Microsoft has issued a warning about an ongoing spear-phishing campaign by a threat actor called Midnight Blizzard, which US and UK authorities previously linked to Russia's intelligence agency. The company said it discovered that the bad actor has been sending out "highly targeted spear-phishing emails" since at least October 22 and that it believes the operation's goal is to collect intelligence. Based on its observations, the group has been sending emails to individuals linked to various sectors, but it's known for targeting both government and non-government organizations, IT service providers, academia and defense. In addition, while it mostly focuses on organizations in the US and in Europe, this campaign also targeted individuals in Australia and Japan.
Midnight Blizzard has already sent out thousands of spear-phishing emails to over 100 organizations for this campaign, Microsoft said, explaining that those emails contain a signed Remote Desktop Protocol (RDP) connected to a server the bad actor controls. The group used email addresses belonging to real organizations stolen during its previous activities, making targets think that they're opening legitimate emails. It also used social engineering techniques to make it look like the emails were sent by employees from Microsoft or Amazon Web Services.
If someone clicks and opens the RDP attachment, a connection is established to the server Midnight Blizzard controls. It then gives the bad actor access to the target's files, any network drives or peripherals (such as microphones and printers) connected to their computer, as well as their passkeys, security keys and other web authentication information. It could also install malware in the target's computer and network, including remote-access trojans that it could use to remain in the victim's system even after the initial connection has been cut off.
The group is known by many other names, such as Cozy Bear and APT29, but you might remember it as the threat actor behind the 2020 SolarWinds attacks, wherein it had managed to infiltrate hundreds of organizations around the world. It also broke into the emails of several senior Microsoft executives and other employees earlier this year, accessing communication between the company and its customers. Microsoft didn't say whether this campaign has anything to do with the US Presidential Elections, but it's advising potential targets to be more proactive in protecting their systems.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/microsoft-issues-warning-for-ongoing-russia-affiliated-spear-phishing-campaign-120003125.html?src=rss
Canon has officially revealed its cheapest and smallest spatial VR lens yet, the $450 RF-S7.8mm F4 STM Dual. It's the same size as a regular camera lens but is designed to let creators shoot 3D VR content for headsets like the Meta Quest 3 or Apple Vision Pro. In fact, it was first teased in June at WWDC 2024 alongside Apple's latest Vision Pro OS.
There is one catch, in that the lens is designed for APS-C (not full-frame cameras) and only works with Canon's 32.5-megapixel (MP) EOS R7 for now. That camera costs $1,300 for the body only, so a full shooting solution is around $1,750.
Canon
The company has dabbled with stereoscopic VR lenses before, most recently with the RF5.2mm F2.8 L Dual Fisheye. However, that product is bigger and more unwieldy, much more expensive at $2,000 and only supports manual focus. Its main benefit is the nearly 180 degree field of view that's close to human vision and enhanced 3D thanks to the wide 2.36-inch gap between the elements.
In comparison, the new 7.8mm crop sensor lens has a much narrower 63-degree field of view. The fact that the the two elements are so close together (.46 inches) also reduces the 3D effect, particularly when you're farther from the subject (for the best results, you need to be around 6 to 20 inches away, which isn't ideal for content creators). Autofocus support is a big benefit, though, and it also comes with a button and control wheel that allows separate manual focus for the left and right sides.
Photos and video captured with the EOS R7 and new lens must be processed using Canon's EOS VR Utility app or a plugin for Adobe's Premiere Pro, both paid apps. After that, they can be viewed on the Meta Quest 3, Vision Pro and other headsets in a variety of formats including 180-degree 3D VR, 3D Theater and spatial video. The RF-S7.8mm F4 STM Dual lens is now on pre-order for $449 and will arrive sometime in November.
This article originally appeared on Engadget at https://www.engadget.com/cameras/canons-new-lens-makes-it-easier-and-cheaper-to-shoot-3d-vr-content-090206553.html?src=rss
Late last week, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) confirmed they were investigating “the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.” At the same time, The New York Timesreported that phones used by Donald Trump, JD Vance and Kamala Harris’ campaign staff were among the targets, though it was unclear what data the group may have been able to access.
Now, The New York Times has new details about the extent of the hack, which is reportedly linked to a Chinese group known as “Salt Typhoon.” According to The Times, aides to President Joe Biden, as well as Trump’s family members were also targeted, in addition to diplomats and other government officials. Even more concerning, though, is what the hackers may have been able to access. From the report:
F.B.I. investigators think the hackers may have been able to access unencrypted SMS text messages on the targeted devices, as well as call logs, according to people familiar with the investigation. They said there was also evidence indicating that audio communications were captured, though it was not immediately clear whether that meant voice mail or phone call conversations.
CISA didn’t immediately respond to a request for comment The agency said last week in a joint statement with the FBI that the investigation was “ongoing” and that the affected companies and other potential victims had been notified. At least 10 companies, including Verizon and AT&T, were impacted, according to The Washington Post. A spokesperson for AT&T declined to comment. Verizon didn’t immediately respond to questions, but previously toldThe Times the company was “aware that a highly sophisticated nation-state actor has reportedly targeted several U.S. telecommunications providers to gather intelligence.”
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/fbi-suspects-china-linked-hackers-accessed-officials-call-logs-and-sms-messages-report-says-000434865.html?src=rss
X is trying to speed up its crowdsourced fact-checking system, Community Notes. In an update, the company says it has “re-architected” the scoring system that powers the feature so that the user-generated notes can now appear less than 20 minutes after a post is published on its platform.
Community Notes, introduced in 2022, relies on other X users to fact-check or add missing context to posts on the platform. Contributors are required to cite their sources, and other users then rate the “helpfulness” of the note. Creators are also penalized for posts that get “community noted” in an effort to discourage them from trying to monetize misinformation. Now, that whole process should be able to move a lot quicker.
According to X, these new “lightning notes” can “go live in as little as 14m33s after being written, and 18m20s after the post itself was written.” The change could help address a long running criticism of the crowdsourced fact checking system: that it moves far too slowly compared with the speed of viral misinformation on the platform. For example, an analysis last year by Bloomberg found that it could take several hours for a Community Note to appear on a viral tweet and that, often, only a fraction of users see the fact check compared with the original post.
The new speedier system could change that, though it’s unclear how often the faster “lightning” version of the process will actually play out. Not all posts with incorrect information, misstated facts or AI-generated imagery are immediately flagged for review, if they are at all. X says it has more than 800,000 contributors to the program globally, but some posts will likely still take much longer to wind their way through the Community Notes process.
This article originally appeared on Engadget at https://www.engadget.com/social-media/x-is-trying-to-make-community-notes-faster-with-lightning-notes-202227151.html?src=rss
Now isn’t a bad time to try our pick for the best VPN service for 2024. ProtonVPN is on sale for 70 percent off 12-month subscriptions, bringing the one-year cost down to just under $36. You can also save on Proton Unlimited, which includes VPN access along with access to all of Proton's other services like Mail and Calendar.
ProtonVPN is Engadget’s favorite VPN service of 2024. Although most services passed our tests with high marks, Proton’s service stood out for its independently audited no-logs policy, a proven record of refusing law enforcement requests, open-source code and a peer-review program that discloses potential vulnerabilities. We also liked its user-friendly interface.
The company offers a limited free plan, but ProtonVPN Plus gives you access to 6,500 servers in more than 110 countries. It also includes the company’s high-speed (10Gbps) servers, BitTorrent support, a built-in ad blocker and the option to route your connection through multiple servers.
Other Proton services are also on sale. That includes Proton Mail, the company’s fully encrypted email service that put it on the map. You can get 12 months for 60 percent off ($23.88) or 24 months for 30 percent off ($83.76). ProtonMail recently added an AI-powered writing feature to its mail service. Even if you aren’t a fan of robots putting words into your mouth, the service still gives you up to 10 email addresses (including custom domain support), smart filters and labels, one-click unsubscribe and dedicated mobile and desktop apps.
This article originally appeared on Engadget at https://www.engadget.com/deals/black-friday-proton-vpn-deals-include-up-to-70-percent-off-plans-192530055.html?src=rss
Amazon’s shopping-focused chatbot Rufus is launching throughout Europe, after coming to the US back in February. It starts rolling out today as a beta in Germany, France, Italy and Spain, after coming to the UK in September. This is a gradual rollout and the company says it could be a few weeks before every single user in the aforementioned countries receives a software update.
To get started with Rufus, look for the icon on the bottom right-hand corner of the mobile app. This will open up the chat box. Customers can tap on this chat box to ask follow up questions or receive more information on a pre-existing query. This is a beta release, so Amazon encourages customers to leave feedback by “rating their answers with a thumbs up or thumbs down.” There’s also an option for more directed freeform feedback.
For the uninitiated, Rufus is a generative AI shopping assistant that was trained on Amazon’s entire product catalog, along with customer reviews, community Q&As and “information from across the web.” It’s a chatbot, so customers can ask Rufus questions about products and the like.
For instance, users can ask Rufus if a particular pair of running shoes are durable or if a jacket is machine-washable. This is AI, though, so even Amazon admits that the information may not always be correct. “It’s still early days for generative AI, and the technology won’t always get it exactly right,” the company writes.
If you live in the US, you already have access to the chatbot. Just look for the tell-tale icon that looks like two chat bubbles, along with the name Rufus.
This article originally appeared on Engadget at https://www.engadget.com/ai/amazons-ai-powered-shopping-assistant-rufus-launches-in-europe-today-184255137.html?src=rss
If you’re an Xbox Insider, you can now test a new home screen when using the Windows Xbox app. In a blog post published yesterday, Microsoft showcased the redesigned interface, which unites the Game Pass and Microsoft Store experiences. Users can now find their games in one place and avoid tab-hopping. This new home tab will appear for anyone with either a Game Pass subscription or a game purchased from the Microsoft Store.
Becoming an Xbox Insider is easy, as you only have to download and install the Xbox Insider Hub and test features in development. After you become a beta tester, enroll in the “PC Gaming Preview” to gain access to the new home screen.
The new menu now shows featured content and discounted games, all in a single tab. It can even curate titles based on your preferences.
The “jump back in” feature tested in May is part of the new home screen experience as of yesterday. This feature allows Compact Mode users to jump back into gameplay when not currently playing any game. It shows the nine most recent titles you’ve played, and jumping back in takes very little time at all. You can see it as a shortcut feature.
Compact Mode, as the name suggests, shrinks the interface down by replacing tabs with icons. If you own a Windows handheld console, it already has Compact Mode enabled when you launch the Xbox app.
Since becoming an Xbox Insider takes no time at all, you can easily see if you’re eligible for the preview. Microsoft is encouraging testers to provide feedback and report problems.
This article originally appeared on Engadget at https://www.engadget.com/gaming/pc/xbox-insiders-can-now-test-the-windows-xbox-apps-redesigned-home-screen-163021760.html?src=rss
The well-regarded Sony WH-1000XM5 headphones are on sale for $300 via Amazon. This deal knocks $100 off the price, which is a discount of 25 percent. The sale applies to multiple colorways, including black, blue and silver.
These headphones not only found a spot on our list of the best wireless headphones, but they were our very favorite pair. We found them to be exceptionally comfortable, even when wearing the headphones for long periods of time. The ANC is great and the battery life clocks in at around 30 hours per charge, which is a fantastic metric.
The sound is the most important thing with headphones and this model is no slouch. We admired the “crisp, clear sound with balanced tuning and punchy bass.” This is due to new 30mm carbon fiber drivers. In our official review, we noticed that the bass seemed punchier than previous models. We noted that “the lower range is both pleasant and powerful, expanding the overall soundstage.”
We did run into occasional audio issues with macOS, but that was two years ago and it’s likely everything has been patched by now. The only other downside is the price, as $400 is a lot to spend on something like over-ear headphones. However, this deal brings it down to $300 which makes things much more palatable.
Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
This article originally appeared on Engadget at https://www.engadget.com/deals/sonys-excellent-wh-1000xm5-headphones-are-100-off-right-now-162027774.html?src=rss
Lucid has revealed US pricing and pre-order details for its electric Gravity SUV. The Grand Touring trim, which is slated to have more than 800 horsepower and a range topping 440 miles, starts at $94,900. Pre-orders for that trim open on November 7 and Lucid plans to begin production later this year. Current Lucid owners will be given priority for delivery.
If you don't want to shell out quite so much for the EV and you're willing to wait until at least next year, you might opt for the Lucid Gravity Touring model. That starts at $79,900, which lines up with Lucid's previous pricing estimates.
The SUV, which Lucid first gave us a peek at in 2022, has room for up to seven adults and as much as 120 cubic feet of cargo space for all your stuff. Options include a frunk seat that two adults can sit on while the Gravity is parked, and three-chamber air suspension that's said to adapt to changing terrain for a smooth ride.
Things haven't exactly gone easy for Lucid over the last couple of years. It laid off 400 people, around six percent of its workforce, in May, after shedding 1,300 jobs just over a year earlier. The company will hoping that the Gravity can help it turn things around, though whether enough people are ready to part with at least $79,900 for one of its SUVs is a key part of the equation.
This article originally appeared on Engadget at https://www.engadget.com/transportation/evs/lucids-electric-gravity-suv-starts-at-79900-161020540.html?src=rss
What we once called the Google Chromecast (and then the Chromecast with Google TV) is now the Google TV Streamer. I won’t pretend to understand the reasoning behind any product’s rebrand, but at least this one makes a bit of sense. Casting content from elsewhere used to be a big reason TV dongles existed. Today, streaming devices primarily provide the brains required to watch content from Netflix, Disney+ and other streaming services on almost any screen, and casting is a bit of an afterthought. A name that focuses on Google TV’s interface instead of casting seems right in 2024.
This is Google’s first true set-top box, joining the non-dongle ranks of the Roku Ultra, the Apple TV 4K and Amazon’s Fire TV Cube. The Google TV Streamer is only available in a 4K configuration and, once the backstock of Chromecast units sell out, it’ll be Google’s only streamer, period. While that makes the lineup far simpler than, say Amazon’s bloated Fire TV device catalog, it also means you have to pay the 4K premium even if you only have an HD TV.
That said, the streamer is a full-featured, competent device with an interface that’s better than most at pulling together all the disparate threads of a streaming experience. Add in perks like useful smart home integration and some fun-to-have AI smarts and the $100 streamer fairly earns its price tag.
Hardware
Now that Google’s device sits next to your TV instead of hiding behind it, looks are important. Thankfully, the soft, oblong-wedge shape is unobtrusive, though the darker hazel color probably does a better job of fading into the background than my bright white review unit. The back has room for the provided USB-C power cable, plus an HDMI port and an Ethernet jack (note that neither of the latter cables come in the box). Ethernet is optional, but without the video cable the device is useless, so you have to factor that into your cost analysis if you don’t already have an extra cord handy.
Inside, there’s a processor that Google will only say is “22 percent faster” than the previous generation, along with 32GB of storage (up from a skimpy 8GB on the Chromecast) and double the memory at 4GB. It supports up to 4K/60fps video with HDR, HDR10, HDR10+ and Dolby Vision. Audio formats include Dolby Digital and Dolby Atmos along with spatial audio if you’re wearing the Pixel Buds Pro. It only supports Wi-Fi 5, which seems like a miss — a bump up to the Wi-Fi 6E standard would be more futureproof. Heck, even the $50 Fire TV Stick 4K supports Wi-Fi 6.
The remote looks a lot like that of the previous generation, with two significant improvements: The volume controls are easier to reach now that they’re on the face instead of the side, and there’s a programmable star button that you can use to launch an app, or, more excitingly, pull up your smart home control panel.
Possibly my favorite thing about the remote isn’t on the remote itself — it’s the find-it button on the back of the streamer. It rings your remote, and quite loudly. You can also do this via the Google Home app on your phone or tablet by tapping the Google TV Streamer tile and hitting the settings icon (tapping Remote turns your phone into the controller). Despite living in a tiny apartment with (you’d think) fewer places for the remote to get lost, I used the finder function no fewer than ten times over the course of my testing.
The remote still doesn’t have a dedicated play/pause button and instead relies on the button in the center of the D-pad as the main control. When I tested the Chromecast with Google TV, that led to frustration when the center button kept performing actions other than pause, but this seems to be something Google has addressed as I had no issues this time. The controller is small and hefty, yet it’s so smooth it would pop out of my hand when typing a longer search entry. But really, you should just use the voice button; the voice recognition never once misinterpreted what I said.
Photo by Amy Skorheim for Engadget
Setup and streaming experience
Of all the smart home platforms I’ve tested, I find Google’s to be the easiest to use. The majority of the setup for the streamer happens through the Google Home app, and if you’ve already been using the app, the entire process is painless — the hardest part is clicking through all the various permissions and legal terms. Configuring the controls for power and sound went through on the first try, something that hasn’t always been the case with other devices I’ve tested. I also like that I was prompted to create a kid profile from the jump (so I didn’t have to remember to do it later), along with a pin that’s easy to enter on the remote.
Before landing you in the home page, Google asks for every streaming service you subscribe to or, in the case of free apps, the ones you like to watch. So from the first time you use the streamer, your homepage is populated not only with those apps, but also with TV and movie recommendations pulled from each.
Navigation will be familiar for many, as the Google TV interface comes standard on a wide range of TV sets. But depending on which smart TV you have, the experience could be a lot zippier with the Google TV Streamer employed. I’m currently working with a dirt-cheap Hisense 4K set with Google TV built-in, and speeds were noticeably improved when I used the external device. Apps loaded quickly and even with the zero-attention-span manner in which I was flitting between shows, apps, live content and settings, the streamer kept up with barely perceptible lag. The Apple TV 4K is still faster (unsurprisingly), so this isn’t category-topping but it’s plenty speedy.
If you’re not familiar, I’ll just say that of all the smart TV interfaces I've tested, Google TV does the best job of integrating content from all the different streaming apps into one useful and intuitive hub. And, whatever other monopolistic issues the company may have, it’s the most egalitarian when it comes to recommendations versus, say, Apple, Amazon or Roku, all of which favor their own content (YouTube is certainly represented here, but it’s not dominant).
The For You page keeps track of what you’re currently watching across apps so you can easily dive back in, and does a fairly good job of recommending new stuff based on your watching habits. I also love the Watchlist feature (which you can find in the Library tab); when someone at work recommends the trailer for the upcoming Interior Chinatown, or you hear that Severance is coming back soon, you can add those shows to the Watchlist from within your browser (provided you’re signed in with your Google account) and find it on your TV the next time you’re on the hunt for fresh content.
While I wish the home screen/For You page was customizable, the algorithm is adept at keeping things interesting. Also, searching for titles is fairly spot-on. When I said, “Play Abbott Elementary,” the Hulu app opened and the next episode in my queue started playing. When show titles are a little more common, I’ll add in the platform name, like “Play Beef on Netflix” or “Play the show Poker Face on Peacock.”
You can also ask the assistant to show you shows and movies based on a theme, like stand up comedy specials, adult animation or crime tv, by prefacing your query with “Find me…” Those results are hit or miss, but are nonetheless pulled fairly equitably from across your preferred apps. It can be useful if you’re not sure what to watch, but have a vague notion of the vibe you’re looking for.
Photo by Amy Skorheim for Engadget
Smart home control
While Google has competition from Apple TV, Roku and Fire TV devices, which also integrate smart home controls, it has succeeded at making its home element simple and useful. The panel that slides out from the settings icon looks a lot like what you’d see on a Google Nest Hub. From there, you can easily control smart lights or thermostats and view live feeds from your connected cameras. If you program the star button to pull up your smart home panel, you can even do these things while you're watching a show: the show pauses, the panel slides out and then your content resumes once you’re done dimming the lights, checking the doorbell feed or whatever else needs doing.
To control those functions with your voice, you’ll need to hold down the Assistant button. Some sets with Google TV built in let you access the Assistant with “Hey Google,” but not here. That’s likely because the only mic is on the remote, which doesn’t have the battery power to support an always-listening mode. But you can use the Assistant button to make your smart-home request from any screen, including when the TV is off (that’s something Amazon’s Fire TV Cube can do too, with no button press required, since that set-top device has an onboard mic). Now that Google’s streamer supports both the Matter standard and acts as a Thread router, many smart home devices are already compatible, and more are assuredly on the way.
The streamer can do a few extra things like show you tomorrow’s weather, but it falls short on handling some pretty basic smart home assistant requests like setting a timer. And, despite Google’s vast search capabilities, it doesn’t seem to be able to answer basic questions. When I asked, “How far away is the moon?” as suggested in one of the company’s promotional how-to videos, it displayed a bunch of YouTube videos on the topic instead of a straight answer. That’s somewhat expected since it is a video streaming device, but because Google seems to frame this as a type of home hub, I found myself wishing it was a bit more capable ala a Nest mini or an Amazon Echo.
Photo by Amy Skorheim for Engadget
Additional AI features
Because it’s 2024, you can’t have a new gadget without AI tricks, and for the streamer, those manifest in AI summaries, plot synopses and review aggregations on the title page of a given show or movie. The two-sentence, computer-made writeups are OK — probably not better than what a human could do, but not significantly worse. The other AI funsies happen with the screensaver. When your device is idle, you can have it show some art pulled from a mix of street murals, classic paintings, photography and aerial earth shots. Or it can show a selection from your Google Photos. Or, if you insist, it can display AI-generated images.
The streamer can create those custom images based on your prompts, and the results here were also just fine. I asked for bicycles in space and was presented with the standard AI disregard for physics with two rusty bikes fused together to make a three-wheeled monstrosity in front of a Milky Way-esque ribbon of overly bright stars. I ultimately chose the non-AI art option to fill my screen. Even AI-concocted fairies camping on the moon bored me after a bit. That’s probably for the best, considering the carbon cost of each new image.
When Google launched the TV Streamer, it also announced Google Freeplay, a built-in selection of around 150 free live-streaming channels similar to those offered from Samsung TV Plus, The Roku Channel and the like. If you add other live TV streaming services to your system, like Pluto TV or Sling, you’ll also see those show up in the Live tab where Freeplay sits — yet another way Google TV gamely melds content from different sources.
Wrap-up
At $100, the Google TV Streamer isn’t the most expensive streaming device. Amazon’s Fire TV Cube is $140, but it’s also a speaker. Apple’s non-Ethernet set-top box is $129, but comes with twice the storage capacity and an iPhone 14 chip inside that makes it ridiculously fast. Roku’s premium set-top box is also $100, but it supports Wi-Fi 6 and has a fancier backlit remote. Google’s previous-generation Chromecast supported 4K video and similar video formats — and it was half the price.
Yes, the extra RAM and storage is great, but there are a few features — like Wi-Fi 6E support, true assistant capabilities, screaming processor speeds — that Google could have packed in to make the $100 price tag unassailable. Compared to its competition, and considering the fact that its predecessor cost half as much, it feels like the streamer should fall in the $80 range. But I’m not going to quibble over twenty bucks. The Google TV Streamer is responsive and quick, packing the best streaming interface out there with smart home features that are useful and properly integrated. Anyone looking for a reliable streamer will be happy adding this wedge beside their TV.
This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/google-tv-streamer-review-a-great-side-piece-for-your-tv-with-a-dash-of-smart-home-chops-and-inessential-ai-160034550.html?src=rss