Infected Android TV Boxes Used to Steal Millions of Dollars

0
[ad_1]

Cybercriminals are using cheap Android devices to run a multi-million dollar fraud operation. Human Security, a cybersecurity firm, has uncovered half a dozen compromised models of Android TV boxes being used for organized crime. The network of infected devices is spread mainly across the US.

At least eight Android TV boxes were found with malware

The Human Security report found eight Android TVs linked to massive cybercriminal activity. The eight exposed models are T95, T95Z, T95MAX, X88, Q9, X12 Plus, and MXQ Pro 5G. As evident, they aren’t brand-name devices or at least come from obscure, unknown brands. But they’re all coming out of China. And they’re all shipped with malware built right into the hardware. 

The preinstalled malware — more specifically, a backdoor called Triada — works silently and the user is never aware of any malicious activity. Once they plug in the infected Android box, it phones back to servers in China, giving hackers complete control over the device. It then becomes part of a vast network of “zombie” devices. The network does ad-click injection, steals access to residential networks, serves DDoS attacks, and silently engages in cryptomining.

Human Security has already confirmed 8 Android TV boxes with preloaded malware, but the actual number could be 200. The suspected Android devices create a global network of more than 74,000 infected nodes. The web is mainly centered in the US, infecting devices in homes, offices, and schools. “They’re like a Swiss Army knife of doing bad things on the internet. This is a truly distributed way of doing fraud,” Gavin Reid, Human Security’s CISO, remarked.

Funding for the Operation

The report from Human Security has two parts — Badbox and PeachPit. Badbox covers the network of infected Android TV boxes. PeachPit is an app-based fraud operation that funded BadBox. At least 39 Android and iOS apps, freely available on the Play Store and App Store, were involved in PeachPit. They spoof traffic and deliver malicious or hidden ads. 

PeachPit apps have 15 million downloads on the Google Play Store alone. And they have affected 121,000 devices. Researchers also calculated that the fraud could have generated at least $2 million monthly.

Hacker Activity is Slowing Down

Google has already removed the identified apps from the Play Store. Apple has also found five apps breaking its guidelines on the AppStore. Their developers have two weeks to comply with the guidelines. 

Since the discovery, the hacker activity of Badbox has also dropped off. Attackers are powering down servers that talk to the Android TV malware. As of now, the infected devices are sleeper agents. The malware is still there. And it can only be detected or removed with significant technical expertise. 

Human security cautions consumers to get branded Android TV boxes and allow untrusted IoT devices onto your home network. “Friends don’t let friends plugin weird IoT devices into their home networks,” Reid warned.


[ad_2]
Source link

Elon Musk plans to remove likes and repost counts from X’s main timeline

0
[ad_1]
The changes keep on coming when it relates to X (formerly Twitter) and this time it looks like the main timeline will be the next target. You soon may not be able to see engagement counts (likes and reposts) for posts on the main timeline anymore.
According to an X post by Twitter boss Elon Musk in reply to a subscriber’s post, X is looking to remove the action buttons that include interaction counts, such as likes, reposts, bookmarks, etc. These will then be replaced with gestures such as double tapping to like and others. Musk cites improving readability as the reason for this change.

Don’t worry though, these metrics will still be visible when you tap or click into a post, an extra step that has been met with mixed reactions all around. Skeptics of how this feature might work have expressed concerns on how this will affect engagement, as having these numbers easily visible and available has been used as a helpful tool for marketers.

The company recently rolled out a change to this same feature on mobile where the engagement counts were rounded off and therefore showing less characters. This design tweak was done for readability’s sake as well, but will now be done away with altogether on the timeline.
It remains to be seen if X will proceed with this design tweak or if it will offer its users, namely the paid ones, an option on what they want displayed on their main timeline. The company has undergone massive changes since Elon Musk took the helm, mostly in an attempt to make it profitable, with no signs of slowing down. The latest of the rumored changes to come is to make X an entirely paid platform, a huge departure from how the popular social network has operated in the past.

[ad_2]
Source link

Maintainers of a open tool Warns of Critical Curl Vulnerability

0
[ad_1]

Two new vulnerabilities have been discovered in the widely used Curl tool. These two vulnerabilities are identified as CVE-2023-38545 and CVE-2023-38546. One of these vulnerabilities has a high severity, while the other has a low severity.

However, the Curl team has confirmed that they will release the security advisory and additional information about these vulnerabilities on October 11. These vulnerabilities are reported to be existing in the libcurl and curl tools.

“We are cutting the release cycle short and will release curl 8.4.0 on October 11, including fixes for a severity HIGH CVE and one severity LOW. The one rated HIGH is probably the worst curl security flaw in a long time.” reads the GitHub post of Curl.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

CVE-2023-38545 and CVE-2023-38546

CVE-2023-38545 was reported as a high-severity vulnerability that affects both libcurl and the curl tool. Details of this vulnerability are yet to be published. On the other hand, CVE-2023-38546 was reported as a low-severity vulnerability that affects libcurl only.

libcurl is considered the backbone of the Curl tool, which is a client-side URL transfer library that supports the same wide range of protocols. It has robust data transfer functionality and enables the Curl tool to communicate with servers to send HTTP requests, manage cookies, and handle authentication.

The current version of the Curl tool is 8.3.0, released on September 13, 2023. However, the upcoming release, 8.4.0, will be released sooner than expected due to the discovery of these vulnerabilities. It is also reported that this has been one of the most critical security flaws found recently in Curl.

Organizations are recommended to update Curl to the latest version once publicly released on October 11, 2023.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App

0
[ad_1]

Pro-Palestinian hackers from AnonGhost apparently managed to hack the Red Alert app, whose sole purpose is to send missile and rocket alerts to Israelis.

In the midst of the ongoing conflict between Israel and Hamas, a group of Pro-Palestinian hackers operating under the moniker AnonGhost launched a cyberattack on the RedAlert app, causing chaos among Israeli citizens over the weekend.

Developed by Kobi Snir, an app developer and IoT researcher, the Red Alert App serves a critical purpose by providing real-time alerts whenever rockets, mortars, or missiles are fired into Israel from the Gaza region.

Singapore-based cybersecurity firm Group-IB confirmed the cyberattack. In a brief tweet, the company’s threat analysis team revealed that AnonGhost had exploited an API vulnerability within the Red Alert app.

The group successfully intercepted requests, exposing vulnerable servers and APIs, allowing them to employ Python scripts to send spam messages to some Israeli app users. This resulted in users receiving false missile alerts on their smartphones, further worsening the already dire situation in the country.

But the extent of the attack didn’t stop at fake rocket alerts. According to Group-IB’s Threat Intelligence system, AnonGhost also sent fabricated messages regarding a “nuclear bomb” attack on Israel.

One of the announcements from AnonGhost on Telegram boasts about the attack with the following words:

“Israel’s RedAlert phone app system hacked by AnonGhost + AG Members. Before this attack happened we have found that there are about 10,000 users online in this chat. All 10k to 20k users in this application will get the same notification.”

Furthermore, the group claimed that, aside from sending fake alerts and causing hysteria, the impact of this attack also includes disconnecting the user’s phone from the Internet and rendering the phone unusable, forcing the victim to purchase a new one. However, these claims remain unverified at this time.

Hackread.com delved into these claims and discovered a video shared by AnonGhost on their Telegram channel, demonstrating that the group had exploited the RedAlert app to send emergency alerts about fictitious rocket and nuclear bomb attacks.

The Red Alert App is available on iOS; however, its Android version has been removed for unknown reasons

The conflict between Israel and Hamas ignited on October 7, 2023, when Hamas fighters launched a surprise attack on Israel, crossing the border from the Gaza Strip into Israeli territory. Hamas reported casualties among Israelis and claimed to have taken dozens of hostages.

Israel, on the other hand, characterized Hamas’ attack as unprovoked and an attempt to annihilate the country. Reuters reported that Israel responded with airstrikes on the Gaza Strip, resulting in the deaths of hundreds of Palestinians, including at least 20 children.

While the physical conflict raged on, cyber warfare unfolded in parallel. Pro-Palestinian and Pro-Israeli hacktivist groups engaged in online battles, targeting each other’s infrastructure through activities such as Distributed Denial of Service (DDoS) attacks, data leaks, doxing, and social engineering.

The ongoing conflict continues to have a digital dimension, as hacktivist groups on both sides strive to make their voices heard in the cyber realm, further escalating tensions in an already volatile situation.

  1. Israel’s Channel 10 TV Station Hacked by Hamas
  2. Israeli Oil Refinery Giant BAZAN Hit by Fresh Wave of Cyber Attacks
  3. Hackers interrupt Eurovision webcast in Israel with missile attack alert
  4. Hamas hackers posed as women to con IDF into downloading malware
  5. Israel Faces Fresh Wave of Cyberattacks Targeting Critical Infrastructure

[ad_2]
Source link

Here’s what we know about Samsung Galaxy S24 Ultra so far

0
[ad_1]

Samsung Galaxy S24 Ultra is one of the most anticipated smartphones, reportedly scheduled for early 2024. The phone is expected to raise the bar for Samsung devices and offer top-of-the-line features and performance. While most details about the Galaxy S24 Ultra still remained hidden, several rumors and leaks have surfaced online that can partially tell us what to expect from Samsung’s 2024 high-end Android device.

Starting with the design, new reports have suggested that the Galaxy S24 series could launch with a titanium frame. While previous reports stated that only the Ultra variant gets a titanium frame, Samsung has allegedly changed its mind and wants to launch all the series with a titanium frame.

Among the current smartphones, the iPhone 15 Pro is the most prominent one that uses a titanium frame. However, a drop test conducted by Sam Kohl shows despite using a titanium frame, the phone is even more fragile than ever.

What to expect from Samsung Galaxy S24 Ultra in 2024

As for the display, the Galaxy S24 Ultra could get the brightest screen that Samsung has ever produced. According to the leaker Ice Universe, Galaxy S24 Ultra will feature a 6.8-inch display that can reach a peak brightness of 2,500 nits. The S23 Ultra display is now offering a peak brightness of 1,750 nits. Among the rivals, the Oppo Find X6 Pro is the only phone that features a 2,500 nits panel.

Google Pixel 8 Pro is currently using a Super Actua display, capable of reaching a peak of 2,400 nits. Xiaomi also claims its 13 Ultra features a 2600-nit display.

Samsung Galaxy S24 Ultra hardware and battery

After years of using in-house Exynos chips on S-series devices, Samsung launched the Galaxy S23 series with Qualcomm chipsets and ditched Exynos. While some reports speculate about Exynos’s comeback to Galaxy S24 Ultra, the Korean outlet The Elec reported that the phone gets a Snapdragon 8 Gen 3 chipset.

The reports also added that Galaxy S24 and Galaxy S24+ devices will either get Exynos 2400 chips or Snapdragon 8 Gen 3. The units sold in South Korea and Europe are more likely to get Exynos chips. Additionally, the devices sold in North America would be snapdragon-powered.

The Galaxy S24 Ultra is expected to get the brightest display and a powerhouse under the hood. So it should have a high-capacity battery to support operations. As per current information, Galaxy S24 Ultra launches with a 5,000 mAh battery, no different than its predecessor.

The Galaxy S24 series could go live in Q1 next year. The exact unveil date is still unknown, but it should be sometime in January or February 2024.


[ad_2]
Source link

Over 200 models of Android TV Boxes are infected with malware

0
[ad_1]

Android TV boxes have long been a favoured place for threat actors to hide malware and compromise users’ networks. However, a new report from cybersecurity firm Human Security suggests that this issue may be more widespread than previously thought, as they have discovered a staggering 74,000 Android mobile phones, tablets, and connected TV boxes infected with malware, putting users’ data and privacy at risk.

According to the report, most of the infected Android TV boxes come preloaded with the Triada malware, which is capable of executing a wide range of functions, including ad fraud, creating fake accounts on platforms like Gmail and WhatsApp, and selling access to home networks. Additionally, the fact that the malware is present on over 200 models of Android TV boxes suggests a highly widespread operation. Out of all the models, the report specifically highlights eight devices as major carriers, including seven TV boxes—T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G—and a tablet, J5-W.

“They’re like a Swiss Army knife of doing bad things on the internet,” said Gavin Reid, Human Security’s CISO.

So, how does the operation work?

While it’s impossible to pinpoint the exact method threat actors use to install malware, it is clear that these infected devices are manufactured in China, and somewhere along the supply chain, presumably before reaching resellers, threat actors install the notorious malware. These backdoors operate through a global network, and once a user plugs the device into their TV, it establishes a connection with a command-and-control server in China, downloads an instruction set, and initiates various malicious activities.

As explained by Reid, these Android TV boxes act as sleeper cells, laying dormant until activated by external commands. Furthermore, the threat actors have access to millions of mobile IP addresses and sell access to residential networks as part of their operations.

“They were claiming that they have over 20 million devices infected worldwide, with up to 2 million devices being online at any point in time. It’s easy for them to infiltrate the supply chain, and for manufacturers, it’s really difficult to detect,” said security researcher Fyodor Yarochkin.


[ad_2]
Source link

Viber rolls out a new suite of business tools and they’re free

0
[ad_1]
Following WhatsApp, Viber announced a new set of business tools for small and medium-sized businesses. In an attempt to turn its app into a “communications hub for a wide range of businesses,” Viber is now rolling out several new features that will be available for free for small and micro businesses.Inspired by the company’s successful Viber Business Accounts for enterprise-sized level businesses, the free offering includes new features such as:
  • Public business profiles (Businesses can create a public, searchable business page featuring all essential information. The profile can be shared with customers inside the app or even with people who are not Viber users yet.)
  • 1:1 customer chats (Businesses can respond to customer requests right away over instant messaging.)
  • Discoverability through Viber search (Businesses can find and retain loyal customers on their preferred day-to-day conversations app, where customers can discover local products and services by searching for the business name or category.)
  • Dedicated chat folders (Businesses can conveniently store customer messages separately from personal messages with family and friends. Users will also have easy access to a separate Business Inbox folder for storing their conversations with businesses.)
  • Product catalog (Business owners can effortlessly add new products or services to their business page’s catalog. Customers can explore and inquire about the items by sharing the link to the product directly in the chat.)


According to Viber, these free business-oriented features will be followed soon by more services aimed at medium-to-large business accounts. It’s not clear if these will also be available for free, but it’s unlikely.

The company’s new self-serve business accounts are only available in Greece and the Philippines for the moment, but they will be launched in additional countries soon.

Viber also plans to add more useful features like broadcast messages, voice calls, as well as quick and automatic replies for small businesses. More importantly, Viber says that “tailored pricing plans” will be offered based on market feedback to expand the initial set of free self-serve business features.

[ad_2]
Source link

Xiaomi Smart Band 8 Review: Unbelievable value at €40

0
[ad_1]

The Xiaomi Smart Band 8 is Xiaomi’s latest fitness tracker which launched in China earlier this year, and the company announced it for global markets recently. Xiaomi has been making these devices for a long time now, and they remained quite affordable to this day. I simply cannot write an intro into this review without mentioning that this thing costs only €40. Keep in mind that it does most of the things much more expensive smartwatch does. Having said that, I’ve been using it for a while now, as it arrived prior to launch, and I’m ready to share my Xiaomi Smart Band 8 review. If you’re looking for a fitness tracker, a notification center, and a remote music control device that is much more affordable than smartwatches… well, read on…

Table of contents

Xiaomi Smart Band 8 Review: Hardware / Design

In order to make the device, Xiaomi used metal, plastic, and glass. The midframe of the Xiaomi Smart Band 8 is made out of metal. There’s some plastic on the back, and a glass display. Gorilla Glass 3 is placed on top of the display, which is not the best solution, but keep in mind the price here. It’s much better than plastic, that’s for sure. There are two colors to choose from, Graphite Black, and Gold. I received the former, and I’m glad that’s the case. This is basically a black color with a metallic silver shine on it. It’s kind of difficult to explain, but it looks very nice, and goes with everything, pretty much.

AH Xiaomi Smart Band 8 image 2

There are no physical buttons for device usage included, however, there are two physical buttons on the bottom. They are there so that you can quickly take off the band that you’re using. Do note that the Xiaomi Smart Band 8 has proprietary connectors, so you can’t really attach just about any watch strap to it. This is a small fitness tracker after all, so its connectors and straps in general are considerably narrower than regular watch bands.

The glass is curved, but the display is not

The glass on top of the watch is curved, which makes it not only look better, but feel better too when you glide your finger across the screen. The display itself is flat, though. At the bottom of the device, you’ll notice a heart rate sensor. The bezels could be thinner around the display. They’re not exactly annoying or anything of the sort, I got used to them immediately. I mostly used the silicone strap that came in the box, due to comfort, and the fact I showered with this thing. The Xiaomi Smart Band 8 is very comfortable to wear, that’s for sure. It also looks nice, and I really don’t have any complaints, especially at this price tag.

Accessories

The silicone band is included in the box with the device, as is the charger, with some paperwork. Any additional straps you’ll have to buy separately. There are a lot to choose from, though. On top of all those regular straps, Xiaomi also announced the ‘Running Clip’ and ‘Pendant’. Both are pictured below, and both are interesting. The first is basically a clip in which you place the Xiaomi Smart Band 8, and attach it to your running shoe. That way, the Smart Band 8 should be more accurate, and in my experience, it is. The ‘Pendant’, on the other hand, transforms this gadget into a necklace. You’ll have to change the Xiaomi Smart Band 8 mode in the Mi Fitness app if you do this, though, keep that in mind.

Xiaomi Smart Band 8 Review: Display

The Xiaomi Smart Band 8 features a 1.62-inch AMOLED display. That display has a resolution of 192 x 490 pixels, and it’s a touch-sensitive panel. The max brightness you can get out of this thing is 600 nits, and on top of the display sits a 2.5D “reinforced glass case”, in other words, the Gorilla Glass 3. Having said that, the display is not the brightest out there, not even close, and you will notice that if you’ve used something that provides a lot more brightness. Still, it’s enough for what you’ll need it for, to be quite honest. The sun has been shining nonstop here, and I managed. It didn’t annoy me as much, even though I’m used to much brighter panels.

AH Xiaomi Smart Band 8 image 5

The touch response is actually really good

The touch response of this display is also really good. Truth be said, it’s much better than some watches from other brands offer at considerably higher prices. I didn’t have issues in that regard at all, the display was quite responsive. What surprised me is that even the viewing angles were good. The colors are okay, though they do not pop as they do on more premium displays, and that’s perfectly fine. They’re still good enough, as you’re getting OLED colors after all, and not many people will have complaints in that regard either. All in all, it’s a good display.

Xiaomi Smart Band 8 Review: Performance

We’ll talk about the fitness/health performance later on, we’re referring to the general performance of the fitness band here. That being said, the Xiaomi Smart Band 8 works great, to say the least. It has been extremely responsive in every way, I would have never guessed this is a €40 gadget just by using it. Every swipe has been properly recognized, I never felt like I had to wait for the device to register my input, not at all. That goes for opening various functions of the watch, and even interacting with various widgets.

Xiaomi did not exactly share what SoC is it using in this band or anything of the sort. We also don’t know how much RAM is in play, nor what storage is in use. Regular users don’t care, and the band really does perform great. The notifications were also on time, and everything else you’d expect. The Xiaomi Smart Band 8 shoots above its price range when it comes to performance, that’s for sure.

Xiaomi Smart Band 8 Review: Battery

The Xiaomi Smart Band 8 includes a 190mAh battery. Xiaomi says that you can get up to 16 days of “typical usage” out of the device, and I’d say that’s kind of accurate. The device was almost at the end of the road on day 12, but my usage was anything but typical. I really pushed the device, and I believe it can get to that 16-day level. That gives you over two weeks of usage before you’ll need to charge it, and no matter how you spin it, that’s great. That’s better than the vast majority of smartwatches out there, and better than basically any mainstream smartwatch.

The Xiaomi Smart Band 8 comes with a proprietary magnetic charger

What about charging? Well, the device ships with a proprietary charger. On one end, you get a male USB-A port, which you’ll need to plug in either to a USB out on your computer (or some other device), or into a wall charger with a Type-A port. Either way, the Xiaomi Smart Band 8 can be fully charged in about an hour. It does not require fast charging as it has a 190mAh battery, so… yeah, charging is not a problem. I wish wireless charging was a part of the package, to be quite honest, but at €40, I can’t really complain all that much. Magnetic charging via POGO pins works fine, though keep in mind you may have to clean those POGO pins from time to time.

Xiaomi Smart Band 8 Review: Software

The Xiaomi Smart Band 8 comes with Xiaomi’s proprietary software. That’s not surprising considering the size and shape of this wearable. It’s also a good thing, mainly due to battery life gains. If it were running something more mainstream, chances are the battery life would be considerably worse. The UI is well-designed, and if you’ve used a smartwatch in the past, you’ll be right at home here. Everything also ran without a hitch, I always had the feeling like everything performs as smooth as it should.

The software is very good

You get a choice from a ton of watch faces, and if you swipe from the top down, you get your notifications. Doing the opposite will let you access the menu, while swiping from left to right or right to left will let you scroll between your widgets/cards. You can set anything you want on these pages, though do note you can set one widget/card per page. I used those for my music control widget, some fitness info, weather, and more. The default music control widget worked like a charm, I had no issues controlling the music on my phone at any point. The same goes for the weather widget, presuming you allow it specific permissions when asked, of course. The notifications worked like a charm for me, they were always on time, I had no issues whatsoever.

AH Xiaomi Smart Band 8 image 16

You’ll have to install the Mi Fitness app

Do note that you’ll need to install the Mi Fitness app in order to get the band paired with your phone. Once you do that, you’ll need to allow the app to run uninterrupted in the background, just so that it’s always connected. On some phones, you’ll need to change some battery restrictions and lock it in the background. On others, not so much. It all depends on your smartphone brand. In any case, the Mi Fitness app is relatively new, and it actually looks really nice. It doesn’t offer a design that goes with Google’s guidelines, but that’s not necessarily a bad thing. Xiaomi did a nice job designing the UI in this app, and you have access to a ton of stats and settings via the app.

In general, the software on the Xiaomi Smart Band 8 worked great. I have to say that I was quite surprised that my testing passed without a hitch, as I remember the first couple of iterations of the product, and things were the complete opposite. I could use this software without a problem, despite the fact I’ve used tons of different software iterations on wearables. On wearables that are a lot more expensive.

Xiaomi Smart Band 8 Review: Health/Fitness

This device is technically called a ‘Smart Band’ by Xiaomi, and that’s what it is. Many people will still refer to it as a fitness tracker, though. Why? Well, that’s where it started, and that’s also one of its main focuses. Many people buy this lineup of devices to track their fitness, either for health purposes, or for general workout tracking. Either way, fitness, and also health, are a big part of the Smart Band 8’s offering. Is it good? Well… there’s a lot to choose from, but it’s not as accurate as I’d hope it to be. Let’s talk first about what the device has to offer in that regard, shall we?

There are over 150 fitness modes to choose from here

The Xiaomi Smart Band 8 comes with over 150 fitness modes to choose from. Yes, you read that right. If you’re working out in whatever way, chances are you’ll find the mode to track that workout here. The Xiaomi Smart Band 8 can track everything from running and jumping rope to playing football/soccer and skateboarding. The sheer number of available modes here is staggering. Once you install the Mi Fitness app that we talked about earlier, getting started is truly easy.

AH Xiaomi Smart Band 8 image 10

This device can track your Vitality score. In other words, it will evaluate your current state of physical vitality and convert it into a vitality score. There is also a smart companion mode built-in. The same goes for on-wrist running courses, in case you’re a runner. All-day blood oxygen saturation monitoring is here, as is sleep monitoring. The Smart Band 8 can also monitor your daily stress, and women’s health management is built-in as well.

The Xiaomi Smart Band 8 could be more accurate when it comes to fitness tracking

Now, earlier I said that the tracking could be a bit more accurate, which is true, for some modes. I was not able to test out everything this watch has to offer, as that would mean being involved in over 150 sports activities, which is impossible. However, I did test out the pedometer, cycling, and running aspects. I have to say that the pedometer/step tracker was around 25-30% off compared to some Garmin and Huawei smartwatches. You do have to keep in mind that this thing is like 7-10 times more affordable in comparison, though, so… that’s kind of understandable. The heart rate tracking was more or less accurate, while the cycling was a bit off too, like the pedometer. Not by much, though. The same goes for running. I found out that sleep tracking is basically always inaccurate, no matter what device I use. All devices tend to think I’m asleep after I wake up and tinker with my phone. It’s easy to fool on pretty much every device I used.

AH Xiaomi Smart Band 8 image 40

All in all, despite the fact it’s not as accurate as I’d like, using the Smart Band 8 for fitness tracking was a pleasurable experience, to say the least.

Xiaomi Smart Band 8: Should you buy it?

Is the Xiaomi Smart Band 8 right for you? Well, I can say that this gadget is the right choice for many people. Why? Well, it’s a combination of its price tag and what it offers. The Xiaomi Smart Band 8 is not only really well-built, but it offers a robust suite of features. It can serve as a fitness tracker and even a small smartwatch. Its notification delivery is excellent, as are a number of other aspects of the software and UI. For €40, this is difficult to beat. In fact, I’ll go out on a limb here and say that you won’t find an equivalent to the Xiaomi Smart Band 8 in the market. You can’t get a fitness tracker / smartwatch of the same value for €40, not even close to that.

So, if you’re new to the smartwatch game, or need a gadget for your kid or parent, well… the Xiaomi Smart Band 8 fits all of those categories. Even if you don’t want to wear a smartwatch on your hand, you may prefer something smaller… this is also a great choice. Chances are you can buy this gadget for all your loved ones for the price of a very good smartwatch, so… for many of you, this will be a no-brainer. Recommending the Xiaomi Smart Band 8 is very easy, to be quite honest. I loved using the device.

AH Xiaomi Smart Band 8 image 52

You should buy the Xiaomi Smart Band 8 if you:

  • Don’t want to break the bank for a wearable
  • Have never used a smartwatch / smart wearable
  • Liked previous Mi Band / Smart Band iterations
  • Want something minimalistic on your hand, instead of a smartwatch
  • Like keeping track of your fitness and health, but don’t like watches
  • Appreciate great battery life
  • Want a smart wearable, but don’t want to keep it on your wrist
  • Have a budget of only €40
  • Need a wearable for your kid/parent

You shouldn’t buy the Xiaomi Smart Band 8 if you:

  • Are used to wearing smartwatches
  • Need your smart wearable to track fitness as accurately as possible

[ad_2]
Source link

Lazarus APT Group Laundered $900 Million of Cryptocurrency

0
[ad_1]

Threat actors have been laundering currencies with multiple methods. One of the most predominant ways they have been using lately was the Cross-chain crime. In a cross-chain crime, threat actors swap their Cryptocurrency between different blockchains and tokens that help maintain their anonymity.

Moreover, this cross-chain crime is carried out using decentralized exchanges (DEXs) and cross-chain bridges. As with the increase in cybercriminal activities such as ransomware attacks, scams, or crypto thefts, this has become an increasingly preferred money laundering method for cybercriminals.

In addition to this, reports also suggest that more than $4.1 billion of illegal funds have been laundered through decentralized exchanges (DEXs), cross-chain bridges, and coin swap services. 

This is estimated to rise to $6.5 billion by the end of 2023 and $10.5 billion by 2025. Another report indicates that $2.7 billion was laundered through cross-chain crime over just a 12-month period between July 2022 and July 2023.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Reason for High Adoption Rate

Threat actors and scammers generate revenue through illegal methods using this cross-chain crime for several reasons, which include the popularity of crypto assets excluding bitcoins among criminals, the anonymity it offers, and stable value assets as some of them are government-backed currencies (Tether (USDT) or DAI).

Another major reason for the adoption is that many cross-asset and cross-chain services other than centralized exchanges do not have ID verification. In addition to this, this method offers protection against tracing by using techniques like prolific asset- or chain-hopping.

Annual figures of cumulative illegal funds laundered
Annual figures of cumulative illegal funds laundered (Source: Elliptic)

Furthermore, it has been discovered that the Lazarus group, responsible for several high-profile cyberattacks, had laundered over $900 million using this method. 

Decentralized services (DEXs), cross-chain bridges, and coin swap services have been found to have laundered over $7 billion of illegal funds as of July 2023. Elliptic researchers have published a complete report about this method and other information.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Formbook Takes the Throne as Most Prevalent Malware

0
[ad_1]

Check Point’s Global Threat Index for September 2023, released on October 6th, revealed that Education and Research remain the top targeted industries in September 2023.

The cybersecurity researchers at Check Point have released its Global Threat Index for September 2023, revealing significant shifts in the cyber threat landscape. The report highlights a notable phishing campaign that targeted numerous organizations in Colombia, resulting in the surge of the Remcos Remote Access Trojan (RAT) and the rise of Formbook as the most prevalent malware following the demise of Qbot.

Here, it’s worth noting that Qbot, also known as Qakbot and Pinkslipbot malware, faced disruption by the FBI in August 2023, having infected 700,000 computers globally. Despite this disruption, a recent report from Cisco Talos Intelligence Group reveals that the cybercriminals responsible for Qbot remain active, now distributing a new malware known as Ransom Knight.

Colombia Under Attack: Remcos RAT Unleashed

In September, Check Point Research uncovered a large-scale phishing campaign aimed at over 40 prominent businesses across various industries in Colombia. The primary objective of this campaign was to surreptitiously deploy the Remcos RAT on victims’ computers.

Remcos ranked as the second most prevalent malware in September, is a sophisticated Remote Access Trojan, offering attackers full control over the infected systems and versatile malicious capabilities. The consequences of a Remcos infection are dire, encompassing data theft, subsequent malware infections, and account takeovers.

Maya Horowitz, VP of Research at Check Point Software, stated, “The campaign that we uncovered in Colombia offers a glimpse into the intricate world of evasion techniques employed by attackers. It is also a good illustration of how invasive these techniques are and why we need to employ cyber resilience to guard against a variety of attack types.”

Formbook Takes the Throne

The September Global Threat Report Index also revealed a noteworthy shift in the top malware rankings. Formbook, an Infostealer targeting Windows OS, claimed the number one spot with a global impact of 3% on organizations worldwide.

First detected in 2016, Formbook data stealer is marketed as Malware as a Service (MaaS) in underground hacking forums for its potent evasion techniques and relatively low price. Its capabilities include harvesting credentials from web browsers, capturing screenshots, logging keystrokes, and executing files on the attacker’s command.

Qbot’s Reign Ends?

The most significant change in the malware landscape was the exit of Qbot from the top malware list. The FBI had seized control of the Qbot botnet in August, marking the end of its long-standing reign as the most prevalent malware throughout most of 2023.

However, as the group responsible for Qbot is still active and already disseminating new malware, the significance of the disruption of the malware’s infrastructure may have somewhat diminished.

Top Attacked Industries and Vulnerabilities

In terms of attacked industries globally, Education/Research remained the top target, followed by Communications and Government/Military. These sectors continue to face relentless cyber threats.

Regarding exploited vulnerabilities, “Web Servers Malicious URL Directory Traversal” took the top spot, affecting 47% of organizations worldwide. This vulnerability allows unauthenticated remote attackers to access arbitrary files on vulnerable servers. “Command Injection Over HTTP” followed closely with 42%, and “Zyxel ZyWALL Command Injection” was at 39% in terms of impact.

Malware Attacks Against Smartphones

In the mobile malware arena, Anubis retained its position as the most prevalent mobile malware, followed by AhMyth and SpinOk. Anubis, initially a banking Trojan, has evolved to include Remote Access Trojan (RAT) functionality, keylogging, audio recording capabilities, and ransomware features.

AhMyth, discovered in 2017, is another RAT distributed through Android apps that collect sensitive information from infected devices. SpinOk, operating as spyware, was found in over 100 Android apps, amassing more than 421 million downloads as of May 2023.

As cybersecurity threats continue to evolve, organizations must remain vigilant and proactive in implementing robust cybersecurity measures to protect against the ever-present dangers of malware and vulnerabilities.

  1. US, India and China Most Targeted in DDoS Attacks
  2. Microsoft Office Most Exploited Software in Malware Attacks
  3. Schools Are the Most Targeted Industry by Ransomware Gangs
  4. Russian Dark Net Markets Dominate the Global Illicit Drug Trade
  5. What Are the Top 10 Android Edu Apps That Collect Most User Data?
  6. VirusTotal Reveals Apps Most Exploited by Hackers to Spread Malware
  7. Microsoft, PayPal & Facebook most targeted brands in phishing scams

[ad_2]
Source link