This rumored OnePlus Pad 3 upgrade may just put the Samsung Galaxy Tab S10 Ultra to shame - Related to co-developed, security, friday,, review, fujifilm’s

Cyber Security Today, Week in Review for week ending Friday, April 26, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday April 26, 2024. From Toronto, I’m Howard Solomon.

In a few minutes David Shipley, head of Beauceron Security, will be here to discuss some of the biggest news of the past week. They include the latest developments in the ransomware attack on Change Healthcare, a vulnerability found in an abandoned open source project, the next step in Canadian cybersecurity legislation for overseeing critical infrastructure and the passing in the [website] of a law demanding China’s TikTok become Americanzied.

But before we get to the discussion here’s a review of other headlines from the past seven days:

The Top 10 countries hosting the greatest cybercriminal threats are led by the usual suspects: Russia, Ukraine and China. That’s . Others nations in descending order are the [website], Nigeria, Romania, North Korea, the United Kingdom, Brazil and India. The countries in the Cybercrime Index were ranked on the professionalism and technical skill of resident threat actors. Russia was easily ahead of number two Ukraine by more than 20 points.

A threat actor has been interfering with the software improvement mechanism of the eScan antivirus product. , the goal is to install backdoors and coinminers on corporate IT networks by substituting a maliicous improvement for a real one. Based in India, eScan is also sold in the [website], Latin America, Germany and Malaysia. The vulnerability was supposed to have been fixed last July. Avast says it is still seeing new infections, perhaps because some eScan software on corporate computers hasn’t been updated properly.

Among the continuing problems suffered by the city of Leicester, England from a ransomware attack seven weeks ago is the inability to shut some city street lights. A local news site reports the problem is a residue of having to shut municipal IT systems. The attackers stole and .

Some brands of booze in Sweden may be hard to get hold of this weekend because of a ransomware attack on a liquor distributor, the business has warned.

Pressure from police to block end-to-end encryption on common apps continues. Last week European police chiefs issued a statement urging governments and industry to stop allowing end-to-end encryption of apps and social media platforms. They say it will stop law enforcement from obtaining evidence for criminal charges. Others say end-to-end encryption protects privacy.

A veterinary clinic in Marysville, Kansas is notifying almost 26,000 consumers their data was stolen when the enterprise’s online payments page was compromised. Credit card data was among the information copied earlier this year.

The public school board of Buffalo, New York is notifying just over 19,000 people some of their personal information was seen by a hacker. The incident took place in February when two email accounts were accessed. Names, contact information and Social Security numbers could have been seen.

And the Catholic Diocese of Cleveland is notifying almost 10,000 people that personal data was copied when a hacker compromised an employee’s email account early this year or late last year. Information included names and Social Security numbers. You may recall last Friday I reported that the Catholic Diocese of Phoenix was notifying people of a data breach.

(The following is an edited transcript of the first of four topics in the discussion. For the full discussion play the podcast).

Howard: Joining me now from Fredericton, New Brunswick is David Shipley, CEO of Beauceron Security.

Let’s start with the latest from the February ransomware attack on Change Healthcare, a technology and payments provider to hospitals and clinics across the United States. On Monday parent enterprise UnitedHealth Group acknowledged that data stolen “could cover a substantial proportion of people in America.” That’s short for “this was a huge data breach.” Data stolen included protected health information or personally identifiable information, but not doctors’ charts or full medical histories. In addition, UnitedHealth told TechCrunch that a ransom was paid to the hackers “to do all it could to protect patient data from disclosure.” This lines up with states by an affiliate of the BlackCat/AlphV ransomware gang that Change Healthcare paid US$22 million to the gang — but the gang leaders took all of the money and didn’t pay the affiliate their cut. Meanwhile, a second ransomware gang, RansomHub, is posting data it says is from Change Healthcare. It isn’t clear if that was part of the original data theft or a new hack.

David Shipley: Keep in mind that the previous high water mark for a substantial proportion of the population was the Anthem Blue Cross breach in 2015 in which 80 million people’s records were stolen and resulted in a $117 million dollar class action settlement in which Anthem did not admit any wrongdoing. The attack was allegedly tied to nation-state level espionage and was quite sophisticated. But it was the pre-ransomware cowboy era , not the that we’re in now. So my thoughts are, this one is going to be massive.

Howard: What did you think about the UnitedHealth announcement and this whole ransomware attack — in particular where the AlphV/BlackCat gang seems to have taken all the money and then unveiled they were disbanding?

David: It’s not the first time bad actors have taken the money and run exit scams. I think what we’ve just discovered is number 1, when you cripple the healthcare system to the level that they just did, when you mess with the pharmacy for the [website] military, you start thinking, ‘Maybe it’s time to get out of Dodge.’ Yes, they are probably getting a whole lot of heat. So it made sense. Essentially these are little cockroaches, though. They just scurry they hide and then they reform and they come back again a rebranded group. But there’s still the awfulness.

What I’m dying to know is did UnitedHealth get the [data] unlock keys, because if they [AlphV/BlackCat] stiffed the affiliate and they ran with the money did they at least throw them [United Health] a bone so they can lock their data? Or did they just completely run? Even though healthcare data is the one area where I’ve given a hall pass on [allowing] paying ransoms, I kind of hope they didn’t give them the key because this might finally the nail in the coffin of people thinking, ‘Paying the ransom is the sanest option for our business.’.

Howard: I want to go back to the huge numbers [of potential victims]. This is 2024. Maybe organizations can’t stop every cyber intrusion but shouldn’t IT leaders know enough that that systems have to be segmented so that no more than a small chunk of data can be stolen?

David: I don’t necessarily disagree. But I think what you’re saying presumes that people can accurately simulate or test chains of consequences in the digital environment. That each on their own is not catastrophic. But when combined in very unique ways, boom! What do I mean by that? Let’s just take a story: A server that was in the testing environment that never got switched off on its own, probably not that big of a deal [if it’s compromised]. Take that server and now it’s actually in production, problematic if it’s not getting patched, if it’s being over-provisioned with way too much access. See Microsoft’s recent pain. Think if people knew things like that, where big glaring red alerts are, would they do something about it? They absolutely would act on it. I am completely convinced that we cannot accurately deal with this [cybersecurity] because of cyber chaos theory … We presume with great arrogance that we have control over increasingly complex opaque systems or systems-in-systems and that we can somehow get a handle on all the possible permutations and combinations that can lead to cyber attacks. See Microsoft’s two very painful breaches this year [as evidence] that even the biggest of us can’t do it.

Howard: Also on Monday the Wall Street Journal noted that whoever broke into Change Healthcare used a stolen username and password. That’s still a highly usable weapon [for threat actors].

David: Usernames and passwords have been in play in computing for 50-plus years. Mark my words they will be around for at least another 50 years. Change is hard in technology. Change is even harder in humans. We are not even through the beginning of the end chapter when it comes to passwords. This is why people, process and culture are the root of cyber events, not just technology.

Howard: Next Tuesday, UnitedHealth CEO Andrew Witty is scheduled to testify before a committee of the [website] House of Representatives. They won’t be in a good mood.

David: Grab your popcorn. But also in a certain sense UnitedHealth is paying the price that all of us have incurred by not demanding improved when it comes to cyber hygiene for critical infrastructure, by demanding increasingly digital systems and never anticipating the negative consequences that come from the use of technologies. As a species we have a damn near fatal blind spot when it comes to the risk side of technology. We are so overly hyper-focused on all the benefits all the rewards, all the gains, or all the coolness, of something bright and shiny that we never stop to think, ‘Just because we can do something doesn’t mean we should do something.’.

Howard: And this attack has been hugely expensive for the corporation. Last week UnitedHealth estimated that costs so far for remediating this mess is US$872 million. On top of that, it’s provided billions of dollars in advance funding and no-interest loans to healthcare institutions, their consumers, that were caught short when Change Healthcare systems had to be temporarily closed ….

David: Maybe the best thing that comes from that is that people will invest [in cybersecurity] because you know that $800 million remediation cost? We have a term for that: We call it ‘technical debt’ ….

Howard: What if they had spent, say, $10 million [more] on increased cyber security [before the attack]?

David: The lack of independent, academic peer-reviewed studies into root cause analysis [of incidents], like a CSRB [Cybersecurity Safety Review Board] analysis could point at that. That is the most crucial thing we’re missing. In this industry we love to haul around and scare the pants off people. “Six billion dollars is going to be lost to cybercrime!” But we don’t tell them how easy it could have been to avoid, or the massive amount of ROI [return on investment] that just comes from doing it [cybersecurity] proactively.

Nothing heeft de Nothing Phone (1) een nieuwe modification gegeven. Vorige maand werd Android 15 al verspreid naar de telefoon, nu komt er een extra modification.......

Since its original launch in 2022, the Kindle Scribe has always been the odd man out in the Kindle line-up. It’s w......

Samsung has shared new attributes coming to the Galaxy Buds 3 series with One UI 7. However, the organization has not answered questions about the One UI 7 u......

This rumored OnePlus Pad 3 upgrade may just put the Samsung Galaxy Tab S10 Ultra to shame

One of the key areas of focus for this tablet seems to be charging speed. Reports suggest a possible upgrade to 100W SuperVOOC charging, a notable leap from the Pad 2's 67W. This faster charging could be paired with a slightly larger battery, potentially exceeding 10,000mAh. While the battery increase may not be as dramatic as some smartphone upgrades, it's a noteworthy change for a tablet.

Furthermore, the processing power of the potential Pad 3 is also a point of interest. The Snapdragon 8 Elite processor is rumored as a possible upgrade from the 8 Gen 3 found in the Pad 2. This potential shift in processing could lead to enhanced performance and efficiency. In addition to the Snapdragon model, there's talk of a variant using the MediaTek Dimensity 9400 or 9400+ chipsets. This hints at OnePlus might offer multiple versions of the Pad 3, catering to different user needs and preferences.

Display technology is another area of potential change. Reports indicate that the Pad 3 may come with different display types, possibly OLED or LCD. The specific display type for each variant remains unclear. Other capabilities being discussed include side-mounted fingerprint readers and depth sensors for improved facial recognition. These additions point towards a focus on enhancing user experience and security.

OnePlus Open 2 , we deserve this win. This potential rebranding and upgrade cycle is exciting to hear, particularly when we know the OnePlus Pad 2 was so impressive . The focus on faster charging and improved processing could translate to a serious productivity tablet. The possibility of different display types also gives buyers more choice in finding a device that suits their needs. Hopefully these rumors pan out, and we do get this highly sought after tablet. After not getting the, we deserve this win.

It appears that upcoming tablet releases in 2025 will come with a potential boost in charging speeds and processing power, with a possible rebranding strategy in play. For example, OPPO's planned Pad 4 Pro, slated for a Chinese release, could possibly find its way to global markets under the OnePlus brand, potentially as the OnePlus Pad 3.

Apple's latest entry-level phone, the iPhone 16e carries a significant hardware upgrade hidden beneath a familiar exterior. While visually reminiscent......

I’ve been wearing a OnePlus Watch 3 for a little over a week. So far, it’s been great. The [website] AMOLED display loo......

Oppo unveiled the Reno13 Pro last November in China and began its international rollout in January. We shared our first impressions of the Oppo Reno13......

Vivo X200 Ultra Will Come With Fujifilm’s Co-developed Camera

It’s no secret that one of the Vivo X-series focuses on impressing consumers with powerful camera aspects. In the past year, Vivo has worked with ZEISS to develop impressive cameras with outstanding software aspects that make devices under this lineup impressive for consumers and camera professionals. The Vivo X200 series launched a few months ago is no exception to this tradition. , the upcoming Vivo X200 Ultra, which will complete the flagship lineup, will be even more impressive featuring an unprecedented partnership with Japan’s Fujifilm.

Vivo X200 Ultra Coming With Impressive Camera Specifications Powered by Fujifilm.

, Vivo’s cooperation with Fujifilm for the Vivo X200 Ultra will result in clients getting a more professional image experience through improvements in image quality and color reproduction. The leak further reveals that the X200 Ultra will have an A1 chip under the hood. It will come with “improved intelligent processing power” for a more effective photography experience. Furthermore, the Vivo X200 Ultra will also support 4K@120fps HDR video recording and come with a new Live Photo feature and 5-axis stabilization.

The X200 Ultra will also come with a new camera mode. It is being developed with photography enthusiasts in mind and will include some extra controls and attributes for those who understand the matter.

As per the rumors, the Vivo X200 Ultra will launch in April. So there is still a full month ahead of the release of the new camera flagship. Unfortunately, this does not mean much for global consumers. After all, the smartphone is a China-.

The Vivo X200 Ultra is tipped to come with the unreleased MediaTek Dimensity 9400+ SoC. The phone will likely support up to 24 GB LPDDR5X RAM and impressive 2 TB UFS [website] storage. Earlier leaks claimed that the handset would get a Snapdragon 8 Elite. However, it seems that the next flagship will debut MediaTek’s mid-year flagship SoC.

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions.

Een printer kiezen voor je bedrijf lijkt eenvoudig. Tot je ontdekt hoeveel opties er zijn. Inkjet of laser? Draadloos of bekabeld? Welke printer past ......

PhoneArena readers know that a change to [website] export rules made in 2020 prevents chip foundries that use American technology to produce chips from shi......

The Oppo Find X8 Ultra is expected to launch in April, and a new Oppo Pad 4 Pro will also be unveiled at the same event. ......