Technology

iQOO 13 — the upcoming flagship smartphone from the Vivo subsidiary — could be launched in India by the end of the year, according to details shared by a tipster. It is expected to be unveiled in China next month, as one of the first handsets to be equipped with Qualcomm’s next-generation chipset. The iQOO

Oct 13, 2024Ravie Lakshmanan The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. “The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for

Star Health, India’s biggest health insurer, on Saturday said it had received a ransom demand of $68,000 from a cyberhacker in connection with a leak of customer data and medical records. Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on Sept. 20 that a

Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module is being used to enumerate other non-internet-facing devices

10th-anniversary product! Yes, the Apple Watch series has existed for a decade, and the Apple Watch Series 10 smartwatch is a special product. At least, this is what the rumour mills claimed before the company’s September launch event. Well, it’s finally here, and I have been living with the Apple Watch Series 10 for almost

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. “In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC,

The U.S. National Labor Relations board accused Apple of interfering with workers’ rights to collectively advocate for better working conditions by restricting their use of social media and workplace messaging app Slack, the agency said on Friday. The NLRB complaint, issued on Thursday, accuses the iPhone maker of maintaining unlawful work rules around the acceptable

Oct 12, 2024Ravie LakshmananCryptocurrency / Cybercrime The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau

Oppo Find X8 series is scheduled to make its debut in China on October 24. The purported smartphone lineup is expected to feature a dedicated capture button for the camera, enabling quick access. Ahead of its anticipated launch, a company official has highlighted the reasons behind the inclusion of this new button on the Find

Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks — what they are and the most common

Amazon Great Indian Festival 2024 sale has been going on for a few weeks now. The special discount sale kicked off on September 27 for all shoppers after providing 24 hours of early access to Prime members. The sale is focused towards the Indian festive season and offers lucrative discounts on a wide range of

Oct 10, 2024Ravie LakshmananVulnerability / Enterprise Security Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0,

Sennheiser Accentum Wireless SE (Copper) headphones were launched in India on Thursday. These headphones boast similar features such as hybrid active noise cancellation (ANC) and up to 50 hours of battery life as the Accentum Wireless but come in a new colourway. The company has also introduced the BTD-600 plug-and-play Bluetooth dongle which enables users

Oct 10, 2024Ravie LakshmananCybercrime / Disinformation OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating

iPhone 16 series was launched by Apple at a special event held in September at Apple Park in California. The latest smartphone lineup from the Cupertino-based tech giant boasts features like a powerful A18 family of chipsets, improved design, an Action button on all models, and a new dedicated Camera Control button. Courtesy of these

Oct 10, 2024Ravie LakshmananVulnerability / Browser Security Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component. “An attacker was able to achieve code

OnePlus 13 is expected to debut in China sometime this month as the successor to the OnePlus 12, which launched globally earlier this year. Ahead of its anticipated debut, extensive details about the purported smartphone’s display have been leaked by a tipster. It is suggested to be equipped with a BOE X2 panel with a

Oct 09, 2024Ravie LakshmananIndustrial Security / Critical Infrastructure Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution,”

This week, SonyLiv is treating us with two heartwarming dramas. In Zindaginama, we follow six stories about mental health. In Raat Jawaan Hai, we meet three friends who embark on an adventurous journey of raising kids. Another heartwarming release on homefront comes from Hotstar’s Vaazhai, where we see a young boy trying to break free

Oct 09, 2024Ravie LakshmananEnterprise Security / Identity Theft Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities