Microsoft patched a critical Windows 11 vulnerability, so you can rest easy

0
[ad_1]

Using computers is notoriously unsafe, as there are always people out there looking to inject your system with harmful software. Not to fearmonger, but that’s the case, and we rely on companies delivering fixes to software that put us at risk. Thankfully, Microsoft patched a critical vulnerability in Windows 11 that could have compromised a lot of people.

The company posted about this issue in a recent blog post letting people know that it addressed the issue. It centered around the ms-appinstaller URI scheme. Basically, this is a protocol in the system that would install apps directly onto your computer without you needing to download the install packages. It saves space on the computer and makes getting apps much easier.

Microsoft said that threat actors were using “engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme.” Using this protocol, the threat actors could then install malicious software onto the victim’s computer. So, several users could have malware installed on their computers without even knowing.

Microsoft fixed this Windows 11 vulnerability

Rest assured, the issue has been fixed. The company wouldn’t release information about it if it wasn’t already patched up. In order to fix the problem, Microsoft had to disable the protocol. This means that the software won’t automatically install the MSIX packages. People who want to install those files will need to download the packages to their computers and install them manually. This way, your system’s local antivirus software will be able to scan the package before the installation.

It’s unfortunate that the company had to disable this feature in order to keep the system safe, but it’s important that the software is safer for users. We’re not sure if the company is working on bringing that feature back to Windows 11 in the future with security improvements.

If you want to know if your system is at risk, you can read this section of the blog post.


[ad_2]
Source link

Samsung Galaxy Tab Active 5 renders & specs leaked early

0
[ad_1]

Samsung is gearing up to launch a new rugged Android tablet, the Galaxy Tab Active 5. The slate will be available in Wi-Fi and cellular (5G) connectivity variants. It has already picked up several regulatory approvals, revealing key specs in the process. A major leak has now bared its renders, showing us its design from various angles. We also have the full spec sheet of the tablet.

Leak reveals Galaxy Tab Active 5 renders and detailed specs

The Galaxy Tab Active 5 is a compact rugged tablet aimed at the budget segment. Measuring 126.8 x 213.8 x 10.1mm in dimension and 433g grams in weight, it is a highly portable product that can withstand harsh environments. The device features navigation buttons and has sizeable bezels around the display. The home button doubles up as the fingerprint scanner. There appears to be a rubber bumper along the edges to protect the screen during falls.

The back plate, which is user-removable, is seemingly made of metal and has groves for a strong grip. It is held in place with screws, so anyone can unscrew and lift it off the tablet. The battery underneath the back plate is also user-removable. We can see groves along the edges too. the bottom edge has a speaker grille, a microphone hole, a USB Type-C port, and a 3.5mm headphone jack. There is a second microphone at the top.

The right side of the Galaxy Tab Active 5 has three physical buttons—the volume controllers at the top, the power button below them, and a third user-customizable Active Key. Users can customize the latter to quickly launch an app or execute any other function. Overall, the device has a strong body and is purpose-built for outdoor use. We are expecting IP68 dust and water resistance and MIL-STD-810H-grade durability. The built-in S Pen is equally tough.

You get a modest set of specs here

The Galaxy Tab Active 5 isn’t a premium offering. Samsung has equipped it with an 8-inch WUXGA (1920 x 1200 pixels) display with Corning Gorilla Glass 5 protection. It’s a TFT LCD panel with enhanced touch sensitivity for use under rain or with gloves on. The tablet features a 13MP camera on the back with autofocus, LED flash, and 4K video recording capabilities. The selfie camera sitting next to the earpiece is a 5MP unit.

The tablet should run Android 14 out of the box, with Samsung’s in-house Exynos 1380 chipset under the hood. The 5nm SoC has four Cortex-A78 performance cores clocked at 2.4GHz and four Cortex-A55 power-efficient cores at 2.0 GHz. The company is readying the device in 4+64GB and 6+128GB storage configurations. The Galaxy Tab Active 5 supports microSD cards up to 1TB, so you can always increase the storage capacity externally.

The user-replaceable battery has a typical capacity of 5,050mAh. Although unspecified in the new report, we are expecting 25W wired charging here. Other reported specs include Wi-Fi 6, Bluetooth v5.3, NFC, Dolby Atmos audio, and Samsung Knox security. Samsung will ship the Galaxy Tab Active 5 with an Anti-Shock Protective Cover in the retail box. We don’t yet have the launch date and pricing structure for the upcoming rugged tablet.


[ad_2]
Source link

Microsoft Edge stopped 127 million phishing attacks this year

0
[ad_1]

Microsoft Edge is striving hard to gain momentum. This year, the company has packed its browser with several useful tools, including Copilot. This follows Microsoft’s in-app attempt to bash you when you try downloading Google Chrome. But that’s the least to speak of. Microsoft recently released the Edge stats for 2023, showing how people use the browser in everyday life. Some revelations that caught our eyes are, as follows. First, Edge and Bing users used Copilot more than 1.9 million times. It’s the era of AI. So, here comes another: the users generated over 1.8 billion AI-generated images. The best part of this report is, Microsoft Edge notably saved users from over 127 million phishing attacks.

Microsoft Edge saved users from over 127 million phishing attacks

As the internet advanced and technology became more accessible, it also opened doors for scammers, data thieves, and others alike. In its latest report, Microsoft claims it stopped over four phishing attacks every second throughout the year.

Microsoft Edge comes with built-in shopping assistants to help users save a few bucks. It released Copilot Shopping services in November which helps find the best deals for any product using prompts. The released stats say the US saved an average of $400 annually, while global shoppers received over $4 billion in savings through Edge.

It doesn’t stop here; Microsoft also offered over 148 million reward points to gamers throughout the year. That’s about the cost of 1,000 years of an Xbox Game Pass Ultimate subscription, as per the company. You can read the full report here for more interesting stats.

All in all, Microsoft’s web browser is surpassing the expectations of users, making a place for itself amid the dominating competition, and trying to reclaim the lost crown. And as Microsoft’s co-founder Bill Gates once said, “Competition is always a fantastic thing, and the computer industry is intensely competitive.” While its plans remain under wraps, Microsoft Edge is likely to integrate more AI tools in the coming months…and years.


[ad_2]
Source link

iPhone Spyware Exploits Obscure Chip Feature, Targets Researchers

0
[ad_1]

The findings came as part of Operation Triangulation, months after Kaspersky discovered that their employees’ iPhones had been hacked by spyware.

Kaspersky Global Research and Analysis Team (GReAT) has discovered an obscure hardware feature likely exploited by hackers during spyware attacks against iPhone users.

The attacks were part of an APT campaign dubbed Operation Triangulation, which has been active since 2019, targeting iOS devices Using zero-click exploits via iMessage, allowing attackers to gain control and access user data. It was discovered by Kaspersky this summer.

The yet publicly undocumented feature is a part of Apple’s system-on-a-chip (SoC) and was probably included in the iPhone for debugging or testing purposes by Apple engineers, or added in the final consumer version mistakenly. Nevertheless, it allowed attackers to bypass protections and hijack devices in attacks targeting Kaspersky senior employees’ iPhones.

The research into Operation Triangulation was conducted by the cybersecurity vendor, Kaspersky. It is worth noting that the operation kicked off when Kaspersky researchers identified that their employees’ iPhones were hacked by spyware.

On December 27, 2023, the company shared the findings in a presentation titled “Operation Triangulation: What You Get When Attack iPhones of Researchers” at the 37th Chaos Communication Congress held in Hamburg and published in a report authored by Boris Larin.

During the presentation, researchers explained that multiple iOS zero-day vulnerabilities (including an RCE issue in Apple’s ADJUST TrueType font instruction CVE-2023-41990 and CVE-2023-38606, a bypass of hardware-based security protections) were exploited to execute code and install a stealthy spyware implant, known as TriangleDB.

These vulnerabilities were used to target iPhones running iOS versions up to iOS 16.6. The most critical of these was CVE-2023-38606 for allowing a JavaScript exploit to bypass the Page Protection Layer.

The attackers used malicious iMessage attachments to exploit a remote code execution zero-day and deploy TriangleDB without user interaction. The infection chain involved multiple checks and log-erasing actions to prevent malware identification. Researchers discovered new attacks/exploits daily, calling it the most sophisticated chain of attack they had ever witnessed.  

“We have discovered and reported more than thirty in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products, but this is the most sophisticated attack chain we have ever seen.”

Kaspersky – GReAT

The obscure feature allowed overriding of hardware-based security to protect the kernel, the core part of an operating system. Attackers could then write data to a specific physical address while “bypassing hardware-based memory protection by writing the data, destination address, and data hash to unknown hardware registers of the chip unused by the firmware.”

The attackers exploited MMIO registers from the GPU coprocessor, bypassing Apple’s DeviceTree ranges to write to memory, bypass protections, and achieve RCE.

iPhone Spyware Exploits Obscure Chip Feature, Targets Researchers
Correlation of the gfx-asc MMIO ranges and the addresses used by the exploit (Kaspersky)

Apple responded by releasing security updates to address four zero-day vulnerabilities impacting various Apple products: CVE-2023-32434, CVE-2023-32435, CVE-2023-38606, and CVE-2023-41990.

However, there are still many unanswered questions, such as the purpose of this feature, how attackers learned to use it considering that the firmware didn’t use it and whether it was developed by Apple or a third-party component like ARM CoreSight.

  1. Hackers Targeting Apple’s M1 Chip with Mac Malware
  2. Turns out iPhone 5c can be hacked with a $100 hardware
  3. Apple Safari Safest, Google Chrome Riskiest Browser – Study
  4. Apple Bug bounty: Earn big for hacking iPhone, other products
  5. iLeakage Attack: Theft of Sensitive Data from Apple’s Safari Browser

[ad_2]
Source link

HONOR Magic6 Pro seemingly appears in HONOR’s video

0
[ad_1]

The HONOR Magic6 series is coming. The HONOR Magic6 Pro is expected to be the most powerful device in the series, and it seemingly just appeared in the company’s promo video.

HONOR shared a promo video via Weibo, promoting the upcoming MagicOS 8.0. That video is quite short, it has a duration of less than 30 seconds. It does show us a glimpse of the OS, and also a mysterious device.

The HONOR Magic6 Pro seemingly shown in HONOR’s latest promo video

You can check out the video here, while we’ve included some screenshots for you below. As you can see, MagicOS 8.0 is presented on the display of a mysterious device. You may think this is one of HONOR’s existing phones. That is possible, but… not likely.

You will notice a pill-shaped cutout at the top, which is centered. That cutout doesn’t really fit any of the company’s newer devices, it’s too short and wide. Last year’s Magic5 Pro model had a pill-shaped cutout too, but a different one, and in the top-left corner of the display.

So, this is either one of the upcoming devices from the company, or just a placeholder. It could easily be the HONOR Magic6 Pro, though. Why? Well, the rumors have been saying it will have a centered pill-shaped cutout. On top of that, the HONOR Magic6 series will debut MagicOS 8.0.

The HONOR Magic6 series will launch on January 10

It all adds up, basically. The HONOR Magic6 series is coming on January 10. That is something HONOR already confirmed. MagicOS 8.0 is confirmed to launch at the same time, and it will come pre-installed on the device.

Thus far, we’ve seen some alleged images of the HONOR Magic6 Pro Porsche Design, but only of the phone’s back, not the front. This video completes the puzzle, presuming this is the HONOR Magic6 Pro, of course.


[ad_2]
Source link

Google to settle lawsuit over Chrome incognito mode tracking

0
[ad_1]

Google has reached a settlement in a lawsuit filed in 2020 over its controversial practice of tracking user activity during Chrome’s incognito mode. Google has apparently designed incognito to allow users to browse and search the internet without saving the browsing history or information entered in forms.

However, many users believe that incognito mode provides complete anonymity from both their Internet Service Provider (ISP) and the websites they visit. The lawsuit sought damages exceeding $5 billion, arguing that Google’s covert data collection from users in incognito mode violated user privacy on a massive scale.

In August 2023, Judge Yvonne Gonzalez Rogers ruled that the case would proceed, citing concerns about Google’s privacy notice and the incognito mode splash screen. The judge questioned whether these communications created a binding promise from Google not to collect user data during private browsing sessions. Additionally, she expressed reservations about Google logging data from users in incognito mode in the same logs as users without incognito mode enabled. Despite Google’s defense that the Chrome browser clearly notifies users about potential data collection when opening a new incognito tab, the case continued.

The terms of the settlement for Chrome’s tracking inside incognito remain undisclosed

Rather than proceeding to a full trial, Google has chosen to settle the lawsuit. While the terms of the settlement remains unrevealed, the agreement is expected to be presented to the court at the end of January, with approval anticipated in February. Google had previously asserted that it would vigorously defend itself against the claims, emphasizing that the Chrome browser explicitly informs users about the possibility of websites collecting information during incognito sessions.

The lawsuit has drawn attention to the perceived discrepancy between user expectations of Google Chrome‘s incognito mode and Google’s data collection practices. In response to the legal scrutiny, Google briefly tested a redesigned incognito page in 2021 but ultimately retained the original design. The settlement reflects Google’s decision to address the legal challenges rather than prolonging the dispute through a trial.


[ad_2]
Source link

OPPO Find X7 flagship series will launch on January 8

0
[ad_1]

Following the OPPO Find X7 and Find X7 Ultra designs, more info just surfaced. The OPPO Find X7 series will launch on January 8, it has been confirmed by the company. The initial launch event will take place in China, though a global launch is also expected this time around.

As a reminder, the OPPO Find X6 series did not make its way to global markets. The OPPO Find X5 series did, however. We do expect to see the OPPO Find X7 series in markets outside of China, though.

The OPPO Find X7 flagship series will launch on January 8, it’s official

In any case, the OPPO Find X7 series will be announced on January 8, during an event that starts at 2:30 PM (China time). That translates to 8:30 AM CET / 7:30 AM BST / 2:30 AM EST / 11:30 PM PST (January 7).

It seems like one of the recent rumors was accurate, the ‘Pro’ model won’t launch at all. Only the OPPO Find X7 and OPPO Find X7 Ultra got listed on the OPPO Shop, and reservations are already opened for Chinese consumers.

There is always a chance that OPPO will use the ‘Pro’ moniker globally, though, we’ll see. As things stand now, however, the ‘Pro’ model is out of the question. OPPO is sticking with vanilla and ‘Ultra’ monikers.

The designs of these two phones are almost identical

The two smartphones in question look almost the same. The one difference you’ll notice is in the camera island on the back, and only if you really pay attention. The layout in there looks the same, but the bottom cutout on the Find X7 does not include a fourth camera. It does on the OPPO Find X7 Ultra.

Also, the OPPO Find X7 Ultra has two periscope telephoto cameras on the back, unlike the OPPO Find X7. Both smartphones will be available in vegan leather + glass combos, while the vanilla model will also come in glass-only (backplate) variants.

This design is basically an evolution of what the OPPO Find X6 Pro brought to the table. It may not appeal to everyone, but it is unique, and most people seem to like it. That camera oreo is very noticeable, but it can also be useful as an anchor for your index finger, if the OPPO Find X6 Pro and OPPO Find N3 are anything to go by.


[ad_2]
Source link

The top 4 ransomware gang failures of 2023

0
[ad_1]

Ransomware gangs care about one thing: Stealing money.

Over time, their craven, cybercriminal efforts have toppled businesses, destabilized hospitals, and ruined lives. Worst of all, they show no sign of slowing down, and their extortion attempts—which no longer focus on ransomware delivery alone—are getting bolder, meaner, and uglier.

As Allan Liska, intelligence analyst at Recorded Future, recently said on the Lock and Code podcast, times have changed.

“There are no protections anymore,” Liska said. “For a while, some ransomware actors [said] ‘No, we won’t go after hospitals, or we won’t do this, or we won’t do that.’ Those protections all seem to have flown out the window, and they’ll go after anything and anyone that will make them money. It doesn’t matter how small they are or how big they are.”

Considering all this, it’s pretty damn nice to see ransomware gangs lose.

As the holidays put people closer to family and friends (and ransomware gangs closer to attacking—seriously, watch out for that), Malwarebytes Labs is sharing some of the brighter moments of 2023 in which ransomware gangs didn’t get what they wanted. And while some of these “victories” still include an unfortunate ransomware deployment, they all have the same result for the ransomware gangs involved: A lost payday.

Here are four times ransomware gangs failed in 2023.

1. The Royal Mail ransomware attack

On January 11, the Royal Mail service in the United Kingdom publicly announced that it had suffered a “severe service disruption” due to a cyber incident. Until the incident was cleared, customers were asked to not send packages or letters overseas.

Within days of Royal Mail’s announcement, news outlets began linking the alleged cyber incident to the ransomware gang LockBit, which, oddly, denied the attack.

But underneath the public reporting, a fascinating negotiation between the cybercriminal gang and its victim would play out for weeks.

On January 12, a representative for Royal Mail makes contact with a cybercriminal for LockBit on a chat hosted in the dark web. The Royal Mail rep is direct, says they work in IT, and, curiously, has a deft command of flattery, referring to LockBit’s work as “pen-testing.” More impressively, the Royal Mail rep immediately takes control of the conversation by implementing one of the most effective strategies in ransomware negotiations: Stalling for time.

Despite LockBit’s constant pushes for urgency, the Royal Mail rep grinds the conversation to a halt, at one point raising a thus-unheard-of concern with LockBit’s decryption key: Yes, it may work on a few sample files, but will it work on really big files?

“My management have heard that your decryptor might not work on large files,” the Royal Mail rep says, deploying yet another stunning negotiation tactic by trying to invoke a manager to deliver difficult news.

After days of back and forth, the LockBit rep returns to the most important issue—payment. LockBit had asked for an astounding $80 million ransom, and, after enough delay, it is time to talk money.

But again, Royal Mail’s rep turns the tables. Yes, the Royal Mail service could possibly make a payment that large, but there is only one problem, the representative says: We’re not Royal Mail.

Shock. Horror. Utter embarrassment. According to the Royal Mail rep, LockBit had attacked the wrong Royal Mail, instead deploying ransomware for a Royal Mail subsidiary, where a more reasonable starting point in ransomware demands should be about $4 million.

At this point, the LockBit rep accepts defeat.

“You are a very clever negotiator,” the LockBit agent says. “I appreciate your experience in stalling and bamboozling.”

We’ll take that as a win.

2. MGM bounces back 10 days after ransomware siege

In Sin City, the house always wins, even when it loses $100 million.

In the late hours of September 11, customers and hotel guests at the Las Vegas resort MGM Grand noticed something was off—literally. On TikTok, a user shared a video showing rows of digital gambling machines with blank, non-functional screens. On the MGM Grand website, online reservations had become inaccessible. And for some unfortunate guests, even their room keys didn’t work.

“Digital keys weren’t working,” said the same TikTok user who shared video of the hotel’s broken digital slot machines. “Had to get physical keys printed.”

MGM Grand had been hit by a ransomware gang named Scattered Spider, a group of cybercriminals that, it would turn out, had already found some luck on the Las Vegas strip.  

On September 14, Caesar’s Entertainment reported in a filing with the US Securities and Exchange Commission that it, too, had suffered a cyber breach, and according to reporting from CNBC, it received a $30 million ransom demand, which it then negotiated down by about 50 percent.

MGM Grand, however, chose a different path. Across 10 hectic days—which included equipping hotel elevators with handheld, two-way radios in case guests encountered any problems—the MGM Grand became operational once more, all without paying a ransom.  

MGM Resorts International later provided a sober estimation of the cost of the recovery effort, expecting a $100 million loss to its third-quarter results, and valid criticism about the hotelier’s security vulnerabilities remain, but in the land of vice and greed, stopping a ransomware gang is a feat that few have accomplished.

3. Qakbot shot down

Duck hunting season came early this year.

In August, an international investigation led by US law enforcement agencies nearly wiped Qakbot from the internet, shutting down a large part of the botnet’s infrastructure, retrieving $8.6 million in cryptocurrency, and removing the botnet’s associated Qakbot malware from hundreds of thousands of infected machines around the world.

When infected with the Qakbot malware, computers would join the Qakbot “botnet,” an army of devices that could be controlled by a cybercriminal gang and pilfered for login credentials. The infected machines would also be susceptible to additional malware, and in the case of Qakbot-infected computers, that additional malware was often the ransomware variant called Black Basta.

Because of this enormous reach, Black Basta consistently appeared in Malwarebytes’ monthly Ransomware Reviews that record the most active ransomware variants across publicly-recorded attacks.

In April, Black Basta was responsible for at least 40 attacks. In September, just one month after Qakbot’s announced takedown, that number dropped to six.

4. ALPHV tattles on its victim to little success

A new wrinkle about modern ransomware attacks is that some of them don’t involve any ransomware at all.

That’s because, years ago, ransomware gangs learned that their malware of choice wasn’t the sole reason that victims paid ransoms. Rather, the ransomware that was deployed was just a digital representation of a highly effective, criminal lever: Extortion.

Since at least 2020, ransomware gangs have implemented a “double-extortion” technique against victims, stealing an organization’s files and threatening to publish them online before also deploying ransomware to encrypt the original copies left behind. More recently, however, ransomware gangs have resorted to just stealing a victim’s data without detonating any ransomware afterwards. The State of Maine, for instance, likely suffered such an attack this year in a data breach that impacted 1.3 million people.

But in November, the ransomware gang ALPHV, also known as BlackCat, tried something different.

Earlier in the month, ALPHV attacked the company MeridianLink. After a few days, MeridianLink showed no sign of paying the ransom, so ALPHV upped the pressure by reporting MeridianLink to, of all places, the US Securities and Exchange Commission (SEC).

To hear ALPHV tell it, MeridianLink was required to report ALPHV’s attack to the SEC because of newly-announced rules from the federal agency that mandate the reporting of any “material cybersecurity incident” within four days.

“It has come to our attention that MeridianLink, in light of a significant breach compromising customer data and operational information, has failed to file the requisite disclosure under Item 1.05 of Form 8-K within the stipulated four business days, as mandated by the new SEC rules,” ALPHV allegedly wrote in their complaint to the SEC.

MeridianLink, however, was unimpressed. After confirming “a” cybersecurity incident, a spokesperson with the company downplayed its severity.

“Based on our investigation to date, we have identified no evidence of unauthorized access to our production platforms, and the incident has caused minimal business interruption,” the MeridianLink spokesperson said. Further, the rules cited by ALPHV were not even in effect, yet, so noncompliance would be impossible.

To date, MeridianLink has not reportedly paid the ransom. More importantly, ALPHV may have learned something the rest of the world already knows: Criminal tactics only gain sympathy within criminal enterprises. Next time, complain to your coworkers, not the federal government.  

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs.
  • Prevent intrusions. Stop threats early before they can even infiltrate or infect your endpoints. Use endpoint security software that can prevent exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like ThreatDown EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

[ad_2]
Source link

OPPO Find X7 & Find X7 Ultra designs shown from all angles, in all colors

0
[ad_1]

The OPPO Find X7 series is right around the corner, and the designs of the devices have just been shown, in detail. The OPPO Find X7 and Find X7 Ultra designs have been shared. These renders are showing the devices from all angles, in all colors.

The OPPO Find X7 & Find X7 Ultra designs have been shown… in all colors

The two phones seem to look the same, at first. If you take a closer look, however, you’ll notice that the OPPO Find X7 Ultra has an extra camera on the back. The bottom cutout on the OPPO Find X7 Ultra includes a fourth camera. You can see that in the renders below the article.

The OPPO Find X7, on the other hand, does not have a camera in that bottom slot. The OPPO Find X7 Ultra will include two periscope telephoto cameras on the back, actually. OPPO is once again going for a quad 50-megapixel setup on the back.

The leaked octagon camera island is nowhere to be found… which is a good thing

In terms of the overall design, it looks much better than initially reported. The octagon camera island that leaked several times won’t be a part of the picture, at all. The OPPO Find X7 series will have a huge camera oreo on the back, as did the OPPO Find X6 Pro, OPPO Find N3, and so on.

Four cutouts are included inside that camera oreo, but only the ‘Ultra’ model has four cameras. The Hasselblad logo is also visible in there. That camera oreo does protrude on the back, but it can be a nice anchor for your finger when you’re holding the phone.

Both the front and the back sides of these two phones will be curved. OPPO is mostly going for a combo of glass and vegan leather on the back here, on both units. The OPPO Find X7 will have an all-glass model too, though.

The OPPO Find X7 Pro seems to be out of the question after all

The images you can see in the galleries below are possibly all the models that we’ll get. It’s interesting that the OPPO Find X7 Pro is not here. It’s possible that OPPO simply replaced the ‘Pro’ moniker with the ‘Ultra’ moniker.

The OPPO Find X7 will come in two vegan leather + glass, and two glass-only variants. The silver + black and silver + brown color combos will be available for the vegan leather + glass models. Black and purple variants will be available for the glass-only OPPO Find X7.

The OPPO Find X7 Ultra, on the other hand, will also have silver + black and silver + brown vegan leather + glass models. The third model will be all black, but it’ll also combine glass and vegan leather on the back.

Another thing to note is that the silver color does look like white in the provided renders. OPPO will use an interesting glass backplate for that silver color, that can reflect light in different ways, it seems.

You can check out all the combos in the two galleries below.

OPPO Find X7:

OPPO Find X7 Ultra:

 


[ad_2]
Source link