Google Pixel Fold vs Xiaomi MIX Fold 3

0
[ad_1]

The two foldable handsets we’ll compare here have been on the market for quite some time. They come from Google and Xiaomi, and both of them are book-style foldables. In this article, we’ll compare the Google Pixel Fold vs Xiaomi MIX Fold 3. The Pixel Fold arrived back in May, while the Xiaomi MIX Fold 3 has been on the market since August. Now, this comparison should be quite interesting.

Both of these phones are book-style foldables, but they’re quite different. They have considerably different aspect ratios, and thus offer different experiences, more on that soon. We’ll first list their specifications, and will then move to compare their designs, displays, performance, battery life, cameras, and audio output. Also, do note that that the Xiaomi MIX Fold 3 is exclusive to China. Let’s get to it, shall we?

Specs

Google Pixel Fold & Xiaomi MIX Fold 3, respectively

Screen size (main):
7.6-inch Foldable OLED display (120Hz, HDR10+, 1,450 nits)
8.03-inch Foldable LTPO OLED+ (120Hz, HDR10+, Dolby Vision, 1,300 nits)
Screen Size (cover):
5.8-inch OLED (120Hz)
6.56-inch AMOLED (120Hz)
Display resolution (main):
1840 x 2208
2160 x 1916
Display resolution (cover):
2092 x 1080
2520 x 1080
SoC:
Google Tensor G2
Qualcomm Snapdragon 8 Gen 2 (overclocked)
RAM:
12GB (LPDDR5)
12GB/16GB (LPDDR5X)
Storage:
256GB/512GB (UFS 3.1)
256GB/512GB/1TB (UFS 4.0)
Rear cameras:
48MP (wide, f/1.7 aperture, OIS), 10.8MP (ultrawide, 121-degree FoV), 10.8MP (telephoto, 5x optical zoom, OIS)
50MP (wide, f/1.8 aperture, PDAF, OIS), 10MP (ultrawide, 120-degree FoV), 10MP (telephoto, 3.2x optical zoom), 10MP (telephoto, 5x optical zoom)
Front cameras:
8MP (main display, f/2.0 aperture), 9.5MP (cover display, f/2.2 aperture)
20MP (main & cover display, wide, f/2.3 aperture)
Battery:
4,821mAh
4,800mAh
Charging:
21W wired, 7.5W wireless (no charger)
67W wired, 50W wireless (charger included)
Dimensions (unfolded):
158.7 x 139.7 x 5.8mm
161.2 x 143.3 x 5.3mm
Dimensions (folded):
139.7 x 79.5 x 12.1mm
161.2 x 73.5 x 10.9mm
Weight:
283 grams
255/259 grams
Connectivity:
5G, LTE, NFC, Wi-Fi, USB Type-C, Bluetooth 5.3
Security:
Side-facing fingerprint scanner
OS:
Android 13
Android 13 with MIUI Fold 14
Price:
$1,799
CNY8,999 ($1,239)
Buy:
Google
Xiaomi (China only)

Google Pixel Fold vs Xiaomi MIX Fold 3: Design

Both of these phones are made out of metal and glass, though the Xiaomi MIX Fold 3 also comes in an aramid fiber variant. The Google Pixel Fold is short and wide, while the Xiaomi MIX Fold 3 is tall and narrow. As I said, they have different display aspect ratios, and different orientations because of it. The Pixel Fold has more of a landscape format display when unfolded, while the Xiaomi MIX Fold 3’s is more of a vertical panel.

The Google Pixel Fold is considerably shorter, considerably wider, and also noticeably thicker than the Xiaomi MIX Fold 3. That goes for both when it’s folded and unfolded. You’ll also notice the difference in weight between the two phones, the Pixel Fold weighs 283 grams, while the Xiaomi MIX Fold 3 weighs 255 or 259 grams, depending on the model. They also look different, actually.

The Google Pixel Fold has a centered display camera hole on the main display, and a recognizable camera visor on the back. It also has curved corners, while the Xiaomi MIX Fold 3 is rather boxy. The Xiaomi MIX Fold 3 also has a centered display camera on the cover display, and a landscape-oriented camera module on the back. The thickness of this phone’s backplate gradually increases to meet the camera module.

They feel entirely different in the hand, by the way, which is not surprising considering all those differences. The Pixel Fold also comes with an IPX8 rating for water resistance, while the Xiaomi MIX Fold 3 doesn’t offer anything like that.

Google Pixel Fold vs Xiaomi MIX Fold 3: Display

Both of these devices have rather compelling displays included. The Google Pixel Fold has a 7.6-inch main panel with a resolution of 1840 x 2208. That is a foldable OLED panel with a 120Hz refresh rate. It supports HDR10+ content, and has a peak brightness of 1,450 nits. The cover panel measures 5.8 inches, and it’s a 2092 x 1080 OLED display. This display is protected by the Gorilla Glass Victus. It supports HDR content, and has a peak brightness of 1,550 nits.

Google Pixel Fold AM AH7

The Xiaomi MIX Fold 3, on the flip side, includes an 8.03-inch main display. That’s an LTPO OLED+ panel with a resolution of 1916 x 2160. It supports up to 1 billion colors, and has a 120Hz refresh rate. HDR10+ is also supported, as is Dolby Vision. The peak brightness here is 1,300 nits. The cover display measures 6.56 inches, and it has a resolution of 2520 x 1080. This is an AMOLED panel with a 120Hz refresh rate, and it supports HDR10+ content. Dolby Vision is also supported. This panel is protected by the Gorilla Glass Victus 2, and it has a peak brightness of 2,600 nits.

All four displays mentioned here are up to the task. Granted, there are better panels out there on foldables, in some ways, but these are excellent, actually. All of them are vivid, have good viewing angles, and are more than sharp enough. High refresh rates are also where they should be, and so on. The only complaint that you may have is the brightness, even though all four panels are more than bright enough. They’re not as bright as the OnePlus Open displays, for example, but still, chances are you won’t have any complaints. The touch response is also very good on all of them. Just note that the Pixel Fold crease is more noticeable than the one on the Xiaomi MIX Fold 3.

Google Pixel Fold vs Xiaomi MIX Fold 3: Performance

The Google Tensor G2 SoC fuels Google’s first-ever foldable, the Pixel Fold. That is no longer the latest and greatest chip from the company, but it was at the time. The Xiaomi MIX Fold 3, on the other hand, is fueled by the Snapdragon 8 Gen 2 SoC. Qualcomm has a new flagship chip now, but the Snapdragon 8 Gen 2 is plenty powerful still. It’s worth noting that the Pixel Fold has LPDDR5 RAM and UFS 3.1 flash storage, while the Xiaomi MIX Fold 3 includes LPDDR5X RAM and UFS 4.0 flash storage.

Based on the performance-related specs alone, the Xiaomi MIX Fold 3 does have the edge. And yes, the phone does open apps a bit faster and all that, but both smartphones are plenty fast in general usage. Neither is laggy or anything of the sort. The Xiaomi MIX Fold 3 is more future-proof, though, at least from the spec side of things. As far as gaming is concerned, they both do a good job. High-end games do fit the Xiaomi MIX Fold 3 more, though, and it will perform a bit better in such conditions. The Pixel Fold can hold its own, though, even though the Tensor SoC is not made for gaming. Google’s foldable also gets a bit warmer in such scenarios.

Google Pixel Fold vs Xiaomi MIX Fold 3: Battery

The Google Pixel Fold has a 4,821mAh battery on the inside, while Xiaomi’s handset includes a 4,800mAh battery. Do note that the Pixel Fold has smaller displays, both of them, and yet a bigger battery pack. Does that result in better battery life? Well, no, not really, at least that was the case for us. The Google Tensor G2 inside the Pixel Fold is less power efficient than the Snapdragon 8 Gen 2, and that balances things out, kind of.

Getting to over 7 hours of screen-on-time on both of these phones is possible, without a problem. Of course, if you push them too hard, you will hurt battery life. Also, your mileage may vary, of course. You will use a different set of apps, in a different location, in different ways, and so on. Do note that gaming does affect battery life quite a bit, so if you’re a gamer, these numbers likely won’t be the case for you.

What about charging? Well, that’s a clear win for the Xiaomi MIX Fold 3. That device not only supports 67W wired and 50W wireless charging, but it also comes with a charger included in the box. The Google Pixel Fold, on the other hand, supports 21W wired, and 7.5W wireless charging. It does not include a charger in the box, though. Yes, the Xiaomi MIX Fold 3 will charge considerably faster overall. Even wireless charging on the Xiaomi MIX Fold 3 is faster than wired charging on the Pixel Fold, and it’s not even close.

Google Pixel Fold vs Xiaomi MIX Fold 3: Cameras

The Google Pixel Fold includes a 48-megapixel main camera, a 10.8-megapixel ultrawide unit (121-degree FoV), and a 10.8-megapixel telephoto camera (5x optical zoom). The Xiaomi MIX Fold 3, on the other hand, has a 50-megapixel main camera. In addition to that, a 12-megapixel ultrawide unit (120-degree FoV) is included, and a 10-megapixel telephoto camera (5x optical zoom). It’s also worth noting that the Xiaomi MIX Fold 3 has Leica lenses on the back.

Google Pixel Fold AM AH9

The pictures these two smartphones provide are different, but both devices do a good job. The Pixel Fold prefers that contrasty look we’re used to, while the Xiaomi MIX Fold 3 images do look a bit more realistic, but they’re also quite vivid. Well, if you switch to Leica Authentic mode you’ll get that more muted tone with vignetting on the sides. The details that both main cameras provide are great, and both handle HDR situations really well. They even do a great job in low light. The Pixel Fold does tend to brighten up low light scenes a bit more, though.

Their ultrawide and telephoto cameras are good, and do keep a good balance when it comes to colors with the main cameras. However, the step down in quality is noticeable. Also, we did prefer ultrawide and telephoto shots from the Pixel Fold more often than not. Those are not large sensors on either phone, and Google’s camera processing did come into play quite a bit here.

Audio

Both of these smartphones include stereo speakers. Both sets of speakers are very good, though the Xiaomi MIX Fold 3’s speakers are a bit louder. The speakers on both sides are well-balanced, and the sound coming from them is rich enough.

What you will not notice on either of these two phones is a 3.5mm headphone jack. If you’d like to use your wired set of headphones, you’ll need to use a dongle. There is always the option of using the Type-C port, of course. In regards to wireless audio, the Google Pixel Fold offers Bluetooth 5.2, while the Xiaomi MIX Fold 3 supports Bluetooth 5.3.


[ad_2]
Source link

Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach

0
[ad_1]

According to cybersecurity researchers at FortiGuard Labs, the Russian intelligence-linked APT29 group exploited a critical TeamCity vulnerability, which had initially been patched in September 2023.

Polish Military Counterintelligence Service (SKW) has released an advisory revealing that Russian Foreign Intelligence Service (SVR) affiliated threat actors are utilizing JetBrains CVE in global targeting. 

Here, it is worth noting that TeamCity and JetBrains are closely linked, with TeamCity being a continuous integration (CI) server developed and maintained by JetBrains.

As reported by Hackread.com, the vulnerability, which scored 9.8 by CVSS, was patched in September 2023. However, authorities particularly identified the notorious advanced persistent threat group called APT29, aka the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard, to be exploiting CVE-2023-42793.

The threat actor used Scheduled Tasks to execute GraphicalProton payloads, using rundll32 proxy execution as a defence evasion method. They also used legitimate third-party binaries vulnerable to search order hijacking.

“If compromised, access to a TeamCity server would provide malicious actors with access to that software developer’s source code, signing certificates, and the ability to subvert software compilation and deployment processes—access a malicious actor could further use to conduct supply chain operations” the advisory read.

SKW’s findings are supported by the FortiGuard Labs team of researchers. In their latest blog post, FortiGuard reports that APT29 has targeted a US-based biomedical manufacturing organization (the name of which has not been shared with the media or public) and revealed the threat actor’s TTPs. The report discusses the intrusion of this vulnerability found in TeamCity, a Windows server, by APT29.

Researchers noted that on 6 September 2023, Sonar’s cybersecurity experts discovered a critical TeamCity On-Premises vulnerability (tracked as CVE-2023-42793). This vulnerability was assigned a CVSS score of 9.8 due to its ability to be deployed without authentication. CISA added it to its ‘Known Exploited Vulnerabilities Catalog’ on October 4, 2023.

The FortiGuard Incident Response team reports that in October 2023, a US-based biomedical manufacturing organization was compromised due to this vulnerability exploited by APT29. The attack was initially exploited using a custom-built Python script, matching the GraphicalProton malware used by APT29. 

Analysis of application and system logs revealed evidence of successful exploitation, but some threat actors were unsuccessful at running Linux system commands on the victim Windows Server. APT29 likely employed Nuclei to identify potential victims and began executing additional discovery commands to gather system and privilege information.

The US-based tertiary education organization was targeted by APT29 with a C2 IP address discovered by the FortiGuard IR team. They discovered the organization’s infrastructure was compromised and identified an exploitation of their vulnerable TeamCity server. 

The threat actor used the TeamCity exploit to install an SSH certificate, which they used to maintain access to another victim’s environment. The actor downloaded a DLL file, ‘AclNumsInvertHost.dll,’ on the TeamCity host and used the TeamCity RCE vulnerability to create a Windows-scheduled task referencing the DLL file for persistence.

Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach
The screenshot shows the attack timeline of TeamCity intrusion (Credit: Fortinet Labs)

Despite a patch, the attacker persisted on the compromised host, leveraging their GraphicalProton implant. FortiGuard believes this attack was part of a new APT29 campaign. Significant OPSEC considerations included compromised infrastructure, search order hijacking with legitimate DLLs added, quality of masquerading, and single-use infrastructure components.

Researchers recommend containment and eradication actions, including blocking IP addresses, removing TeamCity software accounts, removing Windows accounts, removing backdoors, and removing malicious files dropped by threat actors to stay protected against threats like GraphicalProton.

  1. Russian Midnight Blizzard Hackers Hit MS Teams in Precision Attack
  2. Russian Hackers Employ Telekopye Toolkit in Broad Phishing Attacks
  3. Microsoft warns of rising NOBELIUM credential attacks on defence sector
  4. Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard Group
  5. Russia Hackers Abusing BRc4 Red Team Penetration Tool in Recent Attacks

[ad_2]
Source link

MSI’s Prestige 16 laptop promises intelligent computing with AI

0
[ad_1]

MSI today has announced the latest iteration of the Prestige 16 AI, an AI-driven laptop that promises intelligent computing no matter the task. At the heart of this new AI PC is Intel’s Core Ultra 9 CPU and the chip’s Neural Processing Unit. This single core on the chip is dedicated to enhancing the CPU and GPU experience while also helping to make the laptop more power-efficient.

Power efficiency is also helped by the Intel Core Ultra 9 CPU’s method of splitting up tasks. Which has mundane processes handled by the E-Cores (efficiency cores) and Low-Power E-Cores. In doing this the P-Cores (performance cores) can focus on handling high-performance tasks like gaming and content creation. MSI takes this a step further by implementing what it calls its MSI AI Engine. Using the power of the CPU, this AI software that MSI has created will adjust the settings of the hardware based on the task.

Tasks can fall into different categories including Intelligent Gaming, Intelligent Work, Intelligent Meeting, and Intelligent Entertainment. Think about when you boot up a game. Typically you’d want to ensure cooling and performance hardware are ramped up and ready to provide an optimal experience. MSI AI Engine will seemingly handle gaming by adjusting hardware settings like ramping up fan speed for better cooling and diverting more computing and graphics processing power to the gaming task. While putting everything else in a low-power standby state.

The MSI Prestige 16 is not a gaming laptop, but it can handle gaming just fine

MSI makes a lot of gaming laptops and other gaming hardware. But it makes plenty of hardware that isn’t geared toward gaming too. Such is the case with the Prestige 16 which is designed more for professionals, workflow, or school. In short, a more general computing/ultrabook style of experience. That being said, the Prestige 16 can handle gaming just fine because MSI is using NVIDIA 40-series GPUs.

Configurations start with an RTX 4050 but you can get models with an RTX 4060 and an RTX 4070 as well. And it can come with up to 32GB of RAM. So while there won’t be options for NVIDIA’s most powerful GPUs, the Prestige 16 will be more than capable of playing games. This is good news for anyone wanting a laptop that’s mainly for school or work but also wants to do a little gaming. Worth noting of course is that MSI will offer two different variants of this laptop. The ‘Studio’ model is what comes with NVIDIA GPU options. But MSI will also offer the ‘Evo’ model which uses Intel Arc graphics instead.

Additionally, the laptop will come with a 16-inch display. Resolution will vary between models as well. Both come with a QHD+ panel option but only the more high-end Studio model will offer a UHD+ option. The Prestige 16 will start at $1,399.99 for the AI Evo model and $1,899.99 for the AI Studio model.

MSI’s announcement comes alongside a few other brands that have confirmed laptops powered by Intel’s new chips. Including Acer with its Predator Triton Neo 16, and Lenovo with the IdeaPad Pro 5i.


[ad_2]
Source link

Recently-patched Apache Struts vulnerability used in worldwide attacks

0
[ad_1]

Attackers are exploiting a critical vulnerability in Apache Struts 2 that was patched recently. Struts is a very popular open source platform to develop applications and websites.

On December 7, 2023, Apache announced versions 6.3.0.2 and 2.5.33 of Struts were now available to address a potential security vulnerability listed as CVE-2023-50164.

The vulnerability affects Apache Struts versions:

  • 2.0.0 through 2.5.32
  • 6.0.0 through 6.3.0.1
  • 2.0.0 through 2.3.37 (EOL, no longer supported)

The vulnerability that has a CVSS score of 9.8 out of 10, lies in the frameworks’ file upload functionality and can be exploited to achieve remote code execution (RCE). There is an easy to follow proof-of-concept (PoC) available, which makes it easier for cybercriminals to exploit the vulnerability.

Basically it’s a path traversal flaw that allow attackers to read, and possibly write to, restricted files by inputting path traversal sequences like ../ into file or directory paths. The flaw is caused by parameter confusion, where an attacker can first capitalize a parameter in the request and then submit an additional parameter (in lowercase) that overrides an internal file name variable. That allows an attacker to bypass the built-in check and leave the path traversal payload in the final filename.

This allows a successful attacker to plant a web shell, a malicious script used by an attacker that allows them to escalate and maintain persistent access. In this case, the attacker gets the ability to write a server-side rendered file, such as a JSP (Jakarta Server Pages) file, into a target directory. The JSP payload is executed as soon as the attacker requests the file from the server and the server is compromised. Several international organizations like the Australian Cyber Security Centre (ACSC), the French Computer Emergency Response Team (CERT-FR), and content delivery giant Akamai are warning that they are seeing active exploitation.

Akamai tweet sends Threat alert about CVE-2023-50164

Tweet by Akamai

Because of the relative ease-of-use, we can expect to see a lot more of these attacks.

Update now

Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.5.33 or Struts 6.3.0.2 or greater. There are no workarounds.

According to Apache this is a drop-in replacement and upgrade should be straightforward. The new versions can be found on the Struts download page.

Besides updating, additional measures may include:

  • Sanitization checks on uploaded file data.
  • Limit server application permissions to allowed directories.
  • Track which applications in use within your environments are using Struts frameworks.
  • On internet facing Java systems monitor for newly created files outside directories where they are expected.
  • Continue to monitor the situation and respond to new information as it comes to light.

We don’t just report on vulnerabilities—we identify them, and prioritize action.

Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using ThreatDown Vulnerability and Patch Management.


[ad_2]
Source link

Google could be working on an AI assistant for the Pixel 9

0
[ad_1]

Right now, the Pixel 8 Pro enjoys some heightened AI capabilities thanks to Gemini. That’s great for folks using this phone, but Google is already planning on the AI chops for its next flagship phone, the Pixel 9 series. According to a new report, the Pixel 9 will have its own exclusive AI assistant called Pixie.

Billions of Android phones around the world have access to the all-powerful Google Assistant. It’s been able to establish itself as the king of voice assistants. The company announced Assistant With Bard (AWB) back in October, so it’s only going to get smarter as time goes on. As you can imagine, AWB will be the Google Assistant powered up with the Bard chatbot. We’re still waiting for information on that feature to come as Google pushes further into this AI world.

Google is working on the Pixie assistant for the Pixel 9

Obviously, you’ll want to take this news cautiously. We’re talking about something that, if true, won’t hit the market for almost a year. We’re dealing with early information, so anything could change at any moment.

Sources say that Google is working on an AI assistant that will be exclusive to Pixel devices. From how it sounds, it seems that this will be separate from AWB. This powerful AI assistant is expected to be called Pixie. Aside from having an adorable name, Pixie is expected to have some powerful AI prowess. It may be able to integrate with apps like Gmail, Google Maps, and other apps, but we don’t know how. We can expect that it will have deep integration. Don’t be surprised if you’ll be able to tell it to draft emails or other messages for you.

As for the availability, we don’t know what Pixel devices will be able to have Pixie. We’re not sure if Google is going to make it exclusive to the Pixel 9 phones or distribute it down to the current and recent Pixel devices on the market.

The report also states that Google could possibly develop a pair of AI glasses that will utilize Pixie. Now, we don’t know anything about these glasses, but it seems that the company is referring to them only as an “internal discussion”. So, there might not be any solid plans to develop these glasses.

With the information we have, it looks like the classes will have a camera to scan the world and give you real-time feedback based on what they see. This could be Google Lens on steroids (and on your face.)

Since this is all still early information, we’ll need to wait for more details to know what’s going to happen.


[ad_2]
Source link

Apple to introduce new feature that makes life harder for iPhone thieves

0
[ad_1]

Reportedly, Apple has plans to make it harder for iPhone thieves to steal your personal information even if they have your device’s passcode.

A new feature called Stolen Device Protection is included in the bet version of iOS 17.3. The feature limits access to your private information in case someone gets hold of both your iPhone and your passcode.

Thieves sometimes lurk in public places like bars on the lookout for iPhone owners typing in their passcode. Once they know the passcode, they steal the device and gain access.

With the passcode, a thief can perform a lot of actions that have financial consequences and some that make it harder to retrieve the device:

  • View and use passwords or passkeys saved in the iCloud Keychain
  • Apply for a new Apple Card
  • Turn off Lost Mode
  • Erase all content and settings
  • Take certain Apple Cash and Savings actions in Wallet
  • Use payment methods saved in Safari
  • Use your iPhone to set up a new device
  • Change your Apple ID password
  • Update select Apple ID account security settings, including adding or removing a trusted device, trusted phone number, Recovery Key, or Recovery Contact
  • Change your iPhone passcode
  • Add or remove Face ID or Touch ID
  • Turn off “Find My”

However, when users turn on Stolen Device Protection, Face ID or Touch ID authentication is required for all of the above actions and also to turn off Stolen Device Protection.

Apple said it will share additional information about Stolen Device Protection soon, to clarify how the feature works.


We don’t just report on iOS security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your iOS devices by downloading Malwarebytes for iOS today.


[ad_2]
Source link

New GambleForce Hacker Gang Hacks Targets with Open Source Tools

0
[ad_1]

Cybersecurity researchers at Singapore-based Group-IB have unmasked EagleStrike, a subgroup of the GambleForce hacker group. They are opportunistic hackers exploiting simple vulnerabilities.

In September 2023, Group-IB’s Threat Intelligence unit discovered a command and control server hosting publicly available open-source pentesting tools, none being custom-made, designed for SQL injections.

The attacker was identified as “GambleForce,” who had targeted 24 organizations in government, gambling, retail, travel, and job-seeking sectors across 8 countries between September and December 2023, successfully compromising 6 websites in Australia, Indonesia, the Philippines, and South Korea. The group has also targeted websites in China, India, and Thailand.

New Hacker Group GambleForce Hacks Targets with Open Source Tools

The group uses basic yet effective techniques like SQL injections. It exploits vulnerable website content management systems (CMS) to extract user databases containing logins, hashed passwords, and tables from accessible databases.

GambleForce is not selective in its targets but collects hashed and plain text credentials. This suggests a broader motive beyond targeted attacks, possibly amassing data for future exploits or selling on the dark web.

The threat actors aim to exfiltrate any available information within targeted databases, such as hashed and plain text user credentials. The group’s actions with the stolen data remain unknown.

In an attack targeting Brazil, GambleForce exploited CVE-2023-23752, a vulnerability in the Joomla CMS, and snatched data directly from contact form submissions, showcasing their adaptability and willingness to improvise.

Further probing revealed that GambleForce uses open-source tools like dirsearch, redis-rogue-getshell, and Tinyproxy for directory brute-forcing, web traffic intercepting, and SQL injections to exploit vulnerabilities in database servers. Their preferred tool is sqlmap, a pentesting tool that exploits SQL injection vulnerabilities. 

Researchers also found Cobalt Strike, a popular pen-testing framework, on their server, showcasing commands in Chinese. It is worth noting that recently Chinese scammers have wreaked havoc by creating cloned versions of legitimate websites and redirecting visitors to gambling sites. 

In November 2023, Hackread.com reported about the activities of Chinese hackers in which MindaNews, a Philippine newspaper, discovered a Chinese clone of its website (mmart-inn.com) that has been illegally replicating the newspaper’s content for two years, with the most recent translation being from February 2023.

In its blog post, Group-IB’s Threat Intelligence wrote that its researchers shared the recent findings with its 24/7 Computer Emergency Response Team (CERT-GIB), which took down the cybercriminals’ C2 server. GambleForce is likely to regroup/rebuild its infrastructure before launching new attacks.

Nevertheless, the case goes on to show that even the most basic security gaps can have significant consequences, underscoring the need for a layered defence strategy that prioritizes patching known vulnerabilities and implementing vital security controls.

  1. Domain Squatting and Brand Hijacking: A Silent Threat
  2. Chinese APT Posing as Cloud Services to Spy on Cambodia
  3. Chinese APT spying on Vietnam military with FoundCore RAT
  4. Hackers attack Casino’s fish tank thermometer to obtain data
  5. ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store

[ad_2]
Source link

Samsung to keep Galaxy S24 prices unchanged from S23

0
[ad_1]

Samsung is gearing up to launch the Galaxy S24 series in about a month. Rumors say the new flagships will debut on January 17, 2024. Leaks have already revealed detailed specifications, features, and design of the devices. While there aren’t many hardware upgrades to look forward to, the firm has invested big in software, particularly in on-device AI features. If a new rumor is accurate, these improvements won’t add to the prices of the phones.

Galaxy S24 phones tipped to cost the same as Samsung’s 2023 flagships

According to a new report from the Korean publication hankyung.com, Samsung doesn’t plan to raise the prices of the Galaxy S24, Galaxy S24+, and Galaxy S24 Ultra over their respective predecessors. The company reportedly expects the unchanged price to help boost sales as the global smartphone market recovers from a slowdown. It is aiming to sell at least 35 million units of the new flagships by the end of 2024, 4-5 million more than the Galaxy S23.

If the report is correct, Samsung’s 2024 flagship trio will debut with a starting price of $799, $999, and $1,199, respectively. This is aggressive pricing when you consider the new AI features. Leaks have revealed that the company has baked AI into the system software for almost every function. From live translation and transcription of calls and audio recordings to AI wallpapers and lockscreen effects, there are a lot of new tools to explore.

Samsung believes the Galaxy S24 will redefine the smartphone with its unprecedented on-device AI capabilities. It sees the new flagships as the “best AI phones” yet. Unchanged pricing will certainly increase the chances of success for the devices. That is if the prices remain the same in all major markets and not just in South Korea. The Galaxy S23 series saw a price increase by up to KRW 200,000 (approx. $154) in Korea but not in the US and some other markets.

A dual-chip strategy helped Samsung lower the manufacturing cost

The new report confirms the rumors that Samsung will ship the Galaxy S24 phones with two different chips. The base model and the Galaxy S24+ will feature the Exynos 2400 SoC in most parts of the world and the Snapdragon 8 Gen 3 in the US. The Ultra model, on the other hand, will be powered by the Snapdragon chip everywhere. Samsung used the Snapdragon 8 Gen 2 for the Galaxy S23 series globally.

This dual-chip strategy for the new flagships helped the Korean firm lower the average manufacturing cost—its in-house Exynos chips cost less than the Snapdragon. Effectively, it could keep the prices unchanged despite all the new features and upgrades brought by the Galaxy S24 lineup. Time will tell whether Samsung will reap the benefits of this aggressive pricing. Just over a month to go now for the official launch.


[ad_2]
Source link

Acer’s latest gaming laptop is powered by Intel’s Core Ultra CPUs

0
[ad_1]

This morning Intel announced the next generation of its CPU offerings, Intel Core Ultra, and Acer is among some of the first brands to introduce laptops featuring these new chips with its announcement of the Predator Triton Neo 16. This is Acer’s latest gaming laptop and it’s poised to be one of the company’s best laptops in a while. That’s not to say it’ll have better raw performance than everything else Acer currently sells.

It’s simply been set up to deliver a great experience. And a core reason (no pun intended) for that is the Intel Core Ultra CPUs inside. These new chips are designed to deliver better power efficiency and performance. Intel says that performance-wise, the Core Ultra CPUs have 2x the performance per watt compared to 13th Gen Intel Core i CPUs. All while being more efficient with the power. The chips are also designed with a new fabrication using Intel’s 4 process technology and they offload more mundane tasks to the efficiency and low-power efficiency cores to improve battery life. In the end, Intel says this can “stretch the battery life by hours.”

In short, The Predator Triton Neo 16 should last longer on the battery even while gaming. How much longer is unclear since we haven’t tested one. But any improvement to battery life while gaming without the charger is a welcomed improvement.

Acer’s Predator Triton Neo 16 is built to perform

The Intel Core Ultra CPUs are just the beginning for this laptop. On the GPU side, Acer is outfitting the Predator Triton Neo 16 with up to an NVIDIA GeForce RTX 4070 GPU. That means DLSS 3.5 support for things like advanced ray tracing. All while the Core Ultra CPU’s Neural Processing Unit feeds in AI-enhanced visuals.

The Predator Triton Neo 16 can also come with up to 32GB of RAM and up to 2TB of internal SSD storage. Combine that with the 165Hz refresh rate display with a 3.2K resolution and you have a beast of a laptop. Naturally, there are other factors to take into account. For instance, the laptop has all these powerful components but if they’re to perform optimally, the laptop will need to stay cool.

Acer is tackling this issue with its new cooling system. The makeup includes liquid metal thermal grease on the CPU and vector heat pipes for airflow. There’s also Acer’s 5th Generation AeroBlade 3D fan to assist. All-in-all the laptop will hopefully stay relatively cool even under heavier loads.

The laptop will go on sale in March starting at $1,499

I’ve always been a fan of Acer’s gaming laptops but the company has really been bringing its A-game lately. If you’re like me and you enjoy what Acer’s been putting out, you’ll be able to grab the Predator Triton Neo 16 starting in March 2024. The laptop will have a starting price of $1,499.99. With the price going up from there depending on the configuration options you choose.

Acer appears to have stuck with a design similar to its Predator Triton 14 SE. Featuring a slim profile with a very subtle look that doesn’t go too hard on the gaming aesthetic. It does still have RBG backlighting for the keys though so don’t worry. You can check out some real-life shots of the laptop courtesy of Tom’s Hardware.

In addition to Acer, Samsung has announced its Galaxy Book 4 powered by Intel’s new chips. And Lenovo has a new IdeaPad coming with them as well.


[ad_2]
Source link

ALPHV ransomware gang returns, sorta

0
[ad_1]

The ALPHV ransomware gang, arguably the second most dangerous “big game” ransomware operator, appears to be back in business after its infrastructure went down for five days. But all does not appear to be going well for group.

ALPHV’s dark web leak site may be back but it is only showing a single victim with no sign of any of the hundreds of others it normally lists. The solitary listing on the site is dated December 13, which is after the site was restored.

Many of the group’s negotiation links are reportedly not working either, meaning that victims looking to pay off the gang are stuck in limbo, and its likely that neither the ALPHV group, nor the affiliates who use its ransomware to carry out attacks, are being paid.

The ALPHV leak site currently lists a single victim
The ALPHV leak site currently lists a single victimcreenshot

When the gang’s infrastructure went down a week ago, many suspected the hand of law enforcement, despite no official word on the subject. According to VX Underground, APLHV’s own explanation is that it suffered a hardware failure. If the group really has lost access to the data its business relies on, then it’s now getting a first hand look at what its victims go through when they’re attacked and their data is encrypted.

ALPHV wouldn’t be the first ransomware gang to suffer problems behind the scenes. Earlier this year, Analyst1 reported that LockBit, the 800-lb gorilla in the ransomware space “cannot consistently publish stolen data … due to limitations in its backend infrastructure and available bandwidth.”

However, while it’s perfectly plausible that ALPHV is suffering hardware woes, law enforcement action can’t be ruled out. ALPHV would likely lose affiliates if it admitted to a brush with the law, so the ransomware gang is likely going to attribute the outage to something benign—whether that is true or not. Equally, the silence from the FBI could mean everything and nothing. In January, the agency took down one of ALPHV’s contemporaries, Hive, and revealed it had penetrated the group’s infrastructure six months prior:

Since late July 2022, the FBI has penetrated Hive’s computer networks, captured its decryption keys, and offered them to victims worldwide, preventing victims from having to pay $130 million in ransom demanded. Since infiltrating Hive’s network in July 2022, the FBI has provided over 300 decryption keys to Hive victims who were under attack. In addition, the FBI distributed over 1,000 additional decryption keys to previous Hive victims.

There were infiltration rumors about LockBit later in the year too, after it went inexplicably dark for two weeks. Analyst1’s undercover investigator revealed they had “received another message from a third party who indicated they may have hacked the gang’s infrastructure … I believe the gang went dark to clean up the intrusion into its infrastructure.”

Analyst1 didn’t say whether the third party that claimed to have hacked LockBit was a law enforcement agency, a criminal hacker, or another ransomware gang, but all are possible—there is no honor among thieves.

ALPHV would certainly be of great interest to both law enforcement and its rivals. Over the last 18 months it has been the second most dangerous ransomware group in the world, listing more victims on its leak site than every other group apart from LockBit.

The five most active ransomware groups by known attacks over the last 18 months.
The five most active ransomware groups by known attacks over the last 18 months.

The number of known monthly attacks by the group has increased steadily over the last 18 months, too.

Known ransomware attacks per month by ALPHV
Known ransomware attacks per month by ALPHV

Even if another ransomware gang isn’t behind ALPHV’s woes, one of them is certainly looking to profit from it.

Bleeping Computer reports that LockBit has been attempting to recruit affiliates from ALPHV. The gang is reportedly offering the use of its data leak site and negotiation panel to ALPHV affiliates so they can resume negotiations with victims that have been disrupted. At least one victim previously listed on the ALPHV site is now listed on the LockBit site.

Whether ALPHV’s troubles are caused by tight-lipped law enforcement, an ironic lack of disaster recovery planning, or some other sleight of hand, any disruption to the ransomware ecosystem is a welcome early Christmas present in our book.

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs.
  • Prevent intrusions. Stop threats early before they can even infiltrate or infect your endpoints. Use endpoint security software that can prevent exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like ThreatDown EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.


[ad_2]
Source link