The Samsung Galaxy Z Fold 4 is reportedly receiving the December 2022 Android security patch in the US. The latest update, which reportedly fixes over 90 vulnerabilities, is said to be available to the users on the AT&T network. As per the report, other US carriers are expected to receive the patch in the coming
Technology
Dec 08, 2022Ravie LakshmananData Protection / Computer Security An unconventional data exfiltration method leverages a previously undocumented covert channel to leak sensitive information from air-gapped systems. “The information emanates from the air-gapped computer over the air to a distance of 2 m and more and can be picked up by a nearby insider or spy
Xiaomi is all set to reveal its new entrant in the Redmi K series of smartphones. The Chinese manufacturer will reportedly release the Redmi K60 series, follow-up to the popular Redmi K50 lineup, in January, 2023. Xiaomi is believed to have adjusted the release window for the Redmi K60 in light of the delay for
Dec 08, 2022Ravie LakshmananMobile Security / Android Malware Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims. The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared
Jio Phone 5G was recently spotted on Geekbench, hinting at the key specifications of the handset ahead of its debut in India. Though the exact launch date is yet to be revealed by the country’s largest telecom operator, the rumoured specifications and features of the new handsets have already surfaced online. The Jio Phone 5G
Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Safety and security are necessary for the optimal operation of these critical infrastructures. Critical infrastructure is made up of digital and non-digital assets. Organizations must stay
Oppo has confirmed the arrival of the new Find N2 series smartphones in its home country. Oppo Find N2 and Find N2 Flip are expected to break cover on December 15. The company is also all set to host its Inno Day event on December 14, it confirmed on Thursday. This will be the company’s fourth
Dec 07, 2022Ravie LakshmananCyber Crime / Ransomware The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments, manufacturing, retail, and legal services, according to an analysis of leak site data
Redmi Note 12 5G series launch in India has been teased by Xiaomi, confirming the upcoming launch of the smartphone in the country. The Chinese manufacturer has begun asking interested users to sign up for further alerts about the device. The Note 12 Series, comprising the Redmi Note 12, the Note 12 Pro and the
Dec 07, 2022Ravie LakshmananInternet of Things / Botnet A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen security vulnerabilities in the internet of things (IoT) devices and other software. The botnet “contains several modules, including self-replication, attacks for different protocols, and self-propagation,” Fortinet FortiGuard
As Realme 10 Pro series nears its launch date in India, a detailed look at the specifications and design of the global variant of the smartphone has emerged. The Realme 10 Pro 5G and the Realme 10 Pro+ 5G global variants will reportedly house the Snapdragon 695 5G and the MediaTek Dimensity 920 5G, respectively.
Dec 06, 2022Ravie LakshmananAdvanced Persistent Threat A malicious campaign targeting the Middle East is likely linked to BackdoorDiplomacy, an advanced persistent threat (APT) group with ties to China. The espionage activity, directed against a telecom company in the region, is said to have commenced on August 19, 2021 through the successful exploitation of ProxyShell flaws
New leaks suggest that Red Magic 8 series of smartphones from Nubia could be on their way in China. The leaks, which appeared on Chinese social media website Weibo, provide a detailed list of specifications for the upcoming Red Magic 8 and Red Magic 8 Pro handsets from the Shenzen-based manufacturer. The Red Magic 8
Dec 05, 2022Ravie LakshmananEndpoint Security / Data Protection A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor’s offices and courts. “Although it disguises itself as a ransomware and extorts money from the victim for ‘decrypting’ data, [it] does not actually encrypt, but purposefully destroys data in the affected
Google is reportedly working on faster full over-the-air (OTA) updates for its Pixel phones. The tech giant is said to be planning to reduce the installation time for OTA updates. Updates are installed in the background on Pixel phones, allowing users to continue to use their devices without waiting for the process to complete. However,
Dec 05, 2022Ravie LakshmananServer Security / Cloud Technology Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software that could lead to remote code execution on vulnerable servers. “The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants,
Once a popular Indian smartphone brand, Lava faded into the background over the past couple of years as industry heavyweights such as Samsung and cash-loaded Chinese brands such as Realme and Redmi pretty took over the mainstream smartphone landscape. However, Lava marked its resurgence in 2021 with the Lava Z series. Last year, the company also launched its first 5G
A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of the infected systems and likely building a botnet network. The attacks involve taking advantage of a critical security vulnerability in the open source, in-memory, key-value store that was disclosed earlier this year to deploy Redigo, according to cloud security
Tecno Pova 4 India launch date has been set for December 7. The Chinese smartphone vendor has announced the launch of its new Pova series phone through its social media channels. The gaming-focused Tecno Pova 4 is confirmed to be powered by a 6nm MediaTek Helio G99 SoC coupled with 8GB of RAM and 128GB
IBM has fixed a high-severity security vulnerability affecting its Cloud Databases (ICD) for PostgreSQL product that could be potentially exploited to tamper with internal repositories and run unauthorized code. The privilege escalation flaw (CVSS score: 8.8), dubbed “Hell’s Keychain” by cloud security firm Wiz, has been described as a “first-of-its-kind supply-chain attack vector impacting a