You just saw an amazing Story on Instagram, and you want to make your own spin on it! This happens to us, but it’d be tedious trying to copy the format of that Story just to make your own. Well, Instagram has a new feature that you’d like if this happens to you. Instagram just launched the new Story templates, and this will let users riff on other users’ Stories.
Instagram is full of Stories, and people put a ton of effort into making them as interesting as possible. There are so many tools out there for your stories to attract a ton of viewers on the app. We’re talking about effects, filters, pictures, stickers, location tags, and much more. If you came up with a winning formula for an award-winning Story, you’re likely to want to share it. That’s where this new feature comes in.
Instagram Story templates make Stories more communal
This new feature comes just after the company let people post short looping video notes. Story templates sound like a feature that you can use for personal use. It sounds like you’ll save a template so that you can drag and drop assets and call it a day. However, the intention is more communal. You’re making these templates so that other people can make their stories based on it. It’s so that you can see what other people do with your inspiration.
Instagram calls these “Add Yours Templates”, as you’re able to add your own spin to the templates that you see on the app. When you see a Story template that you like, you can add your own images, text, and GIFs to it.
How to add your own template
If you want to be the co-author of someone else’s Stories, it’s easy to make your own template. Go ahead and start creating a story. Add whatever assets you want like images, text, or GIFs. Once you have everything placed as you want, tap on the Sticker button on the top right of your story.
On the top row of options, you’ll see the “Add Yours” button. This will have you enter a prompt for your story. Basically, what’s your story about? After that, you’ll finalize your Story and post it. Other people who see your story will be able to use your template and add their own spin on it.
Nothing is gearing up to release the stable version of Android 14-based Nothing OS 2.5 for its Nothing Phone (2) in the coming days, following the successive release of Nothing OS 2.5 Closed Beta and a couple of Open Beta 2 builds. The company aims to bring a host of improvements and features to enhance the user experience.
The upcoming Nothing OS 2.5 brings a slew of changes and enhancements. It starts with a redesigned Home Screen and Lock Screen interface that provides users with even more customization options. Notable additions include several new wallpaper effects that contribute to a cleaner and more tidy appearance on the home screen. The Glyph Interface, a distinctive feature of Nothing’s design, undergoes a major change, with improved Flip to Glyph logic and direct access to the Glyph Timer from the lock screen. The Glyph Timer also supports time presets for quick duration settings.
In terms of gestures, Nothing OS 2.5 introduces a customizable double-press power button for quick access to selected features. Additional Lock Screen shortcut options include Do Not Disturb, Mute, QR code scanner, and video camera. Users can now perform a three-finger swipe gesture for rapid screenshot capture, and a new screenshot editor and menu offer advanced editing features and quick deletions.
Nothing OS 2.5 brings a redesigned interface, enhanced customization, and feature-rich gestures
The update also brings improvements to the Weather app experience, enhancing weather alert notifications. Predictive back animation and a refreshed back gesture arrow visual are aligned with Nothing’s distinct style. Users gain separate settings for ringtone and notification sound volumes, featuring an updated control interface. The Quick Settings layout receives an update, offering support for more device icons.
The Camera app sees stability improvements, ensuring a smoother and reliable user experience. Overall system stability is enhanced, providing users with a more reliable and consistent performance.
Nothing Phone (2) users can expect the official rollout of Nothing OS 2.5 in the next few days. To check for updates manually, users can navigate to Phone Settings > System > System Update. Additionally, Nothing Phone (1) will receive its first Open Beta build before the end of the year, following its current status on the Nothing OS 2.5 Closed Beta build.
Google has announced that it will start rolling its Chrome web browser’s new Tracking Protection feature from January of 2024. Tracking Protection is part of Google’s Privacy Sandbox initiative to phase out third-party cookies. The Tracking Protection feature aims to disable third-party cookies completely in the second half of 2024.
Third-party cookies, often referred to as non-essential cookies, can be used to track visitors as they move from one website to another, with the purpose of creating profiles for personalized ads. But other website features, like authentication and fraud prevention can also depend on them.
Starting January 4, Google says it will select one percent of Chrome users on desktop and Android at random, and that group will get the option to use the Tracking Protection feature. The chosen users will receive a notification about it when they open Chrome.
The selected Chrome users can do some testing to establish the impact of blocking third-party cookies on their browsing experience. For example, when Tracking Protection is enabled, some websites may not load correctly, so users will also have the option to temporarily re-enable third-party cookies for that specific website.
One significant difference with the existing (largely useless) “Do Not Track” feature is that websites do not have a choice about whether to cooperate with Tracking Protection. Do Not Track is a signal sent by the browser that asks websites to play nicely and not track it. It isn’t effective and there is no way to determine if it’s having the desired effect or not.
Other initiatives by Google in this direction include hiding your IP address. An IP address is the next best thing for tracking users across the internet. Although the IP address is often not limited to one system, they are very often bound to one household. Google’s IP Protection proposal wants to use proxies to hide users’ IP addresses.
It remains to be seen how fruitful these initiatives will be. A few years ago (March 2021), Google ran some tests with a program called Federated Learning of Cohorts (FLoC) which was also intended to replace third-party cookies. But the technology was criticized on privacy grounds and on January 25, 2022, Google officially announced it had ended development of FLoC technologies.
FLoC was replaced by the Topics API, another Privacy Sandbox mechanism designed to preserve privacy while allowing a browser to share information with third parties about a user’s interests.
Meanwhile, regulators are monitoring the tech giant’s initiatives to ensure they don’t give the company an unfair advantage in selling its own ads.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
A few more Samsung Galaxy devices are receiving the December security update in the US. The Galaxy Z Fold 5, Galaxy Z Flip 5, and Galaxy S20 series are getting the latest SMR (Security Maintenance Release) stateside. The two foldables have already picked up the update in international markets. The 2020 S-series flagships, meanwhile, are starting the journey in North America.
Galaxy Z Fold 5 and Flip 5 get the December update in the US
Samsung recently released the December SMR for the Galaxy Z Fold 5 and Galaxy Z Flip 5 in several European and Asia countries. We now have confirmation that the update has reached the US versions of the two foldables. Both carrier-locked and unlocked variants of the duo are picking up the latest security patch stateside. It won’t be long before the update reaches all eligible units across the nation.
The latest update for the Galaxy Z Fold 5 comes with the firmware build numbers F946USQS1BWKI (carrier-locked) and F946U1UES1BWKI (unlocked) in the US. Those for the Galaxy Z Flip 5 are F731USQS1BWKI and F731U1UES1BWKI, respectively. The changelog on Samsung’s official update tracker for the foldable duo confirms that the latest release is all about this month’s security fixes. The phones recently received Android 14.
The December SMR for the Galaxy S20, Galaxy S20+, and Galaxy S20 Ultra also doesn’t bring anything more than the latest security patches. First reported by Sammyfans, the update introduces firmware version G98*USQS8HWK1 to the 2020 flagship trio. These phones aren’t eligible for Android 14 or any other major feature updates. They will only get security updates. A global rollout of this month’s SMR may begin anytime now.
As far as the content of the December security release is concerned, Samsung has fixed more than 60 vulnerabilities. To be precise, most of those are Android OS patches from Google. The Android maker fixed seven critical security issues this month along with dozens of high-severity vulnerabilities. You can go to Settings > Software update > Download and install to check for new updates on your Galaxy device.
More devices will receive these security fixes soon
Samsung will continue to release the December SMR for more eligible devices in the coming days. The company is also readying the Android 14-based One UI 6.0 update for more Galaxy phones and tablets, including the Galaxy Z Flip 4 and Galaxy Z Fold 4. They may receive the latest security patch bundled with the impending big update. We will let you know when the rollout begins.
Since its emergence in May 2023, the MOVEit vulnerability has been exploited by the Russian-linked Cl0p ransomware gang, revealing their involvement in the breach.
According to a data breach notification, the Oak Brook, Illinois, United States-based dental insurance provider Delta Dental has fallen prey to a sophisticated cyberattack orchestrated through the exploitation of a zero-day flaw in MOVEit Transfer.
The notorious Russian-linked ransomware syndicate, known as Cl0p, is behind the breach, compromising the private information of nearly seven million customers. Hackread.com can confirm that the Cl0p ransomware gang has indeed released the entire dataset on its dark web domain, making it available for public download through a torrent.
Screenshot of the Torrent link (Credit: Hackread.com)
Delta Dental’s internal investigation concluded on July 6, has shed light on the severity of the incident. The cybercriminals successfully infiltrated and exfiltrated sensitive data belonging to Delta Dental of California and its affiliated entities on the MOVEit platform during the window between May 27 and May 30.
The severity of the situation prompted the company to promptly file a breach notification (PDF) with the Maine Attorney General, officially documenting the security incident on December 14, 2023.
The exposed information encompasses a trove of personal and highly sensitive details, presenting a significant risk to the affected individuals. Among the compromised data are names coupled with a combination of addresses, Social Security numbers, driver’s license numbers, or other state identification numbers, passport details, financial account information, tax identification numbers, individual health insurance policy numbers, and various health-related information.
This breach not only poses a threat to the privacy and security of Delta Dental’s customers but also raises concerns about the potential misuse of the stolen data. With the involvement of the Cl0p ransomware syndicate, known for its aggressive tactics, the aftermath of this breach could extend beyond typical data exposure scenarios.
Delta Dental is now faced with the daunting task of mitigating the fallout from this significant security incident. As the affected customers grapple with the potential ramifications of identity theft and financial fraud, cybersecurity experts emphasize the urgency of implementing robust measures to safeguard sensitive information.
In a comment to Hackread.com,Claude Mandy, Chief Evangelist of Data Security at Symmetry Systems, expressed empathy for the victims and cautioned them about potential phishing attacks that they may encounter.
“My thoughts are with the impacted patients from the incident, who are slowly finding out what information has been exposed. While the majority of the information is fungible and easily replaced with little impact, it still requires continual vigilance from the impacted parties to avoid further impact, whether monitoring financial accounts, and credit scores or being extra vigilant for phishing,” said Claude.
The recent data breach is concerning for Delta Dental and its customers. It underscores the importance for companies to promptly apply patches and secure their infrastructure. This breach highlights the exploitation of vulnerabilities in Ipswitch INC’s managed file transfer software, MOVEit Transfer, by groups like Cl0p.
So far, numerous organizations, spanning government agencies, airlines, educational and financial institutions, as well as healthcare providers, have fallen victim to the MOVEit-linked data breach. The compromised data includes sensitive information such as credit card numbers, Personally Identifiable Information (PII), and Social Security Numbers (SSNs).
This morning, OnePlus revealed when we can see the OnePlus 12 and OnePlus 12R smartphones launching in the US. According to the company, both phones will launch on January 23, 2024.
To help garner some hype for the two devices, OnePlus says that the “12 series devices represent the culmination of a decade in business; the devices were developed to address an industry-wide challenge in balancing high performance, high power consumption, effective heat dissipation, and longevity.” The company goes on to say that these new smartphones will prove that you don’t need “pro” or “ultra” in your name to provide the best specs and software experience.
OnePlus actually already announced the OnePlus 12 in China, so we basically know what to expect out of it already. For the OnePlus 12, we aren’t really getting any surprises from the company. It’ll boast a 6.82-inch QHD+ display, the new Snapdragon 8 Gen 3 processor inside, with up to 24GB of RAM and up to 1TB of storage. It’ll also have a 5,400 mAh capacity battery that can charge at 100W wired and 50W wireless. There are some leaks for the OnePlus 12R, which points to it leaving off the telephoto camera, otherwise, it’s looking similar to the OnePlus 12, but with a slightly larger battery.
It’s OnePlus’ 10-year anniversary!
It’s hard to imagine that OnePlus has been around for 10 years now. Its 10-year anniversary is actually tomorrow, December 16, 2013. The OnePlus One launched in early 2014. For the 10-year anniversary, OnePlus has a new video that walks you through the company’s history, as well as founding members and friends. It’s a really interesting video to watch.
While OnePlus hasn’t quite taken over the major players in the space as they had planned to out of the gate, they are a pretty solid option in most areas around the world. Here in the US, they are a solid fourth-place smartphone maker behind Apple, Samsung, and Motorola. This is largely because OnePlus phones aren’t sold on carriers in the US nowadays.
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via search engines, to drop malware targeting businesses. In fact, browser-based attacks overall have been a lot more common if we include social engineering campaigns.
Criminals have found success in acquiring new victims thanks to search ads; we believe there are specialized services that help malware distributors and affiliates to bypass Google’s security measures and helping them to set up a decoy infrastructure. In particular, we saw similarities with the malvertising chains previously used to drop FakeBat.
In the past few days, researchers including ourselves have observed PikaBot, a new malware family that appeared in early 2003, distributed via malvertising. PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577.
In this blog post, we share details about this new campaign along with indicators of compromise.
PikaBot via malspam
PikaBot was first identified as a possible Matanbuchus drop from a malspam campaign by Unit 42 in February 2023. The name PikaBot was later given and attributed to TA577, a threat actor that Proofpoint saw involved in the distribution of payloads such as QakBot, IcedID, SystemBC as well as Cobalt Strike. More importantly, TA577 has been associated with ransomware distribution.
Researchers at Cofense observed a rise in malspam campaigns to deliver both DarkGate and PikaBot, following the takedown of the QakBot botnet in August 2023. A typical distribution chain for PikaBot usually starts with an email (hijacked thread) containing a link to an external website. Users are tricked to download a zip archive containing a malicious JavaScript.
The JavaScript creates a random directory structure where it retrieves the malicious payload from an external website via the curl utility:
As described by OALabs, PikaBot’s core module is then injected into the legitimate SearchProtocolHost.exe process. PikaBot’s loader also hides its injection by using indirect syscalls, making the malware very stealthy.
Distribution via malvertising
The campaign targets Google searches for the remote application AnyDesk. Security researcher Colin Cowie observed the distribution chain and the payload was later confirmed to be PikaBot by Ole Villadsen.
We also saw this campaign via a different ad impersonating the AnyDesk brand, belonging to the fake persona “Manca Marina”:
A decoy website has been setup at anadesky[.]ovmv[.]net:
The download is a digitally signed MSI installer. It’s worth noting that it had zero detection on VirusTotal at the time we collected it. However, the more interesting aspect is how it evades detection upon execution.
The diagram below from JoeSandbox summarizes the execution flow:
Malvertising similarities with FakeBat
The threat actors are bypassing Google’s security checks with a tracking URL via a legitimate marketing platform to redirect to their custom domain behind Cloudflare. At this point, only clean IP addresses are forwarded to the next step.
They perform fingerprinting via JavaScript to determine, among other things, if the user is running a virtual machine. Only after the check is successful do we see a redirect to the main landing page (decoy AnyDesk site).
What’s interesting is that there is a second fingerprinting attempt when the user clicks the download button. This is likely to ensure that the download link won’t work in a virtualized environment. In this particular campaign, the threat actor is hosting the MSI installer on Dropbox.
We noticed that previous malvertising chains used the same redirection mechanism via onelink[.]me as well as URL structure. These incidents were previously reported to Google and targeted Zoom and Slack search ads:
In some of these instances, we had identified the payload as FakeBat. This is particularly interesting because it points towards a common process used by different threat actors. Perhaps, this is something akin to “malvertising as a service” where Google ads and decoy pages are provided to malware distributors.
Conclusion
Several years ago, exploit kits were the primary malware distribution vector via drive-by downloads. As vulnerabilities in the browser and its plugins began to be less effective, threat actors concentrated on spam to target businesses. However, some did continue to target browsers but instead had to rely on social engineering, luring victims with fake browser updates.
With malvertising, we see another powerful delivery vector that does not require the user to visit a compromised site. Instead, threat actors are piggybacking on search engines and simply buyings ads that they know their target will be exposed to. As we may have said before, businesses can prevent this risk by only allowing their end users to install applications via their own trusted repositories.
Malwarebytes detects the malicious MSI installers as well as the web infrastructure used in these malvertising campaigns. We have reported the malicious ads and download URLs to Google and Dropbox respectively.
Special thanks to Sergei Frankoff, Ole Villadsen, and pr0xylife for their help and feedback.
Samsung continues to release new updates for Galaxy devices left, right, and center. On one hand, it is pushing Android 14 to eligible models. On the other hand, it is rolling out the December security patch to devices that aren’t eligible for the new Android version or have already been updated. The Galaxy Galaxy S21, Galaxy Z Fold 5, Galaxy Z Flip 5, and Galaxy Z Fold 2 are now receiving the latest security update.
Galaxy S21 and recent foldables pick up Samsung’s December update
Samsung’s Galaxy S21, Galaxy S21+, and Galaxy S21 Ultra are currently picking up the December security update in Europe. The new firmware build number for the 2021 flagship trio is G99*BXXS9FWKB. The update brings this month’s security fixes and nothing more, the official changelog confirms. The company will release the new SMR (Security Maintenance Release) for the phones in more markets, including the US, in the coming weeks.
The latest security patch for the Galaxy Z Fold 5 is available more widely. Samsung is rolling out the update in Asia and Europe with the build number F946BXXS1BWKI. A global rollout should follow soon. Once again, the update is all about the December SMR. There aren’t any new features or functional improvements in tow. These devices recently received Android 14-based One UI 6.0 with tons of goodies, so that isn’t surprising.
It is the same story for the Galaxy Z Flip 5 as well. Samsung is pushing the latest security fixes to this year’s clamshell foldable in Europe and Asia. The update comes with the build number F731BXXS1BWKI. Like the Fold model, the new Flip isn’t getting any additional goodies. The Korean behemoth will push the December SMR to the foldable in more markets over the next few days.
The December security update is also rolling out widely to the Galaxy Z Fold 2. The aging foldable, which isn’t eligible for Android 14, recently picked up the latest SMR in the US. It is now receiving the new security patch in international markets, including in Europe, Asia, and Africa. The updated firmware version for the 2020 foldable phone is F916BXXS5KWK1. As you might expect, it isn’t getting anything more than this month’s security fixes.
Samsung’s latest security release patches over 60 vulnerabilities
The December SMR for Samsung Galaxy devices is a pretty big one. The Korean firm is pushing fixes for more than 60 vulnerabilities, including at least seven critical security issues. These patches will be available to more Galaxy phones and tablets over the next few weeks. As usual, you can check for updates from the Settings app on your Samsung device.
Cybersecurity firm Zerocopter has launched the first-ever Cybersecurity Marketplace led by white-hat hackers.
With cybercrime projected to cost $8 trillion in 2023 and businesses, particularly smaller ones, often lacking the resources and expertise to keep up, the digital sector is fast becoming the most vulnerable one. This calls for redefining cybersecurity solutions, and a cybersecurity firm, Zerocopter, has come up with an innovative and perhaps game-changing solution to this problem.
Zerocopter has launched a hacker-led marketplace for security solutions. The platform is designed to be accessible, flexible, and supported by a hundreds-strong hacker network. The platform offers a tailored security suite powered by ethical hackers, providing precision and agility impossible with traditional tools.
For your information, Zerocopter is a global cybersecurity firm with a network of world-class hackers ready to provide continuous online security to organizations. Founded in 2015, the company offers affordable, scaleable cybersecurity solutions across various sectors, including finance, aviation, international education, and law.
The marketplace is created to offer a tailored solution for businesses, ensuring they can protect their assets and operations. Erik Ploegmakers, CEO of Zerocopter, stated in the company’s press release that it will devise solutions to curb the growing threat landscape.
“To fully appreciate the extent of the digital attack surface and level of potential threats, companies need to go beyond the tick-box cybersecurity approach,” Ploegmakers said in a press release shared with Hackread.com.
So, what makes this marketplace different? According to Ploegmakers, Zerocopter’s “custom-made marketplace” will be operated by hackers, and their primary task will be to find flaws and security breaches, mainly focusing on flaws that generic tools cannot detect.
“Whatever the customer requirements are, we carefully match them with one of our world-class, vetted hackers with the appropriate skill set for that particular case,” he added.
The marketplace offers scaled safety by leveraging the collective intelligence of the world’s best hackers to provide top-of-the-line threat protection at a fraction of the cost of other solutions.
The CEO also highlighted that every hacker undergoes a rigorous vetting process to ensure they comply with a strict code of conduct and are the best at their job. Zerocopter also assesses and validates vulnerability reports, allowing organizations to focus on fixing security issues quickly.
Furthermore, it provides bug bounty, incentivizing hackers based on the threat level allowing continuous surveillance. Its Dedicated Hacker Time, a micro-consulting solution with a global hacker force, will match companies with hackers with the skillsets and knowledge needed for specific tasks.
Moreover, Zerocopter ensures compliance with evolving regulations like the EU’s NIS2 Directive through its expertise in CVD (Coordinated Vulnerability Disclosure). This allows companies to manage the flood of reports associated with CVD easily and affordably.
The launch of the marketplace led by ethical hackers is good news for a sector where threats keep evolving and looming. The company has delivered a powerful message that cybersecurity doesn’t have to be expensive, complex, or inaccessible.
Carl Pei is not holding any punches with his business ambitions. Just a year after Nothing released its first phone, Nothing already has a sub-brand called CMF by Nothing and a line of apparel. Now, there are rumors pointing to a possible budget-friendly offering from the company called the Nothing Phone (2a). While we don’t have much information on this phone at the moment, we just got a pretty significant leak of the Nothing Phone (2a). With it, we see what could be a change to the Glyph Interface.
Since this is a leak, you’ll want to take this with a grain of salt. We don’t know 100% if the company is going to be launching this phone, so there’s always the chance that the company won’t launch it. Just keep that in mind.
The Nothing Phone (2a) just got a pretty significant leak
Now, this is far from a photo of a production unit, but it’s from a trusted source, Dylan Roussel. The tipster made a post on X outlining some leaked information about the phone. According to the post, the Nothing Phone (2a) will have the model number A142. It could have the codename Pacman or Areo(dacity). That remains to be seen.
Looking at the leaked specs, we can tell that this phone will appeal to the mid-range market. The leak points to this phone using the MediaTek Dimensity 7200. This is a mid-range SoC that should still deliver some solid power.
The Glyph Interface could be wildly different
In the X post, we saw an animation of the phone’s possible Glyph Interface. Right off the bat, we see that it could look massively different from the first two Nothing Phones. Rather than having 11 different lighted segments, we only see three.
We see these three segments around the center-positioned camera bump. That’s also a major change from the other two Nothing Phones. The camera bump looks to be rather large and may house a dual-camera package. We see two segments on the left of the camera bump and one on the right.
Just like with current Nothing Phones, the segments will light up individually for different actions. They could flash different patterns depending on your ringtone. One segment could act as a battery bar letting you know how close your phone is to dying.
When could we see this phone?
At this point, we don’t know when/if this phone will see the light of day. However, rumor points to this phone getting an unveiling during MWC 2024. While at the event, there’s a chance that Carl Pei could also reveal the Nothing Phone (3).