Security

Qualcomm has announced that it will bring its first ever "Automotive Grade" Wi-Fi 7 access point to MWC 2024. The new addition to the Snapdragon Auto Connectivity platform is thus touted to bring cutting-edge bandwidth, interference-free reception and potentially super-fast data transfer rates to the next generation of vehicles.

Nokia has announced that its extended detection response (XDR) software for telecomms service provider and/or enterprise customers is to be augmented by generative AI. It will come in the form of an "assistant" based on Microsoft Azure LLMs trained on Nokia's 5G security and technology expertise, backed to make the OEM's current threat detection and resolution twice as fast as it is now.

Anatsa is a trojan that specifically targets banking use on Android smartphones. Deployed by seemingly innocuous apps on Google Play, the malware has infected more than 100,000 European users.

Although not a product beyond version 1.0 yet, DuckDuckGo is a quite popular browser among those looking for privacy and security before anything else. Its latest update allows users to sync bookmarks, passwords, and email protection settings between devices without the need to create and use an account.

The Debian project has released an update to version 12.5 which includes 68 bug fixes and 42 security updates for the distribution. It is the fifth point release of Debian GNU/Linux 12 "Bookworm".

A YouTuber named The Net Guy Review recently received a mini PC for review from a Chinese brand called Acemagic. While everything appeared fine during the initial setup, a Windows Defender alert popped up when the reviewer was preparing to test the mini computer. The built-in antivirus software detected spyware that steals passwords, crypto, Steam accounts, and other sensitive user data.

A massive DDoS attack involving more than three million toothbrushes infected with malware highlights the dangers of internet-connection gadgets, as less powerful gadgets in particular are often not adequately protected against malware.

Passwords are not at risk. Instead, researchers are showing what data sensors on cell phones and other smart devices can intentionally or unintentionally collect. Creepy at the very least or quite normal.

As part of an ongoing investigation that involves German authorities, an unnamed forensic IT company from Munich, and the FBI. Roughly 50,000 bitcoins were seized from two people suspected of money laundering and more. The two individuals allegedly got these funds while in charge of an illegal file-sharing platform.

A growing number of minors are being harmed online, which worries lawmakers. However, some social media companies are supposedly ignoring the problem. Mark Zuckerberg expressed regret to families on the negative effects of social media during a heated Senate hearing.

Gogoro backs its new flagship two-wheeler to go from 0 to ~32 miles per hour (mph) in less than 5 seconds thanks to its new Hyper Drive electric motor and AEROFORCE design. The Pulse is also touted as a "smartscooter" thanks to a "panoramic" iQ Touch HD screen powered by Qualcomm Snapdragon Digital Chassis silicon. The upcoming EV is also compatible with Apple Find My and digital key tech for potentially enhanced security.

Apple is not happy about it, but the company now allows EU users to sideload apps onto its iPhones. Apple announced changes to how it handles apps on iOS in order to align with the European Union's Digital Markets Act. It also announced new App Store pricing and an App Store Fee calculator, which has some developers concerned.

As of today, January 25, 2024, Ubuntu 23.04 has reached the end of support and will no longer receive security updates. Linux users still using Ubuntu 23.04 are advised to upgrade to version 23.10.

Dubbed the "Mother of all Breaches" by Cybernews, a massive leak containing over 12 terabytes of data was recently discovered. The data includes information from billions of accounts and records from large corporations like Twitter, Weibo, and Tencent.

HP CEO Enrique Lores has sought to justify the company’s controversial Dynamic Security feature, which disables any printer with a third-party cartridge installed, by stating that non-HP cartridges might be used to inject malware into the printer and, therefore, the network it’s on. Although HP cites a single research article to back this claim, several security experts have contradicted it, saying the risk is practically non-existent, and that HP could easily patch the threat through other means.

Viofo claims to have developed the ideal dash-cam for users who want as much of a hands-free experience as possible in the new VS1. Its "tiny" form-factor integrates a novel rotating mount for more freedom of placement within the car, yet is also touted to come packed with many of the features of its bigger siblings, Auto Event Detection, Time Lapse Recording 24/7 Monitoring and "highly optimized" Night Vision 2.0 thanks to the Sony STARVIS 2 sensor included.

Xiaomi is launching the Solar Outdoor Camera BW400 Pro Set, a new outdoor security camera that comes with a base station for local storage. It can also be operated independently of the power grid thanks to solar power and a rechargeable battery.

The X account of the United States Securities and Exchange Commission, which oversees and regulates investments, was hacked earlier this week. The hackers created a false post stating that Bitcoin ETFs had been approved for trading. The hack was confirmed by X.

HP claims that its latest Chrome OS convertible can last the course as a rugged work PC. The Fortis x360 G5 is also touted to be as adapted to writing by hand as it is to typing, thanks to its Gorilla Glass 3-enhanced screen and option of using the HP USI Garaged Pen accessory. The G5 is also backed to stay mobile with a "long-lasting" battery and charging that might not take that long.

The Fortis 11-inch G10 Chromebook is another new HP PC "purpose-built" to "stay productive" regardless of what it encounters at work, spills and drops included. It is also equipped with a Titan C chip for security as well as "responsive" Intel platforms for advanced, optionally independent, connectivity. The G10 also has "fast" USB-C charging and the option of a touchscreen.

HP asserts that its new Pro Fortis-series Windows 360-degree convertible is built to withstand any professional or educational environment in 2024 with a MIL-STD-810-tested chassis and Gorilla Glass 3 screen. It is also equipped with the OEM's Wolf Security software suite for potentially improved peace of mind among the IT managers invited to start deploying it from now.

Researchers at cybersecurity firm Kaspersky have revealed details of the “most sophisticated” iOS attack they have ever seen, as part of the ongoing investigation called Project Triangulation. The attack originates from a message on iMessage, triggers without any user interaction, and exploits four zero-day vulnerabilities present in Apple’s A12 - A16 Bionic SoCs to gain complete access to the device data.

It took three Berlin students 600 euros worth of tools, time, and specialized technical knowledge to activate Tesla's ultimate "Elon mode", a “godlike” function that allows users to take control of the car's autonomous driving features.

A Tesla Cybertruck collided with a Toyota Corolla in California. While only minor injuries were sustained during the collision, the Toyota seems to have taken most of the abuse. The stark contrast between the damage sustained by the vehicles seems to validate previous safety concerns about the design of the Cybertruck.

A disturbing Telegram group has been found selling private footage from hacked security cameras placed in bedrooms, dressing rooms, toilets and spas around Vietnam. The hackers offer three tiers of paid access to the camera footage, claiming that “all footage is dark corners and hot scenes from families”. Security experts point to poor password hygiene as being a major cause behind such hacks.

Much like its earlier releases, Imou's latest security cameras come with full-color night vision, customizable detection zones, IP67 water-resistance and AI detection for humans, vehicles and pets. Neither the Bullet 3 nor the Cruiser 2C support the Matter protocol.

Honor has announced that it has a product to launch later in December 2023 - however, it is a tablet rather than a certain upcoming flagship smartphone. Regardless, the Pad 9 is now backed to launch with next-gen "soft light" display technology for enhanced user comfort and, according to a famous leaker, a spec not often seen in its price range.

The EU Commission has been placing advertisements on X for planned chat control. To this end, they have been specifically evaluating and contacting users based on political interests. The fact that this is possible on the platform is not compliant with data protection regulations and so a complaint was lodged against X.

Littlebird Connected Care has announced the first ever, child wearable capable of allowing parents to monitor their young children's location and health remotely - the Littlebird Marlon. Continuous transmission of health and location data is enabled by T-Mobile LTE-M cellular connectivity.

Entering passwords using the autofill function in password managers has a security vulnerability on Android devices. Malicious apps can use the WebView module to spy on login details as they are entered.

A Counter-Strike 2 security vulnerability was discovered this week, allowing enterprising players to access the IP addresses and run code on machines of other players in the game lobby. The exploit affected the lobby voting mechanism that ran web code in the back-end, allowing embedding of local files and scripts. Fortunately, Valve has already issued a patch to close the exploit.

Meta has commenced the extensive deployment of default end-to-end encryption protection for its Messenger platform, following years of announcements and limited testing.

As part of the Don't Click December initiative, US consumers are set to receive ongoing updates and guidance to enhance their awareness and resilience against fraudulent online activities.

23andMe, a company known for tracing ancestry via genetic testing, recently closed an investigation into unauthorized access of user accounts. The investigation revealed that roughly 6.9 user accounts were affected in the breach, largely via automatic data sharing features within the platform.

Recorded Future’s Insikt Group reported that hackers backed by a regime have acquired an estimated US$3 billion by targeting the cryptocurrency and finance industry, with South Korea being their primary target, as well as the rest of the West.

Cloud computing programs Nextcloud and ownCloud were recently affected by several security gaps that allowed third parties to access stored server files. The vulnerabilities have already been fixed in the current versions.

Since deepfake images created by AI have been circulating at a school, lawmakers want to take stricter action against creators and distributors of non-consensual deepfakes. With the advancement of AI, creating such fake images with the aid of different apps is becoming increasingly effortless.

According to a recent analysis by fraud prevention software Arkose Labs, the majority of internet traffic in 2023 has come from malicious bots driven by artificial intelligence. Bad bot practices include card testing, account scraping, and SMS toll fraud.

The attacks targeted water facilities, with the hackers gaining control of a water station in Pennsylvania and claiming to have stolen data from a regional water supplier in Texas. One of these attacks is suspected to have been staged by a group associated with the Iranian government.

Chimera group infiltrated the network of Dutch semiconductor giant NXP, gaining access for over two years from late 2017 to the beginning of 2020. The breach remained undetected until late 2019.

In May, the Akira gang ransomware attack hit the Texas community, and only on Wednesday did the affected 8,000 citizens receive a note about it. A few days earlier, Stanford University was listed as the target of a ransomware attack that threatened to leak 430 GB of internal data to the public.

Xiaomi has announced which smartphones will no longer be officially supported in the future. The list is extensive and also includes popular models; the discontinuation of support is likely to become a security-relevant factor for users sooner or later.

Under the headline "Privacy is Priceless, but Signal is Expensive", non-commercial messenger Signal provides interesting insights into the infrastructure of a messenger app and its costs.

The Popular ChatGPT service suffered widespread outages, possibly caused by a DDoS attack. Anonymous Sudan, a group linked to Russia, claimed responsibility.

CheckMag By recognizing the signs of mobile phone tracking, you can determine whether your iPhone is being monitored. Below are 7 warning signs your iPhone may be tracked, which range from unexpected Apple ID login alerts to unusual data usage patterns that could indicate the presence of tracking software or malicious activity.

Replacing Mail, Calendar, and the classic Outlook, Microsoft's new Outlook for Windows might be a security problem for some users. Available as a part of Windows 11 and as a standalone app, it shares all emails, contacts, and events with Microsoft. The new Outlook can read, create, share, and even delete data.

The personal electronics OEM Xiaomi has yet to follow through on its long-hyped foray into the automotive market; nevertheless, the company is still definitely working on it, according to a new leak. It reportedly reveals a new patent that might enable the brand's future vehicles to call emergency services by themselves if necessary, much like a new Apple Watch.

Article 45 would grant EU governments total control over HTTPS root certificates, allowing for internet traffic interception across the entire EU space. 300 internet security experts are now trying to raise awareness regarding these actions in an open letter addressed to the European Commission.

GPT has found its way into the smart home with the Camera Genie S, a gadget backed by its maker Psync Labs, Inc to keep watch over domestic life in the smartest way possible. The Genie S is rated to leverage its "innovative generative AI technology" to identify and "preserve" social media-worthy moments as well as surveil a residence around the clock.