Hackers use weaponized calendar invites to exploit vulnerabilities in email systems, tricking users into clicking on malicious links or downloading malware disguised as event attachments.
By leveraging trust in calendar invitations, threat actors increase the likelihood of successful phishing attacks and unauthorized access to sensitive information.
Cybersecurity researchers at Malwarebytes recently discovered that hackers are actively exploiting the weaponized calendar invites to install macOS malware.
macOS MalwareCalendar Invites
Mac users seeking cryptocurrency opportunities are targeted by cybercriminals using fake calendar invites.
DocumentIntegrate ANY.RUN in your company for Effective Malware Analysis
Malware analysis can be fast and simple. Just let us show you the way to:
Interact with malware safely
Set up virtual machine in Linux and all Windows OS versions
Work in a team
Get detailed reports with maximum data
If you want to test all these features now with completely free access to the sandbox: ..
Links sent during attacks install malware on the target’s machine.
Brian Krebs flagged the issue, and asserted that scammers pose as cryptocurrency investors, and lure people into fake partnership meetings on Telegram.
Luring message (Source – MalwareBytes)
Signum Capital issued a warning about impersonation attempts on Twitter in January.
Threat actors contact the targets via Telegram DMs in which they lure their targets by offering opportunities for calls or meetings.
When victims attempt to join, the link fails. Scammers blame regional access restrictions and advise running a script to fix it.
Malwarebytes’ Thomas Reed confirmed threat actors’ use of scripts to compromise users isn’t new.
AppleScripts come in .scpt files, but victims need to open in Script Editor and may spot the code.
AppleScript applets act like normal apps, enhancing trustworthiness with code signing and icons.
Script Editor (Source – MalwareBytes)
Due to this obfuscating the code is possible which makes it less likely for Apple’s notarization process to detect potential threats.
When a user enters their password, the script doesn’t see it but gains root access. Actions run with administrator privileges without additional authentication.
The script can easily trick users into granting root permissions through a standard authentication request dialog.
AppleScript excels at malware crafting. Certain malicious programs like OSX.DubRobber, OSX.OSAMiner utilized AppleScript solely or near-solely.
A basic Apple Script, in this case, downloaded and ran a macOS Trojan whose purpose is unknown.
If it’s revealed as a cryptocurrency-stealing banking Trojan, then it wouldn’t be surprising.
How To Recognize The Scam?
Here below we have mentioned all the key tactics used by the threat actors, and these tactics will help in recognizing the scam:-
DM approach on Telegram
Crypto investment lure
Calendly platform preferred
Fake “regional restriction” urgency
Script with .scpt extension
Hosted on a fake meeting support site
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter
For the second time in only four months, all is not well on the ALPHV (aka BlackCat) ransomware gang’s dark web site. Gone are the lists of compromised victims. In their place, a veritable garden of law enforcement badges has sprouted beneath the ominous message “THIS WEBSITE HAS BEEN SEIZED.”
The ALPHV ransomware dark web site has a new look
So far, so FBI, but all is not what it seems.
ALPHV is arguably the second most dangerous ransomware group in the world. It sells Ransomware-as-a-Service (RaaS) to criminal affiliates who pay for its ransomware with a share of the ransoms they extract.
When a task force of international law enforcement agencies score a hit on a target this big, they tend to make a bit of a song and dance about it. At a minimum, there are announcements. Last time the FBI disrupted ALPHV with an unscheduled home page redecoration in December, the law enforcement agency was very happy to tell everyone.
When the UK’s National Crime Agency (NCA) took a slice out of the LockBit gang last month it didn’t just tell everyone in a press release, it celebrated with a week-long fiesta of premium-grade trollingon LockBit’s own website.
They have every reason to celebrate their success, but this takedown—if that’s what it really is—has been greeted with nothing but silence from law enforcement.
In fact, ransomware experts have weighed in with an alternative explanation: ALPHV has recycled the takedown banner provided by law enforcement in December, and staged a fake takedown to cover its tracks while it runs off with its affiliates’ money.
The story starts on February 21, 2024, when an ALPHV affiliate attacked Change Healthcare, one of the largest healthcare technology companies in the USA. The attack has caused enormous disruption and been described by the American Hospital Association (AHA) President and CEO Rick Pollack as “the most significant and consequential incident of its kind against the US health care system in history.”
On March 3, a user on the RAMP dark web forum claimed they were the affiliate behind the Change Healthcare attack. They alleged that two days earlier Change Healthcare had paid ALPHV $22 million—backing up their claim with a link to a Bitcoin wallet that shows a 350 bitcoin transfer on March 1—and that ALPHV then suspended their account.
VX Underground reported that a day later, other ALPHV affiliates were also locked out of their accounts, while ALPHV issued an “ambiguous” message seemingly pointing the finger at the FBI for…something, before putting the source code to its ransomware up for sale for $5 million.
The final act in this entirely unconvincing drama was the appearance of a “THIS WEBSITE HAS BEEN SEIZED” banner on the ALPHV dark web site. Not only was the banner identical to the one used by law enforcement in December, it appeared to have been lazily copied from the compromised site.
The giveaway, spotted by ransomware researcher Fabian Wosar, was the URL of the takedown image, which was being kept in a directory called THIS WEBSITE HAS BEEN SEIZED_files.
“An image URL like this is what Firefox and the Tor Browser create when you use the ‘Save page as’ function to save a copy of a website to disk,” he pointed out.
Of course, it’s not impossible that law enforcement would do this, but it’s a far cry from the no-stone-left-unturned effort of the recent LockBit takedown. Unconvinced, Wosar took to X (formerly Twitter) to say he’d reached out to contacts at Europol and the NCA, and they declined “any sort of involvement”.
It’s the second reminder in under a month, following revelations that the LockBit gang didn’t delete its victims’ stolen data when they were paid a ransom, that you just can’t trust criminals.
Prevent intrusions. Stop threats early before they can even infiltrate or infect your endpoints. Use endpoint security software that can prevent exploits and malware used to deliver ransomware.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like ThreatDown EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Yesterday, Samsung officially announced the launch date for the Galaxy A55 and Galaxy A35. The duo will debut on Monday, March 11. Leaks have already revealed plenty about the phones, including their specs, design, and alleged European pricing. Someone even posted a detailed review video of the former, going in-depth into its performance. The upcoming phones have just surfaced in another leak.
Samsung’s Galaxy A55 and A35 leaked again
The latest leak of the Galaxy A55 and Galaxy A35 comes courtesy of the ever-reliable tipster Evan Blass, aka evleaks. He shared a bunch of official-looking renders and images from marketing materials or online product listings on X. The images reveal Samsung Knox Vault support for both models. The company has already confirmed that the devices will boast Knox Security, so that was expected.
As leaked before, both devices will be available in four colors: Awesome Ice Blue, Awesome Lemon, Awesome Lilac, and Awesome Navy. The Galaxy A55 and Galaxy A35 also sport an identical design, including a flat back with a vertical camera array, a punch-hole display, and a flat frame with the Key Island design. However, the former has a metallic frame while the latter’s frame is made of plastic.
The images shared by Blass also confirm a 5,000mAh battery. Both devices are expected to boast 25W fast wired charging. Additionally, we can see a 50MP primary rear camera and a 5MP macro camera for the duo. The Galaxy A55 pairs those with a 12MP ultrawide lens and a 32MP selfie shooter. The latter two cameras have an 8MP and 13MP resolution, respectively, on the Galaxy A35.
The upcoming mid-range duo will boast an official IP rating for dust and water resistance (likely IP67). Samsung has also confirmed that the Galaxy A55 and Galaxy A35 will get four years of Android OS updates with five years of security updates. The devices will run Android 14-based One UI 6.1 out of the box, so they will get updates up to Android 18. Security patches will come at least until March 2029.
Samsung mid-rangers are getting more powerful
The prematurely posted review of the Galaxy A55 revealed that the new phone will be substantially more powerful than its predecessor, the Galaxy A54. It is said to bring over 20% boost in CPU performance, over 30% boost in GPU performance, and a whopping 167% boost in NPU performance. The device also handles thermals better and is available in a 12GB RAM variant. Stay tuned for the official launch next week.
President Joe Biden is set to give his annual State of the Union address on Thursday, March 7, 2024
As it seems to happen every year, this State of the Union address is being delivered at a pretty critical time for President Biden. This year, it’s due to it being an election year. Following the Super Tuesday victories by former president Trump, it’s likely going to be Trump versus Biden in November. And this is going to be a prime opportunity for Biden to talk about his plans for the rest of 2024, and moving forward.
How do I watch Biden’s Joint Address to Congress?
President Biden’s first State of the Union will be broadcast virtually everywhere.
All of the major news networks will be airing it. That includes CNN, FOX, NBC, ABC, PBS and C-SPAN. The White House is also going to be streaming the event on its YouTube, Facebook, and Twitter/X pages. As usual, the Twitter stream will show on-screen commentary from Administration officials and cabinet members. So, Twitter/X users are able to stay in the conversation about what’s happening.
YouTube will also air the speech from all of the major news networks, in addition to The White House. So if you have a news network that you prefer to watch, you can still do that on YouTube. Or you can stay neutral with The White House or C-SPAN, which won’t provide any analysis of the address and just show the address itself. While Fox News is typically republican leaning, and CNN or MSNBC is Democrat leaning.
When does it start?
The State of the Union will begin at 9 PM ET. Of course, many news networks will start their coverage earlier, talking about what they expect to hear from Biden in tonight’s speech and such.
As usual, the speech is expected to last about 60 to 90 minutes. So expect it to end around 10:30 PM ET. Following the speech, all of the talking heads from the news channels will be giving their analysis. That includes ABC, CBS, CNN, NBC and many others.
Biden’s previous State of the Union and Joint Address to Congress were over an hour long. With a time of one hour and five minutes in 2021 (this was a Joint Address due to him having just taken office in January 2021). Around an hour and one minute in 2022 and one hour and 13 minutes in 2023. So we’d expect this to be over an hour but less than 90 minutes.
What will Biden talk about?
This is Biden’s third State of the Union, and depending on the outcome of the November election, it could be his last. It’s not often that a President gets the undivided attention of the Cabinet, Senate, US House of Representatives and the Supreme Court, all in the same room. So there’s lots of topics that will be covered.
Of course, a big one is going to be Biden’s age, as he goes into this Election year. Obviously, no president gets a free pass, but with Biden being 81 years old, he’s getting a lot more attention about his age than before. A big part of this is because he’s the oldest person to ever be president. However, his opponent – Donald Trump – is not much younger, currently at 77 years of age.
On the policy side of things, Biden will undoubtedly talk about new policy proposals. The State of the Union is typically where presidents get a chance to lay out their goals and rally Americans to support these plans. So far, The White House has not disclosed what Biden will specifically talk about, but we can expect him to reference unfinished business from his first term. Biden will also likely press for military assistance for Ukraine to reinforce American leadership overseas.
One of the big topics this year, going into the Election, is about the right to have an abortion. Under President Trump, the Supreme Court was able to roll back Roe v Wade, basically making it up to the States. This has caused a lot of issues for women who need to get an abortion due to health issues. Of course, the most high-profile case recently was Kate Cox who lives in Texas but was not able to get an abortion in her home state even though her health was in danger, and her fetus had a fatal condition. Obviously, Democrats are eager to demonstrate how the US Supreme Court’s decision to overturn Roe v Wade has limited reproduction rights. It’s also a topic that Democrats ran on in the mid-terms, and we’d expect the same for 2024.
Who’s delivering the republican response?
This year, it’ll be Senator Katie Britt of Alabama who will deliver the Republican Response to Biden’s speech. Senator Britt is 41 years of age, and has become the youngest female senator and many in the part believes she could be a rising star.
It’s likely that Britt will mention Trump in her speech and put him over as the party’s contender for the presidency this year. It’s also likely that Trump will provide a response to Biden’s speech over on Truth Social after the State of the Union is over.
Who will be attending?
The US Senate, the US House of Representatives, the Supreme Court Justices, and the President’s Cabinet are all in attendance. The First Lady typically has a box in the upper area of the room with many guests that the President will mention throughout his speech. This year, guests for the State of the Union include Kate Cox, a Texas woman who was unable to get an abortion in her home state even though her health was in danger and her fetus had a fatal condition.
Every year, there is also a designated survivor who will not be at the Capitol but instead in a bunker watching the speech with the Secret Service. We don’t yet know who the designated survivor is this year, which is usually disclosed right before the speech begins. However, last year it was Labor Secretary Marty Walsh.
The naming of a Designated Survivor began in the 1960s, to coincide with the Cold War era, because of the threat of nuclear attacks. However, the identity of the designated survivor was not regularly made public until the 1980s.
The purpose of the Designated Survivor is in case there is a mass casualty or an attack on the Capitol during the speech. We’ve seen how this plays out in the ABC show Designated Survivor. Typically, a member of the cabinet is chosen every year, while the other party will choose someone from Congress to be their designated survivor. So that the government can continue in the aftermath.
Group-IB has released its latest report, “Hi-Tech Crime Trends 2023/2024,” highlighting critical global cyber threats.
The report reveals a concerning trend where over 225,000 compromised ChatGPT credentials are being sold on dark web markets, posing security risks for businesses.
AI in the hands of Cybercriminals
Key Points:
Cyber Threat Landscape: The report emphasizes the growing collaboration between ransomware and Initial Access Brokers (IABs), leading to a surge in cyber threats globally.
AI Integration: Cybercriminals are leveraging artificial intelligence (AI) technologies like large language models (LLM) such as ChatGPT to develop sophisticated malware and enhance their operational efficiency.
Dark Web Sales: Group-IB detected a substantial number of compromised ChatGPT credentials for sale on illicit dark web platforms, with over 225,000 logs available from January to October 2023.
Ransomware Activity: The report highlights a significant increase in ransomware attacks, with 4,583 companies having their data published on ransomware Dedicated Leak Sites (DLS) in 2023.
APT Attacks: Nation-state-sponsored threat actors, known as Advanced Persistent Threat (APT) groups, targeted various regions globally, with the Asia-Pacific region being a major battleground.
DocumentIntegrate ANY.RUN in your company for Effective Malware Analysis
Malware analysis can be fast and simple. Just let us show you the way to:
Interact with malware safely
Set up virtual machine in Linux and all Windows OS versions
Work in a team
Get detailed reports with maximum data
If you want to test all these features now with completely free access to the sandbox: ..
Rise of AI in Cyber Threats
Group-IB’s report, which has been a critical resource for fighting digital crime for over a decade, has, for the first time, included a section on AI and its implications for cybersecurity.
The report details how AI technologies, including large language models like ChatGPT, are being exploited by cybercriminals to develop malware, brainstorm new tactics, techniques, and procedures (TTPs), and enhance social engineering attacks.
The United States was the most common target for ransomware groups, as 1,060 US-based companies were the subject of ransomware DLS posts in 2023. The next most affected countries were Germany (129), Canada (115), France (103), and Italy (100).
Global Ransomware Activity
The majority of these compromised accounts were breached by the LummaC2 information stealer, indicating a targeted approach by cybercriminals to exploit ChatGPT’s growing popularity in the professional sphere
Ransomware and Initial Access Brokers: A Persistent Threat
The report also sheds light on the persistent threat posed by ransomware and Initial Access Brokers (IABs).
In 2023, Group-IB’s Threat Intelligence unit detected a 74% increase in the number of companies that had their data published on ransomware-dedicated leak sites (DLS).
Global Nation Wide Attacks
IABs, skilled at exploiting security vulnerabilities, continue to facilitate ransomware attacks by selling unauthorized access to networks.
The average price for corporate access dropped by 27% in 2023, suggesting an increase in the number of sellers and a competitive market.
Group-IB’s latest report underscores the evolving nature of cyber threats and the critical role AI is playing in this landscape.
The sale of compromised ChatGPT credentials on the dark web is a stark reminder of the importance of cybersecurity vigilance.
As AI continues to be integrated into corporate environments, the potential for misuse by cybercriminals grows, making it imperative for organizations to strengthen their defenses against these emerging threats.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
With each new cloud application or third-party SaaS account, the external attack surface of pretty much every organization keeps growing day after day, every day. It becomes wider and more vulnerable. Gartner recognized attack surface expansion as the number one security trend of the year back in 2022.
The only way to deal with this is to manage the vulnerabilities that comprise the attack surface. But it’s impossible to patch or mitigate them all at once, though. This is why security professionals came up with something called risk-based vulnerability management.
Risk-based vulnerability management is a cybersecurity process that prioritizes and addresses the most critical vulnerabilities according to the risk they pose to an organization.
As a process, it has certain stages:
– asset inventory,
– vulnerability identification,
– risk assessment,
– prioritization,
– remediation and mitigation.
These stages may seem the same as those of traditional vulnerability management. But there is a difference: vulnerability risk management enables more effective prioritization. It ensures a focus on the most business-critical vulnerabilities first, instead of simply grading them by their severity score.
Unlike traditional vulnerability management, vulnerability risk management considers factors such as vulnerability criticality, exploit likelihood, and business impact. Using vulnerability risk management allows the organization to allocate resources more efficiently, reduce the attack surface where it has the most impact and improve its security posture. All while maintaining regulatory compliance.
How to Conduct Asset Inventory and Identify Vulnerabilities
There are various sources of weaknesses in external attack surfaces: it could be compromised websites or web applications, misconfigured cloud infrastructures, weak access controls, or inadequate authentication mechanisms in APIs. All these vulnerabilities provide threat actors with an opportunity to compromise sensitive data and gain unauthorized access to the company’s infrastructure.
To manage all of that, you need to start somewhere. The best starting point is getting a clear understanding of the assets within your organization’s external attack surface.
External attack surface management (EASM) tools can help you discover and validate (confirm that they belong to your organization) both known and unknown internet-facing assets such as IP addresses, domain names, subdomains, ports, and SSL certificates. You think you are aware of most of them, but a thorough scan can often reveal quite a few that were previously not on the radar.
Basic scanners can also help discover some assets (however, they likely have lower coverage than a good EASM tool) and identify security flaws and vulnerabilities. EASM tools can do all of that and may provide you with asset inventory and offer a more sophisticated analysis of vulnerabilities, remediation suggestions, and continuous monitoring.
New Vulnerability Prioritization Approach Based on Risk Assessment
A good EASM tool will certainly discover many CVEs in the infrastructure of any company. And a significant number of them will likely fall into the high or critical categories. However, most of these vulnerabilities never see a working exploit. An even smaller number of threat actors get to actively exploit in the wild.
That’s why prioritizing vulnerability remediation solely based on their severity classification may not be the most adequate approach. Vulnerability risk management suggests a more effective method: prioritizing vulnerability fixes based on assessing risks that each vulnerability poses for the organization.
A risk-based assessment considers three main factors:
How critical is the vulnerable asset?
How likely is it that the vulnerability will be exploited?
How will patching it affect the business processes?
For the likelihood of exploitation, you can consider the vulnerability CVSS impact score, and also factors like whether a weaponized exploit is available, whether it is used in the wild, and whether it is trending in the dark web. Some EASM tools include a built-in risk-based prioritization system.
The questions of business criticality are for the business departments to answer, and as for how patching affects business processes, consider potential downtimes and the need to restart some services, thus interrupting the normal business flow.
Remediating & Mitigating Vulnerabilities
After you’ve assessed the risks and prioritized vulnerabilities, you can either remediate or mitigate them. Remediation involves directly addressing and fixing the vulnerabilities to eliminate associated risks. To confirm the success, validate the fix after application.
Sometimes immediate remediation is not possible. For example, you may need to reboot the whole system to implement an update, and that, of course, cannot be done daily. In this case, mitigation strategies will help reduce the potential impact of exploitation until you can apply a permanent fix.
Monitoring and Response: Identify, Assess, Prioritize, Remediate, and Repeat
The process of vulnerability risk management never stops or ends. New vulnerabilities are discovered every day. In January 2024 alone, Microsoft released new patches for 49 vulnerabilities, with 2 of them recognized as critical and 4 as high.
Moreover, new external assets appear in organizational infrastructures every day. So, the process of risk-based vulnerability management is continuously ongoing.
That is where EASM tools again come in handy. Active use of these tools allows to make vulnerability scanning and asset inventory regular – and mostly automated – procedures.
EASM Tools Can Help Implement Vulnerability Risk Management Approach
EASM tools provide companies with the opportunity to adopt vulnerability risk management to address security issues regularly according to organizational risk rather than issue severity.
By employing Vulnerability Risk Management, companies can effectively block potential attack paths and safeguard critical attack vectors to reduce their external attack surface most efficiently.
The Google Pixel 8a is the company’s upcoming mid-range handset. That is the device aimed at a wide range of people, as the ‘Pixel a’ series is usually quite affordable. In the past, we’ve had an easy task of recommending ‘Pixel a’ series devices. It remains to be seen if the same will be the case this time around. The Google Pixel 8a is likely coming in May, during Google I/O 2024. That is, at least, what happened with the Pixel 7a last year.
We’re still not sure when exactly will Google I/O take place, but Google is expected to announce it soon. Google always schedules it for May, so… at least we know that much. In any case, some Pixel 8a info did surface already, in fact, it has been surfacing for months. In this article, we’ll take a closer look at what we (think we) know thus far. That way, you’ll get a better idea as to what to expect.
This article will be regularly updated with new information on the Google Pixel 8a (this is a preview article) — both official teasers and credible leaks, rumors, and insider claims — as it becomes available in the run-up to the release of the upcoming Android smartphone. This is the initial version of the article.
When will the Google Pixel 8a be released?
The Google Pixel 8a will become official in May 2024, almost certainly. The Pixel 7a launched on May 10, as part of Google I/O 2023. Google is expected to announce its successor during Google I/O 2024. The company still has not publicized the exact timing of its developer’s conference for this year, so we’ll have to wait a bit. Nothing guarantees that the Pixel 8a will launch during it, but considering what happened last year, we’re confident it will. Chances are it will be scheduled for mid-May, by the way.
What models are coming?
Google is expected to announce a single Pixel 8a model but with two storage options. The Pixel 7a arrived with 128GB of internal storage. Based on what we’ve heard, the Google Pixel 8a will arrive in both 128GB and 256GB storage flavors, giving you some options. There won’t be a ‘Plus’ or ‘Pro’ model, or anything of the sort. Google has been keeping it simple for years, and chances are the same will be the case this year too.
How much will the Google Pixel 8a cost?
The Google Pixel 8a prices have surfaced already, and it seems like we’re looking at a price increase. Based on a report that mentioned European prices, the Pixel 8a pricing will start at €569.90. That is a price tag for the 128GB storage variant of the phone. The 256GB storage options will set you back €630, allegedly. The Google Pixel 7a retailed for €509 in Europe, at launch, so we’re looking at a price increase this year. The Pixel 7a has been discounted a number of times thus far, and it currently costs €399. Chances are we’ll see some launch offers for the Pixel 8a, followed by some discounts. We still don’t have the rumored price tags for the US.
What will the Google Pixel 8a look like?
The Google Pixel 8a design has surfaced several times thus far. We’ve already seen the phone’s CAD-based renders, while it also appeared in real-life images. On top of that, the phone’s retail box was also spotted online. Do note that you can check out all of those images at the very end of this section. Let’s talk more about what you can expect from this design, as all the leaks thus far basically showed us the same phone. So we can assume that the design that leaked is spot on.
This smartphone will look very similar to the Pixel 8, actually. Google is sticking to its design language here. The phone will feature a camera visor on the back, with two cameras placed inside of it. As you can see in the image provided below this paragraph, the Pixel 8a will be a bit larger than the Pixel 8. Its camera visor will be shorter, while the pill-shaped cutout for the two cameras will be smaller than it is on the Pixel 8. The overall shape of the device will remain unchanged, however.
Google Pixel 7a vs Pixel 8 vs Pixel 8a
The camera visor is smaller, but still very similar to the one on the Pixel 8
You’re still getting rounded corners, and the phone’s backplate will curve towards the edges, all of them. The camera visor still connects to the frame of the phone, on the left and right sides. Google’s logo will be present on the back, and it will once again be semi-transparent. When you flip the phone around, you’ll be greeted with a flat display. There will be a centered display camera hole at the top of that display, and the bezels will be thicker than on the Pixel 8. They won’t be thick, though.
The power/lock button will sit on the right-hand side, right above the volume up and down buttons. That’s the way Google does it, the opposite of all other Android OEMs, basically. The device is said to arrive in four color options. Those colors are Bay, Mint, Obsidian, and Porcelain. In other words, those are blue, greenish, black, and white colorways, based on what we’ve seen in the past. The Pixel 8a is said to measure approximately 152.1 x 72.6 x 7.9mm.
CAD-based renders:
Real-life images:
Retail box:
What specs will the Google Pixel 8a have?
What about its specifications? Well, the phone did surface on Geekbench, which gave us several pieces of the puzzle. We can also guess some of the specs, but we still don’t have full details. In any case, the Google Pixel 8a will be fueled by the Google Tensor G3 processor. That is the chip that fuels the company’s current-gen flagships, and the Pixel 8a will also get it. That’s what happened last year with the Pixel 7a, it’s standard practice. Google uses the most powerful chip it has at the moment for the ‘Pixel a’ series devices.
We’ll get a 256GB storage option this time around
Geekbench also listed 8GB of RAM for the device, and that’s likely the only RAM model we’ll get. Both 128GB and 256GB storage options were mentioned in rumors. Therefore, unlike last year, we’ll get two storage variants. The storage will not be expandable, by the way. Android 14 was mentioned too, which was to be expected, as that’s the most recent version of Google’s operating system.
A 6.1-inch fullHD+ AMOLED display is expected to be included on the phone. The one on the Pixel 7a was a 90Hz panel, we’re not sure if Google plans to improve that with the Pixel 8a. The company could include a 120Hz panel on the upcoming ‘Pixel a’ smartphone. That would certainly be a nice gesture considering the price bump. The display will be flat, though, and it will be an AMOLED unit too.
A considerably larger battery is tipped
One report suggested that the phone could include a 5,000mAh battery. If that ends up being the case, its battery will be a lot bigger than the one used in the Pixel 7a. The Pixel 7a includes a 4,385mAh battery on the inside. Do note that the aforementioned report was not 100% clear on whether this is truly a Pixel 8a battery, so… take it with a grain of salt. In terms of charging, we’re not expecting any improvement, but we’ll hopefully see some. At the moment, the most probable outcome is that it will support 18W wired charging like the Pixel 7a, and 7.5W wireless charging too. A charger won’t be included in the package.
The phone will feature stereo speakers, and it will also come with an in-display fingerprint scanner. That fingerprint scanner will be of an optical variety. In terms of cameras, we’re still not sure what to expect. The Pixel 7a managed to pack in a few surprises, so we’ll just wait for more information. The phone is expected to measure 152.1 x 72.6 x 8.9mm.
Should you wait to buy the Google Pixel 8a?
In case you’re wondering whether the Pixel 8a is worth waiting for… well, it’s still too early to tell. The Pixel 7a is a very capable smartphone, and it’s hard to advise against buying it at its current price tag. That is especially true if the Pixel 8a will see a price increase. On the other hand, we’re about 2 months away from the Pixel 8a’s arrival, so it may not be a bad idea to wait a bit and see what the phone will end up offering.
Back in January 2022, Verizon announced that it was rolling out C-Band to nearly half of the US. AT&T also starting to roll out its C-Band network. But what exactly is C-Band? That’s what we are here to talk about today. To help you learn more about C-Band, how it works with existing 5G networks, and whether you need it in your next smartphone or not.
What is C-Band?
It’s important to explain what exactly C-Band actually is. Essentially, C-Band is a set of radio airwaves that operate at a frequency between 3.7 and 3.98 GHz. That is also called the “mid-band spectrum.”
For Verizon and AT&T, they have been building their 5G network off of its low-band and mmWave spectrum that it already had. That’s the low-end and the high-end of a 5G network, and C-Band will serve in the middle. Remember when it comes to spectrum, the lower the spectrum the larger coverage area it can achieve and the less bandwidth it has. And the higher the spectrum, the more bandwidth you’ll get, but coverage really suffers.
This is why mmWave coverage is so pitiful, but you can still get multi-gigabit speeds from it.
The plan for the carriers is to use low-band, C-band and mmWave to build out their 5G network. That’s going to provide excellent coverage while also providing blazing-fast speeds.
C-Band will allow carriers to offer much faster speeds, without hurting the coverage of their network. So it’s going to work out quite well.
How fast can C-Band be?
Peak speeds are normally not worth talking about, but we’ll do it here. Verizon claims that peak speeds with C-Band will be around 1Gbps. Which doesn’t sound all that great when mmWave can achieve up to 5Gbps already on Verizon. However, that C-band theoretical speed is currently 10x faster than 4G LTE.
The main difference here is that while mmWave can really only be used outdoors, C-Band will be available inside. Allowing Verizon and other carriers to use it for Home Internet – which is their plan anyway.
Verizon and AT&T are going to use the C-Band spectrum to plug coverage gaps in their 5G networks that fall between mmWave and low-bands. So that they can better blanket the entire country with 5G coverage. Between Verizon, AT&T, and T-Mobile, the carriers spent over $80 billion buying up this C-Band spectrum from the FCC last year. Now, it’s starting to become clear why the carriers spent that much.
How does C-Band work with the existing 5G networks?
As we’ve already mentioned, the C-Band is basically the middle layer of the 5G cake. To T-Mobile’s credit, they did a really good job explaining this to those who aren’t super knowledgeable about how wireless carrier networks work. You can see a picture of the 5G Layer Cake below.
Basically, you have the low-band spectrum that is rolled out nationwide, typically using 600MHz, 700MHz, or 800MHz, depending on the carrier. Then there’s the mid-band layer, which is going to be C-Band along with the 2.5GHz spectrum T-Mobile got when it acquired Sprint. At the top, you’ll see mmWave, which will be used in dense urban areas. Think of airports, stadiums, downtowns, malls, etc.
C-Band or mid-band spectrum, will slot in between the low-band and the mmWave spectrum that carriers have already rolled out. It’ll be available in more areas than mmWave, but perhaps not as much as low-band is. It’s also going to help carriers bring in more bandwidth, which is going to be important as we get more and more 5G devices on these carrier networks. Not just smartphones, tablets, and smartwatches but also laptops, autonomous cars, and more.
What smartphones have C-Band support?
For the past year, most smartphones sold by AT&T, T-Mobile or Verizon have had C-Band support. However, it’ll need to be turned on for it to actually work. So expect a software update once the spectrum is rolled out and turned on – for Verizon, that should be later this month.
If you bought an unlocked smartphone, you may have C-Band support, or you may not. It’ll depend on the phone manufacturer, but if you bought it from a carrier, it will definitely have it.
As far as phones that support C-Band, that’s essentially any phone released since the middle of 2022. So the iPhone 12 and later, Galaxy S22 and later, Pixel 7 and later.
Verizon has also said that the iPad Pro and iPad Mini do work with C-Band. There are not a lot of phones that support C-Band as of right now, but in 2022, every phone that Verizon and AT&T sell will have C-Band spectrum support. It will likely not need a software update, as C-Band will already be rolled out.
Will I need to change my plan?
This will depend on your carrier, but you may need to change your plan, or the carrier may roll out new plans. For example, Verizon did roll out some new plans that now support access to its C-Band spectrum.
Verizon did roll out some new plans that now work with its C-Band network. Prices did not change, and Verizon actually added some more data to them all. Including a plan that now has no deprioritization. Meaning you can use as much data as you want and never be slowed down. This is a really good plan to check out, especially with the speeds we’re talking about for 5G.
Verizon is offering C-Band under its Ultra Wideband branding, and AT&T has not mentioned anything about its plans just yet.
Update: Verizon no longer offers these plans. They now have new plans once again. These are Unlimited Welcome, Unlimited Plus and Unlimited Ultimate, which take out the monthly perks like Disney+, Walmart+, and others, and allows you to add them for just $10 per month, per perk.
When will I be able to access the C-Band spectrum?
The FAA actually asked Verizon and AT&T to delay launching their C-Band network, due to concerns raised by the airlines. But they only agreed to delay this until January 19. So we could see both networks light up on January 19, 2021.
T-Mobile won’t be launching their C-Band network until late-2023. But T-Mobile is not in a big hurry to do it, since it does have that 2.5GHz mid-band spectrum from its Sprint acquisition.
Why does the FAA have an issue with C-Band?
The airlines and aviation officials have been arguing that the frequencies that C-Band covers could interfere with the instruments used in aircraft and contend that deployments of 5G near airports could endanger takeoff and landing operations.
The FCC and the FAA have disagreed on whether C-Band actually interferes with instruments like altimeters that measure in the 4.2-4.4GHz spectrum. Meanwhile the CTIA has argued that 40 countries including Australia, China, France and others, have already deployed over C-Band with no issues involving aircraft.
So does this mean no C-Band in airports? For now, nope. But that could change. Carriers have already deployed mmWave in most airports already, which is arguably more important, as it’ll be able to handle the bandwidth from having thousands of people in a smaller space. So it’s not as big of a deal in an airport as it is in other parts of a city or town.
Do I need C-Band in my next smartphone?
If you are one that does not upgrade your phone all that often – say every 3-4 years – then yes, make sure your next smartphone has C-Band support. But if you upgrade pretty often, then it may not be a big deal for your next phone. But it is still worth making sure it has C-Band support. Since you’ll be able to experience much faster speeds.
C-Band isn’t a switch that will be turned on across the country all at once. So there’s still going to be a few months for some areas to actually get C-Band spectrum.
A critical vulnerability in OpenNMS, a widely used network monitoring solution, has been identified, allowing attackers to inject malicious JavaScript payloads through a Cross-Site Scripting (XSS) flaw.
This vulnerability, tracked as CVE-2023-0846, has raised significant concerns due to its potential to compromise the security of networks monitored by OpenNMS.
The XSS flaw stems from improper sanitizing of user input within the OpenNMS web application.
Attackers can exploit this vulnerability by sending specially crafted data to the application, which then reflects the malicious script to the user’s browser without adequate validation.
This allows the attacker to execute arbitrary JavaScript code in the context of the victim’s session, potentially leading to session hijacking, data theft, and unauthorized actions on the application.
OpenNMS XSS Flaw
Exploiting this vulnerability is particularly concerning due to its simplicity and the ease with which attackers can leverage it.
DocumentIntegrate ANY.RUN in your company for Effective Malware Analysis
Malware analysis can be fast and simple. Just let us show you the way to:
Interact with malware safely
Set up virtual machine in Linux and all Windows OS versions
Work in a team
Get detailed reports with maximum data
If you want to test all these features now with completely free access to the sandbox: ..
The SonarSource report states that this payload is executed when an administrator views the alarm generated by the manipulated SNMP trap, granting the attacker access to the admin’s session and the broader network.
The impact of the XSS vulnerability is dramatically increased when combined with a command injection flaw in OpenNMS.
Attackers can use the XSS vulnerability to gain initial access and then exploit the command injection vulnerability to execute arbitrary code on the OpenNMS server.
This combination of vulnerabilities allows for a full compromise of the OpenNMS system, enabling attackers to manipulate network monitoring data, disrupt services, or gain unauthorized access to networked devices.
Impact on OpenNMS
The discovery of these vulnerabilities by SonarSource has prompted urgent action from the OpenNMS community.
The vulnerabilities were addressed in OpenNMS version 31.0.4, which includes fixes to prevent XSS attacks and command injection.
However, the presence of these vulnerabilities highlights the critical need for rigorous input validation and sanitization in network monitoring solutions.
Organizations using OpenNMS are strongly advised to update to the latest version to protect their networks from potential exploitation
XSS vulnerability in OpenNMS, especially when combined with a command injection flaw, represents a security risk.
It underscores the importance of continuous security assessment and prompt patching of vulnerabilities in critical infrastructure components like network monitoring systems.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited. Zero-day vulnerabilities are discovered by attackers before the software company itself – meaning the vendor has ‘zero days’ to fix them.
Both the two vulnerabilities allow an attacker to bypass the memory protections that would normally stop someone from running malicious code. Reportedly, attackers used them with another unpatched vulnerability or malicious app, and the combination could be used to give them complete control over targeted iPhones.
The update is available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.
A patch for iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation, running iOS 16.7.6 or iPadOS 16.7.6 is available for one of the vulnerabilities.
To check if you’re using the latest software version, go to Settings > General > Software Update. You want to be on iOS 17.4 or iPadOS 17.4, so update now if you’re not. It’s also worth turning on Automatic Updates if you haven’t already. You can do that on the same screen.
Technical details
The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The zero-day CVEs patched in these updates are:
CVE-2024-23225: a memory corruption issue was addressed with improved validation. A patch is available for this issue in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple says it’s aware of a report that this issue may have seen active exploitation.
CVE-2024-23296: a memory corruption issue in RTKit was addressed with improved validation. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple says it’s aware of a report that this issue may have seen active exploitation.
RTKit is Apple’s real-time operating system, running on multiple chips in iPhone, Watch, MacBook, and peripherals like the iPod. A real-time operating system, is software that manages tasks on a single core, which is crucial for real-time applications that require precise timing.
Apple included several other vulnerabilities in the update, some of which it listed but it also mentions “Additional CVE entries coming soon.” For protection against attackers reverse engineering updates to find the vulnerabilities, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.
We don’t just report on phone security—we provide it
.webp)
.webp)
