OnePlus 11 vs Apple iPhone 15 Pro Max

0
[ad_1]

This time around, we’re comparing the OnePlus 11 vs Apple iPhone 15 Pro Max. In other words, we’re comparing the best of the best OnePlus and Apple have to offer at the moment. The OnePlus 11 originally launched back in January, but it took it some time to launch in global markets. It has been on the market for a while now. The iPhone 15 Pro Max arrived earlier this month.

Both of these smartphones are compelling in their own way, but they’re also very different. If you’re in the market for a large flagship, however, both of these are worth considering. We’ll list their specs below, and then continue to compare them across a number of categories. This will hopefully help you make a purchasing decision.

Specs

OnePlus 11 vs iPhone 15 Pro Max, respectively

Screen size:
6.7-inch LTPO3 Fluid AMOLED display (curved, 120Hz, HDR10+, 1,300 nits)
6.7-inch Super Retina XDR display with ProMotion (flat, 120Hz, HDR10, 2,000 nits)
Display resolution:
3216 x 1440
2796 x 1290
SoC:
Qualcomm Snapdragon 8 Gen 2
Apple A17 Pro
RAM:
8GB/12GB/16GB (LPDDR5X)
8GB
Storage:
128GB/256GB/512GB (UFS 4.0)
256GB/512GB/1TB (NVMe)
Rear cameras:
50MP (f/1.8 aperture, OIS, multi-directional PDAF), 48MP (ultrawide, f/2.2 aperture, 115-degree FoV), 32MP (telephoto, f/2.0 aperture, 2x optical zoom)
48MP (f/1.78 aperture, second-gen sensor-shift OIS), 12MP (ultrawide, f/2.2 aperture, 120-degree FoV, macro photography), 12MP (telephoto, f/2.8 aperture, 5x optical zoom)
Front cameras:
16MP (f/2.5 aperture)
12MP (f/1.9 aperture) + TrueDepth
Battery:
5,000mAh
4,422mAh
Charging:
100W wired globally, 80W in the US (charger included)
20W wired, 15W wireless, reverse wired charging (charger not included)
Dimensions (unfolded):
163.1 x 74.1 x 8.5mm
159.9 x 76.7 x 8.25mm
Weight:
205 grams
221 grams
Connectivity:
5G, LTE, NFC, Wi-Fi, USB Type-C, Bluetooth 5.3
Security:
In-display fingerprint scanner (optical)
Advanced facial scanning
OS:
Android 13 with OxygenOS 13
iOS 17
Price:
$699
$1,199
Buy:
OnePlus
Apple

OnePlus 11 vs Apple iPhone 15 Pro Max: Design

They are very different when it comes to design. The OnePlus 11 is made out of aluminum and glass. It has a curved display, a display camera hole in the top-left corner, and thin bezels. On the back, it utilizes a circular camera module, while its backplate is also curved. The front and back sides of the phone are actually proportional. The power/lock button sits on the right side, along with an alert slider. The volume up and down buttons are located on the left.

The iPhone 15 Pro Max, on the other hand, is made out of titanium and glass. It has flat sides all around, with slightly rounded edges. The display is flat here, and its bezels are the same on all sides. A pill-shaped cutout sits at the top of the display, and it’s much larger than the display camera hole on the OnePlus 11. The iPhone 15 Pro Max has its recognizable camera island on the back, in the top-left corner. The backplate on the phone is also flat. The power/lock button sits on the right side, while the volume rocker buttons, and an Action Button are placed on the left.

The OnePlus 11 is slightly taller and narrower than Apple’s handset. The two phones are almost the same in terms of thickness. The OnePlus 11 is lighter, though, at 205 grams compared to 221 grams of the iPhone 15 Pro Max. As a side note, they have the same display size, albeit with different aspect ratios. Still, they belong in the same exact size category. Both feel good in the hand, though entirely different. The OnePlus 11 is IP64 certified, while the iPhone 15 Pro Max offers IP68 certification for water and dust resistance.

OnePlus 11 vs Apple iPhone 15 Pro Max: Display

The OnePlus 11 has a 6.7-inch QHD+ (3216 x 1440) LTPO3 Fluid AMOLED display. That panel is curved, and it has a 120Hz refresh rate. Dolby Vision is supported here, and the same goes for HDR10+ content. This display can project up to 1 billion colors, and it goes up to 1,300 nits of brightness at its peak. The display aspect ratio is 20:9, while the Gorilla Glass Victus is here to protect it.

OnePlus 11 Review AM AH 17
OnePlus 11

The iPhone 15 Pro Max, on the flip side, has a 6.7-inch 2796 x 1290 LTPO Super Retina XDR OLED display on the front. That panel is flat, and it supports a 120Hz refresh rate. HDR10 content is supported, and so is Dolby Vision. This panel is brighter than the OnePlus 11’s, at 2,000 nits of peak brightness. The display aspect ratio is 19.5:9, and Apple’s Ceramic Shield glass protects the display.

Both of these displays are great. They’re vivid, have excellent viewing angles, and they’re more than sharp enough. The iPhone 15 Pro Max’s panel does have the brightness advantage, in case you spend a lot of time outdoors, in direct sunlight. Other than that, do keep in mind that one panel is curved, and the other is not, if that plays a role in your decision. Chances are you won’t be disappointed by either panel.

OnePlus 11 vs Apple iPhone 15 Pro Max: Performance

The OnePlus 11 is fueled by the Snapdragon 8 Gen 2 processor. That is the most powerful chip Qualcomm has to offer. The phone also includes up to 16GB of LPDDR5X RAM and up to 512GB of UFS 4.0 flash storage. The iPhone 15 Pro Max, on the flip side, is fueled by the Apple A17 Pro processor. That chip is extremely powerful too, and has a lot of gaming prowess. Apple paired that with 8GB of RAM and NVMe flash storage.

That being said, both smartphones perform really well in day-to-day tasks, they’re extremely smooth. The thing is, the iPhone 15 Pro Max does seem to have problems with heat these days. Those are some early problems that Apple can resolve by lowering the performance of the SoC, and that will probably happen. That shouldn’t really affect the actual performance of the device. It is worth noting, though. The OnePlus 11 does a great job with games, it can run basically anything from the Play Store with ease. It also does a great job with heat management.

OnePlus 11 vs Apple iPhone 15 Pro Max: Battery

There is a 5,000mAh battery included inside the OnePlus 11, while a 4,441mAh unit sits inside the iPhone 15 Pro Max. That battery pack is smaller as iPhones usually need less power than Android phones. In case you’re wondering about the battery life, well, it’s great on both smartphones. The OnePlus 11 does have the edge, based on what we’ve seen, but the iPhone 15 Pro Max’s battery life improved a lot after several charges.

With the OnePlus 11, we managed to cross the 9-hour and 10-hour screen-on-time mark. The iPhone 15 Pro Max did not get us that far. We were able to get around 8 and a half hours of screen-on-time maximum, before the phone required a charge. So it sits a bit below the OnePlus 11, but at the same playing field. Both of these phones are true road warriors, and chances are you won’t need to worry about charging them before going to bed. For some people, they’ll easily last two days even.

When it comes to charging, things are rather interesting. The OnePlus 11 supports 100W wired charging globally, but it’s limited to 80W in the US. It can fully charge the phone in only 25 minutes at 100W. It does not support wireless charging, though. The iPhone 15 Pro Max supports 20W wired, 15W MagSafe wireless, 7.5W Qi wireless, and reverse wired charging. It will also support Qi2 once it launches. Unlike the iPhone 15 Pro Max, the OnePlus 11 includes a charger in the box.

OnePlus 11 vs Apple iPhone 15 Pro Max: Cameras

Both of these smartphones have three cameras on the back, not counting the iPhone’s ToF sensor. The OnePlus 11 includes a 50-megapixel main camera, a 48-megapixel ultrawide unit (115-degree FoV), and a 32-megapixel telephoto camera (2x optical zoom). The iPhone 15 Pro Max features a 48-megapixel main camera, a 12-megapixel ultrawide camera (120-degree FoV), and a 12-megapixel telephoto unit (5x optical zoom).

iphone 15 pro max AM AH 25
iPhone 15 Pro Max

It’s worth saying that both smartphones do a really good job when it comes to pictures. They both have pronounced colors without making the images look overprocessed or anything like that. They both provide plenty of detail, though in default mode, the iPhone 15 Pro Max does offer more detailed pics, if you pixel peep. Both ultrawide cameras do a great job, while the telephoto performance is interesting. The iPhone 15 Pro Max shines at 5x, but not as much at 3x. At 2x both are excellent, while the 3x is a close call. In low light, they both do a good job, while the OnePlus 11 does tend to brighten up the scene a bit more. They both manage to preserve quite a bit of detail in low light.

The video performance is good on the OnePlus 11, but the iPhone 15 Pro Max takes the cake in that department. Video recording has been the iPhone’s strong suit for a long time, and the same is the case with this generation.

Audio

You will find a set of stereo speakers on both smartphones. The iPhone 15 Pro Max’s speaker does get a bit louder, but not by much. Both sets are quite clear, and don’t sound muffled by any stretch of the imagination.

Neither of the two devices has an audio jack. You can still use their Type-C USB ports to connect your wired headphones, though, without a problem. If you prefer to go wireless, however, Bluetooth 5.3 is available on both phones.


[ad_2]
Source link

The French antitrust authority has raided NVIDIA offices

0
[ad_1]

NVIDIA offices in France have reportedly been raided by the French Competition Authority early morning on Wednesday September 27. According to a press release from Autorité de la concurrence, a dawn raid was conducted on the offices of a “company specializing in graphics cards” within the region.

NVIDIA is not specifically mentioned anywhere in the press release. But according to a recent report from The Wall Street Journal, NVIDIA was indeed the company referenced by Autorité de la concurrence. Based on the details given, the raid revolves around an investigation into NVIDIA’s potentially anticompetitive practices in the GPU market. It’s unclear what the agency did during the raid or if it seized any documents or information. But The WSJ notes that raids such as this one often include that kind of activity. With authorities seizing physical and digital materials and even interviewing employees.

NVIDIA’s offices were raided as part of a larger investigation into cloud computing

The raid was not just about NVIDIA’s GPU market dominance. Even if that was focus of it. It’s also reportedly part of a broader investigation. Back in June the Autorité de la concurrence published a lengthy press release about the health of the cloud market. In it the agency discusses its intent to determine if newer, smaller companies are able to compete with much larger ones. The raid suggests that the agency has reason to believe the answer might be no. It’s also keen to point out however that a raid does not mean any laws were broken.

“Such dawn raids do not pre-suppose the existence of a breach of the law which could be imputed to the company involved in the alleged practices, which only a full investigation into the merits of the case could establish, if appropriate” the agency says. Basically, the agency is not assuming NVIDIA broke any antitrust laws. It does intend to find out though. And that’s what an investigation will allow to happen. NVIDIA has seen lots of success in the past few years thanks to a rising demand for its AI chips. And that seems to have earned it a little more scrutiny.


[ad_2]
Source link

Meta brings AI stickers to Instagram, Facebook Stories, Messenger, and WhatsApp

0
[ad_1]
At Connect earlier today, Meta revealed a bunch of AI editing tools and AI-powered features coming to many of its apps and services. Additionally, we’ve finally learned when the Meta Quest 3 will hit shelves after the company announced its price a while ago.

One of the most interesting AI experiences introduced by Meta is the ability to send AI stickers. These are customized stickers generated by AI based on the user’s searches.

Meta’s AI stickers use technology from Llama 2 and the company’s model for image generation called Emu. The AI tool will turn your text prompts into multiple unique stickers in seconds. Simply search for a specific sticker that you want to use like a hedgehog or blue heart, and the AI tool will generate a high-quality sticker for you to include in your conversations.

According to Meta, the new feature will be rolled out to select English-language users over the next month in WhatsApp, Messenger, Instagram, and Facebook Stories.

Along with AI stickers, Meta also announced some AI editing tools that also use the technology from Emu. Two new features are coming to Instagram, restyle and backdrop, which will allow users to transform their images or co-create AI-generated images with friends.

With restyle, users can reimagine their images by applying the visual styles they describe (i.e. watercooler, collage). On the other hand, backdrop changes the scene or background of an image.

 

You can use commands like “put me in front of an aurora borealis” or “surrounded by puppies” to cue the tool to create an image of the primary subject in the foreground with the background that you want.

It’s important to note that all images created with restyle and backdrop will indicated the use of AI to avoid being confused with human-generated content.


[ad_2]
Source link

Cisco WAN Manager Vulnerabilities Attacker Conduct DoS Attack

0
[ad_1]

Cisco, a prominent player in the world of networking and cybersecurity, has issued a critical security advisory concerning multiple vulnerabilities in their Catalyst SD-WAN Manager, formerly known as Cisco SD-WAN vManage. 

These vulnerabilities could potentially open doors for cyber attackers to access affected systems or cause a significant denial of service (DoS) situation.

First and foremost, it’s important to note that there are no workarounds available to mitigate these vulnerabilities. 

This means that immediate action is necessary to address these critical issues.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Vulnerabilities Unveiled: CVEs and CVSS Scores

CVE-2023-20252: This vulnerability involves unauthorized access to Cisco Catalyst SD-WAN Manager via Security Assertion Markup Language (SAML) APIs. 

An attacker, even if unauthenticated, could potentially gain unauthorized access to the application as an arbitrary user. The severity of this vulnerability is rated as Critical with a CVSS Base Score of 9.8.

CVE-2023-20253: This vulnerability affects the CLI (Command-Line Interface) of Cisco Catalyst SD-WAN Manager. 

It could allow an authenticated, local attacker with read-only privileges to bypass authorization and roll back controller configurations, which could then be deployed to downstream routers. 

This vulnerability is rated as High with a CVSS Base Score of 8.4.

CVE-2023-20034: Here, an information disclosure vulnerability is revealed. It involves an unauthenticated, remote attacker accessing the Elasticsearch database of an affected system with the privileges of the Elasticsearch user. 

This vulnerability is rated as High with a CVSS Base Score of 7.5.

CVE-2023-20254: This vulnerability pertains to the session management system of Cisco Catalyst SD-WAN Manager’s multi-tenant feature. 

An authenticated, remote attacker could access another tenant managed by the same instance, potentially leading to unauthorized configuration changes or causing a denial of service (DoS) situation. It has a High severity rating with a CVSS Base Score of 7.2.

CVE-2023-20262: Lastly, there is a vulnerability in the SSH (Secure Shell) service of Cisco Catalyst SD-WAN Manager, which could lead to a process crash, resulting in a DoS condition for SSH access. 

This vulnerability is rated as Medium with a CVSS Base Score of 5.3.

Affected Products and Fixed Software

The vulnerabilities impact Cisco Catalyst SD-WAN Manager, and users must determine if their software releases are vulnerable. 

Cisco has released software updates to address these issues. Users with service contracts should obtain security fixes through their usual channels.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Multiplayer shooter ‘Hyenas’ was shot down just before launch

0
[ad_1]

Last year, Sega introduced us to a new and exciting game. Called Hyenas, it was a multiplayer shooter that had a fun aesthetic and interesting characters. Well, according to Sega, Hyenas was shut down just before its launch.

The company unveiled the game last year, and it’s been beta testing the game ever since. There was a lot of hype for this game, as it seemed like a very fun time. The unfortunate thing is that it was meant to be coming out rather soon. Those waiting for the public release are going to be disappointed.

Hyenas was shut down in the wake of potential layoffs

Why did Sega shut down this interesting-looking shooter? It’s not because the company wants to punish its fans. The studio behind the game is Creative Assembly, and it’s also responsible for Alien: Isolation and Total War. Well, Creative Assembly could be facing some layoffs soon.

Currently, Sega is going through a structural reform at the moment, and one area that’s seeing the biggest impact is the European market. “…the business environment surrounding the Consumer area has been rapidly changing, including reactionary decline from the stay-at-home demand in COVID-19 and the economic downturn due to inflation in European region, and profitability has been lowered mainly in European bases.”

The company’s European business is facing some hurdles, unfortunately, and it needs to make some cutbacks. This includes canceling games in development. One of those games being shut down is Hyenas.

Not only that, but the company is getting ready to lay off employees. We’re not sure how many people will be let go, however. The studio stated that it’s going to focus on reducing redundant positions, and it’s going to try to find new positions for employees where possible. This isn’t great news for the employees at the company or for the people who were waiting to play Hyenas.

However, if the economic conditions are bad, they’re bad. Large companies are still struggling to maintain profitability, and that’s led to rolling layoffs across the industry. All we can do is hope that the company won’t need to make many more decisions like this one.


[ad_2]
Source link

The Meta Quest 3 is getting a nifty wireless charging dock

0
[ad_1]

Meta officially announced the Quest 3 headset this week alongside a handful of companion accessories, including a wireless charging dock. As spotted by The Verge, the dock for the Quest 3 charges both your headset and your controllers wirelessly. Which provides two really useful benefits over the dock that was used for the Quest Pro.

The first and most obvious being that charging is now wireless. There’s one less cable for you to have to deal with. And any time that you get to use less cables is a good time. The other major benefit here is that the dock now supports the headset and the controllers in one single unit.

With the Quest Pro dock, the dock itself would charge the controllers. While a cable plugged into the dock would charge the headset. Now you can just place the headset and controllers down on the dock altogether. The controllers still take AA batteries but the dock comes with rechargeable lithium ion “Meta” batteries that the company says provides hundreds of charging cycles. And the headset of course has an internal battery that can charge via the contacts on the underside of the VR headset.

The Meta Quest 3 wireless charging dock retails for $129.99

If you want to charge your headset and controllers wirelessly be prepared to cough up a little extra cash. As the dock will set you back $129.99. Pair that up with the Quest 3’s starting $499 price tag and you’re in for a $630 investment. And that’s before you throw down any other money on games or additional accessories.

The overall cost is certainly not inexpensive. But the value is likely there for those that want the added convenience of just picking up the hardware and being ready to play. No having to mess about with unplugging everything. Or store an extra cable away somewhere when it’s not in-use. You can buy the dock directly from Meta but you can also get it from retailers like Best Buy. The dock is still in a pre-order status though and won’t officially be shipping until November 10.

Meta Quest 3 Wireless Charging Dock – Best Buy


[ad_2]
Source link

Say goodbye to password sharing on Disney+

0
[ad_1]

Disney+ has over 140 million subscribers worldwide. But in the past year, the streaming giant saw a drop in paying users, with almost 20 million people saying goodbye to their Disney+ memberships. At the same time, the company introduced new plans and hiked up the prices for some of them. Now, there are more changes on the way.Users in Canada won’t be able to share their Disney+ passwords and accounts with people outside their households anymore, as reported by Android Authority. Disney+ sent out emails to its users, letting them know that starting from November 1st, shared accounts will be restricted. Only people living under your roof will be allowed to watch on devices connected to your primary account.

This move to crack down on password sharing isn’t entirely new, as Netflix has already done it. Netflix lets users pay for extra subscribers who don’t live in the same house, but Disney+ hasn’t announced such a feature. So, if you’ve been sharing a Disney+ account in Canada, you might find yourself kicked out unceremoniously come November 1st.

Netflix also allows you to transfer your profile to keep your watchlist and recommendations intact. Whether Disney+ will offer similar options remains unclear.

Disney+ recently introduced an ad-supported option to soften the blow of an upcoming price increase for ad-free subscriptions. However, with this password-sharing crackdown, it might need to think of more ways to keep its current users and attract new ones. Content is essential, but don’t underestimate the impact of prices and the ability to use your profile from anywhere.

Some users on Reddit have reported difficulties logging into their Disney+ accounts when they’re away from home, which can be a hassle, especially when you’re paying for it every month.

This password-sharing restriction kicks off in Canada on November 1st. Whether it will affect the US and other countries remains uncertain for now.


[ad_2]
Source link

Dark Web Pedophiles Using Open-Source AI to Generate CSAM

0
[ad_1]

Pro tip: Do not upload images of your children on the internet, including your social media profile, even if your friends list consists of people you know or trust.

  • The availability and sophistication of generative AI platforms is a growing issue of concern. Cybercriminals can easily manipulate videos, images, and audio to create deep fake content.
  • A UK-based internet watchdog has shared startling details of how paedophiles have switched to generative AI to create child sexual abuse content.
  • Research revealed that paedophiles use freely available AI software to create illegal child pornographic material.
  • The Internet Watch Foundation observed that paedophiles are openly discussing how to modify the software to manipulate children’s photographs on the dark web.
  • This can make it challenging to help real-life victims.

We all know OpenAI’s ChatGPT chatbot. You may also be aware that cybercriminals have developed malicious alternatives of ChatGPT known in the cybersecurity community as FraudGPT and WormGPT. The bottom line is that cybercriminals will go to great lengths to turn the power of Artificial Intelligence (AI) to their advantage for malicious purposes.

Now, according to a report published by a UK-based internet watchdog, the Internet Watch Foundation (IWF), cybercriminals are turning to generative AI platforms to create child sexual abuse material (CSAM).

As per the research from IWF, cybercriminals’ increasing preference to create deep fake content fabricating people or events is a concerning issue because of the sheer scope of damage it can cause. The problem becomes more concerning when it involves minors, particularly children. The ease with which sex offenders can create this imagery can also encourage its widespread acceptability.

The IWF found that there’s been a sudden surge in AI-generated child sexual abuse content available online. The organization noticed discussions among paedophile rings on dark web forums frequently used by sex offenders regarding tips on creating fake images of children via open-source AI models.

Child safety experts and law enforcement agencies are afraid that the availability of realistic photos will make it challenging to help real-life victims of child sexual abuse. It must be noted that creating photorealistic content is illegal in the UK.

Open-source AI models differ from closed AI models like Google’s Imagen, as anyone can download them. It is easier to use these models because they can download and run them on PCs, and there’s no need to run them on the cloud. So, they can evade the controls and detection tools on the cloud and distribute the content online more regularly than they do now.

Offenders can use a basic source image-generating model containing billions of tagged images and fine-tune the images with child sexual abuse images to create a similar model with low-rank adaptation. Hence, with minimal computation, they can produce realistic images and mislead law enforcement by diverting their focus on child victims that don’t exist.

Earlier, the IWF’s chief executive, Susie Hargreaves OBE, had warned the government regarding the seriousness of this issue. 

In May 2023, the Internet Watch Foundation (IWF) initiated the recording of instances involving AI-generated child sexual abuse material, marking a significant development for its hotline. Over the span of May 24 to June 30, the IWF diligently investigated 29 reports encompassing URLs suspected of housing AI-generated child sexual abuse imagery. These reports came from concerned members of the public.

Among these cases, the IWF successfully verified that seven of the reported URLs indeed contained AI-generated child sexual abuse imagery. Notably, these URLs often hosted multiple images, which could be entirely AI-generated or a combination of AI-generated and authentic content.

Disturbingly, the addressed URLs covered a distressing range of material, spanning from Category A to Category B, and depicted children as young as 3 to 6 years old, comprising both female and male victims.

“We are not currently seeing these images in huge numbers, but it is clear to us the potential exists for criminals to produce unprecedented quantities of life-like child sexual abuse imagery. This would be potentially devastating for internet safety and for the safety of children online. We have a chance, now, to get ahead of this emerging technology, but legislation needs to be taking this into account and must be fit for purpose in the light of this new threat,” Hargreaves had said.

The head of the UK government’s AI task force, Ian Hogarth, had raised red flags about child sexual abuse material created using open-source AI models, claiming that it was amongst the “most heinous things out there.”

The IWF chief Dan Sexton regarded this as a “public health epidemic” that will get only worse as cybercriminals switch their focus on generative AI technology.

The IWF is a non-profit organization founded in 1996 to monitor the internet for sexual abuse content and receive tips about such content, especially involving children.

How to Protect your Child and their Photos from Malicious Elements on Dark Web?

Here are 10 ways parents can protect their children and their photos from exposure to the dark web and individuals with malicious intent:

  1. Educate Your Children: Teach your kids about online safety, including the importance of not sharing personal information, photos, or engaging with strangers online.
  2. Use Privacy Settings: Adjust the privacy settings on social media platforms to ensure that only trusted contacts can view your child’s content.
  3. Regularly Check Friend Lists: Encourage your child to regularly review their friend lists and followers on social media and remove anyone they don’t know in real life.
  4. Watermark Photos: If you choose to share photos of your children online, consider watermarking them to deter unauthorized use.
  5. Limit Location Sharing: Disable location sharing on your child’s devices and social media accounts to prevent tracking by malicious individuals.
  6. Use Secure Devices: Ensure your child’s devices have up-to-date security software and are protected with strong passwords or biometrics.
  7. Teach Responsible Posting: Encourage responsible posting by discussing the potential consequences of oversharing personal information or photos.
  8. Monitor Online Activity: Keep an eye on your child’s online activity without being overly invasive. Use parental control software if necessary. Use parental control apps!
  9. Promote Open Communication: Create an environment where your child feels comfortable discussing any online interactions or concerns they may have.
  10. Report Suspicious Activity: Teach your child how to recognize and report suspicious behavior or content to both you and the relevant authorities.
  1. Hackers Claiming to Jailbreak AI Chatbots to Write Phishing Emails
  2. Microsoft’s new tool detects & reports pedophiles from online chats
  3. Fake ChatGPT and AI pages on Facebook are spreading infostealers
  4. Operation Narsil – INTERPOL Busts Decade-Old Child Abuse Network

[ad_2]
Source link

ZYXEL Buffer Overflow vulnerability – Attacker Launch DoS Attack

0
[ad_1]

ZYXEL has been discovered with a Buffer Overflow vulnerability on their ZYXEL-PMG2005-T20B device, which can result in a denial-of-service condition. This condition exists due to improper sanitization of user-supplied input on their HTTP request.

Zyxel is a Taiwanese multinational company that manufactures several networking products like Routers, DSL CPE, WiFi Systems, 5G NR/4G LTE CPE, Carrier and Access Switches, Network Extenders, and Network Management devices.

Technical Analysis

A threat actor can exploit this vulnerability by providing a crafted script to the uid parameter in the cgi-bin/login.asp, leading to a Buffer Overflow, eventually causing the DoS condition. This vulnerability has been assigned with the CVE as CVE-2023-43314, and the severity is being analyzed.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

This vulnerability arises in the ZYXEL-PMG2005-T20B product when the number of admin in the uid exceeds the maximum threshold of 50, which crashes the application when parsed in the backend. Additionally, the COOKIE header in the HTTP request is supplied with a SESSIONID parameter for creating a valid session with the ZYXEL product.

However, further analysis revealed that the ZYXEL-PMG2005-T20B product has reached End-of-Life as per the ZyXEL website. 

End-of-Life
End-of-Life (Source: Cyber Security News)

The researcher created an HTTP request to replicate this vulnerability with the following parameters and values.

GET /cgi-bin/index.asp HTTP/1.1
Host: {HOST IP}
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.120 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://{HOST IP}/cgi-bin/login.asp
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: SESSIONID=4450a48a; uid=adminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadminadmin; psw=1234
Connection: close

This request to the ZyXEL product causes the Buffer Overflow due to the number of admin thresholds resulting in the Denial of Service condition. In addition to this, more than 20 URLs were listed by the security researcher, which were affected by the same vulnerability.

A GitHub repository, along with the proof-of-concept was published, which provides detailed information about this vulnerability, its existence, and other information. 

Users of this ZyXEL product are recommended to upgrade to the latest version of the product in order to prevent this vulnerability from getting exploited.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

Galaxy Tab A9+ specs revealed by Google Play ahead of launch

0
[ad_1]

We recently got confirmation that Samsung will unveil the Galaxy Tab A9 series on October 5. The base model showed up on the Google Play Console last week to reveal some of its key specs. The Plus model has now surfaced on the same website, giving us an idea of what to expect from it.

Google Play Console reveals key specs of the Galaxy Tab A9+

Spotted by MyFixGuide, Google has listed the 5G version of the unannounced Samsung tablet. We can see that the device has a Qualcomm processor with the model number SM6375. It’s none other than the Snapdragon 695, a 6nm mid-range chipset featuring two ARM Cortex-A78 CPU cores clocked at 2.2GHz and four Cortex-A55 cores at 1.8GHz. Qualcomm has paired the CPU with the Adreno 619 GPU. The SoC supports both sub-6 and mmWave 5G networks.

Samsung will offer at least 4GB of RAM with the Galaxy Tab A9+. The tablet may also be available in a 6GB RAM variant. Storage configurations are not known but we should get 128GB of internal storage space if not more. The device will support microSD cards for expandable storage. The Korean firm may let you add up to 1TB of additional storage space externally.

This tablet features a Full HD+ (1200×1920 pixels resolution) display. It is presumably an LCD panel measuring between 11 and 12 inches diagonally. The Google Play Console listing also confirms that the Galaxy Tab A9+ will run Android 13 out of the box. Samsung will likely ship it with its One UI 5.1.1 custom software. The device has one camera each on the front and back. Earlier rumors have revealed a 7,040mAh battery with 15W fast charging.

The rest of the specs of this tablet are still under the wraps. However, as said earlier, Samsung plans to launch the Galaxy Tab A9 series next week, so it won’t be long before we get to know everything about the duo, including the pricing structure. We might even come across more detailed leaks ahead of the official unveiling. Stick around and we will keep you posted with all the latest information.

Samsung has more devices lined up for launch in early October

The two new A-series tablets could be accompanied by a bunch of other Galaxy devices out of Samsung’s doors next week. The Korean firm also has the Galaxy S23 FE, Galaxy Buds FE, Galaxy Tab S9 FE, Galaxy Tab S9 FE+, and Galaxy SmartTag 2 in the pipeline. All of these devices are scheduled for an early October release. It remains to be seen if they break cover on the same day.

Samsung Galaxy Tab A9 Plus Google Play Console 2


[ad_2]
Source link