Hackers may be hiding in plain sight on your favorite website

Security researchers have detailed how domain shadowing is becoming increasingly popular for cybercriminals.

As reported by Bleeping Computer, analysts from Palo Alto Networks (Unit 42) revealed how they came across over 12,000 such incidents over just a three-month period (April to June, 2022).

Getty Images

An offshoot of DNS hijacking, domain shadowing provides the ability to create malicious subdomains by infiltrating legitimate domains. As such, shadowed domains won’t have any impact on the parent domain, which naturally makes them difficult to detect.

Cybercriminals can subsequently use these subdomains to their advantage for various purposes, including phishing, malware distribution, and command and control (C2) operations.

“We conclude from these results that domain shadowing is an active threat to the enterprise, and it is hard to detect without leveraging automated machine learning algorithms that can analyze large amounts of DNS logs,” Unit 42 stated.

Once access has been obtained by threat actors, they could opt to breach the main domain itself and its owners, as well as target users from that website. However, they’ve had success by luring in individuals via the subdomains instead, in addition to the fact that the attackers remain undetected for much longer by relying on this method.

Due to the subtle nature of domain shadowing, Unit 42 mentioned how detecting actual incidents and compromised domains is difficult.

In fact, the VirusTotal platform identified just 200 malicious domains out of the 12,197 domains mentioned in the report. The majority of these cases are connected to an individual phishing campaign that uses a network of 649 shadowed domains via 16 compromised websites.

A system hacked warning alert being displayed on a computer screen.
Getty Images

The phishing campaign revealed how the aforementioned subdomains displayed fake login pages or redirected users to phishing pages, which can essentially circumvent email security filters.

When the subdomain is visited by a user, credentials are requested for a Microsoft account. Even though the URL itself isn’t from an official source, internet security tools aren’t capable of differentiating between a legitimate and fake login page as no warnings are presented.

One of the cases documented by the report showed how an Australian-based training company confirmed it was hacked to its users, but the damage was already done through the subdomains. A progress bar for the rebuild process was showcased on its website.

Currently, Unit 42’s “high-precision machine learning model” has discovered hundreds of shadowed domains created on a daily basis. With this in mind, always double-check the URL of any website that requests data from you, even if the address is hosted on a trusted domain.

Editors’ Choice

Repost: Original Source and Author Link


Apple’s Rumored AR Headset Has Been Hiding in Plain Sight

With the introduction of AirTag, HomePod Mini, and a ton of services and subscriptions in recent years, Apple has been moving outside its traditional Mac-iPhone-iPad lineup. All that will pale in comparison to what’s rumored to come next: A full-featured mixed-reality (MR) headset.

Yet while this new device might seem like a surprise totally out of left field, Apple has actually been leaving all sorts of breadcrumbs to clue up savvy observers, intentionally or not.

When you add these hints together, it seems like Apple has all the pieces of the puzzle ready — it just needs to put them together. That makes it feel an awful lot like Apple’s MR headset has been hiding in plain sight for years.

Apple’s lidar long game

To see what I mean, we need to take a look at the iPad Pro’s camera setup. Or rather, at one of the lenses contained within the camera array: The lidar scanner. This scans and maps your surroundings, such as the room you are in, helping to enable augmented reality (AR) features for use in apps and games. It has since spread to the iPhone and, if rumors are to be believed, will also make an appearance on Apple’s headset, where it will be essential for creating realistic AR environments.

According to The Information, Apple’s headset will come with up to a dozen cameras and lidar sensors. If that turns out to be correct, the knowledge Apple gleaned from first equipping the 2020 iPad Pro with a lidar scanner will have been invaluable for incorporating this tech into its AR headset. Although no one realized it at the time, Apple was likely playing the long game.

Face ID led the way

iphone x notch
Julian Chokkattu/Digital Trends

There is another thing that Apple has perfected on the iPhone that it can transfer to its upcoming headset: Its biometric sensors. On the iPhone and iPad Pro, this takes the form of Face ID. On the company’s headset, rumors indicate it will be realized as an iris scanning feature — and perhaps more.

An iris scanner would be used to authenticate purchases or unlock your accounts in much the same way Face ID currently does in the iPhone and iPad Pro. That’s according to reliable Apple analyst Ming-Chi Kuo, who also believes the headset will contain six cameras for “innovative biometrics.” While the iris scanner likely comes under that heading, it is unclear what else Apple could have up its sleeve in this area. It sounds encouraging, though, given Apple’s ability to combine high-end biometrics with robust security in the past.

And that is important because any iris scanning capability will need to be able to store your unique biometric data in an incredibly secure way so as to prevent rogue actors from hijacking it for nefarious purposes. Face ID is already adept at walling off potential attacks and much of the underlying tech that powers that security will likely be repurposed in Apple’s iris scanner.

AR acquisitions

Apple's rumored virtual reality headset

Face ID may have provided some early hints at what is to come in Apple’s AR headset, but it is not the only piece of kit that Apple has been learning from. The company has been buying a host of other companies in recent years, and while predicting what it might do next based on the companies it buys is often akin to reading tea leaves, there are some places where we can see the headset’s fingerprints.

Some of the companies Apple has bought could well be headed to the upcoming headset, like virtual reality firms NextVR and Spektral. Others are less clear cut, such as the companies Apple has been snapping up that are thought to now be contributing towards its self-driving car project, or that will likely have their tech incorporated into future iPhones.

Yet just as with Apple’s biometric advances, there are likely plenty of things the company can learn from adding new camera- and image-processing tech to its mobile devices that could also be translated across to an augmented reality headset. Apple often buys companies not just for the tech they possess but for their gifted workers, too. By purchasing specialized tech firms that have experience in things like advanced algorithms, Apple is strengthening its pool of engineers that is already brimming with talent.

Apple Silicon goes virtual

Apple M1 chip in an iPad Pro

One thing Apple has not had to buy is its in-house M1 chip. Indeed, rather than rely on a third-party outfit to provide its Mac chips ready-made, Apple is now designing its own — with superb results. While all this research and development was thought to be aimed squarely at the Mac, it could also see significant use in Apple’s headset.

Reporter Mark Gurman, who is one of the most accurate Apple analysts out there, has claimed Apple is testing various chips to power its forthcoming headset. All will be chips designed in-house, and some rival the M1 for power and performance. Given how well we know the M1 performs in various Macs, that is great news.

But it is not just how to make a performant chip that Apple has learned when making the M1 — it is how to make an incredibly efficient one, too. That is of utmost importance in something like a headset, where the brains of the machine are in close proximity to your own grey matter, and keeping everything cool and cozy is the difference between comfort and irritation.

Everything that helps the M1 succeed can feasibly do the same for Apple’s headset. If Gurman is right, it would suggest Apple had more than just Macs in mind when it started its quest to build its own world-beating chips.

Editors’ Choice

Repost: Original Source and Author Link

Tech News

LG mobile shutdown in sight as insiders tip imminent announcement

The fate of LG’s struggling smartphone business has apparently been sealed, with the South Korean company reportedly giving up on attempts to sell off the division and instead preparing to announce it’s being shut down completely. Times have been tough for LG, with its attempts to innovate in mobile getting consistently overshadowed by Samsung, Apple, and others.

To be fair, those attempts haven’t always hit the mark. LG’s iterative approach on its flagships struggled to gain attention in the face of rivals’ big budget marketing, while its experiments with twin-display phones seemed clunky in comparison to foldable screen devices from the competition. While LG seemed poised to change all that this year, with its first rollable phone as teased at CES 2021 in January, the likelihood of that device ever actually making it to production was looking increasingly dire.

Underscoring that have been regular rumors and leaks that LG was hunting a suitor for the mobile division. Chatter around that process suggested it had all been in vain, however, with leaks earlier this week promising a final shut-down was in the pipeline. That’s something sources tell The Korea Times looks almost certain now.

Having tried – and failed – to sell off the smartphone business to Vitenam’s Vingroup and others supposedly interested buyers, the report says, LG Electronics will now all time on the money-losing division. The public announcement is tipped to take place on April 5, when LG will hold a board meeting. LG officials declined to comment specifically on the leaks.

“All we can say is that every possibility is open,” the unnamed spokesperson said. “Although we cannot confirm that right now, we will announce the specific direction of our mobile communications business.”

While a disappointment to the lingering cohort of LG phone fans, it would undoubtedly be a sensible strategy given the rest of LG’s business. Despite the ongoing pandemic, the company recorded record operating profits of $2.85 billion in 2020, up more than 31-percent compared to the previous year. Sales in Q4 2020 specifically rose 11-percent over Q3, and almost 17-percent compared to the same period twelve months prior.

LG credited premium home appliance sales and OLED TV demand, in addition to vehicle components, for the uptick in profits. Indeed, when it comes to appliances, LG’s Q4 2020 was the best quarter in the company’s history.

In contrast, LG cited “sluggish sales of premium smartphones in overseas markets” along with a shortage of 4G LTE chipsets for disappointing performance in mobile. The outlook remained fairly glum for that division, unlike LG’s relatively upbeat predictions for the rest of its teams.

Repost: Original Source and Author Link

Tech News

Night Sight fight expanded: The Pixel 4 is no match for the iPhone 11 in low light

We still have some more testing to go before we can reach a verdict on Google’s new Pixel 4 smartphone, but early results continue to show that it’s in for a big fight with the iPhone 11. We tested the improved Night Sight against the iPhone 11’s Night mode to see which camera could snap a better nighttime shot and the results are quite one-sided.

That’s very surprising. Apple’s Night Mode was largely seen as playing catch-up to Google’s version on the Pixel 3, and we all assumed that the Pixel 4 would take another leap to show Apple who’s boss. That might not be the case. In shot after shot, the iPhone 11 didn’t just turn extremely dark images into useable pics—it brightened the right spots, retained the right shadows, and simply handled the whole scene better than the Pixel 4. It’s subtle, but more often than not, the iPhone produced richer, more detailed shots without losing the natural darkness.

pixel 4 iphone 11 night sight 1 Michael Simon/IDG

Pixel 4 (left), iPhone 11 (right). Click to enlarge.

In the first test show, both cameras were able to illuminate the scene enough to see the whole building from a distance. However, Google blew out colors and lost much of the definition and shadows, while the iPhone 11 retained the integrity of the night and illuminated the parts that were shrouded in darkness.

pixel 4 iphone 11 night sight 3 Michael Simon/IDG

Pixel 4 (left), iPhone 11 (right). Click to enlarge.

In our next shot, Apple outperformed Google when it came to color accuracy. The redness of the door on the church, the darkness of the sky, and the hue of the taxi in the foreground are all better represented by the iPhone 11.

pixel 4 iphone 11 night sight 2 Michael Simon/IDG

Pixel 4 (left), iPhone 11 (right). Click to enlarge.

Both cameras performed impressively with this shot of an extremely dark apartment alley. The iPhone 11 gets a slight edge with the color of the ivy, bricks, and mulch, which all retained their deep hues and weren’t affected by the increased exposure.

pixel 4 iphone 11 night sight 4 Michael Simon/IDG

Pixel 4 (left), iPhone 11 (right). Click to enlarge.

This shot of four posters in a room was taken with the lights off. Both grabbed plenty of light, but you can plainly see how superior the iPhone 11’s version is, with both brighter and deeper colors, and better clarity and definition.

pixel 4 iphone 11 night 5 Michael Simon/IDG

Pixel 4 (left), iPhone 11 (right). Click to enlarge.

Once again, both cameras brightened the scene impressively but while the Pixel 4 (left) highlighted more of the spiderweb due to its overall brightening, the iPhone kept the moodiness and the creepiness of the scene without losing the spider or the leaves.

pixel 4 iphone 11 night 6 Michael Simon/IDG

Pixel 4 (left), iPhone 11 (right). Click to enlarge.

It’s hard to illustrate just how dark it was when I snapped this pic of these flowers, and both cameras performed incredibly well. But the iPhone 11 (right) edges the Pixel 4 once again with brighter colors, deeper greens on the grass, and a better handling of the reflections in the rain on the street.

Repost: Original Source and Author Link