X in trouble once again after reportedly removing tool to report election misinformation

0
[ad_1]

X (or the former Twitter) has been finding itself in the headlines recently, especially due to alleged widespread misinformation on the platform. Now, AndroidHeadlines reports that X appears to have removed a feature that allowed users to report misinformation related to elections. Now, Reset Australia has sent an open letter to X, underlining the need for the tool as the country approaches an important referendum.

X has reportedly removed a tool to report electoral misinformation


The feature was initially available for the U.S., Australia, and South Korea, and it provided a direct channel for users to report misinformation pertaining to elections. Users can still report posts as hateful, abusive, or spam, but they no longer have a dedicated channel for electoral misinformation.That’s a big issue for Australia as the country is planning for its first referendum in nearly 25 years, which is going to be held on October 14. For this reason, Reset Australia (Reset is a global initiative to fight against digital threats to democracy) has sent an open letter to X to explain how this is an issue. The letter states the change has happened in the last week or two.

This news comes right at a time when the European Union has published a report finding X the platform with the most misinformation and disinformation. European Commission Vice President Vera Jourova recently stated that X will have to comply with obligations when it comes to disinformation.


[ad_2]
Source link

Malicious ad served inside Bing’s AI chatbot

0
[ad_1]

Users looking for software downloads may be tricked into visiting malicious websites via their interaction with Bing Chat.

In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI’s GPT-4. Even though Google has been dominating the search industry for years, this event was significant enough to generate not only interest but also plant the seed for a possible change in the balance in the future.

Considering that tech giants make most of their revenue from advertising, it wasn’t surprising to see Microsoft introduce ads into Bing Chat shortly after its release. However, online ads have an inherent risk attached to them. In this blog, we show how users searching for software downloads can be tricked into visiting malicious sites and installing malware directly from a Bing Chat conversation. 

Malvertising via a Bing Chat conversation

Bing Chat is an interactive text and image application that provides a very different experience for online searches. After six months of it being public, Microsoft celebrated user engagement with over one billion chats.

Ads can be inserted into a Bing Chat conversation in various ways. One of those is when a user hovers over a link and an ad is displayed first before the organic result. In the example below, we asked where we could download a program called Advanced IP Scanner used by network administrators. When we place our cursor over the first sentence, a dialog appears showing an ad and the official website for this program right below it:

Users have the choice of visiting either link, although the first one may be more likely to be clicked on because of its position. Even though there is a small ‘Ad’ label next to this link, it would be easy to miss and view the link as a regular search result.

Phishing site serves malware

Upon clicking the first link, users are taken to a website (mynetfoldersip[.]cfd) whose purpose is to filter traffic and separate real victims from bots, sandboxes, or security researchers. It does that by checking your IP address, time zone, and various other system settings such as web rendering that identifies virtual machines.

Real humans are redirected to a fake site (advenced-ip-scanner[.]com) that mimics the official one while others are sent to a decoy page. The next step is for victims to download the supposed installer and run it.

The MSI installer contains three different files but only one is malicious and is a heavily obfuscated script:

Upon execution, the script reaches out to an external IP address (65.21.119[.]59) presumably to announce itself and receive an additional payload.

Search evolves, malicious ads follow

Threat actors continue to leverage search ads to redirect users to malicious sites hosting malware. While Bing Chat is a different search experience, it serves some of the same ads seen via a traditional Bing query.

In this case, the malicious actor hacked into the ad account of a legitimate Australian business and created two malicious ads, one targeting network admins (Advanced IP Scanner) and another lawyers (MyCase law manager):

With convincing landing pages, victims can easily be tricked into downloading malware and be none the wiser.

We recommend users pay particular attention to the websites they visit but also use a number of security tools to get additional protection. Malwarebytes provides security software for both consumers and businesses that includes web protection, ad blocking and malware detection.

This security incident was reported to Microsoft along with a few other related malicious ads.

Indicators of Compromise

Ad URL and cloaker

mynetfoldersip[.]cfd

Fake website

advenced-ip-scanner[.]com

Malicious MSI

ca83b930c2b34a167a39dc04c7917b9f360a95586bce45842868af6b9ad849a2

Script C2

65.21.119[.]59

Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

ChromeOS just got a feature that Android had for years

0
[ad_1]

ChromeOS has always been a completely different beast from Android. It gets its own visual and functional improvements separately from Android. However, according to a new report from Android Police, it’s getting a feature that Android had for a few years. ChromeOS is finally getting Dynamic Colors.

This change was spotted in the latest version of ChromeOS. Right now, the stable version of ChromeOS has the build number 117.0.5938.115. If you have a Chromebook/Chromebox, you should check for the latest update.

Go to your settings, and click on the About ChromeOS button at the bottom of the left panel. Click the Check for updates button. The computer will search for the update and start installing it. After you restart your computer, you will be on the next version of ChromeOS.

ChromeOS finally gets Dymanic Colors

Slowly, ChromeOS has been picking up a few design queues from Android. The interface has already adopted a bit of the Material You influence. We’re seeing large rounded buttons, pill-shaped UI elements, and the overall bubbly aesthetic. The only thing that was missing from ChromeOS was Dynamic Colors.

Now, that’s no longer the case. With the latest update, ChromeOS will now take the colors present in your wallpaper and create a color palette based on it. This color palette will be used throughout the entire interface. Menus, the taskbar, windows, background, and other elements will get the custom color palette. This gives the interface a different look.

Just like in Android, when you’re changing your wallpapers, you’ll have your choice between different color palettes. What’s unfortunate is that you only have four options like in Android 12.

Other changes

This update doesn’t only bring a new paint job, but it brings more goodies. For starters, the clipboard is more readable. It will show you more details about what’s saved on it, so have a better idea of what you’re pasting.

Next, ChromeOS brought on the adaptive charging feature on Android. This will keep your phone from charging all the way. It will stop at about 80% while it’s idle. After that, it will slowly charge up to full based on your usage. Lastly, when you’re using the digital keyboard, you’ll now see GIFs.


[ad_2]
Source link

Android USB-C cables won’t damage the iPhone 15 series

0
[ad_1]

Despite online rumors, using Android USB-C cables for the iPhone 15 series does not pose any damage to the device, AppleInsider reports.

A Chinese retailer has started to circulate a rumor that quickly went viral and terrified iPhone 15 owners. He claimed using Android USB-C cables for iPhone 15 would damage the device. The retailer, based in Foshan, Guangdong Province, said this while advertising Android USB-C cables. He argued one of his cables has nine pins on one side of the bi-directional cable and another one with 11 pins.

The Chinese retailer further added using cables with different numbers of pins could damage the iPhone 15. This claim quickly went viral on social media, and people started speculating about it. It was such a bold claim that required Apple to involve and respond to iPhone 15 owners directly.

It is safe to use Android USB-C cables for iPhone 15 series

The short answer is that you can use Android USB-C cables on your iPhone 15 devices without damage. The iPhone’s transition from Lightning to USB-C was partially due to reducing e-waste and meeting the EU requirements.

If iPhone 15 owners needed to buy a whole new cable for their device, the transition was totally futile. Of course, maybe Apple didn’t mind revealing an exclusive USB-C cable for its new devices (iCable, for example) and putting a $99 price tag on it.

Understanding the USB-C architecture isn’t an inside baseball matter. Every USB-C cable usually comes with 24 pins, and 12 of those pins are located on the side of the internal tongue to make it bi-directional. These cables are suitable for data and power transfer, charging, alternate modes between a host and a client, etc.

The thing iPhone 15 owners should be worried about is not the adaptability of Android USB-C cables but the durability of their devices. A recent drop test conducted by Sam Kohl revealed that despite using a titanium frame, the iPhone 15 Pro is less resistant than the iPhone 14 Pro.


[ad_2]
Source link

BlackTech APT Attacking Network Routers to Breach Networks

0
[ad_1]
BlackTech APT Cisco

Since 2010, a group of hackers known as BlackTech APT has been engaging in malicious activities. The targets of their attacks encompass a wide range of sectors, including governmental institutions, industrial facilities, technological infrastructure, media outlets, electronic systems, mobile devices, and military establishments.

In order to hide what they are doing, the group behind the attack uses custom-made malicious software, tools that can be used for both good and bad, and clever methods that take advantage of the resources that are already in a system, such as turning off routers’ data recording features.

The Japan National Police Agency (NPA) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) showed that BlackTech could change router firmware without being caught and use routers’ domain-trust relationships to move from having international subsidiaries to having headquarters in Japan and the U.S.

Criminals in the black market keep updating their tools to avoid being caught. They also steal code-signing certificates to make their malware look like it is real.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

BlackTech Malware Attack

The threat actors are known for using custom-made malware payloads and remote access tools (RATs) to get into their victims’ computers.

Their custom malware works with a number of running systems, such as Windows®, Linux®, and FreeBSD®.

Living off-the-land TTPs are used by BlackTech actors to blend in with normal network activities and operating systems. This helps them avoid being caught by endpoint detection and response (EDR) tools.

The campaign they are running now is aimed at foreign branches of American and Japanese companies.

Once they get into the internal networks of companies, they can move from those networks to those at headquarters.

The report says, “BlackTech actors take advantage of trusted network relationships between a known victim and other entities to gain more access to target networks.”

BlackTech used a variety of router names and versions from firms like Cisco and others.

In the case of Cisco routers, the bad guys hide in Embedded Event Manager (EEM) rules, which are used in Cisco IOS to set up automatic tasks that run when certain events happen.

CISA and NPA talked about moves that could be taken to stop this BlackTech bad behavior. The Agencies strongly advise network defenses to keep an eye on strange traffic, reboots, and illegal downloads of bootloaders, firmware images, and images.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Google’s Bard conversations turn up in search results

0
[ad_1]

After an update for Google’s Bard AI, users found that shared conversations were turning up in search results.

Google is coming under scrutiny after people discovered transcripts of conversations with its AI chatbot Bard are being indexed in Google search results.

Bard is Google’s answer to ChatGPT, and allows users to have conversations with an AI. Services like these have attracted a lot of attention, because with a bit of tweaking and getting used to they can be really helpful in speeding up tasks. However, many are worried about the security and privacy implications of using services like Bard and ChatGPT.

As an illustration of why people might be worried, after an update to Bard, users found Google Search had begun to index shared Bard conversational links into its search results pages. 

tweet by user that found indexed conversations

“Haha Google started to index share conversation URLs of Bard don’t share any personal info with Bard in conversation, it will get indexed and may be someone will arrive on that conversation from search and see your info Also Bard’s conversation URLs are ranking as snippets for some queries as well” 

As it turns out, this happens only if the user chooses to share the conversational link with someone. That means that if you share your Bard conversation with a co-worker or relative by sending them the link, your conversation can be scraped by Google’s crawler. And when they’re scraped by the crawler then—you’ve guessed it—they show up as search results, spilling information you never meant to make public.

If you are curious and want to have a peek at the sort of conversations that have been scraped, you can type ‘site:bard.google.com/share‘ into the Google Search bar and hit enter. At the time of writing I got 464 results, some of which really don’t look as if they were intended to be public knowledge.

examples of indexed conversations that might have been private

Google says that sharing chats with Search was an accident and is currently working on a fix:

“Bard allows people to share chats, if they choose. We also don’t intend for these shared chats to be indexed by Google Search. We’re working on blocking them from being indexed now.”

For those that actually find damaging content in the search results, you can file a removal request with Google. 


Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Threads users are exiting, but the platform is still an X competitor

0
[ad_1]

Despite having an impressive launch, Threads users are now leaving the app. This platform launched to compete with X allowing users to air their views on various topic matters with text. The concept behind the launch of this platform helped it in its early stages, but now the platform seems to be facing some hard times.

At its launch, Meta let those wanting to join Threads do so with their Instagram account. This meant that their followers on Instagram would be able to easily find them on Threads, hence keeping in touch. With this, a lot of people were quick to open Thread accounts using their Instagram accounts, leading to early growth for the platform.

Additionally, Threads became available at a time when lots of X users were looking for alternative platforms where they could share their ideas. However, despite the early growth of Threads, some of its users are now jumping ship, hence leading to some delay in growth. Despite this sad turn of events, some analysts say that the platform would close the year on a positive note.

Analysts forecast that Threads’ monthly users will reach over 24 million by the end of the year

In recent reports, analysts are predicting that Threads will hit 23.7 million monthly users by the end of the year. While this number is behind that, Twitter might close the year with an impressive number. From the analysis, X is to close the year with 56.1 million monthly users.

Because Threads launched this year, its growth in comparison with X is impressive. It is safe to say that Threads is a worthy X competitor that is still gaining momentum. X on the other hand is forecasted to lose some of its momentum as its users are still leaving for other platforms.

In the coming years, Threads might keep up its growth and amass 30 million active monthly users by 2025. It is good to note that the number of people who have Threads accounts is different from the number that use the platform. Currently, Threads users are over a mammoth 100 million in number, but not all actively use the platform.

With the addition of newer features to the platform, more and more users might start to frequent it more often. Well, these features should not just be any basic addition, as they are meant to draw users to the platform. So Threads should think out of the box and be more creative with the addition of new features if they want to take X’s place.

So far, Threads is outperforming other platforms that also launched to steal X’s users. Right now, they can stand as the most competitive platform that X faces. From the forecasts, it is clear that things might get harder for X down the road as Threads users grow.


[ad_2]
Source link

Apple required to face an antitrust lawsuit over Apple Pay

0
[ad_1]

Three credit unions are filing an antitrust lawsuit against Apple Pay for its alleged monopoly of the market. Part of their reasons for this case is that Apple charges too much for processing fees for others to make use of its payment services. Another reason is that the necessary hardware for this service to work is not accessible to other digital wallets.

This alleged monopoly makes it hard for people to switch from Apple to Android since they’ll lose their wallet access. Lots of other payment apps that work on both Apple and Android devices lack the payment convenience that Apple Pay brings. Additionally, Apple Pay is only available on Apple devices and not on Android devices, and this limits usage to only a certain group of people.

The Judge in charge of the antitrust hearing took the side that there is a possibility that Apple Pay is monopolized. This isn’t the first time that Apple Pay has come under consideration for its possible monopolization of the market. Apple has faced similar issues within the EU regions, but the case in question in this article will be tabled before a court in America.

The Apple Pay antitrust lawsuit might force the company to make some changes to its services

Once this antitrust lawsuit got to the court, Apple’s reaction was to request a dismissal from the court. However, the Judge in charge of the case didn’t grant Apple their wish, meaning the case would appear before the court. The plaintiff accuses Apple of practices that are harming the competition regarding Apple Pay services.

This payment service from Apple became available for users back in 2014, and it helps make payments easier. Well, one can rephrase the last sentence, saying that Apple Pay makes payment easier for Apple users. Others who do not make use of Apple devices can’t access this service, and this is harmful to businesses and individuals.

The plaintiff claims that Apple “coerces” users of their products to make payments using their in-house payment service. Also, businesses that make use of Apple Pay end up collectively paying $1 billion of excess fees. This is harmful to customers since these excess fees might result in a hike in prices for goods and services.

In its defense, Apple says that it charges nominal fees to all cardholders to keep costs down. They also argue that users of Apple Pay aren’t under any duress to use the payment platform. These users are free to make use of any other payment platforms or services that are convenient and more affordable to them.

Despite this, the Apple Pay antitrust lawsuit will still appear before the court in December. If all goes in favor of the plaintiff, Apple might need to make certain adjustments to their payment service, making it more accessible to all. It’s also good to note that the EU is also looking into Apple Pay and its possible monopolization.


[ad_2]
Source link

Snatch Ransomware Group Leaked Location & Internal Data

0
[ad_1]

The Snatch Ransomware group is considered dangerous due to its advanced techniques and ability to evade detection. 

Security systems find it difficult to identify and stop such assaults since they use techniques like file encryption and memory injection to avoid detection.

Recently, the cybersecurity analysts at KrebsOnSecurity discovered that the Snatch ransomware group’s victim-shaming site exposes its location, operations, and visitor IP addresses, revealing its use of Google ads for malware distribution.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Snatch Exposes Data

During the malware distribution, the malware was disguised as free popular software like-

Snatch ransomware, seen since 2018, leaks data from non-paying victims on both open and darknet sites via Tor. Snatch’s darknet site reveals user IP addresses on its ‘server status’ page.

Victim shaming website for the Snatch ransomware gang
Victim shaming website for the Snatch ransomware gang (Source – KrebsOnSecurity)

Snatch’s darknet site attracts thousands of visitors, primarily from Russian IP addresses hosting its clear web domains.

Server status page
Server status page (Source –  KrebsOnSecurity)

Snatch Ransomware Data Exposure

The most active IP, 193.108.114[.]41 in Yekaterinburg, Russia, hosts various Snatch domains. Another frequent IP, 194.168.175[.]226 with Matrix Telekom, also hosts Snatch domains and phishing sites for brands like-

IP 80.66.64[.]15 in Moscow frequently accessed Snatch’s darknet site and hosted similar-looking domains. These domains were registered to Mihail Kolesnikov, a name linked to phishing domains from malicious Google ads.

Kolesnikov, likely an alias associated with over 1,300 domains, has some advertising escort services in U.S. cities, raising questions about ransomware victim sourcing.

Recent phishing domains under Mihail Kolesnikov mimic major software companies. Trustwave Spiderlabs found Kolesnikov’s domains distributing Rilide trojan in August 2023. 

Multiple groups may use these domains for phishing and spreading information-stealing malware, as warned by Spamhaus in February 2023.

Victims searching for Microsoft Teams on Google saw spoofed ads at the top, leading to a malicious domain registered to Kolesnikov. Clicking on the ad downloaded IcedID malware, known for stealing browser passwords and tokens.

Spoofed ads
Spoofed ads (Source – KrebsOnSecurity)

Cybercriminals may offer ‘malvertising as a service’ on the dark web, creating and selling software-themed phishing domains to others. 

The @htmalgae, the researcher who alerted KrebsOnSecurity about Snatch’s exposed ‘server status’ page, also discovered the 8Base ransomware gang’s development-mode victim shaming site.

The 8Base ransomware gang’s oversight exposed its Russian site and a Moldovan programmer’s identity. Ironically, a group shaming others for data protection failed to protect its own data. 

The malware targets Windows, but a Mac-based trojan, AtomicStealer, is advertised through similar-sounding domains and malicious Google ads.

Security analysts urged to stay cautious, especially with cracked software and rogue ads masquerading as search results. 

Not only that, they also recommended that before downloading or installing anything, make sure to verify the website’s legitimacy.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack

0
[ad_1]

The Bing AI chatbot labeled the malicious website as the official website of an IP scanner provider and recommended users to visit it, despite its involvement in the malvertising attack campaign.

In the wake of OpenAI’s ChatGPT‘s soaring success, Microsoft’s Bing AI Chatbot emerged as a challenging player in the world of artificial intelligence, boasting over 100 million active users. While this achievement underscores the growing influence of AI, it has also attracted the attention of cybercriminals seeking to exploit this massive user base.

Recent revelations indicate that Bing AI has become the latest target of malvertising attacks, raising significant concerns within the cybersecurity community.

In a blog post, Jérôme Segura, a senior security researcher at Malwarebytes Labs, shed light on the alarming exploitation of Bing AI Chatbot by malicious actors. The attackers have cleverly embedded malicious advertisements within the chatbot, representing a novel approach to malvertising.

It’s crucial to note that the advertising mechanism within Bing AI Chatbot operates similarly to conventional search results, where advertisers bid on specific keywords to have their ads displayed to users conducting related searches. However, there are noteworthy distinctions in how these ads manifest within chatbots.

The attack unveiled by Malwarebytes involved cybercriminals masquerading as the Advanced IP Scanner provider to lure users into clicking on their malicious ads. Advanced IP Scanner is a tool commonly used by network administrators, hinting at the possibility that the culprits behind this campaign may be specifically targeting IT and cybersecurity professionals, although this remains unconfirmed.

In a screenshot shared by Segura, the top ad slot prominently features a website address (mynetfoldersipcfd), claiming to be the official source for downloading Advanced IP Scanner. To make things worse for unsuspecting users, Bing AI itself promoted this malicious website as the legitimate destination.

The true intent behind mynetfoldersipcfd is to segregate genuine victims from bots, sandboxes, or security researchers. It accomplishes this by scrutinizing various factors, including users’ IP addresses, time zones, and system settings, such as web rendering preferences that identify virtual machines.

Human users are redirected to a deceptive site (advenced-ip-scannercom), mimicking the official platform. Meanwhile, other unsuspecting visitors are rerouted to a decoy page. The subsequent step involves duping users into downloading and installing a fake malicious version of Advanced IP Scanner, facilitating the theft of user data. It is crucial to emphasize that the official website for downloading Advanced IP Scanner is advanced-ip-scanner.com, not (advenced-ip-scannercom).

The difference between the two sites is the use of a and e in their addresses: advanced-ip-scanner.com and (advenced-ip-scannercom). This is a typical case of Typosquatting. Typosquatting is a type of attack that involves registering domain names that are similar to popular websites but with common misspellings.

The malvertising campaign doesn’t stop here. Segura also flagged another malicious ad served through Bing AI Chatbot, where the same threat actor replicated Mycase.com, a US-based cloud legal practice management software solution. Mycase.com is instrumental in aiding attorneys and law firms in managing cases, clients, and communications.

Microsoft's Bing AI Chatbot Users Targeted in Malvertising Campaign
Bing AI chatbot pushing Malvertising campaign (Image: Malwarebytes)

This incident emphasised the importance of exercising extreme caution when encountering ads within chatbots and search engines. Although malvertising attacks are not novel, their execution through an AI chatbot platform is definitely an unsettling development.

To safeguard against such threats, it is advisable to employ updated anti-malware solutions, leverage browser scanning applications or plugins, and stay vigilant by keeping software and systems up-to-date. In an era of evolving cybersecurity challenges, these precautions are essential to protect against the ever-creative tactics of cybercriminals.

  1. Google Indexed Bard AI User Chats in Search Results
  2. New AI tool aims to make CAPTCHA a thing of the past
  3. AI Image Editing Tool Cutout Leaked User Images and Data
  4. Following WormGPT, FraudGPT Emerges for AI-Driven Cyber Crime

[ad_2]
Source link