The hot new MediaTek Dimensity 9300 has a huge problem

0
[ad_1]

As has been rumored since the beginning of the summer, rising chipmaker, MediaTek’s got a hot new flagship chipset in the works. Which aims to narrow the gap between its top-of-range offerings and industry standard bearer Qualcomm’s leading Snapdragon 8 series.

Unfortunately for the Taiwanese firm, word among those in the know is that the upcoming Dimensity 9300’s hotness is not limited to mere literary flourish. The unconventionally-designed model is said to literally be running too hot to operate at its advertised frequencies. This has the potential of generating some uncomfortable conversations between MediaTek and its OEM customers, the latter of whom have been promised performance that may not be achievable within acceptable thermal ranges.

Why is the Dimensity 9300 running so hot?

Apparently the problem stems from the silicon maker’s ambitious design choices with regard to ARM core distribution on the octa-core wafer: whereas most modern ARM-based chips contain a mix of fast and slow cores to throttle back the power (and thus the heat) during less intensive computing tasks, the Dimensity 9300 can most accurately be said to eschew the slow cores completely in favor of a mix that includes only fast and very fast (four each of Cortex-A720 and Cortex-X4, respectively).

While the envelope-pushing, four-nanometer design — previously reported by Weibo leaker Digital Chat Station — has been generating early buzz, it’s also allegedly causing headaches for phone manufacturers trying to unbottle that potential performance without singeing users’ hands in the process.

So now, as the chip’s rumored October launch approaches and partners scramble to finalize their plans around it, MediaTek reportedly finds itself in an unenviable bind. It can either dial back the speed somewhat significantly in order to meet stringent OEM thermal requirements — deflating much of the buzz-making and thus earnings-generating performance of D9300 — or it can try to move customers over to its more tried-and-true (but less exciting) solutions. Alternatively, it could watch them walk away altogether, a last-ditch maneuver that would be sure to cause production delays as well as leaving a sour taste in the mouths of everyone involved.


[ad_2]
Source link

Apple’s AirPods getting major upgrade next week

0
[ad_1]

As part of Apple’s event next week, Apple is going to be giving the AirPods Pro a pretty major upgrade. That’s USB-C. Okay, that might not sound like a huge upgrade, but it really is.

Don’t expect this to be a full on generational upgrade for the AirPods Pro, as it isn’t quite time for that yet. The main upgrade here is changing Lightning to USB-C. Apple is also planning to upgrade the AirPods and AirPods Max to USB-C as early as next year. While it is time for the AirPods Max to get updated, the regular AirPods were just updated about a year ago. So those will likely be just a change to USB-C too.

Gurman says that there won’t be any other changes to the AirPods Pro at the event. But the AirPods Pro are a big seller for Apple, so updating them to USB-C first is smart.

Apple is working on new health features for AirPods

Although this update will really only be USB-C, Apple is still working on some new health features for the AirPods. This includes body-temperature sensing and a new hearing-test system. Those enhancements are likely coming later on down the road though. As it does seem to be pretty early on for these features.

Adding health features to the AirPods are going to help make them more “sticky” for users. Which, for iPhone users, they are already pretty sticky, because of how well they work with the iPhone, iPad and Macs already.

AirPods are typically updated about every two years or so. It’s one of the few products that Apple does not update yearly, which they really don’t need to. There have been a couple of one-offs, like updating the original AirPods to a wireless charging case, and now updating the AirPods Pro to USB-C. But as far as new hardware, that’s about every two to three years.


[ad_2]
Source link

Clubhouse gets a big redesign with focus on group audio chats and “friends over followers”

0
[ad_1]
The once very-hot Clubhouse app has since become a little bit of the kid who somehow gets ignored… however, the app’s changing direction a bit (or a lot) with its latest update announced in a blog post, and is getting a big redesign to focus more on group interactions with voice.

Clubhouse gets a big redesign to focus on group voice chats


The app is getting a new feature called Chats. Basically, it’s a voice-only group chat feature, where you are able to send voice messages to friends and receive replies in the form of audio. It’s not live, so you can send and receive voice messages at any time, whenever it’s convenient for you.

You are able to push to talk, listen at 2x, tap to skip, swipe to the next Chat, or chat privately with someone.


However, live audio isn’t going away – it will still remain as one of the main features of Clubhouse. When you open Clubhouse, you’ll see your friends and not only the rooms that happen to be live at that moment.

When you start a chat, you can set it to “friends only” or “friends-of-friends”, so it’s not full of strangers.

The social media platform is now changing its focus on friends instead of followers and depth over reach, explains the blog post. With the friends over followers mindset, the app will have a friend button instead of a follow button. For the people with a lot of followers, you will be able to create a House with all of them so you can easily reach them. Now, you can create Chats within Houses, which should enhance the experience on the platform.


[ad_2]
Source link

Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts

0
[ad_1]

A new sophisticated stealing campaign named  “Steal-It”  has been discovered that exfiltrates NTLMv2 hashes using customized versions of Nishang’s Start-CaptureServer PowerShell script.

It is believed that the Steal-It campaign may be attributed to APT28 (aka Fancy Bear) based on its similarities with the APT28 cyber attack.

Fancy Bear is a Russian cyber espionage group that uses zero-day exploits, spear phishing, and malware to compromise targets.

Zscaler Threat Labs recently discovered the campaign’s tactics and infection chain and shared its report.

NTLMv2 Hash Stealing Infection Chain

The NTLMv2 hash stealing infection chain steals NTLMv2 hashes by utilizing a customized Nishang’s Start-CaptureServer PowerShell script and transmitting the stolen hashes via mocky APIs to Mockbin.

SystemInfo Stealing Infection Chain

The Systeminfo stealing infection chain uses the OnlyFans brand to entice users into downloading the later stages of the chain, which exfiltrate command outputs to Mockbin.

Fansly Whoami Exfil Infection Chain

The Fansly whoami exfil infection chain uses the Fansly brand to entice users into downloading the later stages of the chain, which exfiltrate command outputs to Mockbin. 

Windows Update Exfil Infection Chain

ZIP archive bundled with an LNK file that uses geofencing techniques to target users in Belgium unknowingly downloads multiple stages of a PowerShell script that executes system commands to collect basic information for nefarious purposes. 

Among all the infection chains, the threat actor utilized customized scripts from the Nishang framework to steal and exfiltrate NTLM hashes by executing system commands.

Finally, mock APIs are used to exfiltrate the captured data from the compromised device.

Explicit images of models are used to entice victims to execute the initial payload in The Fansly Whoami Exfil and Exfil Sysinfo OnlyFans infection chain.

Threat actors use a geofencing strategy specifically targeting regions including Australia, Poland, and Belgium. 

Mockbin API, an endpoint-generating tool, and mock APIs are used to transfer stolen data, such as NTLM hashes and command output.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.


[ad_2]
Source link

Galaxy Tab A9 & Galaxy Tab A9+ inch closer to launch

0
[ad_1]

Samsung‘s Galaxy Tab A9 series tablets are slowly marching towards their launch. Both Galaxy Tab A9 and Galaxy Tab A9+ recently surfaced on multiple certification listings, including the FCC. The Korean firm has yet to announce a launch date for the devices.

About a month back, the FCC certified the Galaxy Tab A9 with the model number SM-X115. The Korean regulatory body, Safety Korea, followed up with its certification a couple of weeks later. We also got confirmation about its variants bearing model numbers SM-X110, SM-X115N, and SM-X117.

In the meantime, the Galaxy Tab A9+ popped up on the Indian certification agency’s (BIS) website with the model number SM-X216B. The Plus model also showed up on the Bluetooth SIG website and Geekbench, confirming five more variants (SM-X210, SM-X216N, SM-X216C, SM-X218, and SM-X218B).

The Galaxy Tab A9+ (SM-X210) has now received the FCC certification (via). The base model, on the other hand, has gained certifications from the Bluetooth SIG and the Korean Radio Research Agency (RRA) with the model numbers SM-X115 and SM-X115N, respectively. The RRA listing contains a live photo of the tablet, which we previously saw in the FCC and Safety Korea certifications as well.

Samsung Galaxy Tab A9 RRA certificate live photo

The FCC listing revealed that the Galaxy Tab A9+ will measure 257.11×168.66×6.94mm in dimension. It will feature Wi-Fi, Bluetooth, GPS, and a microSD card slot. Supporting documents confirm its battery capacity (7,040mAh) and hint at a 15W charging speed. The Galaxy Tab S9 will reportedly pack a 5,000mAh battery and boast the same charging speed.

Samsung will offer both of these tablets in cellular variants (5G) as well. The Plus model could be powered by Qualcomm’s Snapdragon 695 chipset paired with the Adreno 619 GPU and at least 4GB of RAM. The processor details of the Galaxy Tab A9, which measures 210.7mm in length and 124.7mm in width, are not known. Both tablets will run Android 13 out of the box.

Samsung may launch the Galaxy Tab A9 series alongside other products

The Galaxy Tab A9 and Galaxy Tab A9+ may arrive alongside a bunch of other Samsung products later this year. The Korean firm is known to be working on the Galaxy Tab S9 FE, Galaxy Tab S9 FE+, Galaxy Tab S23 FE, Galaxy SmartTag 2, and a new pair of TWS earbuds (likely called the Galaxy Buds FE). Rumors are that all of these devices will launch in Q4 2023, i.e. between October and December. We might have an official confirmation soon.

Samsung Galaxy Tab A9 Bluetooth SIG certificate


[ad_2]
Source link

Privacy Sandbox APIs are now generally available in Chrome

0
[ad_1]

Google‘s Privacy Sandbox initiative, which aims to remove third-party cookies from its browser, has just hit a major milestone. Its relevance and measurement APIs are now generally available in Chrome without requiring manual activation of browser flags or participation in beta programs. The company has left three percent of Chrome users unaffected by the change, though. This will allow it to conduct A/B testing of the feature. Privacy Sandbox APIs will be available by default to everyone over the coming months.

According to Google, this change will enable advertising providers and developers to scale the usage of the new privacy tool. Since the Privacy Sandbox APIs are available for the majority of Chrome users, companies will be able to run more effective tests of the new technologies within their products and services. This is a “significant step on the path towards a fundamentally more private web,” the company said in a press release. Google will help the industry in these testing efforts with a simulation feature later this year.

The ability to simulate the deprecation of third-party cookies will be available to companies in the third quarter of 2023. Google will start with a small percentage of users for each company. In early 2024, it will turn off third-party cookies for one percent of all Chrome users. The tech giant plans to begin mass deprecation of third-party cookies in Chrome in the second half of 2024. “The countdown to the planned deprecation of third-party cookies is in full effect,” it says, suggesting that there won’t be delays anymore.

Google announced the Privacy Sandbox initiative over four years ago

Websites and apps use third-party cookies to track your online activities. These trackers can see the websites you visit or links you click on, helping companies build your online profile containing topics of your interests and other information. They use the profile to serve you tailored ads and show relevant content across the web. The problem with this approach is that your online activities aren’t as private as they should be.

Google’s Privacy Sandbox is a “privacy-preserving alternative” to third-party cookies that can fix this problem. It creates a group of people with similar interests and hides individual profiles within the group. This will prevent websites from tracking you individually, while they can still serve you tailored ads and relevant content. Google announced this initiative in August 2019 with plans to launch it in 2022.

However, it later delayed the implementation of Privacy Sandbox to 2023 because it needed more time to work with publishers, ad companies, and other industry stakeholders. Google said a half-baked application could give birth to invasive tactics such as fingerprinting. In July last year, the firm pushed back the plan to the end of 2024. It appears the tech biggie is now on track to pull it off next year.


[ad_2]
Source link

Google Pay’s autofill finally lets you name your cards: here’s how

0
[ad_1]
Sooner or later, we’ll get there. Can you imagine? A day where you wake up and have to take with you nothing beyond your phone. Chonky wallet? Bye-bye! Tons of cards and IDs? Always with you, on your phone! Dirty cash? No need: all of the best phones on the market will be able to be used as payment methods.And this future is happening thanks to tech goliaths like Apple and Google. Recently, we talked about how Google Files is starting to adopt digital documents in India — and that is certainly a feature that needs to grow more and become available in other countries too.

But Google Pay requires updates too! For example, have you ever had a situation where you are trying to pay something online and then GPay asks you to pick a card. And there’s, like, several and all of them indicated by card numbers?

What year is this? Well, as it turns out: the year that this changes!

Autofill is one of the most convenient features that anyone can take advantage of, especially when provided safely through masters of the craft such as Google. But still, being unable to label your autofill presets feels a tad outdated in 2023, right?

Finally, Google Pay will become updated — which includes GPay in Chrome, by the way — to let you name your cards when using autofill. And in a day and age, where virtual cards are becoming more accessible and sought-after, this is pure bliss.

The update is reportedly rolling out now, so here’s what you need to know:

  • The phone app may try to set some generic name up for your cards, but other than that: if you visit the Payment Methods section, you’ll be free to change them as you please

The situation is a bit more tricky on PC, through Chrome, though, so here’s a quick guide for that:
  1. Navigate to the Google Pay homepage
  2. Click the blue “Set up payment methods” button on the top right
  3. Select “Manage Payment Methods”, which should be at the top of the list that you are seeing
  4. On any of your visible payment methods, select “Edit”
  5. Input your desired name in the “Card Nickname” section on the bottom
  6. Donezo!

Now, since the update is still rolling out, we’re not sure if Chrome may get the generic naming conventions too. Furthermore, we aren’t certain if those may try to override any nicknames set, so if you happen to notice anything: make sure to let us know through a comment!

[ad_2]
Source link

North Korean Hackers Actively Attacking Security Researchers

0
[ad_1]

Google’s Threat Analysis Group (TAG) has issued an update regarding an ongoing campaign by North Korean threat actors targeting security researchers. 

This campaign, which first came to light in January 2021, involved using 0-day exploits to compromise the security of researchers engaged in vulnerability research and development.

Over the past two and a half years, TAG has diligently tracked and disrupted multiple campaigns orchestrated by these North Korean actors, unearthing 0-day vulnerabilities and safeguarding online users. 

Recently, TAG identified a new campaign bearing similarities to the previous one. Disturbingly, they have confirmed the active exploitation of at least one 0-day vulnerability in the past few weeks, prompting them to take immediate action.

TAG has reported this vulnerability to the affected vendor, and efforts are underway to patch it. 

While their analysis of this campaign is ongoing, TAG has chosen to provide early notification to the security research community. 

This is a stark reminder that security researchers can become targets of government-backed attackers, underscoring the importance of maintaining vigilance in security practices.

The tactics employed by these North Korean threat actors mirror those from the prior campaign. 

They contact potential targets through social media platforms such as X (formerly Twitter) and gradually build trust. 

Actor-controlled Twitter profile

Once a rapport is established, they transition to encrypted messaging apps like Signal, WhatsApp, or Wire. 

Subsequently, the threat actors send malicious files containing at least one 0-day exploit hidden within popular software packages.

Upon successful exploitation, the malicious code performs a series of anti-virtual machine checks and transmits the collected data, including screenshots, to a command and control domain controlled by the attackers. 

The shellcode used in these exploits exhibits similarities to previous North Korean exploits.

In addition to 0-day exploits, these threat actors have developed a standalone Windows tool to download debugging symbols from central symbol servers, including Microsoft, Google, Mozilla, and Citrix

However, this tool can also download and execute arbitrary code from attacker-controlled domains, posing a significant risk to those who have used it.

GitHub repository for GetSymbol

TAG strongly advises individuals who have downloaded or run this tool to take precautions, including ensuring their systems are clean, which may require complete OS reinstallation.

As part of its commitment to combating these severe threats, TAG utilizes its research findings to enhance the safety and security of Google’s products. 

They swiftly add identified websites and domains to Safe Browsing to protect users from further exploitation. 

Additionally, TAG notifies targeted Gmail and Workspace users of government-backed attacker alerts, encouraging potential targets to activate Enhanced Safe Browsing for Chrome and ensure their devices are up-to-date.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.


[ad_2]
Source link

Threads is now rolling out keyword search support

0
[ad_1]

Threads is rolling out a keyword search feature. It lets you find posts using text, including a single keyword, longer phrases, or hashtags. This has been one of the most requested tools by Threads users ever since the app’s launch in early July.

Meta launched Threads as an alternative to X (formerly Twitter). The company’s brand influence, coupled with Instagram integration, helped Threads to gain over 100 million users in just a few days. However, the lack of basic features such as search and reposting means most of them didn’t stick around. The app lost more than half of its users in no time.

In the meantime, Meta has been hard at work on improving Threads. It launched a web version of the platform and also added the reposting feature last month. That was followed by the addition of a search function last week. However, the initial version of the feature was pretty basic, only allowing you to look up profiles and follow them. It didn’t let you search posts using keywords or phrases.

Thankfully, Meta didn’t make Threads users wait long for the latter ability. CEO Mark Zuckerberg recently announced that keyword search is now rolling out to “most English and Spanish speaking countries,” with “more to come soon.” More specifically, the feature will be available in countries where users predominantly post in these two languages, Instagram head Adam Mosseri separately announced via his channel.

Keyword search is rolling out to Threads in several countries

According to Mosseri, Argentina, India, Mexico, and the US are among the countries where keyword search is currently rolling out to Threads. It’ll be available on the mobile apps as well as the web version. Note that Threads has been running a limited test of this feature in Australia and New Zealand since last week. This rollout should mean a wider availability in these two countries as well.

Screenshots shared by the Instagram head show that search results for a keyword will have a separate section for posts at the top, followed by account names matching that keyword. The expandable top section will bring up posts containing the keyword, seemingly in reverse chronological order. You can interact with the posts or share them directly from search results.

Threads still doesn’t let you filter or sort search results, though. However, Meta appears determined to add these functions quickly to entice users to return to the platform. A more robust search feature, with support for more languages and wider availability, may arrive soon.


[ad_2]
Source link

Dummy units show us all iPhone 15 & iPhone 15 Pro colors: video

0
[ad_1]

We’ve seen the iPhone 15 series colors a few times thus far, and it just happened again, and this could be the best look yet. This time around, folks over at AppleInsider managed to get their hands on some dummy units, to show us the iPhone 15 series colors.

The iPhone 15 & iPhone 15 Pro colors shown thanks to dummy units

There is a dedicated 7-minute video embedded below the article, that goes over all the colors, one-by-one. If you’re not really in the mood to watch it, we’ve included two images below this paragraph.

The first image shows you the iPhone 15 colors, and the other the iPhone 15 Pro colors. These colors are not necessarily 100% accurate, but chances are this is very close to what we’ll be getting, if not identical.

So, the iPhone 15 will be coming in black, light blue, light yellow, pink, and white colors. We’ll be getting 5 overall. Four iPhone 15 Pro series colors will be on offer, black, dark blue, gray, and white.

Apple will likely use different names, at least for some of these colors. The gray one will be called Titan Gray, for example. That’s something that leaked a while back.

All iPhone 15 handsets will become official on September 12

As a reminder, all four iPhone 15 models will become official on September 12. Apple already announced that press event. The phones are tipped to become available to pre-order on September 15, while open sales are expected to commence on September 22.

Do note that the iPhone 15 Pro Max is said to be postponed, however. You may have to wait up to a month in order to be able to purchase that model. Chances are you’ll be able to pre-order it, but it won’t ship until late October.

All models will include a Dynamic Island this time around, and also a Type-C port. The ‘Pro’ models will have a frame made out of titanium, and thinner bezels than their predecessors.


[ad_2]
Source link