DXOMARK tested HONOR 200 series cameras, here are the results

andreasc
-
0
DXOMARK tested HONOR 200 series cameras, here are the results
[ad_1]

As many of you know, we’ve already reviewed the HONOR 200 Pro and were impressed by the phone’s portrait photography prowess. Well, now folks over at DXOMARK got their hands on the HONOR 200 and HONOR 200 Pro and tested the cameras of both smartphones.

Cameras of both HONOR 200 phones got tested by DXOMARK, and the ‘Pro’ did especially well

Before we proceed, do note that these are mid-range phones. These are not high-end devices, so take that into account. Having said that, they are both ranking nicely over at DXOMARK, but the ‘Pro’ model stands out.

It is ranked 33rd in the global camera rankings, however, it’s second in the $400-$600 range. That is a more logical way to look at things when it comes to mid-range phones, of course. Of course, some devices that are 2x or 3x its price have more to offer in the camera department.

In any case, the phone received an overall photo score of 138 and a video score of 134. Bokeh score is 70, Preview is 69, and Zoom 132. In the $400-$600 bracket, it’s second only to the Google Pixel 7, which scored 140 points.

Autofocus, dynamic range, and more were highlighted as its camera strong suits

DXOMARK indicated the phone’s fast and accurate autofocus as one of its strong suits. This is true in all lighting conditions, basically. The exposure was also praised, as was dynamic range. The phone also did a good job of keeping a rather neutral white balance outdoors.

Texture and noise tradeoff was mentioned in outdoor conditions, and well-preserved details on long-range shots.

What about the cons? Well, the phone produced a slightly lower contrast in high dynamic scenes (than expected). Occasional color casts on photos was also a problem, as was slight oversaturation in video.

“Generally low texture-noise compromise in indoor and low-light conditions with some chromatic noise” is another problem, and occasional artifacts (flare, halos, and color quantization).

The HONOR 200 did really well too

The HONOR 200, on the flip side, grabbed the 55th place in global camera rankings, and the 5th place in the $400-$600 bracket. It score 133 points in the photo department, and 121 points in the video department. The total score was 130 points. The phone scored 65 points in the Bokeh department, 61 in Preview, and 124 points in the Zoom department.

If you’d like to take a closer look at both of those tests, they’re linked below.

HONOR 200 Pro camera test (DXOMARK)

HONOR 200 camera test (DXOMARK)


[ad_2]
Source link

Mekotio Banking Trojan Attacking American Users To Steal Financial Data

andreasc
-
0
Mekotio Banking Trojan Attacking American Users To Steal Financial Data
[ad_1]

Active since 2015, Mekotio is a Latin American banking trojan specifically designed to target financial data in regions like Brazil, Chile, Mexico, Spain, and Peru. It exhibits links to the recently disrupted Grandoreiro malware, both likely originating from the same source. 

Mekotio utilizes phishing emails as its primary infection vector. These emails incorporate social engineering tactics to manipulate users into interacting with malicious links or opening attachments. 

Once compromised, a system employs various techniques to steal banking credentials, including logging keystrokes, capturing screenshots, and pilfering clipboard data.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Mekotio uses persistence mechanisms to guarantee its presence on the infected machine.

Mekotio attack chain

A banking trojan targets users through phishing emails disguised as tax agency notifications, which contain ZIP attachments or malicious links. 

Once a user interacts, a PDF attachment opens a malicious link that downloads and executes Mekotio, and upon execution, it gathers system information and connects to a command-and-control server for instructions and tasks. 

Mekotio targets financial information after gaining access to a system, and utilizes phishing tactics to steal credentials through fake login pop-ups designed to mimic legitimate banking websites. 

Mekotio has keylogging, screenshot capture, and clipboard data theft functionalities to gather even more sensitive data.

The malware also implements persistence mechanisms to maintain its foothold by adding itself to startup programs or creating scheduled tasks. 

Banking trojans exploit user trust by mimicking legitimate banking websites, and once a user interacts with the malicious content, the malware steals login credentials and injects them into a real banking website. 

The attackers’ command-and-control (C&C) server, which serves as a central hub and receives the stolen credentials and potentially additional malware instructions, then exfiltrates this information back to it. 

With this stolen banking information, attackers can perform unauthorized actions on the victim’s account, such as initiating fraudulent transactions. 

Users can employ email security practices to mitigate email-borne threats, which include sender verification through email address scrutiny, grammar and spelling checks, and subject line analysis, while links and attachments should be avoided unless the sender is confirmed. 

If suspicious, contact the sender via known channels to confirm the email’s legitimacy. Organizations should utilize up-to-date spam filters and security software, and users should report phishing attempts. 

According to Trend Micro, it is essential to provide employees with regular security awareness training in order to instill in them an understanding of phishing and social engineering techniques. 

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo


[ad_2]
Source link

OnePlus 13 to include a much larger battery than its predecessor

andreasc
-
0
OnePlus 13 to include a much larger battery than its predecessor
[ad_1]

According to some new information shared by a trusted source, the OnePlus 13 will include a much larger battery than its predecessor. This information comes from Digital Chat Station, a well-known tipster.

The OnePlus 13 to include a larger battery, much larger

He went to Twitter to kind of confirm that the OnePlus 13 will include a 6,100mAh or a 6,200mAh battery. He did not specifically mention the model, but based on everything he wrote, everything points to the OnePlus 13.

The OnePlus 12 included a 5,400mAh battery pack. That was a large battery and ensured that the phone provides great battery life. Well, the one in the OnePlus 13 will offer a lot more capacity, it seems, so we’re having great expectations for that phone’s battery life.

In one of the tipster’s posts, he also talked about a 6,500mAh battery. It seems like Both OPPO and OnePlus are preparing a phone with a 6,500mAh battery. That could be the OnePlus Ace 4 Pro, which will launch in mid-2025.

The phone will launch this year, but its global variant could arrive in January 2025

The OnePlus 13 is coming later this year. Its global launch may have to wait until January next year, though, nothing is confirmed yet. We still don’t know what will the device look like, but a redesign is tipped.

What we do know is what specs to expect, as they leaked recently, from the same source that brought us the battery info. Based on that info, the phone will be fueled by the Snapdragon 8 Gen 4 chip, as expected. That processor is coming in October, by the way.

The phone will feature a 2K “iso-depth micro-curved display”. It will likely be a 6.8-inch panel once again. 100W wired charging has been tipped, and wireless charging will be on offer too, probably 50W wireless charging, the same as its predecessor.

You can expect to see three cameras on the back once again. Three 50-megapixel units will be in use, and hopefully, the main one will be of a 1-inch type. Hasselblad will once again be a part of the package. The OnePlus 13 will be IP68/IP69 certified, which is an improvement.


[ad_2]
Source link

Hackers Compromised Ethereum’s Mailing to Drain Crypto Funds

andreasc
-
0
Hackers Compromised Ethereum’s Mailing to Drain Crypto Funds
[ad_1]

In a recent cyberattack, hackers successfully compromised Ethereum’s mailing list, attempting to drain users’ crypto funds through a sophisticated phishing campaign.

The breach has raised significant concerns within the cryptocurrency community, prompting immediate action from Ethereum’s internal security team.

A phishing email was sent out to 35,794 email addresses by updates@blog.ethereum.org with the following content
A phishing email was sent out to 35,794 email addresses by [email protected] with the following content

The Attack Unfolds

The attack was executed through a malicious website that ran a crypto drainer in the background.

Users who initiated their wallets and signed the transaction requested by the website found their wallets drained of funds.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

The attackers managed to import a large email list into Ethereum’s mailing list platform and used it to launch the phishing campaign.

Ethereum’s internal security team quickly identified the breach and launched an investigation to determine the scope and impact of the attack.

Initial findings revealed that the threat actor had exported 3,759 email addresses from the blog mailing list, including 81 addresses previously unknown to the attacker.

Upon discovering the breach, Ethereum’s security team swiftly mitigated the damage and prevented further attacks.

The initial steps included:

  • Preventing Further Emails: The threat actor was blocked from sending additional emails through the compromised mailing list.
  • Public Notifications: Notifications were sent out via Twitter and email, warning users not to click on the malicious link.
  • Closing Access Paths: The malicious access path used by the threat actor to gain entry into the mailing list provider was shut down.
  • Blacklisting Malicious Links: The malicious link was submitted to various blacklists and subsequently blocked by the majority of web3 wallet providers and Cloudflare.

Despite the severity of the breach, Ethereum’s investigation showed that no victims lost funds during this campaign.

On-chain transaction analysis indicated that the malicious domain was blocked before significant damage occurred.

Ongoing Investigation and Future Measures

As the investigation continues, Ethereum has taken additional measures to enhance security and prevent future incidents.

These steps include migrating mail services to other providers to reduce the risk of similar attacks.

The company is also working closely with external security teams to further address and investigate the incident.

In a statement, Ethereum expressed deep regret over the incident and reassured users that they are working diligently to resolve the issue.

“We are deeply sorry that this incident occurred,” the statement read.

“We are working diligently with both our internal security team as well as external security teams to help address further and investigate this incident.”

The attack on Ethereum’s mailing list highlights the ongoing challenges and vulnerabilities in the cryptocurrency space.

As digital assets grow in popularity, the need for robust security measures becomes increasingly critical.

Ethereum’s swift response and transparency in handling the breach serve as a reminder of the importance of vigilance and proactive security practices in the ever-evolving world of cryptocurrencies.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo


[ad_2]
Source link

OnePlus Nord 4 design & colors properly revealed via promo image

andreasc
-
0
OnePlus Nord 4 design & colors properly revealed via promo image
[ad_1]

OnePlus confirmed the launch date of the OnePlus Nord 4 yesterday, while the phone’s design also surfaced. It appeared in a sketch and a real-life image. Well, now the OnePlus Nord 4 design and colors have been properly confirmed via a promo image that surfaced.

The OnePlus Nord 4 design & colors get confirmed via promo image

Why do I say properly confirmed when we’ve already seen a real-life image? Well, in all honesty, that real-life image looks more like a prototype of the device, as that specific combo looks very weird.

The image you can check out below, however, reveals a much more aesthetically appealing device. You can see three different combinations here. Silver is combined with green, white with silver, and black with dark gray.

OnePlus Nord 4 promo image leak 1

OnePlus opted for a two-tone design this time around, and the phone does look quite appealing, at least in this promo image. Its sides are flat, while a flat display sits on the front with a centered display camera hole. The bezels are quite thin too.

All of its physical buttons are located on the right side. The thing is, there is an alert slider on the left. The phone does seem to have an IR blaster at the top too, though we can’t be sure.

OnePlus opted for a two-tone design this time around

You’ll notice that the top one-quarter of the phone’s back is reserved for one design language, and the three bottom quarters reveal something else entirely. Based on OnePlus’ invite, the bottom part of the backplate is actually metal-clad. The top portion is covered by glass.

Two horizontally-aligned cameras sit in the top-left corner, with an LED flash next to them (top-right corner). OnePlus’ logo is centered on the phone’s back.

The OnePlus Nord 4 will become official on July 16. The launch event will be held in Milan, Italy, and it will kick off at 3 PM CEST / 9 AM EST / 6 AM PST / 2 PM BST.


[ad_2]
Source link

Native YouTube Music and Amazon Music apps coming to Tesla EVs

andreasc
-
0
Native YouTube Music and Amazon Music apps coming to Tesla EVs
[ad_1]

Tesla managed to ink many partnerships with important software developers to have their apps ported to its cars. As people spend more and more time in their cars, the technology inside vehicles has advanced to allow drivers to connect to the other ecosystem they typically use while outside their cars.Android, iOS, Windows, and Mac OS are just some of the operating systems that provide access to various apps and services. However, Elon Musk-owned Tesla is not using any of the ecosystems related to these operating systems like Android Auto and Apple CarPlay.

But that doesn’t seem to be an issue for the Tesla OS, which already offers Tesla drivers access to almost all the important apps and services that the other operating systems offer.

Unfortunately, there were two services that were missing until recently, Amazon Music and YouTube Music. But that’s about to change as Not a Tesla App (via Android Authority) reports that both music streaming services are coming to Tesla EVs.

Apparently, several Tesla models are getting a new update, which adds support for Amazon Music and YouTube Music among other things. Specifically, the Tesla S, Tesla 3, Tesla X, and Tesla Y are eligible for this update, which is expected to be rolled out very soon.

Although Tesla drivers could access YouTube Music in their cars by connecting their phones via Bluetooth, the experience is limited because it misses many features that are otherwise available in the native app.

More importantly, YouTube Music allows users to build and listen to their own playlists without having to pay a subscription like other music streaming services. This means that Tesla drivers will save a lot of money if they’re already subscribed to a different music streaming service (i.e. Spotify).

The bad news is we have no idea when the new update will drop, but we suspect it won’t be long now since the changelog has been leaked.

[ad_2]
Source link

HONOR Magic V3 color options officially confirmed & shown

andreasc
-
0
HONOR Magic V3 color options officially confirmed & shown
[ad_1]

HONOR has officially revealed and shown us the Magic V3 color options. As many of you know, the Magic V3 is the company’s upcoming book-style foldable. This one will be even thinner and lighter than last year’s model, allegedly. More on that later.

The HONOR Magic V3 color options have been shown by the company

Let’s focus on the colors first. If you take a look at the gallery below the article, you’ll see all four color options. HONOR says that these colors are inspired by nature. Three out of four of these variants have glass panels, while the fourth one has vegan leather on the back.

To be more accurate, black, green, and white models have glass on the back. The first two devices have a frosted matte backplate, while the white model has an interesting pattern on the back, and the look will change based on how the light hits the device.

The ‘dark orange’ model comes with a vegan leather backplate and gold accents. We’ve seen that variant before, as it was the first model that HONOR revealed. That model will also be the lightest, as vegan leather is lighter than glass.

You can see a camera setup similar to the one on the HONOR Magic6 Pro, at least in terms of camera placement. It remains to be seen what cameras exactly will be used by HONOR. One thing is for sure, the top camera will be a periscope telephoto unit.

The device will be both thinner & lighter than the Magic V2

The HONOR Magic V3 will measure only 9.Xmm when folded. It will be thinner than even its predecessor, the Magic V2. It will weigh 22X grams, so it’ll be lighter too. The HONOR Magic V2 models measured 231 and 237 grams, depending on the model.

The device will be fueled by the Snapdragon 8 Gen 3, and its launch date has been announced already. The device is coming on July 12, and it will launch alongside the Magic Vs3, and a couple of other devices.


[ad_2]
Source link

Threat Actor Claiming 2FA Bypass Vulnerability in HackerOne Bug Bounty Platform

andreasc
-
0
Threat Actor Claiming 2FA Bypass Vulnerability in HackerOne Bug Bounty Platform
[ad_1]

A threat actor has claimed to have discovered a vulnerability that bypasses the two-factor authentication (2FA) on the HackerOne bug bounty platform.

The claim was made public via a tweet from the account MonThreat, which is known for sharing cybersecurity-related information.

This raises concerns about the security of one of the most trusted platforms for ethical hacking and vulnerability reporting.

HackerOne’s Response

HackerOne, a leading platform that connects businesses with cybersecurity experts to identify and fix vulnerabilities, has yet to release an official statement regarding the alleged 2FA bypass vulnerability.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

The platform is known for its robust security measures, including mandatory 2FA for all users, which makes this claim particularly alarming.

Experts suggest that if the vulnerability is confirmed, it could have significant implications for the platform’s users and the broader cybersecurity community.

“We are aware of the claims made on social media and are actively investigating the matter. Our priority is the security of our users and the integrity of our platform,” a HackerOne representative stated in a preliminary response.

The cybersecurity community has reacted with a mix of skepticism and concern.

While some experts are waiting for official confirmation and details from HackerOne, others are already speculating about the potential impact of such a vulnerability.

If the 2FA bypass is real, it could allow unauthorized access to sensitive information and reports submitted by ethical hackers, undermining the trust in the bug bounty process.

“This could be a significant setback for the bug bounty ecosystem if proven true. It highlights the need for continuous vigilance and improvement in security measures, even for platforms dedicated to cybersecurity,” commented Jane Doe, a cybersecurity analyst.

As the investigation unfolds, users of the HackerOne platform are advised to stay vigilant and follow any security recommendations issued by the platform.

The cybersecurity community eagerly awaits further updates on this developing story.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo


[ad_2]
Source link

iPhone users with Google Maps are beginning to see this important real-time feature on the app

andreasc
-
0
iPhone users with Google Maps are beginning to see this important real-time feature on the app
[ad_1]

Using mapping and navigation apps like Apple Maps, Google Maps, and Waze are great reasons to buy a smartphone. Those of you old enough to remember writing down directions or using a map to get from point “A” to point “B” safely are probably still amazed at how we can type in our destination in one of the aforementioned trio of apps and quickly have a route to follow on our phone screens.

It feels like magic and even more so when a route change is forced on the driver due to roadwork, police action, a surprising change in the weather, or a traffic problem. Perhaps the most amazing thing is that Google Maps has been providing mobile phone owners with free turn-by-turn directions ever since the Motorola DROID became the first phone released with Android 2.0 in November 2009.

Google has been quietly adding a new feature to the iOS version of Google Maps only in certain regions and to a limited number of users. That feature is a speedometer which is already available to many of those using the Android version of Google Maps and both variants of Waze. The speedometer on a mapping and navigation app that uses GPS is more accurate than the one on your car’s dashboard according to autoevolution. And since some drivers glance at the directions on their navigation app while driving (more on that later), they can check out these directions while seeing how fast they are going all at the same time.
Setting the speedometer feature in Waze - iPhone users with Google Maps are beginning to see this important real-time feature on the app

Setting the speedometer feature in Waze

It appears that Google is testing the appearance of a speedometer for the iOS version of Google Maps and for CarPlay, and this is being confirmed by the feature showing up intermittently on some iPhone handsets. As recently as two days ago, a post was left on Reddit from an iPhone user that stated, “I was going to work today and using google maps on my work phone (iPhone 14 pro) and noticed the exclusive android speedometer feature was visible. However upon testing on another phone (iPhone 14 Pro Max) the feature was nowhere to be seen.”

In some states, a driver won’t have the legal right to view his speed as it appears on Google Maps as holding a smartphone while behind the wheel in these jurisdictions is against the law. If you’re not driving in such a state, Waze will show you how fast you’re going and can even alert you when you’re speeding. Open the Waze app and tap the three-line hamburger menu in the upper left corner of the screen.

Tap on Settings > Speedometer and toggle the settings the way you want them. You can have your speed appear on the map, show the current speed limit when you’re driving faster than the limit, show it all the time, or never show it. You can also arrange to hear an alert when you’re driving at the speed limit, or driving 5 MPH, 10 MPH, 15 MPH, or 20 MPH above the limit, or if you’re 5%, 10%, 15%, or 20% above the limit.


[ad_2]
Source link

Hackers Abused Twilio API To Verify Phone Numbers used For MFA

andreasc
-
0
Hackers Abused Twilio API To Verify Phone Numbers used For MFA
[ad_1]

An unauthenticated endpoint vulnerability allowed threat actors to identify phone numbers associated with Authy accounts, which was identified, and the endpoint has been secured to prevent unauthorized access. 

No evidence suggests the attackers gained access to internal systems or other sensitive data, but as a precaution, it’s crucial to implement additional security measures to mitigate potential phishing attacks that could exploit the leaked phone numbers.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

An unauthenticated endpoint in Twilio’s Authy app allowed malicious actors to identify user phone numbers. While no evidence suggests a broader system intrusion or sensitive data exposure, 

They urge all Authy users to update their Android and iOS apps to address the vulnerability, which mitigates the risk of threat actors exploiting the exposed phone numbers for phishing and smishing attacks.  

Authy users should maintain vigilance and carefully examine any text messages that appear to be suspicious. 

A new software update is available for both Android and iOS devices, which addresses various bug fixes, including security vulnerabilities

It is imperative to install this update promptly to preserve the device’s functionality and integrity.  

For Android users, a link has been provided to download the update, while iOS users can acquire the update through the standard software update process on their devices. 

Twilio recognizes a security incident and apologizes for the disruption, as their Security Incident Response Team (T-SIRT) is currently investigating the issue and will provide updates as the situation evolves. 

This incident underscores the critical role of T-SIRT in proactively identifying security vulnerabilities, implementing preventative measures to mitigate risks, and taking corrective actions in the event of a breach. 

T-SIRT’s swift response and ongoing communication are essential to minimizing the impact of security incidents and maintaining customer trust.

If users are unable to access the Authy account due to login issues or lost access to the registered phone number, contacting Authy support is the recommended course of action. 

Their specialists will address the request and collaborate to restore functionality to the Authy account, which may involve troubleshooting login problems or initiating a phone number change procedure.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo


[ad_2]
Source link
1...596061...1,455Page 60 of 1,455