Mark Zuckerberg wants to build Artificial General Intelligence (AGI)

0
[ad_1]

Mark Zuckerberg is planning more AI as the focus of global tech majors shifts to artificial intelligence. He announced, via a post on Threads, that his company, Meta, is entering the race to develop an artificial general intelligence (AGI) system. Notably, Mark Zuckerberg is a key figure in the tech world, known for creating Facebook, the first widely used social media platform. It’s still in operation today and continues to be the most popular social media platform. That’s why, his words carry weight in the industry. And if he’s planning to create AGI, it’d be something discussed largely.

Mark Zuckerberg’s next mission is to build artificial general intelligence (AGI)

Billionaire Mark Zuckerberg announced Meta’s ambitious plan to develop its advanced artificial intelligence, specifically aiming for AGI. Those wondering what’s that, it’s a type of artificial intelligence that can potentially surpass human intelligence in diverse domains.

Meta CEO further expressed Meta’s intention to not only leverage this advanced AI internally but also to make it available for external developers to use. Open source it. Zuckerberg explained further in a video on Threads. He said that if we want better computer programs like chatbots and tools for creators and businesses, we need to make an ingenious computer system. He believes that it’s time to create a kind of computer intelligence that can understand and do a lot of different things.

There’s no timeline, though

He briefly mentioned that this change is going to help the company speed up its research work. Eventually, this will make the metaverse – which is like a virtual space where people can interact – even better. One should note that there’s no fixed timeline. But, if we recall Meta’s Chief AI scientist’s previous remarks. Yann LeCun had previously said that AGI (Artificial General Intelligence) is decades away.

To power this super-smart system, Zuckerberg mentioned they’re planning to use about 350,000 special computer chips. They also want to bring together their two big research groups, FAIR and GenAI, to work faster. By the end of the decade, Zuckerberg thinks that many people will use smart glasses (like the ones they’re making with Ray-Ban Meta) to interact with these super-smart computers.

Meanwhile, other tech majors like Microsoft, Google, and Amazon are not lagging behind. However, some people are worried about the possible problems these super-smart computers could cause. And that’s something to keep an eye on.


[ad_2]
Source link

Snapdragon & Exynos availability by country

0
[ad_1]

As many of you know, Exynos SoC is back on Samsung’s flagships. Samsung announced its three new flagships a couple of days ago, and two of them come in Exynos variants, the Galaxy S24 and Galaxy S24+. In this article, we’ll break down which countries are selling Snapdragon Galaxy S24 variants, and which offer Exynos models.

Before we get down to that, do note that the Galaxy S24 Ultra comes with the Snapdragon 8 Gen 3 for Galaxy globally. Every country that offers the device comes in that variant, so that’s why we’ll focus on the other two phones.

The Galaxy S24 & S24+ ship in both Snapdragon and Exynos models, here’s their availability by country

That being said, the other two devices in question are the Galaxy S24 and Galaxy S24+. The Snapdragon variants of those two smartphones are available in the US, Canada, China, South Korea and Hong Kong.

If you get either of the two devices in Europe, the UK, India, Dubai, or any other region not mentioned about, you’ll find the Exynos 2400 on the inside. The Exynos makes a comeback after skipping the Galaxy S23 flagships entirely.

The Exynos 2400 is a powerful SoC, but people are skeptical due to previous generations

Based on the specs, the Exynos 2400 is a truly powerful processor, but people are skeptical based on its predecessors. Flagship Exynos chips have been trailing behind their Snapdragon counterparts for years.

The performance difference was truly noticeable with the Galaxy S22 series, for example. We do hope that the same won’t be the case this time around. We only got the chance to use the Snapdragon 8 Gen 3 variants of the Galaxy S24 thus far.

The Snapdragon 8 Gen 3 and Exynos 2400 do have rather different specs. Both should offer flagship-grade performance based on that, however. Let’s just hope that neither will get too hot, and/or throttle in the process.


[ad_2]
Source link

Google Bard to adopt Imagen as its image generation tool

0
[ad_1]

Google is expanding its generative AI offerings with an upcoming image generator for Google Bard, as revealed in an unreleased changelog dated January 18.

Following the footsteps of tools like the Search Generative Experience (SGE) and Slides, users will be able to create images by entering a few words that describes the image. This new capability is expected to be powered by Google’s Imagen family of models. Imagen is known for their ability to produce high-quality, photorealistic images.

In December, Google introduced Imagen 2, boasting significantly improved image quality. The technology aims at enterprise use cases, such as logo generation or creating images with text overlays.

Google Bard’s image generator is expected to follow safety features similar to those in SGE. The latter, introduced in October, allows users to “draw” or “sketch” prompts directly into the Search field, generating four images at a time.

Just like SGE, Google Bard will also block results with notable people and explicit content

SGE ensures safety by blocking the generation of harmful, misleading, or explicit content. Bard will also restrict prompts featuring notable people or photorealistic faces, reports 9to5Google. Additionally, each generated image will get a metadata labeling and invisible watermarking using Google’s SynthID.

Google Slides and Meet, the latter for custom backgrounds, already incorporate user-facing image generation through Duet AI. The forthcoming addition of an image generator to Bard extends the accessibility of AI-generated content across various Google services.

By adding further descriptions to image captions in Imagen 2’s training dataset, Google is enhancing image-caption understanding. It will allow for more accurate and contextually nuanced image generation.

Moreover, Imagen 2 addresses common challenges faced by text-to-image tools, such as rendering realistic hands and human faces. The technology incorporates a specialized image aesthetics model. It is based on human preferences, ensuring that generated images align with qualities preferred by users. These advancements collectively contribute to Imagen 2’s improved ability to generate high-quality and realistic images.

The move aligns with Google’s broader strategy of integrating advanced AI technologies across its suite of services.


[ad_2]
Source link

Serious Vulnerability Spotted In Various Bosch Thermostat Models

0
[ad_1]

Researchers spotted a severe security vulnerability in the Bosch thermostat that exposed users to privacy risks. Exploiting the flaw allowed malware to be installed on target devices.

Bosch Thermostat Vulnerability Risked Users’ Security

According to a recent post from Bitdefender, their researchers discovered a significant security vulnerability affecting Bosch thermostat models.

Identified as CVE-2023-49722, it existed due to how the device assembles the microcontrollers. As Bitdefender explained, the thermostat has two microcontrollers – a Hi-Flying chip, HF-LPT230, that implements the Wi-Fi functionality, and an STMicroelectronics chip, STM32F103, which implements the main logic but exhibits no WiFi capability of its own. Instead, it relies on the Hi-Flying chip for WiFi, which triggers the vulnerability.

The WiFi chip leverages the UART data bus to communicate messages to the main controller and also listens on the TCP port 8899 on the LAN. Thus, it becomes possible for an adversary to execute malicious actions. As stated in the post,

This means that, if formatted correctly, the microcontroller can’t distinguish malicious messages from genuine ones sent by the cloud server. This allows an attacker to send commands to the thermostat, including writing a malicious update to the device.

Configuring malicious updates on the target device is easy because of unsecured communication between the thermostat and the server.

The thermostat communicates with the connect.boschconnectedcontrol.com server through JSON encoded payloads over a websocket. The packets sent by the server are unmasked, making them easy to imitate.

The researchers have also explained in their post how a potential adversary could introduce malicious updates to the target device. Once done, the attackers could execute any desired malicious action through the compromised IoT device, threatening users’ privacy.

Bosch Patched The Flaw

Following the bug report, Bosch acknowledged the vulnerability and started working on a fix. Yet, their observations and the subsequent patches seemingly differ from what Bitdefender reported.

Specifically, the researchers mentioned Bosch BCC100 thermostat (SW version 1.7.0 – HD Version 4.13.22) as the vulnerable device. However, Bosch mentioned the models BCC101, BCC102, and BCC50 as the vulnerable thermostat models in its advisory, clearly specifying the safe status of the BCC100 thermostat.

Consequently, the firm patched the security issue (opened port 8899) with the WiFi firmware 4.13.33 update, closing port 8899. While the update should reach all eligible devices automatically, users must still check their respective thermostats for any firmware updates to receive the patch in time.

Let us know your thoughts in the comments.


[ad_2]
Source link

First clamshell foldable from Xiaomi is one step closer to launch

0
[ad_1]

The very first clamshell foldable smartphone from Xiaomi is now one step closer to launch. The phone not only appeared in a regulatory filing, but that filing confirmed that it will offer satellite connectivity.

The first clamshell foldable from Xiaomi is coming, and it’s now one step closer to launch

The Xiaomi MIX Flip, which is allegedly the name of this phone, appeared over at MIIT in China. It appeared under the model number 2311BPN23C. That model number appeared on IMEI database earlier and has been linked with the ‘Mix Flip’ name. Once released, the name will likely be ‘MIX Flip’, though.

A tipster did say, a while back, that this device is an “extremely thin and portable” clamshell foldable. We don’t really know a lot about the device thus far, though. Back in September, a sketch of the device appeared, but we’re not sure that is legit. It looks a bit odd, in all honesty.

Some rumors shared the alleged processor this phone will use. The Xiaomi MIX Flip will allegedly ship with the Snapdragon 8 Gen 2 SoC. So, not the latest and greatest from Qualcomm, but not far from it.

The Xiaomi MIX Flip will launch this year

In regards to its launch timeframe, several rumors said we can expect it in 2024. The device is expected to arrive at some point this year, but we’re not sure when. Considering that it already appeared on several certification websites, it could launch in the first half of 2024.

You can expect this device to have rather powerful specs, though not be the most powerful foldable Xiaomi released. That title will most likely be kept by the Xiaomi MIX Fold 3.

We do expect the device to offer two or three cameras on the back, and a rather nice main display with a 120Hz refresh rate. A secondary panel will also be included, but we don’t know how large will it be.

Knowing Xiaomi, fast charging will be a part of the offering, though we’re not sure about wireless charging. The Xiaomi MIX Fold 3 does have it, but the Xiaomi MIX Flip may omit it, we’ll see.


[ad_2]
Source link

Meta launches “nighttime nudges” to remind teens it’s time to go to sleep

0
[ad_1]
Meta introduced a lot of new features specifically designed for teens using social apps like Facebook, Instagram, and Messenger. From parental supervision tools to more privacy features, Meta has been trying to limit teens’ access to unwanted interactions and content on its social platforms.

Today, the social giant announced yet another new feature that won’t be limiting access to any content but rather remind teens that it’s time to … go to bed. Suggestively named “nighttime nudges,” the new feature is meant to make it easier to manage the time teens and families spend on Meta’s apps.

For once, Meta recommends a big category of users that spending time on its apps when they should be sleeping is unhealthy. The new nighttime nudges will have been designed to show up when teens have spent more than 10 minutes on Instagram in places like Reels or Direct Messages late at night.

The nighttime nudges function as a reminder for teens that it’s late, and encourage them to close the app. Obviously, that’s not going to happen in many cases, but at least Meta is trying to convince teens to do the right thing. Perhaps some will heed the “Time for a break” warning.


[ad_2]
Source link

FBI & CISA Warns of Critical Infrastructure Risk by Chinese Drones

0
[ad_1]

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have raised a red flag: Chinese-made drones pose a significant risk to the security of critical infrastructure in the United States.

While any UAS can harbor vulnerabilities, the concern escalates with Chinese models.

The People’s Republic of China (PRC) wields a legal arsenal that grants its government unprecedented access to data held by Chinese companies. 

This translates to a potential goldmine of sensitive information gleaned from drones operating within American borders.

Document
Free Webinar

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

This data-hungry approach isn’t just theoretical. 

The PRC views information as a strategic resource, actively seeking to acquire it through various means, including UAS. 

Their national security laws empower domestic companies to cooperate with intelligence services, granting them a backdoor to data collected globally.

Imagine the chilling scenarios that unfold: drone-captured footage of critical infrastructure layouts landing in the hands of Chinese authorities, compromising sensitive intellectual property, or worse, exposing vulnerabilities that pave the way for targeted cyberattacks or physical sabotage.

Beyond the Horizon: Vulnerabilities that Lurk

The threat isn’t limited to overt data collection. UAS are riddled with potential entry points for malicious actors. 

Data transfer points through smartphones and connected devices offer avenues for unauthorized infiltration. 

Patching and firmware updates, often controlled by Chinese entities, could harbor hidden vulnerabilities, silently siphoning off critical information.

This extends beyond just sensitive data. UAS expands the attack surface, capturing imagery, surveying data, and facility layouts – a treasure trove for foreign adversaries seeking to gain an intelligence advantage.

The potential consequences of unchecked Chinese-made UAS use are staggering. 

Compromised intellectual property could cripple businesses, exposed infrastructure vulnerabilities could cripple critical services, and stolen network access could pave the way for devastating cyberattacks.

This isn’t merely a hypothetical risk. The White House’s National Cybersecurity Strategy and intelligence assessments paint a stark picture of the PRC as a persistent cyber threat, actively seeking to exploit any avenue for advantage.

Mitigation Strategies for a Safe Sky

In the face of this complex threat landscape, organizations utilizing UAS must prioritize secure-by-design systems. 

Government agencies, especially, are urged to transition to systems compliant with federal mandates, minimizing reliance on potentially compromised technology.

Comprehensive cybersecurity recommendations provide a roadmap for a robust defense. From secure network segmentation and Zero Trust architecture to rigorous firmware update protocols and operator training, these measures collectively strengthen the digital walls protecting sensitive information.

A secure supply chain is equally crucial. Understanding the origin and legal landscape surrounding UAS manufacturers provides a vital context for assessing potential risks. 

Implementing SCRM programs and SBOM reviews further bolsters the integrity and resilience of the entire UAS ecosystem.

Effective cybersecurity isn’t a one-time fix; it’s a continuous journey. 

Regular vulnerability assessments, configuration management, and log analysis provide the vigilance needed to stay ahead of emerging threats.

Try Kelltron’s cost-effective penetration testing services to evaluate digital systems security. Free demo available.


[ad_2]
Source link

A Tool For Open-source Investigations

0
[ad_1]

OSINVGPT is an AI-based system that helps security analysts with open-source investigations and tool selection. While this tool was developed by “Very Simple Research.”

This tool can assist security analysts in gathering relevant information, sources, and tools for their investigations. It even helps researchers produce reports and summaries of their results. 

Document
Free Webinar

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

OSINVGPT is available on ChatGPT and is useful for security researchers as it saves both time and effort.

Key aspects

Here below, we have mentioned all the key aspects that OSINVGPT can do:-

  • Data Analysis
  • Interpretation
  • Guidance on Methodology
  • Case Studies
  • Examples
  • Document Analysis
  • Fact-Checking
  • Verification
  • Recommendations Based on External Sources
  • Ethical Considerations

OSINVGPT’s data analysis and interpretation involve examining information from diverse open sources to form readable narratives and address specific queries. At the same time, guidance is offered on conducting transparent and accurate open-source investigations. 

Detailed insights and suggestions are provided using real-world examples within the knowledge base. Appropriate data is analyzed and extracted from the uploaded documents for open-source investigations. 

To ensure investigation accuracy, assistance is given in fact-checking using open-source data. Recommendations based on external sources are provided for queries beyond the direct knowledge base, with a focus on ethical considerations in open-source investigations for responsible conduct.

Moreover, if you want, you can access the OSINVGPT tool from here for open-source investigation.

Related Read:

  1. Researchers Uncovered a New Flaw in ChatGPT to Turn Them Evil
  2. ChatGPT Reconnaissance Techniques for Penetration Testing Success
  3. FraudGPT: A New Dark Side AI Tool For Cyber Criminals
  4. WormGPT: Cybercriminals AI Tool Gained Over 5,000 Subscribers in Just a Week
  5. Promptmap – Tool to Test Prompt Injection Attacks on ChatGPT Instances

Try Kelltron’s cost-effective penetration testing services to evaluate digital systems security. Free demo available.


[ad_2]
Source link

170,000+ Android TVs Hacked by Bigpanzi Bot to Launch DDoS

0
[ad_1]

Android TVs are widely used, and due to their wide adoption, threat actors frequently target them for unauthorized access or data theft.

In Android smart TVs, the vulnerabilities in outdated software or third-party apps can be exploited.

The interconnected nature of the smart or Android TVs makes them potential targets for the threat actors seeking to compromise user privacy or launch broader attacks within home networks.

Cybersecurity researcher Alex.Turing, Acey9, and rootkiter recently discovered more than 170000 Android TVs were hacked by the “Bigpanzi” bot to Launch DDoS attacks.

Document
Free Webinar

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

Bigpanzi Bot Hacks 170,000+ Android TVs

A sneaky ELF sample dubbed “pandoraspear” was recently discovered by security researchers with zero detection on VirusTotal. It primarily hides the C2 domains, but analysts managed to catch them and found 170,000 daily active bots, mainly in Brazil.

Botnet nodes across Brazil (Source -Xlab Qianxin)
Botnet nodes across Brazil (Source -Xlab Qianxin)

The group fought back with DDoS and host file manipulations. They aimed at Android devices with malicious scripts and APKs, exposing a major cybercrime syndicate named “Bigpanzi.” 

Their scheme involves luring users to install apps and turning devices into nodes for illegal streaming, DDoS, and piracy. Bigpanzi goes beyond DDoS by hijacking TVs for real-world attacks, like the UAE incident on December 11, 2023, showing conflict footage. 

The Bigpanzi-controlled devices pose a serious threat by broadcasting violent or propaganda content by risking social order.

Security researchers found the downloader domain ak.tknxg.cf in the Pcdn sample. The Google search unveiled two leads, “device upgrade instructions” and “repair guidance.” 

Noteworthy was the YouTube channel:-

  • https[:]//www.youtube[.]com/@customersupportteam49

This YouTube channel was filled with official-sounding device operation videos. FoneStar’s RDS-585WHD page harbored eCos firmware b0a192c6f2bbd7247dfef36665bf6c88, matching Pcdn’s DDoS task names, branding it “official firmware embedded with malware.” 

Discovery of an “official video account” and “official malware-infused firmware” fueled speculation on Bigpanzi’s true identity.

Botnet with 100,000 is likely larger, and Bigpanzi bot infects Android and eCos platforms using three methods.

Here below we have mentioned those three methods:-

  • Pirated movie & TV apps (Android)
Pirated movie & TV apps (Source -Xlab Qianxin)
Pirated movie & TV apps (Source -Xlab Qianxin)
  • Backdoored generic OTA firmware (Android)
Backdoored generic OTA firmware (Source -Xlab Qianxin)
Backdoored generic OTA firmware (Source -Xlab Qianxin)
  • Backdoored “SmartUpTool” firmware (eCos)
Backdoored 'SmartUpTool' firmware (Source -Xlab Qianxin)
Backdoored ‘SmartUpTool’ firmware (Source -Xlab Qianxin)

Moreover, to infect the devices that are running Android or eCos systems,  the Bigpanzi spreads backdoored firmware via several STB, DVB, and IPTV forums.

Countermeasures

Here below, we have mentioned all the countermeasures:-

  • Modified UPX Shell
  • Dynamic Linking
  • OLLVM Techniques
  • Anti-Debugging Mechanism

Besides this, cybersecurity analysts identified “Fl00dce690167abeee4326d5369cceffadaaf,” which is a DDoS Builder. 

The operational interface has a ‘slave’ button for configuration that generates bot samples for STB, Linux, and Windows. Initially doubted Bigpanzi’s DDoS involvement, but DDoS Builder discovery confirms long-term engagement. 

However, no tracked attack commands suggest a focus shift to lucrative content business lines, Android TV, and STBs. The adaptability of Bigpanzi highlighted its evolution in the threat landscape.

Bigpanzi operated covertly and managed to collect wealth for eight years which resulted in a vast network of samples, domains, and IPs. Complex connections exist due to code and infrastructure reuse.

Try Kelltron’s cost-effective penetration testing services to evaluate digital systems security. Free demo available.


[ad_2]
Source link

Not getting previews with your iOS Gmail notifications? Use this fix now to bring them back

0
[ad_1]

For the last couple of days I noticed that instead of getting notifications with previews from Gmail on my iPhone, I would see a banner with the Gmail icon that said “You have a new message.” This forced me to open the Gmail app every time this notification would appear on my screen in order to see who sent me the Gmail. I have no idea what brought this on and after doing some research, it appears that this is an issue that is more widespread than I originally thought.

The same thing happened to a Reddit user after he updated his iPhone 13 mini to iOS 17 more than a month ago. Another Reddit subscriber noticed the same thing was happening to him today after updating to iOS 17.2.1. Two days ago, this happened to an iPhone 13 Pro owner while three days ago, an iPhone 14 Pro owner experienced the loss of Gmail previews on his iPhone 14 Pro. I had installed iOS 17.2.1 last month when it was first released so I know that an iOS update was not responsible for the loss of Gmail previews on my iPhone.
If this has happened to you, fear not. There is a workaround that fixed my iPhone 15 Pro Max and I am now receiving Gmail preview notifications once again. Here is what you do. Open the Gmail app and tap the three-line hamburger icon on the left side of the search bar on the top of the display. Scroll up and tap on Settings. Press Email notifications and that will bring up a box with three options: All new mail, High priority only, and None. Tap on None and then tap on Done at the upper right corner of the display. Turn off your iPhone.

After a minute or two, turn your iPhone back on and follow the directions above to return to the Email notifications in Gmail. This time, select from either All new mail or High priority only. Hit  the Done button in the upper right corner, and that is it. You will get Gmail notifications with previews once again. And to reiterate, this morning I was getting the notifications without the previews. After trying the fix, previews returned to my Gmail notifications.

If you’re suffering from this problem, try the fix now and let us know if it brought previews back to your iOS Gmail notifications.

[ad_2]
Source link