February 2024 update live for US Galaxy Z Fold 5, Flip 5 & more

0
[ad_1]

Yesterday, Samsung released the February 2024 security update for the Galaxy S23 series in the US. It appears the floodgates have now opened as the new security patch is rolling out to several more devices stateside. The Galaxy Z Fold 5, Galaxy Z Flip 5, Galaxy Z Fold 3, Galaxy Z Flip 3, and Galaxy A53 are all picking up the update. The Galaxy S23 lineup is also getting the update widely.

Samsung’s February 2024 update reaches more Galaxy devices in the US

Samsung started pushing the February SMR (Security Maintenance Release) to eligible Galaxy devices at the end of last week. The Galaxy Z Fold 3 and Galaxy Z Flip 3 were the first two phones to receive the update. Earlier this week, the company rolled out the new SMR to the Galaxy S21 series, Galaxy S23 FE, and more devices. However, in the US, the rollout began yesterday with the Galaxy S23 series.

The initial release covered factory-unlocked units of the 2023 flagship trio (build number S91*U1UES2BXAD). The update is now rolling out to carrier-locked units too. The new build number for the devices is S91xUSQS2BXAD. The Galaxy S23, Galaxy S23+, and Galaxy S23 Ultra have yet to receive this update in other countries. It shouldn’t be a long wait now, though.

In the meantime, Samsung has brought the February SMR for the Galaxy Z Fold 3 and Galaxy Z Flip 3 to the US. Both carrier-locked and unlocked units of the latter are receiving the update. The build numbers are F711USQS6HXAF and F711U1UES6HXAC, respectively. For the Fold model, the update is currently limited to carrier-locked units. The new build number is F926USQS5HXAC.

The latest security patch is also rolling out to the Galaxy Z Fold 5 and Galaxy Z Flip 5 in the US. Samsung is updating the carrier-locked and unlocked units of both models. The new build numbers for the former are F946USQS2BXAD and F946U1UES2BXAD, while those for the latter are F731USQS2BXAD and F731U1UES2BXAD. International versions of the phones should get this update soon.

The Galaxy A53 is also picking up the new SMR in the US

The Galaxy A53 is another Samsung smartphone that recently picked up the February security update in the US. The carrier-locked variants of this 2022 premium mid-range smartphone received the update with firmware version A536USQS9DXA9. The company should soon release the update for unlocked units as well as international versions of the phone. This month’s security release patches 69 vulnerabilities across the Galaxy family.


[ad_2]
Source link

iPhone 14 Pro Max was the best-selling smartphone in 2023

0
[ad_1]

Canalys has released a new report. This time around, the company has revealed the best-selling handsets of last year. It turns out that the iPhone 14 Pro Max was the best-selling smartphone in 2023.

The iPhone 14 Pro Max was the best-selling smartphone of 2023

That detail probably won’t surprise many of you. What is interesting is that the iPhone 15 Pro Max almost beat it. Apple sold 34 million iPhone 14 Pro Max units, and 33 million iPhone 15 Pro Max units.

The iPhone 15 Pro Max launched in September last year, so it had only about three months to rake those numbers in. It managed to do a great job based on these numbers, actually.

You can check out the entire list below this paragraph if you want. Apple’s two ‘Pro Max’ devices take the first two spots, as already mentioned, but Apple takes the top 5 spots, actually.

Best selling smartphones 2023 Canalys

The iPhone 14 took third place, while Apple claimed the first 5 spots

The iPhone 14 is third with 29 million units sold. Apple also sold 29 million units of the iPhone 14 Pro in 2023, while the iPhone 13 is fifth-placed with 23 million devices sold.

Samsung is breaking Apple’s streak in sixth place, as that’s the spot the Galaxy A14 4G took. The iPhone 15 Pro is seventh with 21 million units sold, and it’s followed by the Galaxy A54 5G.

Another Samsung smartphone sits in ninth place, the Galaxy A14 5G. Samsung sold 19 million units of that phone. The iPhone 15 closes out the top 10 list with 17 million units sold.

As you can see, not a single one of Samsung’s flagship devices is on this list. Furthermore, only Apple and Samsung are even listed here, which only shows how dominant the two companies still are.

Apple is definitely dominating the list, though. It managed to take 7 out of 10 spots and claim the top 5 spots as well. Apple was also the number one smartphone manufacturer in 2023 based on Canalys’ recent report.


[ad_2]
Source link

Another Peloton instructor becomes the voice of Waze’s driving experience

0
[ad_1]

It looks like Waze and Peloton have signed an agreement to bring fans a little bit of both worlds. After releasing a new driving experience voiced by Peloton instructor Matty Maggiacomo back in December, Waze is back at it with a similar theme.

This time around Waze users will have the option to choose to receive navigation instructions from Cody Rigsby, another Peloton famous instructor. Apparently, Cody won’t just offer you the necessary navigation instructions but also … dating advice, “in a sharp-tongued and gossipy tone.”

That being said, expect to hear prompts like “Flowers are great. But give anything but roses. Roses say <I don’t know what kind of flowers you like, and I don’t care enough to ask>.”

For those who get stressed fast during commuting, Cody has some special lines too, such as “You’re going to be your own hype man today. When you’re ready to go, say in a loud voice: <I’m fierce, I’m amazing, I’m going to slay this drive>.”

The Cody Rigsby driving experience comes with the Flouncy Mood and the Princess Carriage custom vehicle icon. The newly launched experience is now available worldwide with voice navigation in English.

[ad_2]
Source link

Leaked Galaxy A35 & Galaxy A55 renders reveal four colors

0
[ad_1]

Samsung‘s Galaxy A35 and Galaxy A55 have leaked in another set of renders. Shared by renowned tipster Evan Blass on X, we have images showing the two upcoming mid-range phones in multiple colors. The devices may go official soon as the company has started putting up support pages on its website.

Galaxy A35 and Galaxy A55 show up in fresh renders

Early last month, we exclusively leaked the official renders of the Galaxy A35 and Galaxy A55 in three colors each: Awesome Iceblue, Awesome Lilac, and Wesome Navy. It appears Samsung will offer the phones in a Greenish Yellow color too, at least the former model. The images shared by Evan Blass, aka @evleaks, show it in a shade of Yellow similar to that of the Galaxy A25. The other device is seen in the same three colors.

Samsung Galaxy A35 A55 leaked renders

At first glance, it is hard to tell the difference between the two models. They feature the same rear design, including the layout and positioning of the cameras, the LED flash unit, and the Samsung logo. The button placement is also the same, with both phones sporting the Korean firm’s new Key Island design language. The frame is slightly raised around the power and volume buttons on the right side.

The Galaxy A55 and Galaxy A35 also look identical from the front, thanks to Samsung upgrading the latter to a hole-punch design. However, looking closely, you will find a few design differences. Most notably, the Galaxy A55 has antenna lines on the frame, confirming a metallic structure. The Galaxy A35 has no antenna lines, meaning that it will feature a plastic frame. The former also has its camera lenses protruding further away from the body.

The two devices differ a lot internally

Samsung’s upcoming mid-range smartphones may look identical on the outside but they differ a lot internally. While we don’t have detailed specs, we know that the Galaxy A35 is a slightly bigger package overall. It will feature a bigger display. The two phones will also ship with different chipsets. The Galaxy A55 should get a new Exynos processor with an AMD-powered custom GPU. The devices may share the 50MP primary rear camera, though.

Over the past few weeks, Samsung has received regulatory approvals for the Galaxy A35 and Galaxy A55 from several government and certification agencies around the world. The company has also published support pages for the phones on its official websites. The support pages are live on its websites in India, the UK, Africa, the UAE, Latin America, and more regions. This is an indication of a nearing launch. Samsung might unveil the devices soon.


[ad_2]
Source link

Chinese Hackers Exploiting VMware 0-Day Flaw Since 2021

0
[ad_1]

Mandiant and VMware recently uncovered a sophisticated cyber espionage campaign. The attackers, a Chinese group identified as UNC3886, leveraged a known vulnerability in VMware software (CVE-2023-34048) to maintain access to the targeted systems for over a year.

This case highlights the importance of staying vigilant against persistent and evolving cyber threats.

Mandiant’s investigation revealed that UNC3886 employed advanced techniques to target vulnerable areas of technology that are beyond the reach of antivirus software.

This discovery underscores the need for a multi-layered security approach that goes beyond traditional antivirus measures.

attack path
VMWare 0 day Flaw

Mandiant persisted with its investigation, with a specific focus on identifying the techniques utilized for deploying backdoors into vCenter systems.

Document
Protect Your Network From Data Breach

Prevent malware from infecting your network at the delivery stage by intercepting malicious files in transit from their source to the target device’s web browser..

As per the analysis conducted by Mandiant, the crash of the “vmdird” process of VMware was found to be significantly linked to the exploitation of a specific vulnerability, namely CVE-2023-34048.

Though patched, Mandiant found evidence of these crashes in UNC3886 attacks between late 2021 and early 2022.

“Most environments where these crashes were observed had log entries preserved, but the “vmdird” core dumps were removed,” reads the report.

This means the attackers had access to the vulnerability for over a year and a half before it was fixed.

This vulnerability, fixed in October 2023, allowed attackers to execute commands without authentication remotely.

Mandiant strongly recommends that all VMware users update to the latest version of vCenter to mitigate this risk.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

New Rust-Based macOS Backdoor Steals Files, Linked to Ransomware Groups

0
[ad_1]

The Trojan.MAC.RustDoor backdoor is potentially linked to the notorious BlackBasta and (ALPHV/BlackCat) ransomware operators.

Bitdefender researchers have discovered a new backdoor targeting macOS devices. The backdoor, dubbed, Trojan.MAC.RustDoor is written in Rust language and can steal specific files, archive them, and upload them to the C2 (command and control) server.

According to the researchers, the backdoor has been active since November 2023. While Bitdefender could not attribute the campaign to a known threat actor, artefacts and indicators of compromise (IoCs) suggest a possible relationship with BlackBasta and ALPHV/BlackCat ransomware operators.

The backdoor impersonates a Visual Studio update, distributed as FAT binaries with Mach-O files for Intel x86_64 and ARM architectures. Samples identified by Bitdefender were titled:

  • zshrc2
  • Previewers
  • VisualStudioUpdater
  • VisualStudioUpdating
  • visualstudioupdate
  • VisualStudioUpdater_Patch
  • DO_NOT_RUN_ChromeUpdates

The first samples were found in November 2023 and the newest on 2nd February 2024. The Rust-based source code makes it harder for security researchers to analyze and detect its malicious code, potentially giving malware authors an advantage.

The backdoor has multiple variants, named Variant 1, Variant 2, and Variant Zero, with most samples sharing core functionalities. Variant 1 is a testing version, first seen on 22nd November 2023, and contains an embedded plist file. It is meant to ensure persistence using LaunchAgents but does not include a field for this method.

The second variant, found on 30th November 2023, is an upgraded version of the malware, containing a complex JSON configuration and an embedded Apple script for data exfiltration. The script is used to exfiltrate documents with specific extensions and sizes from Documents and Desktop folders, as well as user notes stored in SQLite format.

Variant Zero, discovered on 2nd February 2024, is the least complex variant, lacking Apple script and embedded configuration, despite its backdoor functionality.

All samples contain the backdoor functionality, with supported commands such as ps, shell, cd, mkdir, rm, rmdir, sleep, upload, botkill, dialog, taskkill, and download. These commands allow the malware to gather and upload files and gather information about the machine.

Additionally, the information extracted with the sysctl command and the output of two other commands (pwd and hostname) are submitted to the Register endpoint of the C&C server to receive a Victim ID.

According to Bitdefender’s blog post, communication with the C2 servers is performed using endpoints such as POST /gateway/register, POST /gateway/report, /gateway/task, and /tasks/upload_file. The C2 servers are currently answering with “detail”: “Not found.”

Trojan.MAC.RustDoor is a malware family that employs multiple persistence mechanisms, including lock_in_cron, lock_in_launch, lock_in_dock, and lock_in_rc. These methods are common in recent malware families but not as popular. Lock_in_cron involves using cronjobs, while lock_in_launch uses LaunchAgents to execute the binary every time a user logs in.

Lock_in_rc is achieved by modifying the ~/.zshrc file to execute the binary every time a new ZSH session is opened. Lock_in_dock is achieved by adding the binary to the Dock using the command defaults write com.apple.dock persistent-apps -array-add.

This is an ongoing research. Hackread.com will update readers when new details are shared regarding the likely threat actors behind this operation.

  1. Bluetooth Flaw Enables Keystroke Injection on macOS, iOS
  2. New JaskaGO Malware Targets Mac for Crypto, Browser Data
  3. Lazarus Group uses KandyKorn macOS malware for crypto theft
  4. Cracked macOS Software Laced with New Trojan Proxy Malware
  5. New Malware Turns Windows and macOS Devices into Proxy Nodes

[ad_2]
Source link

17 Nokia devices appeared, causing confusion

0
[ad_1]

17 new Nokia devices have been spotted online, and needless to say, that caused some confusion. Why? Well, HMD Global seems to be ditching the Nokia brand. It is planning to launch devices under the ‘HMD’ brand from now on, and even the Nokia Mobile social media channels are gone.

17 Nokia devices appeared and caused some confusion

So, what’s going on here? Well, we’re not entirely sure. HMD Global does have an agreement with Nokia until 2026, but the company is obviously phasing out the Nokia name. It was confirmed that some Nokia phones would still be sold offline, but we assumed those were the existing models.

Is it possible that HMD Global will actually release new Nokia-branded smartphones in addition to its own HMD-branded devices? Well, it’s possible, but not probable. Why would HMD Global kill the Nokia Mobile social media accounts and even rebrand the website itself then? It doesn’t make sense.

Perhaps these were the planned devices prior to HMD Global’s change of heart?

Perhaps these devices were in the pipeline prior to HMD Global’s decision. That is a possibility, but we cannot know for sure. Either way, the device was spotted by GSMChina, in case you were wondering.

Those are just a bunch of model numbers, actually nothing more. Some of the models are TA-1603, TA-1607, TA-1609, TA-1610… and all the way to TA-1628, while some model numbers in the row got skipped.

These models were spotted in the IMEI Database, in case that wasn’t clear. Those listings did not share any additional information about the phone, other than their model numbers.

HMD Global will announce the very first ‘HMD’ devices during this year’s MWC in Barcelona. That will happen later this month, and we’re hoping to get more information about the whole Nokia situation as well. Things seemed pretty clear until now, but perhaps HMD Global has other plans.


[ad_2]
Source link

Over 800 Phony “Temu” Domains Lure Shoppers into Credential Theft

0
[ad_1]

Stay alert against Temu phishing scams: Cybersecurity experts warn of scammers using fake giveaways to steal credentials. Over 800 new ‘Temu’ domains registered in the past 3 months.

Temu is the latest brand chosen by scammers for their phishing scams. Checkpoint’s Harmony Email’s cybersecurity researcher Jeremy Fuchs, has noted that hackers are using Temu’s giveaway rewards to entice users to give away their credentials, with over 800 new domains registered as “Temu” in the last three months.

For your information, Temu is an international e-commerce store having 40% of its user base in the USA. It offers discounted goods shipped directly to consumers. Temu was launched in 2022 and is available in 48 countries, including Europe, the Middle East, Southeast Asia, and Australia.

As of February 7, 2024, it is the number one shopping app on Google Play Store and second on the Apple App Store. The app’s most frequent shoppers are senior citizens, mostly 59 and above.

The sample phishing email identified by researchers claims to be from Temu Rewards. However, if you look closely, it is sent by an unrelated email address- onmicrosoft.com. The email contains a blank image and a link to a credential harvesting page. The threat actors try to attract recipients by informing them that they have won.

The email has Temu’s name as the sender. However, if the user realizes the sender address isn’t related to Temu or the links don’t lead to a Temu page, they’ll stay away from this scam. The email should raise suspicion as it is sent from a generic address onmicrosoft.com, and the image does not load.

Over 800 Phony "Temu" Domains Lure Shoppers into Credential Theft
One of the phishing emails used in the scam (Check Point)

Brand Names and Phishing

This isn’t the first time threat actors have exploited brand names and the latest trends to steal credentials or other sensitive information from innocent users.

In November 2022, Hackread reported that Cyjax researchers discovered a sophisticated phishing campaign targeting over 400 brands across various sectors. The scammers, likely having Chinese affiliations, used 42,000 domains to distribute malware and generate ad revenue with at least 24,000 survey/landing domains used to promote the scam.

Cybersecurity researchers at Bloster AI recently discovered a USPS Delivery phishing campaign utilizing advanced techniques to target victims in the US. Bolster’s CheckPhish detected over 3,000 phishing domains mimicking Walmart. The campaign tricked consumers into thinking they had failed deliveries and late payments. Threat actors have improved their attack tactics, transitioning from deceptive messages to luring victims into downloading financial or banking data-stealing apps.

A phishing scam targeting Meta Platforms, Inc. business owners to steal their email addresses and passwords, leading to the takeover of their Facebook page, profile, and financial information was discovered in January 2024. The scam used Meta Platforms’ authority to create urgency and legitimacy.

Temu and Cybersecurity

Temu itself has faced several cybersecurity-related issues, including allegations of collecting user and device data such as text messages and banking information.

In November 2023, a class-action lawsuit was filed in the United States, alleging that the company had unlawfully collected its customers’ data. Furthermore, another report surfaced, implicating Temu in the unauthorized disclosure of customer data, particularly in connection with data purportedly appearing for sale on the dark web after customers make purchases through the app.

Nevertheless, it’s crucial to emphasize basic security measures with users and ensure that all threats can be stopped, both simple and sophisticated, especially scams like these, which exploit users’ trust in big brands.

Additionally, to protect against phishing attacks, security professionals must implement AI-based security, robust URL protection, and full-suite security to scan documents and files.

  1. Fake LastPass Password Manager App Lurks on iOS App Store
  2. Google Suspends Chinese Shopping App Pinduoduo Over Malware
  3. Google Removes Swing VPN Android App Exposed as DDoS Botnet
  4. Check Point Research: Microsoft the Most Phished Brand in Q2 2023
  5. Domain Squatting and Brand Hijacking: A Threat to Digital Enterprises

[ad_2]
Source link

Android 14 coming to 28 OPPO smartphones this month, globally

0
[ad_1]

OPPO has released a list of smartphones that will be getting Android 14 this month, globally. For the vast majority of them, the rollout has already started while for three India-specific ones, the rollout will start towards the end of the month.

Android 14 is now rolling out to a bunch of OPPO smartphones… globally

This update is coming with ColorOS 14 on top of Android 14, of course. Do note that the update is rolling out in stages, so it may not be available to everyone at once. You may have to wait a bit.

Let’s start with the N series. The OPPO Find N3, Find N3 Flip and Find N2 Flip are already getting the update. Three devices from the ‘X’ series are also getting it, the OPPO Find X5 Pro, Find X5, and Find X3 Pro.

Quite a few OPPO Reno phones are also listed here. The OPPO Reno10 Pro+ 5G, Reno10 Pro 5G, and Reno10 5G are on the list. The same goes for the Reno8 Pro 5G, Reno8 5G, Reno8, Reno8 T 5G, and Reno8 T.

The OPPO Reno7 is getting the update too, and that closes out the Reno phones. The OPPO F23 5G, F21s Pro, F21 Pro, and K10 5G are also listed. The rest of the list is reserved for OPPO’s A series smartphones.

Even a number of OPPO A series devices are included

The OPPO A98 5G, A78 5G, A77 5G, A77s, A77, and A57 are all getting Android 14. That closes out the list of smartphones that are available in a number of markets, globally. The three remaining ones are available in India only. The last three phones on the list are the OPPO A58, A38, and A18.

This update brings an improved Aquamorphic Design. It brings new sound effects, color systems, interactions, and more. The Always-On Display will also get improvements on devices that support it. It raises awareness about climate change.

AI also plays a huge role in boosting efficiency in ColorOS 14. AI-powered Smart Touch is also included in this update, and the same goes for File Dock. If you’d like to know more, click here.

OPPO ColorOS 14 global schedule February 2024


[ad_2]
Source link

A deep dive into Appy Pie Connect’s workflow automation capabilities

0
[ad_1]

In today’s fast-paced business landscape, efficiency and agility are paramount for staying ahead of the curve. As organizations strive to streamline their operations and maximize productivity, the role of workflow automation has become increasingly essential. One platform that stands out in this realm is Appy Pie Connect, offering a comprehensive suite of tools to automate workflows and drive business growth. Let’s take a closer look at how Appy Pie Connect’s capabilities can help accelerate your business to new heights.

Streamlining Processes for Seamless Operations

At the heart of Appy Pie Connect lies its ability to streamline processes seamlessly. By integrating various apps and tools, it facilitates the automation of repetitive tasks, reducing manual effort and minimizing the risk of errors. Whether it’s syncing customer data between different platforms, sending automated notifications, or updating records in real-time, Appy Pie Connect empowers businesses to operate more efficiently and effectively.

One of the standout features of Appy Pie Connect is its support for Netsuite integrations. Netsuite is a powerful enterprise resource planning (ERP) system used by businesses worldwide. By integrating Netsuite with other key applications and services through Appy Pie Connect, organizations can achieve greater cohesion across their operations. For instance, they can automate the transfer of sales data from their e-commerce platform to Netsuite, ensuring accurate and up-to-date records without manual intervention.

Unlocking Insights with Data Integration

In today’s data-driven landscape, access to actionable insights is crucial for making informed business decisions. Appy Pie Connect goes beyond basic automation by enabling seamless data integration, allowing businesses to unlock valuable insights from disparate sources. By connecting tools like Tableau, a leading business intelligence platform, businesses can consolidate data from multiple sources and gain a holistic view of their operations.

With Tableau integrations, organizations can visualize complex datasets and uncover trends, patterns, and correlations that may otherwise go unnoticed. By automating the process of data extraction and transformation through Appy Pie Connect, businesses can save time and resources while gaining deeper insights into their performance metrics, customer behavior, and market trends. This, in turn, enables them to make data-driven decisions that drive growth and innovation.

Enhancing Collaboration and Communication

Effective collaboration and communication are essential for driving productivity and fostering innovation within organizations. Appy Pie Connect facilitates seamless communication by integrating with popular communication tools such as Slack, Microsoft Teams, and Zoom. By automating the sharing of updates, notifications, and reminders, it ensures that teams stay aligned and informed, regardless of their location or time zone.

Moreover, by integrating these communication tools with other key applications, such as project management platforms or CRM systems, Appy Pie Connect enables cross-functional collaboration and ensures that relevant information is shared across departments in real-time. This not only enhances efficiency but also fosters a culture of transparency and accountability within the organization.

Scaling Operations for Growth and Adaptability

As businesses grow and evolve, scalability and adaptability become increasingly important. Appy Pie Connect’s flexible and customizable automation capabilities enable organizations to scale their operations seamlessly and adapt to changing business requirements. Whether it’s automating repetitive tasks, orchestrating complex workflows, or integrating new applications into their existing ecosystem, Appy Pie Connect provides the flexibility and agility needed to support growth and innovation.

Furthermore, with its extensive library of pre-built connectors and customizable workflows, Appy Pie Connect empowers businesses to tailor automation solutions to their specific needs and preferences. Whether they’re a small startup looking to streamline their sales process or a large enterprise seeking to optimize their supply chain, Appy Pie Connect offers a scalable and cost-effective solution that can grow with their business.

In conclusion, Appy Pie Connect’s workflow automation capabilities offer a powerful solution for accelerating business growth and driving innovation. By streamlining processes, integrating data, enhancing collaboration, and scaling operations, it empowers organizations to operate more efficiently, adapt to changing market dynamics, and stay ahead of the competition. With its support for Netsuite and Tableau integrations, Appy Pie Connect provides a comprehensive platform for businesses to automate their workflows, unlock actionable insights, and achieve their strategic objectives. Whether you’re a startup, SME, or large enterprise, Appy Pie Connect has the tools and capabilities you need to take your business to the next level.


[ad_2]
Source link