Unisoc is actively capturing the market for single-chip systems, although it does so exclusively in the budget segment itself. However, it turned out that these platforms have a critical vulnerability.
According to the source, the problem is in the modem’s firmware and affects both 4G and 5G platforms. The vulnerability, numbered CVE-2022-20210, was discovered while scanning Non-Access Stratum (NAS) message handlers. This vulnerability could be used to neutralize or block the device’s cellular capabilities.
The vulnerability was first discovered in the Motorola Moto G20 smartphone based on the Unisoc T700 SoC. But in the end it turned out that the same vulnerability occurs in other platforms, however, the source did not provide a list.
The Check Point specialists who discovered the vulnerability notified Unisoc back in May, and the company has already released a fix, so smartphone owners should not worry now if they update the software of their devices.
Microsoft has released a new version of Windows 11: a new widget panel, copying security codes, improved “Settings” and more
Microsoft has released a major functional update for the Windows 11 operating system. It brings an extensive list of innovations and improvements to various aspects of the system.
Windows 11 22H2 Moment 3 (KB5026446) is currently available as an optional update, but these changes will also be included in the mandatory Patch Tuesday in June.
One of the main features is the new look of the widget panel with three columns – with two columns for news and one for widgets. Microsoft has also included animated icons for widgets on the taskbar. Another big change is the ability to copy security codes from notifications, so if you use two-factor authentication and receive notifications via email (or SMS from your phone), you can immediately copy this code to your clipboard.
The Settings app now has a USB4 page where you can manage docking stations and connected devices. There’s also now a Presence Privacy Settings page that gives you more granular control over features like wake up your PC when approached or lock when you leave. There are also additional settings for brightness, touch keyboard. The Accounts page has also been updated to accurately display the available storage for all of a user’s OneDrive subscriptions.
In File Explorer, context menus now support access keys. Accessibility has also been improved, including support for live subtitles in more languages, as well as support for voice access in more English dialects.
Taskbar improvements include displaying VPN status, and in response to user feedback, there is now an option to display seconds on the clock on the taskbar. The update brings an extra layer of protection against phishing and insecure passwords, and adds support for Bluetooth Low Energy Audio.
This is not a complete list of changes that Windows 11 22H2 Moment 3 brings. There are also improvements that are less noticeable to users, as well as a number of bugs, crashes and shortcomings.
Telegram has a vulnerability that allows attackers to use the MacBook’s camera and microphone
Google engineer Dan Reva has discovered a vulnerability in Telegram for macOS that allows attackers to use the laptop’s camera and microphone.
The vulnerability allows to inject a dynamic library (Dylib) with a malicious exploit into Telegram on macOS. With it, attackers will be able to record video from a camera with sound and save the file to a hidden folder on a Mac. Moreover, video and audio recording will work even if the corresponding permissions are disabled.
This is possible because Telegram for macOS does not use Apple’s built-in Hardened Runtime security mechanism.
Reva reported this issue to the Telegram team in February 2022. But the developers did not get in touch and still have not eliminated the vulnerability.
Cybercriminals hacked into a hardware crypto wallet lying in a safe: bitcoins worth 30 thousand dollars were stolen
Kaspersky Lab has discovered and studied a non-trivial cyber incident. The attackers managed to steal 1.33 bitcoins from a hardware wallet (at the time of the study, in the amount of $29,585). Moreover, the theft took place when the device, disconnected from the Internet, was in the owner’s safe.
According to experts, hardware wallets are considered a safer way to store digital assets than software “hot” wallets, since they need to connect separate USB devices to a computer to send cryptocurrency or interact with decentralized financial protocols.
To steal, the attackers had to physically open the device in advance, as well as make changes to the original firmware of the bootloader and the wallet itself. Externally, the hacked crypto wallet worked as usual, but the cybercriminals had already gained full control over it. The Lab said:
Instead of ultrasonic welding, the halves of the wallet were filled with glue and fastened with double-sided tape. In addition, another microcontroller with modified firmware and bootloader was installed instead of the original one. Thus, it turned out that the victim bought a hardware wallet that was already infected, and at the time of purchase, the factory packaging and holographic stickers looked intact and did not arouse suspicion.
The attackers removed the control of protective mechanisms from the firmware. Also, at the initialization stage or when resetting the wallet, a randomly generated seed phrase was replaced with one of 20 pre-created and saved in the fraudulent firmware. Thirdly, if the owner set an additional password to protect the master key, only its first character was used. Thus, in order to pick up the key to a particular fake wallet, the attackers had to go through a total of 1280 options.
Stanislav Golovanov, cybersecurity expert at Kaspersky Lab, explained:
Although hardware wallets are considered one of the safest ways to store cryptocurrencies, attackers have found a way to hack them by selling infected or fake devices. Such attacks can be avoided. We strongly recommend purchasing such devices only from official and trusted sources in order to minimize the risks.
It will not be an iPhone 16 Pro Max, but almost a tablet. A well-known insider confirmed the increase in screen sizes in the new iPhone
Well-known Bloomberg journalist and insider Mark Gurman confirmed the recently appeared information that in the iPhone 16 line, each model...
The Honor 90 Pro outperformed the Galaxy S23 Ultra and iPhone 14 Pro. Honor smartphone screen does not flicker at all
The fact that smartphones of the Honor 90 line will support an unprecedented PWM frequency of 3840 Hz has been...
31.5-inch 4K screen, Core i9-13900H and GeForce RTX 4050 Laptop in an ultra-slim design. Lenovo Yoga Air 32 is a unique all-in-one PC
Lenovo has introduced a rather remarkable all-in-one computer to the home market in China: Yoga Air 32 features a powerful...
27-inch, Full HD, 165Hz and AdaptiveSync support for $110. Redmi G27 budget gaming monitor unveiled
The Redmi G27Q monitor has appeared in the Redmi range. This is a budget gaming model with a 27-inch IPS...
Laptops7 days ago
3K screen, 360-degree opening, Intel Core i7, 32GB RAM, Bang & Olufsen sound system. HP Specter X360 14 laptop goes on sale in China
Laptops7 days ago
This is a brand new Redmi Book 14 2023. The laptop was shown from all sides right before the announcement
Phones6 days ago
Samsung is first again. Introduced smartphone screen that measures heart rate and blood pressure
Components7 days ago
Even the GeForce RTX 4090 can no longer cope with Cyberpunk 2077, and they are going to add a new Neural Radiance Caching technology for path tracing to the game