The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed
Technology
Samsung Galaxy S23 Ultra — the purported successor to the Galaxy S22 Ultra — could be equipped with a 200-megapixel camera, according to a report. Samsung unveiled the Galaxy S22 series earlier this year and is expected to introduce the Galaxy S23 lineup sometime next year. Meanwhile, a tipster claims that the Galaxy S23 Ultra
With more data stored in the cloud than ever before, now is a good time to get into cybersecurity. Many top corporations are looking for new talent, and even junior professionals can earn $80,000 or more. The only barrier to entry is education. How do you learn about security protocols and white hat hacking? Enter
Google Pixel 7 and Pixel 7 Pro early hands-on video has been shared by a YouTuber online. Both the models of the upcoming Google smartphones were allegedly early developer versions, and the phones were only seen with the bootloader screen. In the video, the YouTuber also shared some hardware specifications and design features of the
Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. “In this campaign, the threat actors impersonate government officials from the Attorney General’s Office of Mexico City and from the Public Ministry in the form of spear-phishing emails in order to
Motorola Moto Edge 30 Pro will receive the Android 13 update, as per the company website. The website lists 10 smartphones that will get the latest Android OS version. Out of the 10 handsets, four are from the Moto Edge series and six are from the Moto G series. The website doesn’t mention a release
A financially motivated cybercrime group has been linked to an ongoing wave of attacks aimed at hospitality, hotel, and travel organizations in Latin America with the goal of installing malware on compromised systems. Enterprise security firm Proofpoint, which is tracking the group under the name TA558 dating all the way back to April 2018, called
WhatsApp has reportedly released the ability to view status updates within the chat list to some beta testers. The new feature is said have been rolled out with the WhatsApp beta for Android version 2.22.18.17, according to the report. The feature was reportedly under development earlier. The new feature is said to allow users to
The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers. The improvements also include a new infection chain that incorporates previously undocumented components to the modular framework, Morphisec researchers Hido Cohen and Arnold Osipov
Samsung Galaxy S8 and Galaxy S8+, launched in early 2017 to much acclaim, received their final update in May 2021. The company has now issued another update for both smartphones. According to a report, the change log for firmware G95*FXXUCDVG4 says “GPS stability has been improved” and that’s about it. That doesn’t sound like enough to
Retail giant Amazon patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user’s device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads and enables users to monitor video feeds from smart home
Redmi A1+ has been reportedly spotted on the IMEI database. The handset is said to come with the model number 220733SFG and the moniker of the new variant of the Redmi A1 has reportedly been confirmed to be Redmi A1+. The Redmi A1 had recently surfaced on multiple certification and benchmarking sites. The handset was spotted on the
A .NET-based evasive crypter named DarkTortilla has been used by threat actors to distribute a broad array of commodity malware as well as targeted payloads like Cobalt Strike and Metasploit, likely since 2015. “It can also deliver ‘add-on packages’ such as additional malicious payloads, benign decoy documents, and executables,” cybersecurity firm Secureworks said in a
Lenovo launched the Lenovo Legion Y70 smartphone in China alongside the Lenovo Xiaoxin Pad Pro 2022 tablet on Thursday. The Legion Y70 is powered by a Snapdragon 8+ Gen 1 SoC and runs on Android 12 with ZUI 14 skin on top. This smartphone sports a 6.67-inch OLED display with a 144Hz refresh rate. Meanwhile,
The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. “Bumblebee operators conduct intensive reconnaissance activities and redirect the output of executed commands to files for exfiltration,” Cybereason researchers Meroujan Antonyan and Alon Laufer said in
iQoo Neo 7 is reportedly inching towards its launch in China as key specifications of the handset have surfaced online. The purported iQoo Neo 7 series smartphone is said to be powered by the MediaTek Dimensity 9000+ SoC. The iQoo Neo 7 could sport a 120Hz refresh rate display and is expected to feature a
In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that’s currently in development. “This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking
Xiaomi announced on Monday that is rolling out a MIUI beta update for Android 13. This beta version is available for the company’s Xiaomi 12 and Xiaomi 12 Pro handsets. However, the Chinese tech giant has announced that only 200 users will be given access to the Android 13-based MIUI beta during the first wave
A Chinese state-sponsored threat activity group named RedAlpha has been attributed to a multi-year mass credential theft campaign aimed at global humanitarian, think tank, and government organizations. “In this activity, RedAlpha very likely sought to gain access to email accounts and other online communications of targeted individuals and organizations,” Recorded Future disclosed in a new
Xiaomi 12T Pro has allegedly been spotted on Thailand’s National Broadcasting and Telecommunications Commission (NBTC) website suggesting that the smartphone is on its way to multiple markets in Asia. The smartphone has already been spotted on the US Federal Communications Commission (FCC) website and it was reported that internal testing of the phone has already