Security

Google has somewhat quietly added a new version of its Nest Doorbell to its Store. This refreshed version runs on wired power, and is rated to send the telemetry from its inbuilt to the user in a 4:3 aspect-ratio, rated for improved vigilance over things such as packages. It can also record video for up to 10 days on end; however, this feature requires an additional Nest subscription.

The Simple Phone is aimed at those who want a smartphone free of interference from Google. Instead, the Simple Phone ships with SimpleOS, an open-source OS based on Android 11 that ships with F-Droid, not the Google Play Store.

While most processors on the market are faster when disabling security tweaks/patches for certain bugs such as Spectre or Meltdown, it was recently discovered that the AMD Ryzen 7000 family does better when the Spectre V2 mitigations are enabled in the Linux kernel. The tests were first ran on the Ryzen 9 7950X, and then on the Ryzen 5 7600X.

Google has unveiled the Nest Wifi Pro, its most advanced Wi-Fi router to date. Not only does the new router support Wi-Fi 6E connectivity, but multiple units can also be used in a mesh set-up. The Google Nest Wifi Pro supports the Matter smart home standard too, among other features.

Anker's eufy home-security brand has launched a third-gen outdoor camera kit powered by its OEM's new BionicMind AI. It can be "taught" to recognize specific faces as friendly, and can even learn to "perceive" certain human behaviors as potentially suspicious. The new features are touted to make camera activation, user notification and footage storage within the eufyCam 3 system more selective, powerful and effective than ever.

The C3W Pro is the latest security camera from EZVIZ, of the Wi-Fi-capable form-factor intended to be installed outside. As such, it packs the OEM's latest color night-vision features, including automatic activation in response to movement. Its 1080p resolution and 2MP streaming mode allow it to hit a potentially attractive price-point.

The Fiido X may be one of the most successful e-bikes that started out on a crowd-funding website. Nevertheless, the OEM has announced that it will be releasing a new version for 2022. It is rated to offer a new zero-power mode, as well as improved security features, a new handlebar with a new screen and other new, possibly quality-enhancing, tweaks.

Smartphone OEMs might be pivoting towards under-display camera (UDC) tech to free their future devices from punch-holes, notches or sensor bars of all kinds. Now, Samsung has taken this potential trend particularly far by patenting a screen with dual UDCs. The South Korean giant apparently intends them for use in improved user authentication.

Included with HP computers, but also available as a standalone release for non-HP PCs that use the brand's peripherals such as scanners or printers, HP Support Assistant is vulnerable to DLL hijacking. HP's security advisory on this topic also includes a fix for the problem, which is considered a high-level security threat.

While the Galaxy S21 series and the Samsung Galaxy S20 FE 5G are now both receiving this month's security patch on Android 12, the previous generation flagships should receive Android 13 before the end of the year. For the Galaxy S20 FE 5G, this is scheduled to take place in March 2023.

Even before the launch of the Pixel 6 series, there were rumours that all models would support Face Unlock functionality. Still in development nearly a year after the release of the Pixel 6 and Pixel 6 Pro, new information suggests that facial recognition could be used in conjunction with the device's optical fingerprint sensor.

Recent research has shown that the TikTok iOS app opens any links inside an in-app browser and all interaction with the website is being recorded. This info can include passwords, credit card information, addresses, and so on. Although TikTok confirmed the existence of such features, the company also denied using them.

Researchers have independently discovered new security vulnerabilities affecting Intel and AMD processors. A non-side channel vulnerability named ÆPIC affects Intel 10th gen to 12th gen processors while a side-channel security issue called SQUIP affects all AMD Zen 1 to Zen 3 processors that rely on SMT. These vulnerabilities have not been exploited in the wild so far, but both CPU makers have suggested appropriate mitigation measures.

Microsoft managed to issue a fix for the Windows 11 / Windows Server 2022 encryption vulnerability that makes use of the Vector Advanced Encryption Standard, but the patch is impacting CPU performance. Affected CPUs include Intel's 10th, 11th, 12th and 13th gen models, while AMD's affected models include Zen 3 and upcoming Zen 4 processors. Another fix that addresses the performance issues is expected to be available in a month.

The EncroPi is a USB stick based on the RP2040 microcontroller. Billed as being capable of encrypting files quickly and securely, the EncroPi has a display, a real-time clock (RTC) and can be backed on Kickstarter for as little as £35.

Thousands of Solana wallets have been drained thanks to a widespread attack on Slope mobile wallets. According to initial investigations, the attack is only limited to software wallets as hardware wallets haven’t been breached.

Are you holding off on getting your Android smartphone fixed for fear of the personal data on it going to the repair shop with it? Samsung has come up with a new way to allay such fears with its new Repair Mode, a new option for Galaxy-series smartphones that locks all potentially sensitive information behind an unlocking method.

The Pixel 6a is Google's latest smartphone, and is thus only just now getting into the hands of YouTube reviewers. Two of these channels have found that their experience with the device has been marred by a strange and possibly severe bug. Their units' in-display fingerprint scanners allegedly unlock their screens in response to the detection of fingers that were never registered in their UIs.

EZVIZ has released its Prime Day deals on its residential surveillance accessories for 2022. It includes some of the latest color night vision cameras from the brand, as well as pan-tilt indoor and FHD floodlight-equipped models. They are available at discounts of up to 42% at the moment.

Coming later this year to iOS 16, iPadOS 16, and macOS Ventura, Lockdown Mode is a feature for users who may be at risk of being targeted by high-level digital threats, including those from the NSO Group. Learn how to activate the new mode and what some of the disadvantages users may face after enabling it.

Apple is further strengthening the security of its devices against state-sponsored spyware programs with the introduction of the new “Lockdown Mode”. The company is marketing the feature as an “extreme, optional protection” for people that fear targeted cyberattacks. The feature seems like a direct response to the fiasco caused by the infamous Pegasus spyware.

Samsung has finally updated its most current rugged smartphone, the Galaxy XCover 5, to Android 12. Its new firmware confers One UI 4.1 on the 2021 device, its new Material You-inspired system color-schemes included. The new major software upgrade is also rated to improve security on the XCover 5.

Kingston has revealed the IronKey Vault Privacy 50 Encrypted USB series. The devices have both Brute Force and BadUSB attack protection, and read-only settings. You can set 16-character passwords in Complex mode, plus the gadget has a new passphrase mode allowing you to set a password with up to 64-characters.

For the second time in two years, Foxconn's facilities operating in Mexico have been breached. A ransomware group known as LockBit has taken the responsibility. The group is demanding that Foxconn fulfill certain conditions by June 11 if the company wants to save its data from being leaked.

EZVIZ has announced pricing for its latest home security camera on its new Amazon page. The C8W Pro 2K is of the spherical outdoor form-factor for 360-degree coverage and AI-powered smart potential intruder detection and tracking. However, this one debuts a new feature: an automatic preference for one spot in its field of vision the user can select via its app.

Google has announced a second-gen Wallet in the course of its I/O 2022 keynote. This app is slated to support more than just payments this time around. It will also support the Mountain View giant's growing capacity to turn mobile devices into digital ID containers. The Wallet Android app is coming to users in 40 countries soon.

Reportedly, the Pixel 6 will never receive face unlock as a screen unlock method. Instead, Google is rumoured to be still working on face unlock for the Pixel 6 Pro, which could debut in a future Pixel Feature Drop.

Apple is reportedly working on a satellite network of its very own; furthermore, the Cupertino giant might have it ready in time for its latest mobile devices to launch able to connect with it out of the box. Then again, the combination is not exactly intended for full-blown GSM-independent communications on the part of the upcoming iPhones and smartwatches.

Estimations warn that over 1 million Lenovo devices suffer from medium threat UEFI BIOS vulnerabilities. Patches are already available for most models, yet some devices will not get the fix before May 10.

One of the most prominent whistleblowers who highlighted Facebook's potential for detrimental effects on human society has voiced concerns of similar ramifications arising from the company's new focus: the metaverse. On that note, Meta is also now linked to plans for sales levies within a relevant platform, Horizon Worlds, that outdo even those found on the Apple App Store.

Google will limit the ability of some users to search and install older apps with outdated API versions from the Google Play Store. The change will take effect after November 1st. Current users of the targeted apps won't be affected by the change.

The FCC has added Kaspersky, a Russian cybersecurity firm, to its entity list, a collection of companies that the regulator deems as threats to the country's security. Kaspersky is the first Russian firm on the regulator's list.

Arthur Cheong, the founder of DeFiance Capital, has been hacked. NFTs and other tokens worth an estimated US$1.7 million have been stolen from one of their hot wallets. At the time of writing, several stolen NFTs have already been sold using marketplaces like OpenSea.

Ubisoft has reportedly been hacked by the same group that was behind the recent attack on Nvidia - a group known as LAPSUS$. The game company has stated that no personal information was stolen; however, Ubisoft has also carried out a "company-wide password reset" as a measure of caution against the incident.

Testing performed by Phoronix on some AMD and Intel CPUs has revealed that Intel CPUs suffer as much as a 35% performance drop due to the Spectre-v2 mitigation on Linux, whereas almost all AMD processors post a drop of less than 10%.

According to reports, TP-Link devices are sending data about browser behaviour to third-party providers regardless of whether people consent for them to do so. Affected devices include TP-Link routers and Deco Wi-Fi mesh systems.

The Ukrainian government is planning to transport data and servers to a European country if the threat of Russian forces getting access to sensitive government documents is unavoidable. However, the question of how the country will do that remains unanswered.

The recently discovered exploit could allow malicious applications to take full control of Android 12 devices like the Galaxy S22 and Pixel 6 series of smartphones, even though there are no reports that attackers have already started using the Dirty Pipe vulnerability.

The new Spectre variant apparently has no effect on AMD's processors, yet it continues to affect Intel's processors ranging from Haswell up to Alder Lake, whereas ARM's affected products include the Cortex A15 / A57 / A72 cores plus Neoverse server-grade processors models V1, N1 and N2.

Fiido touts its next upcoming product, the Beast, as a cross between an electric scooter and a go-kart. This is because the vehicle has a seat as well as a footboard. It is powered by a sizeable, removable battery and runs on "professional" off-road tires. The OEM is previewing its imminent launch via Indiegogo at present.

Google has announced that it is planning to acquire Mandiant, a cybersecurity group in a bid to take advantage of the lucrative cloud mark. The deal will set back the company by approximately US$5.4 billion. The partnership will enhance Google Cloud's security offerings by utilising Mandiant's services such as rapid threat detection and response.

Google's Threat Analysis Group has pointed out in a blog post that Russian and Belarusian hackers are targeting Ukrainian and Polish military and governmental entities with phishing attempts. Hacking groups FancyBear and Ghostwriter are believed to be the major threat actors behind the attacks.

Samsung has admitted that a recent security breach has led to the theft of source code used for its Galaxy devices. The company confirmed that the hackers did not steal any customer or employee personal information.

The hacker group responsible for the leak just recently made headlines by demanding a whopping US$1 million for a bypass tool which is supposed to unlock the full cryptomining performance of Nvidia RTX GPUs with the infamous LHR hashrate limiter.

Intel has announced the new 12th gen vPro platform with enhanced security features for the new working normal. This time, vPro is being segregated into vPro Enterprise for Windows, vPro Essentials, vPro Enterprise for Chrome, and vPro Evo Design catering to both large and small and medium businesses.

Reportedly, Samsung has sent out tens of millions of smartphones with weak or faulty encryption. Estimates for the number of affected smartphones could reach 100 million and include all Galaxy S smartphones from the Galaxy S8 onwards. Samsung was made aware of the security issues nearly a year ago.

A group of researchers has published a study claiming that their “AirGuard” Android app is better at detecting nearby AirTags than Apple’s tracker detection service on iOS. Incidents of AirTags being used to track and steal things like cars have been reported from the get-go. To prevent this, several apps have popped up, aiming to alert users about nearby trackers.

iOS 15.4 is the next major software upgrade for iPhones. It is already available to preview in the form of developer betas. Apple has released four of these thus far, the latest of which add the latest updates to the AirTag system intended to avoid their use for malicious purposes. One new beta also reportedly addresses a user-privacy lapse left in an earlier stable version.