table due to the design of its camera visor, though.
The physical buttons are located on the right-hand side of both smartphones. Their location is a bit different, as the power/lock button sits above the volume up/down buttons on the Pixel 8. It’s the other way around on the Xiaomi 14. Both devices include in-display fingerprint scanners, optical ones. They’re both also IP68 certified for water and dust resistance. The Xiaomi 14 is slightly taller, wider, and thinner. That’s not surprising considering it has a larger display than the Pixel 8. It has a higher screen-to-body ratio, though.
Both devices feel great in the hand, but also different at the same time. The Xiaomi 14 has flat sides, with chamfered edges, while the sides are rounded on the Pixel 8. Both devices are very slippery too. They do feel really good to hold and use, though, both of them.
Google Pixel 8 vs Xiaomi 14: Display
The Pixel 8 includes a 6.2-inch fullHD+ (2400 x 1080) OLED display. This panel is flat, and it has a 120Hz refresh rate. It can project HDR10+ content, while the maximum peak brightness is 2,000 nits. The display has a 20:9 aspect ratio, and the screen-to-body ratio of the device is around 85%. The Gorilla Glass Victus is applied on top of the display for protection purposes.
Google Pixel 8
The Xiaomi 14, on the flip side, includes a 6.36-inch 2670 x 1200 LTPO OLED display. This display is flat too, and it has an adaptive refresh rate up to 120Hz. Dolby Vision is supported here, as is HDR10+ content. The theoretical maximum brightness of this display is 3,000 nits. We’re looking at a 20:9 display aspect ratio here, the same as on the Pixel 8. The Xiaomi 14 has a screen-to-body ratio of around 89%, and the Gorilla Glass Victus sits on top of the panel itself.
Both of these two displays are excellent, actually. They’re both vivid, have great viewing angles, and they’re more than sharp enough. The touch response is great on both panels. The Xiaomi 14’s panel does get a bit brighter, while it also has the advantage of rather high PWM dimming to protect your eyes. The blacks are deep on both displays. All in all, both displays are excellent, though the Xiaomi 14’s panel does have a couple of advantages.
Google Pixel 8 vs Xiaomi 14: Performance
Google’s Tensor G3 processor fuels the Pixel 8. That is Google’s latest chip, at the time of writing this article. It’s a 4nm processor. The Pixel 8 also utilizes 8GB of LPDDR5X RAM and UFS 3.1 flash storage. The Xiaomi 14 is fueled by the Snapdragon 8 Gen 3 chip, a 4nm processor by Qualcomm. That is the company’s most powerful chip at the moment. The phone also takes advantage of LPDDR5X RAM and UFS 4.0 flash storage.
Both smartphones do offer really great performance, though the Xiaomi 14 did feel a bit snappier in comparison. It’s as if it can do specific actions a second faster than the Pixel 8. That’s not all that surprising considering that it utilizes a more powerful chip and faster storage. Still, if you’re not comparing them side-by-side, they both do a great job. They are great at multitasking, and basically any regular usage scenarios you can think of.
When it comes to gaming, the Xiaomi 14 is the better option of the two. The Tensor G3 is not really made for gaming, the Snapdragon 8 Gen 3 handles games a lot better. That even goes for the most demanding titles out there. If you’re playing non-demanding games, the Pixel 8 does a fine job too, though. Both smartphones do get rather warm during gaming, but we did not get to the point of overheating or anything of the sort.
Google Pixel 8 vs Xiaomi 14: Battery
Google’s Pixel 8 handset has a 4,575mAh battery on the inside. The Xiaomi 14 packs in a 4,610mAh unit. These battery capacities may not seem huge but do note that the display sizes on these two phones are smaller than on the vast majority of other flagship-grade devices. The battery life on both phones is good, though not outstanding. We did notice that the Xiaomi 14 offers more in the battery life department, though.
The Pixel 8 was able to provide us with 6-6.5 hours of screen-on-time on most days. At first, it was even able to go up to 7 hours, but something changed. If you’re using 5G a lot, however, the battery life does take a noticeable hit. The Xiaomi 14 is able to cross that 7-hour screen-on-time mark, but not go much beyond that, at least that was the case for us. We’ve noticed consistently better battery life on the Xiaomi 14 with similar usage, and 5G did not affect it as much.
In terms of charging, the Xiaomi 14 completely destroys the Pixel 8. It supports 90W wired, 50W wireless, and 10W reverse wireless charging. The phone also comes with a 90W charger in the box. The Pixel 8 supports 27W wired, 18W wireless, and reverse wireless charging. It does not include a charger in the box. By the time the Pixel 8 reaches the 50% charge mark, the Xiaomi 14 reaches a full charge, basically.
Google Pixel 8 vs Xiaomi 14: Cameras
The Google Pixel 8 features a 50-megapixel main camera, and a 12-megapixel ultrawide unit (126-degree FoV). The Xiaomi 14, on the flip side, has a 50-megapixel main camera, a 50-megapixel ultrawide camera (115-degree FoV), and a 50-megapixel telephoto unit (3.2x optical zoom). Xiaomi’s handset also comes with Leica’s lenses as part of the package, and also Leica’s expertise in other areas, such as image processing.
Xiaomi 14
Both of these smartphones are immensely capable when it comes to photography. They do provide visibly different results. The Pixel 8 leans towards very contrasty images that end up looking quite processed and quite bright at the same time. The Xiaomi 14 goes the contrasty route too, but the images do look a bit closer to real life. You can even utilize the ‘Leica Authentic’ mode for a specific photography style. Both smartphones handle HDR conditions like champs.
In low light, the main camera on both phones do a great job. The Xiaomi 14 does handle street lights a bit better, though. It also likes to keep images a bit darker to make them look closer to real life, while the Pixel 8 will usually brighten them up. Their ultrawide cameras do a good job in both daylight and nighttime, though we did prefer the results from the Xiaomi 14’s shooter. The Xiaomi 14 easily wins the telephoto comparison, the Pixel 8 doesn’t even have a telephoto camera, though its main camera can zoom in to a certain degree and not lose much detail, especially in good lighting scenarios.
Audio
There is a set of stereo speakers on both of these smartphones. Those speakers are loud enough on both smartphones, though the Xiaomi 14 does have a small advantage in that regard. They’re well-optimized on both ends, though.
There is no audio jack on either one of these two phones. You can utilize their Type-C ports for wired headphone connections, or you can go full wireless via Bluetooth. The Pixel 8 supports Bluetooth 5.3, while the Xiaomi 14 comes with Bluetooth 5.4 support.
Microsoft has undocked Copilot from its dock. Windows 11 users may soon be able to resize the Generative AI tool, and even move it freely across their desktops as if it’s a standalone app.
Microsoft released Windows 11 Insider Preview Build 26080 to the Canary and Dev Channels earlier this week. One of the biggest visual changes awaiting users is having Copilot anywhere on the screen.
Microsoft Copilot can be undocked, resized, and moved across the desktop
Microsoft Copilot is one of the easiest and fastest ways to access ChatGPT directly from within Windows 11. Introduced about a year ago, Microsoft kept Copilot locked in a dock located on the right side of the screen.
Users could perform all the tasks that Generative AI is famous for and even alter a few Windows settings, but they couldn’t move Copilot away from its dock. Although this wasn’t a deal-breaker, it is not clear why Microsoft restricted Copilot’s movement on a Windows 11 desktop.
Microsoft recently allowed users to resize the size of the Copilot dock, and even added the tool to the startup process. This ensured Copilot was quickly available to Windows 11 users, just like the Edge web browser.
Moving forward, users could unlock or unshackle Copilot from its dock, confirmed Microsoft. This essentially transforms Microsoft Copilot from a dock to a standalone app.
Not only will users be able to move and resize Copilot, but they could also decide where they want it to appear or stay. In other words, Microsoft Copilot would be able to remember its previous location on the screen, just like other apps. Additionally, Copilot would appear in that precise spot the next time users summon it.
Microsoft to unlock more Windows 11 settings that can be changed using Copilot
Microsoft Copilot can control quite a few settings in Windows 11. In the latest beta builds of Windows 11, Microsoft has unlocked some more settings that Copilot can now access and change. Moving forward, users can empty the Recycle Bin, turn on Live Captions, or summon Voice Access using simple text prompts.
It appears Microsoft wants Copilot to improve and simplify Windows 11 usage, especially for users with physical limitations. Hence, the company has added new options, collectively included in the accessibility category, which can be changed using Copilot. Perhaps in the near future, Windows 11 users may be able to alter most of the OS’s settings without entering the Settings app.
Just like with the Threads in-app camera, the Google Messages in-app camera is actually just your device’s native camera. When you access the camera in Google Messages, it basically taps your device’s native camera and imports the picture that it took. This is a pretty easy way of taking pictures- it beats having to build an entire custom interface.
Well, Google Messages is going to be getting a custom camera interface
This is a small change, so you won’t see any major quality of life changes. Regardless, this could have one major benefit. This way, Google will be able to roll out additional functionality and features to the Google Messages camera app. Relying on your device’s native camera app is very limiting in that regard.
The custom Google Messages camera interface will be pretty basic. Also, it will be missing out on some useful features. Looking at the screenshot below, we see the picture being taken is in the 4:3 aspect ratio, and it does not look like you will have the option to switch between aspect ratios. Hopefully, you will have that functionality in the future. You’re able to switch aspect ratio using your device’s native camera app.
Below the viewfinder, we see the zoom options. These are the 0.5x, 1x, and 2x options. This could be a step backward, as your native camera app could have access to more zoom options depending on your phone’s hardware. For example, taking a picture with the Galaxy S24+ gives you additional zoom options up to 30x.
Along with those options, you have the option to disable/enable the flash, switch to the selfie camera, and switch between photo and video modes on the fly. That last feature will make some people happy. Currently, when you want to add media to your message, you would choose whether you want to take a photo or a video before going to the viewfinder. Well, after the update, you won’t have to worry about picking the wrong mode before entering the viewfinder.
Does it help or hurt?
The ostensible benefit mentioned earlier in the article- Google being able to add features to the in-app camera- might be outweighed by the drawbacks. With this new in-app camera interface, you are losing out on certain features that Google has not put in. You are not able to adjust settings, switch the aspect ratio, enable the grid, or do anything else when taking your picture.
So, this might actually do more harm. We will have to see what Google does with the camera in the future to see if this change is worth it. The update is currently rolling out via a server-side update for the latest beta version of the Google Messages app.
Amazon-owned Blink has introduced its latest camera accessory called the Blink Mini 2. The device has arrived as an affordable home appliance that can be used as an indoor and outdoor security camera. Notably, under $40, you will get both an LED spotlight and a person detection feature with this accessory. Furthermore, the device adds quite a handful of smart features inside a relatively tiny body.
The Blink Mini 2 offers person detection and up to 60 days of video recording
Notably, the latest Blink security camera comes with an enhanced feature called person detection. It will automatically identify if a person has walked by and notify you via smart notifications for the same. The camera is capable of differentiating between animals and humans. That means that when installed outdoors, not every shadow, waving tree branch, or passing cat can trigger an unnecessary alert.
However, it is worth mentioning that the person detection feature is only available for Blink premium users. The security company’s subscription plans start at $3 per month or $30 a year. The basic plan will also let you get smart notifications, up to 60 days of video history & live streaming, and more. As you may know, most affordable security cameras require you to opt for a premium subscription to avail of all features, Blink’s monthly plans look quite cheap.
The new Blink device is a compact and affordable security camera
Notably, Blink’s new Mini 2 can be used as a security camera for both indoor and outdoor purposes. The device is powered by the company’s in-house chipset and utilizes on-device computer vision technology. In a small form factor, the accessory provides a built-in LED spotlight, cloud video recording, 1080p quality video viewing, and more. It also works with the Alexa assistant, so you can connect it to other Echo devices and more.
The Blink Mini 2 will be available starting from $39.99 in the United States for the basic model. You can also purchase the camera with a weather-resistant power adapter for $49.98 to use it outside. More information regarding the device and its availability are available on Amazon.com. The device comes in Black and White color variants.
The dates for Google I/O have been revealed. And it’ll take place on May 14 and 15th. This marks the first time since 2019 that Google I/O has been a multi-day event. In 2020, it was canceled for obvious reasons, and in 2021 and 2022, it was online only. Last year, Google I/O returned to being in-person for one day only. Now we’re pretty much back to normal with a two-day Google I/O.
Google’s CEO, Sundar Pichai, is expected to take the stage and kick off the keynote at Google I/O on May 14 at 10 AM PT. The keynote is generally a couple of hours long, going through each of the very many products that Google has.
Just as was the case last year and really every other year, Google I/O is likely going to be full of artificial intelligence, or AI. Last year, Google announced a slew of features for Bard, which has since been renamed to Gemini and is now using a different LLM.
Google will also talk more about Android 15, even though the developer preview has already launched. We should be receiving the beta in April, as well as updates to Gmail and many other Google products.
How can you attend Google I/O?
Glad you asked. Registration for Google I/O opens today, and it is free. Google says that there will be a “small live audience” for the keynote. It’s likely that most of the sessions will continue to be online so that anyone can watch them.
Google I/O takes place at the Shoreline Amphitheater, which is right next to Google’s Mountain View headquarters. Google had chosen this venue since 2016 when it finally moved away from hosting I/O at Moscone West in San Francisco. Shoreline makes it easier to get to, and it also gives Google more space to invite more people and show off more things in the sandbox. Google typically has all sorts of demos on display at Google I/O, and given the large number of products they have, they need the space.
ChatGPT is much more useful now than it was when I first came out, and this is through the use of plugins and GPTs. Well, if you’re planning on using these, you may be putting your data and cybersecurity at risk. Researchers from Salt Security discovered several security vulnerabilities with plugins and GPTs that may have led to some ChatGPT users’ accounts being hacked
Plugins and GPTs add more utility to ChatGPT. They allow the chatbot to do more than just answer typical AI chatbot questions. Think of GPTs as smaller user-created versions of ChatGPT that are specialized to do specific tasks. Users create these GPTs and post them to the GPT store. So, think of them as Google Chrome extensions. Users create them and post them to the GPT store, where you can install them and use them within ChatGPT.
Security vulnerabilities were found with some ChatGPT plugins
The first security issue occurs when actually installing a plugin or GPT. Unfortunately, ChatGPT does not verify that a user has begun installing a plugin. This is a big issue that will be explained in a bit.
When you install a new plugin, ChatGPT needs to verify it. In order to do this, the plugin’s website will need to send you a code. You will then send that code to ChatGPT which will verify that code with the website. Once ChatGPT verifies that the code is legitimate, the plugin is then installed.
However, this is a way for bad actors to steal victims’ information. The secret code is stored within a link. After that, the plugin is installed with the user’s credentials. This means that the user has control over the plugin.
This is why it’s bad that ChatGPT does not verify that users have started the installation process. A bad actor can send anyone a link containing a code to install the plugin on your account using the attacker’s credentials. Since ChatGPT doesn’t verify that the account holder has started the installation process, any person who sends the code can have the plugin installed.
Once installed, the attacker will have control over the GPT on the victim’s account. At that point, the attacker can have the malicious plugin redirect all of your chat conversations and information to it. This will put all of your sensitive information in the attacker’s hands.
Second vulnerability
The next vulnerability is a major threat if you use the AskTheCode plugin. This is a plugin that connects your ChatGPT account with your GitHub account. When you install this plugin, it actually creates a separate account to store your GitHub credentials.
Well, hackers are able to break into users’ GitHub accounts and steal their GitHub repositories through a vulnerability. According to the report, this action is done by sending the victim a special link. The link will reveal a key piece of information about the user, called their memberId, and send it to the attacker.
Well, the memberId of a person is extremely crucial. After that point, the attacker goes to ChatGPT and installs the AskTheCode plugin. At that point, they will install the plugin and use the victim’s member ID to authenticate it. When that happens, the attacker will gain access to the victim’s AskTheCode account and the victim’s GitHub account. This will give the attacker access to the repositories.
Third vulnerability
Lastly, the third vulnerability is similar to the second one. The attacker would send a malicious link to the victim that will install the plugin but using the victim’s credentials. This will give the attacker control over the victim’s account.
Hopefully, these issues will be ironed out before more victims pop up.
.webp)
.webp)
.webp)
