Tag Archive for: SURPRISE

Pixel 4a 5G and Pixel 5 get surprise final updates


Google Pixel 4a 5G standard back image

David Imel / Android Authority

TL;DR

  • There are new Android updates for the Pixel 4a 5G and the Pixel 5.
  • The update is small (just over 10MB) and likely just security updates and bug fixes.
  • This is unexpected, as both phones reached end-of-life status in November 2023.

Earlier this week, Google rolled out the latest Android security patch to active Pixel devices. As expected, the oldest phone to receive that patch was the Google Pixel 5a, which launched in August 2021. However, now there are two updates for other, older Pixel phones: the Pixel 4a 5G and Pixel 5.

You can find the two updates on Google’s list of OTA releases. However, you don’t need to download them from there if you’re not in a rush. Since this is an OTA update, you’ll get a notification on your Pixel 4a 5G or Pixel 5 in the next few days if you haven’t already.

Unfortunately, Google is being very secretive about what’s included with these updates. Thanks to a Reddit thread, we see that the update is very small at just over 10MB. It doesn’t include a new security update, as it’s still on the November 2023 patch. Being that it’s so small and doesn’t have the latest fixes, we can only imagine this is an update that specifically addresses critical bugs or security risks for these two phones. However, for what it’s worth, one Redditor does claim that their phone feels “snappier and smoother” after the update.

Google has been known to do this in the past. When incredibly critical security exploits are found, the company pulls Pixels out of update retirement to get the fix out there. However, this rarely includes new features or other dramatic changes.

Source…

Ukraine’s cyber chief comes to Black Hat in surprise visit • The Register


Black Hat In Brief Victor Zhora, Ukraine’s lead cybersecurity official, made an unannounced visit to Black Hat in Las Vegas this week, where he spoke to attendees about the state of cyberwarfare in the country’s conflict with Russia. The picture Zhora painted was bleak.

Zhora, who is the deputy director of Ukraine’s State Service of Special Communications and Information Protection, said cyber incidents in the country have tripled since February, when Russia invaded. 

Zhora told attendees that Ukraine had detected over 1,600 “major cyber incidents” so far in 2022, but reports don’t include elaboration on how such incidents are classified. A number of huge incidents happened between March and April, Zhora said, including discovery of the “Industroyer2,” an apparent successor to the Industroyer malware discovered in 2017.

Industroyer was a particularly nasty strain that was able to control electrical substation software and cause power blackouts, as well as damage equipment. Ukraine was hit by a similar malware called BlackEnergy in 2015.

Online attacks against Ukraine were a common tactic in the leadup to Russia’s invasion of the country in late February he said. DDoS attacks took many of Ukraine’s government agencies offline, and new malware strains were discovered in the leadup to the invasion as well. 

The Russo-Ukraine conflict has had global cybersecurity implications, including leading to a large spike in data-wiping malware, of which six significant new strains have been found this year.

Fortinet, which reported the jump, said it hadn’t uncovered more than one significant file wiper a year since 2012, and several years when it didn’t spot a new one at all. Of the strains discovered in 2022, all have been used against Ukrainian infrastructure and organizations – in other words the gloves are off. 

Back at Black Hat, Zhora…

Source…

Surprise! Galaxy S8 gets updated with November Security Patch – Phandroid


It should come as no surprise, but Samsung officially stopped supporting the Galaxy S8 and S8 Plus earlier this year. This means there will be no more major Android releases, and we expected there to be no more security patches. But according to SamMobile, that’s not the case.

A surprise update is rolling out to owners of the best phone from five years ago. The update carries a version number of G95xFXXUCDUK1 and seems to be rolling out to devices in France first before arriving in other regions.

The update doesn’t add any new features, and you definitely won’t find your old phone sporting One UI 4. Instead, this update includes the November security patch, along with patching various privacy vulnerabilities.

While we haven’t seen the update arrive in other regions just yet, you can manually check for an update by heading into the Settings app and tapping Software Update. If the update is available, you’ll be prompted to download and install it.

Unless Samsung surprises us with another security patch for December, this is likely the final update we’ll see some to the Galaxy S8 and S8 Plus. Let us know if you’ve received the update and if there are any changes that were not initially revealed.

Source…

This new hacking group has a nasty surprise for African, Middle East diplomats


A recently-discovered advanced persistent threat (APT) group is targeting diplomats across Africa and the Middle East. 



map


© ZDNet


Revealed on Thursday by ESET researchers, the state-sponsored group, dubbed BackdoorDiplomacy, has been linked to successful attacks against Ministries of Foreign Affairs in numerous African countries, the Middle East, Europe, and Asia — alongside a smaller subset of telecommunications firms in Africa and at least one charity outfit in the Middle East.

Loading...

Load Error

BackdoorDiplomacy is thought to have been in operation since at least 2017. The cross-platform group targets both Linux and Windows systems and seems to prefer to exploit internet-facing, vulnerable devices as an initial attack vector. 

If web servers or network management interfaces are found which have weak points, such as software vulnerabilities or poor file-upload security, the APT will strike. In one case observed by ESET, an F5 bug — CVE-2020-5902 — was used to deploy a Linux backdoor, whereas, in another, BackdoorDiplomacy adopted Microsoft Exchange server bugs to deploy China Chopper, a webshell. 

Once they have obtained entry, the threat actors will scan the device for the purposes of lateral movement; install a custom backdoor, and deploy a range of tools to conduct surveillance and data theft. 

The backdoor, dubbed Turian, is thought to be based on the Quarian backdoor — malware linked to attacks used against diplomatic targets in Syria and the US back in 2013.

The main implant is capable of harvesting and exfiltrating system data, taking screenshots, and also overwriting, moving/deleting, or stealing files. 

Among the tools used is network tunnel software EarthWorm; Mimikatz, NetCat, and software developed by the US National Security Agency (NSA) and dumped by ShadowBrokers, such as EternalBlue, DoublePulsar, and EternalRocks. 

VMProtect was used in most cases to try and obfuscate the group’s activities. 

Diplomats may have to deal with sensitive information handed over through removable drives and storage. To widen the scope of its cyberespionage activities, BackdoorDiplomacy will scan for flash drives and will attempt to copy all files…

Source…