You might not want to buy an Exynos-powered Samsung Galaxy S24

0
[ad_1]

After shipping the Galaxy S23 series with a Snapdragon chip globally, Samsung is returning to its usual dual-chip strategy next year. The Galaxy S24 series will use the Exynos 2400 in some markets and Snapdragon 8 Gen 3 in others. Or maybe the Korean firm will use the Snapdragon processor on the Ultra model globally and equip the other two models with Exynos. However, if a new rumor is accurate, you might not want to buy an Exynos-powered Galaxy S24, no matter which model it is.

According to X (formerly Twitter) tipster @Tech_Reve, the Exynos 2400 is no match for the Snapdragon 8 Gen 3 in both CPU and GPU performance. Multi-core CPU performance is just about the same or slightly tilted towards the latter, but Exynos lags in single-core performance. This is despite Samsung abandoning its cost-cutting measures in place for the past several years and putting in everything it has. The fault is in the Korean firm’s manufacturing process and chip design, the tipster claims.

The Exynos 2400 is based on Samsung’s 4nm 4LPP+ process node. The Snapdragon 8 Gen 3, on the other hand, is manufactured by TSMC using its 4nm N4P process. Both solutions reportedly have similar power consumption, but the former is “slightly inferior” in overall CPU performance. The new Exynos chip’s GPU power consumption, meanwhile, is higher than the Snapdragon counterpart. Its stability is also said to be at 90%, slightly lower than Snapdragon’s 95%.

Samsung took a year gap and still couldn’t fix its Exynos problems

Long story short, Samsung hasn’t yet completely eradicated its Exynos woes. Its in-house processors have long had power, performance, and thermal issues. They always underperformed competing Snapdragon solutions. Despite this, the company continued its dual-chip strategy for years. However, with growing public backlash, it eventually gave up this year and went all-in with Snapdragon for the Galaxy S23 series. Samsung then went back to the drawing board to fix the Exynos problems.

A year later, it has come up with a new Exynos chip that’s still inferior to the latest Snapdragon. Well, neither chip is official yet, so we don’t know the full picture. But leaks at this time should be mostly accurate. The source of this information has a decent track record of Samsung leaks too. While it’s still advisable to wait for the official data about the Exynos 2400 and the Snapdragon 8 Gen 3, things aren’t looking that promising for Samsung at this point. We will let you know when we have more information about these chips.


[ad_2]
Source link

Qakbot botnet infrastructure suffers major takedown

0
[ad_1]

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies.

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. Operation DuckHunt, as it was codenamed, is possibly the largest US-led financial and technical disruption of a botnet infrastructure.

Not only did the agencies shut down the core of the Qakbot infrastructure, they also cleaned the malware from infected devices. US authorities also seized around 8.6 million dollars-worth of illicit cryptocurrency profits.

Qakbot has been active for over a decade and allowed the botnet operators to steal login credentials from affected devices as well as install additional malware on them. Often that malware included a ransomware variant, with Black Basta the most recent ransomware of choice.

Thanks to that, Black Basta repeatedly made it to the top three most prolific ransomware variants in our monthly ransomware reviews.

The international investigation involved judicial and law enforcement authorities from the US, France, Germany, Latvia, the Netherlands, Romania, and the UK. The examination of the seized infrastructure uncovered that the malware had infected over 700,000 computers worldwide. Law enforcement detected servers infected with Qakbot in almost 30 countries in Europe, South and North America, Asia and Africa, enabling the malware’s activity on a global scale. Of the 700,000 infected devices, around 200,000 were located in the US.

On impounded servers that belonged to the botnet’s infrastructure the authorities found 6.43 million email addresses and passwords that have now been shared with HaveIBeenPwnd (HIBP). HIBP allows you to search across multiple data breaches to see if your email address or phone number has been compromised. But HIBP has also assisted governments, such as the UK, Australia, and Romania (to name a few), in monitoring for breaches in government domains. 57% of the Qakbot related email addresses were already in the database. The Qakbot data has been labeled sensitive, which means you’ll have to verify the email address is under your control to receive the information.

The information was also shared with Spamhaus which will contact email providers and other hosts of affected email addresses to initiate a password reset to further protect the owners of those addresses.

Qakbot is mostly spread through phishing campaigns that include malicious documents as attachments or links to download malicious files. Once Qakbot is installed, the malicious code is injected in the memory location of a legitimate Windows process to avoid detection. At first, it searches the infected machine for email addresses and other useful information. Then it persists in the memory of the device to await further instructions, for example to download additional malware.

So, one characteristic of a botnet is that the bots can be controlled by the operators. Based on that principle, the FBI came up with a method to uninstall the malware from all the connected bots.

Once the FBI got hold of the administrators’ computers, they were able to map out the botnet’s Command & Control (C2) structure and use this information to roll out a special removal tool. The FBI managed to lock out the Qakbot administrators of their own command and control infrastructure by changing the encryption keys used to communicate with the servers.

“To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic to and through servers controlled by the FBI, which in turn instructed infected computers in the United States and elsewhere to download a file created by law enforcement that would uninstall the Qakbot malware.”

Additional information and resources, including for victims, can be found on the following website, which will be updated as additional information and resources become available: www.justice.gov/usao-cdca/divisions/national-security-division/qakbot-resources.

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs.
  • Prevent intrusions. Stop threats early before they can even infiltrate or infect your endpoints. Use endpoint security software that can prevent exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

Malwarebytes EDR and MDR remove all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Leaked photos of the Samsung Galaxy A05 surface ahead of launch

0
[ad_1]

Fans are not at the edge of their seat after images of the soon-to-launch Galaxy A05 device hit the internet. This device will make an entry as another very affordable Samsung smartphone for those not looking to break the bank. Despite this device being a low-budget entry, it still comes with a clean design that adds to its styling.

The leaks of this device show off its design from the front and the rear end. Looking at the design, you might not notice any change from the current entry that is available for purchase. However, at a closer look, this coming smartphone’s glossy back finish sets it apart from the already existing Galaxy A04.

Aside from the glossy rear finish, this device might not launch with any other design changes. This is no news as over the past two years, Samsung has been trying to embrace a particular design language. The coming A05 entry stays true to the brand’s new design language, as can be seen on the already existing devices.

Details on the design of the coming Galaxy A05 device that will soon launch

The leaks of this device show in-depth details on its design on the front and rear sides. While things stay similar to the Galaxy A04, it is still important to have a look at this coming device. At the moment, the only information on the coming A05 is its design, and this article will look into that.

On the front of this device, prospective buyers will get a water drop (Infinity-U) screen display housing a selfie camera. The bezels are quite thick at its chin, and this is okay for a device of this price. As for the display type, fans can expect an IPS panel that is standard for this device’s price point.

Turning to the rear, the leaks show off a design change here that has to do with the finish. On the Galaxy A04, Samsung made use of a dull finish for all color options. But with the coming Galaxy A05 device, the company is making things glossy.

Just like with the current A04, the coming A05 will launch with dual rear cameras. Beside these cameras would be a flashlight, prospective buyers should not expect jaw-dropping picture quality from this device. Considering the device’s price point, there is not much in terms of performance that users should look out for.

According to sources, the coming Galaxy A05 device will launch with a MediaTek Helio G85 processor. This is an upgrade from the already existing Galaxy A04 that uses a MediaTek Helio P35 processor. More details on this coming device will be available towards its launch, which is still a mystery.


[ad_2]
Source link

Samsung Food app will give you AI recipe recommendations

0
[ad_1]

After acquiring the cooking app Whisk in 2019, Samsung has launched its own AI-powered meal-prepping and recipe recommendation app called Samsung Food. Available in 104 countries, the app boasts an impressive collection of 160,000 recipes curated in eight languages, including English, Spanish, Korean, German, French, and Italian. This diverse array of recipes not only allows users to explore various delicacies and curate their favorites but also to create weekly meal plans.

Additionally, when users save a recipe, the Samsung Food app uses its AI capabilities to standardize formats and generate smart shopping lists based on the required ingredients. Moreover, the app also offers the flexibility to customize recipes, transforming them into vegan or vegetarian alternatives, adjusting nutritional elements by substituting ingredients, and even making fusion dishes that blend diverse culinary traditions.

“By connecting digital appliances and mobile devices across the Samsung ecosystem and assisting users from shopping list to dinner plate, Samsung Food is using advanced AI capabilities to deliver a highly personalized, all-in-one food experience that users can control straight from their palms,” said Samsung executive Chanwoo Park.

Incorporating with other Samsung appliances

While the prospect of an AI meal-prepping app is an exciting idea, what sets the Samsung Food app apart is its ability to synchronize with compatible smart appliances. This transforms the app into a virtual culinary assistant, ensuring recipes align flawlessly with specific appliance settings. Additionally, users can configure timers, preheat ovens, and adjust cooking parameters on their Samsung appliances, all managed through the SmartThings home system. Moreover, the app also connects with the Samsung Health app, offering a comprehensive approach to well-being by syncing parameters like BMI and calorie intake.

Furthermore, when talking about 2024, Samsung is working on a technology called “Vision AI,” which will enable the app to recognize food items using smartphone cameras and provide instant nutritional insights.

“By analyzing food items, the app can recommend the best recipes to use them with, save these recipes to the user’s collection and add the required ingredients to a shopping list, all in a few taps,” reads Samsung’s blog post.


[ad_2]
Source link

Prompt injection could be the SQL injection of the future, warns NCSC

0
[ad_1]

The NCSC has warned about integrating LLMs into your own services or platforms. Prompt injection and data poisoning are just some of the risks.

The UK’s National Cyber Security Centre (NCSC) has issued a warning about the risks of integrating large language models (LLMs) like OpenAI’s ChatGPT into other services. One of the major risks is the possibility of prompt injection attacks.

The NCSC points out several dangers associated with integrating a technology that is very much in early stages of development into other services and platforms. Not only could we be investing in a LLM that no longer exists in a few years (anyone remember Betamax?), we could also get more than we bargained for and need to change anyway.

Even if the technology behind LLMs is sound, our understanding of the technology and what it is capable of is still in beta, says the NCSC. We barely have started to understand Machine Learning (ML) and Artificial Intelligence (AI) and we are already working with LLMs. Although fundamentally still ML, LLMs have been trained on increasingly vast amounts of data and are showing signs of more general AI capabilities.

We have already seen that LLMs are susceptible to jailbreaking and can fall for “leading the witness” types of questions. But what if a cybercriminal was able to change the input a user of a LLM based service?

Which brings us to prompt injection attacks. Prompt Injection is a vulnerability that is affecting some AI/ML models and, in particular, certain types of language models using prompt-based learning. The first prompt injection vulnerability was reported to OpenAI by Jon Cefalu on May 3, 2022.

Prompt Injection attacks are a result of prompt-based learning, a language model training method. Prompt-based learning is based on training a model for a task where customization for the specific task is performed via the prompt, by providing the examples of the new task we want to achieve.

Prompt Injection is not very different from other injection attacks we are already familiar with, e.g. SQL attacks. The problem is that an LLM inherently cannot distinguish between an instruction and the data provided to help complete the instruction.

An example provided by the NCSC is:

 “Consider a bank that deploys an ‘LLM assistant’ for account holders to ask questions, or give instructions about their finances. An attacker might be able send you a transaction request, with the transaction reference hiding a prompt injection attack on the LLM. When the LLM analyses transactions, the attack could reprogram it into sending your money to the attacker’s account. Early developers of LLM-integrated products have already observed attempted prompt injection attacks.”

The comparison to SQL injection attacks is enough to make us nervous. The first documented SQL injection exploit was in 1998 by cybersecurity researcher Jeff Forristal and, 25 years later, we still see them today. This does not bode well for the future of keeping prompt injection attacks at bay.

Another potential danger the NCSC warned about is data poisoning. Recent research has shown that even with limited access to the training data, data poisoning attacks are feasible against “extremely large models”. Data poisoning occurs when an attacker manipulates the training data or fine-tuning procedures of an LLM to introduce vulnerabilities, backdoors, or biases that could compromise the model’s security, effectiveness, or ethical behavior.

Prompt injection and data poisoning attacks can be extremely difficult to detect and mitigate, so it’s important to design systems with security in mind. When you’re implementing the use of an LLM in your service, one thing you can do is apply a rules-based system on top of the ML model to prevent it from taking damaging actions, even when prompted to do so.

Equally important advice is to keep up with published vulnerabilities and make sure that you can update or patch the implemented functionality as soon as possible without disrupting your own service.


Malwarebytes EDR and MDR remove all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Annual sales of Samsung foldables have surpassed the Note series

0
[ad_1]

Samsung foldables have exceeded annual sales of its discontinued Note series in Europe, the company announced at the IFA 2023 event in Berlin, Germany today. The Korean firm didn’t reveal the sales figures but said that foldable smartphones are no longer niche products. They are now mainstream and rapidly growing in popularity.

“Our latest foldable phones are selling super-fast,” said Benjamin Braun, Chief Marketing Officer of Samsung Europe. “In fact, the annual sales of our foldable devices have exceeded the Note series in Europe,” he added. Braun’s comments come just a few weeks after Samsung released its latest folding phones, the Galaxy Z Fold 5 and Galaxy Z Flip 5. As expected, the Flip model has outsold the Fold by a 7:3 ratio in the region so far.

The new models bring a handful of upgrades over previous-gen offerings. Most notably, Samsung has redesigned the hinge to allow for gapless folding. The Flip model also features a much bigger cover display, letting you get a lot of things done without unfolding the device. Immediately after their launch in late July, Samsung’s mobile chief TM Roh said that the company is expecting the foldable category to outsell the Note series this year.

While that doesn’t seem to have happened on a global scale yet, Galaxy foldables are making inroads into the mainstream smartphone market. If pre-orders are anything to go by, then the Galaxy Z Fold 5 and Galaxy Z Flip 5 should sell in much higher numbers than the 2022 models. Samsung estimates sales to grow 50 percent this year, reaching 15 million units globally. Early signs are promising, but it still has a long way to go.

The competition is heating up in the foldable market

If Samsung hits its annual sales target for the latest foldables, it will end up capturing almost 75 percent of the global market. That’s based on industry estimates that the foldable market may grow to 20 million units this year. The Korean firm does have a strong foothold in the market. After all, it’s been selling foldables since 2019. Samsung is the only brand that has been selling foldable phones worldwide for the past few years.

However, it now faces stiff competition from other brands. The foldable market welcomed new players like Google, Tecno, and a few others this year. Along with some existing brands like Huawei, Xiaomi, Oppo, and Motorola, they are all trying to eat into Samsung’s share as they look to carve out a market for themselves. It remains to be seen how long the Korean behemoth can hold onto a lion’s share in the foldable market.


[ad_2]
Source link

The new X job search feature might threaten LinkedIn’s business

0
[ad_1]

In a bid to build the “everything platform,” the coming X job search feature aims to get a good chunk of LinkedIn’s business. The coming of this feature to the platform is becoming ever clearer, as a new post from Elon Musk points out. From the post, it is not only clear that he is planning to bring a job listing feature to the social media platform, but he also wants a bite of LinkedIn’s cake.

In the post, Elon points out how cringe he feels making use of job applicants’ LinkedIn links. Instead of making use of these links sent to him by others, he says that he prefers them to share their resume or bio via email. The billionaire now has his attention on bringing job applicants over to X instead, hence standing as a competition to LinkedIn.

However, the plan of Elon Musk to bring a new X job feature is not a new one, as the platform has already been working on it. A few months ago, news about this coming feature hit the Internet, proving that X is evolving into an everything platform. Here are the details on this future feature that will be making its way to Elon Musk’s social media platform.

Laski will help bring the X job search feature to users of the platform in the coming months

A few months ago, X purchased a firm known as Laskie to help them build job features into their platform. Laskie on its own ran a job listing firm before X purchased them, and this gave them the idea to work on this feature. Already, this feature has been tested by a few organizations using the social media app, but it is not yet available for public usage.

According to an organization that had access to this feature, it is part of the $1,000 monthly verification X premium package. In the coming weeks, this feature might resurface, allowing X users to access it via their accounts. With this, they would be able to list their personal work information and history for prospective employers to see once they apply for a job via the X platform.

In an official statement, X confirms that they might need the personal information of those who intend to use this feature. With this information, the platform would be able to recommend jobs to users once available. These jobs would be tailored to the qualifications of the users, as seen in the personal information that X might require.

Now, this might sound a lot like LinkedIn to you, and that’s what it aims to sound like. With this feature, some Twitter users might drop using LinkedIn entirely while searching for jobs and employment opportunities. Another vital point to note is that this coming X job search feature will also need user biometric data.

Once available, this feature sits behind the Blue subscription plan, hence not being accessible to all. More details on this job search feature will become available in the coming weeks. Would you make use of this feature while searching for jobs online?


[ad_2]
Source link

Cigna Health Data Leak: 17 Billion Records Exposed

0
[ad_1]

Key Findings

  • A non-password-protected database containing over 17 billion records was exposed.
  • The leaked records included healthcare provider information, such as names, addresses, and contact numbers.
  • The leaked records also included negotiated rates for medical procedures.
  • The data leak was caused by a security lapse at Cigna Health.
  • Cigna Health has taken steps to secure the database and is investigating the incident.

Cybersecurity researcher Jeremiah Fowler has unearthed a concerning incident involving a non-password-protected database containing over a staggering 17 billion records. The extensive records were traced back to Cigna Health, a major player in the health insurance industry. The company’s effort to bolster transparency inadvertently led to this massive data leak, as disclosed by Fowler.

The leaked records, amounting to a colossal 6.35 terabytes, primarily consisted of healthcare provider information. Details included the names of hospitals and doctors, location addresses, contact numbers, and various identification numbers such as the National Provider Identifier (NPI). Importantly, these records also disclosed negotiated rates for medical procedures. However, it is essential to clarify that the exposed data did not encompass customer or patient information.

Cigna Health Data Leak: 17 Billion Records Exposed
Screenshot from the leaked records (Jeremiah Fowler)

Fowler’s discovery prompted a swift response from Cigna, acknowledging the security lapse and taking immediate measures to secure the vulnerable database from public access. Cigna defended its stance by citing its Transparency in Coverage program, which adheres to federal regulations in place since 2022.

Notably, the information contained within the database was intended for public access due to regulatory requirements. However, the lack of proper security measures posed potential risks to Cigna’s broader internal storage network.

The exposed database, which offered an unprecedented behind-the-scenes look into Cigna Health, detailed the company’s operations spanning all 50 states in the United States. Cigna Health offers an array of health insurance plans, catering to individuals, families, employers, and various government programs. 

The database’s structure was logically organized and easily searchable, revealing provider records alongside Current Procedural Terminology (CPT) codes. Under the Affordable Care Act, health insurers are mandated to disclose negotiated rates publicly, emphasizing transparency. Despite the potential benefits of this disclosure, the size and complexity of these data files could prove challenging for non-technical individuals to navigate effectively.

Security concerns regarding the leaked data revolve around the potential misuse of National Provider Identifier (NPI) numbers, which serve as unique identifications for healthcare providers. While the leaked data did not indicate any misconduct by Cigna, NPIs have been exploited in the past for fraudulent activities such as Medicare and Medicaid scams and non-password-protected databases could expose companies to ransomware attacks.

  1. Cybersecurity firm exposes 5 billion data breach records
  2. DreamHost hosting firm exposed almost a billion sensitive records
  3. 9,517 unsecured databases identified with 10 billion records globally
  4. Online trading broker FBS exposes 20TB of data with 16 billion records
  5. Brazilian marketplace integrator Hariexpress exposed 1.75 billion records

[ad_2]
Source link

Verizon makes it easier to block spam email texts

0
[ad_1]

Verizon is making it easier to block email-to-text messages. You can now get rid of those pesky texts coming from unknown or spammy email addresses by simply sending a message. You have to send the text “Off” to 4040 and you will no longer receive text messages from emails.

According to Verizon, more than 80 percent of email-to-text messages received by its customers are spam. This is worrying data, and the carrier wants to safeguard consumers from potential harm. It already allows users to turn email-to-text off by logging into their My Verizon account.

However, not everyone seems to be using this feature. Verizon is now giving them an alternate and easier way to block email-to-text messages directly from their phone. If you are receiving those annoying texts, you might want to send a message to 4040 and block all such spammy texts.

It’s worth noting that turning email-to-text off will block all text messages coming from email addresses. This means you won’t receive legitimate messages from emails either. If you frequently receive such messages, you might be better off keeping email-to-text enabled for your Verizon number.

Thankfully, it’s equally easier to enable it. Simply send the text “On” to 4040 and you will once again start receiving email-to-text messages. If you’re not sure whether you have the feature enabled or disabled, you can check the status by sending the text “Status” to 4040.

Depending on your status, you will receive one of the following messages: “Email-to-Text is blocked for your phone number. Text “on”  to 4040 to allow.” or “Email-to-Text has been allowed for your phone number. Text “off” to 4040 to block.” You can act accordingly. You can also send “Help” to 4040 to receive instructions on how to enable/disable email-to-text.

Verizon gives users more weapons to fight spam email texts

US wireless carriers including Verizon offer various tools to help their customers fight spammers. This is on top of the protective measures implemented by carriers themselves. Verizon’s call filter feature already alerts you about potential spam calls so you can avoid picking them up. It has now made blocking email-to-text messages easier

“Our pursuit to eliminate the annoyance of unwanted calls and texts improves customer experiences and satisfaction. Our efforts have empowered customers with the knowledge and the tools that have boosted their confidence in knowing which calls and texts are worth their time,” Verizon said in a press release. You can always report spam texts by forwarding them to 7726.


[ad_2]
Source link

Google Chat gets new redesign and Duet AI assistant

0
[ad_1]

Google’s messaging platform has undergone numerous changes and iterations over time. Now, in a recent development, the company has announced a slew of new features for Google Chat that draw parallels with Slack and Microsoft Teams, along with a new Duet AI collaboration tool.

Announced through the company’s Workspace blog, Google Chat will now feature a new Duet AI, which allows users to search for information, ask questions related to their Drive files and emails, and even receive concise summaries of documents and conversations. Additionally, Duet AI can also generate responses for conversations, reducing the need for manual interactions with colleagues.

Moreover, the app is receiving a substantial redesign that incorporates a new home view, offering quick access to recent conversations, along with a dedicated section for starred conversations and mentions. While the initial layout follows a reverse chronological organization, Google intends to implement context-aware ordering mechanisms. Furthermore, the company is also raising the member limit of Spaces to 500,000, a significant increase from the previous cap of 50,000 and introducing a “huddles” feature that simplifies the process of initiating video or audio chats.

“You essentially have a co-worker who has infinite memory and amazing recall at your fingertips,” said Vamsee Jasti, Google’s product lead for Chat.

Messages from all places on Google Chat

google chat redesign

In an effort to cater to enterprise users, Google is partnering with Mio to establish messaging interoperability not only within Google Chat but also across major platforms like Slack and Microsoft Teams. The aim is to streamline communication and prevent message loss when switching between multiple messaging tools. However, it is important to note this feature is currently in the beta phase, and the company plans to release it publicly in 2024.

“We know that communication and collaboration happens over multiple channels and tools. That’s why we’re partnering with Mio, a leading provider of collaborative interoperability solutions helping customers enhance their productivity by streamlining communication across multiple channels,” reads Google’s blog post.


[ad_2]
Source link