Researchers Uncovered the Hack of a Power Station in Israel

0
[ad_1]

In the continuing Israel-Palestine conflict, there has been a noticeable rise in hacktivist groups who are planning an unending attack against a variety of targets on both sides of the conflict.

On October 8, the Cyber Av3ngers group revealed a significant hack on the Israeli Dorad private power station. The organization posted images of the allegedly hacked site and a logo that used the colors of the Palestinian flag and political sentiments, implying that the hack was in favor.

To support their claim that the Dorad website was the victim of a DoS attack, the hackers also provided proof of their DDoS success.

Kaspersky examined the information released by Cyber Av3ngers and discovered that it was derived from earlier disclosures by Moses Staff, a different hacktivist collective.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Who are the Cyber Av3ngers?

The threat actor “Cyber Avengers” is a group with a similar name that has been operating since at least 2020. There isn’t much proof that the Cyber Avengers are related to the Cyber Aveng3rs or the Cyber Av3ngers.

They primarily target Israeli organizations, particularly those maintaining the nation’s vital infrastructure. 

A new Telegram channel named @CyberAveng3rs was launched on September 15, 2023. The channel first posted statements connecting its owners to the previous actions taken by “Cyber Avengers.” Then, it added messages outlining its plans to attack Israeli key infrastructure, such as the water and electrical systems.

The most recent post on the channel discussed a security guideline the Israeli government had produced for infrastructure security and released. The Cyber Avengers team issued the instructions and the list of targets in mockery. Eight firms have been included on the list.

Dorad Private Power Plant Attack

The archive, which contained stolen information from several Israeli businesses, was originally released by Moses Staff in June 2022. 11 files that were part of the Dorad private power plant attack have timestamps from August 2020, but the timestamps on the compression are dated June 14, 2022. 

The data in the archive included PNG and JPEG images as well as PDF documents. Along with the data disclosure, the attackers also released a video.

Particularly, when researchers compare the originals from the Moses Staff archive with the pictures released by Cyber Av3ngers, it has been observed that Cyber Av3ngers captured pictures from the video and PDF files that the Moses Staff leaked. Also, Cyber Av3ngers cropped the images and added a logo image before posting. 

As a whole, it appears that Moses Staff’s hacking activities caused the data to be leaked. The files appear to have been removed from computers belonging to the targeted company using malware, and this threat actor carried out these actions using specialized tools like PyDCrypt, DCSrv, and StrifeWater.

Reports say there is typically no way to pay the ransom and decrypt the data because the Moses Staff organization is not interested in making money and instead aims to harm.

Final Words

“The Cyber Av3ngers alleged hack is recycled or repurposed from a prior security breach and is not the result of any new unauthorized access to data”, researchers said.

Therefore, this highlights The significance of robust cybersecurity measures to guard against new and ongoing threats to IT and OT systems.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

OpenSSF Launches Malicious Packages Repository

0
[ad_1]

The repository has already amassed over 15,000 reports of malicious packages, drawing data from various sources, including the OpenSSF Package Analysis project, Checkmarx security, and exports of malicious packages tracked by GitHub.

In a bid to counter the increasing threat of malicious open source packages, the Open Source Security Foundation (OpenSSF) has introduced a new initiative called the Malicious Packages Repository. This repository could turn out to be a major player in the fight against malicious code and is aimed at enhancing the security and integrity of open source software ecosystems.

A Response to Growing Threats

The launch of the Malicious Packages Repository comes at a time when cyberattacks, leveraging malicious open source packages, are on the rise. For instance, the Lazarus Group, a notorious North Korean state-backed hacking entity, recently targeted the blockchain and cryptocurrency sectors, employing cunning tactics that included deceptive npm packages to infiltrate various software supply chains.

According to crypto security experts at Immunefi, the crypto industry lost $685 million in Q3 2023, with 30% of those funds being stolen by the Lazarus Group. In such a scenario, a centralized repository for shared intelligence could have acted as an early warning system, allowing the global community to thwart such attacks more swiftly.

Decoding the Menace: What Is a Malicious Package?

Malicious packages are a form of malware that poses as open source packages and are subsequently published to popular package repositories like PyPI and NPM. While vulnerable code possesses unintentional weaknesses that can be exploited, malicious code is sophisticatedly crafted with the intent to harm or compromise its targets.

These malicious packages are used to attack unsuspecting developers or organizations that install and run them. The repercussions can range from unauthorized access and data leaks to excessive resource consumption and data destruction, with most endpoint antivirus software ill-equipped to detect these intricate attack vectors.

A Look at Recent Attacks

In a span of recent months, developers have been targeted by a string of malicious attacks. On October 5th, an NPM Typosquatting attack deployed the r77 rootkit via legitimate packages. Just a few days earlier, on October 2, FortiGuard Labs uncovered a series of malicious NPM packages specifically designed to steal data.

In late August, the developer community was shaken when the Luna Grabber malware exploited vulnerabilities through npm packages, particularly affecting those working on Roblox. On August 6th, the VMCONNECT malicious PyPI package was added to the growing list of threats, expertly mimicking common Python tools.

These incidents underscore the growing risks encountered by developers, emphasizing the necessity for robust security measures within the software development ecosystem. This further underscores the importance of having OpenSSF’s Malicious Packages Repository.

The Package Analysis Project: Vigilance in Action

OpenSSF’s Package Analysis project was conceived to detect malicious packages as soon as they emerge. This proactive approach involves downloading, installing, and executing packages from widely-used open source package repositories as they are released. During this process, executed commands and network traffic are thoroughly monitored.

Additionally, a set of stringent rules is then applied to scrutinize the package’s behaviour, distinguishing between legitimate and malicious actions. In cases where a package exhibits malicious intent, a detailed report is generated and subsequently published in the new Malicious Packages Repository.

Unifying the Response

The handling of malicious packages currently varies from one open source package repository to another. Typically, when a community member reports a malicious package, the repository’s security team removes the package and its related metadata.

Unfortunately, these actions are often executed without any public record, making it challenging to discover the extent of malicious packages in circulation. The Malicious Packages Repository fills this information void by establishing a comprehensive public database that aggregates reports of malicious packages discovered across open source repositories.

This invaluable resource has the potential to intercept malicious dependencies in their tracks, enhance detection mechanisms, scan for and prevent usage in various environments, and expedite incident response.

Leveraging the OSV Format

In a blog post published by OpenSSF on October 12th, 2023, reports in the Malicious Packages Repository are formatted using the Open Source Vulnerability (OSV) format, which is employed for specifying vulnerabilities in open source projects.

By utilizing the OSV format for malicious packages, it becomes feasible to integrate existing tools and services, including the osv.dev API, the osv-scanner tool, and deps.dev. This format is also customizable, allowing for the inclusion of additional data such as indicators of compromise or classification details.

Henrik Plate, a security researcher at application security startup, Endor Labs says it is great to see an open source project address this problem for a larger variety of ecosystems. This supports all the existing efforts of academic and corporate security researchers to secure the open source ecosystem.

“For academic researchers, in particular, it offers a nice opportunity to explore and test new approaches to malware detection without being required to redo the basic plumbing over and over again, e.g. the monitoring of new package publications on various package registries like PyPI or npm,” he added. “Thankfully, this part is covered by the associated OpenSSF package-feeds project, which goes hand in hand with the OpenSSF packageanalysis project to populate the database mentioned in the blog post.

15,000 Reports Already

Remarkably, the repository has already amassed over 15,000 reports of malicious packages, drawing data from various sources, including the OpenSSF Package Analysis project, Checkmarx security, and exports of malicious packages tracked by GitHub.

Nonetheless, the Malicious Packages Repository by OpenSSF serves as a stronghold of collective protection, arming the open source community with the necessary tools and know-how to shield against harmful intrusions, safeguard software integrity, and fortify the core of open source development.


[ad_2]
Source link

Experience the Samsung Galaxy S23 Ultra at a Cool $200 Off Today!

0
[ad_1]

Today, Amazon is discounting the Galaxy S23 Ultra, making it just $999. That’s $200 off of its regular price, but not quite an all-time low. Just last week, it was down to $949 during Amazon’s Prime Big Deal Days, which was the all-time low. So if you missed that, this is still a good time to grab one.

Galaxy S23 Ultra – Amazon

Why you should buy the Galaxy S23 Ultra

The Galaxy S23 Ultra is one of the best smartphones on the market, and it’s currently on sale for $250 off during Prime Day. This is a great opportunity to get your hands on this powerful device, which is packed with features that can help you stay productive, creative, and entertained.

Here are just a few of the reasons why you should buy the Galaxy S23 Ultra on Prime Day:

  • It’s the best phone for productivity. The Galaxy S23 Ultra has a large, beautiful display that’s perfect for working on documents, spreadsheets, or presentations. It also has a powerful processor and plenty of RAM, so you can multitask without any problems.
  • It’s the best phone for creativity. The Galaxy S23 Ultra has a versatile camera system that can take stunning photos and videos. It also has a built-in S Pen, which is perfect for taking notes, sketching, or editing photos.
  • It’s the best phone for entertainment. The Galaxy S23 Ultra has a powerful processor and a long-lasting battery, so you can watch videos, play games, or listen to music all day long. It also has a built-in DeX mode, which lets you use your phone like a computer.

If you’re looking for a powerful, versatile, and stylish smartphone, the Galaxy S23 Ultra is a great option. And right now, it’s on sale for $250 off during Prime Day, down to $949. So don’t miss out on this opportunity to get your hands on this amazing device.

Galaxy S23 Ultra – Amazon


[ad_2]
Source link

Huawei’s China dominance is affecting the iPhone 15 series’ sales

0
[ad_1]

Over the years, Huawei’s China dominance has been growing stronger despite foreign opposition to the brand. This dominance might be a major challenge for the new iPhone 15 series that hit the global smartphone market a few weeks ago. Ever since the launch of this new series in China, sales have not been as impressive as that of the 14 series from last year.

According to analysts, sales on this new series are down 4.5% in comparison to the 14 series. The slump in Apple’s sales in China might be attributed to the fact that Huawei is picking up its pace in the region. But, it’s good to note that the Apple iPhone 15 series sales are not as impressive as they are in a few other regions as well.

In China, the new iPhone series faces serious competition from Huawei with its new Mate series device. The launch of this new device from Huawei drew lots of attention to the brand just before the iPhone 15 series launch. These two big players in the smartphone industry are now going head-to-head in the Chinese market, with one party coming on top in the competition.

The iPhone 15 series sales are dwindling in China, partly due to Huawei’s dominance of the market

Before the US ban on Huawei technology, the China tech giant was making waves around the world. In its home country, the brand was topping the competition on flagship and budget levels. This growth and dominance were brought to a standstill with the US ban on the company, limiting its access to vital equipment to manufacture its products.

During Huawei’s trying times, Apple rose to stardom in China, amassing sales and strengthening its presence. However, Huawei didn’t stop innovating because of this ban and this year they seem to be back on track in the smartphone industry. The launch of the Huawei Mate 60 series in China took the internet by storm as the smartphone showed off the brand’s innovative prowess.

Not only did this smartphone series improve in areas such as photography and performance, but it also brought a new chip. This was a refresh of Huawei’s Kirin chip and it proved that the company might have found a way around the US ban. Sales of this new series in China have been impressive ever since launch, with more people taking interest in the device.

Apple, on the other hand, has been trying to meet its sales target with the new iPhone 15 series. Huawei’s dominance in China is taking a toll on Apple’s business by impacting sales. Apple isn’t the only smartphone producer that is feeling this heat in China, as other major tech brands are struggling to make sales.

Tech giant Samsung is also finding it hard to meet its sales target in China as well. Analysts say that by next year, Huawei might kick Apple off the top spot in smartphone sales, hence solidifying its dominance. To compete with Huawei, other brands like Apple and Samsung need to find ways to improve their sales.


[ad_2]
Source link

YouTube gets new AI-powered advertising that helps brands target major events or holidays

0
[ad_1]
YouTube is upping its advertising game and is now offering advertisers a new package called “Spotlight Moments”, reports TechCrunch. The new package will use AI to identify the most popular YouTube videos related to a specific moment, like Halloween, major awards (Oscars), or sporting events.

YouTube advertisers can use AI now for better advertising

The advertiser will be able to use AI to identify a big cultural moment like the ones mentioned above and then serve ads across a video referencing the topic or event. These videos will be curated into dynamically updated playlists.

AI is now becoming a prominent way that we interact with the internet. Actually, you don’t interact with AI just by chatting with Bard. AI’s been in advertising as well and is quietly powering the ads you’re seeing, where they are, and why. The Spotlight Moments feature is just one of several AI-powered initiatives launched by YouTube. Other such campaigns are Video Reach and Video View, which also use Google AI.


YouTube says that companies that use Video Reach, for example, with in-stream, in-feed, and YouTube Shorts have seen their campaigns deliver 54% more reach in comparison to in-stream only. Google is looking toward a new era in using AI, where generative AI will help transform how the company sells and places ads. AI is also used to automatically create assets for Search ads, which use content from a given brand’s home page and existing ads to craft new headlines and descriptions for their ads for example. Google AI can also learn about a brand from its website and then populate a campaign with text and assets, including generated images.

[ad_2]
Source link

XorDDoS Infects Linux Devices & uses them to Carry out DDoS

0
[ad_1]

A new campaign has been discovered that uses XorDDoS Trojan, which affects Linux systems and devices, turning them into zombies that can be controlled by threat actors remotely.

Moreover, these compromised systems can later be used for DDoS(Distributed Denial-of-Service) attacks.

Comparing this current campaign with the campaign conducted in 2022, there was only one change found, which was the configuration of the C2 hosts.

However, the attacking domains were still unchanged. The threat actors seem to have migrated their offensive infrastructure to hosts running on legitimate public hosting services.

Additionally, with respect to the 2022 campaign, many security vendors have already classified the C2 domains as malicious and barred them but still the current active malware traffic is being directed to new IPs.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

As part of the initial access vector, the threat actors scanned for hosts with HTTP service, vulnerable to directory traversal attacks that can enable access to arbitrary files on the server.

Threat actors specifically targeted the /etc/passwd file to read passwords. However, since the file has only encrypted passwords, they were forced to gain initial access through SSH brute-force attacks. Once they gained access, they downloaded malware from remote servers and owned the system.

XorDDoS Infects Linux Devices

XorDDoS Trojan uses an XOR encryption key (BB2FA36AAA9541F0) to encrypt all the execution-related data which are then decrypted using a decryption function. Once the malware is activated on the victim machine, it retrieves essential information such as /var/run/gcc.pid, the OS version, malware version, memory status, and CPU information.

The malware also used the decrypt_remotestr() function to decrypt the C2 domains embedded inside the executable. The C2 endpoints are,

  • ppp.gggatat456[.]com:53
  • ppp.xxxatat456[.]com:53
  • p5.dddgata789[.]com:53
  • P5.lpjulidny7[.]com:53
C2 decryption function
C2 decryption function (Source: Palo Alto Unit42)

Persistence

As a means of persistence, the malware creates scheduled autorun tasks, which will run every three minutes, along with an autorun service configured during startup.

Detection evasion is achieved by turning its process into a background service that can disguise itself as a legitimate process.

C2 Network Infrastructure

A list of C2 domains that were registered and used by the threat actors is as follows:

C2 DomainsName ServerC2 SubdomainsIP AddressesAutonomous System
xxxatat456[.]comname-services[.]comaaa.xxxatat456[.]comb12.xxxatat456[.]comppp.xxxatat456[.]comwww.ppp.xxxatat456[.]comwww.xxxatat456[.]com142.0.138[.]41142.0.138[.]42142.0.138[.]43142.0.138[.]44142.4.106[.]73142.4.106[.]75192.74.236[.]33192.74.236[.]34192.74.236[.]3554600
gggatat456[.]comname-services[.]comaaa.gggatat456[.]comppp.gggatat456[.]comwww1.gggatat456[.]comwww.ppp.gggatat456[.]com142.0.138[.]41142.0.138[.]42142.0.138[.]43142.4.106[.]73142.4.106[.]74142.4.106[.]75142.4.106[.]76192.74.236[.]33192.74.236[.]34192.74.236[.]35192.74.236[.]3654600
lpjulidny7[.]comdomaincontrol[.]comp0.lpjulidny7[.]comp2.lpjulidny7[.]comp3.lpjulidny7[.]comp4.lpjulidny7[.]comp5.lpjulidny7[.]com34.98.99[.]30396982
dddgata789[.]comdomaincontrol[.]comddd.dddgata789[.]comp5.dddgata789[.]comN/AN/A

Source: Palo Alto Unit42

Complete Network Infrastructure
Complete Network Infrastructure (Source: Palo Alto Unit42)

Furthermore, a comprehensive report about this new campaign and the trojan has been published by Unit42 of Palo Alto, which provides detailed information about the campaign, code analysis, obfuscation techniques, and other information.

Indicators of Compromises (IOCs)

XorDDoS Binaries

  • b8c4d68755d09e9ad47e0fa14737b3d2d5ad1246de5ef1b3c794b1339d8fe9f8
  • 265a38c6dee58f912ff82a4e7ce3a32b2a3216bffd8c971a7414432c5f66ef11
  • 1e823ae1e8d2689f1090b09dc15dc1953fa0d3f703aec682214750b9ef8795f1
  • 989a371948b2c50b1d45dac9b3375cbbf832623b30e41d2e04d13d2bcf76e56b
  • 20f202d4a42096588c6a498ddb1e92f5b7531cb108fca45498ac7cd9d46b6448
  • 9c5fc75a453276dcd479601d13593420fc53c80ad6bd911aaeb57d8da693da43
  • ce0268e14b9095e186d5d4fe0b3d7ced0c1cc5bd9c4823b3dfa89853ba83c94f
  • aeb29dc28699b899a89c990eab32c7697679f764f9f33de7d2e2dc28ea8300f5

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Google Play Store app could get a fixed search bar

0
[ad_1]

The Google Play Store app could get a fixed search bar, it seems. Google is testing this feature as we speak, as was spotted by AssembleDebug. For those of you who don’t know, he’s in charge of the Google Apps Flags & Leaks Telegram community.

Google could roll out a fixed search bar to the Play Store app

The change here is very simple and straightforward. When you open the Google Play Store app on your phone now, you’ll see a search bar at the top. Next to it is the notification bell, and your profile picture aka options for your profile.

None of that will change. However, when you try to scroll down now, the search bar goes away in its entirety. It does pop back up whenever you scroll up, immediately, you don’t need to scroll up all the way.

That’s the only part of the UI that disappears when you scroll. The app categories below (For you, Top charts, Kids, and so on) stay there Well, Google is seemingly testing a slight change in the code.

The company wants the search bar to stay fixed as well, along with the categories below it. That way the search bar will always be only one tap away, and you won’t need to scroll beforehand.

You can activate it now, but the process is not simple

You can even enable it as we speak, but you need to be rooted, and the process is not all that straightforward. Not only is a flag change needed, but you’ll also need GappsMod in order to make it happen. If you’d like to know more, here’s all the info.

Now, just because Google is experimenting with this doesn’t mean it’ll become a reality. Google conducts various similar tests on the UI side of things, and not all of them end up being used.

This is a rather small change, and not many users would care if Google made it. Using a fixed search bar could make things a bit simpler for non-tech-savvy people, though.


[ad_2]
Source link

What’s next for Exynos and AI: Insights from Samsung executive

0
[ad_1]

Earlier this month, Samsung unveiled the Exynos 2400 flagship processor for the Galaxy S24 series. The company didn’t share full specs but revealed that the new chip will bring a massive 14.7x boost in AI performance over the Exynos 2200. In a recent interview, a Samsung LSI executive said AI will be integral to the next industrial revolution. The executive also talked about the firm’s partnership with AMD and long-term plans for ISOCELL cameras.

Samsung executive talks about AI, Exynos, AMD, and ISOCELL in a new interview

Shortly after the Exynos 2400 announcement, SamMobile interviewed Sanjith Thayyilthodiyil, Vice President of Samsung System LSI’s Sales & Marketing team. The executive was asked about the current trend in semiconductor technology and the company’s short-term and long-term goals for Exynos chips. He labeled AI as a revolutionary tech and said that the industry is gearing up to shift from generative AI to proactive AI.

In anticipation of this shift, Samsung plans to create a semiconductor platform “that converges and creates synergies among logic and memory components, packages, and systems driving mobile and automotive technologies.” It will help the company establish a lead in “hyper-intelligent, hyper-connected, and hyper-data technologies” that it sees as essential for the Fourth Industrial Revolution. Sanjith said Samsung is “uniquely positioned to drive advances in a new era of proactive AI.”

The executive refrained from sharing more details about the Exynos 2400 and only reiterated what Samsung has already revealed. However, he confirmed that the firm’s partnership with AMD is here to stay. The duo joined hands in 2019 to make custom mobile GPUs based on the latter’s Radeon graphics technology. It eventually resulted in the smartphone industry’s first GPU with hardware-accelerated ray tracing capability.

The Exynos 2400 also features an AMD-powered GPU, with Samsung promising enhanced ray tracing. It appears there’s plenty more to come from the duo. They announced a multi-year extension of the partnership in April. Sanjith has now suggested that they are already working on the next products. He said AMD’s Radeon graphics technology will make its way into “an extended range” of Exynos chips, hinting at mid-range solutions.

Samsung is working on new camera technologies

Alongside the Exynos 2400, Samsung also announced Zoom Anyplace. It’s a new zoom technology for its 200MP cameras. The company says it offers “an entirely new camera zoom experience, allowing mobile users to take up to 4x close-ups of moving objects without any image degradation.” AI-based tracking technology automatically follows and captures the moving objects, while simultaneously compensating for camera shake to give stable results.

This is just one of the many advanced camera technologies Samsung is currently working on. There are already rumors of the company developing sensors with over 400MP resolution and 1-inch optical size. Sanjith pretty much confirmed these rumors. “We are pioneering innovations in both ultra-high resolution products which deliver exceptional detail and clarity as well as big-pixel sensors optimized for capturing details in low-light environments,” he said.

The executive added that high-resolution cameras bring benefits like sharper images, while pixel binning ensures that the phones capture images as low as 12.5MP resolution by default for faster shutter speed. However, that doesn’t mean it won’t make big-pixel sensors. “Samsung is continuously innovating to elevate its mobile image sensor technologies beyond DSLR-grade performance,” Sanjith said. “This entails advancements in high dynamic range (HDR), low-light performance, and seamless 8K video recording.”

New 3D ToF sensors and more

Samsung’s camera solutions aren’t limited to smartphones. It also makes cameras for cars, IoT devices, and other products. Sanjith said that the company has new technologies in the pipeline that will be “key drivers in the growing automotive CIS market.” It plans to advance the “next-generation CIS technologies like global shutter and time-of-flight (ToF) to create new user experiences.”

The Korean firm’s new ISOCELL Vizion lineup brings ToF and global shutter sensors to enable advanced visual capabilities for next-gen mobile, commercial, and industrial applications. “ToF sensors are tailored for capturing high-resolution 3D images with exceptional detail while global shutter sensors are ideal for capturing dynamic movements without distortion,” the Samsung executive explained.

Samsung is also considering integrating Ultra Wideband, aka UWB, support into Exynos chips, the executive confirmed. Sanjith said its precise location tracking capabilities and robust security features will be key to a more connected world. He sees UWB coming to more mobile, automotive, and industrial products in the future. You can expect Samsung to share more details about the Exynos 2400 closer to or after the Galaxy S24 launch.


[ad_2]
Source link

Snapchat videos and stories can now be embedded

0
[ad_1]

Snap is finally allowing people to embed Snapchat content into their articles or websites, a feature that other social apps have been offering for a very long time. Starting today, Snapchat content in the form of videos and stories can easily be embedded by simply copying their codes.

Just like Twitter, Instagram and Facebook, Snapchat offers a pretty streamlined method of embedding its content in articles or websites. You can only embed Lenses, Spotlight videos, public Stories or Profiles from Snapchat.

  • If you see a Lens or content you’d like embed, copy the link and open it on your computer browser, or search on Snapchat.com
  • Tap the ‘embed’ icon in the share sheet and copy the code

In related news, Engadget reports that Snap introduced yet another OpenAI-powered feature that makes it possible for snaps to include more of the surroundings.

However, according to the report, the new AI feature is only available for Snapchat+ subscribers, at least for the time being. Snap’s premium tier costs $3.99 per month and promises to offer access to exclusive, as well as new features long before they’re made available to everyone else.


[ad_2]
Source link

WhatsApp Passkey feature rolling out now to boost security

0
[ad_1]

WhatsApp is now making the Passkey feature available to Android users around the world. This feature helps improve security and also makes signing in to your account more stress-free and convenient. Users can now prepare to wave SMS-delivered one-time passwords goodbye, as the passkey will replace this already existing security feature.

With this new feature, WhatsApp is leveraging a security tool that most users of their app have access to. Over the years, various forms of biometric identification have become more popular among smartphone users. Passkey identification leverages this security tool to make accessing your account on any device more secure, fast, and stress-free.

The past few months have seen WhatsApp beta test this feature, which is now becoming available to the public. But what exactly is a passkey, and how will this new WhatsApp security feature work? These might be some of the questions that are weighing upon your mind, and this article will provide answers.

Everything you need to know about the new WhatsApp Passkey feature

passkey is simply a digital credential that permits users to sign in to various accounts online without entering their username and password. This mode of sign-in syncs across various devices and they employ the use of biometric sensors to confirm the user’s identity. Credentials generated from this style of log-in can also be stored on Password Manager apps for quick access on any device.

In comparison with regular password sign-in methods, passkey sign-in is more secure, faster, and stress-free. WhatsApp is now joining Google to announce this log-in system on its app. Users can now sign in to their account on any device by using the biometric system on that device. This mode of log-in does away with the need for two-factor authentication, hence being more secure.

Two-factor authentication was a bit vulnerable to phishing attacks and stressful for users. Some users found it a bit stressful accessing the two-factor authentication code that is sent to them via SMS or email. Sometimes the code doesn’t come through and users would have to request it repeatedly.

This feature is currently rolling out to WhatsApp users around the world. WhatsApp will prompt users to create a passkey for their account, giving them quick log-in on any device. The arrival of the WhatsApp Passkey feature doesn’t mean the end of password log-in, as both will exist together.

Users will be able to pick between either log-in option based on their preferences. The passkey users create can be saved on their password manager app, so it syncs with their Google account on all devices. In the coming days, more users around the world will gain access to this security feature via an app update.


[ad_2]
Source link