Google’s Gemini video was staged, which is kind of a relief

0
[ad_1]

So, Google just launched its multimodal juggernaut named Gemini. It’s the new extremely powerful AI model from the company, and it’s meant to go up against models like GPT-4. As part of all of the launch festivities, we saw a hands-on video showcasing Gemini’s capabilities. Well, Google admitted that its Gemini hands-on video was staged.

So, to catch you up, when Google launched Gemini, it showed a hands-on video where the person was showing off some of Gemini’s abilities. It gave the appearance that Gemini was processing real-time audio and video data. When the person would put an object into the camera, it would ask Gemini questions about what it “sees” and provide answers. We’d hear an AI-generated voice respond.

It’s a great showcase of Gemini’s capabilities… or it would be if it were REAL.

Google admits that its Gemini hands-on video was staged

A Bloomberg opinion piece spilled this bit of tea. It states that Google revealed that the video wasn’t 100% real. The real-time vocal interactions between the presenter and Gemini weren’t there. That was all through the magic of video editing. Also, the interactions were sped up in post, which made it seem faster than it actually is.

But, while the video wasn’t 100% real, we can’t say that it was 100% fake. It’s a showcase of Gemini’s abilities, and we’re still seeing its abilities. Google used “still image frames from the footage, and prompting via text.” So, rather than having a casual conversation with Gemini, the company fed still images into the model and typed what it wanted Gemini to produce. 

In essence, we’re still seeing Gemini’s capabilities; we’re still seeing what it can produce given the input. Google used Hollywood magic to make it seem more powerful than it is. As for the speed of the responses, Google stated in the description that the responses were sped up for brevity.

Is the company wrong for doing this? Who knows? That’s a debate for the YouTube comment section.

The video was staged, and that’s a bit of a relief

Regardless of whether the video was faked, it’s still much more powerful than Bard. The model is smarter with more tokens and parameters, blah blah blah. No matter what happens, businesses will still have tools to speed up production and efficiency. There are also several ways to access Gemini.

However, the video got pretty scary for any creators watching. We literally saw Gemini create a cool tropical song in seconds, something that would take a composer much longer. We also saw it create images in seconds from yarn. Ever since DALL-E finally got good and since ChatGPT hit the market, human creators have been on the verge of being obsolete. The situation isn’t getting any better, and the hands-on video truly made it look like Google finally put the final nail in the coffin for creators.

However, the fact that it was staged, shows that the technology isn’t quite there just yet. Creators have just a bit more time. That’s all we can ask for at this point.


[ad_2]
Source link

Hackers Trick Users With Data Leak Message to Deploy Malware

0
[ad_1]

Researchers discovered the spread of a malicious exe file that targets specific individuals and is disguised as information related to a personal data leak.

The malware functions as a backdoor, executing obfuscated commands in XML format after receiving them from the threat actor.

Because this malware is focused on specific targets, users should avoid opening attachments in emails from unknown senders.

Malicious exe File Disguised as a Word File

According to the AhnLab Security Emergency Response Center (ASEC), an email purporting to be from a cyber investigation team was sent. Furthermore, the infected exe file was pretended to be a Word document.

https://i0.wp.com/asec.ahnlab.com/wp-content/uploads/2023/12/image-31.png?resize=1024%2C619&ssl=1
An email impersonating a cyber investigation team

“When the malicious exe file is executed, the files in the .data section are created into the %Programdata% folder. Out of the created files, all files are obfuscated except for the legitimate doc file”, ASEC said in a report shared with Cyber Security News.

https://i0.wp.com/asec.ahnlab.com/wp-content/uploads/2023/12/image-16.png?resize=1024%2C530&ssl=1
The malicious exe file disguised as a Word file

Except for the legitimate doc file, every file that was generated is obfuscated as given below:

  • Lomd02.png (Malicious jse script)
  • Operator.jse (Malicious jse script)
  • WindowsHotfixUpdate.jse (Malicious jse script)
  • 20231126_9680259278.doc (Legitimate doc file)
  • WindowsHotfixUpdate.ps1 (Malicious PowerShell script)

Researchers said among the newly generated files is a valid document file called ‘20231126_9680259278.doc’. This was most likely included by the threat actor to trick the user into thinking they had opened a legitimate file.

Because the C2 was closed in this case, the malware’s ultimate action was not visible; however, researchers say it functions as a backdoor by receiving obfuscated commands from the threat actor and executing them in XML format.

In this scenario, normal users are unable to detect that their PCs are infected with malware because the bait file is executed concurrently.

Hence, individuals should avoid opening attachments from emails they receive from unidentified sources since these malicious files are meant to target individual people.


[ad_2]
Source link

“Amazon got hacked” messages are a false alarm

0
[ad_1]

Amazon customers have been seeing a message on social media that has caused some alarm.

Most of the posts look like one of these (depending on the social media platform):

“PSA!! Amazon got hacked. For USA based people, check your Amazon account. Hackers added HUB lockers as your default delivery addresses. Remove it! I had 2 added to mine.”

Hub lockers are local secure places for people to pick up their Amazon order rather than risk them being left on a doorstep, so the concern was that someone could buy something on your account and then send it to the Hub locker to be picked up.

Here’s another similar post, this time saying the lockers were actually fake:

“PSA: check your saved addresses on Amazon. Amazon got hacked and a lot of people (including me) have random “Amazon lockers” saved in their addresses – which are not actual lockers. If you do use Amazon lockers, be sure to verify that the locker you’re sending it to is an actual locker.

Double check your order history and make sure there aren’t any orders you don’t recognize. And check your bank accounts to make sure your credit card on file is also not being used for unauthorized purchases. “

It’s not surprising that those messages would raise the alarm amongst Amazon’s customers, but thankfully the security alert is nothing to worry about.

The additional addresses are genuine Hub locations or other pick-up locations and they weren’t put there by hackers. Amazon added them in error.

As an Amazon spokesperson told Snopes:

This isn’t a data security matter and our systems are secure. Amazon pickup locations were added to a small number of customer accounts in error, and we are working to fix the issue. We apologize for any inconvenience this may have caused, and customers with questions about their account are welcome to contact customer service.

Things like this are tricky – on the one hand we are always pleased for people to share security issues and alert others to potential problems. However in this case it appears as though people were forwarding the message without first checking if it was, in fact, a real issue.

And nowadays with social media and instant messaging, rumours like these can spread fast. All it takes is some panic, little research, and a lot of contacts.

If you see a message like this, always do a bit of research before forwarding it on. Sites like Snopes allow you to search for keywords and you’ll find a lot of hoaxes including this one.


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


[ad_2]
Source link

X app for large displays starts rolling out to Pixel Fold & tablet

0
[ad_1]

A tweaked X app for large displays is now rolling out to the Google Pixel Fold and Pixel Tablet. The app has not been completely revamped to fit large displays, but this is definitely better than having no change at all.

The Google Pixel Fold & Pixel Tablet are getting new X app optimized for large displays

Instead of having a really ugly, stretched-out interface with black boxes on the sides, the app now makes use of the full width of the display, without stretching the content. You can see how it looks below.

X app large displays 1

So, you’ll basically be getting the same layout as on smartphones, as far as the main feed is concerned, at least. The bottom bar is now spread out from one side of the screen to the other. The same goes for the top bar too.

Now, the change is rolling out to Google’s devices, but they should technically become available on other, similar devices. So, the OPPO Find N and Find N2 also have more of a horizontal layout when unfolded, so this change is expected to become available for those devices too. That’s just an example.

This change should also be visible on other, similar devices… soon, if not already

That also goes for Android tablets in general, the moment you flip them to landscape mode. We’re not sure when will it be visible on those devices, though. If you do have a non-Pixel Android tablet, do try it when you get the X v10.18.0 app.

That being said, let’s hope X will improve upon this offering moving forward. It would be nice to see a proper tablet app on both foldables and tablets. An app that would adapt nicely to all foldables, not just landscape-oriented ones.

The X app doesn’t exactly look great on the Galaxy Z Fold series, and other foldable devices that have a square-ish screen when unfolded. They simply get a stretched-out version of the regular app.

It would be nice to see a complete revamp of X for large-screen devices. So, let’s hope that is coming at some point down the road.


[ad_2]
Source link

Sony unveils flagship LYTIA mobile camera sensor, the LYT-900

0
[ad_1]

After a rather long period of rumors, the Sony LYT-900 is now official. This is the company’s flagship camera sensor for smartphones. This camera sensor has been mentioned several times thus far.

The Sony LYT-900 camera sensor has been announced, Sony’s most powerful LYTIA offering for mobile devices

This is a 1-inch camera sensor with a 1.6um pixel size. It is allegedly a tweaked version of the Sony IMX989, a 1-inch camera sensor smartphones have been boasting since last year.

Sony shared the news via Weibo, a Chinese social media network. We still don’t have all the tiny details regarding the sensor, but Sony at least shared something.

This camera sensor is supposed to sit above the Sony LYT-808 and LYT-T808. Those two camera sensors have proven to be quite powerful, as they’re represented by the OnePlus 12 and OnePlus Open, respectively. Those are basically the same sensors, but the ‘T’ is tweaked for foldables.

The Sony LYT-900 is not only a huge sensor on its own, but it has huge pixels. Considering this is a LYTIA sensor, it’s almost certainly a dual-stacked sensor, just like the Sony LYT-808 and LYT-T808.

The OPPO Find X7 Pro will probably debut this camera sensor

It will be interesting to see what will this sensor be capable of, as it looks great on paper. The Sony LYT-900 is allegedly set to be featured on the OPPO Find X7 Pro, Vivo X100 Pro+, and the Xiaomi 14 Ultra. Either OPPO or Vivo will debut it, it remains to be seen which device will launch first.

The OPPO Find X7 Pro is expected to arrive in the first quarter of next year, while the Vivo X100 Pro+ has reportedly been delayed, it was supposed to arrive very soon. That device will likely arrive in April or May, based on rumors.

The Xiaomi 14 Ultra is the third device mentioned in regards to this sensor. That handset will likely arrive closer to mid-year next year. Well, at least based on the Xiaomi 13 Ultra launch. The Xiaomi 13 Ultra launched in April this year. It is possible that Xiaomi will move up the launch date in 2024, we’ll see.

Sony LYT 900 announcement


[ad_2]
Source link

MrAnon Stealer Attacking Windows Via Weaponized PDF Files

0
[ad_1]

Phishing emails targeting Windows users were discovered, tricking users into opening a malicious PDF file called “MrAnon Stealer” that spreads malware by using fake booking details.

To obtain the final malware, the PowerShell script is executed by the PDF after it has downloaded a.NET executable file made with PowerGUI.

Credentials, system data, browser sessions, and cryptocurrency extensions were all stolen by Mr. Alan Stealer.

Attack Flow of MrAnon

According to FortiGuard Labs, this malware is a Python-based information stealer that has been compressed with cx-Freeze to avoid detection.

The majority of queries to the downloader URL came from Germany, indicating that the country was the attack’s main target.

November 2023 had a notable increase in the number of inquiries for this URL, suggesting a more vigorous and active marketing during that month.

Attack Flow
Attack Flow

Posing as a company seeking to book hotel rooms, the attacker sends phishing emails with the subject line “December Room Availability Query.” The body includes fake hotel reservation information for the upcoming holidays. 

Phishing Email
Phishing Email

Researchers say a downloader link for the malicious PDF file is concealed in the stream object.

The malicious PDF file
The malicious PDF file

Researchers discovered that the malware employed the PowerShell script editor, which converts PowerShell scripts into Microsoft executable files, by looking through the strings in the class “Loader.”

“The script initiates the loading of a Windows Form and configures its settings, including form, label, and progress bar. Additionally, it defines text within the execution of the subsequent script to mitigate user suspicions”, FortiGuard Labs shared in a report with Cyber Security News.

In this scenario, a window labeled “File Not Supported” appears along with a status message that reads, “Not Run: python.exe.” This misleading presentation aims to trick users into thinking that the malware hasn’t been effectively executed.

“The malware uses PowerGUI and cx-Freeze tools to create a complex process that involves .NET executable files and PowerShell scripts,” researchers said.

MrAnon Stealer’s support channel offers more features, advertises the product, and has a page where users can buy all related tools.

MrAnon Stealer's telegram channel
MrAnon Stealer’s telegram channel

Data and sensitive information are stolen from many applications, compressed, and uploaded to the threat actor’s Telegram channel and a public file-sharing website. As a result, users are cautioned to avoid opening suspicious PDF files and phishing emails.


[ad_2]
Source link

Interpol Busts Human Traffickers Luring Victims with Fake Online Job Ads

0
[ad_1]

The operation covered a range of cyber scam cases, including 40 Malaysian victims lured to Peru for a high-paying job, and several citizens taken to Dubai for employment before being diverted to Thailand and Myanmar.

The Interpol operation targeting human trafficking-fueled fraud, named Operation Storm Makers II, has uncovered that crimes are spreading beyond Southeast Asia. This global initiative is designed to combat human trafficking and migrant smuggling, shedding light on the intricate network of cyber scams. Law enforcement agencies from 27 countries were mobilized for this operation.

Interpol’s efforts have generated significant results, leading to the arrest of 281 individuals involved in a range of offences, including human trafficking, passport forgery, corruption, telecommunications fraud, and sexual exploitation. Additionally, authorities have successfully rescued 149 victims through over 360 investigations, with some still ongoing.

The operation covered a range of cyber scam cases, including 40 Malaysian victims lured to Peru for a high-paying job, and several citizens taken to Dubai for employment before being diverted to Thailand and Myanmar. It involved over 270,000 inspections and police checks at 450 human trafficking global hotspots between 16 and 20 October.

Investigators found that increasing cyber fraud schemes involving fake crypto investments, work-from-home, lottery and online gambling scams are encouraging human trafficking globally. Victims are often trafficked to cyber scam centers, where they are lured through fake job ads and forced to commit online fraud.

It is worth noting that earlier this year, Interpol shut down a notorious phishing-as-a-service platform called 16shop involved in the sale of ‘phishing kits’ to hackers to scam internet users. 

In a press release, Interpol’s assistant director of vulnerable communities, Rosemary Nalubega, stated that the human cost of cyber scams is continually rising and the only productive option to tackle it is concerted global action. Operation Storm Makers II has proven effective in diverting law enforcement’s attention towards cyber scams.

In India, police registered one of their first cases of human trafficking through cyber fraud whereas in Myanmar since 2022, authorities have reported rescuing trafficking victims from 22 countries, mainly from Kayin and Shan States.

Apart from the cyber scam centres, Operation Storm Makers II revealed other human trafficking and migrant smuggling offences. A 13-year-old boy from Bangladesh, who was trafficked to India, has been rescued. Two female victims from Nepal were rescued from India and sent home.

Turkish law enforcement caught 239 migrant smugglers while patrolling the country’s coastline, and intercepted around 4,000 irregular migrants. The operation also focuses on prevention, and member countries have rolled out awareness campaigns to help potential victims avoid being trafficked.

Participating countries include Angola, Australia, Bangladesh, Brazil, Cambodia, China, Ethiopia, Ghana, India, Indonesia, Kazakhstan, Kenya, Laos, Malaysia, Myanmar, Nepal, Pakistan, Philippines, Singapore, South Africa, Sri Lanka, Tanzania, Thailand, Turkey, Uganda, United Arab Emirates, and Vietnam.

William Wright, CEO of Closed Door Security endorsed Interpol’s work. In a statement to Hackread.com, Wright said “The latest announcement from Interpol highlights how the whole criminal ecosystem is becoming increasingly interlinked. Now we are seeing people being trafficked and forced to commit cyber fraud, which links two of the biggest underworld industries. Gangs are now resorting to kidnapping to force people to carry out fraud, which also shows just how far beyond digital cybercrime has become today.”

Wright warned that despite the large-scale operation and its success, there is much more to be done. “The update highlights just how many scam centres are in operation today, but the numbers announced by Interpol are a drop in the ocean in comparison to the reality,” he added.

“To fight back against these horrible crimes, we need to see more collaboration from law enforcement across the world, where data is shared, and criminals are publicly sanctioned. We must also make consumers more aware of these scams, so they are better educated to recognise them and ignore them, before clicking on a malicious link or handing over their confidential information. Doing this will have a knock-on effect on scam centre profits, which will significantly hurt the criminals behind them,”  Wright warned.

  1. EMPACT Hackathon Targets Online Human Traffickers
  2. Utilizing Programmatic Advertising to Locate Abducted Children
  3. Operation Narsil – INTERPOL Busts Decade-Old Child Abuse Network
  4. Anonymous Hacks Thailand Senate Website against Human Trafficking
  5. DARPA Builds ‘Memex’ Deep Web Search Engine to Track Sex Traffickers
  6. US seizes classified advertising website Backpageover human trafficking
  7. Senior OPERA1ER Cybercrime Gang Member Arrested in Global Operation

[ad_2]
Source link

Google Podcasts shutdown confirmed for April 2024

0
[ad_1]

In September, Google announced that its dedicated podcasts app, Google Podcasts, is shutting down next year. At that time, the company didn’t reveal a precise date or even a timeline for the planned shutdown of the app. We now have those details. Google has confirmed that Google Podcasts will be gone in April 2024. You can use the app through March, with migration of existing subscriptions supported through July.

“You will be able to use Google Podcasts through March 2024,” a banner on an official Google support page reads. “If you wish to save your Google Podcast subscriptions, use one of the methods below through July 2024.” The page provides users with instructions on moving their existing podcast show subscriptions to YouTube Music or other supported podcast or music apps.

Google Podcasts is folding into YouTube Music in April 2024

Google is folding Podcasts into YouTube Music, which will be its all-things-audio platform. The company is following the likes of Spotify, which has been expanding its podcast portfolio within its music streaming app. To ensure a seamless migration, YouTube Music recently gained the ability to add podcasts using an RSS feed URL. This allows users to easily upload podcasts to their Music library. After all, not all podcasts are available on YouTube Music.

Migrating your Google Podcasts subscriptions to YouTube Music is a fairly simple process too. Open the Podcasts app and click Export subscriptions at the top of the screen. Tap Export under Export to YouTube Music and you should be taken to the new app (if not installed, you will be asked to install it). Here, tap Transfer and then tap Continue below the disclosure.

The migration will finish in a few minutes, with a confirmation notification appearing on the YouTube Music home screen. You can go to the Library tab to view your imported podcast subscriptions, which will feature an RSS badge. As said earlier, you may not find all of your existing podcast show subscriptions on YouTube Music. Google says Music will display a “Content is unavailable” banner next to the title of missing shows.

For missing shows, you will have to manually save them to your Music library using the show’s RSS feed link. To do that, go the the Library tab on YouTube Music and select Podcast in the top carousel. Now tap the Add podcast button in the bottom right corner and select Add a podcast by RSS feed. Read and accept the disclaimer, enter the URL of the RSS feed, and tap Add to save the podcast to your library.

You can also move your Podcasts library to non-Google apps

While Google would love to see you move from Podcasts to YouTube Music, it does give you the option to migrate to some other app that supports OPML (Outline Processor Markup Language) imports. You can also download a copy of your Podcasts’ data using Google Takeout. The company has provided step-by-step guides for both export options on the aforementioned support page. This marks another product going to the Google product graveyard.


[ad_2]
Source link

Samsung One UI 6.1 brings AI wallpapers & more AI features

0
[ad_1]

A few days back, it was revealed that Samsung‘s One UI 6.1 will introduce a more advanced battery health protection tool. The feature seemingly uses artificial intelligence (AI) to manage the overnight charging of Galaxy devices. A new leak has now revealed a host of other AI features that the company is working on. These include AI wallpapers, image expansion, object relocation in photos, and enhancements to Samsung Notes.

Samsung’s One UI 6.1 will introduce AI-generated wallpapers

Samsung will debut Android 14-based One UI 6.1 with the Galaxy S24 series in January 2024 and roll it out to older models later. Rumors say the new flagship lineup will bring unprecedented on-device AI capabilities, with AI features baked into system software. The company has already announced a few of them, including live translation and transcription of audio calls. The feature comes integrated with the native call app.

X user @BennettBuhner has now given us a peek into what else Samsung is cooking. Most notably, One UI 6.1 will add support for AI-generated wallpapers. Google introduced this feature with the Pixel 8 series, which ran Android 14 out of the box. The Korean firm skipped it in One UI 6.0, the first Android 14-based update for Galaxy devices, but the next One UI version will seemingly bring the feature.

As you might expect, the Galaxy S24 phones will create wallpapers based on your text prompt. You have to first select a general topic and provide additional details such as the subject and backdrop. A screenshot posted by the source shows that AI wallpaper for the topic “Bloom” offers the prompt “a hazy image of lavender plants on a backdrop of red space galaxy.” You can replace lavender plants with any other subject and edit the backdrop.

As 9to5Google pointed out, the Pixel 8 series offers the same prompt and preview image for AI-generated wallpaper under the topic “Bloom.” Of course, this can’t be a coincidence. Samsung is seemingly borrowing Android 14’s tool and pushing it with One UI 6.1. Like with other stock Android features, Samsung has made some tweaks here. Most notably, its preview image is more compact while Google’s is full-screen.

Samsung One UI 6 1 AI generated wallpapers leak

The new One UI update may be all about AI features

One UI 6.1 will also let users add weather and portrait effects to their Galaxy phone’s lockscreen. You can select between sunny, cloudy, rainy, and snowy weather, specify the time of the day (morning, evening, etc.), and boom, your lockscreen looks completely different. You may even be able to customize the lockscreen and animate the AI-generated effects.

Additionally, Samsung’s next One UI update will let you relocate objects in an image. You can simply touch and hold an object, including people and pets, to reposition it. AI should automatically fill in the details in the original position. You can even move objects or clips from one photo to another. Did you miss one of your friends in a group shot because they were capturing it? One UI 6.1 has a solution.

If there isn’t sufficient space in the photo for that friend, Samsung still has a solution. You can use the AI capabilities of your Galaxy phone to expand the image by adding non-existing details. If the photo you took isn’t aligned perfectly, AI will take care of that too. AI drawings or decorations you add to photos are saved and recorded so you can go back and make adjustments anytime. No need to begin from scratch.

Coupled with the advanced photo and video editing tools Samsung added to One UI 6.0, Galaxy phones are turning out to be comprehensive photography solutions. The upcoming One UI update will also improve Samsung Notes with AI features that can quickly organize and summarize your notes using bullet points and auto-formatting. AI can even format hand-written notes and convert them into text.

Other Galaxy devices will also get these features

Samsung will roll out One UI 6.1 to other eligible Galaxy phones after the Galaxy S24 launch in January next year. The Galaxy S23 series, Galaxy Z Fold 5, Galaxy Z Flip 5, and several other devices will receive the update. Most of the new AI features, if not all, will trickle down to those devices. Rumors say the 2024 flagship lineup will go official on January 17, so just about five more weeks of waiting now.


[ad_2]
Source link

Hackers Spy iPhone Users Using Malicious Keyboard Apps

0
[ad_1]

A new method of keylogging using malicious keyboard apps has been discovered to affect iPhones, evading all Apple’s security detection procedures.

Additionally, threat actors could also use this method to steal passwords, authentication codes, notes, private messages, etc.,

There have been many spyware application developers who have used this technique and also offer keylogging services for just $30.

As iPhones are considered the most secure devices, this particular method of keylogging proves a significant risk for Apple users.

Hackers Spy iPhone Users

As per the reports shared with Cyber Security News, this new technique has no prerequisites for exploitation and is compatible with all iPhone models.

This technique abuses an existing feature within the iOS system and is simple to exploit.

The threat actor can set up a custom keyboard on the victim’s device in a specific manner that logs all the keystrokes on the device and sends them to an online portal. The threat actor can access this portal from anywhere in the world. 

The fact that this technique was possible is because of the lenient review process of TestFlight apps. TestFlight is a platform for developers to test iOS apps before launching them on the App Store.

TestFlight apps do not have a strict review process as other applications when launching to the public.

How to Identify and Prevent?

These malicious keyboards appear almost identical to Apple’s default keyboard which makes it difficult to find.

To provide a short note, Apple only has two keyboards by default, which are “English (US)” and “Emoji.” Hence, any other keyboards that are not recognized could be malicious and must be removed immediately.

Hackers Spy iPhone Users
Apple keyboard (left) v. Malicious Keyboard (right) (Source: Certosoftware)
Hackers Spy iPhone Users
Checking for Custom Keyboards (Source: Certosoftware)

In order to delete an unrecognized keyboard, the below steps can be followed,

  • Tap Edit
  • Tap on the Red “-” button on the unknown keyboard
  • Tap Delete

A complete report about this technique and method has been published, providing detailed information on the method, portal, cybercriminals, and others.

Users are recommended to follow the above steps to prevent any malicious keyboards from logging their activities.


[ad_2]
Source link