Technology

Sony Xperia 1 VI is reportedly in the works. The company’s next “One” series smartphone is likely to make its debut early next year. While the company is yet to reveal details of its upcoming phone, the handset’s few specifications and launch timeline have been tipped online. The phone is expected to arrive as the

Sep 15, 2023THNPrivacy / Online Security Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company’s location-privacy practices misled consumers and violated consumer protection laws. “Our investigation revealed that Google was telling its users one thing – that it would no longer

Google is adding significant upgrades to Chromebooks, increasing the number of years for upcoming updates. In a recent announcement, Google mentioned that all Chromebook platforms will now get regular automatic updates every four weeks to provide better security. Meanwhile, for Chromebooks that no longer receive automatic updates, there will be strong built-in security features. Moreover,

The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1

Vivo V29 5G and Vivo V29 Pro 5G are expected to go official later this month. Ahead of the formal debut, specifications of the unannounced Vivo V-series smartphones have been leaked online. They are tipped to feature a 3D curved AMOLED display with 1.5K resolution and 120Hz refresh rate. Both Vivo V29 5G and Vivo

Sep 15, 2023THNCyber Attack / Password Security Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense,

Infinix Note 30 VIP Racing Edition has been launched in select global markets on Thursday (September 14). The latest smartphone by the Transsion Holdings sub-brand is powered by a MediaTek Dimensity 8050 SoC and offers similar specifications as the regular Infinix Note 30 VIP. There are, however, some differences in design and packaging. Infinix has

Sep 14, 2023THNEndpoint Security / Vulnerability A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. “Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run

Motorola Edge 40 Neo was launched in the EMEA region on Thursday. The handset is confirmed to be released in India on September 21. The phone joins the Motorola Edge 40 and Motorola Edge 40 Pro, which were released globally in April. It comes with a MediaTek Dimensity 7030 SoC and a 5,000mAh battery with

Sep 12, 2023THNSoftware Security / Vulnerability A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw “could allow an attacker to exploit a race condition within GitHub’s repository creation and username renaming operations,” Checkmarx security researcher Elad Rapoport said in a technical report

Sep 13, 2023THNVulnerability / Browser Security Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow

Sep 13, 2023THNVulnerability / Zero Day Adobe’s Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system

Sep 13, 2023THNEndpoint Security / Zero Day Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity. The update is

Sep 13, 2023THNCyber Attack / Malware Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as lures to infiltrate corporate networks. The tech giant’s Threat Intelligence team is tracking the cluster under the name Storm-0324, which is also known by the monikers TA543 and Sagrid.

There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about

Sep 13, 2023THNRansomware / Malware A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deliver LockBit (attributed to Bitwise Spider or Syrphid) in the target network. “3AM is written in Rust and

Sep 13, 2023The Hacker NewsThreat Detection / SaaS Security In today’s digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster innovation. But with great power comes great responsibility. As organizations integrate more SaaS applications into their workflows, they inadvertently open the door to a new era

Sep 13, 2023THNVulnerability / Data Security More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics service that could be weaponized by a threat actor to carry out malicious activities. “The identified vulnerabilities consisted of six stored XSS and two reflected XSS vulnerabilities, each of

Sep 13, 2023THNKubernetes / Cloud Security Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the

Nokia X30 5G price in India has been slashed by the company, just over half a year after the phone was launched in India. The company has begun selling the phone with a Rs. 12,000 discount in the country. The phone sports a 6.43-inch full-HD+ AMOLED display and is powered by an octa-core Snapdragon 695