Amazon has just introduced its latest smart speaker/alarm clock called the Echo Spot. The new Amazon Echo Spot has arrived just a few days ahead of the upcoming Amazon Prime Day 2024 sale. Just like its 2017 counterpart, the new Echo Spot is designed to be your nightstand tech buddy. The Alexa-connected smart speaker has a small touchscreen and supports all the voice controls of the previous Echo devices.
The new Amazon Echo Spot speaker offers better visuals and improved audio
According to the official press release, the Amazon Echo Spot 2024 speaker offers “even better visuals and improved audio quality.” Similar to the Echo Dot or other Echo products, the latest Echo Spot variant lets you control IoT devices spread across your smart home. The new offering flaunts a 1.73-inch front-firing direction speaker. It delivers “clear vocals and deep bass,” as per Amazon.
While the previous variant of the Echo Spot was launched with a full circular screen, the new version’s display is split in half. Amazon has removed a camera from the latest offering. For more privacy, the new speaker has a hardware button to turn the microphone off. Furthermore, there are physical volume control buttons onboard the new model.
The new Echo Spot lets you see time, weather, and song titles at a glance on its small screen. You can personalize your display with a clock face or multiple fun colors. The speaker allows you to customize the display to fit the aesthetic of your room. You can choose from as many as six different colorways – Orange, Violet, Magenta, Lime, Teal, and Blue. Besides, the device also allows you to mix and match colors with several clock faces.
Amazon is offering the latest Echo Spot with more than 40 percent discount for Prime users
The Echo Spot 2024 speaker is priced at $79.99. It is significantly less than the $149.99 2017 version at the launch. However, during the Prime Day 2024 sale on July 16 and July 17, Prime members can get it with a discount of more than 40 percent. It will be available for just $44.99 for these users. The new smart speaker from the brand will be available in Black, Glacier White, and Ocean Blue hues.
Shopify has denied a breach of its systems after a cybercriminal posted alleged Shopify customer details online.
Shopify told BleepingComputer and other publications that the incident happened at a third party:
“Shopify systems have not experienced a security incident. The data loss reported was caused by a third-party app. The app developer intends to notify affected customers.”
The cybercriminal posting under the handle “888” claims the breach took place in 2024 and contains 179,873 rows of users’ information.
Post by 888 offering Shopify data for sale
The data offered for sale includes:
Shopify ID
First name
Last name
Email address
Mobile phone number
It also includes some Shopify specific data like number of orders, total spent, email subscription status, email subscription date, SMS subscription status, and SMS subscription date.
Where the data comes from is a good question.
In March, Cybernews reported about a publicly accessible MongoDB database that belonged to a US-based company, Saara, who develop Shopify plugins. The leaked database stored 25GB of data which stemmed from plugins covering over 1,800 Shopify stores.
In June, we reported about a breach affecting Evolve Bank & Trust that also affected several of its partners. Shopify is a partner of Evolve.
No doubt this isn’t the end of the story. We will keep you updated.
Protecting yourself after a data breach
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
Set up identity monitoring.Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.
Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.
As we approach Unpacked later this week, where Samsung is set to announce the Galaxy Z Flip 6 and Galaxy Z Fold 6, one has to wonder if Samsung can take the crown back from OnePlus/OPPO in the foldable market.
Last year, OnePlus announced its first foldable with an asterisk, the Open. We put an asterisk there because it is essentially the OPPO Find N3 in everything but the logo. This is not OPPO’s first foldable, but it’s a third-generation foldable. And it completely surpassed Samsung in one fell swoop. Not only did OnePlus and OPPO put out better hardware than Samsung, but it also put out better software.
I recently went back to the OnePlus Open, to use it again ahead of the Galaxy Z Fold 6 launch, and to see how it compares to the current best foldable on the market. And I fell in love with the Open all over again. The rumors for the Galaxy Z Fold 6 aren’t that great. The rumormill is pointing to a phone that is mostly the same as the previous model, but a tad wider and a new processor.
OnePlus’ Open Canvas feature is the best foldable feature we’ve seen so far
With the OnePlus Open last year, OnePlus debuted Open Canvas which is a feature that was also brought to the OnePlus Pad, and it’s genius. To put it in the simplest terms, Open Canvas allows the user to have more screen real estate than is actually available. You’re able to push apps off of the screen, and swipe over to them whenever you want. You can run up to six apps on the screen at the same time, which is impressive. Though, admittedly, it’s not something I do that often.
It’s not all software though, another decision OnePlus and OPPO made that helped Open Canvas perform so well is, the front display. OnePlus and OPPO opted for a 18:9 front display, which is the aspect ratio for most smartphones these days. But that also means when you open the phone, you’re getting a square display (almost) but it also means that having apps side-by-side, they will be 18:9 aspect, instead of super skinny apps like they are on Samsung’s Galaxy Z Fold models.
One of my biggest complaints with foldables is the aspect ratios of the displays. Samsung, for example, uses a very skinny front display that feels more like a TV remote versus a smartphone. That makes the inner display almost exactly a square, and when you have two apps in multi-window, you’re looking at two very skinny apps. It’s just not a good user experience, and that had really turned me off from using foldables, because both screens kind of suck for using apps normally.
OnePlus put its best cameras ever, in the Open
Another area where foldables typically fall short is in the camera department. This is likely because companies are looking to keep phones lighter and thinner, but need larger batteries inside foldables to power those larger displays. OnePlus said screw it, let’s put in the best cameras we’ve ever had.
With the Open, OnePlus included a 48-megapixel primary camera with a f/1.7 aperture, a 64-megapixel 3x telephoto and a 48-megapixel ultrawide. On paper, that sounds outstanding, in practice, it is. I was amazed at how well the Open took photos last year while I was reviewing it, and now picking it up again about 8 months later with countless new updates, it’s still impressive. As I noted in my review last year, OnePlus might have the best cameras on any phone with the Open, nevermind a foldable. Though that has changed now, especially with the Vivo X Fold3 Pro being available.
OnePlus did include a pretty massive camera bump on the Open to accommodate these cameras, but it’s worth it. That camera bump also makes it easier to hold onto the OnePlus Open, in my experience.
Samsung can’t seem to get rid of the crease
We’re writing this ahead of Unpacked, and we haven’t seen the Galaxy Z Fold 6 in person yet, other than in leaks. But it seems like Samsung is still pretty far behind the competition on getting rid of the crease. Companies like Motorola, OnePlus and OPPO have all done a really good job of getting rid of the crease. I mean, it’s almost non-exsistent on the new Razr+ that was announced last month, as well as the OnePlus Open. But with Samsung, you will most likely still see that crease, and it’s definitely an eyesore.
Can Samsung take back the throne?
While I did spend about 750 words trashing Samsung and its foldables, it has come a long way since the first Galaxy Fold back in 2019. But there’s still a long way to go. Not just for Samsung but for every company making foldables. Samsung was first to the market, and that means that its competition was able to learn from its mistakes more than Samsung itself.
So what can Samsung do with the Galaxy Z Fold 6 to take back the throne? Well, for one, upgrade the cameras. The Galaxy Z Fold 5 cameras are not great at all, to be quite honest, especially for a $1700 phone. They will get the job done, but the Galaxy S24 Ultra is far better. The software is getting there, Samsung does have plenty of great software tweaks to take advantage of that display. However, the biggest thing Samsung needs to address is the aspect ratio.
Last year, at Unpacked in Korea, I spoke with Samsung and talked about how the Pixel Fold (the OnePlus Open wasn’t out yet) was better than the Galaxy Z Fold 4 (at the time), because of the wider front display. Meaning I didn’t need to open the phone as much. Samsung thought that was pointless. This makes me think Samsung wants you to open the phone all the time versus using the front display a lot and opening it for multitasking. If Samsung adopts the wider aspect ratio of the Pixel Fold or the regular smartphone aspect ratio of the OnePlus Open, I think a lot of my complaints about Samsung’s foldables will be solved.
It sort of feels like, after last year, that Samsung is just phoning it in these days for foldables. A big reason for that is the competition or lack thereof. In the US, it’s really only competing with the Pixel Fold and OnePlus Open, and only one of those is sold at carriers. On the flip side, it is competing with Motorola, and that’s about it. What Samsung really needs is more competition in the US (its biggest market), which will push them to innovate and make bigger upgrades to its foldables.
An internal memo reviewed by Bloomberg revealed that starting in September, Microsoft employees in China will need to use an iPhone for authentication when they sign into company systems. Android phones will not be allowed as multi-factor authentication devices. When signing into Microsoft systems, employees need to use a smartphone and two Microsoft apps to log in.
When the new rules take effect in less than two months, iPhone handsets will be required to run the two Microsoft apps, the Microsoft Authenticator password manager and Identity Pass app. The software company requires multi-factor authentication to guard against hackers. The new rules will impact hundreds of Microsoft employees who work in Mainland China.
Microsoft’s memo notes that it blocked Android phones from being used for multi-factor authentication because Android phones are not allowed to run Google services in China. That prevents the Microsoft employees from accessing the Google Play Store leaving Apple’s App Store as the only place where these employees can download the required security apps. Android app storefronts are fragmented in China with the ban on Google services forcing phone manufacturers in the country to offer their own app stores. Such manufacturers include Huawei and Xiaomi.
Microsoft employees in China will need to use an iPhone at work|Image credit-Apple
Any members of the Microsoft staff in China owning an Android phone will be forced to purchase an iPhone 15 for a one-time payment. Microsoft will make iPhones available at hubs across China and even in Hong Kong where Google services are allowed. Microsoft employees in China will still be allowed to use Android handsets as their personal phones.
The company has been the target of multiple state-sponsored attacks by hackers. Back in January, an attack linked to Russia affected many U.S. government agencies including the State Department. With U.S. lawmakers putting pressure on Microsoft, the company started the Secure Future Initiative (SFI) company-wide last November. SFI will use AI to help it address vulnerabilities in the cloud faster, make it more difficult for hackers to obtain credentials, and automatically require multi-factor authentication for employees.
And that brings us right back to the internal memo alerting Microsoft workers on the Mainland that they must use an iPhone at work.
Ticketmaster hackers leak 30,000 ticket barcodes for top upcoming events, including music concerts. They also share a DIY counterfeit tutorial on making physical tickets from the leaked barcodes and other ticketing data.
Ticketmaster hackers have leaked 30,000 additional ticket barcodes for some of the top upcoming events and concerts featuring popular artists and music bands.
It is also worth noting that on July 4 and 5, 2024, as exclusively reported by Hackread.com, ShinyHunters and Sp1d3rHunters, who are two different individuals but are affiliated with the group behind the Ticketmaster data breach, leaked 44,000 and 170,000 ticket barcodes related to Taylor Swift’s The Eras Tour. With these leaks, the total number of leaked ticketing data goes up to 640,000.
The latest 30,000 data leak includes ticketing and barcodes related to the following events and artists:
Pearl Jam
Sammy Hagar
Stevie Nicks
Steve Miller Band
Cirque du Soleil
USHER: Past Present Future
Chris Brown – The 11:11 Tour
P!NK: Summer Carnival 2024 (Multiple cities)
Aerosmith: PEACE OUT The Farewell Tour – (10+ cities)
Neil Young – Crazy Horse – Love Earth Tour July 08
Alanis Morissette – The Triple Moon Tour – July 13
Red Hot Chili Peppers: Unlimited Love Tour – July 17
Bruce Springsteen and The E Street Band 2024 Tour
Screenshot from Ticketmaster dataset (Screenshot credit: Hackread.com)
What Exactly is in This Data Leak?
The ticket industry is a complicated one. Although Hackread.com has over a decade of experience in data breach analysis, things can be tricky sometimes. Therefore, we used ChatGPT-4o to analyze a small sample from the leak. Here’s what it found:
The leak of Ticketmaster ticketing data, including barcodes, is indeed bad news for Ticketmaster and its customers. Here's an analysis:
What is in the Leak
The provided data includes:
1: Ticket Barcodes: Unique ticket barcode values. 2: Event Details: Start time, event key, event ID, event name, venue details, etc. 3: Sales Order Information: Sales order ID, transaction ID, ticket type codes. 4: Seating Information: Section name, row number, seat number. 5: Venue Info: Venue ID, venue name, address, city, state, country, postal code. 6: User and Session Information: Browser ID, web session cookie values.
Potential Risks and Implications
Ticket Forgery and Resale:
Barcode Duplication: The leaked barcodes can be duplicated to create counterfeit tickets. Fraudsters could print fake tickets using these barcodes and sell them to unsuspecting buyers.
Loss of Revenue: Counterfeit tickets can lead to revenue loss for both Ticketmaster and event organizers.
Overcrowding and Security Risks: Events could face overcrowding if counterfeit tickets are used, leading to security and safety issues.
Verification Challenges: Ensuring the authenticity of tickets at event entry points will become more challenging, potentially causing delays and operational disruptions.
Increased Costs: Implementing measures to mitigate the impact of the leak, such as reissuing tickets or enhancing verification processes, will incur additional costs.
This leak is a significant issue for Ticketmaster, requiring immediate and comprehensive action to mitigate the risks and prevent future occurrences.
Can Anyone Use These Tickets?
Well, kind of. The online tickets could be impossible to use, but apparently, the physical copies of tickets can be used without any hurdles. Last week, Ticketmaster told Hackread.com that there is no way to use these tickets because the company uses a technology called “SafeTix,” which protects tickets by automatically refreshing with a new and unique barcode every few seconds, making it impossible to reuse.
However, the company did not mention anything about physical copies of tickets, which hackers have pointed out in their latest counterstatement, announcing that they have extracted physical tickets as well.
“Our Response to Ticketmaster’s claims is Ticketmaster lies to the public and says barcodes can not be used. The ticket database we have includes both online and physical ticket types.”
Hackers
What’s worse for Ticketmaster is that the hackers have also shared a four-step tutorial explaining how to make your own real tickets using the leaked information. This includes a YouTube video, Ticketmaster’s TicketFast artwork guidelines, and a link to the Ticketmaster site explaining printing guidelines for their tickets. Hackread.com will not share the complete tutorial due to security reasons.
Sp1d3rHunters on Breach Forums with the latest Ticketmaster dataset (Screenshot credit: Hackread.com)
Who is Behind the Ticketmaster Data Breach?
The original Ticketmaster data breach saw claims from the ShinyHunters hacker group of stealing 560 million user records and a ransom demand of $1 million—an offer that Ticketmaster denies it ever facilitated or has any plans to accept.
Last week, the ransom demand increased to $8 million after ShinyHunters revealed (in a now-deleted post on Breach Forums) that the stolen data was larger than previously anticipated, making it more valuable than ever. This includes the following information:
980 million sales orders
680 million orders detail
1.2 billion party lookup records
440 million unique email addresses
4 million uncased and deduped records
560 million AVS (Address Verification System) detail records
400 million encrypted credit card details with partial information
But who is the threat actor or group behind the Ticketmaster data breach? According to two known cybersecurity researchers who shared exclusive information on the basis of anonymity, ShinyHunters is not behind this data breach but is merely affiliated with a high-profile, financially motivated threat group that is the actual actor behind the breach.
The name of the threat group cannot be shared at this time due to security reasons and for reasons Hackread.com would rather not disclose until authorities do so on their own. On the other hand, sources also told Hackread.com that Sp1d3rHunters is also not involved in the breach; their main role is to post about the breach on different forums to attract as many potential buyers as possible.
Nevertheless, it’s another day with more bad news for Ticketmaster. If you are a Ticketmaster user, make sure to change your account password and keep an eye on any suspicious activity.
Google could boost Play Protect’s local app scanning capabilities soon. Now, the system would be more powerful and efficient thanks to the implementation of the YARA tool. The change would be a new step in the mixed malware-scanning approach implemented last year by the company.
Play Protect, Play Services, and Play Store are Google’s main tools to keep your Android device free of malware. Play Protect works both on apps you download from the Play Store and on APKs from external sources. Previously, the company used a cloud-based approach that required sending APKs from external sources to Google for analysis.
However, since last year, Google Play Protect can locally scan unknown APKs for malware. This way, the Mountain View giant adopted a mixed malware-scanning approach instead of a fully cloud-based one. Now, Play Protect’s local malware scanning could get more powerful thanks to the implementation of YARA.
YARA would enhance Google Play Protect’s local APK scanning
YARA is not exactly a new tool, and it has even been used in traditional antivirus for a long time. YARA is a tool capable of detecting malware by classifying it by “families.” It works by searching for code that is common among a “family” of malware. Families are set through “YARA rules” where files (apps in this case) meet certain common characteristics.
This approach prevents malware from bypassing traditional hash-based scanning. The latter works by searching for an exact hash match, but modern malware is capable of modifying itself to generate a new hash. So, basically, local malware scanning should become more efficient and effective soon, with greater detection capacity. YARA scanning references are available in the latest Play Store v41.7.16 update, as spotted by Android Authority.
It’s notable that local scanning is less powerful than cloud-based scanning. Mobile devices do not have the hardware resources necessary to run all the scanning tools that Google runs on its powerful servers. That’s why the company takes a mixed approach rather than local-only. However, the implementation of YARA will make Play Protect’s local malware analysis more capable, powerful, and autonomous.
Microsoft’s employees based in China will have to change their phones if they run Android. Microsoft is establishing a new policy where its employees will have to exclusively use iPhone devices. The main reason seems to be the ban on Google Play Services in the Asian country.
According to Bloomberg, as of September, employees affected by the decision will only be able to use Apple devices to access identity verification apps. The company wants to ensure that everyone has the Microsoft Authenticator and Identity Pass apps on their phones.
Microsoft employees forced to replace their Android devices with iPhones
The decision is part of an initiative to set stronger security measures that strengthen the company against potential attacks. For months now, Microsoft has been the target of constant attacks allegedly sponsored by the Russian government. The US government even confirmed that a related data breach also affected the State Department. The breach did not compromise the security of key confidential data. However, the situation caused US legislators to pressure the Redmond giant to implement stricter security systems.
According to the report, the company will provide iPhone 15 units as a “one-time purchase” to its staff in China. Interestingly, even employees based in Hong Kong will have to comply with the measure. It’s noteworthy that Google Play Services are available in Hong Kong. However, Microsoft is not making exceptions with its new policies.
New policies contradict the Chinese government’s position regarding foreign devices
Still, the Chinese government may not be too happy with Microsoft employees now exclusively using iPhone devices. Since 2023, they have been promoting the abandonment of devices of foreign origin at work. Like Microsoft, the Chinese government cites security concerns as the reason for the measure. However, now Microsoft employees in China will have to discard Android devices from local brands such as Xiaomi and Huawei in favor of iPhones.
Google has introduced a lot of new updates to the Play Store in recent months. The search titan has already made it easier for you to discover new apps and games, which work best on your device. The Play Store also shows ratings for apps and games with dedicated icons for different form factors.
You can easily check the ratings of a particular app with dedicated rating options for phones, tablets, and even Chromebooks. Now, Google will reportedly introduce a new update for the Play Store, which will simplify viewing ratings for various devices.
Play Store will soon start displaying app ratings inside the icon for different form factors
Currently, the Play Store displays app ratings for apps with dedicated icons for different form factors. You can tap on any of the dedicated buttons to view the exact user ratings for various devices. However, in a new APK teardown, Android Authority and code sleuth AssembleDebug have found a small but important tweak to this functionality.
The sources have found a more convenient way of viewing ratings by form factor in version 41.7.16-31 of Play Store. In the latest change, the Play Store will start displaying ratings right inside the dedicated icons for different devices. So, you will no longer have to tap on the icon to view the app or game’s rating for a particular device. It appears to be a small but welcome change, saving you a couple of seconds of your time.
The new tweak to the Play Store ratings appeared in the latest beta version of the app. Moreover, the feature was only spotted after an APK teardown of the latest version. So, there’s no clarity on when Google will make this functionality available to everyone. There’s a possibility that Google may simply remove the new tweak and show the ratings as they are displayed right now.
Another update for Play Store will soon open installed applications automatically
Google will also be adding another feature to the Play Store in the near future. The upcoming feature will automatically open applications after they are installed. Called App Auto Open, it will be an optional feature, which users can easily switch on or off.
Soon, there will be an option to activate the auto-open functionality right below the Install button. It should be available to the public in the upcoming versions of the Play Store soon.
Debuting with Android 14, the Galaxy S24, Galaxy S24+, and Galaxy S24 Ultra will receive as many as seven major Android OS updates. You will get new features all the way up to Android 22 in 2031, and potentially a couple of notable One UI updates in 2032. That may be long away, but the journey begins later this year with Android 15 and One UI 7.0.
Samsung started working on the new One UI version for the Galaxy S24 series in May. Well, the work development may have begun earlier, but we got the first proof in May. It appears the company has achieved a significant milestone in the development milestone and started testing the big update internally. Hopefully, users will get a taste of it soon.
Samsung was expected to open One UI 7.0 beta programs for the Galaxy S24 trio in August, followed by the stable update in October. However, a reliable industry insider recently claimed that the update is delayed. They didn’t specify whether the delay would affect the beta update, stable update, or both but said Samsung is prioritizing One UI 6.1.1 over it.
Based on Android 14, the new One UI version will debut with the Galaxy Z Fold 6 and Galaxy Z Flip 6 foldables launching on July 10. It’s a substantial update thanks to new AI features and camera improvements. Samsung will push this update to several older foldables, tablets, and S series flagships (will arrive as One UI 6.1 on the Galaxy S24 and its predecessors).
The Korean firm likely doesn’t plan to begin the One UI 7.0 beta before completing the One UI 6.1.1 rollout. This means the first beta update is unlikely to arrive in early August. We may still get the stable update before the end of October, though. We will keep track of One UI 7.0 development and let you know when we have more information.
AI features, privacy improvements, and more are on the cards
Samsung will probably introduce more AI features to Galaxy devices with One UI 7.0. Perhaps those AI features may be one of the reasons why the update could be delayed. Additionally, rumors have hinted at a built-in app locker, a basic privacy tool that One UI lacked all this while. Stick around for more about One UI 6.1.1 and One UI 7.0 for Galaxy devices.
Current and potential iPhone users are all awaiting the new features coming to Siri with iOS 18. The only question is when are they going to be able to get their hands on the features? Well, we just got word about when they should eventually land, and you’re not going to like it. According to a new report, we should expect the new Siri to officially hit the iPhone sometime next Spring.
Apple really shook the tech world when it announced Apple Intelligence back during WWDC. This technology brings a slew of additions to the software like tight integration with ChatGPT. Users will also gain generative AI tools like the ability to generate emojis.
Along with the announcements, we also got news about a new Siri coming to the platform. The new Siri will be much more integrated into the software, which is something that people have been pining for. You’ll be able to ask Siri to perform certain actions within apps without lifting a finger. The new Siri is one of the things that people are most excited about.
The new Siri should come next Spring
The new Siri is something that’s going to bring a ton of people over to iOS, and we’re sure that it’s going to be a driving force behind the iPhone 16’s sales. However, people buying that phone on day one will need to wait some time for their new features.
According to Mark Gurman, the new Siri features won’t hit iPhones until sometime next Spring. That’s a bit of a bummer, as we’re getting ready to enter 2024’s Summer season. So, this means that users might have to wait about a year for the new Siri.
That’s not to say that users will need to wait that long for all of the Apple Intelligence features. The visual redesign and ChatGPT integration are expected to land this Fall along with other AI features. So, if you’re an iPhone user waiting for the new AI features, you’re most likely going to have features trickle in over the coming year.
