In addition to the Motorola Razr+, the company also announced the Motorola Razr today. This phone is inferior to its ‘Plus’ sibling, but it’s also quite compelling. We’re here to check out the Motorola Razr specifications, as we’ve already covered the Motorola Razr+ specs.
Before we get down to it, do note that both of these are foldable smartphones. They’re the company’s new flip phones and will be called differently outside of the US. These are US-exclusive names.
The Motorola Razr has mid-range specifications, it’s fueled by the MediaTek Dimensity 7300X
The Motorola Razr is fueled by the MediaTek Dimensity 7300X processor. The company included 8GB of LPDDR4X RAM on the inside, along with 256GB of UFS 2.2 flash storage (non-expandable).
The main display on the phone is a 6.9-inch fullHD+ (2640 x 1080) panel. It’s a pOLED display, by the way, and it’s foldable. The refresh rate here is 120Hz, well, up to 120Hz (LTPO panel). The peak brightness of this panel is 3,000 nits.
The cover display, on the other hand, is a 3.6-inch pOLED panel. It has a resolution of 1056 x 1066, and this is an LTPS pane, not an LTPO one. This is a Flexible AMOLED display, and it supports HDR10+ content. It has a refresh rate of up to 90Hz and a peak brightness of 1,700 nits. Gorilla Glass Victus protects the phone’s cover display.
The device supports 30W wired charging, and 15W wireless charging
A 4,200mAh battery is included here, and the phone supports 30W TurboPower wired charging. 15W wireless charging is also supported. Do note that the charger does not come bundled in the box.
A 50-megapixel main camera (f/1.7 aperture, 0.8zm pixel size, OIS, Instant-all Pixel Focus) is backed by a 13-megapixel ultrawide/macro camera (f/2.2 aperture, 1.12um pixel size, 120-degree FoV). The front-facing camera is a 32-megapixel unit (f/2.4 aperture, 0.7um pixel size).
The phone does include a set of stereo speakers with Dolby Atmos support. Spatial Sound is on offer too, and there are three microphones included on the device. Bluetooth 5.4 is also supported here. Android 14 comes pre-installed on the device.
A side-facing fingerprint scanner is in use, while the phone comes in three color options
Yes, the Motorola Razr supports both a physical SIM and an eSIM, ti’s up to you. A side-facing fingerprint scanner is included too, while the phone supports Wi-Fi 6/6E. The device is also IPX8 certified for water resistance. Its frame is made out of aluminum, and vegan leather is placed on the back.
The Motorola Razr measures 171.30 x 73.99 x 7.25mm when open, and 88.08 x 73.99 x 15.85mm when closed. It weighs 188 grams. The phone comes in Beach Sand, Koala Gray, and Spritz Orange colors.
Have there ever been more buzzwords stuffed into a single headline? It appears that An AI-generated Elon Musk was running a scam where it shilled crypto. As much as we want to believe that this is clickbait, it’s not.
Suffice it to say, Elon himself wasn’t involved in this scam. We’re still waiting for information about who was running the scam. So, you’re going to have to stay tuned for more information on this topic.
An AI-generated Elon Musk was shilling crypto
We should know how these sorts of scams work by now. A YouTube livestream started, and it starred Mr. Elon Musk; only, it wasn’t him. It was an AI-generated voice masquerading as him. Scammers use this tactic all of the time. They emulate notable figures to push their crypto scams.
Emulating notable figures like Elon Musk, Mr. Beast, MKBHD, etc. is a surefire way to get unsuspecting users to believe in them. In fact, there was a case a few years ago where Arun Maini (AKA Mr. Whostheboss) had his account hacked and used to shill Crypto.
This latest scam wasn’t any different. The account that live-streamed was named @elon.teslastream. It’s been taken down, but it peaked at 10.7K subscribers. That should be the first clue that something was up. The official Tesla YouTube channel sports 2.65 million subscribers.
From Engadget
It was asking for users to invest their Bitcoin, Ethereum, or Dogecoin to participate in a giveaway. The scam was promising to “automatically send back double the amount of the cryptocurrency [people] deposited.” Yes, you have permission to roll your eyes.
While this was obviously a scam, there were, apparently, upwards of 30,000 viewers in the stream. We’re not sure how many of those were bots and how many were actual human idiots.
These scams aren’t only being presented on YouTube. We’ve seen other reports of this sort of thing happening on Reddit and other platforms. We’re not sure how these platforms plan to combat this, but we know that it’s only going to get worse as time goes on.
If your Android phone no longer receives security updates, you are at an increased risk of ransomware attacks. Security researchers have discovered several malware campaigns primarily targeting outdated Android devices. It employs an open-source Android malware named “Rafel RAT”. Even flagship models, such as Samsung’s Galaxy S lineup, are vulnerable.
New ransomware campaigns targeting outdated Android phones with Rafel RAT
Rafel RAT is a powerful open-source malware tool with excellent techniques to avoid detection. It provides malicious actors with a remote administration and control toolkit that allows them to perform various malicious activities on an infected device. From data theft and surveillance to device manipulation, it facilitates all kinds of remote attacks, making it a popular choice among threat actors.
Security researchers Antonis Terefos and Bohdan Melnykov of Check Point recently identified over 120 Android malware campaigns using Rafel RAT. Some of the campaigns are run by well-known threat actors, including APT-C-35 (aka DoNot Team, Brainworm, and Origami Elephant). Lesser-known attackers are behind the others, with most of them originating in Pakistan and Iran.
The research firm says most of the victims were located in the United States, China, and Indonesia. However, the malware campaigns also infested Android devices in India, Australia, France, Germany, Italy, Russia, and several other countries. The attackers primarily targeted devices running Android 11 or older. Those phones have stopped receiving security updates and are vulnerable to known flaws.
According to Check Point, over 87.5% of all affected devices were on Android 11 or an older version. Android 5 and Android 8 devices accounted for 17.9% of attacks each—the most. Some affected devices were on Android 4. This makes us wonder how long people are holding onto their phones. Android 4 came in 2011 and no longer supports Google Play Services, let alone get security updates.
As far as smartphone brands are concerned, it’s a mix of all popular companies. Samsung devices saw the most number of attacks, but this could also be reflective of it being the largest vendor. The Korean firm makes more phones than any other brand and has long been at the top of the pile. Xiaomi, Vivo, and Huawei devices comprised the second-largest group among the targeted victims.
Avoid installing apps from unknown sources
Cybercriminals distribute Rafel RAT through various means. However, in most cases, users download it via malicious APKs disguised as popular social media and messaging apps, including Instagram and WhatsApp. Threat actors also impersonate e-commerce platforms and antivirus apps to distribute the malware. Upon installation, it asks for a wide range of permissions to access everything on the phone.
Attackers can remotely watch it all and decide the next step. Check Point’s analysis revealed that the attackers issued the ransomware command in roughly 10% of the cases. Rafel RAT’s ransomware module encrypts the affected phone’s files using a pre-defined ARS key, giving the attackers full control over the device. They can also remotely change the device’s password to lock the user out.
The research firm says these Rafel RAT Android ransomware campaigns “successfully targeted high-profile organizations, including the military sector.” This is alarming and tells you a lot about the risks associated with using outdated devices and installing apps from unknown sources. You should always download apps from official sources such as the Google Play Store, Samsung Galaxy Store, or the official developer website.
The war between AI companies and the industries they steal from rages on. AI companies are no strangers to scraping content from actual creators without their consent, and the entities supporting the creators are striking back. Two music generators (Udio and Suno) are facing a lawsuit from top music labels.
As with anything dealing with the law, things are moving slowly. Right now, The New York Times is still in the process of suing OpenAI and Microsoft for lifting copyrighted material from the site. This lawsuit has been going on for several months, and we’re still waiting for the result.
AI has been dragging a knife through several industries like writing and art, and it has its sights set on the film industry. Well, the music industry is not immune to the blade. We’ve seen examples of AI-generated music making headlines. It’s, obviously, a huge smack to the face of anyone who’s made actual music.
Two music generators are being sued by top music labels
The two music generators in question are Suno and Udio. Several top music labels are now suing these companies for their AI music-generating tools. The Recording Industry Association of America announced this lawsuit on Monday.
The labels involved in the lawsuit are Universal Music Group, Sony Music Entertainment, and Warner Records. The lawsuit is asking for a hefty amount of money in compensation. As per the report, it’s asking for $150,000 for each stolen work. That’s a tab that can wrack up quickly depending on how many tracks were lifted.
The lawsuit claims that the tools “spit out” similar works. That’s pretty much how most mainstream AI tools work. Mikey Shulman, Suno AI’s chief executive said that the technology is “designed to generate completely new outputs, not to memorise and regurgitate pre-existing content…but instead of entertaining a good faith discussion, they’ve reverted to their old lawyer-led playbook,” Shulman continued.
However, if this tool is creating “completely new works,” then there wouldn’t be a lawsuit, would there? Companies need to stop trying to convince people that their tools create completely new works. We’ve seen so many examples of tools making content extremely reminiscent of existing works. We’ve seen it from music to art to journalism.
We’re going to have to wait for the outcome of this lawsuit. There’s no telling when to expect the results from the case.
YouTube is making changes to the audio on videos on your Android TV and Google TV, so you don’t have to keep grabbing the remote to fix the volume. This new feature, called “stable volume”, automatically makes quiet parts louder and loud parts quieter.
If you’re watching YouTube on your TV, you might have noticed that some videos are louder than others. Maybe you’re watching a video and someone is whispering, so you turn up the volume. Then the next video starts, and it’s super loud, then you have to scramble to quickly turn the volume back down. It can be a pain, and it’s not great for your ears.
However, YouTube is looking to fix this problem by adding “stable volume” to the YouTube app. With stable volume turned on, you shouldn’t have to adjust the volume as much as YouTube will do it for you. The feature tries to keep all the audio at a similar level, so you won’t be surprised by sudden loud noises or struggle to hear quiet parts.
The “stable volume” feature can be accessed by playing a video on YouTube, and then tapping on the gear icon. You should then see a toggle for stable volume, which is turned on by default. However, if you prefer to have your volume settings as you had them before, you can always turn the feature off.
Google and Android TV audio settings with “stable volume” turned on | Image credit — 9to5Google
Stable volume isn’t exactly a new feature, as it has been available on the mobile version of YouTube for some time now. However, it is new on the smart TV version of YouTube, and as such, it might not be perfect. For example, it might not work well with music videos or videos that have a lot of different sounds. If you’re a music lover, you might not like how stable volume changes the way music sounds.
That said, for most people, stable volume should be helpful. If you’re tired of constantly adjusting the volume on your TV, you might want to give it a try in the latest YouTube v4.40.303 version on your Google or Android TV.
Cybersecurity firm Resecurity reports that cybercriminals are selling stolen digital identities of Singaporeans on the Dark Web with prices starting at $8. Researchers found numerous instances of stolen identity information on Dark Web and underground cyber crime platforms, including the leading Russian language marketplace for stolen identities ‘XSS’.
Researchers noted that the number of underground vendors selling stolen identity data of Singapore citizens in 2024 Q2 has increased by 230% compared to 2023. The spike was identified by metrics like the sudden increment in the mentions of “Singpass” (Singapore Personal Access) on the Dark Web.
“Our statistics show that starting from April 15th, 2024, we have registered a significant increase in data dumps with a significant number of records (from 10,000 and more) being offered by multiple actors this month.”
Resecurity
As per Rsecurity’s report shared with Hackread.com ahead of publishing on Monday, throughout Q1/Q2 2024, infostealers and social engineering techniques remained a key cause of Singpass accounts compromise, which can be exploited for money laundering. In June 2024, Resecurity recovered over 2,377 compromised Singpass accounts from the Dark Web and notified affected individuals.
Screenshot from the data being sold (Credit: Rsecurity)
Between October 2023 and June 2024, several underground vendors monetized stolen identity data, including passports, identity cards (IC), and sanitized driving licenses. Moreover, cybercriminals are selling national ID templates for Know Your Customer (KYC) purposes (passports, driving licenses, utility bills and banking statements), and offering services to create forged documents, verify accounts, and pass KYC checks.
This suggests undisclosed data breaches affecting Singapore citizens, leading to a surge in leaked KYC documents, primarily involving selfies, which the Singaporean government requires for verification purposes.
Additionally, these Dark web platforms are selling compromised access to sensitive data from critical sectors such as healthcare, lending, e-commerce, and financial platforms. However, these malicious attacks do not end there. Researchers have also found evidence of several scam groups targeting citizens through telemarketing or customer support services.
It is concerning that the stolen data includes biometric information such as fingerprints and facial data, which can be illegally reused for forged documents, access manipulation, and other malicious scenarios by cybercriminals. Using Deep Fakes and AI-powered techniques, nation-state and foreign actors will need this data for intelligence gathering and infiltration activities.
Compromised digital identities expose Singaporeans to risks like financial loss, identity theft, and reputational damage. It is, therefore, crucial they are cautious of phishing attempts, use multi-factor authentication (MFA), and stay informed on the latest cybersecurity threats.
Webkit vulnerabilities in PS4 and PS5 refer to bugs found in the Webkit engine used by their web browsers.
These bugs, discovered in browsers like Safari and Chrome, can also exist in PS4 and PS5 because they share the same Webkit codebase.
While a Webkit bug alone isn’t enough for a jailbreak, it can be a crucial first step, and exploiting such a vulnerability along with a kernel exploit (giving more system access) can potentially lead to a PS4/PS5 jailbreak.
The PPPwn exploit alone is not sufficient for a PS5 jailbreak due to the console’s strong security mitigations. A usermode exploit is likely needed in conjunction with PPPwn for a workable PS5 exploit.
While PPPwn is triggered during an internet connection, Webkit exploits run in the web browser, making it challenging to exploit them sequentially.
However, Webkit exploits are generally positive signs for the PS5 hacking scene as they potentially offer avenues for future exploits.
Attackers were able to take advantage of a recently patched Safari/WebKit vulnerability by exploiting a JavaScript engine assumption, and certain properties, like prototypes, are unconfigurable.
The bug enabled them to be configured, essentially creating type confusion.
By manipulating this, attackers could gain access to properties that should be inaccessible, potentially through the Spread opcode used in the analysis phase.
This highlights the danger of unexpected side effects when assumptions about data types are broken.
confusion vulnerability code snippet
The code crafts a scenario for a potential type of confusion vulnerability.
By inheriting from `Function`, the `Base` class gains access to the built-in `prototype` property, and assigning a number to `super.prototype` during construction might corrupt the prototype chain.
A getter is defined on a non-existent `arr` variable to manipulate `victim [1]` when the `prototype` getter is called, which, combined with a large loop manipulating `victim` elements and a final type conversion using a potentially attacker-controlled ‘flag’, creates an environment where writing to `arr[0]` could overwrite the `prototype` of another object with the value of `victim [1]`, potentially leading to unexpected behavior.
firmware impacted by the vulnerability.
A potential Webkit vulnerability is reported to be affecting PS4 and PS5 consoles.
Users can see if their devices are susceptible by testing a specific URL through the console’s browser with DNS redirection.
According to Wolo, the test exploits the vulnerability by feeding a malicious webpage that triggers an “Out of Memory” or “Not enough system memory” error message, indicating a successful exploit on PS4 firmware versions 10.00 to 11.02 and PS5 firmware versions 6.00 to 8.60.
FreeWebinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
Last week, a reliable industry insider said that Samsung’s Galaxy S25 series may ship with a Snapdragon chip globally. There may not be an Exynos version of any model anywhere. Another source has now suggested the same, though it says the Korean firm is trying hard not to do that. It is desperate to keep a dual-chip strategy for its next flagships.
Samsung is racing against time to make an Exynos chip for the Galaxy S25
Last year’s Galaxy S23 series was Samsung‘s first and only S-series flagship lineup to lack an Exynos version. The company shipped the phones with the Snapdragon 8 Gen 2 globally. This year, it used the Snapdragon 8 Gen 3 in the Galaxy S24 Ultra globally but sold the other two models with the Exynos 2400 in some markets, including Europe.
Samsung was presumed to do the same with the Galaxy S25 series, selling the new flagships in Snapdragon and Exynos versions depending on the market. However, renowned analyst Ming-Chi Kuo recently said that the company is struggling with the yield of the Exynos 2500, leaving it no other option but to ship the Galaxy S25 trio with Qualcomm’s Snapdragon 8 Gen 4 globally.
A new report from ZDNet Korea validates Samsung’s yield issues. According to the publication, the yield rate of the Exynos 2500 was in single digits in the first quarter of 2024. The company improved the yield in the second quarter but it is still hovering under 20%. In simpler terms, Samsung is producing only 20 usable chips from a possible 100, which is a massive production waste.
The report adds that Samsung must achieve at least a 60% yield rate for the Exynos 2500 to enter mass production. More importantly, it must do that by the end of the third quarter or in the early fourth quarter, i.e., between September and October. If the yield remains low, the company will have to exclusively use the next-gen Snapdragon chip in the Galaxy S25 series.
The switch to GAA architecture may be giving Samsung problems
The Exynos 2500 is a 3nm chip. Samsung is employing the more advanced GAA transistor architecture for its new process node. It appears this switch is giving the company problems. TSMC, which will produce the Snapdragon 8 Gen 4 on its 3nm process, is sticking to the FinFET architecture. If Samsung fails to introduce Exynos 2500 to the Galaxy S25 series, it might bemoan the GAA upgrade.
That said, the Korean tech titan still has 3-4 months in hand. It might be enough to turn the tide and release an Exynos version of its next flagship. Fans may not be happy about it, though. Exynos chips have troubled Galaxy users too much for them to trust it anymore, even if early leaks hint at huge improvements. We should get a clearer picture of Samsung’s situation in a few months.
A new method of distributing the Remcos Remote Access Trojan (RAT) has been identified.
This malware, known for providing attackers complete control over infected systems, is being spread through malicious Word documents containing shortened URLs.
These URLs lead to the download of the Remcos RAT, which can be used for data theft, espionage, and other malicious activities.
Understanding the infection chain and recognizing the signs of such attacks is crucial for mitigating these threats.
Infection Chain Analysis
According to the Forcepoint blogs, the attack begins with an email containing a .docx attachment designed to deceive the recipient.
Upon examining this file, a shortened URL is found, indicating malicious intent. This URL redirects to download a variant of the Equation Editor malware in RTF format.
By exploiting the Equation Editor vulnerability (CVE-2017-11882), the malware attempts to download a VB script composed of a lengthy sequence of concatenated variables and strings, likely encoded or obfuscated.
These strings form an encoded payload, which may be decoded or executed later in the script.
The VB script deobfuscates to PowerShell code that tries to download a malicious binary via a steganographic image and reverse Base64 encoded strings.
Although a command and control (C2) call is made, there’s also a TCP reconnect, suggesting that the C2 might be unavailable.
Passive DNS analysis identified the C2 domains, but they are currently inactive.
Detailed Breakdown of the Attack
The document (SHA1: f1d760423da2245150a931371af474dda519b6c9) contains two critical files: settings.xml.rels and document.xml.rels located at word/_rels/.
The settings.xml.rels file reveals a shortened URL responsible for downloading the next stage of the infection:
Running the .docx file in a sandbox environment reveals it contains the CVE-2017-0199 vulnerability.
Upon exploiting this vulnerability, the document attempts to connect to a remote server to download a malicious file.
The attacker uses a URL shortener service to mask the malicious URL, making it difficult for the victim to recognize the risk and helping bypass security filters that might flag suspicious URLs.
Further investigation into the \word\embeddings folder reveals embedded PDF files within oleObject bin files.
The PDF file appears benign, showing a bank transaction between a company and a bank. However, the real threat lies in the RTF file (SHA1: 539deaf1e61fb54fb998c54ca5791d2d4b83b58c) downloaded via the shortened URL.
This file exploits the Equation Editor vulnerability to download a VB script (SHA1: 9740c008e7e7eef31644ebddf99452a014fc87b4).
Obfuscation and Payload Delivery
The VB script is a long string of concatenated variables and strings, potentially encoded or obfuscated data.
The important variable, “remercear,” is constructed by repeatedly concatenating various string literals, suggesting it holds encoded information or commands.
After deobfuscation, the PowerShell code attempts to download a malicious binary from two different URLs.
The first URL uses steganography to hide the malware within an image:Steganographic Image
The image contains a long Base64-encoded string, the first six bytes of which decode to ‘MZ’, indicating the presence of a Windows executable.
The second URL communicates with an IP address to retrieve a TXT file containing a reverse Base64 encoded string.
This adds a layer of obfuscation, evading simple detection mechanisms.
Using tools like Cyber Chef, the string is reversed, and Base64 is decoded to reveal the malicious payload (SHA1: 83505673169efb06ab3b99d525ce51b126bd2009).
Monitoring the processes reveals a connection to a potential C2 server (IP: 94[.]156[.]66[.]67:2409), which is currently down, resulting in a TCP reconnect.
The use of shortened URLs in Word documents to distribute the Remcos RAT highlights the evolving tactics of cybercriminals.
By understanding the infection chain and recognizing the signs of such attacks, individuals and organizations can better protect themselves against these threats.
Always be cautious of unsolicited emails with attachments, and avoid clicking on shortened URLs from unknown sources.
Samsung may announce the date for its next Unpacked tomorrow, June 26. Multiple leaks say the company will open pre-reservations for the Galaxy Z Fold 6 and Galaxy Z Flip 6 this Wednesday. It usually starts accepting pre-reservations for new flagships or foldables immediately after announcing the Unpacked date. The announcement also usually comes two weeks before the event, and June 26 falls exactly two weeks before the rumored July 10 date for the next Unpacked.
Samsung to open Galaxy Z Fold 6 and Flip 6 pre-reservations before Unpacked
Since February, we have only heard one date for Samsung’s next Unpacked—July 10. The company is allegedly taking the big launch event to Paris, France to commemorate its sponsorship ties with the Olympic Games (this year’s sporting event is taking place in Paris). The Unpacked will happen around two weeks before the Olympics begin on July 26. This ensures the new products go on sale just when the games begin, allowing Samsung to promote them to the masses.
As the Unpacked draws closer, the company has ramped up its preparations for the arrival of the new foldables and other products. Folks over at SamMobile recently received a message from a Samsung Experience Store in India saying that they can pre-reserve the Galaxy Z Fold 6 and Galaxy Z Flip 6 starting on June 26, 2024. The message didn’t explicitly name the unannounced foldables for obvious reasons but used the codenames Q6 and B6 that leaks have revealed before.
X user @tarunvats33, who has a decent track record of Samsung leaks, also confirmed separately that pre-reservations for the Galaxy Z Fold 6 and Galaxy Z Flip 6 will open in India on June 26. He also shared a poster but it looks fake. In the image below, see how there is no space between “Fold” and “6” but some space between “Flip” and “6”. The poster also lacks a hyphen (-) joining “Pre” and “Reserve”. That’s not to say the reported date may be fake too.
An official announcement may come anytime now
As said earlier, Samsung’s flagship and foldable pre-reservations usually coincide with its official Unpacked announcement. It announced the Galaxy S24’s Unpacked on January 3, exactly two weeks before the event on January 17 (both on a Wednesday). June 26 falls on a Wednesday, and so does July 10 exactly two weeks later. Joining the dots, the Korean firm may announce its next Unpacked tomorrow. Alongside the new foldables, the event should also bring new watches, wireless earbuds, and the Galaxy Ring.
.webp)
