Rabbit R1 is a dedicated AI companion device shown off at CES 2024

0
[ad_1]

A lot of innovative tech announcements have been leaping in at the ongoing CES 2024 over the last few days. A new AI startup called Rabbit also announced a dedicated AI companion device called Rabbit R1. It doesn’t aim to replace smartphones but can run apps on the user’s behalf. Its primary goal is to act as a bridge between users and their smartphones. Rabbit says that the R1 is quite similar to AI-based voice assistants but the main difference is that it can learn intricate tasks and do them for the user.

Rabbit R1 is a dedicated AI companion device with a retro look

While smartphones and voice assistants can do a lot of tasks, Rabbit CEO Jesse Lyu says that the apps and functions have stripped away their simplicity. The R1 is pretty straightforward and a simple device. It has an Orange-colored retro look that weaves nostalgia. The device is half the size of a smartphone. It features a 2.88-inch touchscreen display, a unique rotatable camera eye, and a side button for navigation and interaction. There are also far-field microphones for voice command input. The physical button is used to talk to the built-in assistant similar to a walkie-talkie.

Although the Rabbit R1 is not a smartphone, under the hood, it is powered by a 2.3GHz MediaTek Helio P35 processor paired with 4GB RAM and 128GB storage. Users can also initiate phone calls with WiFi and cellular connectivity via the SIM card slot.

The R1 runs on the LAM model

Rabbit R1

The Rabbit R1 runs on the company’s Rabbit OS. The software is based on the Large Action Model (LAM) compared to ChatGPT’s large language model. It does not come with built-in apps but instead connects to services to carry out requests. This is because the device is only meant to serve as an assistant and help you get things done. Users need to authorize the R1 to access apps on their behalf. This happens through a web portal called Rabbit Hole where users can log in to their services. Rabbit says that it does not store any user data and authentication happens on the device. Users can unlink accounts and delete stored data at any time.

The Rabbit R1 can control music playback, book a cab, buy groceries, and do some more tasks. The device also comes with a dedicated training mode which allows users to train the AI to get specific tasks done. Lyu demonstrated this by teaching the R1 how to use Photoshop and said that it takes the Rabbit OS 30 seconds to process.

Rabbit R1 is already sold out showing strong interest in the device

The Rabbit R1 carries a price tag of $199 in the US with the pre-orders currently live. It is expected to start shipping in March. The company on January 12 announced that two batches of 10,000 R1 have been sold out. The third batch is now available with expected delivery date between May and June. This shows that the AI companion device has garnered a strong interest.

With the Rabbit R1 and Humane’s AI Pin, it’s likely that we will see new gadgets built around AI.


[ad_2]
Source link

Vivo X Fold 3 could become the lightest book-style foldable

0
[ad_1]

HONOR currently has the lightest book-style foldable smartphone on the market, the HONOR Magic V2. Do note that both glass and vegan leather models are lighter than 240 grams, but the vegan leather model is lighter at 231 grams. With that in mind, it seems like Vivo could take the crown. Based on a new rumor, the Vivo X Fold 3 could become the world’s lightest book-style foldable.

The Vivo X Fold 3 could become the lightest book-style foldable around

This information comes from Digital Chat Station, one of the best-known and most accurate Chinese tipsters. Considering the source, it’s not difficult to believe it. The tipster not only revealed the weight range in his post but also the thickness. Do note that he didn’t specifically mention the Vivo X Fold 3, but he did recently mention that phone and claimed that it will be very light for what it is, so that’s where GizmoChina’s assumption is coming from.

In any case, the Vivo X Fold 3 will weigh 22x grams. In other words, it will weigh under 230 grams, and thus be lighter than the HONOR Magic V2. It will be 5mm thick when unfolded, and 10.5mm thick when folded.

It won’t be thinner than the HONOR Magic V2, though

The thinnest Magic V2 model is 4.7mm thick when unfolded, and 9.9mm when folded. So HONOR’s handset will retain the crown in the thickness department, it seems.

The Vivo X Fold 2 arrived in April last year. We’re not sure if Vivo will wait as long to release its successor, but it’s possible. The Vivo X Fold 3 is either coming towards the end of Q1 or in early Q2 this year.

The phone will likely be fueled by the Snapdragon 8 Gen 3, but nothing has been confirmed thus far. Some rumors even stated that we may get two Vivo X Fold 3 devices this year, a regular one and a ‘Pro’ one.

The Vivo X Fold 3 could remain exclusive to China

Do note that the Vivo X Fold and Vivo X Fold 2 didn’t reach global markets. Both smartphones remained exclusive to China. We’re hoping that will change with the Vivo X Fold 3, but let’s wait and see.


[ad_2]
Source link

Nuclear battery aims to make smartphone charging obsolete

0
[ad_1]

Some of you may think that the title of this article is clickbait, but it’s not. A Chinese company called ‘Betavolt Technology’ is working on a nuclear battery that may make smartphone charging obsolete.

This nuclear battery could make smartphone charging obsolete

The company is actually working on a nuclear battery for various devices, not just smartphones. Various miniature batteries are planned. These batteries could hold a charge for 50, yes FIFTY years.

This company says that it pioneered the “miniaturization of atomic energy batteries”. To give you more insight, Betavolt Technology actually stuffed 63 nuclear isotopes into a module smaller than a coin. That model is called BV100, and it can produce 100 microwatts of electricity.

Furthermore, this nuclear battery can provide a voltage of 3V, and it measures only 15 x 15 x 5mm. If you need more than one, the company says that they can be joined together. So if we’re talking about devices that need more of them.

Betavolt nuclear battery 1

These batteries use radioactive decay to produce electricity

These batteries actually use radioactive decay in order to generate electricity. It’s similar tech to those used in pacemakers and spacecrafts. Companies stayed away from this tech due to radioactive elements, such as plutonium.

In order to appease such concerns, Betavolt opted to build a version of the battery with a diamond semiconductor layer and a decaying nickel isotope. Betavolt Technology claims that there’s absolutely zero radiation leaking out, and that there are no toxic elements in the mix. This approach will also make sure they don’t explode, and they can operate in extreme temperatures from -60 to 120 degrees Celsius.

Betavolt Technology does hope that its batteries could make charging smartphones obsolete. Needless to say, that would be a huge step forward. By 2025 Betavolt Technology wants to make tiny batteries that are capable of producing one watt.

These batteries are about ready for mass production

Do note that the prototype of the company’s battery has graduated to the pilot stage, and could hit mass production soon. The dream could be closer than we thought.


[ad_2]
Source link

WhatsApp to bring additional text formatting tools, including bullets and quotes

0
[ad_1]
WhatsApp is always working on new features, some that we only learn about when the company releases them to the public. However, more often than not we do have information about what’s coming to WhatsApp thanks to the beta program that the app has been running for a very long time.

If you’re not running the beta version of WhatsApp, we have the latest news about what’s expected to come to the app in the not-so-distant future. Thanks to the fine folks at WabetaInfo, we now know that WhatsApp plans to add new text formatting tools.

The report mentions additional options such as bullets, code, quote, and lists. As you take advantage of these new options, the text will be formatted as you type in the chat bar.

The new text formatting tools have been rolled out in the beta version of WhatsApp, but only on Android. It’s yet unclear if these will be made available on both iOS and Android platforms at launch, nor when exactly WhatsApp will finish testing them.


[ad_2]
Source link

Feast your eyes on the Porsche Design HONOR Magic V2 RSR

0
[ad_1]

HONOR has announced its first product that comes from a partnership with Porsche Design. The device in question is called the Porsche Design HONOR Magic V2 RSR. It was launched in China, alongside the HONOR Magic6 and Magic6 Pro.

The Porsche Design HONOR Magic V2 RSR is official, and it comes as a surprise

The vast majority of us were expecting a Porsche Design HONOR Magic6 Pro to arrive, mainly due to rumors. HONOR did something else entirely, as almost nobody was expecting the HONOR Magic V2 collab.

The HONOR Magic V2 launched last year in China. Soon after its launch, it was shown off at IFA in Berlin. The phone is expected to launch globally soon, and prior to that, this Porsche Design model arrived.

Based on what we can see here, the Porsche Design HONOR Magic V2 RSR is very similar to the regular Magic V2. The difference lies on its back, as it looks different. Not only is the backplate different, but so is the camera island. On top of that, you’ll find the Porsche Design branding back there.

This phone’s backplate is “intricately reminiscent of the hood of a Porsche 911”

This backplate is “intricately reminiscent of the hood of a Porsche 911”, says HONOR. The company also says that it improves the grip of the phone, which is an added improvement, as the glass model is extremely slippery. The phone is available in one color, the Agate Grey, which is the color of a Porsche car.

The two companies also say that they “refined the choice of materials” here. The phone weighs only 234 grams and it’s 9.9mm thick. It comes with the industry’s first Anti-scratch NanoCrystal Shield.

The device has plenty of RAM & storage

The specifications remain unchanged compared to the regular HONOR Magic V2. This variant does top-out RAM and storage, though. It comes with 16GB of LPDDR5X RAM and 1TB of UFS 4.0 flash storage.

The Snapdragon 8 Gen 2 fuels the phone, while a 7.92-inch main display is used. That panel has a resolution of 2156 x 2344, and it’s an OLED display with up to 120Hz refresh rate. The cover display measures 6.43 inches, and it has a resolution of 2376 x 1060. That is also an OLED screen with up to 120Hz when it comes to resolution.

66W wired charging is supported, while three cameras sit on the back

A 5,000mAh battery is included here, while the phone supports 66W wired charging. A charger is included in the box. A 50-megapixel main camera (f/1.9 aperture, OIS, EIS) is backed by a 50-megapixel ultrawide camera (f/2.0 aperture). A 20-megapixel telephoto camera (40x digital zoom) also sits on the back of the phone. A 16-megapixel selfie camera is used here, on both displays.

There are two SIM card slots here, and Android 13 comes pre-installed. HONOR’s MagicOS 7.2 is also a part of the package. IR blaster is included, while the phone supports 5G connectivity and Bluetooth 5.3.

It goes on sale in China today, and it’s quite pricey

The Porsche Design HONOR Magic V2 RSR goes on sale in China today. Its pricing starts at CNY15,999 ($2,252). We’re not sure if the company will release this handset globally, but it’s possible, as the Magic V2 is coming to global markets.


[ad_2]
Source link

This isn’t Monopoly money: Google Play to host more RMG (real-money gaming) apps

0
[ad_1]

More and more RMG apps will find a new home on Google Play, states the latest piece from the Android Developers Blog. RMG stands for real-money gaming and basically, it embodies any online game where money is staked on the outcome.

As 9to5Google reminds us, Google allowed gambling and betting Android apps to appear in the Play Store in 2021 in markets with pre-existing licensing frameworks. “Since then, this app category has continued to flourish with developers creating new RMG experiences for mobile”, Google says and adds:

Google Play will launch the expanded RMG support in June to developers for users in India, Mexico, and Brazil. Later, the plan is to expand to more countries, if everything goes well.

Google Play’s existing developer policies supporting user safety, such as requiring age-gating to limit RMG experiences to adults and requiring developers to use geo-gating to offer RMG apps only where legal, remain unchanged. “We’ll continue to strengthen them”, the blog reads. In addition, Google Play will continue other key user safety and transparency efforts such as “expanded developer verification mechanisms”.

What’s more, there will be a service fee. Previously, the RMG apps had to be free to install and couldn’t use Google Play Billing, but this will change, as Google states: “We are working closely with developers to ensure our new approach reflects the unique economics and various developer earning models of this industry. We will have more to share in the coming months on our new policy and future expansion plans”.


[ad_2]
Source link

Qbot Malware Via FakeUpdates Leads of Malware Attacks

0
[ad_1]

Hackers use Qbot malware for its advanced capabilities, including keylogging, credential theft, and backdoor functionality.

Previously distributed Qakbot malware campaign was capable of monitoring the browsing activities of the infected computer and logs all information related to finance-related websites.

Qbot also enables the threat actors to create a persistent presence on infected systems, along with facilitating:

  • Further malicious activities
  • Potential financial gains

Cybersecurity researchers at Checkpoint recently discovered that threat actors actively use Qbot malware via FakeUpdates, leading to the race for malware attacks.

Document
Free Webinar

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

Technical analysis

Four months after Operation Duck Hunt’s takedown, the Qbot malware was revived in December 2023. FakeUpdates topped the Threat Index and was found to be hitting the education sector hard. 

Qbot resurfaces in a phishing attack on the hospitality sector, posing as IRS. Meanwhile, the DLL-triggered Qbot dominated for 10 months before its takedown.

FakeUpdates claims the top spot with a 2% global impact, while Nanocore holds third for six months. However, there are new entries that are from:

Qbot was spotted in the wild in less than 4 months post-infrastructure takedown. This shows that disrupting malware isn’t enough, as threat actors always adapt. 

These are the reasons why researchers in the field of cybersecurity highly encourage firms to perform the following:

  • Implement proactive endpoint security
  • Perform thorough email scrutiny

Besides this, the following vulnerabilities are the most exploited, as they affect organizations globally:

  • Apache Log4j Remote Code Execution (CVE-2021-44228) affects 46% of organizations globally.
  • Web Server Malicious URL Directory Traversal affects 46% of organizations globally. 
  • Zyxel ZyWALL Command Injection (CVE-2023-28771) affects 43% of organizations globally.

Top Malware Families

Here below, we have mentioned all the top malware families:

  • FakeUpdates
  • Formbook
  • Nanocore
  • Remcos
  • AsyncRat
  • AgentTesla
  • Phorpiex
  • NJRat
  • Ramnit
  • Glupteba

Top Exploited Vulnerabilities

Here below, we have mentioned all the top exploited vulnerabilities:-

  • Apache Log4j Remote Code Execution (CVE-2021-44228)
  • Web Servers Malicious URL Directory Traversal (CVE-2010-4598,CVE-2011-2474,CVE-2014-0130,CVE-2014-0780,CVE-2015-0666,CVE-2015-4068,CVE-2015-7254,CVE-2016-4523,CVE-2016-8530,CVE-2017-11512,CVE-2018-3948,CVE-2018-3949,CVE-2019-18952,CVE-2020-5410,CVE-2020-8260)
  • Zyxel ZyWALL Command Injection (CVE-2023-28771)
  • Command Injection Over HTTP (CVE-2021-43936, CVE-2022-24086)
  • PHP Easter Egg Information Disclosure (CVE-2015-2051)
  • MVPower CCTV DVR Remote Code Execution (CVE-2016-20016)
  • WordPress portable-phpMyAdmin Plugin Authentication Bypass (CVE-2012-5469)
  • OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160, CVE-2014-0346)
  • HTTP Headers Remote Code Execution
  • D-Link Multiple Products Remote Code Execution (CVE-2015-2051)

Top Mobile Malware

Here below we have mentioned all the top mobile malware:-

Top-Attacked Industries Globally

Here below, we have mentioned all the top-attacked industries globally:-

  • Education
  • Research
  • Communications
  • Government
  • Military

Looking for cost-effective penetration testing services? Try Kelltron’s to assess and evaluate the security posture of digital systems. Free Demo


[ad_2]
Source link

HONOR Magic6 announced with Snapdragon 8 Gen 3 & Android 14

0
[ad_1]

The HONOR Magic6 arrived alongside its ‘Pro’ sibling today. The two phones are quite similar in terms of the design, but rather different when specs are concerned. They launched in China, while the global launch is expected later on. More on that later. That being said, let’s focus on the design of the Magic6 first, shall we?

The HONOR Magic6 is very similar to its sibling, but there are differences

The HONOR Magic6 is made out of metal and glass just like its sibling. It has a similar-looking camera island on the back, which is easy to differentiate from other phones. The thing is, the HONOR Magic 6’s camera island is a bit smaller than the Magic6 Pro’s.

This handset has a curved display on the front, with minimal bezels. It also has a hole punch which is centered at the top of the display. In that sense, it’s a bit sleeker-looking than the ‘Pro’ model, but it loses the 3D facial scanning functionality.

There is a 6.78-inch display included on the phone. This panel is curved and has a resolution of 2800 x 1264 pixels. It’s an LTPO AMOLED display, and its refresh rate can go from 1 to 120Hz. A 4,320Hz PWM dimming is included here too, to protect your eyes.

The Snapdragon 8 Gen 3 fuels this phone, while fast wired & wireless charging is also included

The Snapdragon 8 Gen 3 SoC fuels the phone, the same chip as on the HONOR Magic6 Pro. Both 12GB and 16GB RAM variants of the phone are available. The 12GB RAM model comes with 256GB of storage, while the 16GB RAM variant is available in both 256GB and 512GB storage flavors.

 

HONOR included a 5,450mAh battery inside of this phone. The device supports 66W wired charging and 50W wireless charging. A charger is included inside the retail packaging, by the way.

A 50-megapixel main camera (f/1.9 aperture, OIS) is backed by a 50-megapixel ultrawide camera (f/2.0 aperture). The third camera on the back is a 32-megapixel telephoto unit (f/2.4 aperture, OIS, 50x digital zoom). On the front, you’ll find a 50-megapixel wide-angle camera (f/2.0 aperture).

Android 14 comes pre-installed on the phone with HONOR’s brand new MagicOS version

Android 14 comes pre-installed on the device, along with HONOR’s MagicOS 8.0. Two SIM card slots are included, and the phone does support facial scanning, but only via the front-facing camera. A fingerprint scanner sits under the display. 5G is also supported, as is Bluetooth 5.3.

This handset launched in China, but it’s almost certainly coming to global markets. It could launch globally next month, during the MWC 2024. That hasn’t been confirmed yet, though, so take it with a grain of salt.

The HONOR Magic6 comes in Black, Glacier White, Lake Blue, Cloud Purple, and Epi Green colors. Its pricing starts at CNY4,399 ($619) in China.


[ad_2]
Source link

Hackers Actively Exploited Ivanti 0-Day to Execute Arbitrary Commands

0
[ad_1]

Invati Connect Secure (ICS) and Ivanti Policy Secure Gateways have been discovered with two new vulnerabilities associated with authentication bypass and command injection.

The CVEs for these vulnerabilities have been assigned as CVE-2023-46805 and CVE-2024-21887. The severity of these vulnerabilities has been given as 8.2 (High) and 9.1 (Critical), respectively.

However, Ivanti has released a security advisory to address these vulnerabilities along with the patched version of the products.

It was also mentioned that Ivanti neurons for ZTA gateways cannot be exploited in production. UTA0178 actively exploited these vulnerabilities.

Exploitation in the Wild

According to the reports shared with Cyber Security News, a threat actor actively exploited these two vulnerabilities to steal configuration data, download remote files, and create a reverse tunnel from the ICS VPN appliance.

Moreover, the threat actor made several changes to the system to evade the ICS integrity checker tool. 

In addition, the threat actor backdoored a legitimate CGI file on the ICS VPN appliance to enable command execution over the compromised system.

The attacker also modified the Web SSL VPN JavaScript file to keylog and extract users’ login credentials.

Document
Free Webinar

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

Courses of the Incident

A curl command was for outbound connections to an IP Geolocation service through ip-api[.]com to Cloudflare’s 1.1.1.1 IP address. Additionally, reverse SOCKS proxy and SSH connections were established and downloaded from compromised Cyberoam appliances. 

Lateral movements were also noticed through compromised credentials to connect to internal systems through RDP, SMB, and SSH. Furthermore, there was also the transfer of multiple webshell variants, termed as “GLASSTOKEN”, to Internet-accessible web servers and systems that were only internally accessible.

The attacker created and executed several files from the system’s /tmp/ directory, which were no longer on disk at the time of analysis. A list of the following paths was excluded on the list of Integrity Checker Tool,

  • /tmp/rev
  • /tmp/s.py
  • /tmp/s.jar
  • /tmp/b
  • /tmp/kill

During the course of the incident, Volexity distributed a few malicious files and tools, the most of which comprised of webshells, proxy utilities, and file alterations that allowed credential harvesting. This was despite the fact that Volexity observed the attacker practically living off the land for the most part.

  • In numerous instances, the attacker used compromising credentials to enter onto workstations and servers and dump LSASS process memory to disk via Task Manager.
  • The attacker extracted further credentials offline by exfiltrating this output.
  • The attacker accessed a system with Virtual Hard Disk backups, including a domain controller backup. After mounting this virtual hard disk, they extracted the Active Directory database ntds.dit file and compressed it using 7-Zip.
  • The attacker found a running Veeam backup software instance and used a GitHub script to steal passwords.
  • As said, the attacker updated JavaScript on the ICS VPN Appliance’s Web SSL VPN login page to steal credentials.

A complete report about this incident has been published, providing detailed information about the threat actor’s activities, webshell information, and others.

ValueEntity_typeDescription
206.189.208.156ipaddressDigitalOcean IP address tied to UTA0178
gpoaccess[.]comhostnameSuspected UTA0178 domain discovered via domain registration patterns
webb-institute[.]comhostnameSuspected UTA0178 domain discovered via domain registration patterns
symantke[.]comhostnameUTA0178 domain used to collect credentials from compromised devices
75.145.243.85ipaddressUTA0178 IP address observed interacting with compromised device
47.207.9.89ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
98.160.48.170ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
173.220.106.166ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
73.128.178.221ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
50.243.177.161ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
50.213.208.89ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
64.24.179.210ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
75.145.224.109ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
50.215.39.49ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
71.127.149.194ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network
173.53.43.7ipaddressUTA0178 IP address observed interacting with compromised device tied to Cyberoam proxy network

Looking for cost-effective penetration testing services? Try Kelltron’s to assess and evaluate the security posture of digital systems – Free Demo


[ad_2]
Source link

YouTube may have removed the iMessage mini-app for iOS devices

0
[ad_1]

It appears that YouTube might have removed the iMessage mini-app that allows iPhone and iPad users to send videos directly from chat without having to leave the Messages app.

The latest YouTube app update released earlier this week mentions changes like improved performance and bug fixes, but it may have also removed the iMessage mini-app.

The folks at 9to5mac confirm that the iMessage mini-app for iPhone and iPad is no longer available after the latest YouTube update, but at this time it’s impossible to tell whether or not this is something temporary.

It’s been nearly seven years since the iMessage mini-app has been added to YouTube. Unfortunately, it never became popular among iOS users, even though the app allowed them not just to send YouTube videos directly from the chat without leaving the Message app, but they could also watch videos using the native YouTube app.

Let us know in the comments if the feature disappears for you after updating the YouTube app to version 19.01.1. Although it might be hard to guess YouTube’s plans about the iMessage mini-app without an official statement.


[ad_2]
Source link