Wednesday, August 13, 2025

 

SAMSUNG


One UI 8.0 Beta arrives for the Galaxy Z Fold 6 and Z Flip 6

Samsung has finally launched the One UI 8.0 Beta update for its foldable phones from 2024, the Galaxy Z Fold 6 and Z Flip 6. This update, based on Android 16, brings a first look at new features like a more reliable DeX and a better Secure Folder experience, among others.

This year, Samsung is looking to redeem itself from the long wait its users experienced for the One UI 7 update. The company is committed to rolling out the Android 16-based One UI 8 firmware faster, and with that in mind, it's expanded the beta program to the Galaxy Z Fold 6 and Galaxy Z Flip 6. The company already did the same with the Galaxy S24 lineup, and more models are expected to follow suit in the coming weeks.

The beta for Samsung's foldable phones of 2024 is currently live in South Korea, but a wider rollout is expected soon in countries like the UK, USA, and India. The update brings some new features, improvements, and refinements to the user experience.

What’s new with One UI 8.0 beta for the Galaxy Z Fold 6 and Z Flip 6?...One UI 8 beta includes a number of key changes to the Galaxy Z Fold 6 and Z Flip 6. Owners of these devices can expect a refreshed UI and improved core software features. For example, Samsung has integrated Secure Folder more deeply with Android's native Private Space feature. Similarly, Samsung DeX is now built on Android 16's native Desktop Mode.

Other notable improvements include a new user experience for Quick Share and better management for your alarms, calendar, and reminders. The Z Flip 6 also gets some exclusive new features like a 90:10 split-screen option for better multitasking and an updated version of the Samsung Internet browser.

If you have a Galaxy Z Fold 6 or Z Flip 6 and want to try out the beta, you can sign up through the banner from the Samsung Members app. Just remember, this is a beta release, so some bugs and stability issues are to be expected.

Samsung Galaxy S24 smartphones

Samsung launches One UI 8.0 Beta for Galaxy S24 Series...Samsung has officially launched the One UI 8.0 beta update for the Galaxy S24 series. Based on Android 16, this firmware brings some key improvements to core features like DeX and Secure Folder, along with a more refined UI and user experience.

Galaxy S24 owners, the wait for the One UI 8.0 beta is finally over. Samsung has officially launched the update, giving owners of its flagship phones from 2024 a first taste of the new features based on Android 16.

The new beta is currently available for the Galaxy S24, S24+, and S24 Ultra in a couple markets, including South Korea (S92xNKSU9ZYH3) and the UK (S92xBXXU9ZYH3). If you're in other regions like the US or India, don't worry—the update is expected to expand to more countries soon, so keep an eye out. The OTA itself is a hefty download at 3.2GB, something quite normal for a big OS update like this.

One UI 8 Beta now live for Samsung Galaxy S24 series, first in UK and Korea...So, what exactly can you expect from One UI 8.0 beta? Well, although it is an early version, you'll find a few key improvements here and there. Samsung has given the user interface a slight refresh. The company has also made some tweaks behind the scenes, with features like Samsung DeX and Secure Folder now being more reliable and seamlessly integrated, as they are based on the native capabilities of Android 16.

You’ll also find some smarter everyday tools and quality-of-life updates, including a more streamlined Quick Share feature and better management for your alarms, calendar entries, and reminders.

As usual, you can enroll in the beta program from the Samsung Members app. If you're in a region where the One UI 8 beta program is available, you'll see a prominent banner announcing it. After tapping on it and completing the steps, you'll be able to download and install the firmware through the classic update process of your Galaxy phone (go to "Settings" > tap on "Software update" > tap on "Download and install"). Just remember, this is a beta, so a few bugs are to be expected.

mundophone

-----------------------------------------------------------------------------------------------------------------------------

Smartphone Samsung Galaxy Z Fold6 512GB 5G, 12GB RAM Tela 7.60---https://amzn.to/45zaQnw

Smartphone Samsung Galaxy S24, Galaxy AI, Selfie de 12MP, Tela de 6.2" 1-120Hz, 256GB, 8GB RAM---https://amzn.to/3Uo4F0r

Beelink Mini PC SER8, AMD Ryzen 7 8745HS (8C/16T, até 4,9GHz), 32G DDR5 RAM 1TB(scores $130 discount on Amazon)---https://amzn.to/4lncQVT

Beelink SER5 PRO Mini PC,AMD Ryzen 7 5850U(8C/16T,up to 4.4 GHz)---https://amzn.to/45j5rSA

Tuesday, August 12, 2025

 

DIGITAL LIFE


WinRAR, Which You Totally Paid For, Was Under Siege By Zero-Day Attacks

Everyone's favorite file archiving utility isn't often on the news, but today is an exception. The WinRAR archiving utility has been the target of a couple of large-scale attacks that leverage a 0-day vulnerability.

The news was posted by security firm ESET, stating the attacks took place between the 18th and 21st of July, mainly targeting high-level businesses in Europe and Canada. Given that WinRAR's install base is estimated to be around 500 million, we'd wager there probably were more than a few successful attempts. The vulnerabilities have been patched in WinRAR 7.13, but a large number of installs remain vulnerable.

The attack was perpetrated by a Russia-aligned group that ESET calls RomCom. The group is known for previously performing large-scale exploits of multiple pieces of software including Microsoft Word, Firefox, and Thunderbird. This time around, RomCom made use of a zero-day vulnerability in WinRAR's path handling, that has since then been published as CVE-2025-8088.

The attacks are performed by e-mail phishing and spear-phishing, with messages impersonating various persons, sometimes personalized, in a bid to lure potential victims in. Given the nature of the vulnerability, all the victim would have to do is try and extract a poisoned archive attached to an e-mail, and then malicious backdoors are installed on the user's machine. From that point, remote attackers have mostly free reign over the machine, and can collect data for ransoms or use the machine for further intrusion.

diagram winrar vulnerability news

ESET contacted WinRAR's devs on July 24th to alert them of the problem, after having spotted odd behavior on one machine. The base cause of the problem is that WinRAR didn't correctly handle relative paths like "..\\", letting an attacker install executable code in the TEMP and LOCAL\APPDATA system folders that are otherwise off-limits normally. From there, a malicious DLL is installed and leverages COM hijacking to get Edge to execute it, the backdoor is installed, and a C&C (command and control) server is pinged at srlaptop[.]com.

ArsTechnica notes that security firm Bi.ZONE claims that the group it nicknamed Paper Werewolf was also exploiting this vulnerability as well as CVE-2025-6218. The site speculates that the nature of the two-pronged attack could mean the vulnerability was available in a security black market and was bought by both groups. Perhaps the worst bit of this news is the fact that WinRAR doesn't have a built-in update mechanism, meaning that users need to somehow be made aware of the issue and then manually download and install the latest version. If you use or know anyone who uses WinRAR, let them know about this ASAP. And by the way, I paid for my copy of WinRAR many years ago.

https://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability/

-----------------------------------------------------------------------------------------------------------------------------

-Meta Quest 3S 256GB | Batman: Arkham Shadow Included — 30+ Games Included with Meta Horizon+ Access with Starter Bundles — Play More for Less: https://amzn.to/4mM3QL7

-SanDisk 512GB microSD Express Card - Up to 880MB/s Read, Up to 650MB/s Write, 220MB/s Sustained Write, U3, C10 - SDSQXFN-512G-GN4NN: https://amzn.to/4mJROSu

-Motorola Edge 50 5G - 256GB 24GB (12GB RAM+12GB Ram Boost) 50MP Sony Camera Moto AI Ultrarresistencia militar - Green: https://amzn.to/4mdlHdM

mundophone

 

DIGITAL LIFE


At least 73% of US adults have experienced online scams—here's how you can avoid the latest con

Online scammers continue to dupe the majority of American adults as they infiltrate virtual calendars and security systems meant to defend users against the poaching of personal information.

A recent survey of more than 9,000 U.S. adults by the Pew Research Center found that approximately 73% experienced at least one or more online scams or attacks.

The most common virtual cons were credit card fraud, online shopping scams and ransomware attacks—a type of malicious software that prevents you from accessing your computer files or system until a ransom is paid.

About 24% of those surveyed said they had received a scam email, text message or call that tricked them into giving away personal information.

An estimated 32% of respondents said they were victims of a scam within the last year.

It's often said that older adults are more vulnerable to online fraudsters. However, in 2021, the Federal Trade Commission reported that Gen Z adults, millennials and Gen Xers, collectively between the ages of 18 and 59, were 34% more likely than adults who are 60 and older to report losing money to fraud.

These generational groups are getting tricked by online schemes that originate from a social media ad, an investment scam or fake job opportunities.

The latest phishing attacks, or attempts to acquire sensitive data, are happening through your online calendar (Google or Outlook calendar), multi-factor authentication app and HTML attachments.

Evading online scams is proving to be a challenge, but cybersecurity experts say there are steps you can take to protect yourself.

Unsolicited calendar invites...Scammers are constantly finding new ways to lure you into unknowingly giving up your personal information and the calendar connected to your email account is one of them, said Iskander Sanchez-Rola, director of artificial intelligence and innovation for Norton.

Unlike traditional phishing scams such as an unwanted text or call that requires your engagement, this invitation automatically appears on your calendar without you approving or denying it.

Anyone can easily be fooled by this because it can confuse you into thinking you accepted the invitation at some point, Sanchez-Rola said.

The scam happens when you click on the invite to get more information.

A link in the invitation can lead you to a phishing webpage that is masquerading as a Zoom link, or it can prompt you to download malware that is disguised as a software update.

This con often targets work-related email accounts and corresponding calendar apps.

The warning signs of this scam include:

-The calendar invite is unsolicited.

-There are misspellings in the link or sender address associated with the calendar appointment.

-The invite is associated with work, but you're the only person to receive it.

What you can do: Change the settings in your online calendar to prohibit automatic updates. Microsoft Outlook users can follow these online instructions to change their calendar settings; Google users can limit which invitations appear on their schedule by following these online instructions.

If you have any suspicions, don't reply directly to the invite, said Derek Manky, chief security strategist and global vice president of threat intelligence at Fortinet.

"Instead, send an email to your trusted contact from that organization asking if they have confirmed the meeting and request further details," Manky said.

Multi-factor authentication scam...A multi-factor authentication app, also known as a "two-step verification," is an application on your phone that provides you with a code or a "yes or no" prompt to verify that you're accessing an account that's linked to the authenticator.

"Multi-factor authentication attacks have been happening for well over a decade," Manky said. "They just frequently take on new forms, or target new platforms such as the authenticator app."

A scam occurs when you're receiving multiple notifications from the authentication app even though you didn't request verification.

"This scam is all about wearing you down to the point of clicking an unknown notification and accidentally providing your personal information," Sanchez-Rola said.

The warning signs of this scam include:

-The authentication app is requesting verification or providing you with a verification code you did not request.

-The authentication app is sending you several notifications in a row even though you did not prompt the app.

What you can do: If you're getting a string of authentication app notifications, pause before you click.

"Approving a login you didn't request is like handing your keys to a stranger," Sanchez-Rola said. "You just don't do it."

A safer way to use an authentication app—such as 2FAS, Aegis Authenticator, Microsoft Authenticator, Stratum or Google Authenticator—is to use one that provides you with a verification code. Don't use an app that sends a notification because that's how a scammer can pressure you into providing your login information.

Another step in protecting yourself is changing your passwords frequently, as it reduces the shelf-life of the ones that are stolen and sold, Manky said.

Emails with unknown HTML attachments...An email with an unknown HTML attachment can redirect you to a phishing webpage or prompt you to download malware. It's the oldest technique in the book, but it's still commonly used today, Manky said.

"HTM/HTML files contain code that can be used in a variety of ways, including executing malicious scripts, for example Javascript, that could drop an information-stealer on the system," he said. "Likewise, they could be used to launch a phishing page to harvest credentials."

Fraudsters will try to use trusted names or services that are of daily use to you.

"If an email is unsolicited, the end user should always question the identity of the emails being sent," Manky said.

The warning signs of this scam include:

-The sender of the email is an unknown contact.

-The attachment within the email is unsolicited and looks suspicious.

What can you do: Always exercise caution before opening any attachments in an email, Manky said.

Look for typosquatting in the URL of the attachment. Typosquatting is when domain names on the URL have a small variation from the legitimate one, Manky said.

2025 Los Angeles Times. Distributed by Tribune Content Agency, LLC.

-----------------------------------------------------------------------------------------------------------------------------

Samsung Galaxy S25 Edge 256GB AI Phone(Amazon US) $849.99: https://amzn.to/3HvSr2P

Google Pixel 9a 128GB Unlocked Phone With Gemini(Amazon US)$399.00

Samsung Galaxy A16 5G 128GB Blue Black(Amazon US) $174.99: https://amzn.to/4fIZWjF

Google Pixel 9 128GB (Obsidian) $599.00(Amazon US)

Smartphone Motorola Edge 60 Fusion 5G - 256GB 16GB: https://amzn.to/4mC2bay

mundophone

Monday, August 11, 2025


APPLE



iPhone 17 nears launch. Everything we know about the upcoming smartphone line

With the iPhone 17's debut approaching, rumors about Apple's next-generation smartphones continue to circulate, revealing more details about the devices, including design changes for the Pro models and the arrival of an Air version.

If the latest online rumors are correct, Apple could unveil the iPhone 17 to the world on September 9th. Major changes are expected to the camera modules of the iPhone 17 Pro and Pro Max, and in a new video, YouTuber Jon Prosser of the Front Page Tech channel showcases the new features that could arrive on the more equipped models in the lineup.

In line with previous rumors, the YouTuber, who was recently sued by Apple, reveals that the Pro models will feature a large rectangular module. It will house a triple 48 MP camera setup, including a new telephoto sensor. It's worth noting that there was previously speculation that the top-of-the-line models could offer 8X optical zoom capabilities, an additional camera button, and software with professional options to improve image quality.

According to information provided by Jon Prosser, the Pro versions of the iPhone 17 could also come in new colors, including dark blue and orange models, in addition to the more "traditional" black, gray, and silver.

Also on a more aesthetic note, the Apple logo may slightly change its position on the back of the smartphones. As Forbes points out, the new Pro models are also expected to feature A19 Pro chips.

Another highly anticipated development is the launch of the iPhone 17 Air, which is expected to replace the Plus version in the lineup, establishing itself as Apple's first foray into the new trend of thinner smartphones, in a category where Samsung's Galaxy S25 Edge stands out. Apparently, the iPhone 17 Air will be 5.5 millimeters thick and weigh 145 grams. However, Apple will have to make some sacrifices in the battery, which could have a capacity of only 2,800 mAh.

Will this be the look of the iPhone 17 Air and iPhone 17 Pro?...The smartphone could feature a 6.6-inch display with thin bezels and a "Dynamic Bezel Island." On the back of the smartphone, there will be a single 48 MP camera, and inside, it will be possible to find an A19 processor, as well as the C1 chip, Apple's first "homemade" modem, which makes its debut in the iPhone 16e.

But how much could the new iPhone models cost? Not long ago, rumors surfaced pointing to a price increase for several models in the United States.

The report cites a $50 price increase for the Pro and Pro Max models, as well as the iPhone 17 Air. The base model of the line is not included. The price represents a 4% to 5% increase compared to the prices of smartphones launched in 2024.

The increase is attributed to the need to offset increased costs related to import tariffs and the partial production of devices in China. It is not yet clear whether the increases will directly impact prices in other regions, such as Europe.

-----------------------------------------------------------------------------------------------------------------------------

Apple iPhone 16 Pro Max – Titanium Black---https://amzn.to/4mhSyhQ

Apple iPhone 16 Plus (512 GB) – Black---https://amzn.to/4oCDCfQ

Apple iPhone 16e 512GB – Black---https://amzn.to/4fu7WF4

mundophone


DIGITAL LIFE


Conversations remotely detected from cell phone vibrations, researchers report

An emerging form of surveillance, wireless tapping, explores the possibility of remotely deciphering conversations from the tiny vibrations produced by a cell phone's earpiece. With the goal of protecting users' privacy from potential bad actors, a team of computer science researchers at Penn State demonstrated that transcriptions of phone calls can be generated from radar measurements taken up to 3 meters, or about 10 feet, from a phone. While accuracy remains limited—around 60% for a vocabulary of up to 10,000—the findings raise important questions about future privacy risks.

They published their research in Proceedings of WiSec 2025: 18th ACM Conference on Security and Privacy in Wireless and Mobile Networks. The work builds upon a 2022 project in which the team used a radar sensor and voice recognition software to wirelessly identify 10 predefined words, letters and numbers with up to 83% accuracy.

"When we talk on a cell phone, we tend to ignore the vibrations that come through the earpiece and cause the whole phone to vibrate," said first author Suryoday Basak, doctoral candidate in computer science. "If we capture these same vibrations using remote radars and bring in machine learning to help us learn what is being said, using context clues, we can determine whole conversations. By understanding what is possible, we can help the public be aware of the potential risks."

Basak and his advisor, Mahanth Gowda, associate professor of computer science and engineering, who co-authored the paper, used a millimeter-wave radar sensor—the same type of technology used in self-driving cars, motion detectors and 5G wireless networks—to explore the potential for compact, radar-based devices that could be miniaturized to fit inside everyday objects like pens.

Their experimental setup is only for research purposes, the researchers said, developed in anticipation of what bad actors could potentially create. They then adapted Whisper, an open-source, large-scale speech recognition model powered by artificial intelligence (AI), to decode the vibrations into recognizable speech transcriptions.

"Over the last three years, there's been a huge explosion in AI capabilities and open-source speech recognition models," Basak said. "We can use these models, but they are catered more toward clean speech or everyday use cases, so we have to adapt them to recognize low quality, 'noisy' radar data."

To go from noisy data to recognizable speech without retraining the whole network, the researchers used a model adaptation method called low-rank adaptation, which let them specialize the model to radar data by retraining just 1% of Whisper's model parameters.

To record the vibrations, the researchers used a millimeter-wave radar sensor positioned a few feet away from the phone to capture subtle surface vibrations while speech played back through the earpiece. To analyze the data, they fed this radar-derived signal into their customized version of the Whisper speech recognition model, which resulted in up to 60% accuracy.

The transcription accuracy could be further improved, researchers said, by incorporating context-based manual corrections, such as adjusting certain words or phrases, when prior knowledge of the conversation is available.

"The result was transcriptions of conversations, with an expectation of some errors, which was a marked improvement from our 2022 version, which outputs only a few words," Gowda said. "But even picking up partial matches for speech, such as keywords, are useful in a security context."

The researchers compared their model's capabilities to reading lips: While lip-reading provides only about 30% to 40% of spoken words, many individuals who lip-read use context clues to decipher enough to participate in a conversation.

"Similar to how lip readers can use limited information to interpret conversations, the output of our model combined with contextual information can allow us to infer parts of a phone conversation from a few meters away," Basak said.

"The goal of our work was to explore whether these tools could potentially be used by bad actors to eavesdrop on phone conversations from a distance. Our findings suggest that this is technically feasible under certain conditions, and we hope this raises public awareness so people can be more mindful during sensitive calls."

Provided by Pennsylvania State University  

-----------------------------------------------------------------------------------------------------------------------------

Samsung Galaxy S25 5G---https://amzn.to/3J8pPgF

Samsung Galaxy Z Flip7 FE---https://amzn.to/45b0xqL

Apple iPhone 16---https://amzn.to/4oAl4Ne

Motorola Edge 60 PRO 5G-512GB 24GB---https://amzn.to/4fHhrRp

mundophone

Sunday, August 10, 2025

 

DIGITAL LIFE


Poisoned invitations turned Google's Gemini into a weapon for cyberattacks

In a new study, a team of cybersecurity researchers demonstrated that Gemini, Google's AI assistant, could be hacked, giving attackers the ability to control smart devices in victims' homes and perform other malicious actions.

The team, comprised of researchers from the Israel Institute of Technology (Technion), Tel Aviv University, and the cybersecurity firm SafeBreach, explains that it all starts with a poisoned invitation in Google Calendar, with instructions to turn on the devices at a specific time.

When someone asks Google Assistant to summarize their calendar tasks and events, the instructions are activated, turning on the devices. Poisoned invitations utilize a tactic known as indirect prompt injection.

Through this, an external source can insert malicious instructions that are invisible to humans but readable to an AI system. These instructions can be embedded, for example, in a text or website and, when processed by the system, lead you to perform a set of actions that victims weren't expecting.

But attacks targeting smart devices are just one example presented by researchers in a new study. In total, the team discovered 14 attacks that use indirect prompt injection tactics against Gemini, including in the smartphone app and the web version of the assistant.

Gemini was manipulated to perform malicious actions such as sending spam links, generating offensive content, automatically initiating calls, stealing data through the browser, or downloading files to the smartphone.

For the team, the discovery, reported to Google in February, marks what they believe to be the first time that an attack on a generative AI system has had real-world consequences.

Ben Nassi, a researcher at Tel Aviv University, told Wired that "large-scale language models (LLMs) are about to be integrated into humanoid robots, semi- and fully autonomous cars, and we really need to know how to secure them before integrating them into these types of machines."

In an interview with the magazine, Andy Wen, one of Google Workspace's security chiefs, stated that although the detected vulnerabilities have not yet been exploited by attackers, the technology company takes them "extremely seriously" and has already implemented several fixes.

-----------------------------------------------------------------------------------------------------------------------------

Apple iPhone 16e---https://amzn.to/3HuPnE9

Apple iPhone 16 Pro Max (512 GB) – Titânio natural---https://amzn.to/3JqW2zH

Smart TV LG AI 77" - 4K OLED α9 AI Processor---https://amzn.to/3J2Csdc

Samsung Combo AI TV 65" OLED 4K 2024 + Soundbar HW-Q600C---https://amzn.to/4mFrrNu

mundophone

 

TECH


Sounds Like a Really Good Deal: Take 27% Off Open-Ear Headphones

Open-ear headphones have gained popularity over the years due to their ability to let users stay aware of their surroundings while listening to audio. The design helps keep users safe while letting them go about their day. Over at Target, you can grab the JBL Soundgear Sense Hybrid Open-Ear Headphones at a 27% discount. Originally priced at $164.95, the deal lowers it to $119.95. 

The JBL open-ear headphones design features adjustable earhooks so that they stay on your head, even during strenuous activity while maintaining comfortability. There's nothing more annoying than having your headphones fall out during the middle of a workout session! For extra security, it also comes with a neckband that connects both earpieces together, ensuring an even more secure fit and prevents them from being lost.

The headphones can also brave the outdoor elements as they're rated IP54, meaning that they're splash and dust resistant. There are also four mics, so your voice will be clear even if it's windy outside.

Beats Studio Pro Wireless---https://amzn.to/46RKIqk

Sony WH-1000XM4 Black Wireless Bluetooth Headphones---https://amzn.to/3JbZQEV

Fone de ouvido sem fio Sennheiser Momentum---https://amzn.to/4fyIkHa

Sony ULT WEAR Noise Cancelling Headphones---https://amzn.to/4m8JWK3


The Clock Is Ticking on Savings: Fitbit’s Top-Rated Versa 2 Dropped Below $100

I’ve tried a bunch of smartwatches, but most of them either overdo it or need way too much babysitting. It took me a few trials, but then I found the Fitbit Versa 2 that just gets the balance right. It tracks everything from your steps to sleep to stress, looks clean on your wrist, and actually lasts a few days without needing a charge. It’s lightweight, intuitive, and doesn’t keep vibrating on your hand. Right now, it’s $99.99 at Walmart, down from the usual $150 price tag. For 33% off, this one’s gonna make your life so much easier. Deals like this don’t sit around long, so maybe don’t overthink it.

The Versa 2 covers all the daily health stuff without turning your wrist into a notification machine. You get 24/7 heart rate tracking, sleep scores, guided breathing, and reminders to move when you’ve been sitting too long. It also has built-in Alexa, so you can check the weather or set timers without pulling out your phone. The battery lasts up to six days, and it’s water-resistant enough to wear in the shower or during sweaty workouts. Our expert, Will Greenwald, rated it "Excellent" in his review, praising its strong fitness features and solid battery life at a very reasonable price.

The Fitbit Versa 2 actually does exactly what you want a smartwatch to do. At 33% off, it’s the kind of upgrade that quietly makes everything feel more on track. Don’t wait for it to sell out, just go for it.

Apple Watch Series 10 GPS---https://amzn.to/4maQKqQ

Samsung Galaxy Watch8 Classic---https://amzn.to/45QaXLJ

Garmin Relógio Vivoactive 5---https://amzn.to/4m7VDka

mundophone

  SAMSUNG One UI 8.0 Beta arrives for the Galaxy Z Fold 6 and Z Flip 6 Samsung has finally launched the One UI 8.0 Beta update for its folda...