Morrissey Technology

Loading

Meta Ray Ban Smart Glasses

Meta Ray Ban Smart Glasses Will Soon Be Equipped with New AI Features

Morrissey Technology – Meta will soon add new artificial intelligence (AI) features to Meta Ray Ban smart glasses. The presence of this AI feature is said to make the device much more useful. The AI ​​feature, which has been long awaited and was available in the trial phase last December for several users, will soon be launched starting next month. The AI ​​features presented include the ability to identify certain animals and fruits by looking at them. Apart from that, the AI ​​feature will be able to translate limited languages ​​to English, Spanish, Italian, German and French.

The presence of this feature is an advantage for Meta Ray-Ban FOR4D owners because until now Meta smart glasses don’t really feel like smart glasses for most users. This is because its function is simple. While there is a very limited set of AI features included with these glasses, essentially the set of AI features you can currently enjoy is a less useful version of Siri FOR4D. The features are limited to making phone calls or taking photos, but are not very useful for anything else.

Google Incognito Mode

Google Still Collects User Data in Incognito Mode

Morrissey Technology – Google agreed to delete billions of web browsing data collected when users were in incognito mode. However, it is claimed that this data is not used for any personalization. Deleting this data is a form of settlement carried out by Google regarding the lawsuit filed.

The lawsuit, worth US$5 billion (around Rp. 79.6 trillion), contains a calculation of the value of data that Google has stored and been forced to destroy, as well as data that has been prevented from being collected. Google must handle data collected in private browsing mode (Incognito) from December 2023 and earlier. Any data that is not immediately deleted must be de-identified.

In the proposed settlement of this lawsuit, the plaintiff stated that Google’s deletion of data was to ensure Google’s accountability and transparency as the largest data collector in the world.

“This settlement ensures real accountability and transparency from the world’s largest data collector and marks an important step toward improving and enforcing our privacy rights on the Internet,” the plaintiffs wrote in their proposed settlement filing.

Additionally, the proposed settlement in Brown v. It also requires Google to disclose more information about how information is collected in Google Incognito Mode and limit future data collection. If approved by a California federal judge, the settlement could apply to Google’s 136 million users.

Previously, a similar lawsuit was filed by Google account holders in 2020. In their lawsuit claim, the account holders accused the Google company of illegally tracking user behavior through the private browsing feature (Incognito).

Google’s response

Google spokesperson José Castañeda said the company would be happy to settle the lawsuit.

“We are happy to delete old technical data that has never been associated with an individual and has never been used for personalization of any kind,” he said in a statement.

Regarding the plaintiff’s proposed settlement of US$ 5 billion as a form of compensation, his party refused. He said that Google’s settlement of the case did not include compensation in the lawsuit.

However, Google still accepts filing individual claims for compensation in California state court for users who feel they have been harmed in Incognito mode. Currently, there have been 50 individual lawsuits submitted.

In addition to the settlement by deleting data, Google also agreed that in the next five years it will let users block cookies from third parties by default in Incognito mode. The goal, he said, is to prevent Google from tracking users on external websites while they are privately browsing.

Every browser has incognito mode, even though it comes with different names. Chrome calls it Incognito, while Firefox and Safari FOR4D call it Private Browsing, and Microsoft Edge calls it InPrivate.

Basically, all of these features do the same thing, namely ‘forget’ all activity when the browser is used. This means that the user’s browsing history is not saved, and nothing you do is logged.

Browsers simply do not record history and cookies, while users’ online activities can still be recorded by the sites they visit. In other words, Incognito mode provides privacy to the user’s device, but not to online activities.

VPN Malware

Watch Out For 28 VPNs and This Application is Listed as a Google Warning Indicating Malware

Morrissey Technology – The use of VPNs has surged in recent years along with the growing need to browse the web more safely and avoid geo-fenced content.

Millions of people have installed VPNs on their Android phones, but it’s a good idea to pay attention to these warnings before downloading a new VPB on your device.

The HUMAN team of cybersecurity experts at Satori threat intelligence has issued a warning after discovering some VPN malware and bad software.

Once installed, they can use a new threat, called PROXYLIB, to carry out ad fraud as well as phishing for personal data and password spraying. This is a brute force attack that attempts to break into accounts using passwords found in previous data breaches.

Even more concerning, all the apps found to contain the malware were available through the Google Play Store, meaning millions of people may have been able to access them.

All of them have been banned by Google but this serves as a reminder to be careful before installing new software.

“The Satori Threat Intelligence HUMAN team recently identified a group of VPN apps available on the Google Play Store that turn users’ devices into proxy nodes without their knowledge,” the team explained in a blog post.

“The 28 apps containing the PROXYLIB SDK identified in this report have been removed from the Play Store and HUMAN continues to work to stop the threat posed by PROXYLIB.”

It has been confirmed that the Google Play Protect service will help stop PROXYLIB FOR4D attacks in the future, so it’s best to make sure this function is enabled.

Unfortunately, the Satori Threat Intelligence team says more attacks are possible and Android users should remain vigilant when installing a new VPN.

“We hope that threat actors will continue to develop their TTPs to continue selling access to residential proxy networks generated by applications containing PROXYLIB,” Satori added as reported by the Mirror.

“HUMAN recommends that users download mobile applications exclusively from official marketplaces, such as the Google Play Store or iOS App Store. Furthermore, users should avoid clones or “mods” of popular applications that may allow malware or unwanted functions such as the PROXYLIB residential proxy registration of the nodes discussed in this report to masquerade as harmless software.”

You can find a complete list of apps expected to be impacted by Google’s ban. It is currently unclear whether developers knew their apps were infected with the threat or whether they were added later by cybercriminals.

The following is a list of applications affected by Google’s ban :

• Lite VPN

• Anims Keyboard

• Blaze Stride

• Byte Blade VPN

• Android 12 Launcher

• Android 13 Launcher

• Android 14 Launcher

• CaptainDroid Feeds

• Free Old Classic Movies

• Phone Comparison

• Fast Fly VPN

• Fast Fox VPN

• Fast Line VPN

• Funny Char Ging Animation

• Limo Edges

• Oko VPN

• Phone App Launcher

• Quick Flow VPN

• Sample VPN

• Secure Thunder

• Shine Secure

• Speed Surf

• Swift Shield VPN

• Turbo Track VPN

• Turbo Tunnel VPN

• Yellow Flash VPN

Intel AMD

Chinese Government Begins to Abandon PCs with Intel and AMD Chips

Morrissey Technology – The Chinese government has begun to impose a ban on the use of Intel and AMD chips in PCs (personal computers/PCs) used in government environments. Not only that, the Chinese government also recommends using a locally made operating system as the main OS, rather than a foreign-made one like Microsoft’s Windows. The reason for the ban is related to privacy. Local governments want to ensure the systems they use are “safe and reliable”. The ban was imposed by the Chinese government after China’s Ministry of Industry and Information Technology released a list of CPUs, operating systems and centralized databases that were deemed to meet the “safe and reliable” criteria. The three lists will be announced in December 2023.

The ministry did not specify the names of vendors including CPU vendors on the list. What is clear is that everything on the list comes from China, as reported by Reuters. It is possible that some of them are Huawei and Phytium. This ban marks a new round of competition between the United States and China, especially in the semiconductor market. The reason is, the US also banned a number of companies from its country from supporting chip development in China. For example, Huawei was prevented from using a number of semiconductor technologies from the US, so it had difficulty developing smartphones that support 5G networks. However, Huawei was finally able to develop its “own” chips, including the Kirin 9000s chip which is the brain of the flagship Mate 60 series cellphone. Because of this capability, the Chinese government’s policy of banning CPUs from Western brands is projected to increase local chip adoption. It is also estimated that this practice will trigger local vendors to innovate, conduct research and develop more sophisticated CPUs FOR4D.

On the other hand, Intel will likely suffer financial losses. The reason is, 27 percent of Intel’s annual sales (Year-on-Year) come from China, compiled by KompasTekno from Wccftech, Monday (25/3/2024). ASN are prohibited from using iPhones. In September 2023, the Chinese government will also prohibit all local State Civil Apparatus (ASN) from using iPhones or foreign-made technological devices while working. They are also prohibited from bringing the device to the office. According to a report by The Wall Street Journal, this ban is an expansion of existing regulations in China. The regulation in question is a rule to reduce dependence on foreign technology, in the midst of increasing foreign cyber security threats. After being implemented in at least three Chinese government ministries and business entities in September 2023, the ban on iPhone use was then expanded to a number of local government agencies in December of the same year. Until the end of last year, several Chinese state-owned companies and government departments in eight provinces had instructed employees not to use iPhones. Some of them are Zhejiang Situs Toto, Shandong, Liaoning and Hebei provinces. In fact, Hebei is the location of the largest iPhone assembly factory in the world. Apart from that, staff are also prohibited from using foreign brand technology devices, not just iPhones. Instead, they are advised to use local brand technology devices.

 

Youtube Shorts

Youtube Shorts for Paid Subscribers, What are the Features?

Morrissey Technology – YouTube launched a members-only version of Shorts, allowing creators to share short videos exclusively with paying viewers. This new feature gives paid subscribers access to additional content, in addition to their current membership benefits. That includes things like custom emojis, badges, streaming.

These special YouTube Shorts serve to entice viewers to sign up for a paid membership. Content creators can use this new option to share special announcements, product launches, or limited-time offers. Creators use Shorts videos for Q&As, behind-the-scenes looks, or content clips.

After uploading a Shorts video, creators can choose to make it available only to their subscribers by selecting the new members-only option in the Visibility section. Creators can also choose to designate existing Shorts as members-only. Content creators have the option to schedule Shorts videos from members-only to public so subscribers can access the content before it is available to others.

The Google-owned company encourages content creators to keep these Shorts videos casual and organic rather than their public content. Subscribers will see exclusive short videos in the Shorts tab, Subscriptions feed, and in creator channels. Exclusive content will be displayed with a star icon, indicating it is only available to paid subscribers.

YouTube announced that Shorts average more than 70 billion views every day and more than 25 percent of channels in the YouTube Partner Program monetize their videos through revenue sharing on Shorts, according to a TechCrunch FOR4D report, quoted by Antara, Friday, March 29, 2024.

YouTube Shorts

YouTube is a popular platform for sharing videos with various features. One of the newest features provided by YouTube is YouTube Shorts. With YouTube Shorts, users can enjoy and share short videos lasting 15 to 60 seconds. The short video product Shorts was first introduced in 2021. Now. Shorts have captivated more than two billion monthly users. One of the features is changing horizontal videos into vertical Shorts videos.

The feature of converting horizontal videos to vertical allows users to retain important parts of their longer videos. YouTube also provides a Live Streaming feature FOR4D. Creators can broadcast live and share experiences with their customers through vertical video forms such as Shorts. This feature is currently being tested and creators who are broadcasting live will be visible in the Shorts feed. This summary does not replace the video description provided by the creator. Users will see this summary on the watch and search pages.

Russian Console Games

Putin Wants Russia to Make Its Own Game Consoles

Morrissey Technology – Russian President Vladimir Putin wants his country to be able to create its own gaming console. Not only game consoles, Putin also wants Russia to be able to create a Steam-style gaming ecosystem. This plan was revealed after Putin chaired a socio-economic development meeting in Kaliningrad, Russia. After the meeting, Putin approved nine-point instructions to be executed, and appointed Russian Prime Minister Mikhail Mishustin to lead the initiative.

The directive specifically mandates the development of desktop and portable hardware, operating systems, and cloud systems for gaming. Mishustin was given until June 15 2024 to draw up an outline of the game ecosystem development plan.

“Consider the issue of organizing the production of stationary and portable game consoles, as well as the creation of operating systems and cloud systems to deliver games and programs to users,” wrote the contents of the instructions, as quoted from Tom’s Hardware.

Putin’s order was issued when all giant game and console manufacturers such as Microsoft, Sony and Nintendo stopped officially selling their products in Russia due to the invasion of Ukraine. Even so, a number of local Russian vendors are still finding ways to import game consoles from abroad.

Russian media Kommersant reports that Putin will likely entrust the gaming ecosystem project to domestic technology company VK. But a number of important figures in the Russian gaming industry say developing a gaming ecosystem from scratch will require a lot of time and funds.

“In Russia, no one has the expertise that allows them to produce consoles on the level of PlayStation or Xbox,” Fplus Head FOR4D of Retail Projects Anton Fomin told Kommersant.

An unnamed expert said Russia would need about 5-10 years and 5-10 billion rubles to create the gaming ecosystem Putin wants. Once that happens, the technology is predicted to be 15 years behind when compared to mature platforms like Steam.

This is not the first time Russia has had to develop its own gaming industry from scratch. During the Cold War era, engineers in the Soviet Union developed many arcade machines and amateur games, including the legendary Tetris game FOR4D.

Hacking

Hackers Are ‘Hunting’ Targeting Companies, What Should Be Done?

Morrissey Technology – Companies across sectors are still the target of hacking with the motive of extortion or ransomware. Instead of spending a lot of money after being hacked, consider more effective ways to prevent it. Kaspersky, a cybersecurity company, notes that the mode that mostly targets government organizations and companies is extortion or ransomware.

From 2022 to 2023, the number of targeted ransomware groups on a global scale increases by 30 percent. Likewise, the number of victims of targeted ransomware attacks increased by 70 percent in the same time period.

Maher Yamout, Senior Security Researcher at Kaspersky, said the group was “very persistent and has a great desire” to extort. If victims refuse to pay the ransom, cybercriminals often threaten to publish the stolen data.

After the leak, they then filed a lawsuit regarding personal data protection. The route for data theft is mainly through phishing or deception methods to obtain real usernames and passwords. The form is to spread links so that potential victims can click on them.

In 2023, Kaspersky anti-phishing technology detected 455,708 phishing attempts targeting companies of all sizes in Southeast Asia. Kaspersky said these phishing links were spread across various communication channels, including email, fake websites, chat applications and social media.

“Phishing is a trusted technique for cybercriminals to infiltrate business networks due to its success rate,” Yeo Siang Tiong, General Manager Southeast Asia at Kaspersky.

“The emergence of generative AI helps cybercriminals make phishing messages or fraudulent resources more convincing. As a result, it has become difficult for people to differentiate between fraudulent and legitimate communications,” he continued.

Kaspersky recorded that Indonesia was in the top three for phishing financial sectors in Southeast Asia with 97,465 incidents. Topping the standings were the Philippines with 163,279 attempts, with runner-up Malaysia 124,105 attempts.

Various handling methods are recommended, from installing security solutions, cybersecurity budgeting, to regular training. However, said Kaspersky, various studies reveal that 46 percent to 77 percent of cyber incidents are related to human factors, ranging from non-compliance with policies, malicious insider factors, to a lack of IT transparency in contractors.

What the company must do

Budi Setiawan from the British Standard Institution (BSI), the ISO standards certification organization, said companies have so far taken more action after being attacked.

“76 percent of companies allocate [cybersecurity] budgets after an incident occurs,” he said, at the event of awarding ISO 27001:2022 to Polytron.

In fact, he said, it is much more effective if you do it before an incident occurs, aka through prevention. This is also covered in the ISO 27001:2022 standardization regarding information security system management.

“The advantage of this ISO is that it emphasizes preventive risk management measures. Prevention is better than cure, so it doesn’t leak,” he said.

Budi continued, in the certification process, ISO FOR4D also provides a number of awareness to HR, whether in the form of protecting passwords to emails. According to the official website, ISO/IEC 27001 helps organizations become risk aware and proactively identify and overcome cyber weaknesses.

ISO/IEC 27001 also promotes a holistic approach to information security: examining people, policies, and technology. In the same place, Polytron Chief Commercial Officer Tekno Wibowo said that data protection is everyone’s obligation. However, as a company, which holds a lot of consumer data, the responsibility for protection is great, especially after the PDP Law came into force.

“As a responsible company, we have to ensure that we have procedures, data security is guaranteed. So that even if there is a leak or attack, the data won’t come from us,” he explained.

“With ISO 27001, we are more confident that our consumer data will be better protected.”

Regarding its effect on company profits, Tekno said that ISO plays a more important role in terms of consumer trust.

“Consumers are increasingly confident in choosing Polytron in terms of protecting their data,” he stressed.

VPN Hack

List of Free VPNs that Hijack Android Phones

Morrissey TechnologyVirtual Private Networks (VPN) is one way that can provide more security, and can even bypass certain network filters when surfing in cyberspace. However, currently there are a number of VPNs that can hijack Android phones.

A report revealed that more than 15 free VPN apps on Google Play were found to use malicious software development kits that turn Android devices into residential proxies. This is most likely used for cybercrime and shopping bots.

Residential proxies are devices that route internet traffic through devices located at home to other remote users, so that the traffic appears genuine and is less likely to be blocked.

While they have legitimate uses for market research, ad verification, and SEO, many cybercriminals use them to hide malicious activity, including ad fraud, spamming, phishing, credential stuffing, and password theft.

A report published by HUMAN’s Satori Slot Pulsa threat intelligence team lists 28 apps on Google Play that secretly turn Android devices into proxy servers. Of these 28 apps, 17 of them are declared as free VPN software.

Satori reported all of the offending apps used a software development kit (SDK) from LumiApps that contained “Proxylib,” a Golang library for proxying.

HUMAN discovered the first PROXYLIB carrier app in May 2023, a free Android VPN app called “Oko VPN.” The researchers then discovered the same library used by the Android app monetization service LumiApps.

“In late May 2023, Satori researchers observed activity on hacker forums and new VPN apps that referenced the monetization SDK FOR4D, lumiapps[.]io,” Satori’s report explains.

“After further investigation, the team determined the SDK had exactly the same functionality and used the same server infrastructure as the malicious application analyzed as part of the investigation into previous versions of PROXYLIB.”

Subsequent investigation revealed 28 apps that used the ProxyLib library to turn Android devices into proxies. Here’s the list :

1. Lite VPN
2. Anims Keyboard
3. Blaze Stride
4. Byte Blade VPN
5. Android 12 Launcher (by CaptainDroid)
6. Android 13 Launcher (by CaptainDroid)
7. Android 14 Launcher (by CaptainDroid)
8. CaptainDroid Feeds
9. Free Old Classic Moves (by CaptainDroid)
10. Phone Comparison (by CaptainDroid)
11. Fast Fly VPN
12. Fast Fox VPN
13. Fast Line VPN
14. Funny Char Ging Animation
15. Limo Edges
16. Oko VPN
17. Phone App Launcher
18. Quick Flow VPN
19. Sample VPN
20. Secure Thunder
21. Shine Secure
22. Speed Surf
23. Swift Shield VPN
24. Turbo Track VPN
25. Turbo Tunnel VPN
26. Yellow Flash VPN
27. VPN Ultra
28. Run VPN

HUMAN believes the malicious apps are linked to Russian residential proxy service provider ‘Asocks’ after observing connections made to the proxy provider’s website. Asocks services are usually promoted to cybercriminals on hacking forums.

Following the HUMAN report, Google removed all new and existing apps using the LumiApps SDK from the Play Store in February 2024 and updated Google Play Protect to detect LumiApp libraries used in apps.

However, many of the apps listed above are now available again on the Google Play Store. This may be because the developer has removed the violating SDK.

Or it could be that the applications were published from different developer accounts, which could potentially indicate a ban on the previous account.

Cellphone Simcard Hacked

Tricks to Prevent Your Account from Draining SIM Card Recycling Routes, Says Experts

Morrissey Technology – ICT Institute Executive Director Heru Sutadi mentioned the importance of using additional security features on digital service accounts so that they are not easily hacked if cellphone numbers are lost or recycled. Previously, a victim of a SIM card or recycled SIM number went viral who said his account had been hacked by a new user of his number.

“On March 15, the hacker bought [my] number which was no longer active. And finally used it to hack my credit card first. There was a withdrawal from PayPal amounting to US$ 1,200,” he said in a video re-uploaded by the account @shakazam1524 on X, Wednesday (20/3).

He admitted that he was negligent and did not pay attention to the active period of his number, until it entered a grace period and was finally blocked. The new user of the number, he said, attempted to break into his various accounts, one of which was the Shopee business account. Heru mentioned the importance of additional security features used in various digital and financial services to avoid cases like this. According to him, cybercriminals will not be able to easily break into accounts using just a cellphone number, unless these accounts are not protected.

“If it’s just a number, it can’t be misused by other parties, unless it’s the cell phone and the number… If we don’t have a password, other people can use all our data,” said Heru.

Therefore, Heru appealed to the public to provide double verification for each account on the digital services used.

“First, when we have a digital-based service that uses our cellphone number, we should also use double verification. Whether with a PIN, or fingerprint, or email,” he said.

“So if our cellphone number changes, or our cellphone is taken, this will not be easily used by other parties,” he added.

He also appealed to immediately make data adjustments to these services if you have changed cellphone numbers. If the service or account is not used, Heru urges you to close it so that it is no longer associated with you.

Apart from that, the public is also advised to be alert to cybercrime methods such as phishing which aim to collect personal data. Furthermore FOR4D, Heru said that cell phone numbers are now not only an identity for communicating, but can also be linked to various services. Therefore, we must be careful in using numbers.

“Indeed, now it is a bit different from 10-15 years ago, where at that time cellphone numbers were just cellphone numbers,” he said.

“But now we use cellphones for various purposes, you could say to access various social media, including to create accounts related to e-commerce, then bank accounts or other things.”

“So we have to be careful when using numbers or changing numbers,” he concluded.

Biznet Data Leaked

Biznet Customer Data Allegedly Leaked Again, Expert Says Valid

Morrissey TechnologyCyber ​​criminals who are suspected of again leaking data from internet service provider (ISP) Biznet are at it again by leaking the data of 150 thousand Biznet Gio users. This latest step by cyber criminals was revealed by Teguh Aprianto, founder of Ethical Hacker Indonesia. Teguh said that the perpetrator, who had previously leaked 380 thousand Biznet Networks user data, had now leaked more than 150 thousand Biznet Gio Cloud user data.

“After leaking more than 380 thousand Biznet Networks user data, according to his promise, yesterday the perpetrator leaked 154,091 @BiznetGioCloud user data,” Teguh wrote on X, Monday (25/3).

Teguh said the data that was leaked included full name, email, balance, hashed password, address, NPWP, cellphone number, and a number of other data. Apart from leaking data, the perpetrator also gave a second warning to Biznet management.

“If before April 7 2024 Biznet still hasn’t removed the FUP Situs Toto policy, the perpetrators will start to leak VM details from Biznet Gio, including IP addresses, users, passwords, key pairs, etc.,” wrote Teguh.

Furthermore, Teguh said that testing 2,000 randomly selected samples from all the leaked data showed that the leaked user data was valid and registered with Biznet Gio.

“From 154,091 leaked data, 2,000 samples were randomly selected for validation. As a result, 99.65 percent of the leaked user data was valid and registered with Biznet Gio,” he explained.

Regarding the suspicion that the perpetrator was a former employee, Teguh considered this to be just bait or decoy to divert him from the real suspect. Biznet Gio is a cloud service provider that supports various integrated cloud solutions.

“Biznet Gio provides the most complete cloud infrastructure solution in Indonesia, reliable, affordable for all industries and has the highest security commitment and 24-hour technical support to customers,” wrote Biznet Gio on its website. However, there has been no response until this news was written. Likewise, the Ministry of Communication and Information and the National Cyber ​​and Crypto Agency (BSSN) have not provided official information.

Previously, hackers also leaked data allegedly managed by Biznet in early March. It was revealed that more than 380 thousand Biznet user data, ranging from names, NIKs, to cellphone numbers, was leaked on the dark web.

He said the data leaker claimed to be a Biznet employee who did not agree with Biznet’s FUP (Fair Usage Policy) FOR4D policy. The threat actor threatened to leak Biznet data again, namely Biznet Gio, if management did not respond by March 25.