Technology

Aug 01, 2024Ravie LakshmananVulnerability / Threat Intelligence Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack

Telegram introduced a slew of new features that aimed at enhancing the overall user experience on Thursday. One of the key additions rolled out on the instant messaging platform is a new in-app browser with support for multiple tabs. The messaging service has also announced that its 950 million monthly active users can now take

In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets. “Upon installation, this code

iQoo Z9s series was confirmed on Thursday to launch in India on August 21. The company has been teasing the smartphone in the last couple of weeks. Last week, Gadgets 360 exclusively confirmed the names of the smartphones — the iQoo Z9s and iQoo Z9s Pro. Recently, the phone models were also spotted on GeekBench.

Jul 31, 2024Ravie LakshmananMalware / Software Development The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea,

ChatGPT with the advanced Voice Mode is now rolling out to some paid users, the company announced on Tuesday. OpenAI first announced the feature in its Spring event in May. Powered by the latest GPT-4o artificial intelligence (AI) model, OpenAI’s advanced Voice Mode offers features such as real-time responses, natural voice, and the capability to

Jul 31, 2024Ravie LakshmananWeb Security / Compliance Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the

Meta Quest 3 is getting a new app that will allow users to measure real-world objects. The utility app is called Layout, and it was released by the company on Monday as a part of the Meta Quest v68 update for the mixed-reality headset. The new app allows users to measure real objects and place virtual

As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration. However, like any new technology, RMM tools can also be used maliciously. Threat actors can establish connections to a victim’s device and run commands, exfiltrate data,

Apple relied on chips designed by Google rather than industry leader Nvidia to build two key components of its Artificial Intelligence (AI) software infrastructure for its forthcoming suite of AI tools and features, an Apple research paper published on Monday, July 29 showed. Apple’s decision to rely on Google’s cloud infrastructure is notable because Nvidia

Jul 30, 2024Ravie LakshmananMobile Security / Spyware A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. The applications attracted a total of more than 32,000 installations before being pulled from the app

OnePlus announced a lifetime display warranty for users who suffered from the green line issues with its smartphone displays last year. Now, the Chinese tech brand appears to be offering a free screen upgrade programme for certain handset models in India to remedy the green line screen defect that has plagued AMOLED panels in recent

Jul 29, 2024Ravie LakshmananEnterprise Security / Data Protection Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The

Bharti Airtel is re-farming the mid-band spectrum of its existing bands, the company announced on Monday. It aims to accommodate the growing need for traffic demand for its 5G network with this move. Consequently, four bands across its mid-band spectrum will be repurposed to support newer technologies catering to the 5G services offered by Airtel.

An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint’s defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others. “These emails echoed from official Proofpoint email relays with authenticated SPF and

Rollme has launched its Rollme R3 smart ring globally. The smart ring brings health and fitness-centric features such as a PPG sensor for heart rate and blood-oxygen monitoring, and tracking. It also builds upon the features of its predecessor, the Rollme R2 which debuted in March this year. The launch of Rollme R3 comes at a

Jul 26, 2024Newsroom Cybersecurity researchers are sounding the alarm over an ongoing campaign that’s leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security firm Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least

Apple Inc. is the latest company to agree to a set of voluntary safeguards for artificial intelligence crafted by President Joe Biden’s administration as it tries to guide the development of the emerging technology and encourage firms to protect consumers. The administration announced Friday that the technology giant is joining the ranks of OpenAI Inc.,

The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. “Rim Jong Hyok and his co-conspirators deployed ransomware

Lenovo Xiaoxin Pad Pro 12.7 was launched in China on Saturday. The tablet is equipped with a 12.7-inch display with a 144Hz refresh rate. It is powered by a MediaTek Dimensity 8300 chipset and is available with up to 12GB of RAM and up to 256GB of inbuilt storage. The tablet runs on Android 14