Cyber security advisory on Rhysida ransomware

0
[ad_1]

A new cybersecurity advisory has warned of the threats posed by emerging ransomware variant Rhysida. The advisory, published jointly by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), disseminates the known indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) of the Rhysida ransomware operators. It also outlines the mitigative steps organizations should take to reduce the likelihood and impact of Rhysida. The guidance is based upon investigations carried out as recently as September 2023.

Rhysida targets victims of “opportunity” including education, healthcare and government sectors

Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised organizations in education, manufacturing, information technology and government sectors, the advisory read. Any ransoms that are paid are split between the group and affiliates. Rhysida actors leverage external-facing remote services, such as virtual private networks (VPNs), the Zerologon vulnerability (CVE-2020-1472) and phishing campaigns to gain initial access and persistence within a network, the advisory added.

The legitimate tools Rhysida actors have repurposed for their operations include cmd.exe, PowerShell.exe, PuTTY.exe and PowerView, according to the advisory. “Organizations are encouraged to investigate and vet use of these tools prior to performing remediation actions,” it added.

Rhysida ransomware group known to engage in double-extortion

After mapping the network, the ransomware encrypts data using a 4096-bit RSA encryption key with a ChaCha20 algorithm. Rhysida actors are known to then engage in “double extortion” – demanding a ransom payment to decrypt victim data and threatening to publish the sensitive exfiltrated data unless the ransom is paid. “Rhysida actors direct victims to send ransom payments in Bitcoin to cryptocurrency wallet addresses provided by the threat actors. Rhysida ransomware drops a ransom note named “CriticalBreachDetected” as a PDF file – the note provides each company with a unique code and instructions to contact the group via a Tor-based portal.”

The contents of the ransom note are embedded as plain-text in the ransom binary, offering network defenders an opportunity to deploy string-based detection for alerting on evidence of the ransom note, according to the advisory. “Rhysida threat actors may target systems that do not use command-line operating systems. The format of the PDF ransom notes could indicate that Rhysida actors only target systems that are compatible with handling PDF documents.”

Known Rhysida IoCs include Onion Mail email accounts rhysidaeverywhere@onionmail[.]org and rhysidaofficial@onionmail[.]org for services or victim communication, the advisory read.

How to mitigate the threats posed by Rhysida ransomware

Organizations should implement the following mitigations to reduce the risk of falling victim to Rhysida ransomware and improve overall security posture, according to the advisory:

  • Require phishing-resistant multi-factor authentication (MFA) for all services to the extent possible
  • Disable command-line and scripting activities and permissions
  • Implement verbose and enhanced logging within processes
  • Restrict the use of PowerShell
  • Update Windows PowerShell or PowerShell Core to the latest version
  • Enable enhanced PowerShell logging
  • Restrict the use of remote desktop protocol (RDP) and other remote desktop services to known user accounts and groups
  • Keep all operating systems, software and firmware up-to-date
  • Identify, detect and investigate abnormal activity and potential traversal of indicated ransomware with a network monitoring tool
  • Implement time-based access for accounts set at the admin level and higher
  • Maintain offline backups of data
  • Ensure all backup data is encrypted and immutable

Sign up to Cyber Security Hub’s upcoming webinar All Access: Malware and Ransomware



[ad_2]
Source link

Google shares new Android features and updates for your smartphones, watches, and TV devices

0
[ad_1]
Android is introducing a suite of new features and updates designed to enhance device personalization, accessibility, and overall user experience. These updates span across Android smartphones, tablets, Wear OS smartwatches, and Google TV devices, and are in addition to the new Google Messages app and RCS features that were also announced today.

Express Yourself with New Emoji Kitchen Combinations

Android users can now express themselves in more creative ways with new Emoji Kitchen sticker combinations and Voice Moods. Emoji Kitchen allows users to remix their favorite emoji into unique stickers.

Using Emoji Kitchen on an Android phone to create and share a camera emoji mashed up with a tongue-out happy face emoji.

Source: The Keyword

More Free Google TV Channels

Google TV is expanding its free TV channel offerings with over 10 new channels, providing users with more entertainment options without additional subscriptions. This brings Google TV’s free channel lineup count up to 115. 

Exploring free TV channels on Google TV.

Source: The Keyword

Enhanced Wear OS Smart Home Controls, Smart Home Status, and Assistant Routines

Wear OS smartwatches now offer enhanced smart home controls, allowing users to control multiple lights simultaneously and set the mood for various occasions. They can also easily set their Google Home status to Home or Away, ensuring that smart home devices are configured accordingly. Additionally, Assistant Routines are coming soon to Wear OS, allowing users to start routines with voice commands for a more hands-free experience.

Using Google Home on a Wear OS smartwatch to change the colors of multiple lights at one time.
Using Google Home on a Wear OS smartwatch to change home presence from Home to Away.
Using Google Assistant on a Wear OS smartwatch to start a Routine by saying “Hey Google, commuting to work” and then the watch displays the weather, that day’s calendar, and that it’s playing music on the phone.

Source: The Keyword

Enhanced Security and Accessibility Features

Android is also introducing new features to enhance security and accessibility. Users can now set custom PINs for FIDO2 security keys, providing an additional layer of protection for online accounts. Additionally, TalkBack is gaining AI-powered image descriptions, enabling users who are blind and low-vision to understand the content of images.

Setting up a security key with a custom PIN to authenticate access to a website.

Source: The Keyword

Live Captions for Phone Calls and Media

Live Caption is expanding its language support, making it more accessible to users worldwide. Additionally, users will soon be able to reply to phone calls with text messages, enabling them to communicate without needing to hear or speak.


[ad_2]
Source link

Apple Issues Urgent Security Patches for Zero-Day Vulnerabilities

0
[ad_1]

Apple has recently released security updates to tackle two zero-day vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that hackers are actively exploiting.

Apple Inc. today released crucial security updates aimed at mitigating two critical zero-day vulnerabilities identified as CVE-2023-42916 and CVE-2023-42917. These vulnerabilities have been actively exploited by hackers, posing a significant risk to a wide range of Apple devices.

The vulnerabilities allow attackers to execute arbitrary code and access sensitive data on compromised devices. These security flaws are particularly concerning because they can be exploited through malicious web pages, exploiting a memory corruption bug to gain unauthorized access.

Affected Devices

Apple’s advisory lists a comprehensive range of devices vulnerable to these exploits:

  • iPhone XS and later models
  • iPad Pro 10.5-inch
  • iPad (6th generation and later)
  • iPad Air (3rd generation and later)
  • iPad mini (5th generation and later)
  • iPad Pro 11-inch (1st generation and later)
  • iPad Pro 12.9-inch (2nd generation and later)
  • Mac computers running macOS Monterey, Ventura, and Sonoma

Apple urges all users of these devices to update their software immediately. The updates are designed to patch the vulnerabilities and protect devices from potential exploits. Users can update their devices by going to the ‘Settings’ menu, selecting ‘General’, and then tapping on ‘Software Update’.

The urgent release of these security patches highlights the growing challenges in cybersecurity. Security experts advise users to always keep their software updated to the latest version and to be cautious of suspicious web pages and downloads.

In a comment to Hackread.com, Michael Covington, VP of Portfolio Strategy at Apple device security and management company Jamf, urged users to immediately update their devices.

“These latest OS updates, which address bugs in Apple’s WebKit, show that attackers continue to focus on exploiting the framework that downloads and presents web-based content,” Michael said. The latest bugs could lead to both data leakage and arbitrary code execution and appear to be tied to targeted attacks that are common against high-risk users,” he wanted.

How to Update Your Apple Devices?

Apple provides detailed instructions to ensure that users update their devices effectively. For iPhone and iPad users, navigate to Settings > General and click on Software Update.

For macOS users, click on the Apple menu (), go to System Settings, select General, and then click on Software Update. Automatic updates should be enabled to receive the Rapid Security Response patches seamlessly. Restarting the device may be necessary to complete the update process.

  1. Apple Safari Safest, Google Chrome Riskiest Browser of 2022
  2. Update NOW! Pegasus Spyware Exploiting iPhones on Latest iOS
  3. Apple issues iPhone software update after fake police ransomware scam

[ad_2]
Source link

Google Messages now lets you see Ultra HDR images inside chats

0
[ad_1]

With Android 14 Google officially announced the support for Ultra HDR to normal JPEG images after they had internally embedded the ability into Google Messages in September. An Ultra HDR image is nothing but a normal JPEG image with an HDR gain map added within its metadata.

If you have the Pixel 8 or Pixel 8 Pro, you probably have seen the highlights in your images brightening up in front of your eyes. But how do you share what you see in the photo you took? Sharing images on social platforms usually scrapes off the metadata of the image turning it into a normal JPEG.

And here comes the support for Ultra HDR images in Google Messages. Now users of Google Messages with a device running on Android 14 and a capable display (it’s not a rare combination) can also see the highlights and shadows of the image reaching its full potential inside their chats.

Google Photos and Google Chrome also support Ultra HDR

While an Ultra HDR image still holds the same .jpg file extension, not all apps support the HDR gain map to let you experience the underlying specialties of the photo. Soon after the announcement of the Google Pixel 8 series in early October, Adobe Lightroom emerged with the ability to not only have the support for showing you and editing the photos while keeping the metadata for Ultra HDR intact, but it also lets you capture images with the gain map for Ultra HDR, in your latest Pixel devices with Android 14.

Additionally, Google Chrome and Google Photos can implement the stored gain map on the display. However, you should note that Google Photos scrapes off the metadata for the gain map while you edit the image with the app. It’s kind of a surprise for now as Lightroom supports editing the Pixel exclusive images while Google’s Photos application does not.

Google’s Messages seemed to be one of the latest apps to take advantage of the gain maps added to the standard JPEG images. However, AssembleDebug from TheSpAndroud discovered the support added to the ‘Messages’ app back in September.

Ultra HDR image
A representation of Ultra HDR image (Credit: Google)

[ad_2]
Source link

Galaxy S24 Ultra will support Wi-Fi 7, FCC confirms

0
[ad_1]

Earlier today, the FCC certified the Galaxy S24 and Galaxy S24+, revealing a few details about the phones. Among other things, the FCC documents suggested that the upcoming Samsung flagships lack Wi-Fi 7. It appears that the Korean firm will reserve the next-gen wireless standard for the Ultra model. The American regulatory body has now certified the Galaxy S24 Ultra and it does have Wi-Fi 7.

Galaxy S24 Ultra certified by the FCC with Wi-Fi 7

Like the other two models, the FCC has certified both carrier-locked and unlocked variants of the Galaxy S24 Ultra. The model numbers are SM-S928U and SM-S928U1, respectively. The listing confirms some of the expected specs of the phone, including Sub-6GHz and mmWave 5G, Bluetooth 5.3, NFC, wireless charging, reverse wireless charging (wireless power transfer), and UWB (Ultra-wideband).

Additionally, we can see that the Galaxy S24 Ultra boasts 802.11b/g/n/ax/be WLAN and 802.11a/n/ac/ax/be UNII. In simple terms, it supports Wi-Fi 7. The Galaxy S24 and Galaxy S24+ are limited to IEEE 802.11 a/b/g/n/ac/ax, i.e. Wi-Fi 6E. Samsung was expected to equip the entire lineup with the next-gen wireless standard but it seemingly chose to make Wi-Fi 7 exclusive to the Ultra model.

Samsung Galaxy S24 Ultra FCC

The Final Wi-Fi 7 standard is expected to arrive next year, though it will take some time before all devices around us are Wi-Fi 7-capable. Nonetheless, this is a disappointing decision from Samsung. With users holding onto their phones for longer, the company should have equipped all three Galaxy S24 models with the next-gen Wi-Fi technology. Or maybe the FCC documents don’t tell the full story, we shall see.

Samsung has ramped up its preparations for the Galaxy S24 launch

There aren’t any other major takeaways in this FCC certification listing for the Galaxy S24 Ultra. However, it’s an indication that Samsung has ramped up its preparations for the launch. The company has already obtained regulatory approvals for the phone from the BIS (India), KTR (South Korea), and NBTC (Thailand). We may see more certifications for the device in the coming weeks.

If rumors are to be believed, Samsung will unveil the Galaxy S24, Galaxy S24+, and Galaxy S24 Ultra on January 17, 2024. The big Galaxy Unpacked event will take place in San Jose, USA. The Korean firm will open pre-orders immediately after the launch. General sales are expected to begin on January 30, though pre-orders may reach consumers before that. Stay tuned for the official confirmation of all this from Samsung.


[ad_2]
Source link

Google Messages celebrates one billion monthly active RCS users with seven new features

0
[ad_1]
Video Thumbnail
Google Messages, the default messaging app for Pixel and other Android devices, has reached a significant milestone, surpassing one billion monthly active users with RCS enabled. This milestone marks a major step forward in the adoption of RCS, a modern messaging standard that offers a more advanced and secure texting experience compared to the outdated SMS and MMS protocols.RCS brings a plethora of enhancements to the texting experience, including typing indicators, read receipts, threaded replies, high-quality media sharing, improved group chats, and better privacy with features like end-to-end encryption. To celebrate this new milestone, the company thanked its partners and users for embracing RCS, and announced that it is introducing a seven new features to the Messages app: Photomoji, Voice Moods, Screen Effects, Custom Bubbles, Reaction Effects, Animated Emoji, and Profiles.

Photomoji: Transform Photos into Expressive Reactions

Photomoji allows users to transform their favorite photos into reactions using on-device Google AI. Simply select a photo, choose the object you’d like to turn into a Photomoji, and send it. These creations can be saved for later use, and friends can even use your Photomojis in group chats.

Source: The Keyword

Voice Moods and Improved Audio Quality

Voice Moods add a touch of personality to voice messages by incorporating nine different emotions. Choose from heart-eye emoji, fireballs, or party poppers to express your feelings alongside your voice message. Additionally, audio quality has been enhanced with increased bitrate and sampling rate.

Source: The Keyword

Screen Effects

With Screen Effects, messages transform into dazzling visual displays. Type specific phrases like “it’s snowing” or “I love you” to trigger vibrant animations on the screen. Explore with friends to uncover all 15+ hidden Screen Effects prompt words.

Source: The Keyword

Custom Bubbles

Custom Bubbles allow users to customize the bubble color and backgrounds of individual conversations. Choose different colors for each chat, eliminating the limitations of blue versus green bubbles. This helps differentiate conversations and avoid sending messages to the wrong person.

Source: The Keyword

Reaction Effects

Reaction Effects bring more life to conversations. You will be able to react to a message with a simple thumbs up emoji, and an animated trio of hands dances around the message bubble. This feature adds a fun and expressive touch to chats with the following ten popular emoji: ️ .

Source: The Keyword

Animated Emoji

Animated Emoji take expressions to the next level by adding captivating visual effects to each message. For instance, send a sparkling pink heart to express excitement when a friend shares vacation plans.

Source: The Keyword

Profiles

With Profiles, users can personalize their profile name and picture associated with their phone number. This helps identify yourself across Google services, which will be particularly useful in group chats, especially if you don’t have that particular phone number saved in your contacts.

Source: The Keyword

Amongst the celebration and the announcement of the new features, Google also took the time to point out that the Messages app isn’t the only client out there that uses RCS. Additionally, Google expressed its satisfaction with Apple finally taking the first step to support RCS within its Messages app as well, a move that paves the way for a more unified messaging experience across platforms.

These new features are rolling out to Messages beta users starting today, and will be available to all users soon. If you do not already use Messages on your Android device, you can download the app from the Google Play Store and sign up to be a beta tester if you want to be one of the first to experience these new features and the enhanced messaging experience powered by RCS.


[ad_2]
Source link

Google reveals its choices for best apps & games of 2023

0
[ad_1]

Google has announced its choices for the best apps and games of 2023. As per usual, Google Play’s awards are out towards the end of the year. Google also didn’t keep things simple, as the company has a number of subcategories listed on the site. So, let’s dive into it, shall we?

Google announced its choices for best apps & games of the year

The company did choose the best overall app and game of the year. The best app is the Imprint: Learn Visually, while the best game is Honkai: Star Rall. The aforementioned app actually shared “bite-sized lessons”, and they use visual storytelling in order to “bring concepts to life”. This game, on the other hand, has “stunning visuals” says the company, and it’s an RPG game.

The best multi-device app is Spotify, an app that many of you are very familiar with, as many use it for music streaming. The best multi-device game is OUTERPLANE – Strategy Anime. That is a turn-based strategy game, which allegedly works great on PCs, as well as regular smartphones and foldables.

ChatGPT was chosen by the users

The very best ‘Users’ Choice’ app is ChatGPT, and the game MONOPOLY GO!. ChatGPT is a well-known AI app that became instantly popular this year, and gained tons of users. MONOPOLY GO! also doesn’t require any further explanation, if you love Monopoly, this is the game to play.

As mentioned earlier, Google did highlight apps and games in various different subcategories. You can check them all out here, but we’ll go over some of them below too.

The ‘Best for Fun’ app is Bumble For Friends: Meet IRL, while the ‘Best for Personal Growth’ app is Voidpet Garden: Mental Health. The Best Everyday Essential app Google chose is Artifact: Feed Your Curiosity, while the Best Hidden Gem app is Aware: Mindfulness & Wellbeing.

WhatsApp Messenger is the best app for smartwatches, says Google

WhatsApp Messenger has been selected as the best app for smartwatches. When tablets are concerned, Concepts: Sketch, Note, Draw took the win, while FlipaClip: Create 2D Animation won an award when it comes to Chromebooks.

The very best multiplayer game is Fairlight 84, while the best ‘Pick Up & Play’ game is MONOPOLY GO!. The very best indie game is Vampire Survivors, and so on. There are a ton of other categories listed.


[ad_2]
Source link

BlackCat hits Henry Schein with another cyber attack

0
[ad_1]

The US healthcare giant Henry Schein has faced its second major cyberattack since October. The ransomware group BlackCat has claimed responsibility for the attacks.

It was first on October 15 that ALPHV (AKA Black Cat) announced it had targeted Henry Schein. The ransomware group said it was ready to negotiate with the healthcare giant over the stolen data. Henry Schein allegedly refused to negotiate and was targeted again on November 22.

As per Henry Schein’s announcement, the “threat actor from the previously disclosed cyber incident has claimed responsibility.” Additionally, the ransomware attack in November forced the company to shut down its e-commerce platform and some of its apps.

Henry Schein suffered two major ransomware attacks in less than two months

“Certain Henry Schein applications, including its e-commerce platform, are currently unavailable. The company continues to take orders using alternate means and continues to ship to its customers,” the firm said in the announcement.

While reassuring customers that it had identified the cause of the occurrence, Henry Schein’s e-commerce platform was restored for US customers. The company is also working to restore the platform for users in Canada and Europe. The reports note that the firm is receiving orders through alternative channels. Henry Schein is now operating in 32 countries, and its annual revenue is estimated at $12 billion.

Black Cat ransomware group said it had stolen 35TB of data from Henry Schein, and parts of it will be released daily. This is certainly bad news for Henry Schein’s customers. Black Cat also noted in a statement that despite negotiations with Henry Schein, “we have not received any indication of their willingness to prioritize the security of their clients, partners, and employees, let alone protect their own network.”

The threat actors added portions of Henry Schein’s internal payroll data, and shareholder folders will be released on the collections blog—more data will be released daily.

Ransomware groups are targeting firms more than ever. In late September, Microsoft revealed that Chinese hackers managed to steal over 60,000 US State Department emails. The attackers also compromised the staff working on Indo-Pacific diplomacy efforts.


[ad_2]
Source link

Threads expands its keyword search feature to everywhere the app is available

0
[ad_1]

Threads, the social networking app from Instagram, has taken a significant step to improve its search functionality by expanding the availability of keyword search. This feature, now widely accessible, enables users to effortlessly find conversations centered on specific topics, fostering more engaging and informed discussions.Prior to this rollout, keyword search was limited to select regions and languages, restricting its reach. However, now it is available everywhere that Threads is, including Europe where Threads is slated to launch next month.
With the feature’s wide availability, Threads users everywhere can now seamlessly navigate through the app’s vast network of conversations, discovering relevant topics and joining meaningful discussions with ease.In an official announcement, Adam Mosseri, Head of Instagram, emphasized the feature’s primary objective: to simplify the process of finding new and engaging conversations. He acknowledged that keyword search was previously limited but is now accessible “everywhere Threads is available,” underscoring the company’s commitment to providing a frictionless user experience.
The implementation of keyword search everywhere and in all languages, paves the way for the introduction of trending topics, a feature widely anticipated and requested by Threads users. By analyzing popular search queries and identifying recurring keywords, Threads can curate a list of trending topics, keeping users up to date on the most talked-about subjects within the app.

Threads continues to churn through its internal list of features it plans to bring to its user base, including some secret ones on mobile and the web and the highly requested “edit button.” Rumored to come to the app soon is also Trending Topics and Direct Messages, although these have not been confirmed by the company.

Threads is in a unique position right now to significantly grow the platform and expand its user base by rolling out useful features such as it has been doing since its launch. With X/Twitter’s ad revenue currently in decline and big-name accounts either moving to or becoming more active on Threads, now it’s the platform’s time to shine and get ahead of its competition.


[ad_2]
Source link

OnePlus 12 becomes king of AnTuTU ahead of launch

0
[ad_1]

The OnePlus 12 is right around the corner. The phone will become official on December 5, and as we’re waiting for that to happen, the OnePlus 12 surfaced on AnTuTu. The device actually managed to set the highest score on the platform, says GizmoChina.

The OnePlus 12 appeared on AnTuTu ahead of its launch event

The device scored 2,333,033 points on the AnTuTu v10 benchmark. It scored 533,566 in the CPU sector, 904,961 in the GPU field, 538,511 in the MEM category, and the phone’s UX scored 355,995 points.

OnePlus 12 AnTuTu score pre launch

It is reported that the OnePlus 12 has a rather powerful vapor chamber cooling, which definitely boosted its score here. The president of OnePlus China, Li Jie, said that the company also collaborated with game developers, manufacturers, and chipmakers to optimize the phone’s gaming performance.

Having said that, the phone is launching in about a week in China, while its global launch will follow in January. That much has been confirmed, but OnePlus still didn’t announce the launch date. January 23 is rumored, though.

We already know what the phone will look like

OnePlus did share the design of the OnePlus 12, via a number of images. On top of that, the company confirmed the OnePlus 12’s rear camera setup, and also some other details. The phone will support wireless charging, its display will have a brightness peak of 4,500 nits, and more.

The Snapdragon 8 Gen 3 will fuel this smartphone, while the phone will utilize the same cameras as the OnePlus Open. Android 14 will be pre-installed on the device, along with OxygenOS 14.

A 5,400mAh battery is rumored, as is 100W wired charging. The phone will likely support 50W wireless charging, though the charging speed hasn’t been confirmed by the company just yet. Other powerful specs are also expected, such the most powerful RAM and UFS storage, and so on.


[ad_2]
Source link