Next-gen Huawei SoC to be as fast as the Snapdragon 8+ Gen 1
The Kirin 9000S is the company’s most powerful SoC at the moment. That chip arrived last year, and it’s fueling the Huawei Mate 60 series, amongst others. That chip is the equivalent to the Snapdragon 888 in terms of power.
Huawei had to deal with a lot of problems due to the US sanctions. It ditched Kirin chips for years until it made a comeback last year. That chip was made in collaboration with SMIC, and Huawei had limited resources to work with, because of the sanctions.
The Kirin 9000S performed really well in the Mate 60 series and the Mate X5, despite the fact it’s inferior to modern flagship processors. This upcoming model will certainly be an improvement, and Huawei customers will appreciate it.
The Snapdragon 8+ Gen 1 still offers great performance
The Snapdragon 8+ Gen 1 still performs great, so… there’s no huge reason to worry, even though you won’t be getting the latest and greatest. This does give Huawei the chance to put 5G connectivity in their phones and avoid US sanctions, in a way.
That processor will first be used in the Huawei Mate 70 series, based on a new rumor. The upcoming Huawei P70 phones almost certainly will not get that chip, as it’s still too early for that.
The Huawei P70 series is tipped to utilize the Kirin 9010 processor, which could be a reworked version of the Kirin 9000S. In other words, that will also be a 7nm processor. The upcoming chip will be a completely different story, as a 5nm process is rumored.
If you’re a WhatsApp user, and with over 3 billion users worldwide, chances are you are, you’ve likely noticed the app’s frequent updates and addition of new features. Now, there’s another one in the pipeline, aimed at enhancing convenience for users.
According to WABetaInfo, a reliable source for WhatsApp updates, the latest WhatsApp beta for Android (version 2.24.5.5), available on the Google Play Store, indicates that WhatsApp is working on introducing the option to select favorite contacts directly within the Android app.
Image Credit–WABetaInfo
As seen in the screenshot, users will soon have the ability to select their favorite contacts. Once chosen, these favorites will appear prominently at the top of the calls tab, making it easier to reach out to your most contacted users with just a single tap.
Users will be able to handpick their favorite contacts from the contacts picker, creating a personalized experience based on their preferences.
The Favorites bar will make calling your preferred contacts on WhatsApp much quicker. If you often make calls using WhatsApp, this shortcut will save you valuable time, eliminating the need to search through your call log or contact list repeatedly.
The feature to set favorite contacts for quick calls is currently in development and is expected to be available in a future update of the app.
Researchers have discovered that threat actors have been using open-source platforms and codes for several purposes, such as hosting C2 infrastructure, storing stolen data, and delivering second and third-stage downloaders or rootkit programs.
Two open-source PyPI packages were discovered to be utilized by threat actors for executing code via DLL sideloading attacks as a means of evading security monitoring tools.
The packages were identified as NP6HelperHttptest and NP6HelperHttper.
Malicious PyPI Packages
According to the reports shared with Cyber Security News, open-source ecosystems are most widely used by almost every developer, which does not have a reputation provider to assess the quality and reliability of the code.
Thus making it extremely simple and easier for threat actors to insert malicious codes into the repositories and perform supply chain attacks.
In addition to this, researchers discovered two attack types that are used in software supply chain attacks, namely typosquatting and repojacking.
The two malicious PyPI packages were involved in the Typosquatting attacks as the package names are identical to one of the legitimate NP6 packages.
Malware infection stages (Source: Reversing Labs)
Developers mostly ignore the spelling and consider the packages legitimate, proceeding to use them in development.
Once this is done, threat actors can pivot their ways into the organizations and perform malicious activities.
Malicious Script Abusing DLL Sideloading
Both of the malicious PyPI packages consisted of a setup.py script that extends the setup tools command for downloading two other files: Comserver.exe and dgdeskband64.dll.
Comserver.exe is a legitimate file signed with a valid certificate from Beijing-based Kingsoft Corp, while dgdeskband64.dll is a malicious file that downloads further and runs a second-stage payload.
Setup.py file (Source: Reversing Labs)
The Comserver.exe has the purpose of loading a library, dgdeskband64.dll, for invoking its exported function Dllinstall.
However, the dgdeskband64.dll malicious file inside the package is not the legitimate one expected from comserver.exe.
Different exports for the legit and malicious dll (Source: Reversing Labs)
This custom-built dgdeskband64.dll by threat actors does the same Dllinstall export function under the disguise of the legitimate Dgdeskband64.dll library, resulting in a DLL sideloading attack.
This is done as a means of avoiding detection of the malicious code.
Moreover, execution of the malicious code is achieved by registering an exception handler inside the Dllinstall export function.
A second sample was also found, but it does not exploit DriverGenius’ ComServer.exe; instead, it uses a .exe and target DLL, windowsaccessbridge-64.dll.
However, the functionality of both the samples is similar, and the same URL downloads the same payload as the other PyPI packages.
Indicators Of Compromise
PyPI Packages
package_name
version
SHA1
NP6HelperHttptest
0.1
1fc236e94b54d3ddc4b2afb8d44a19abd7cf0dd4
NP6HelperHttptest
0.2
dfc8afe5cb7377380908064551c9555719fd28e3
NP6HelperHttptest
0.3
73ece3d738777e791035e9c0c94bf4931baf3e3a
NP6HelperHttptest
0.4
e3a7098e3352fdbb5ff5991e9e10dcf3b43b1b86
NP6HelperHttptest
0.5
575bcc28998ad388c2ad2c2ebc74ba583f5c0065
NP6HelperHttptest
0.6
a1bb4531ce800515afa1357b633c73c27fa305cf
NP6HelperHttper
0.1
a65bce340366f724d444978dcdcd877fa2cacb1c
Additional Indicators:
description
URI
Domain that’s hosting the malicious dll
https://fus.rngupdatem[.]buzz
Domain that’s hosting the shellcode payload
Us.archive-ubuntu.top
name
type
SHA1
dgdeskband.dll
PE/dll
1f9fcf86a56394a7267d85ba76c1256d12e3e76b
windowsaccessbridge-64.dll
PE/dll
84c75536b279a85a5320f058514b884a016bc8c8
an.gif
shellcode
2dc80f45540d0a3ea33830848fcf529f98ea2f5e
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.
Another day, another misconfigured database jeopardizes the online privacy and physical security of hundreds of thousands of children and families.
Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database containing over 200,000 records, including personally identifiable information (PII) of students and parents.
According to Fowler’s findings, detailed in a blog post for VPNMentor, there were over 210,020 records or 153.76 GB of data in the unprotected database. It was associated with the Online Voucher Application (OVAP) created by the Department of Education and the Private Education Assistance Committee.
Fowler uncovered a vast collection of sensitive records, including children’s and family members’ full names, DOBs, home addresses, phone numbers, tax records, as well as unredacted images of children.
The database also contained official documents such as tax filings, voucher applications, guardian/parent consent forms, financial assistance, employee certificates, local government certificates, and death certificates, which also hold personal data. For instance, tax records typically contain full names, addresses, phone numbers, employers, and tax identification numbers. A concerning aspect of the breach is that the application folders contained child profile photos.
A sample of what data was exposed (Credit: VPNmentor)
The National Privacy Commission (NPC) of the Philippines has since secured the database and is investigating the matter further. It is unclear who owns and manages the database, how long the records were exposed, or if anyone else may have gained access.
The Philippines’ Department of Education created the OVAP platform for eligible students seeking financial aid, allowing them to apply for vouchers for Senior High School education. However, the platform’s lack of password protection raises potential security concerns.
The full details of exposed data can be viewed here. However, the data leak has potentially exposed students and parents to a wide range of online threats. Students’ families submit tax filings and income declarations during application processes, which may expose sensitive financial information, potentially exposing them to financial fraud, phishing attempts, or identity theft.
Additionally, this could lead to monetary loss for students and their families. Additionally, PII, including children/minors’ data, can be compromised, posing a lifelong risk to their privacy and digital identities.
Governments and relevant departments must prioritize strong cybersecurity measures and protect the sensitive data of their citizens when creating such portals. Regular risk assessments and security audits are needed to secure public data and prevent unauthorized actors from accessing it.
The Xiaomi 14 Ultra has surfaced a couple of times thus far, and we’ve seen only two colors of the phone, black and white. Well, a third color just appeared. A blue Xiaomi 14 Ultra surfaced online, confirming that we may get more choices.
The Xiaomi 14 Ultra will launch in a blue color too
The thing is, this color could be exclusive to China, unfortunately. If you check out the image below, in which the phone appears, it poses with the other two colors, and these are obviously Chinese promo materials. You can see some writing in Chinese above the three devices.
This would not be the first time that China gets more color options than the rest of the world. Xiaomi could yet surprise us and offer that color option to more markets. We do hope that will be the case, as not everyone likes black and white colors.
We do know that the Xiaomi 14 Ultra will launch in global markets, though. The phone will become official on February 22 in China, and it will launch globally on February 25. Xiaomi will announce the phone in Barcelona, during the Mobile World Congress (MWC).
The Xiaomi 14 Ultra will resemble its predecessor, and it will even have a very similar camera island. The back side will be more flat this time around, without the gradual increase in thickness towards the camera island.
That blue model will use different materials for its backplate
The company will use vegan leather on the back of both black and white models, while this blue model seems to have glass on the back. It could even have ceramic on the back, instead of glass, we’ll see.
This is actually another reason why Xiaomi should bring this model to global markets, to give users more choice in terms of backplate materials. Not everyone likes vegan leather, some people prefer glass, and vice versa.
The Snapdragon 8 Gen 3 will fuel the Xiaomi 14 Ultra. The phone will feature LPDDR5X RAM and UFS 4.0 flash storage, in addition to four 50-megapixel cameras on the back. The main camera will use the Sony LYT-900 sensor, and variable aperture too.
The dispute between Epic and Apple began when the game maker bypassed Apple’s in-app purchase system in Fortnite. The move prompted the tech giant to remove the game from the App Store. In response, Epic Games filed a lawsuit against Apple, accusing the company of anti-competitive behavior and monopolistic practices.
EU DMA rules bring back the Epic Games Store to iOS
After years of living behind closed gates, the EU’s Digital Markets Act (DMA) is finally forcing Apple to open up its ecosystem for third-party app stores in the continent. EU officials have even threatened Apple with “Strong Action” if it fails to meet the DMA regulations. Thanks to the DMA, Apple should allow app sideloading on iOS and let developers distribute their apps via third-party stores.
“I’ll be the first to acknowledge a good faith move by Apple amidst our cataclysmic antitrust battle, in granting Epic Games Sweden AB a developer account for operating Epic Games Store and Fortnite in Europe under the Digital Markets Act,” Epic’s CEO and founder Tim Sweeney said. Sweeney already described App Store changes as “Hot Garbage.”
The UK users will have to wait
Meanwhile, UK users should wait until the UK’s Digital Markets Bill passes Parliament. The bill could grant similar provisions to Epic Games and let it operate in the country. As a side note, the UK left the European Union in 2020. Therefore, DMA rules do not apply in the UK.
While this ruling is a positive step towards a more open App Store environment, the legal battle between Epic Games and Apple is far from over. Both companies are likely to continue their legal proceedings in other regions.
A very sketchy rumor surfaced recently, claiming that both OPPO and Vivo are giving up on foldable smartphones. That rumor was so far-fetched that we didn’t even cover it, as it seemed completely off-point from the get-go. It could have even been poorly translated. Well, it seems we were right, as OPPO decided to react. OPPO has just confirmed its utter dedication to foldables, just to appease its users.
OPPO reacted to a recent rumor by confirming its utter dedication to foldables
The company said the following: “OPPO’s dedication to the continuous development of foldable smartphone technology remains unchanged. Please stay tuned for our official updates and announcements.”
This should not surprise anyone. True, the foldable smartphone sales have dropped in 2023, but that’s not something that would push OPPO to such a drastic move. The company not only poured a ton of cash into foldables, but it also made some of the best foldable smartphones over the years.
People are still very much interested in foldables, and they’ve gotten extremely good at this point. The OPPO Find N3, which is essentially the OnePlus Open with a different brand, is easily one of the best foldables to date. It was our best foldable smartphone for 2023, and it still is.
Just because the market changed a bit doesn’t really mean anything. Also, it seems like sales of clamshell foldables took more of a hit, book-style foldables are a different story, and that seems to be OPPO’s main focus either way.
OPPO launched a handful of compelling foldable phones in markets outside of China
OPPO did launch several foldables in global markets, unlike Vivo. Vivo is still focused on its home market when it comes to foldable phones. That could change this year, though, we’ll see.
Foldable smartphones have gotten extremely good, and also thin at the same time. The OPPO Find N3 / OnePlus Open and HONOR Magic V2 are both excellent examples. We have plenty to look forward to in 2024.
HONOR is expected to deliver the Magic V3, while the Google Pixel Fold 2 is also coming, and it is expected to be a considerable improvement over the first-gen model. The OPPO Find N4 is also on the way and more.
VMware has issued an urgent advisory to administrators to remove a deprecated authentication plugin vulnerable to severe security threats.
The Enhanced Authentication Plugin (EAP), which provided seamless login capabilities to vSphere’s management interfaces, is susceptible to authentication relay and session hijack attacks due to two unpatched security vulnerabilities.
DocumentLive Account Takeover Attack Simulation
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks.
Critical Vulnerabilities Identified
The two vulnerabilities, CVE-2024-22245 and CVE-2024-22250, pose significant risks to Windows domain environments.
CVE-2024-22245, with a CVSS score of 9.6, allows a malicious actor to relay Kerberos service tickets, potentially leading to the takeover of privileged EAP sessions.
CVE-2024-22250, scored at 7.8, enables an attacker with local access to hijack an EAP session initiated by a privileged domain user.
These vulnerabilities were discovered by Ceri Coburn from Pen Test Partners and reported to VMware, which has acknowledged the critical nature of these flaws.
A vulnerability known as the Arbitrary Authentication Relay is present in the VMware Enhanced Authentication Plug-in (EAP).
With a maximum CVSSv3 base score of 9.6, VMware has determined that the severity of this issue falls into the Critical severity range.
By installing EAP on a target domain user’s web browser, a malicious actor might fool them into requesting and transmitting service tickets for any Active Directory Service Principal Name (SPN).
The VMware Enhanced Authentication Plug-in (EAP) has a security hole that could allow unauthorized users to hijack sessions.
This vulnerability has a maximum CVSSv3 base score of 7.8, which VMware has classified as of critical severity.
A privileged domain user on the same machine can start a privileged EAP session, but an attacker with unprivileged local access to Windows can hijack it.
Impact on Users and Organizations
The deprecated EAP is not installed by default and is not part of VMware’s core products like vCenter Server, ESXi, or Cloud Foundation.
However, it may have been manually installed on Windows workstations used for administrative tasks.
These vulnerabilities in the EAP can put organizations at risk of unauthorized access and control over their virtualized environments, potentially leading to data breaches and system disruptions.
VMware’s Response and Recommendations
VMware has decided not to patch the EAP due to its deprecation and the associated security risks of bypassing modern web browser security features.
Instead, VMware recommends completely removing the EAP to secure systems against potential attacks.
The company has provided PowerShell commands to uninstall the plugin and the associated Windows service.
VMware suggests using other authentication methods such as Active Directory over LDAPS, Microsoft Active Directory Federation Services (ADFS), Okta, and Microsoft Entra ID24 as alternatives to the vulnerable plugin.
VMware’s advisory underscores the importance of maintaining up-to-date and secure authentication mechanisms.
Organizations using the EAP should take immediate action to remove the plugin and switch to supported authentication methods to protect their environments from potential exploitation.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The Nothing Phone (2a) design surfaced a couple of times thus far, but some of those leaks were proven to be inaccurate. Well, SmartPrix now partnered up with @OnLeaks to show us the final Nothing Phone (2a) design.
The final Nothing Phone (2a) design gets shown thanks to CAD-based renders
If you check out the gallery below the article, you’ll see the phone itself. Do note that these images are based on CAD-based renders. So the design should be spot on, but the color not so much.
The Nothing Phone (2a) will feature flat sides and will have rounded corners. Its front and back sides will also be flat, while a flat display will be used, along with a centered display camera hole.
On the back, you’ll see two horizontally-aligned cameras, and that see-through backplate that we’re used to. Based on these images, the Glyph light system will also be used, despite what some recent rumors have been saying.
It will look a bit different compared to the Nothing Phone (2)
This phone does more than enough to differentiate itself from the Nothing Phone (2), that’s for sure. Its backplate is quite different, while also obviously being somewhat similar, just so that it’s obvious the two phones are siblings.
The bezels around the phone’s display also seem to be quite thin. All the physical buttons sit on the right-hand side of the phone, while a Type-C USB port sits at the bottom.
A 50-megapixel main camera is expected on the back, and a 50-megapixel ultrawide unit too. Both camera sensors will be taken from Samsung, as they’ll be ISOCELL S5KG9 and JN1 sensors, respectively.
A large battery is expected, along with 45W wired charging
The phone is also said to offer 12GB of RAM, in at least one of its versions. An 8GB RAM model is also expected. A 5,000mAh battery is expected too, as is 45W wired charging. Android 14 will come pre-installed on the phone.
The Nothing Phone (2a) will measure around 162.2 x 76.5 x 8.7mm and weighs 188 grams. It will launch on March 5.
People excited about the next Asus Zenfone are definitely going to love the company’s latest announcement. ASUS just posted a teaser for this upcoming phone, and we got a good look at it. Also, the company announced when the launch date for the Zenfone 11 Ultra will be.
This Zenfone brand has been around since 2014, and the franchise hasn’t been performing as well as much as the competition. However, ASUS is coming out with the next iteration, and the name is a bit confusing. There is a Zenfone 11 Ultra coming out, but we’ve got no word on a regular version of the Zenfone 11. So, we’re just going to have to wait and see what other phones ASUS is planning on releasing.
Asus announced the launch date for the Zenfone 11 Ultra
We don’t know too much official information about this phone, but we’re pretty certain it’s going to have a lot of the best flagship phone specs of 2024. The company only gave us a teaser off the phone. We do know that it’s going to have some rather thin bezels, a very large screen, and some advanced camera features. The ASUS website also touted a long-lasting battery, but what company doesn’t say that?
As for the launch date, ASUS said that the Zenfone 11 Ultra will launch on March 14th. That’s only a few weeks away, so it’s pretty much around the corner.
What specs are we looking at?
As for the rumored specs, the Zenfone 11 Ultra is expected to have a 6.78-inch TLPO AMOLED display with a 144Hz refresh rate and a 1080p+ resolution. It’s expected to come with a Snapdragon 8 Gen 3 and launch with Android 14 out of the box.
As for the internals, the Zenfon 11 Ultra could have a version with 12GB of RAM and 256GB of storage along with a version with 16GB of RAM and 512GB of storage. Keeping the lights on, there could be a 5,500mAh battery with 65W charging.
As for the camera, we could be looking at a triple-camera setup with a 50-megapixel main camera, a 32-megapixel telephoto camera with 3x zoom, and a 13-megapixel ultrawide camera. Up front, we’re looking at a 32-megapixel selfie camera.
As always, these are leaked specs, so you should not take them as fact just yet. If the rumored specs are correct, then we are definitely looking at a powerful device. If you’re excited, mark your calendar for March 14th.