Galaxy S24 leak confirms satellite connectivity for emergency texts

0
[ad_1]

Samsung‘s Galaxy S24 series will feature satellite connectivity, a new leak has confirmed. It will allow you to send emergency texts when you are out of range or not connected to a mobile network. The feature seemingly doesn’t offer two-way communication.

Samsung brings satellite connectivity to the Galaxy S24 flagships

A screenshot shared by SamMobile shows what appears to be the settings page from a Galaxy device running One UI 6.1, which will debut with the Galaxy S24 lineup. The page lists the features that can be helpful during an emergency. It teaches you how to quickly initiate an emergency call (by repeatedly pressing the power button five times) and has spaces to record your emergency contacts and medical info.

However, there is a new feature here. Called “Emergency texts via satellite,” it lets you reach out to emergency services through text message even if your phone isn’t connected to a mobile network. The message is sent via satellite. The device comes with the necessary hardware equipment to facilitate a satellite connection for sending messages when there is no mobile network available.

A similar feature is already available on the latest iPhones and Huawei’s flagship models. So this isn’t a groundbreaking innovation from Samsung. However, it is an important feature to have on smartphones today. There are already several reports of satellite SOS saving the lives of people stranded in the wild. The emergency messages include your GPS location so response teams can track you down and rescue you.

Samsung Galaxy S24 satellite connectivity emergency text leak

Samsung has already developed a two-way satellite communication system

Samsung has been working on satellite connectivity for Galaxy smartphones since at least last year. The Galaxy S23 series was expected to debut the technology but not to be. The company’s mobile chief said it wants to develop a more robust solution that can transmit text messages, high-resolution photos, and videos over satellite in both directions, i.e. send and receive.

Shortly after the Galaxy S23 launch in February this year, Samsung announced its 5G NTN (non-terrestrial networks) modem technology that offers a two-way satellite communication system. Along with text messages, it also facilitates the sending and receiving of photos and videos between two compatible devices via satellite. It is unclear whether Galaxy S24 phones boast this solution.

The leaked screenshot suggests satellite connectivity is limited to emergency rescue requests, though there could be more to the story. Thankfully, it won’t be a long wait now. Samsung plans to unveil the Galaxy S24 series in mid-January, 2024, possibly on January 17. It should talk about the satellite connectivity features of the phones during the launch event, so stay tuned.


[ad_2]
Source link

The FTC to investigate Microsoft’s OpenAI investment

0
[ad_1]

After Microsoft seized the opportunity to invest $13 billion into the ChatGPT parent company OpenAI, alarm bells rang for Google and other tech firms. It was first believed that Microsoft’s ownership of OpenAI could give the Redmond firm a substantial competitive advantage over competitors. Now that the initial excitement around ChatGPT has settled, regulators are prompted to investigate Microsoft’s investment in OpenAI.

As Engadget (via Bloomberg) reports, the Federal Trade Commission (FTC) is investigating Microsoft’s $13 billion in OpenAI. The FTC wants to see if the deal has violated US antitrust laws. The agency is worried that Microsoft might use OpenAI’s tech to expand its dominance in the market and abuse competition.

While the FTC hasn’t yet launched an official probe into the deal, the FTC Chair Lina Khan and Microsoft are reportedly analyzing the situation and evaluating the available options. The FTC investigation is complicated because OpenAI is registered as a non-profit entity. And the law doesn’t require transactions made by such entities to be reported.

Another obstacle in the FTC probe is that according to the laws, Microsoft is not fully in charge of OpenAI, despite its $13 billion investment in the AI startup. However, the recent OpenAI controversy that resulted in the ousting of Sam Altman as CEO and then Microsoft’s interference in bringing Altman back to his position might be a trump card for FTC to trap Microsoft.

UK regulator is also investigating the Microsoft-OpenAI deal

According to Reuters, the Microsoft and OpenAI deal also caught the eyes of the UK’s Competition and Markets Authority (CMA). The agency announced on Friday that it’s looking into the deal to check whether it harms competition. “There have recently been a number of developments in the governance of OpenAI, some of which involved Microsoft,” CMA noted.

Following OpenAI’s internal battle, Microsoft was given a non-voting observer position. This means Microsoft representatives can attend to OpenAI deals and access information. However, they can’t vote on the company’s matters. While Microsoft’s role in OpenAI seems undeniable, a company’s spokesperson said they do not “own any portion” of OpenAI and just benefit from the profits.

Microsoft already had a face-off with the FTC and the UK’s CMA over the $69 billion acquisition of Activision Blizzard. The three parties finally reached an agreement, and Microsoft completed acquiring the game maker. It remains to be seen how the new encounter will end.


[ad_2]
Source link

New Sophisticated Phishing Attacks on the Rise

0
[ad_1]

Phishing, a persistent cyberthreat, has evolved with the times. Once a symbol of convenience, QR codes are now being weaponized by attackers through Quishing. 

This alarming trend demands attention, as it exposes both individuals and organizations to significant risks.

Interpol’s takedown of 16 shops, a notorious phishing platform, marked a significant victory. However, the availability of “phishing-as-a-service” platforms makes launching attacks easier than ever. 

This, combined with the increasing popularity of QR codes, creates a perfect storm for widespread phishing attacks.

Figure 1: Quishing Kill Chain

Trellix has conducted research that provides valuable insights into the magnitude of the threat in question.

They detected over 60,000 quishing samples in just one quarter, targeting users through various tactics like postal phishing, spear phishing, and malware delivery.

To understand how quishing works, let’s delve into the “Quishing Kill Chain”:

  1. Attackers distribute malicious QR codes: These codes can be found in emails, websites, flyers, or even physical locations.
  2. Unsuspecting victims scan the codes: This action redirects them to malicious websites designed to steal credentials, install malware, or infiltrate devices.
  3. Attackers achieve their malicious goals: This could involve stealing sensitive data, compromising systems, or launching further attacks.

The resurgence of QR codes has paved the way for quishing to flourish. 

Attackers exploit the trust we have in these codes and our inherent tendency to act quickly when faced with urgency. 

This makes individuals and organizations alike vulnerable to sophisticated phishing tactics.

Trellix’s research reveals insightful details about recent quishing campaigns:

  • Postal quishing: Emails impersonating FedEx and DHL lure users with delivery concerns, directing them to fake login pages.
  • Spear quishing: HR, payroll, and IT impersonation are used to trick employees into revealing sensitive information.
  • File-share quishing: SharePoint, DocuSign, and OneDrive deliver phishing URLs or malware disguised as legitimate documents.
  • Crypto wallet quishing: Coinbase and Binance are impersonated to steal crypto wallet phrases and private keys.

To prevent falling victim to quishing, here are some essential tips:

  • Be wary of unexpected QR codes: Don’t scan any code you come across without verifying its legitimacy.
  • Analyze the source: Is the QR code included in a legitimate email, website, or location?
  • Never enter sensitive information: Don’t log in to accounts or provide personal details after scanning a QR code.
  • Use security solutions: Invest in reliable email security and anti-malware software to protect your devices.
  • Stay informed: Keep yourself updated about the latest phishing tactics and educate others about quishing.

[ad_2]
Source link

WhatsApp brings pinned messages for those special announcements

0
[ad_1]

Attention everyone! There’s going to be a pizza party in the lounge!” That’s the kind of message you don’t want to get swept away in a busy chat group. People often discuss important matters or send large files through WhatsApp. Some messages are just too important to be swept away. Because of this, WhatsApp is bringing pinned messages to the platform.

Right now, this feature is rolling out to the masses, so there’s a chance that you won’t see it right away. One thing you want to do is make sure that your app is fully updated. Go to your respective app store and see if there’s an update available. You can also check the “last updated” date. If you don’t have the feature, then you might want to wait a day or two.

WhatsApp adds pinned messages

Again, you DO NOT want to miss a message about a pizza party… or other important business matters. In all honesty, there are those crucial announcements that executives need to communicate to their workers. It’s frustrating when people don’t read those messages because they’re washed away by the chat.

This is why it’s great that WhatsApp brought pinned messages. With this feature, you’ll be able to take a message and paste it to the top of a group chat. It will remain visible no matter what other messages flood in.

The feature is rather convenient, and it’s customizable to a degree. First off, you can pin any kind of message. So, it doesn’t matter if it’s a bit of media, a poll, or a regular message. One thing to note is that there’s no option to keep the messages pinned indefinitely. The longest that a message can be pinned is 30 days. There are also options for 24 hours and 7 days.

Another neat thing about this feature is that admins can pin messages that are only visible to other admins. This is useful if the admins need to discuss sensitive matters or if their priorities are separate from the other members’.

The way to pin a message will differ depending on the operating system you’re using. If you’re using Android, hold your finger down on the message you want to pin. After that, tap on the thumb tack icon. If you’re on iOS, simply swipe right on the message and tap on the Pin button.


[ad_2]
Source link

Snapchat+ now lets users generate and share AI-generated images

0
[ad_1]

Snapchat is advancing its AI game. Snapchat Plus subscribers can now leverage AI to generate images with the help of prompts and share them with friends. To utilize this feature, subscribers can simply tap the AI button located on the toolbar on the right side of the camera interface. This action opens a window where users can input a text prompt or select from pre-made options such as “a dog dancing in the space” or “a busy cat in suit.” At the time of writing, it is a Snapchat+ exclusive, available to users at $3.99 per month.

Snapchat gears up the AI game, enables the generating and editing of images

Snapchat users already know the power of generative AI. The app’s My AI suite already offers features like a free ChatGPT chatbot and AI-generated Dreams selfies and Bitmoji backgrounds. Now, with the latest update, Snapchat+ subscribers can take it even further by extending images with a simple click, suggests The Verge. This zoom-out feature makes the app even more practical. For example, if you have a close-up photo of your pet but want to capture more of the scene, just click the crop button and then the Extend button at the bottom.

Additional features include letting users generate fantastical portraits with friends! Just pick a friend on the Dreams page, click Done, and share the generated portrait featuring you both. Snapchat+ subscribers receive one pack of eight Dreams selfies monthly, while non-subscribers get a free trial pack. Additional packs are available for all users at $0.99 each.

In related news, Snapchat’s aggressive investment in AI seems to be paying dividends now. The company noted a surge in its subscriber base from 5 million in September to a whopping 7 million today. The company’s boss Evan Spiegel has set ten million subscribers as the company’s “medium-term goal”, reported TIME (via Engadget) and the company is getting closer to it.


[ad_2]
Source link

Meta will battle misinformation by fact-checking content on Threads

0
[ad_1]

Meta’s freshest addition, Threads, was released earlier this summer, and now it’s gearing up for a European launch. This social media app, born as a response to Elon Musk’s X, is consistently rolling out updates and features. One such addition is “Tags,” aiming to simplify how users categorize and discover content. But the latest move from Threads is an effort to step up content moderation on the platform.As per Engadged reports, Adam Mosseri, the head of Instagram, shared that the company is developing a fact-checking program. While the details of the program are yet to be laid out, Mosseri mentions that Threads will “match fact-check ratings from Facebook or Instagram to Threads.”

Presently, Threads doesn’t allow fact-checkers to rate content directly. Instead, when something is flagged as false on Instagram or Facebook, those fact-checker ratings will spill over onto Threads. Mosseri’s vision is for fact-checking partners to have the ability to review and rate misinformation within the app.

This fact-checking program is anticipated to roll out early next year. Meta explains that third-party fact-checking partners will identify and review content circulating on Threads. Users will have the autonomy to adjust the default level of “demotions on fact-checked content” in their feeds—increasing, lowering, or maintaining it. If a user decides to see less sensitive content on Instagram, these preferences will carry over to their Threads view.

Social media platforms are under pressure to fortify their defenses against the spread of misinformation. The introduction of a fact-checking system aligns with recent moves by Meta, such as blocking certain words “previously linked” to misinformation on the platform when introducing a search tool.

While offering a fact-checking feature is a notable move, it doesn’t necessarily mean Threads is gunning to be the new hub for digital news. Elon Musk’s X, on the other hand, has set its sights on that goal, marking a year since Elon Musk ascended the Twitter throne.


[ad_2]
Source link

Sophos Firewall Code Injection Flaw: Let Attackers Execute Code

0
[ad_1]

A critical security flaw has been discovered in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely.

The vulnerability enables attackers to inject harmful code into the software, which if exploited, can result in a complete takeover of the system and data theft.

The Sophos updated their firewalls to a new version in order to detect new exploit attempts against the older version. This RCE vulnerability has a score of Critical (9.8).

Sophos said that “vulnerable devices are running end-of-life (EOL) firmware. We immediately developed a patch for certain EOL firmware versions, which was automatically applied to the 99% of affected organizations that have “accept hotfix” turned on”.

Sophos Firewall v19.0 MR1 (19.0.1) and older, which was released in 2022, has become outdated. As a result, the firmware on every vulnerable device has reached its end-of-life (EOL).

This means that these devices will no longer receive updates or support, leaving them open to potential security risks and vulnerabilities.

It is important to note that attackers have been on the lookout for firmware and end-of-life (EOL) devices from various technology vendors.

This particular vulnerability has been exploited with the purpose of targeting a specific group of companies, mostly located in South Asia, as reported by Sophos.

Web admin Portals

It is crucial for organizations to take steps to ensure the security of their User Portal and Web admin, by preventing their exposure to the Wide Area Network (WAN).

For remote access and management, it is advisable to utilize either VPN or Sophos Central (which is the recommended choice). To adhere to device access best practices, it is recommended by Sophos to disable WAN access to the User Portal and Webadmin.

The hotfix installation is automatically enabled by default. Follow these steps to confirm this setting:

  • Go to Backup & firmware > Firmware > Hotfix.
  • Turn on Allow automatic installation of hotfixes.
  • Click Apply.

If hotfixes are enabled, but you are not getting them, check the connectivity requirements for the Up2Date component on Sophos Firewall: Default services.

To verify the hotfix
To verify the hotfix

It is crucial for organizations to stay vigilant and take necessary measures to protect their systems and data from potential attacks.


[ad_2]
Source link

Fact-checking is coming to Threads app next year

0
[ad_1]

Meta’s Threads social media network will arrive to the EU tomorrow. That much has been confirmed. As we’re waiting for that to happen, the Head of Instagram just confirmed something very interesting. Fact-checking is coming to Threads next year.

Fact-checking is coming to Threads next year, the company’s Head just confirmed

The company wants to moderate user-generated content on Threads, for a good reason. He said that Threads currently “match fact-check ratings from Facebook or Instagram to Threads”, but that’s not good enough.

Adam Mosseri said that Threads’ goal is “for fact-checking partners to have the ability to review and rate misinformation on the app”. He promised to share more information in the near future.

Adam Mosseri did not give us an expected time of arrival for the feature, though. He simply said next year, so… who knows. Perhaps we’ll get an ETA soon, when the company shares more information about the project.

Threads launched back in July, and grew immensely

Having said that, since the original launch back in July, Threads managed to attract plenty of users. In only 7 hours 10 million people started using the platform, which doubles after 12 hours. In October, it was announced that almost 100 million users are using the platform.

Needless to say, Threads grew pretty quickly, and Elon Musk’s X controversy definitely had something to do with that. At the time of launch, Twitter/X was a particularly hot topic.

Now, getting all those users is one thing, keeping them is something entirely different. Meta is doing everything it can to do that, however, as new features keep on coming. The company recently rolled out ‘tags’ to Threads, its own version of hashtags.

The EU launch will take place tomorrow

Threads did not launch in the EU from the get-go, as already mentioned. Regulatory problems are the reason why, but that will change tomorrow. Chances are that Threads’ usage numbers will grow quite a bit following the EU launch, though it would probably have more of an effect if it happened back in July.


[ad_2]
Source link

Google updates Location History, adds new controls to Maps

0
[ad_1]
Google has just announced plans to introduce new controls to its Maps app, as well as a couple of helpful features for Location History. Many of these upcoming features are meant to provide users with more control over managing location data.

Currently, Maps users with Location History enabled on their devices have their Timeline saved on Google servers, but that’s about to change. Google announced that in order to give users more control over their data, their Timelines will be saved right on their device.

The new change comes with all the benefits that Maps users currently have, including the ability to delete all or part of their information at any time or disable the setting completely.

In addition to saving Timeline on devices, users who turn on Location History for the first time will have the auto-delete control set to three months by default. Previously, this option was set to 18 months, which was a very long time without deleting what many people consider very sensitive data.

The new changes to Location History will be rolled out gradually through the next year on Android and iOS. More importantly, you’ll be notified when this update is available for you.

As far as Maps goes, Google announced that you’ll soon be able to see all your recent activity on the app related to a certain location in one place. It will allow you to delete your searches, directions, visits, and shares very easily. This feature will be rolling out on Android and iOS in the coming weeks.

Finally, Google is adding new blue dot controls to Maps, which will allow users to see whether their Location History or Timeline settings are turned on and if they’ve given Maps access to their device’s location. Just like the previous feature, this one will be rolled out in the coming weeks on Android and iOS.

[ad_2]
Source link

34 Vulnerabilities & Critical 0-Day Fixed

0
[ad_1]

Microsoft has released their patches for December 2023 as part of their Patch Tuesday. In this release, they have patched more than 34 vulnerabilities and one zero-day.

Among the 34 vulnerabilities patched, there were 4 Critical severity vulnerabilities and 30 were termed as Important by Microsoft.

There were 5 Spoofing vulnerabilities, 5 Denial of Service vulnerabilities, 6 Information Disclosure vulnerabilities, 8 Remote code execution vulnerabilities, and 10 Elevation of Privilege vulnerabilities.

However, 3 RCEs and 1 Spoofing vulnerability were marked as Critical by Microsoft.

Zero-Day Fixed 

CVE-2023-20588: Division-by-zero error on AMD processors

This was a non-Microsoft vulnerability that existed in AMD processors. Threat actors can exploit this vulnerability and potentially retrieve sensitive data that can be used for malicious purposes. The severity for this vulnerability was given as 5.5 (Medium). 

This vulnerability was known to be reported to AMD in August 2023, but the company only provided mitigation steps instead of patching this. However, Microsoft has acted upon this and released patches to fix this vulnerability.

Critical Vulnerabilities

According to the updates from Microsoft, four of the critical severity vulnerabilities were CVE-2023-35630 (Remote Code Execution), CVE-2023-35628 (Remote Code Execution), CVE-2023-35641 (Remote Code Execution), and CVE-2023-36019 (Spoofing).

The RCEs existed in several Microsoft products, including Microsoft Windows Server (2012, 2008, 2016, 2019, 2022), Windows 10, Windows 11, and others.

The spoofing vulnerability existed in two of Microsoft’s products: Azure Logic Apps and Microsoft Power Platform. 

As for the Remote Code execution vulnerabilities, the other 5 were marked as “Important” by Microsoft. Microsoft has released security patches for all the affected Microsoft Products.

A complete list of patches and vulnerabilities has been released by Microsoft, which provides detailed information about the products that were affected and their patched versions. 

Users of these Microsoft products are recommended to upgrade to the latest versions to prevent threat actors from exploiting these vulnerabilities.


[ad_2]
Source link