Technology

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites. It’s tracking the threat cluster as

YouTube has started testing out an ‘Add to Queue’ feature on its Android and iOS apps. Currently, the feature has been made available for testing to YouTube Premium subscribers only. So far, the mobile app versions of YouTube, on both iOS and Android, have only been known to feature ‘Save To Watch Later’ and ‘Save

Dec 16, 2022Ravie LakshmananEncryption / Data Security The U.S. National Institute of Standards and Technology (NIST), an agency within the Department of Commerce, announced Thursday that it’s formally retiring the SHA-1 cryptographic algorithm. SHA-1, short for Secure Hash Algorithm 1, is a 27-year-old hash function used in cryptography and has since been deemed broken owing

Stuffcool PB9063W 5,000mAh magnetic wireless power bank has been launched in India, priced at Rs. 3,999. The new power bank is designed to primarily be used with Apple products with support for the company’s magnetic MagSafe and Apple Watch standards, including many iPhone, AirPods, and Watch models, thanks to a built-in Apple Watch charging module.

Dec 15, 2022Ravie LakshmananAdvanced Persistent Threat A Chinese-speaking advanced persistent threat (APT) actor codenamed MirrorFace has been attributed to a spear-phishing campaign targeting Japanese political establishments. The activity, dubbed Operation LiberalFace by ESET, specifically focused on members of an unnamed political party in the nation with the goal of delivering an implant called LODEINFO and

The Vivo S16 series will launch on December 22 in China, the Chinese manufacturer confirmed on Thursday. A day after reported specifications of the Vivo S16 and Vivo S16e surfaced online, Vivo has officially raised the curtains on all three smartphones in the Vivo S16 series, which will also include the Vivo S16 Pro. In

Dec 15, 2022Ravie LakshmananCyber Attack / DDoS-for-Hire The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service (DDoS) attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity. It also charged six suspects – Jeremiah Sam Evans Miller

Moto X40 is all set to launch in China today (December 15). The launch event will be streamed live via the Lenovo-owned brand’s official Weibo handle and its China website. Ahead of the launch, Motorola, via multiple teasers online, is revealing the smartphone’s complete design and specifications. Qualcomm’s latest Snapdragon 8 Gen 2 SoC is confirmed

Dec 14, 2022Ravie LakshmananWebsite Security / Linux A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of the targeted systems. “This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses

Realme GT Neo 5, an upcoming smartphone lineup in the company’s GT Neo series, is reportedly in the works. The purported renders of this smartphone were recently leaked online, providing a detailed look at the camera module of the rumoured phone. Realme GT Neo 5 is believed to be the successor to the Realme GT

Dec 14, 2022Ravie LakshmananPatch Management / Vulnerability Tech giant Microsoft released its last set of monthly security updates for 2022 with fixes for 49 vulnerabilities across its software products. Of the 49 bugs, six are rated Critical, 40 are rated Important, and three are rated Moderate in severity. The updates are in addition to 24

Oppo Find N2 series is set to break cover in China on Thursday. The lineup will include the Oppo Find N2 and Oppo Find N2 Flip foldable smartphones. The company has partially revealed the look of the cover display on the Oppo Find N2 Flip. Now, a live image of this handset has surfaced online

Dec 13, 2022Ravie LakshmananOpen Source / Vulnerability Database Google on Tuesday announced the open source availability of OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about various projects. The Go-based tool, powered by the Open Source Vulnerabilities (OSV) database, is designed to connect “a project’s list of dependencies with the vulnerabilities

Moto E13 been spotted on benchmarking site Geekbench suggesting that Lenovo-owned smartphone manufacturer Motorola is working on another E-series phone. The listing reveals key specifications regarding the operating system and processor on the handset. The purported smartphone from Motorola could be powered by an octa-core processor paired with 2GB of RAM, and could run on

Dec 13, 2022Ravie Lakshmanan An active malware campaign is targeting the Python Package Index (PyPI) and npm repositories for Python and JavaScript with typosquatted and fake modules that deploy a ransomware strain, marking the latest security issue to affect software supply chains. The typosquatted Python packages all impersonate the popular requests library: dequests, fequests, gequests,

OnePlus 11R could reportedly be equipped with an alert slider and an infrared blaster (IR) for remote controls. Newly leaked images of a OnePlus 11R’ prototype have given enthusiasts an insight on the upcoming smartphone’s camera island, display and more. The OnePlus 11 series will reportedly comprise two smartphones – the OnePlus 11 and OnePlus

Dec 12, 2022Ravie LakshmananEndpoint Detection / Data Security High-severity security vulnerabilities have been disclosed in different endpoint detection and response (EDR) and antivirus (AV) products that could be exploited to turn them into data wipers. “This wiper runs with the permissions of an unprivileged user yet has the ability to wipe almost any file on

OnePlus 11, which is said to the company’s upcoming flagship smartphone powered by the new Snapdragon 8 Gen 2 SoC, has reportedly been spotted on the Compulsory Certification of China (3C) website. The listing also reveals a key specification of the purported successor to the OnePlus 10 with regard to its charging capabilities. The handset

API attacks are on the rise. One of their major targets is eCommerce firms like yours. APIs are a vital part of how eCommerce businesses are accelerating their growth in the digital world. ECommerce platforms use APIs at all customer touchpoints, from displaying products to handling shipping. Owing to their increased use, APIs are attractive

Samsung Galaxy A54 5G has been spotted on Geekbench, hinting at the upcoming launch of the handset. The South Korean conglomerate is yet to announce plans to launch the purported Galaxy A-series phone. Meanwhile, some of the specifications of the Samsung Galaxy A54 handset have already been tipped via a new Geekbench listing. The Samsung