Energy Giant Schneider Electric Hit by Cactus Ransomware Attack

0
[ad_1]

Schneider Electric’s Sustainability Business division hit by Cactus ransomware attack. The incident highlights the growing threat to industrial organizations. Get the latest updates on impact and response.

Schneider Electric, a global leader in energy management and automation, has suffered a ransomware attack that impacted its Sustainability Business division. The attack, which occurred on January 17, 2024, involved the deployment of the Cactus ransomware, a strain known for targeting industrial organizations.

The Impact:

The attack primarily affected Schneider Electric’s EcoStruxure Resource Advisor platform, used by over 2,000 companies worldwide to monitor energy and resource data. While the full extent of the breach is still under investigation, it is confirmed that some data was accessed by the attackers. Fortunately, no other Schneider Electric divisions or business units were affected.

Schneider Electric’s Response:

According to a press release, the company immediately launched a global incident response, mobilizing its internal team and bringing in external cybersecurity experts to contain the attack and restore affected systems. Additionally, Schneider Electric is notifying customers who may have been impacted by the breach.

On January 17th, 2024, a ransomware incident affected Schneider Electric’s Sustainability Business division. The attack has impacted Resource Advisor and other division-specific systems. Schneider Electric Global Incident Response team has been immediately mobilized to respond to the attack, contain the incident, and reinforce existing security measures. The Sustainability Business division has informed impacted customers.

Schneider Electric

Current Status and Potential Impact:

As of January 31, 2024, Schneider Electric is still working to restore full functionality to its systems. Most systems are expected to be back online within the next few days. However, the attack could potentially disrupt operations for some of Schneider Electric’s customers, and there is a risk that customer data may have been compromised.

Expert Opinions:

Cybersecurity experts have expressed concern about the growing trend of ransomware attacks targeting industrial organizations. They warn that such attacks can have significant consequences, disrupting critical infrastructure and potentially endangering public safety.

John Gallagher, Vice President of Viakoo Labs at Viakoo said “Whether for IoT, OT, or ICS systems it has been a long-standing best practice to ensure these systems are on dedicated and isolated networks to prevent lateral movement if vulnerable IoT devices are breached. But this is not that situation; this is a business division and more like a fully separate company.”

John advised that “In addition to isolated or segmented networks, effective use of zero trust principles can also be effective in preventing lateral movement within an organization.”

“Using application-based discovery to identify all application, device, and port relationships can also be effective in setting up and maintaining an isolated network. Too often a network is properly configured and isolated, but over time both users and configuration drift can impact that segmentation and allow punch-throughs,” he added.

Schneider Electric Energy Giant Confirms Cactus Ransomware Attack
Homepage of Cactus ransomware’s dark web domain – For now, there is no mention of Schneider Electric (Screenshot: Hackread.com)

Key Takeaways:

  • Schneider Electric’s Sustainability Business division was hit by a ransomware attack on January 17, 2024.
  • The attack involved the Cactus ransomware strain and impacted the EcoStruxure Resource Advisor platform.
  • Some data was accessed by the attackers, but the full extent of the breach is still under investigation.
  • Schneider Electric is working to restore systems and notify impacted customers.
  • The attack is a reminder of the growing threat of ransomware targeting industrial organizations.
  1. LockBit Ransomware Gang Claims Subway as New Victim
  2. Schneider Electric Shipped USB Drives Loaded with Malware
  3. New CISA Advisories Highlight Vulnerabilities in Top ICS Products
  4. TeamViewer Exploited to Obtain Remote Access, Deploy Ransomware
  5. Controller-level flaws can let hackers physically damage moving bridges

[ad_2]
Source link

Pixel sales were strong in Q4 2023, suggests Google’s latest report

0
[ad_1]

Google has released its financial report for Q4 last year. That financial report suggests that the Pixel phone sales were quite strong in Q4 2023. Now, Google doesn’t exactly share those numbers, but hear us out.

Pixel device sales have seemingly been quite strong for Google in Q4 2023

The ‘Subscriptions’ category, which includes Android, Pixel phones, tablets, smartwatches, and truly wireless earbuds, has earned $10.79 billion, which is an increase of 22.7% compared to Q4 2022.

This does give us a strong suggestion that Pixel phones have been selling really well for the company. The Pixel 8 and Pixel 8 Pro in specific have likely seen very good sales numbers, compared to previous generations.

It would be great if Google actually shared some sales numbers with everyone, but that doesn’t usually happen, and chances are it won’t happen anytime soon either. This is the best indication we’ll get unless something ends up changing.

Google’s revenue rose by 13% in Q4 2023 (YoY)

Now, in regards to some other numbers… Google’s Q4 2023 revenue rose 13% year-over-year (YoY) to $86.31 billion. It was $76.05 billion a year before, in Q4 2022. In the entire year of 2023, Google took in $307.39 billion, which is a 9% increase compared to 2022.

Google Search revenue increased by 12.7% to $48.02 billion. YouTube revenue, on the other hand, also did great with a 15.5% increase to $9.20 billion. Google advertising has seen an 11% increase on an annual basis, to $65.52 billion.

Google’s Cloud Services also did great in Q4 2023 with a 25.7% revenue increase, to $9.19 billion. What decreased is the number of employees, it shrunk by 4.1% to 182,502. Google had 190,234 employees a year before.

Sundar Pichai said: “We are pleased with the ongoing strength in Search and the growing contribution from YouTube and Cloud”. He also had to mention AI, of course, by adding: “Each of these [Search, Youtube & Cloud] is already benefiting from our AI investments and innovation. As we enter the Gemini era, the best is yet to come.”


[ad_2]
Source link

Hit by poor chip demand, Samsung’s 2023 profit dropped 85%

0
[ad_1]

Samsung has published its earnings report for 2023. As expected, the company suffered a steep decline in operating profit despite a relatively health consolidated sales revenue. Poor semiconductor demand hurt it big time, with the business unit posting a loss for the first time in 14 years.

Samsung suffered an 85% profit decline in 2023

According to Samsung’s official press release, the company made KRW 67.78 trillion (approx. $50.8 billion) in sales revenue and KRW 2.82 trillion (approx. $2.1 billion) in operating profit in the fourth quarter of 2023. The figures respectively mark a 3.8% and 34.5% year-on-year (YoY) decline from the same period in 2022.

While this already looks bad for a global conglomerate, it had even worse financial performance in the previous three quarters of last year. The year-end quarter was a more positive one. Its profit margin for October-December 2023 was 4.2%, up from 3.6% in the third quarter and 1% in the first two quarters.

With such a poor show throughout the year, Samsung’s operating profit for the whole of 2023 was just KRW 6.57 trillion (approx. $4.9 billion). That is despite a consolidated sales revenue of KRW 258.94 trillion (approx. $194 billion). The company generated a profit of KRW 43.38 trillion in 2022 when its revenue was KRW 302 trillion. Last year, its profit declined 85% YoY, while revenue dropped only 14%.

In 2023, Samsung was hit hard by a global decline in semiconductor demand and prices. The DS Division, which encompasses the semiconductor business, posted a loss throughout the year. It was the company’s first loss from the chip business in 14 years, since the global financial crisis of 2008. All other major business divisions fared relatively well for Samsung last year.

Samsung expects a better financial performance in 2024

Samsung expects its earnings to improve in 2024. The company plans to focus on improving profitability by increasing sales of “high value-added products,” while the component businesses aim to meet the demand for advanced products, such as generative AI. The Device eXperience (DX) Division, which includes the smartphone business, will bring more AI features to smartphones and other products.

As far as the semiconductor business is concerned, Samsung projects a recovery in demand this year as the smartphone market rebounds after a slowdown in 2023. There are still various potential obstacles, including interest rate policies and geopolitical issues, but the Korean firm likely expects the chip division to return to profitability in 2024. It remains to be seen whether Samsung manages to turn the tide this year. The company will publish its Q1 2024 earnings report in April.


[ad_2]
Source link

First OnePlus 12 update brings Hasselblad Master Mode

0
[ad_1]

The very first (global) OnePlus 12 update has arrived, and it delivers Hasselblad Master Mode to the device. This is something that OnePlus promised would arrive to the device, and it just has, prior to release.

Hasselblad Master Mode is a part of the very first OnePlus 12 update

You’ve probably seen some OnePlus 12 reviews by now, including ours, however, the phone is still up for pre-order. So there’s still time for OnePlus 12 to push updates to the device before they arrive into the hands of customers.

This is one such update, and possibly even the last one prior to release. The Hasselblad Master Mode is definitely the most notable addition to this update. It allows you to set levels for saturation, contrast, sharpness, and vignette before you take the photo.

It is a part of the OxygenOS v14.0.0.404 (EX01), which weighs 6.48GB. Yes, this is a huge update so make sure you’re either connected to Wi-Fi or that you have plenty of data before you download it.

ProXDR is now also available in the Google Photos app

What else is included here? Well, ProXDR is now available in the Google Photos app, and this update also improves the fingerprint scanner. OnePlus has also listed improved stability and compatibility of Wi-Fi network connections.

Every function related to NFC has also been improved, as the NFC functionality has been boosted. On top of that, Bluetooth should work better than before now, as OnePlus says that the stability has been improved, as well as compatibility.

The last change noted here is the improved system stability. OnePlus probably optimized things further and also squashed some bugs in order to get there. That’s always nice to see, of course.

This update is coming to you in the form of an OTA (over-the-air) update. Your phone will let you know when it’s available, and depending on your settings it may even download and install it. You can also manually check whether it’s available if you’re impatient.


[ad_2]
Source link

MediaTek’s flagship Dimensity 9400 SoC coming in Q4 2024

0
[ad_1]

MediaTek’s flagship Dimensity 9400 SoC will launch in Q4 this year. This information is actually official, as it comes from the company’s CEO. Rick Tsai, MediaTek’s CEO confirmed as much, while sharing some additional details. He didn’t specifically mention the chip by name, but everyone knows what he was talking about.

MediaTek’s flagship Dimensity 9400 SoC is coming in the last quarter of the year

He said that the chip will come with boosted AI capabilities too. That’s basically it. Rick Tsai didn’t really go into details, he simply wanted to tease the arrival of the chip.

With that said, we do have some additional info about this chip, thanks to rumors. MediaTek is expected to continue using ARM’s CPU designs, unlike Qualcomm. The company will move to the Cortex-X5 cores.

Much like the Dimensity 9300, the Dimensity 9400 is not expected to feature efficiency cores. That should bring forth rather high multi-core performance. Who knows, maybe the Snapdragon 8 Gen 4 has similar plans, some rumors did hint that’s the case.

LPDDR5T support is also expected

LPDDR5T support could be included as part of the package, and the company will use TSMC’s new 3nm process in order to bring this chip forth. Qualcomm will also use TSMC’s second-gen 3nm process for the Snapdragon 8 Gen 4.

We haven’t really seen the MediaTek Dimensity 9300 in all that many phones. It did prove to be quite a capable processor inside the Vivo X100 Pro and some other devices, though. So the hopes are high for the Dimensity 9400.

One area that was hope MediaTek will improve in is power efficiency. The company’s flagship processors are still not on par with flagship chips from Qualcomm in that area. As far as sheer power goes, they’re definitely up there.

It will also be interesting to compare the MediaTek Dimensity 9400 vs Qualcomm’s Snapdragon 8 Gen 4, as the Snapdragon 8 Gen 4 will feature Oryon cores for the first time.


[ad_2]
Source link

Critical Flaws Found in GNU C Library, Major Linux Distros at Risk

0
[ad_1]

Millions of Linux systems are at risk due to four critical vulnerabilities found in the GNU C Library (glibc), a fundamental component of most Linux distributions.

The Qualys Threat Research Unit (TRU) has discovered four significant vulnerabilities in the GNU C Library, a crucial component of Linux-based systems. Researchers have discovered multiple vulnerabilities in the library’s syslog and qsort functions, raising significant security concerns.

The first vulnerability, tracked as CVE-2023-6246, is a heap-based buffer overflow law. It is discovered in the GNU C Library’s __vsyslog_internal() function and affects syslog() and vsyslog().

The vulnerability, originating in glibc 2.37 introduced in August 2022, was subsequently backported to glibc 2.36, leading to its tracing. Most major Linux distributions, including Debian, Ubuntu, and Fedora, are vulnerable to this flaw, which allows local privilege escalation and lets unprivileged users gain full root access.

The same function affected by CVE-2023-6246 has two more, but minor impact vulnerabilities: CVE-2023-6779 (glibc) and CVE-2023-6780 (glibc). These vulnerabilities involve off-by-one heap-based buffer overflows and integer overflow issues.

Once triggered, these flaws appeared far more challenging than the first vulnerability (CVE-2023-6246). Further probing revealed that their effective exploitation is even more complex.  

The last one is a memory corruption issue discovered in the GNU C Library’s qsort function, occurring due to missing bounds check. This vulnerability can be exploited when qsort() is used with a nontransitive comparison function and when an attacker manages to control a large number of elements, leading to malloc() failure.

The flaws affect glibc’s handling of input formats within syslog() and could trigger buffer overflows and memory corruption, allowing attackers to inject malicious code into vulnerable systems. Exploitation of these vulnerabilities may allow attackers to gain remote code execution (RCE) on affected systems, potentially leading to data theft and system compromise.

The syslog vulnerability allows root access, affecting major Linux distributions, while the qsort vulnerability leads to memory corruption. What is more concerning is that the vulnerabilities affect all glibc versions from September 1992 (glibc 1.04) to the current release (glibc 2.38).

TRU contacted the glibc security team regarding the flaws on 12 December 2023, but the team decided not to treat memory corruption in qsort() as a vulnerability. On 16 January 2024, TRU backported commit b9390ba to all stable versions of glibc, and the coordinated release date was set for 30 January 2023.

The discovery highlights the painful fact that even the most trusted components can have flaws. These issues usually have far-reaching implications, potentially impacting millions of users globally and making a large number of applications vulnerable and exploitable, as noted by TRU’s Product Manager, Saeed Abbasi in the company’s blog post:

“The recent discovery of these vulnerabilities is not just a technical concern but a matter of widespread security implications.”

Users are advised to update their glibc versions immediately to mitigate risks, while system administrators and developers should review their applications/libraries to ensure their systems are safe.

  1. Mélofée: The Latest Malware Targeting Linux Servers
  2. WiFi Flaws Allow Network Traffic Interception on Linux
  3. Bluetooth Vulnerability Enables Keystroke Injection Linux
  4. Linux Vulnerability Exposes Millions of Systems to Attack
  5. Free Download Manager Site Pushed Linux Password Stealer

[ad_2]
Source link

OnePlus returns to key European market after a long hiatus

0
[ad_1]

OnePlus has made a return to a key European market after a rather lengthy hiatus. This news follows the agreement between OPPO and Nokia over 5G patents, which caused OPPO and OnePlus quite a bit of problems.

OnePlus has returned to a key European market after a long hiatus

OnePlus has returned to Germany, as its smartphones were not available there for over a year. OPPO is still missing as of writing this article, but OPPO’s smartphones are also expected to return.

Nokia sued the two companies over 5G patents in 2022, and their devices have been missing from Germany since August 2022. An agreement was reached quite recently between companies, so both OnePlus and OPPO can resume their business in Germany.

OnePlus and OPPO are sister companies, for those of you who are unaware. Both companies are a part of the BBK Electronics family, and the same goes for Vivo, in case you didn’t know that.

Both the OnePlus 12 and OnePlus 12R are now available in the country

OnePlus has returned to Germany with its latest smartphones, the OnePlus 12 and OnePlus 12R. Both devices are now available to pre-order in Germany, in case you’re interested.

OnePlus actually has a deal for both smartphones. You can bundle them with a free pair of OnePlus Buds Pro 2 earphones. Those earphones cost €179 on their own, so that’s a nice perk.

It’s also worth noting that the top-end OnePlus 12 device, the one with 16GB of RAM and 512GB of storage, is also 9% off. That brings its price down to €999, while the 12GB RAM + 512GB storage option costs €949 in the country. Yes, the prices in the EU are considerably higher than the ones in the US.

Do note that some extra discounts are available with each purchase. You can get a 50% discount on the company’s 50W wireless charging, which brings the price down to €35. The OnePlus Pad can be bought for €450, which is a 10% discount.

The OnePlus 12R, on the flip side, comes in one variant, with 16GB of RAM and 256GB of storage. That device can be yours for €699.


[ad_2]
Source link

Microsoft Edge could be importing your data without permission

0
[ad_1]

After the most recent Windows update, it appears Microsoft Edge might be importing your data from other browsers without asking. It’s no secret Microsoft wants you to switch permanently to Edge, they try every other day after all. But, be it a glitch or more, it seems the browser has gone a step further. Users who have recently updated Windows might want to double-check their settings in Edge.

Microsoft Edge importing data from other browsers

This is apparently an issue that has been happening for months. Users on various social media platforms have reported Edge “stealing” their data from other browsers on their devices. It is true that Microsoft has been working on a feature to import your data from other browsers. However, according to these reports, not only is this feature on without consent, but users are having trouble getting it to stay off.

The entire ordeal got more attention recently when Tom Warren of The Verge reported falling victim to it. After a Windows update, he saw Microsoft Edge open itself with the tabs he had been working on in Chrome. Some research later, and it turns out this isn’t anything new. Microsoft Edge now has its import feature turned on by default. This allows it to import not just your browsing history, but also your bookmarks, cookies, extensions, settings, and even your auto-fill data.

Is this a concern, and how to turn it off?

Though extremely handy for people making the switch to Edge, this does result in a massive breach of trust. The biggest red flag is how Edge does not ask for your consent before turning this feature on. Auto-fill data can have some very sensitive information stored in it. Information users don’t want being shared around without being informed. Furthermore, if additional reports and tests are to be believed, it appears Edge imports this data even with the option turned off.

Turning this feature off is quite simple, though it cannot be guaranteed at the moment that it will actually remain off. Simply go into Settings, then Profiles, and you will find the option there under Import Browsing Data. You will also see options to manually import data from other browsers on your system should you wish.

Microsoft has recently put a lot of effort into making Edge a much better browser than Internet Explorer ever was. But, despite Edge being a solid browser, most people are unwilling to switch over from what they’re familiar with. Microsoft might continue to become even more aggressive going forward in attempts to make users switch over. If it does, we could be looking at an Apple-like Microsoft ecosystem where everything is tightly controlled and under Microsoft’s supervision.


[ad_2]
Source link

TikTok’s silent dance: Universal Music Group pulls the plug on tunes

0
[ad_1]

Imagine watching a video of a dancing group of people without any music. It could be quite amusing, right? Well, TikTok users might soon experience just that, as songs are about to vanish from the platform.

According to Variety (via 9to5Mac), Universal Music Group, one of the biggest players in the music industry, has stated that it couldn’t reach new deal terms with TikTok. The disagreements were mainly about how artists are paid and how TikTok uses AI. Universal Music accused TikTok of trying to push for a deal that was less favorable than before.

UMG mentioned that its existing agreement with TikTok is due to expire on January 31. It stated:
If the deal actually ends, UMG is gonna yank its music from TikTok. That’s a big chunk of tunes gone, and for TikTok, that could be trouble. The app thrives on those catchy beats for its viral videos. Without a library full of popular music, creating those viral clips might get a bit tricky.And UMG has the A-listers when it comes to popular music. Think of Taylor Swift, Bad Bunny, Sting, The Weeknd, Alicia Keys, Steve Lacy, Drake, Billie Eilish, Kendrick Lamar, Rosalía, Harry Styles, Ariana Grande, Justin Bieber, Adele, U2, Elton John, Brandi Carlile, Coldplay, Pearl Jam, and Bob Dylan. If they pull the plug, TikTok loses a star-studded cast, making those lip-syncs and dance-offs a bit less star-powered.

TikTok clapped back at UMG, saying,

The social media thinks UMG has chosen to walk away from the powerful support of a platform with over a billion users that serves as a free promotional and discovery vehicle for their talent.

In a letter, the music company also referred to TikTok as “an increasingly influential platform with powerful technology and a massive worldwide user base.” However, UMG highlighted three key concerns: fair compensation for their artists and songwriters, safeguarding human artists from the negative impacts of AI, and ensuring online safety for TikTok users.

Talking about online safety, TikTok has been dealing with some issues lately. The state of Iowa threw a lawsuit at the company, claiming the app isn’t suitable for users under 17. Also, TikTok pulled a tool researchers used to study hashtag trends after facing criticism. This has added to the ongoing tension between social media platforms and researchers looking into topics like misinformation.

[ad_2]
Source link

GitLab Patched A Workspace Creation Vulnerability

0
[ad_1]

Days after releasing a major update, GitLab rolled out another emergency update addressing a serious vulnerability affecting workspace creation. The service urged all users to update to the latest releases at the earliest, assuring that the web and GitLab Dedicated environments already run the patched versions.

GitLab Workspace Creation Vulnerability

According to a recent post, GitLab patched five vulnerabilities affecting the service, including a critical severity flaw. As described, exploiting the vulnerability could allow arbitrary file write during workspace creation.

While the advisory doesn’t elaborate on this vulnerability, CVE-2024-0402, it did highlight its severity, mentioning its CVSS score (9.9). This critical severity flaw caught the attention of GitLab’s team member, compelling the service to release the patch for all available versions. In fact, GitLab also backported this fix to versions 16.5.8, 16.6.6, 16.7.4, and 16.8.1.

Other GitLab Security Fixes

Besides, the other vulnerabilities addressed with the latest update include the following medium severity issues.

  • CVE-2023-6159 (CVSS 6.5): Exploiting the vulnerability could allow an adversary to trigger Regular Expression Denial of Service (ReDoS) via a maliciously crafted input containing Cargo.toml. GitLab came to know of this vulnerability through a HackerOne bug report.
  • CVE-2023-5933 (CVSS 6.4): Improper input sanitization of user name could allow arbitrary API PUT requests.
  • CVE-2023-5612 (CVSS 5.3): The vulnerability existed due to unwarranted exposure of user email address via tags even with disabled profile visibility settings.
  • CVE-2024-0456 (CVSS 4.3): This vulnerability could let an unauthorized attacker assign arbitrary users to MRs within the project.

The recent update marks the second major security release from GitLab. Earlier this month, GitLab released versions 16.7.2, 16.6.4, and 16.5.6 for both Community Edition and Enterprise Edition (CC/EE), patching a severe zero-click vulnerability. Now that another security release has been out, users must update their systems with the latest versions to receive all patches in time.

Let us know your thoughts in the comments.


[ad_2]
Source link