If you’re an iOS user who wants to watch Reels without having Instagram, you might soon be in luck, according to a new leak.
9to5Mac reports that the Instagram app version 319.0.2, available to beta testers via TestFlight, has introduced an App Clip. Wondering what an App Clip is? Apple defines it as a “small part of an app that lets you do a task quickly, like rent a bike, pay for parking, or order food.” Basically, it’s a mini app you can test without downloading the full version.
You can find App Clips in Safari, Maps, and Messages, or even in the real world through NFC tags, QR codes, and App Clip Codes—special markers that direct you to specific App Clips.
In the case of the Instagram App Clip, it allows users to experience the Reels short video platform integrated into the main Instagram app. Much like TikTok’s App Clip, the Instagram version enables users to watch a Reel within the app’s native interface, even if they don’t have Instagram installed.If someone texts you an Instagram Reel link, it’ll open up in the App Clip instead of your usual web browser. You can keep scrolling through and checking out different Reels, and even share one with your friends. But here’s the catch – after you’ve seen about six Reels, the App Clip will nudge you to download Instagram if you want to keep watching more.
This new feature is a pretty neat addition to the iOS Instagram app. It could come in handy for folks who don’t want to dive deep into social media but still want to stay in the loop with the latest viral trends, for instance.
Talking about diving deep into social media and apps, a recent study revealed that the average daily screen time Americans spend on their phones slightly decreased from 4.42 hours in 2022 to 4.34 hours in 2023. It might not be a huge drop, but every minute matters in the digital realm. If you’re curious about which apps took the lead on US residents’ screens and wallets in 2023, take a look at our dedicated piece.
Malware often targets Windows users due to the operating system’s widespread popularity, making it a lucrative target for threat actors.
Windows systems have historically been perceived as more vulnerable due to their larger user base and the majority of security vulnerabilities.
The FortiGuard team recently discovered a cluster of malware droppers delivering various final-stage payloads in 2023.
In a report shared with Cyber Security News (CSN), Fortinet affirmed these droppers use multiple stages of obfuscated payloads, with some identified payloads including Leonem, AgentTesla, SnakeLogger, RemLoader, Sabsik, LokiBot, Taskun, Androm, Upatre, and Remcos.
Named ‘TicTacToe dropper,’ the group is identified by a common Polish language string, ‘Kolko_i_krzyzyk,’ interpreting TicTacToe.
DocumentLive Account Takeover Attack Simulation
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks.
Technical analysis
Security analysts found dropper samples delivering malware via .iso files in phishing attachments (T1566.001). This technique helps in hiding malware in iso files that aim to evade antivirus detection and use mark-of-the-web bypass (T1553.005).
The ISO contained an executable that had layered DLL files that were decoded at runtime, and besides this, the extraction process is complicated.
TicTacToe dropper extraction process (Source – Fortinet)
The dropper consistently shared various remote access tools (RATs) for over a year. The initial sample, ‘ALco.exe’ (SHA-1 b6914b8fa3d0b67eb6173123652b7f0682cd24fb), is a 32-bit .NET executable. Upon execution, it loads a .NET PE DLL file directly into memory without disk writing.
Extracting the PE DLL file from the dropper EXE in the tool dnSpy (Source – Fortinet)
The experts extracted the DLL at runtime by naming it ‘Hadval.dll’ or ‘stage2 payload.’ This 32-bit .NET PE DLL is obfuscated with DeepSea 4.1 and has unreadable function names and code flow obfuscation distinct from the primary executable’s obfuscation (undetermined version).
Obfuscated code of Hadval.dll shown in the dnSpy tool (Source – Fortinet)
An open-source .NET de-obfuscator, De4dot successfully subverted DeepSea 4.1 obfuscation in Hadval.dll. The tool detected and de-obfuscated the file by providing a cleaner version using C#.
While debugging ‘ALco.exe,’ security analysts found that Hadval.dll extracts a gzip blob by revealing a 32-bit PE DLL (‘cruiser.dll’) which was protected by SmartAssembly.
SmartAssembly safeguards .NET code from reverse engineering using obfuscation and encryption that prevent intellectual property theft. However, this info is visible using the ‘Detect It Easy’ tool.
Detect Easy (Source – Fortinet)
De4dot cleaned the cruiser.dll file by revealing a ‘Munoz’ class that creates a copy of the executable in the temp folder, and this payload aligns with the one analyzed by Jai Minton.
The cruiser.dll code extracts and executes the stage 4 payload (‘Farinell2.dll’) from the bitmap object ‘dZAu.’
Antivirus engines recognized the final payload as ‘Zusy Banking Trojan’ or ‘Leonem,’ also known as ‘TinyBanker’ or ‘Tinba’ by some researchers.
Similarities
Here below, we have mentioned all the similarities in the different TicTacToe dropper samples:-
Multi-stage layered payloads.
Dropper payloads all .NET executables/libraries.
One or more payloads obfuscated using SmartAssembly software.
Nesting of DLL files used to unpack obfuscated payloads.
All payload stages were loaded reflectively.
Most primary .NET payloads had internal names with a combination of 3 to 8 letters in varying cases.
Many samples had common strings for the month they were delivered.
Some of the samples try to create a copy of itself.
Since the dropper serves various payloads, it’s obvious to have a diverse user base. However, it’s essential to understand and prevent its execution to stop various types of payloads.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Xiaomi released a ton of information about its upcoming flagship, the Xiaomi 14 Ultra. The company recently confirmed that the phone will launch on February 25 globally, during MWC 2025. Well, now the company has confirmed that the Xiaomi 14 Ultra will get an initial launch on February 22 in China.
The initial Xiaomi 14 Ultra launch event was confirmed, design & cameras too
The event will start at 7 PM China time on February 22, which equals noon CET, 11 AM BST, 6 AM EST, and 3 AM PST time. By the time the phone gets announced in China, we’ll have all the necessary information for global markets. Well, aside from its global price and RAM + storage combos.
The original launch event is not all that Xiaomi announced, though. The company also confirmed the design of the Xiaomi 14 Ultra. Xiaomi shared quite a few renders of the phone via social media, showing us both colors of the device. You can check them out below.
The Xiaomi 14 Ultra in white:
The Xiaomi 14 Ultra in black:
The phone will launch in black and white colors
The Xiaomi 14 Ultra will launch in Black and White colors. Both phones will be made out of metal and vegan leather. There is even a special edition titanium variant rumored, but we’re still not sure about that.
In any case, the vegan leather will be used on the back, while a large circular camera island will sit on the back too. That camera island does look very similar to the one on the Xiaomi 13 Ultra. The Xiaomi 14 Ultra won’t have the gradual rise of thickness on the back, though, like the Xiaomi 13 Ultra did.
In addition to all this, Xiaomi also shared some camera details. The Xiaomi 14 Ultra will feature a 50-megapixel Sony LYT-900 main camera. It will support variable aperture between f/1.63 and f/4.0.
The Xiaomi 14 Ultra will include two periscope telephoto cameras
The phone will also have two periscope telephoto cameras. One 50-megapixel periscope telephoto camera will utilize the Sony IMX858 sensor, have an f/1.8 aperture, 75mm focal length, and offer a 3.2x optical zoom. The other 50-megapixel periscope telephoto camera will also utilize the Sony IMX858 sensor and will have an f/2.5 aperture, 120mm focal length, and support 5x optical zoom.
We still don’t have official information about the ultrawide camera. That camera will also be a 50-megapixel unit, though. The Snapdragon 8 Gen 3 will fuel the phone, and other high-end specs are also expected. We’ll get far more details in a couple of days.
LineageOS, one of the most popular custom ROMs for Android devices, has announced the release of LineageOS 21, marking its transition to the Android 14 platform. This latest version brings a host of improvements and new features, making it a notable update for users seeking enhanced customization and performance on their supported devices.
LineageOS 21 is here, and it’s based on Android 14
LineageOS 21 arrives as the first build based on Android 14, following Google’s release several months ago. While LineageOS isn’t the first custom ROM to adopt Android 14, its reputation for stability and longevity in the custom ROM community makes this release particularly significant.
One of the standout features of LineageOS 21 is the introduction of the ad-free Android TV launcher. It provides users with a cleaner and more seamless experience on Android TV devices. This addition comes as a welcome relief for users tired of intrusive advertisements while navigating their TV interfaces.
LineageOS 21 brings substantial updates to its core suite of applications
In addition to the Android TV launcher, LineageOS 21 brings substantial updates to its core suite of applications. Apps like Aperture, Calculator, Contacts, Dialer, Eleven, Jelly, LatinIME, and Messaging have undergone significant redesigns and feature enhancements, aligning them with Google‘s Material You design language and improving overall usability. Furthermore, LineageOS 21 introduces a new default gallery app called Glimpse, offering users a modern and intuitive way to view their photos and videos.
The boot animation has been updated, while the setup wizard has been improved too
Other notable improvements include security patches from January 2023 to February 2024, an updated boot animation, faster A/B updates, and enhancements to the setup wizard for Android 14. These updates aim to enhance security, performance, and user experience across the LineageOS ecosystem.
Overall, LineageOS 21 represents a significant milestone in the evolution of this popular custom ROM, offering users the latest features of Android 14 along with a range of enhancements and optimizations.
It’s no secret that YouTube TV is testing new features all the time and that many of these features aren’t released in their original form. The ability to watch multiple content streams simultaneously is one of the features that YouTube TV has been testing for quite a while.
Known as “Multiview,” the feature was originally meant to be used for sports programs, but YouTube TV decided to expand compatibility to other types of programs like news and weather.
Recently, YouTube TV announced that it has improved Multiview to allow more customization options. Starting this week, this feature is available to all NBA League Pass subscribers as “Build your Multiview.”
Since it’s only available to NBA League Pass subscribers, you can’t select anything else other than pre-selected games. With “Build your Multiview,” you can customize the combination of up to four games that you want to watch on your screen simultaneously. Here is how you can take advantage of the feature:
Launch YouTube TV on your smart TV.
Click on a live game.
You will see an option to “Watch in Multiview,” which would give you an option to “Build a Multiview.”
Select the games available to build your own multiview.
Besides the YouTube TV subscription, you’ll have to pay $14.99 per month to benefit from the “Build your Multiview” feature. Hopefully, this will expand to all YouTube TV subscribers in the not-so-distant future.
ESET, a cybersecurity firm, has released patches for a high-severity vulnerability identified in several Windows-based security products, including consumer, business, and server security.
The vulnerability tracked as CVE-2024-0353 has a CVSS score of 7.8 and was identified in the real-time file system protection feature of ESET’s products, which handles file operations.
The Real-time file system protection feature on Windows OS is found to be vulnerable in handling file operations. This vulnerability can potentially be exploited and cause security issues.
The vulnerability in question could allow an attacker to exploit ESET’s file operations, which are carried out by the Real-time file system protection feature, to delete files without the required permission, reads the advisory.
The flaw can be exploited by an attacker with low privileges to delete arbitrary files with System privileges. The vulnerability allows an attacker to misuse ESET’s file operations to delete files without proper permission.
Researchers with Trend Micro’s ZDI reported the security defect, and the company has no evidence of in-the-wild exploitation.
DocumentLive Account Takeover Attack Simulation
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks.
Versions and programs that are impacted
ESET’s Windows antivirus, endpoint, server products, email security, and products for Exchange Server, IBM Domino, SharePoint Server, and Azure are all affected.
Patches for the vulnerability have been released for various products, including NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate, Endpoint Antivirus, Endpoint Security for Windows, Server Security for Windows Server, Mail Security for Exchange Server and IBM Domino, and ESET Security for SharePoint Server.
ESET recommends that customers using File Security for Microsoft Azure migrate to Server Security for Windows Server. However, the list of affected products does not include ESET products that have reached their end-of-life (EOL) status.
Given the high privileges of security products, exploiting vulnerabilities in these applications could have disastrous consequences. ESET advises its customers to apply the available patches as soon as possible.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Microsoft has addressed a recent issue where its Edge browser was found to automatically import browsing data and tabs from Chrome without user consent. Tom Warren from The Verge also encounteredthis problem after a routine PC reboot following a Windows update last month. Despite repeated inquiries, Microsoft remained tight-lipped on the matter. However, the latest Microsoft Edge update quietly includes a fix for the issue, addressing a feature that wasn’t syncing properly across devices.
The fix provided by Microsoft, to prevent automatic tabs and browsing data import from other browsers to Edge, suggests that the setting controlling the automatic import of browsing data wasn’t syncing correctly across devices. While this resolves the immediate issue, questions remain about the root cause of the problem. Microsoft is yet to provide a detailed response on the matter. This lack of transparency may stem from Microsoft’s history of employing tactics that resemble those used by spyware developers to promote its web browser, notes The Verge.
Microsoft’s past strategies include monthly Windows updates that automatically launch and pin Edge to the desktop and taskbar without user consent. Additionally, prompts or polls occasionally appear to discourage users from downloading competing browsers like Chrome.
Mozilla has commissioned a research paper to explore the tactics that Microsoft Edge uses
The research paper highlights harmful design tactics employed by Microsoft, which contradict the company’s own design guidelines and undermine competition from rival browsers. These tactics extend to subtle methods that steer Windows 11 users towards Edge, such as ignoring the default browser when clicking links from certain interfaces like the Windows Widgets panel or search results. Moreover, Microsoft’s decision to force Outlook and Teams to open links in Edge has garnered criticism, particularly from IT administrators.
Addressing concerns surrounding Microsoft’s tactics, the Digital Markets Act (DMA) in EEA markets aims to empower users by allowing them to uninstall Edge and permitting search providers like Google to integrate custom web searches into the main Windows Search interface. However, these regulations do not apply to Edge, Bing, or Microsoft Advertising, as they are exempt from DMA rules.
While Microsoft has pledged to cease some actions aimed at forcing Edge on users who prefer alternative browsers, these changes only scratch the surface of the broader issues outlined in Mozilla’s research. Furthermore, Microsoft will limit the implementation of these changes to users in the EEA, leaving users in other regions unaffected by these adjustments.
Pre-installed on many Android smartphones, the Google Messages app is among the most popular messaging apps, with over 1 billion monthly active users worldwide. Recently, the app has been on a streak, rolling out new features, and it seems like it’s not planning to ease up anytime soon.
As per TheSpAndroid blog (via Android Authority), various flags within Google Messages hint at upcoming features, including camera effects, the ability to remove top contacts and preview drafts, and more.
Google Messages has its own camera activity integrated within the app, distinct from the camera app on your phone. It appears that Google is developing camera effects features, which might be accessible through this built-in camera. While details on the effects remain scarce, Google will likely allow users to toggle these effects on or off.
Here’s how the built-in camera interface looks right now without any camera effects (Image Credit–TheSpAndroid)
Moreover, Google Messages might eliminate the top contacts displayed when you tap the search icon in the app. Typically, Google Messages shows recent contacts with whom you’ve been chatting. However, as per the source, activating a flag in the latest beta version makes the top contacts list disappear entirely.
Likewise, a new flag removes the preview of draft messages from the main screen. While this provides a cleaner appearance to the app’s main screen, it hides a genuinely useful feature. This flag may be used for internal debugging purposes, similar to the one removing top contacts. However, we’ll have to wait for these changes to roll out to beta testers to confirm if this is indeed the case.
Furthermore, it appears that Google might offer users the option to opt in or out of providing usage and diagnostics information, specifically collected from the Google account associated with the user’s sign-in on Google Messages. This setting is expected to be available in Google Messages Settings > Advanced > Usage & Diagnostics.
February 16, 2024 – A group of cybercriminals is committing bank fraud by convincing victims to scan their IDs and faces.
February 16, 2024 – One of Microsoft’s Patch Tuesday fixes has flipped from “Likely to be Exploited” to “Exploitation Detected”.
February 15, 2024 – Personal data belonging to 200,000 Facebook Marketplace users has been published online, including email addresses and phone numbers.
February 14, 2024 – In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns.
February 14, 2024 – The PC Security Channel tested Malwarebytes against 2015 files. Here’s how we did.
Accessing a plethora of information through portable devices is something much more practically beneficial than carrying books and documents around! Where books and documents give you excess weight and the potential threat of damage to the paper, PDFs do not. Thus, individuals are actively considering utilizing a professional book scanner such as CZUR ET24 Pro.
Top-Tier Functionalities Of CZUR ET24 Pro
A professional book scanner, CZUR ET24 Pro, has all the functionalities and advanced features that users would desire to turn books into PDFs. CZUR’s latest scanning technology makes it possible for users to get the features mentioned below:
– Characteristics
CZUR ET24 Pro is designed with a lean dimension of 375*220*390mm (L*W*H), coupled with an approximate weight of 1.5 kg. On top of that, it comes with a built-in LED array and an attachable LED light.
– Patented Curve Flattening Technology
The 3-dimensional shape and angle of the pages are detected, and each piece of information is immediately transferred to the CZUR software. With the help of the Curve Flattening Technology™, book curves are automatically flattened, as are original documents that are positioned askew.
– Automation Through Software
Talking about its software capabilities, it can easily detect materials and finger traces. Orientation correction is another one of its many amazing software features.
– Prompt Scanning Speed
Equipped with a High-Definition 24-megapixel camera containing, 5696×4272 resolution and 320 DPI. Making it a proficient document scanner, you can scan through foot paddling, manually and automatically as well with a speed of 1.5s per page flipping.
– OCR Feature
Through Its OCR (Optical Character Recognition) feature with ABBYY, you can easily scan through more than 180 languages and numerous fonts. It supports creating searchable PDFs and editable Word and Excel files for a lifetime free.
Accessories Available In The Box
Coming packed in a rigid box professional book scanner, the ET24 Pro has multiple accessories that you can use together with the scanner. From the document scanner itself to accessories such as USB cables, power supplies and adapters, there are many more.
Using original accessories along with the CZUR ET24 Pro allows you to take the professional scanner for books into efficient use. The professional scan tools in the box include:
– Foot pedal for easy capturing – Finger coats for holding the books and eliminating chances of having any finger traces – A beginner guide along with the CD is given for learning the adequate use of the scanner – Adapters for using plugs from different countries
Procedure To Set-Up CZUR ET24 Pro
Setting up the ET24 Pro takes no more than a couple of minutes with proper execution of the correct steps. Many would be curious about how to scan a book easily. To do so, a proper setup of the ET24 pro scanner would be significantly beneficial. To set up the CZUR ET24 Pro, follow the steps mentioned below:
– The foremost thing to do is choose suitable adapters to connect the computer and power supply. – Once that connection is done, you will need CZUR’s software on your computer. – To download the software, visit the official website and download the software according to your computer’s operating system. – Place the black mat corresponding to the document scanner to digitize the document. – Along with placing the mat, use side lights, which can assist you in preventing reflections while scanning. – On the CZUR software, enter the SN code written on the ET24 pro base and start scanning.
Adequately Utilization ET24 Pro Scanner
How to scan a book easily? How to digitize thick books? These are some common queries of many individuals wanting to use a professional book scanner. Well, once you understand the adequate procedure to digitize documents, your queries will be solved! So, let’s intricately learn the steps to use the ET24 Pro professional scanner:
– Connect ET24 Pro with your device and use CZUR’s software to operate the scanner – Before doing any scanning, you will have to choose the path where you want to save the document – After that, click on the scan, which will bring you to the scanning page – On the scanning page, you will find professional scan tools such as colour modes, which enable you to change the way content looks – You can select from numerous scanning modes such as flat single page/facing page/combined sizes/manual selection/no processing etc – Utilizing advanced tech like flattering technology for accuracy and a fast scanning speed of 1.5 sec, on which ET24 Pro will scan each page – While scanning the book, use the side white lights which have 2 levels to capture without having any reflections on the books – Use finger coats while scanning, to enable auto finger removal during the scanning process – There’s auto tilt correction and page splitting, which enables you to scan seamlessly without worrying much about the placement of text – There’s OCR provided in the CZUR software, which enables you to scan over 180 languages without any complications – The scanned text can be edited and saved conveniently due to OCR tech offered by ABBYY inside the software. – Professional scanner for books, ET24 Pro allows you to scan and save documents in multiple formats from Word, Excel, TIFF, and PDF to JPG. – To scan the text you can use hand control, a pedal, software options, or auto scan and button on the scanner – ET24 Pro comes with an HDMI port, which has a substantial benefit as it allows you to stream books or documents on the projector.
Conclusion
When it comes to professional scanners like CZUR ET24 Pro, top-tier functionalities are a must! Fortunately, CZUR ET24 Pro does a fantastic job of providing the latest tech with advanced features for scanning books and other documents.
Ranging around $549.00. USD the ET24 Pro has two other variants in which ET24 Pro is the best and flagship scanner. There’s a Chinese New Year discount that grants you 20% off on your purchase.