Everything you need to know

0
[ad_1]

We are now firmly on the road to Android 15, with Google releasing the first developer preview on February 16, 2024. This is not typically when Google releases developer previews and betas; usually, that’s on a Wednesday. But Google did mention late last year that it was moving away from its typical release schedule and will release updates, betas, and previews when they are ready.

That is a week after Android 14 started last year, with the first developer preview dropping on February 8, 2023.

In this article, we are going to tell you everything you need to know about Android 15 and update you throughout the developer preview, beta, and stable stages of the life of Android 15 until Android 16 launches in late 2025.

What will Android 15 be called?

Publicly, Google has dropped dessert names from new versions of Android. However, it is still used internally, and Android 15 is using the letter “V”. So Android 15 is referred to internally as Android V or Vanilla Ice Cream. This follows Upside Down Cake for Android 14 and Tiramisu for Android 13. Here are the most recent versions of Android and their dessert names. Wonder what Android 16 will be with “W” next year?

  • Android 10 – Quince Tart
  • Android 11 – Red Velvet Cake
  • Android 12 – Snow Cone
  • Android 13 – Tiramisu
  • Android 14 – Upside Down Cake
  • Android 15 – Vanilla Ice Cream

When will Android 15 be released?

Typically, Google will put out a developer preview or beta every month until August. Then, in either August, September, or October, the final stable version will start to roll out. This has moved around a bit in recent years, being as early as mid-August for Android 13 in 2022 or mid-October for Android 12 in 2021 and Android 14 in 2023. Here are the stable release dates for previous Android versions:

Google has, in the past, released new versions of Android well ahead of the new Pixel release. So don’t think that Google is waiting for the Pixel 9 announcement to release Android 15; that’s not happening.

What’s the developer preview and beta schedule?

The first developer preview launched on February 15, 2024. We typically get a new developer preview or beta just about every month. The full schedule is below.

Untitled

We’re expecting two developer previews in February and March. Then, the beta cycle begins in April, with four betas each month until July. After that is the final release, which Google is not adding a month for this time around; it could be as early as August or as late as October, as we’ve seen in recent years.

  • Developer Preview 1 – Released on February 16, 2024

What devices will get Android 15?

Right now, we can only speak to the Google Pixel range of smartphones. Google says that the Pixel 6 and later will be the only devices on the schedule for getting Android 15. Here’s the complete Pixel list:

  • Google Pixel 6
  • Google Pixel 6 Pro
  • Google Pixel 6a
  • Google Pixel 7
  • Google Pixel 7 Pro
  • Google Pixel 7a
  • Google Pixel Fold
  • Google Pixel Tablet
  • Google Pixel 8
  • Google Pixel 8 Pro

We’ll need to wait until the fall to see what devices from other manufacturers will get updated to Android 15. For the developer preview, you’ll need to flash the image onto your Pixel device.

What features is Android 15 bringing?

So far, Android 15 is very developer-focused, hence the “developer preview” state. So the majority of the changes are under-the-hood changes that developers and OEMs will be able to take advantage of on their apps and their phones. But here’s a short list of what we have so far.

User Privacy and Security

As with every new Android release, Google is focusing on protecting user privacy and security with a few pretty major changes. First up is the Privacy Sandbox on Android. Android 15 brings this to extension level 10. That will incorporate the latest version of the Privacy Sandbox on Android. It’s part of Google’s work to develop new technologies that improve user privacy and enable effective, personalized advertising experiences for mobile apps.

Next up is Health Connect. This is the app that allows you to sync your health data between different apps like Google Fit, Fitbit, and Samsung Health. Android 15 brings extensions 10 around Health Connect by Android, which brings support for new data types across fitness, nutrition, and more.

Android 15’s FileIntegrityManager gets new APIs that will tap into the power of the fs-verity feature in the Linux kernel. With fs-verity, files can be protected by custom cryptographic signatures that will help you ensure that they haven’t been tampered with or corrupted.

Finally, Google is adding partial screen sharing. Allowing you to share or record just an app window rather than the entire device screen.

Supporting Content Creators

It’s obviously essential for Google to support content creators; after all, they do own YouTube. But with Android 15, Google is adding better in-app camera controls that can be used in other apps. Developers will get better support for using features of high-end cameras, like the 200-megapixel camera on Galaxy S24 Ultra.

Android 15 is also extending UMP support to virtual MIDI apps. This enables composition apps to control synthesizer apps as a virtual MIDI 2.0 device just like they would with a USB MIDI 2.0 device.

Performance

Google is also making some changes to improve the performance and quality of apps across all of the Android devices on the market. The Android Dynamic Performance Framework is getting updated. Which now has a new power-efficiency mode for hint sessions to indicate that there associated threads should prefer power saving over performance.

GPU and CPU work durations can both be reported during hint sessions, which is going to allow the CPU and GPU to adjust the frequencies together to best meet workload demands. Thermal headroom thresholds are also added, which will interpret possible thermal throttling status based on headroom prediction.

More to come

Generally, the first couple of updates for a new version of Android are geared towards developers. Give them more time to get their apps ready for the final release of Android 15 by releasing some of the APIs now. The APIs won’t be final until the June beta release, however.

User-facing features will likely come in the first beta, which is set for April.

When will my phone get Android 15?

It’s tough to really say right now when your phone might get updated to Android 15, especially since we’re still so many months away from the stable release. However, Pixel devices should be first in line to get the update. The Pixel 6 and newer should be updated this time around, with support for Pixel 5a getting dropped. Samsung has also been pretty quick to roll out updates for new versions of Android, and it’ll likely come with One UI 7 around October or November.

As for other manufacturers, we’ll have to wait until this Fall to know for sure.


[ad_2]
Source link

Apple halts foldable iPhone development due to display issues

0
[ad_1]

Apple‘s foldable plans may have hit a roadblock. According to a tipster, the company has temporarily halted the development work due to display issues. Its early display tests have reportedly failed. It is unclear whether this will delay the launch of the first foldable iPhone.

Apple faces a display setback in foldable iPhone development

Foldable smartphones have existed since 2019, but Apple has not entered the scene. The Cupertino-based tech behemoth, which overtook Samsung to become the world’s largest smartphone vendor in 2023, isn’t rumored to release a foldable iPhone before 2027. At the earliest, it might debut the first-gen model in 2026. To put that into perspective, Samsung will introduce its eighth-gen foldables in 2026.

Apple is likely taking its time to perfect everything, from the design and specs to the build quality and durability. Perhaps eliminate the display crease too. A tipster on the Chinese microblogging site Weibo says the company has purchased a bunch of existing foldable phones from various brands and is thoroughly examining them. Its research and development team has dismantled the device to dive into the internal structure.

The iPhone maker may be looking at how each company has done things differently and learning from them. All of this might eventually help Apple determine the areas where it can do better than the competition. That’s one way to go about a product that still needs a lot of refinement. However, the source adds that the firm has temporarily shelved its foldable project. Its display team allegedly “failed to pass the screen test.”

It’s worth mentioning here that the Weibo post is written in Chinese. We used Google Translate to translate it into English. There’s a possibility that something was lost in translation. However, from what we can see, Apple’s foldable project isn’t progressing smoothly. Roadblocks aren’t uncommon when you are doing something new. It remains to be seen whether this temporary halt affects the launch timeline.

Apple could first launch a folding iPad

There is a lot of uncertainty around Apple’s first foldable product. Some industry experts believe the company will launch a folding iPad ahead of a folding iPhone. We should get a clearer picture as the development progresses. While Apple does a better job at plugging leaks than the likes of Google and Samsung, a few of them sneak out once in a while. We will keep you posted accordingly. In the meantime, Samsung is gearing up to launch its sixth-gen foldables—Galaxy Z Fold 6 and Galaxy Z Flip 6—later this year.


[ad_2]
Source link

Google Search has a new “Hold for me”-like feature that doesn’t require a Pixel phone

0
[ad_1]
Google is currently rolling out a new feature in its Search Labs called “Talk to a Live Representative” that is very similar to its Pixel-exclusive “Hold for Me” feature, except it would make it available to other devices. This could make in many cases the dreaded task of calling customer service and waiting on hold a thing of the past.
Here’s how it works: You can enable this in the Google App by tapping on the “Search Labs” button in the top left. Then a “request a call” button will appear for specific customer service search results. You will then see a “Talk to a Live Representative” option.

Following those steps, Google then handles the calling process for you, navigating the automated systems and waiting on hold. Once a live representative is available, Google will then place a call to your phone, saving you valuable time.


Users start by providing a reason for their call and a phone number to be reached out for text message updates. The system also displays an estimated wait time and the option to cancel the request at any point during the process.
This process may sound extremely familiar to Google Pixel users who have been enjoying the “Hold for me” feature on their devices for some time now, moving the starting point from the Phone app to the Google search page instead. This feature will be initially available in the United States for Google Search Lab users on the Google app (on both iOS and Android) and on the desktop.

As reported by 9to5Google, a wide range of industries are included, from airlines like Delta and United to mobile carriers like T-Mobile and Sprint and household retailers like Walmart and Best Buy. Insurance, delivery, and waste management services are also supported.

[ad_2]
Source link

SpyNote Android Spyware Poses as Legit Crypto Wallets, Steals Funds

0
[ad_1]

The notorious SpyNote Android spyware returns, exploiting Accessibility APIs to target crypto wallets and unsuspecting users, ultimately stealing their cryptocurrency.

The Android spyware SpyNote developers are now considering cryptocurrencies, extending beyond mere credentials spying to initiate cryptocurrency transfers, revealed the latest research report from FortiGuard Labs.

Researchers noted that Spynote, a notorious Remote Access Trojan (RAT), is now targeting “famous crypto wallets” by abusing the Accessibility API. The API’s job is to automatically perform UI actions, such as recording device unlocking gestures and is mainly helpful for people with disabilities.

The malicious code abuses the Accessibility API to automatically fill out a form and transfer cryptocurrency to cyber criminals. It reads and memorizes the destination wallet address and amount, and replaces it with the attacker’s crypto wallet address.

The information is sent to a remote server with which the malware has established a connection already to complete the action. It is worth noting that the entire act is completed automatically, without alerting the user.

According to Fortinet’s blog post, on 1st February, a malicious sample was found posing as a legitimate crypto wallet, incorporating SpyNote RAT and anti-analysis features. They also observed that threat actors are mainly targeting users with mobile crypto wallets or banking applications in this financially motivated, medium-severity hacking saga.

Researchers showed screenshots in which SpyNote malware can be seen requesting Accessibility Service and the user granting access with the Android OS displaying additional warnings. It is evident that clicking on “Allow” signals the malware to perform its nefarious action whereas clicking “Deny” prevents it from gaining access.

SpyNote Android Spyware Poses as Legit Crypto Wallets, Steals Funds
Screenshot: FortiGuard Labs

Hackread has been following the evolution of SpyNote ever since it made its first appearance back in 2016 when Palo Alto’s Unit 42 discovered this RAT on a dark net forum mainly targeting users who install APK apps. Researchers noted that SpyNote helped attackers gain remote control of infected devices, and enabled sideloading on Android devices.

In 2017, Zscaler IT security researchers discovered fake apps infected with the SpyNote RAT, allowing attackers to gain remote administrative control on Android devices. Researchers identified various apps, including fake Netflix, WhatsApp, YouTube, Facebook, Photoshop, SkyTV, Hotstar, Trump Dash PokemonGo, etc., infected with a new variant of SpyNote RAT.

Over the years, SpyNote has become a common family of Android malware, with over 10,000 samples and multiple variants, noted FortiGuard researchers.

Last year, the malware authors shifted focus to banking fraud, as the Cleafy Threat Intelligence Team reported SpyNote targeting European financial institutions with social engineering tactics and abusing Accessibility services. The attack started with deceptive smishing campaigns, directing victims to install a “new certified banking app” and granting remote access to their devices.

It is worth noting that malware often lures victims into giving them the necessary rights to access the Accessibility API through different lures, posing a threat to users, especially people with disabilities.

Android users are advised to pay attention to applications requesting the Accessibility API. End-users should treat these requests as suspicious, especially from alleged crypto wallets, PDF readers, and video players.

  1. Watch out: New Android spyware records your calls covertly
  2. LetMeSpy Android Spyware Service Shuts Down After Data Breach
  3. Confucius Android spyware hits military, nuclear entities in Pakistan
  4. Xamalicious Backdoor Infects 25 Android Apps, Affects 327K Devices
  5. Hackers spread Android spyware through Facebook using Fake profiles

[ad_2]
Source link

Nest Aware might be coming to you Google One subscription

0
[ad_1]

Google One is the company’s premium subscription service that offers additional cloud storage and a few other perks. Well, thanks to an APK deep-dive, we now know of another perk that could be coming to the service. According to the report, Google may add Nest Aware to Google One.

This news comes shortly after Google announced the Google One AI Premium plan. This is a plan to get if you want to use Gemini Advanced, the most advanced chatbot provided by Google. The service costs $19.99/month. At the time of writing this article, you can get two months of the service for free.

Nest Aware might be made available through Google One

Most companies that offer subscription services throw in additional perks to entice more users. Subscription to YouTube Premium also includes a subscription to YouTube Music. That’s just one example. When it comes to Google One, the service offers additional perks along with more cloud storage. This can include perks like 10% back on Google Store purchases, VPN Services, better customer support, Etc.

Well, according to 9To5Google, there are some strings sitting within the latest version of the Google Home app (version 3.13). These strings allude to Nest Aware being made available through a Google One subscription. One string includes the text, “Nest Aware subscription included in your Google One Plan. You can add more video history through Google One.” Another one has the text, “Nest Aware Plus subscription added to your Google One plan.”

The typical Nest Aware subscription costs $8/month. With it, you’re able to preserve and view 30 days’ worth of video history. With the Nest Aware Plus plan ($15/month), that gets boosted to 60 days.

This transition could come with some complications

It appears that you might have to contact customer support when transitioning to the Google One Subscription. One string has to text “Your old subscription was successfully replaced but it may still be active.\n\nContact support to check if your cancellation and refund is successful. You may continue paying for your old subscription if it was not canceled.”

That’s a bit odd. People’s subscriptions could be moved over to Google One, but they run the risk of continuing to pay for their old subscription along with the new subscription. So, to check and see if their old subscription was shut down, they’ll have to contact support. That seems poorly handled on Google’s part. Another string in the code points to an error message you receive if Google detects that you’re paying for an old subscription that’s not being used.

A bit of good news is that Google will be handing out refunds for people who have an active Nest Aware subscription and move over to Google One.

At this point, we’re still waiting for more details to come out. Since this is an APK deep-dive, you don’t want to take this news 100% to heart. The company could change or shelf this whole thing altogether.


[ad_2]
Source link

Bose Ultra Open earbuds launched with a stylish open-ear design

0
[ad_1]

Bose has officially launched the Ultra Open earbuds. As the name suggests they feature an open-ear design that does not obstruct the ear canal completely. The latest audio device was initially announced last month in collaboration with fashion and lifestyle brand Kith. The Ultra Open come three years after the Sport Open earbuds in 2021. Open-ear design earbuds could be the next big thing in the TWS segment. Huawei launched the FreeClip last month.

Bose Ultra Open are now official

The design of the Bose Ultra Open earbuds is in such a way that the user stays fully aware of their surroundings while listening to their content. This makes them ideal for athletes and those who don’t want to experience discomfort caused by earbuds and headphones.

The Bose Ultra Open are stylish and fashionable. They ditch the silicone or memory foam tips commonly found on most TWS earphones. The flexible joint or arm as called has a soft silicone coating to gently rest on the user’s skin. There’s also a round barrel that sits behind the user’s ears. It has a button for controlling the music playback and accessing other features. Bose says that the Ultra Open offers a cuff-like fit for all-day wear. They hang out of the ear and almost look like earrings.

Bose Ultra Open
The Bose Ultra Open’s design looks G-shaped

The earbuds pack premium audio features but lack ANC

The Bose Ultra Open earbuds have the company’s signature OpenAudio technology that delivers high-quality and private audio only to the wearer. There is also a Bose Immersive Audio feature that creates a spatial effect and makes it seem like the sound is playing in the room around the user instead of through the earbuds. Users can choose this feature in Still mode when they are sitting still or Motion mode when they are out and moving.

The Bose Ultra Open earbuds come with Snapdragon Sound technology and Qualcomm aptX Adaptive codec. This helps the audio device to deliver lossless audio streaming and seamless connectivity with devices. Based on the user’s surroundings, the Ultra Open can automatically adjust the volume level. Other features of the earbuds include Google Fast Pair, IPX4 water-resistant rating, Bluetooth 5.3 (no multipoint connectivity), and the ability to pair with Bose select soundbars and speakers.

The Bose Ultra Open earbuds are rated to deliver 7.5 hours of playback on a single charge. The battery life drops to 4.5 hours with the Immersive Audio feature enabled. The total battery life extends to 19.5 hours with the charging and storage case.

Bose Ultra Open earbuds pricing and availability

The Bose Ultra Open earbuds carry a price tag of $299. They are available in Black and White color options. The audio device can be purchased from the company’s official website and select retailers starting today.

Bose Ultra Open case


[ad_2]
Source link

Galaxy Z Fold 6’s rumored camera upgrade may not materialize

0
[ad_1]

Yesterday, a report surfaced that Samsung plans to equip the Galaxy Z Fold 6 with a 200MP main camera, the same as the Galaxy S24 Ultra. However, the plan may not have materialized, at least not yet. A noted industry source claims the company is currently testing the new foldable with a 50MP primary camera at the back, which means no upgrade over the Fold 5.

The Galaxy Z Fold 6 may not get a camera upgrade

Samsung hasn’t upgraded its flagship camera hardware in recent years. It has been using the 50MP ISOCELL GN3 sensor as the primary shooter on the smaller two Galaxy S models since 2022. The Galaxy S22, Galaxy S22+, Galaxy S23, Galaxy S23+, Galaxy S24, and Galaxy S24+ all feature this camera. The Galaxy Z Fold 4 and Galaxy Z Fold 5 also use the same sensor, while the Galaxy S23 Ultra and Galaxy S24 Ultra have a 200MP main camera.

Over the past few months, there have been conflicting reports about the camera setup of the Galaxy Z Fold 6. While some said Samsung will keep the camera hardware unchanged, others hinted at an upgrade. Most recently, a noted tipster claimed that the new foldable could end up getting the Galaxy S24 Ultra’s 200MP shooter. It would have been a massive upgrade but chances look slim, at least according to the latest report.

GalaxyClub, which has a reputable track record of Samsung leaks, reports that the Galaxy Z Fold 6 is currently undergoing tests with a 50MP camera, the same as the Fold 5. In fact, the Korean firm may not upgrade any of the five cameras on the new foldable. We are looking at a 12MP ultrawide lens, a 4MP under-display selfie camera on the inside, and a 10MP selfie camera on the outside.

The publication couldn’t confirm the specs of the telephoto zoom camera. However, there’s little chance Samsung will upgrade it. The Galaxy Z Fold 6 may ship with the same 10MP 3x optical zoom camera as the Fold 5 or the Galaxy S24 lineup (the Ultra model has a second 50MP 5x optical zoom camera). Unless Samsung changes things down the line, a camera upgrade may not be on the cards for the new foldable.

The phone may feature a bigger battery

Rumors say Samsung will make the Galaxy Z Fold 6 slimmer and wider than the Fold 5. It is also planning to increase the battery capacity. The firm has already picked up a regulatory certification for the foldable’s battery, but details are missing. We should see more leaks and rumors about the new Fold in the coming months. The device will debut alongside the Galaxy Z Flip 6 in the second half of 2024.


[ad_2]
Source link

OpenAI is working on GPT-5, and it will be “better at everything”

0
[ad_1]

The World Government Summit just happened in Dubai. Speaking at the summit was OpenAI CEO Sam Alton. He dropped some news about the next-generation GPT model the company is working on. According to reports, Sam Altman talked about GPT-5, and how it’s going to be “better at everything.”

Just recently, OpenAI announced Sora. This is the company’s AI text-to-video generator. It was able to create some extremely realistic videos that could fool most people. Currently, it can produce up to 1-minute long clips based on text input. Right now, the company is only testing this internally, so people in the general public cannot use it.

Sam Altman talks about GPT-5

The World Government Summit just happened, and we got a little bit of insight into what OpenAI is planning on doing next. The company already has GPT-4 and GPT-4 Turbo. These are the most powerful AI models that are available to the public. Under those, there’s GPT 3.5, which users can access with a free ChatGPT account.

Right now, all these models are extremely powerful and capable of deep understanding and reasoning. So, it’s hard to imagine that the company could push things even further. However, according to Sam Altman, it’s “going to be better at everything across the board.” That’s to be expected, but we’re all wondering how much better it will be. Obviously, every Leap forward makes AI more comparable to human intelligence. An AI that’s as smart as a human is called AGI (artificial general intelligence).

As for how much more powerful GPT-5 will be compared to GPT-4, when it’s coming out, where it’ll be available, and whether it will give human beings a run for their money is yet to be seen. We’re certain that the company is doing some very early testing with this model. One bit of information that we have about its capabilities is that, via Microsoft, GPT-5 can decipher a 3,000-year-old language that no person in today’s society can understand. 

As for speculation, we’re pretty certain that will include image generation via DALL-E, video generation via Sora, and possibly audio generation. However, that remains to be seen. We know that it’s going to be multimodal, so it’s possible that it’s going to be true.

And “Gobi” is its name-o

Currently under the code name “Gobi”. We don’t have an exact release date, but the company does plan on releasing it sometime this year. Seeing as chatGPT originally launched in November of 2022, maybe the company will stick to releases around that time frame. That, along with everything else about gp5 remains to be seen.


[ad_2]
Source link

Israeli NSO Group Suspected of “MMS Fingerprint” Attack on WhatsApp

0
[ad_1]

NSO Group, an Israeli spyware firm, is suspected of exploiting a novel “MMS Fingerprint” attack to target unsuspected users on WhatsApp, exposing their device information without needing user interaction.

Swedish telecom security firm Enea reports that the Israeli NSO Group, targeted journalists, human rights activists, lawyers, and government officials with a novel MMS Fingerprint attack by exploiting a vulnerability in WhatsApp.

The report that the company shared with Hackread.com on Thursday 15, 2023, WhatsApp discovered a vulnerability in its system in May 2019, allowing attackers to install Pegasus spyware on users’ devices. The flaw was then exploited to target government officials and activists globally. WhatsApp sued NSO Group for this exploitation, but appeals failed in the US appeal court and Supreme Court.

The attack, reportedly used by NSO Group, was discovered in a contract between the Israeli agency’s reseller and the telecom regulator of Ghana, which can be viewed in lawsuit documents here (PDF).

Enea launched an investigation to find out how an MMS fingerprint attack occurs. They discovered that it can reveal the target device and OS version without user interaction by sending an MMS.

The MMS UserAgent, a string that identifies the OS and device (such as a Samsung phone running Android), can be used by malicious actors to exploit vulnerabilities, tailor malicious payloads, or craft phishing campaigns.

Surveillance companies often request device information, but UserAgent may be more useful than IMEI. It’s important to note that MMS UserAgent is different from browser UserAgent, which has privacy concerns and changes.

The problem, according to Enea’s report, was not in the Android, Blackberry, or iOS devices but in the complex, multi-stage MMS flow process. The MMS flow examination suggested this was launched possibly through another method involving binary SMS.

For your information, MMS standards designers worked on a way to notify recipient devices of an MMS waiting for them without requiring them to be connected to the data channel. MM1_notification.REQ uses SMS, a binary SMS (WSP Push), to notify the recipient MMS device’s user agent that an MMS message is waiting for retrieval.

The subsequent MM1_retrieve.REQ is an HTTP GET to the URL address, which includes user device information, which was suspected to be leaked and potentially lifted the MMS fingerprint.

Researchers obtained sample SIM cards from a randomly selected Western European operator and successfully sent MM1_notification.REQs (binary SMSs), setting the content location to a URL controlled by their web server.

The target device automatically accessed the URL, exposing its UserAgent and x-wap-profile fields. A Wireshark decode of the MMS notification and GET revealed how an attacker would execute an “MMS Fingerprint” attack, demonstrating it was possible in real life.

Israeli NSO Group Suspected of "MMS Fingerprint" Attack on WhatsApp
Enea’s report outlines the stages in an MMS flow and provides insight into the initial attack notification sent to the target. (Screenshot: ENEA)

The attack highlights the ongoing threat to the mobile ecosystem. Binary SMS attacks have been steadily reported over the last 20 years, highlighting the need for mobile operators to evaluate their protection against such threats.

To prevent the attack, disabling MMS auto-retrieval on mobile devices can help, but some devices may not allow modification. On the network side, filtering Binary SMS/MM1_notification messages can be effective. If a malicious binary SMS message is received, it is essential to prevent messages from connecting to attacker-controlled IP addresses.

  1. Israeli spyware hacked phones of journalists globally
  2. iShutdown Tool Detects Pegasus Spyware on iOS Devices
  3. Fake WhatsApp clone aim at crypto on Android and Windows
  4. WhatsApp OTP Scam Allows Scammers to Hijack Your Account
  5. iPhones of State Dept officials hacked by NSO Pegasus spyware

[ad_2]
Source link

Microsoft Exchange vulnerability actively exploited

0
[ad_1]

As it turns out, there was another actively exploited vulnerability included in Microsoft’s patch Tuesday updates for February.

When Microsoft said in its update guide for CVE-2024-21410 that the vulnerability was likely to be exploited by attackers, they weren’t kidding. Soon after they changed the status to “Exploitation Detected”.

Today, I was alerted to the fact after spotting a warning by the German Federal Office for Information Security (BSI) about the same vulnerability, Something the BSI does not do lightly.

The Exchange vulnerability is listed in the Common Vulnerabilities and Exposures (CVE) database as CVE-2024-21410, an elevation of privilege vulnerability with a CVSS score of 9.8 out of 10.

Microsoft’s description of the vulnerability is a bit more revealing:

“An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability. The leaked credentials can then be relayed against the Exchange server to gain privileges as the victim client and to perform operations on the Exchange server on the victim’s behalf.”

In a Windows network, NTLM (New Technology LAN Manager) is a suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. An attacker being able to impersonate a legitimate user could prove to be catastrophic.

Microsoft Exchange Servers, and mail servers in general, are central communication nodes in every organization and as such they are attractive targets for cybercriminals. Being able to perform a pass-the-hash attack would provide an attacker with a paved way into the heart of the network.

As part of the update, Microsoft has enabled Extended Protection for Authentication (EPA) by default with the Exchange Server 2019 Cumulative Update 14 (CU14). Without the protection enabled, an attacker can target Exchange Server to relay leaked NTLM credentials from other targets (for example Outlook).

If you are running Exchange Server 2019 CU13 or earlier and you have previously run the script that enables NTLM credentials Relay Protections then you are protected from this vulnerability. However, Microsoft strongly suggests installing the latest cumulative update.

Last year, Microsoft introduced Extended Protection support as an optional feature for Exchange Server 2016 CU23.

If you are unsure whether your organization has configured Extended Protection, you can use the latest version of the Exchange Server Health Checker script. The script will provide you with an overview of the Extended Protection status of your server.


Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.


[ad_2]
Source link