State-sponsored North Korean hackers are once again targeting victims with a new form of malware that could possibly hijack mobile and PC devices.
According to a new report from cybersecurity researchers AhnLab, a group known as APT37 (AKA RedEyes, Erebus, a known North Korean group believed to be strongly affiliated with the government), was seen distributing malware dubbed “M2RAT” to spy on, and extract sensitive data from, target endpoints.
The campaign, which kicked off in January 2023, started with a phishing email that distributes a malicious attachment. The attachment exploits an old EPS vulnerability, tracked as CVE-2017-8291, found in Hangul, a word processor program usually used in South Korea.
Using steganography
This interaction triggers the download of a malicious executive, stored in a JPEG image.
Using steganography (a method of hiding malware in pictures and other non-malicious file types), the attackers are able to exfiltrate the M2RAT and inject it into the explorer.exe file.
The M2RAT itself, researchers say, is relatively basic. It logs key entries, steals files, can run various commands, and take screenshots automatically. However, it has a unique feature that caught their attention - the ability to scan for portable devices, such as smartphones, connected to the compromised Windows endpoint. If it detects such a device, it will scan it, and download any files and voice recordings to the Windows machine. After that, it will compress it into a password-protected .RAR archive and send to the attackers.
Finally, it will delete the local copy to remove any evidence of any wrongdoing.
The malware was also observed using a shared memory section for command & control (C2) communication, as well as data theft. That way, it doesn’t have to store the stolen files in the compromised system and leave any traces.
APT37 is quite an active threat actor. It was last seen in December last year, when researchers saw it abuse a flaw in Internet Explorer to target individuals in South Korea.
WhatsApp is making some minor changes to its Android app, although they’re clearly handy additions (even if one of them is still in beta testing right now).
The tweaks inbound with the latest release version of the Android client include the ability to add captions when sharing a document via WhatsApp, as WABetaInfo reports.
Along with that comes a big increase in the number of photos and videos you can send at once in a conversation. Previously, the limit for this was 30 pieces of media, but that has been upped to 100 (which should be plenty enough for anyone – we’d hope).
Another change to the release version of the Android app means users can now have longer group names (up to 100 characters in total), and a group description that informs people about the purpose of the group.
As for the change that’s still in beta, this pertains to an already existing feature, namely Disappearing Messages (which, as the name suggests, vanish after a set period of time if you select this option).
Also spotted by WABetaInfo, the fresh Android beta has a Kept Messages facility. It allows you to save certain Disappearing Messages (as opposed to the whole chat) and keep them for later reference.
Analysis: Some convenient and handy additions
These are all convenient touches for WhatsApp on Android, meaning that, for instance, you don’t have to screenshot disappearing messages (a somewhat controversial feature, as we’ve discussed in the past) to keep hold of them – rather, they can just be saved out. Remember, this one is still in beta, and by the sound of things, it’s rolling out in stages in preview as not every tester is seeing Kept Messages. (There’s no guarantee any beta feature will make the cut for the final release, though).
It's also a useful piece of functionality to be able to attach captions to documents, allowing you to provide a bit of info on the file being shared. Regarding the new features that have arrived with the release version of WhatsApp on Android, currently, they are still rolling out across the userbase, so you may not have them right now – but they’ll be turning up soon enough.
Nvidia’s DLSS 3.1.0 SDK finally received an update, the first since March 2022, and with it comes some interesting and very useful features for gamers to play around with.
According to GitHub and reported by Kitguru, the latest update for Nvidia’s upscaling technology brought along with it some performance, bug, stability improvements, optimization fixes, as well as the ability to customize DLSS scaling ratios and set automatic updates without dev intervention.
Devs would be able to activate that option for updates by enabling a function called “NVSDK_NGX_UpdateFeature.” This feature not only works for DLSS 3 but for DLSS 2-compatible games as well. While this wouldn’t be useful for games that support the DLSS Swapper, for games that this app doesn’t work on (like Origin/EA Play), this new feature would be quite convenient.
How powerful is DLSS 3?
After nearly a full year without any updates, Nvidia finally pushed down one of its most ambitious ones yet, adding in two new major features to DLSS 3. The updated technology was first revealed in 2022 as part of Nvidia's Lovelace GPU line.
DLSS stands for Deep Learning Super Sampling. It's a technology that uses machine learning to upscale games, leading to huge performance improvements with minimal impact to graphical quality. If you need an example of the power of DLSS 3, it allowed for Cyberpunk 2077 to be played at nearly 60FPS at max performance on an 8K display, RTX 4090, ray tracing enabled, and the DLSS 3 exclusive feature Frame Insertion activated.
It’s clear that DLSS is a game changer in terms of massively upping performance on a gaming PC, and seeing that Nvidia is putting out quality updates and adding useful features to this tech is great to see.
from TechRadar - All the latest technology news https://ift.tt/0NJ8F6g
A recent malware campaign that leveraged PyPI to steal people’s cryptocurrency is not only still active, but has significantly expanded in the last three months.
According to a new report from cybersecurity researchers Phylum, the threat actors would create malicious Python packages and upload them to PyPI, the programming language’s largest code repository.
Developers would then download these packages to speed up the development process, effectively compromising themselves and everyone who uses their products.
PyPl typosquatting
The threat actors would engage in typosquatting - a technique where the malicious package has a name almost identical to a legitimate package, with the difference being in just one letter or symbol. That way, the developers that mistype the name as they look for specific packages could end up unknowingly infecting their products. Furthermore, should they search for packages and come up with multiple ones with similar names, they might not have the time or the patience to analyze them thoroughly.
When this campaign was first spotted in 2022, the researchers found exactly 27 packages - but this number has now swollen to 451. The threat actors would impersonate some of the more popular packages, each of which would have between 13 and 38 typosquatted versions.
Those that download the malicious package could end up having their cryptocurrency stolen. The malware would install an add-on to some of the most popular browsers (Chrome, Edge, Brave, Opera), which would monitor the clipboard for cryptocurrency addresses. If it spots one, it would replace it with another address that’s hardcoded to the add-on during pasting.
The idea is that people don’t memorize crypto wallets, but rather copy/paste them when sending funds. Wallet addresses are a long string of random characters, making it virtually impossible to remember one. It also means that when copying and pasting one, the address can be swapped out relatively easily, without the victim noticing anything (unless they inspect both addresses to make sure they’re identical, which is a recommended best practice).
Users that are not careful can easily end up losing all of their cryptos in a transaction that cannot be reversed (unless it was sent out to a third party such as an exchange, which is highly unlikely).
The Pentagon has found that employees at the Department of Defense (DoD) are guilty of using their business smartphones in unauthorized ways, putting national security at risk.
A report from the Department of Defense Inspector General (DoDIG), the agency responsible for auditing the DoD, uncovered the use of unauthorized apps and services across workers' smartphones on a huge scale.
Moreover, there was little infrastructure or policies in place which allowed the DoD to control and manage the use of these devices, and users were not given adequate training on their acceptable and safe operation.
Unauthorized apps
Unmanaged apps such as those related to shopping, gaming, VPNs and - bizarrely - "luxury yacht dealer applications" were installed on work phones, and unapproved messaging apps were being used for official communications, all of which contravenes DoD regulations and poses cybersecurity risks.
The main issue regarding these apps, highlighted the report, is that they often have often have permissions allowing access to the other information stored on the phone, such as contact lists, photos and GPS data.
Other apps also explicitly had malicious features that were known about, or contained potentially inappropriate content, such as that related to video streaming and gambling.
More worrying was perhaps the lack of oversight cited in the report, commenting that the DoD did not manage device use effectively, nor did it warn employees of the potential dangers of misusing work devices.
"DoD personnel may inadvertently lose or intentionally delete important DoD communications on unmanaged messaging applications. Additionally, mobile applications that are misused by DoD personnel or are compromised by malicious actors can expose DoD information or introduce malware to DoD systems."
The report's recommendations going forward was to forward messages from unsanctioned to sanctioned messaging apps and delete them, and that access to public app stores should not be granted "without a justifiable need."
It also advised that a list of approved apps for official business be written, and that policies be updated relating to phone and app usage, as well training "on the responsible and effective use of mobile devices and applications" be given.
This is certainly not the first time the DoD has been reprimanded for its lax attitude to wards cybersecurity. In 2021, the former director of the department's Defense Digital Service wing had sanctioned the use of "an unmanaged mobile application for official DoD business, in violation of DoD electronic messaging and records retention policies."
Also, more recently, another audit, this time of the US Department of the Interior, found that password practices were pretty woeful, with many able to be cracked fairly easily with standard hacking methods.
Nvidia recently scored a big win with its RTX 4070 Ti graphics card, which has me pretty optimistic about the future of Nvidia's midrange offerings to come, but a new spec leak from a fairly reliable Twitter leaker has me seriously questioning what the company is thinking.
For starters, it's important to qualify spec leaks like this since Nvidia hasn't announced anything yet, and any "leaks" online need to be taken with a grain of salt. But kopite7kimi has been fairly on point in the past, so these specs can't be written off entirely either.
RTX 4060 still uses PG190. AD107-400-A13072FP328G GDDR6 18Gbps115W24M L2I will try to remain neutral about any leaks in the future. 😁😁😁February 13, 2023
See more
For starters, the RTX 4060 looks like it'll be using the AD107 GPU, which is a step down from the AD106 that we would expect to see in the RTX 4060, since the RTX 3060 used the GA106 GPU. Even the RTX 3050 8GB used a cut down GA106 GPU, so the AD107 GPU would appear to be a regression here.
What's more, the purported RTX 4060 specs (as well as some of our back-of-the-napkin calculations) are nearly identical to the RTX 4060 Mobile specs for which we have official numbers for comparison.
As you can see, the biggest difference in the leaked specs from the confirmed RTX 4060 Mobile is the large downgrade in the number of streaming multiprocessors going off the CUDA core count, from 3,584 in the RTX 3060 and 3,072 in the RTX 4060 — a 14.28% decrease. Without the decrease, this falls light-years short of the best graphics card in Nvidia's lineup, the RTX 4090, and comes in at just north half that of the RTX 4070 Ti, so the decrease in core count here is going to limit the RTX 4060's potential.
There is also the matter of the slightly higher effective memory clock over the RTX 4060 Mobile, which gives the RTX 4060 desktop a 12.5% increase in memory bandwidth, but otherwise it's more or less the same on the memory front as its mobile variant.
A key unknown right now is what the final base and boost clock speeds will be for the RTX 4060, but given that the Nvidia Lovelace architecture is a 4nm process versus Nvidia Ampere's 8nm process, we expect base clock speeds north of 2,000MHz, with the boost clock possibly upwards of 2,500MHz if the roughly 56% faster base clock and 48% faster boost clock gen-on-gen pattern for the RTX 4090 and RTX 4080 hold for the RTX 4060.
Two reasons these specs have me worried
(Image credit: Giphy)
First, let me start with this: the decrease in streaming multiprocessors and CUDA cores isn't that big of a deal. With 128 CUDA cores per SM, the leaked specs mean a decrease from 28 SMs in the RTX 3060 to 24 SMs in the RTX 4060. A 14.28% drop in tensor cores and ray tracing cores isn't great, but also consider that these are fourth-gen tensor and third-gen ray tracing cores. They are simply much, much better than Ampere's third- and second-gen cores, respectively, so they will actually perform better despite there being fewer of them.
What does worry me though is the memory. 8GB VRAM at this stage is rather paltry, and while this technically should be a high-end 1080p graphics card, given how well the RTX 4070 Ti handles 4K and how well the RTX 3060 Ti manages with 1440p gaming, we would hope that the RTX 4060 would be a solid candidate for the best 1440p graphics card. Given its specs though, I'm doubtful.
The problem here is that 8GB VRAM is just fine for 1080p, since the size of texture files that can quickly fill up VRAM are much smaller than they are at 1440p or 4K. And while the RTX 3060 Ti also had 8GB GDDR6 VRAM, it also had a much wider memory bus (256-bit), giving it an effective memory bandwidth of 448.0 GB/s.
That's more than enough to get 1440p textures efficiently loaded up and processed despite the smaller VRAM pool, while the RTX 3060 had 50% more VRAM (12GB) and a larger memory bus (192-bit), so it clocked in with a 360.0GB/s memory bandwidth, also giving it some decent-ish 1440p performance. The RTX 4060, meanwhile, looks like it will have a much lower memory bandwidth, so larger textures at 1440p are going to bottleneck much faster, limiting 1440p performance and pretty much restricting this card to 1080p gaming.
There's also the matter of it using the same base GPU as the RTX 4060 Mobile. We haven't been able to test the RTX 4060 Mobile for ourselves yet, but normally the mobile chips are about a tier to a tier-and-a-half lower than their desktop counterparts in terms of the GPU used (so the RTX 4090 desktop's AD102 is a tier up from the RTX 4090 Mobile's AD103), while also being cut down versions of those chips.
The RTX 4060 Mobile is definitely a cut down variant of the AD107, but if the RTX 4060 desktop card is also an AD107, then you definitely can't expect too much more performance out of the desktop version than you'd get with the mobile GPU. That's not great for desktop gaming, even at 1080p.
Still, there's one big reason these specs might be good news for gamers
(Image credit: Roman Samborskyi / Asus)
While all of this might be bad news for gamers in terms of performance, there is a sliver of hope here, and that's price. If Nvidia was going to try to make a RTX 4060 that is aggressively priced (I'm thinking less than $300/£300), then the trade off here wouldn't just be justified, it might very well be what gamers are calling for.
Most gamers are still gaming at 1080p, according to the Steam Hardware Survey with a growing number upgrading to 1440p at most. While the memory constraints don't bode well for 1440p gaming, getting an affordable graphics card into the hands of gamers where they're currently at would definitely be something to celebrate.
A lot of gamers are also still running GTX era GPUs, so the performance upgrade with an RTX 4060 will still be substantial enough that I'm sure a lot of gamers aren't going to care about how much better it could be with an AD106 GPU, and in the end, that's really all that should matter — especially if Nvidia can get the pricing on this card right.
from TechRadar - All the latest technology news https://ift.tt/key7wJ9
After a delay of several months, the first air-conditioned double-decker electric bus in the country was inducted into the fleet of BEST — the civic transport public body in Mumbai, on Monday, officials said. The wet-leased e-bus will be registered at the Regional Transport Office before it hits the road for the public. This bus is likely to ply on the routes in sub...
