First look at Google Pixel 8 Pro in Mint color

0
[ad_1]

Google announced the Pixel 8 Pro last October in three colors, Bay, Obsidian, and Porcelain. In other words, blue, black, and white. That being said, a new color is coming, and we now get to see the Google Pixel 8 Pro in Mint color for the first time.

The Google Pixel 8 Pro in mint color is coming tomorrow, and here’s your first look at it

Do note that Google teased a new color for the Pixel 8 Pro quite recently, and Evan Blass now gave us a look at the phone. If you check out the image provided below, you’ll get to see it with your own eyes.

Google Pixel 8 Pro Mint leak 1

This is the Pixel 8 Pro in a Mint color, the fourth color variant for the Pixel 8 Pro series. Now, we’re still not sure what will the official name for the color be, but it sure is mint-colored.

In fact, considering that Google said that something ‘Minty Fresh’ is coming, we wouldn’t be surprised if the company actually used that for the color name. Google is known for its wacky names.

For example, the pale green Google Pixel 7 color was officially known as ‘Lemongrass’. It remains to be seen, though we won’t be waiting for long. Google will officially announce this new color tomorrow, January 25.

An exclusive wallpaper will also be included

As you can see, the phone will include an exclusive wallpaper as well, which is shown in the image. It’s showing Mentha with some ice, it would seem.

The back of this phone will be mint-colored, kind of, or also pale green if you want a more accurate description. The frame and the camera visor will be silver (metallic), though.

Other than the color change and a new wallpaper, this phone will be identical to its siblings. It will have the same price tag as well, so no worries there. Chances are Google will make it available upon reveal, tomorrow.


[ad_2]
Source link

ChatGPT is getting closer to being your Google Assistant replacement

0
[ad_1]

ChatGPT has an app, and it’s been working to be a proper replacement for Google Assistant. This, obviously, comes with some major obstacles, but OpenAI just jumped a certain hurdle. According to sources, ChatGPT can now have a tile in your Quick Settings.

One thing that makes a voice assistant convenient is being able to access it from any screen on your device. In the case of ChatGPT, while it has voice assistant capabilities, you still have to navigate to the app to use it. Well, this is something that it’s been trying to overcome.

ChatGPT now has its own tile in the Quick Settings

The ChatGPT app has been out since July 2023, and it’s been improving ever since. One thing that was missing was the ability to use it as a voice assistant. Obviously, that will not sit well with Google whatsoever. However, there’s not much that the company can do about it (well, without doing something worthy of a lawsuit).

Not too long ago, we got word that OpenAI wanted ChatGPT to be a true voice assistant. According to a new report, you can now assign the chatbot as one of the tiles on your Quick Settings. In case you don’t know what your quick settings are, it’s the row of tiles you see when you summon the notification shade.

ChatGPT on Quick Settings

When you summon the Quick Settings, all you have to do is tap on the icon. Then, you will see a small animation appear at the bottom of the screen. In our usage, we saw that it sometimes takes a second or two for it to load before you’re able to start speaking.

After you say what you want to say, you’ll see a short “thinking” animation followed by a voice response. Letting you access ChatGPT from your Quick Settings means that you’re pretty much able to access it from any screen on your device. This brings it closer to being a true voice assistant.

One neat thing about this is that ChatGPT keeps a record of these voice conversations. So, you are still able to go back to these conversations and continue them via text or voice.

How to access this feature

It’s pretty easy to access this feature, but there is one hoop you have to jump through. Right now, ChatGPT in the Quick Settings is only available on the beta version of the app. Search for the app on the Google Play Store, and scroll down until you find the Join Beta button. Once you join the beta, you will then get an update for the app.

After you update the app, look through your quick settings and find the ChatGPT tile. Obviously, you will have to grant ChatGPT permission to use your microphone in order to use it. Since this is the beta version, you should expect a little instability as the company is working on ironing everything out


[ad_2]
Source link

Beware of Weaponized Office Documents that Deliver VenomRAT

0
[ad_1]

Since office documents are often used in business communications, hackers take advantage of this fact to disseminate malicious malware easily.

Hackers can mislead users into unintentionally activating malware by hiding it in documents that appear to be safe, which gives the malware access to systems and networks.

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) recently identified that hackers have been actively exploiting the weaponized Office documents to deliver VenomRAT.

Document
Free Trial

Open Suspicious Files & Links in the ANY RUN Sandbox Safely; Try All Features for Free. Understand malware behavior, collect IOCs, and easily map malicious actions to TTPs — all in our interactive sandbox.

Office Documents Deliver VenomRAT

ASEC discovered a malicious shortcut file, ‘Survey.docx.lnk,’ which delivers VenomRAT (AsyncRAT), and it’s disguised as a legit Word file that is bundled in a compressed file with a genuine text file. 

The attack uses ‘blues.exe’ masked as a Korean company’s certificate, which urges caution. The LNK file executes malicious commands connecting to an external URL through “mshta.” The decoded URL reveals PowerShell commands downloading files to %appdata%. 

The downloaded ‘qfqe.docx’ seems innocent, but ‘blues.exe’ is a malware downloader. Executing it downloads additional scripts through PowerShell, including ‘sys.ps1,’ which further fetches data from ‘adb.dll’ in a fileless format. 

Besides this, the ‘adb.dll’ contains an encoded shellcode decrypted by XORing Base64 with the ‘sorootktools’ string.

Operation process (Source - ASEC)
Operation process (Source – ASEC)

The executed shellcode by VenomRAT (AsyncRAT) conducts the following things:-

  • Keylogging
  • PC info leaks
  • Obeys threat actor commands

The malicious shortcut files resembling legit documents actively spread and demand user vigilance due to the hidden ‘.lnk’ extension.

IoCs

File Detection

  • Trojan/LNK.Runner (2024.01.16.00)
  • Trojan/HTML.Agent.SC196238 (2024.01.17.00)
  • Trojan/Win.Generic.C5572807 (2024.01.12.03)
  • Trojan/PowerShell.Agent (2024.01.17.00)
  • Trojan/Win.Generic.C5337844 (2022.12.21.00)

Behavior Detection

  • Execution/MDP.Powershell.M2514

MD5

  • 2dfaa1dbd05492eb4e9d0561bd29813b
  • f57918785e7cd4f430555e6efb00ff0f
  • e494fc161f1189138d1ab2a706b39303
  • 2d09f6e032bf7f5a5d1203c7f8d508e4
  • 335b8d0ffa6dffa06bce23b5ad0cf9d6

C&C

  • hxxp://194.33.191[.]248:7287/docx1.hta
  • hxxp://194.33.191[.]248:7287/qfqe.docx
  • hxxp://194.33.191[.]248:7287/blues.exe
  • hxxp://194.33.191[.]248:7287/sys.ps1
  • hxxp://194.33.191[.]248:7287/adb.dll
  • 194.33.191[.]248:4449

[ad_2]
Source link

Samsung Galaxy A55 picks up Bluetooth SIG & TUV Rheinland certifications

0
[ad_1]

The upcoming Samsung Galaxy A55 has bagged two new certifications. These include the Bluetooth SIG and TUV Rheinland. The latest certifications hint at the imminent arrival of the smartphone. The phone has already been spotted on the Geekbench benchmarking platform as well as in leaked renders.

Samsung Galaxy A55 bags two new certifications

The Samsung Galaxy A55 has appeared on the Bluetooth SIG and TUV Rheinland websites with model number SM-A5560, SM-A556E, and SM-A556B. The former two could be for the Asian markets while the SM-A556B could be for the European region.

The Bluetooth SIG database reveals that it will support Bluetooth 5.3 connectivity. Meanwhile, the TUV Rheinland listing mentions that the device will come with a 9V DC adapter supporting 2.77 A output. This indicates that the upcoming offering will support 25W fast wired charging which was also confirmed by China’s 3C authority. The charging speed will remain unchanged from last year’s Galaxy A54. Even the base Galaxy S24 maxes out at the same 25W speed.

The certification listings do not reveal any additional details of the Galaxy A55.

Galaxy A55 may see a delayed launch

The certification listings of the Samsung Galaxy A55 may lead to anticipation of its imminent arrival. However, going by a report earlier this month, it might launch later than expected in the second quarter of the year beginning in April. The upcoming offering’s predecessor debuted in mid-March last year.

The leaked renders of the Samsung Galaxy A55 reveal a boxy design with a metal frame replacing the plastic one from its predecessor. This will give the phone a premium look. There is a protrusion on the right side which Samsung calls ‘Key Island’ and the back panel has three vertically stacked camera sensors. We also exclusively shared renders of the smartphone revealing it in three color options.

As per Geekbench, the Samsung Galaxy A55 will reportedly be powered by an Exynos 1480 SoC paired with an AMD GPU and 8GB RAM option.


[ad_2]
Source link

Netflix: Everything You Need To Know

0
[ad_1]

Netflix is really the first streaming service that existed. It has been streaming movies and TV shows since around 2007. Though the service has been around since 1997, when it would mail out DVDs to customers to watch movies and TV shows, and they could return it whenever they wanted.

Now, Netflix is one of the biggest streaming services, and it’s available virtually everywhere in the world. It boasts over 200 million paid subscribers worldwide, and it does even still offer DVDs. Though that’s a pretty small part of their business at this point.

Netflix transitioned from a company that licensed content from studios to one making its own content in the early 2010s. Now it does still do some content licensing, but a majority of its new content is original content made specifically for Netflix.

Without further ado, here’s everything you need to know about Netflix.

Netflix AM AH

What is Netflix?

Netflix is a streaming service (and a production company) which launched on August 29, 1997. Originally, it offered movies and TV shows on DVDs that could be mailed out to its subscribers. For a monthly fee, you could get up to 3 DVDs at once. Keep them as long as you wanted, and once you returned them, Netflix would send out a new title from your queue that you picked out.

In 2000, when Blockbuster was actually doing well, it declined a chance to buy Netflix. Of course, Netflix is around today and Blockbuster isn’t. Well at least not in its original form. There is still a single Blockbuster location left in Bend, Oregon. Considering Blockbuster could have bought Netflix for $50 million, that would have been a steal. As Netflix has a market cap of $82 billion right now (and that’s after its stock price has been cut by more than half in 2022, partly due to losing subscribers for the first time in a decade and the entire stock market entering a bear market).

Netflix is now a streaming service that offers millions of hours of content that you can stream. It does still offer DVDs that can be mailed out. Though that is a pretty small part of their business now. And likely only being used by those in remote parts of the US and other countries where broadband internet is still fairly slow and not great for streaming.

It has grown to become one of the largest streaming services in the world, though Disney+ and HBO MAX aren’t far behind it.

How much does it cost?

Netflix now has three plans. It’s really two plus an ad-supported plan. But they are three different prices. Netflix debuted its ad-supported plan last year, which is now the cheapest. Here’s the pricing for all of the plans.

  • Standard with ads – $6.99/month
  • Standard – $15.49/month
  • Premium – $22.99/month

The standard and Standard with Ads plans are essentially the same; really, the only difference is ads. Both give you up to 1080p resolution, and the non-Ads plan provides the ability to download content to watch offline on up to two devices.

Then there’s the Premium plan. This one doubles to four screens simultaneously, and you can download it on up to four different devices. It also supports streaming in 4K HDR resolution.

Netflix has also cracked down on password sharing, so you can add an extra member to your plan for $7.99 each per month on the Standard and Premium plans. This is not available for the Standard with Ads plan because it’s actually cheaper to get your own plan at $6.99 versus paying for the extra member.

How can I get it for free?

T-Mobile does give its customers Netflix for “free.” T-Mobile prefers not to say “free”, instead say its “included”. But there are a few caveats here.

It’s available on the new Go5G Next and Go5G Plus plans (it’s still available on some Magenta plans, however). You can get “Netflix on Us” with either plan, which starts at $90 per month for a single line.

Screenshot 2023 11 08 at 9 11 34 AM

The Essentials plan and the entry-level Go5G plan do not include Netflix, because these are significantly cheaper.

Password sharing

Because Netflix keeps going up in price, many people resort to password sharing and share their account with multiple people, and split the price too. So if you have the Premium plan and share with four people, that breaks down to about $5 per month. Which isn’t bad. Netflix knows this is an issue and is working on cracking down on password sharing.

In late 2022, it plans to start charging those that do share passwords a bit more for Netflix, or forcing them to get their own plans. Netflix now allows you to add an extra family member for $7.99 per month on the Standard and Premium plans. The Standard with Ads plan does not allow this, and it makes sense. Since Standard with Ads is $6.99 per month and the extra family member is $7.99 per month.

Ads are here

Netflix has finally added ads. After many, many years of not having any ads. There’s now an ad-supported tier that will cost you $6.99 per month. It’s a pretty decent price, but there are a couple of caveats here. Not every thing that is available on Netflix is available on this plan. Netflix says “all but a few movies and TV shows are available”. But the reason for this is because of the way content is licensed. Studios are able to license content as ad-free and separately as ad-supported. And the majority of the content that Netflix licensed was for ad-free streaming. They have since worked to renegotiate and change these licensing deals, so most content is available on this plan now.

You’ll see ads before and after each show or movie. They aren’t that bad, especially in comparison to some other services out there. Netflix will also let you download titles on two supported devices at a time, and you can watch in full HD or 1080p. Finally that sub-HD tier is gone from Netflix.

Where is Netflix available?

It is available virtually everywhere. Netflix does not have an official list for countries at this time, but says that it is available in over 190 countries. And notes that it is not available in China, Crimea, North Korea, Russia and Syria. The usual countries that American companies aren’t available in, basically.

The catalog of movies and TV shows does vary based on where you are located. So you might see more titles available in Canada that aren’t available in the US. Part of this comes down to the fact that different studios own rights to different titles in different countries. So Netflix may have the rights to a title in the UK, but not in Mexico. That’s where the use of a VPN comes in. Many will use a VPN to be in another country and watch Netflix from that country.

Does Netflix offer games?

Netflix does actually offer a few games. In late 2021, Netflix announced that it had launched five games within the Netflix app on Android and iOS. Those include:

  • Stranger Things: 1984 (BonusXP)
  • Stranger Things 3: The Game (BonusXP)
  • Shooting Hoops (Frosty Pop)
  • Card Blast (Amuzo & Rogue Games)
  • Teeter Up (Frosty Pop)

Netflix is planning to make more games based off of the intellectual property that they own. Like with Stranger Things, which is a very popular title for the company. You can learn more about Netflix games here.

What content does Netflix offer?

Netflix has so many movies and TV shows that you can watch. Whether these are licensed from other studios, or are Netflix Originals.

Each month, we update our “What’s coming to Netflix this month” article with all of the new titles heading to Netflix, so you can see what is on the way. There’s usually a good 100 or so titles coming each month. So there’s always a new slate of titles available for you to watch.

Some of the bigger names for Netflix include Selling Sunset, Tiger King, Stranger Things, House of Cards, and Bridgerton.

Netflix uninstall AM AH 1

What platforms is it available on?

At this point, Netflix is available on virtually every platform out there. That includes:

  • Android
  • Android TV
  • Google TV
  • Apple TV
  • iOS
  • iPad
  • Web Browsers: Google Chrome, Opera, Safari, Microsoft Edge, Firefox
  • PlayStation 4
  • PlayStation 5
  • Xbox One S
  • Xbox One X
  • Xbox Series S
  • Xbox Series X
  • VIZIO Smart TVs
  • LG Smart TVs
  • Samsung Smart TVs

Just to name a few. The only really major caveat is projectors that have Android TV. Netflix certifies devices in a way that makes it impossible for most projectors to get Netflix installed if they are using Android TV. Basically, the product needs to sell a million units before it will certify it. And most projectors don’t sell anywhere near that.

Can I still rent physical DVDs?

No.

In September 2023, Netflix ended its DVD service. It was announced back in April of 2023 that it would be ending this service. Netflix CEO, Reed Hastings stated that “our goal has always been to provide the best service for our members, but as the DVD business continues to shrink, that’s going to become increasingly difficult.”

Seeing as most people don’t have a DVD player anymore, this makes sense. Many are going to be streaming instead, since you can watch movies instantly, instead of waiting for Netflix to mail it to you.

Should I sign up for Netflix?

So here’s the million dollar question, should you sign up? That’s becoming a tougher and tougher question these days. As Netflix is continuing to raise prices. And spending more on content – content that a lot of people don’t watch. While also cancelling a lot of their most popular shows after a season or two.

Our take is that you should sign up and check out the service. See if it is right for you. There is a lot of content available compared to other services – except maybe HBO MAX. So try it out, and see if you like it. That’s the beauty with streaming services, is you can try it out and cancel it pretty easily. In fact, we have a tutorial on how to cancel Netflix here.


[ad_2]
Source link

How to lock out your ex-partner from your smart home

0
[ad_1]

Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no doubt have many positive uses, smart home devices give stalkers an array of tools to keep an eye on their targets.

If you are the partner that stays in the house you shared together, you need to make sure that you lock out your ex-partner. This may seem unnecessarily painful at first, but it’s better to be safe than sorry. Your ex doesn’t need to be a hacker when he still has access.

Consider the apps you have shared from your phone. Some of these apps can be queried for information about where, when, and with which device they were last accessed. If you want to keep those apps, make sure you have full control and nobody else has access.

Any camera in your house surely stores more footage about you and your family than of any burglar and this footage is usually stored in the cloud. That means it can be viewed by anyone who has correct login credentials. And, when most people think of security cameras and baby monitors, they will ignore less obvious smart appliances.

A smart doorbell can give away who comes to visit you and when. The setting of your smart thermostat can reveal whether you are at home, in your bed, or if you went out for a while. Even smart lighting systems may give away information about your location inside the house or whether you’ve gone out. Your ex will know some of your habits and can use that to interpret the information provided by smart appliances.

Other smart appliances that may reveal information about you or your whereabouts include your TV, coffee maker, oven, refrigerator, and cleaning robot. Someone could also use these smart appliances to make your life miserable. They may be able to remotely turn up the heat, flash your lights, defrost your refrigerator, set a timer for your oven, and so on.

How to lock out your ex-partner from your smart home

There may be more smart appliances in your house than you realize. So, it’s important to make a list and get familiar with their settings, so you can:

  • Change the passwords to previously shared accounts.
  • Make sure that your ex doesn’t have access to the email address any “password reset” mails get sent to.
  • Terminate shared social media accounts.
  • Review access to your Google, iCloud, and email accounts. A malicious stalker with access to such important accounts can ruin your life.
  • Log out devices that are not yours from any app your ex may have had access to.
  • Scan your phone for stalkerware if your ex may have had access to the device.
  • Check your phone for apps that have access to location data and ask yourself whether they actually need them. (see below for instructions).

How to disable location services

On iPhones you can turn location services off completely at Settings > Privacy & Security > Location Services. Here you can also see, and control, individually which apps and system services have access to Location Services data.

On Android devices these settings can be different based on vendor and Android version, but generally speaking one of these methods should work to access Location settings:

Swipe down from the top of the screen and find the Location icon. Touch and hold Location

In the Settings app > press Location

Here you can turn Location off or look at the permissions for each individual app.


We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using Malwarebytes Identity Theft Protection.


[ad_2]
Source link

Some Galaxy S24 Ultra colors are facing extended delivery times

0
[ad_1]

After announcing the Galaxy S24 series on January 17, Samsung immediately opened pre-orders for the new flagships in most global markets. Pre-orders will continue until January 31, with general sales and delivery beginning the next day. The new flagships are selling in volume, it seems, particularly the Ultra model. For some color variants of the phone, the waiting time is longer than a month.

The Galaxy S24 Ultra is selling like hotcakes

Samsung released the Galaxy S24 Ultra in seven different colors. The Titanium Black, Titanium Yellow, Titanium Violet, and Titanium Gray are available globally across all retail channels. However, the Titanium Green, Titanium Blue, and Titanium Orange are exclusive to the company’s official website. These colors aren’t available on third-party stores or even carriers, meaning you can only buy them unlocked.

For the first few days into the pre-order period, Samsung expected to deliver all purchases through its website by January 31. However, we recently checked to find that the Yellow and Black colors now have an expected delivery date of March 6. It is March 8 for the Gray and Orange colors. That’s an extra waiting time of almost five weeks. The other three color variants are still available for a January 31 delivery.

Samsung Galaxy S24 Ultra delayed delivery date

Note that this only applies to the Galaxy S24 Ultra purchased through Samsung’s official website. Third-party retailers such as Best Buy and Amazon still mention an early shipping date of January 31 for all colors of the phone. The same goes for carrier-locked units purchased directly from carriers. The Galaxy S24 and Galaxy S24+ have a January 31 delivery date across all retail channels.

If anything, this suggests high demand for the Galaxy S24 Ultra. Samsung likely already allocated a substantial number of units to its retail partners and is now running out of stock itself. However, we expect the company to ramp up the production of the colors that are selling more. With high competition in the market, the Korean firm wouldn’t want to put off prospective buyers due to a delayed delivery. It could also divert some stock from its partners who aren’t selling as much as it forecasted.

Place your pre-order as early as possible

If you are considering buying the Galaxy S24 Ultra, you might want to place your pre-order as soon as possible. Samsung is currently offering a $100 instant credit, a free storage upgrade, and trade-in bonuses for all pre-orders of the phone. Not only will you save money from this promotion, but placing your order early will also ensure that the phone reaches you at the earliest possible. You can buy the Galaxy S24 Ultra from Samsung’s website by clicking the button below.

Buy Galaxy S24 Ultra


[ad_2]
Source link

Get ready for another Netflix Price Hike Soon

0
[ad_1]

It’s a brand new year, which means a Netflix price hike is on the horizon. It seems that every year, Netflix is raising prices again, and the company basically confirmed that another one is coming in its quarterly earnings report on Tuesday.

In the company’s letter to shareholders, Netflix mentioned, “As we invest in and improve Netflix, we’ll occasionally ask our members to pay a little extra to reflect those improvements, which in turn helps drive the positive flywheel of additional investment to further improve and grow our service.”

Previously, Netflix had said that it would not raise prices again until at least the middle of 2024. But Netflix could feel like it has the momentum to raise prices again, as Netflix added nearly three million subscribers in the US and Canada at the end of 2023. It now sits at just over 260 million subscribers.

Netflix just spent $5 billion on WWE’s Monday Night Raw

Earlier on Tuesday, Netflix and the WWE announced that it reached a deal to carry Monday Night Raw on the platform. The deal is valued at $5 billion over 10 years, so that’s about $500 million per year for a single 3-hour TV show, which is pretty incredible for WWE. However, someone needs to pay for that, and that’s always going to fall on the customer.

So after this news broke, many speculated that Netflix’s prices were about to go up again, and here we are. Netflix has spent a lot of money on original content, only to cancel much of it after a season. But this deal with the WWE is a pretty incredible one. Outside of the US, it will carry all of the Premium Live Events like the Royal Rumble this Saturday and Wrestlemania, as well as the entire library of WWE content. In the US, that will all still be on Peacock until at least March of 2026. And a few other countries where WWE has deals with other partners – like Sony in India.

Actually, this is a big win for both Netflix and the WWE. Moving from the USA Network, where it has been for a good number of years, to a streaming platform like Netflix allows the WWE to have a larger audience. Around 100 million households have Netflix in the US, and the USA Network is available in about half of those, especially as cord-cutting really takes over. The WWE is already huge, but this deal is going to allow them to grow even more. For Netflix, this is the start of live sports, something the company has wanted to dabble into for quite some time but lost out on NBA rights, as well as NFL Sunday Ticket.

Netflix plans to eliminate the ‘Basic’ plan

As if that wasn’t enough Netflix news, the company also announced today that it is eliminating its “Basic” plan, which currently costs $11.99. It’s basically the ads plan but ad-free. So instead, Netflix will be dropping to three plans, which include the “Basic with Ads” for $6.99 per month, with Standard at $15.49 per month, and Premium at $22.99 per month.

It’s worth noting that Netflix stopped letting new subscribers sign up for the Basic plan in Canada last year. So the writing was already on the wall.

The plan will be phased out for new and rejoining members. So, if you are currently on this plan, you should be able to keep it, at least for now. Netflix notes that about 40% of all Netflix sign-ups are for the ads plan.


[ad_2]
Source link

Hackers Deploy Malicious npm Packages to Steal SSH Key

0
[ad_1]

Two malicious npm packages were discovered on the npm open source package manager, which leverages GitHub to store stolen Base64-encrypted SSH keys obtained from developer systems that installed the malicious npm packages.

In recent weeks, two suspicious npm packages, namely warbeast2000 and kodiak2k, were discovered in multiple versions. As of writing, both the packages were removed from npm in January.

ReversingLabs stated that between 2020 and the end of 2023, the overall number of malicious packages discovered on open-source package managers increased by 1,300%.

A rising part of this trend is the hosting of malicious command and control infrastructure on the GitHub version control platform.

Document
Free Trial

Open Suspicious Files & Links in the ANY RUN Sandbox Safely; Try All Features for Free. Understand malware behavior, collect IOCs, and easily map malicious actions to TTPs — all in our interactive sandbox.

Malicious Packages Target Developer SSH keys

The warbeast2000 package, according to researchers, was made up of only a few components and was not particularly complex. Warbeast2000’s corresponding npm page was simple and did not openly imitate any other package.

“There were eight versions (1.0.0 – 1.0.8), with new elements being added to the package with each new version. The package author was in the process of building out the malware and adding layers of deception. Fortunately, the package was detected and removed from npm before that could happen”, ReversingLabs Shared with Cyber Security News.

After the victim’s machine was installed with the final version of the package, a postinstall script would be activated, retrieving and running a JavaScript file.

The malicious script, in its second stage, read the private SSH key that was kept in the id_rsa file, which was found in the <homedir>/.ssh directory.

The Base64-encoded key was then uploaded to a GitHub repository under the attacker’s control. The package did not exhibit any other actions other than obtaining and copying the id_rsa SSH key.

Malicious second stage from warbeast2000 private SSH key
Malicious second stage from warbeast2000 private SSH key

Once the package is installed, kodiak2k executes a postinstall script. That script launches another JavaScript file that it has downloaded. Except for the first few, kodiak2k had over 30 versions, all of which were harmful, in contrast to warbeast2000.

Similar to warbeast2000, that script searches for a key called meow while reading everything in the <homedir>/.ssh directory.

It’s unclear if meow was just a placeholder name for the package throughout development or if the developer had a specific key in mind.

“When and if the meow file was located, the key contained in it would be encoded in Base64 and uploaded to a GitHub repository, as with the warbeast2000 package”, researchers said.

It was discovered that later iterations of kodiak2k ran a script in a GitHub repository that had been archived and contained the Empire post-exploitation framework. The script can dump credentials from process memory by launching the Mimikatz hacking tool.

In September 2023, Sonatype researchers tracked the npm registry campaign, extracting Kubernetes configurations and SSH keys via npm packages. Their automated system found about 14 malicious packages.

Hence, developers and development organizations should evaluate the security of software or libraries discovered on package managers such as npm or PyPI before incorporating them to make sure they are safe to use.


[ad_2]
Source link

Artificial Intelligence Heightens Ransomware Threat, UK Cyber Security Center Warns

0
[ad_1]

The report outlines that Artificial Intelligence (AI), currently utilized by cybercriminals, is lowering entry barriers for less experienced threat actors, including hackers-for-hire and hacktivists.

In its Risk Register 2023 report, the UK government designated AI as a “Chronic Risk.” Now, the National Cyber Security Centre (NCSC) has warned about the escalating global ransomware threat, attributing the rise to the increasing incorporation of Artificial Intelligence (AI) in malicious cyber activities.

The recently released AI-Cyber Threat Assessment by NCSC highlights the role of AI in amplifying both the volume and impact of cyber attacks. Amid the success of OpenAI’s ChatGPT, it is crucial to note that malicious threat actors have exploited the chatbot, giving rise to the creation of nefarious AI-powered counterparts such as WormGPT and FraudGPT.

The report outlines that AI, currently utilized by cybercriminals, is lowering entry barriers for less experienced threat actors, including hackers-for-hire and hacktivists. This empowerment enables more efficient access and information-gathering operations, thereby expanding the reach of cyber threats. The heightened accessibility and AI’s ability to refine victim targeting are anticipated to intensify the ransomware threat globally over the next two years.

Ransomware remains a pervasive cyber threat for UK organizations and businesses, prompting cybercriminals to adapt their strategies for increased efficiency and profit. In response, the UK Government has committed £2.6 billion through its Cyber Security Strategy to strengthen the nation’s resilience.

James Babbage, Director General for Threats at the National Crime Agency, said:

“Ransomware continues to be a national security threat. As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cybercriminals.

“AI services lower barriers to entry, increasing the number of cybercriminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.

“The NCA will continue to protect the public and reduce the serious crime threat to the UK, including by targeting criminal use of GenAI and ensuring we adopt the technology ourselves where safe and effective.”

James Babbage – National Crime Agency (NCA)

According to the report, both the NCSC and private industry are actively incorporating AI into cybersecurity practices, focusing on advanced threat detection and security by design. “The dangers posed and damages caused by ransomware attacks are also acknowledged by the United States. Therefore, in November 2023, a 40-country alliance was announced to collectively combat the evolving threat.”

Suid Adeyanju, CEO of Riversafe, and a cybersecurity expert, emphasized the critical need for organizations to enhance their threat intelligence. Adeyanju urged a comprehensive strategy that combines advanced technologies with increased observability. Stressing the importance of thorough training for all staff, he emphasized the growing risk cyber threats pose to unprepared businesses.

The UK, hosting the AI Safety Summit at Bletchley Park in November 2023, endorsed The Bletchley Declaration. This initiative, a global effort, aims to address risks associated with AI’s cutting-edge developments and promote its secure and responsible advancement.

The thriving AI sector in the UK, currently employing 50,000 individuals and contributing £3.7 billion to the economy, aligns with the government’s commitment to advancing the national economy and job market in tandem with technological progress, as outlined in the Prime Minister’s five key priorities.

  1. 5 Biggest Ransomware Attacks of All Time
  2. Lessons from the Holy Ghost Ransomware Attacks
  3. FBI and CISA Issue Joint Advisory on Snatch Ransomware Threat
  4. Kaspersky Reveals Alarming IoT Threats and Dark Web DDoS Boom
  5. White House Cybersecurity Strategy: Software Firms Liable for Breaches

[ad_2]
Source link