Latest Tech News

Content creators eyeing up the new AMD Radeon RX 7900 XTX could be in for a disappointment. 

Benchmarking the GPU across popular content creation apps, Puget Systems found AMD’s latest offering lagged below the standards set by rival Nvidia.

The results chime with our own tests, where the graphic card remains a great option for gaming PCs, but creative workload performance could best be described as “just ok”. 

AMD Radeon RX 7900 XTX: Benchmarking  

The team over at Puget put the GPU through its paces, running a range of video editing software, VFX software, and 3D modeling software on Team Red’s most powerful graphics card. 

DaVinci Resolve was first up. The free video editing software is well-equipped to take advantage of high-end GPUs, and it’s here where the graphics card shone. 

According to Puget  the 7900 XTX showed more than a 30% overall performance boost compared to the older Radeon 6900 XT. It even edged out the Nvidia GeForce RTX 4090 to hit the top spot. 

It also achieved high marks in the H.264/HEVC and RAW debayering tests, outperforming the 6900 XT and about on par with the RTX 4090. 

Read more

> Creatives will benefit from this top graphics card, if they can find one

> These are the best video editing computers

> Intel Arc GPUs just can’t compete with NVIDIA GeForce for content creation 

Next, the custom PC builder tried out Adobe Premiere Pro, which doesn’t make much use of GPUs as a whole. Overall, it increased performance by 22% over past AMD GPUs. However, it failed to beat the RTX 4090 or 4080, with Puget noting it was “more in line with the RTX 3080 and 3090 models.” 

In Adobe After Effects, the 7900 XTX was found to be a mid-table performer. As in other tests, performance was overall superior to the 6900 XT, but couldn’t keep up with the GeForce 4080, 3090, or 4090. 

Nor did the card perform well in Unreal Engine with mixed results when used alongside the top game development tool. The team found “in rasterized workloads, the 7900 XTX performs quite well, in one test nearly matching the slightly more expensive RTX 4080. But in the other rasterized test, the 7900 XTX had the lowest score of all cards tested.” 

Finally, the 7900 XTX was used for 3D rendering software Blender. And it makes grim reading, with the GPU “unable to match the rendering power of the NVIDIA GeForce RTX series.” While GPU rendering showed a 70% performance increase compared to AMD’s RX 6900 XT, Nvidia’s RTX 4080 proved to be almost three times faster. 

In the final analysis, Puget Systems suggested that while certain content creation workloads would benefit from the AMD Radeon RX 7900 XTX, Nvidia’s line-up remained its top choice for creators. 

• Find out where to buy the AMD Radeon RX 7900 XTX 

from TechRadar - All the latest technology news https://ift.tt/2wsHNFz

Best Cash-Back Credit Cards in December 2022 - CNET

Earn cash back on popular spending categories including groceries, restaurants, gas, travel and more.

from CNET https://ift.tt/jDBCTm3

Latest Tech News

Artificial intelligence research lab OpenAI has announced details on its latest technology that will see huge improvements to 3D rendering.

OpenAI is the company behind text-to-image generator, DALL-E, which has now turned its attention to translate text prompts into 3D point clouds, which it will call POINT-E.

According to a paper published by OpenAI, POINT-E “produces 3D models in only 1-2 minutes on a single GPU”, compared with other current solutions which can take hours and require multiple GPUs.

OpenAI POINT-E

An extract from the paper details POINT-E’s current place in the world of 3D model building:

“While our method still falls short of the state-of-the-art in terms of sample quality, it is one to two orders of magnitude faster to sample from, offering a practical trade-off for some use cases.”

It works by generating a single synthetic view with a text-to-image diffusion model. Then, a 3D point cloud is generated, which is easier to synthesize hence the reduced load on GPUs, though it doesn’t capture smaller details hence the trade-off mentioned in the paper.

Read more

 > These are the best laptops for programming

> GitHub launches Copilot for businesses

> OpenAI's new DALL.E model turns your words into pieces of art 

A secondary AI has been trained to alleviate some of this, but the work explains that this can “sometimes miss thin/sparse parts of objects”, such as the stalks of a plant, giving the illusion of floating flowers.

OpenAI promises to have trained the artificial intelligence on several million 3D models and their metadata, though its use cases for now remain fairly limited.

One such example includes rendering real-world objects for 3D printing, though as the technology develops and becomes more refined, it’s likely that we’ll see it being used in more advanced cases such as gaming and even television.

The project’s open-source code is available on GitHub,  

•  Check out the best online collaboration tools around

from TechRadar - All the latest technology news https://ift.tt/NAlrx7e

Latest Tech News

Criminals have been found impersonating a well-known cybersecurity firm in an attempt to steal data from software developers, researchers have found.

Researchers from ReversingLabs recently discovered a malicious Python package on PyPI called “SentinelOne”. Named after a known cybersecurity company from the United States, the package pretends to be a legitimate SDK client allowing easy access to the SentinelOne API from within a separate project. 

However, the package also carries “api.py” files which hold the malicious code, and allow the threat actors to exfiltrate sensitive data from the developers to a third-party IP address (54.254.189.27).

Going after auth tokens and API keys

The data being stolen includes Bash and Zsh histories, SSH keys, .gitconfig files, hosts files, AWS configuration info, Kube configuration info, and others. As per the publication, these folders usually store auth tokens, secrets, and API keys, which would enable threat actors further access to target cloud services and server endpoints. 

The worst part is that the package does offer the functionality the developers expect. In reality, this is a hijacked package, meaning unsuspecting developers might end up using it and becoming victims in ignorance. The good news is that ReversingLabs confirmed the malicious intent of the package, and after reporting it to both SentinelOne and PyPI, had it removed from the repository.

Read more

> These are the best endpoint protection tools right now

> Malicious PyPi packages turn Discord into password-stealing malware

> This random image is spreading a malicious PyPl package using GitHub

In the days and weeks leading up to the removal, the malicious actors were quite active. The package was first uploaded to PyPI on December 11, and has been updated 20 times in less than 10 days. 

One of the issues that were fixed with an update was the inability to exfiltrate data from Linux systems, the researchers found.

It’s difficult to say if anyone fell for the scam, the researchers concluded, as there is no evidence the package got used in an actual attack. Still, all the published versions were downloaded more than 1,000 times. 

• Check out the best firewalls around

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/umCWvp6

Best Verizon Phone for 2022 - CNET

These are the best phones available on Verizon right now.

from CNET https://ift.tt/VhCU7S6

Why 'Santa Should Phase Out Coal' for Naughty Kids This Christmas - CNET

One pediatrician has a plea.

from CNET https://ift.tt/CAzoypj

Latest Tech News

A vulnerability more serious than EternalBlue was sitting in Windows for some time, before being finally discovered and patched, experts have revealed. 

For those with shorter memory, EternalBlue was an NSA-built zero-day for Windows which gave birth to WannaCry, possibly the most devastating global ransomware threat to ever emerge.

Researchers from IBM, which discovered the flaw, said that it was even more potent as it resided in a wider range of network protocols, giving threat actors more flexibility when conducting their attacks.

Three-month headway

The flaw, tracked as CVE-2022-37958, isn’t exactly new, as it was discovered - and patched - three months ago. 

The news is that no one - not the researchers, not Microsoft issuing the patch - knew exactly how dangerous it really was. In reality, it allows threat actors to run malicious code without the need for authentication. Furthermore, it’s wormable, allowing threat actors to trigger a chain reaction of self-multiplying exploits on other vulnerable endpoints. In other words, the malware abusing the flaw could spread across devices like wildfire. 

Discussing the findings with Ars Technica, Valentina Palmiotti, the IBM security researcher who discovered the code-execution vulnerability, said an attacker could trigger the vulnerability via “any Windows application protocol that authenticates.”

“For example, the vulnerability can be triggered by trying to connect to an SMB share or via Remote Desktop. Some other examples include Internet exposed Microsoft IIS servers and SMTP servers that have Windows Authentication enabled. Of course, they can also be exploited on internal networks if left unpatched.”

Read more

> NotPetya attack - three years on, what have we learned?

> Ethical hackers show that Windows 10 isn’t immune to WannaCry

> These are the best malware removal tools around

When Microsoft first patched it three months ago, it believed the flaw could only allow threat actors to grab some sensitive information from the device, and as such, labeled it as “important”. Now, the company amended the rating, labeling it as “critical”, with a severity score of 8.1.

Unlike EternalBlue, which was a zero-day and left security experts and software makers scrambling to build a fix, the patch for this flaw has been available for three months now, so its effects should be somewhat limited. 

• Here's our rundown of the best firewalls on the market today

Via: Ars Technica

from TechRadar - All the latest technology news https://ift.tt/SyeJmqP

Wyze Outdoor Cam v2 Review: Few but Impactful Improvements - CNET

It isn't much different or much more expensive than the previous outdoor camera from Wyze, but it's a noticeable upgrade nonetheless.

from CNET https://ift.tt/1Ay0TgF

Latest Tech News

Password sharing on streaming services is nothing new, and Netflix’s attempts to limit the practice in recent months are well-documented. Now, though, new piracy guidance issued by the British government suggests anyone sharing passwords in the UK could be in breach of copyright law – and even face criminal charges for fraud. 

As first reported by TorrentFreak, Britain’s Intellectual Property Office (IPO) has updated its piracy guidance to assert that “password sharing on streaming services” – which includes the likes of Netflix, Prime Video and Disney Plus – can legally be deemed an act that “break[s] copyright law.” 

TorrentFreak reached out to the IPO for clarification on the legalities of password sharing, and the agency replied as follows: “There are a range of provisions in criminal and civil law which may be applicable in the case of password sharing where the intent is to allow a user to access copyright protected works without payment.”

“These provisions may include breach of contractual terms, fraud or secondary copyright infringement depending on the circumstances," the IPO continued. 

In other words, those sharing streaming service passwords in the UK could legally be prosecuted for fraud and/or breaches of copyright law – though it’s worth noting that the likelihood, in our opinion, is very slim. 

(Image credit: Shutterstock / Elliott Cowand Jr)

For starters, the bar for what constitutes an act of fraud in the UK is low. The country’s 2006 Fraud Act notes that using the “services of a members’ club without paying and without being a member” is deemed fraud, as is posting “chargeable data or software over the internet without paying.” Both offences are commonplace – how many times have you reposted someone else’s work on social media? – and although the practice of password sharing could fall into either category, it’s highly unlikely that the Crown Prosecution Service would pursue anyone for wanting to share Stranger Things with their friends.

Publicly aligning with such draconian action would also spell reputational disaster for streaming services that have actively encouraged password sharing in the past (as recently as 2017, Netflix tweeted “love is sharing a password").

However, while password sharing isn’t likely to put you behind bars in the UK or anywhere else any time soon, the British government’s official line on the legalities of such behavior will give Netflix the confidence – and the legal mandate – to follow through with its ambitious plans to introduce account sharing surcharges in 2023. 

It wouldn’t be a surprise to see the likes of Prime Video and Disney Plus follow suit, too, if Netflix’s drastic action reaps a significant revenue boost in the months following its rollout. 

For more Netflix-related content, check out our breakdown of Netflix's cheaper, ad-supported tier, as well as its new remote logout feature. 

from TechRadar - All the latest technology news https://ift.tt/6Z825PR

Latest Tech News

Hundreds of Android applications being distributed through the Google Play Store have been found leaking Application Programming Interface (API) keys, putting users at risk of identity theft and other threats.

The risks were found by cybersecurity researchers at CloudSEK, who used the company’s BeVigil security search engine to analyze 600 applications on the Play Store.

Overall, the team found half (50%) were leaking API keys of three top transaction and email marketing service providers, putting users at risk of fraud or scams.

MailChimp, SendGrid, MailGun

CloudSEK found the apps were leaking APIs from MailChimp, SendGrid, and Mailgun, allowing potential threat actors to send emails, delete the API keys, and even modify multi-factor authentication (MFA). CloudSEK has since notified the apps’ developers of its findings.

Between them, the apps were downloaded by 54 million people, which are now at risk. Most of the potential victims are located in the United States, with the UK, Spain, Russia, and India, also accounting for a hefty portion. 

“In modern software architecture, APIs integrate new application components into existing architecture. So its security has become imperative,” commented CloudSEK. “Software developers must avoid embedding API keys into their applications and should follow secure coding and deployment practices like standardize review procedures, rotate keys, hide keys and use vault.”

Read more

> Remove viruses and ransomware with the best malware protection services around

> AWS APIs can be abused to leak information

> These popular mobile apps are leaking some very valuable information

Between the three services, MailChimp is arguably the biggest, and by leaking MailChimp API keys, app developers would allow threat actors to read email conversation, exfiltrate customer data, grab email lists, run email campaigns of their own, and manipulate promotional codes.

Furthermore, hackers could authorize third-party apps connected to a MailChimp account. In total, the researchers identified 319 API keys, with more than a quarter (28%) being valid. Twelve keys allowed for email reading, it was added. 

Leaking MailGun API keys also allows threat actors to send and read emails, but also to get Simple Mail Transfer Protocol (SMTP) credentials, IP addresses, as well as various statistics. Furthermore, they’d be able to exfiltrate customer mailing lists, as well.

SendGrid, on the other hand, is a communication platform that helps companies deliver transactional and marketing emails through a cloud-based email delivery platform. With an API leak, hackers would be able to send emails, create API keys, and control IP addresses used to access accounts.

• Keep your business safe with the best endpoint protection

Via: Infosecurity Magazine

from TechRadar - All the latest technology news https://ift.tt/v3dseiT

Latest Gadgets News

OnePlus 11 5G and the OnePlus Buds Pro 2 are scheduled to launch at the company’s Cloud 11 event next year. The Shenzhen-based company, in an official announcement, revealed the details of the upcoming OnePlus Cloud 11 launch event, which is scheduled to take place on February 7, 2023.

from Gadgets 360 https://ift.tt/n0yjQOc

Apple TV Plus: Every New TV Show Arriving in December - CNET

Here's a complete list of shows coming in December.

from CNET https://ift.tt/axQD9MO

Latest Tech News

Apple is looking increasingly likely to miss its projected 2022 deadline for completing the transition to using its own silicon processors across the entirety of the Mac product line, with the enterprise-aimed Mac Pro being the last to follow.

As highlighted by Bloomberg’s Mark Gurman, the path to Mac Pros powered by Apple’s custom M-series chip, which would allow iOS apps to run natively in macOS, and otherwise result in increased performance gains and decreased power consumption, has been a difficult one.

Reasons cited for the delay include relocation of manufacturing to avoid additional tariffs on goods manufactured in China, continued redesigns of the M-chips to include an “Extreme” variant, and fears of skyrocketing costs to customers.

Mac Pro M2 delay

As addressed by Gurman, Apple’s plans to move its line of high end workstations to Apple silicon began with the introduction of its M1 chip in 2020. 

Plans were made for a unique processor that, across two configurations of the Mac Pro product, would combine the power of either two or four M1 Max chips, the most powerful chip available in the Macbook Pro line at the time.

However, the Mac line of computers has not benefited from simplicity, and the dual M1 Max chip, which became known as the M1 Ultra, ended up launching with the Mac Studio, a line marketed towards creatives and others who rely on resource-heavy processes.

An M2 Ultra chip promising additional performance gains is reportedly in development, but hopes for a further M2 Extreme chip, that Gurman speculates would likely have offered “up to 48 CPU cores and 152 graphics cores” by being four M2 Max chips stuck together seem, according to him, to be dead in the water.

The biggest barriers to Mac Pros running on appears to be cost of production, and to customers. 

The complex nature of the architecture of the most powerful Apple silicon, that would give Mac Pros their unique selling point, is expensive enough without production having been relocated to Texas during the Trump presidency.

The two primary reasons for the move were for Apple to evade increased tariffs on Chinese imports and uphold a public commitment to grow the US economy - both of which point to a PR exercise, and one that is costing them the ability for a painless switching to its own silicon.

Gurman claims that an M2 Extreme version of a Mac Pro would “probably” cost “at least” $10,000 per unit, which would not be cost-effective even regardless of an ongoing recession.

Read more

> Check out our list of the best business Macs right now

> Sorry Apple fans, the next MacBook Pro likely won't get M2 Pro or M2 Max chips

> Apple announces the new super-efficient M2 chip at WWDC 2022

Putting aside the conjecture, the Mac Pro is in a difficult place as a product. It has to offer better performance than all other Macs, which is complicated by the existence of the Mac Studio, but is a niche offering, only especially relevant to enterprise customers that need the extra power.

At the moment, only Intel-powered Mac Pros continue to only be available. There will probably be another entry in the line, but it may not appear for some time, and still not be powered exclusively by Apple's own silicon.

•  Here’s our list of the best mobile workstations right now 

from TechRadar - All the latest technology news https://ift.tt/RaSp4Wx

Latest Gadgets News

Samsung Galaxy A04 and Galaxy A04e are launched in India. The handsets ship with a MediaTek Helio P35 SoC coupled with up to 4GB of RAM, a 5,000mAh battery, and more. Samsung Galaxy A04e is available in Black, Blue, and Copper color options.

from Gadgets 360 https://ift.tt/LqDYG4M

Scientists Now Know Why Coyotes Unexpectedly Killed a Human in 2009 - CNET

When a pack of coyotes attacked a hiker in 2009, it became the first recorded instance of coyotes killing an adult in North America.

from CNET https://ift.tt/gkZ04oR