Category: Technology

Last week, MGM Resorts disclosed a massive systems issue that reportedly rendered slot machines, room keys and other critical devices inoperable. What elaborate methods were required to crack a nearly $34 billion casino and hotel empire? According to the hackers themselves (and seemingly confirmed by a source speaking with Bloomberg), all it took was a ten minute phone call.

The alleged hackers behind the MGM issue, by all appearances, gained access through one of the most ubiquitous and low-tech vectors: a social engineering attack. Social engineering psychologically manipulates a target into doing what the attacker wants, or giving up information that they shouldn’t — in this case, apparently, by pulling a fast one on an unsuspecting IT help desk worker. The consequences range from taking down global corporations to devastating the personal finances of unfortunate individual victims. But what makes social engineering attacks so effective, and why are they so hard to prevent?

It seems counterintuitive to hand over sensitive information to a complete stranger, but attackers have developed ways to trick you into feeling comfortable doing just that. Those could include building trust over time, gathering information about you to seem like they know you or using a sense of urgency to get you to act quickly without thinking through what you’re giving up. That’s why common personality traits among cyber victims include being extroverted, agreeable and open to new experiences, according to Erik Huffman, a researcher who studies the psychology behind cybersecurity trends.

“Fear is an attack vector. Helpfulness is an attack vector,” Huffman said. “The more comfortable you are, the more hackable you become.”

Plus, digital environments have fewer social cues versus being face to face, so a potential victim is not as good at sensing potentially suspicious signs, Huffman said. We read messages in our own voice, projecting our own good will onto them, which normally doesn’t happen in person. There’s less information like social cues or body language to guide us or give us a gut feeling that something’s off.

A social engineering attack could be as simple as a faux-urgent phone call from a scammer to get your credit card information for low level theft. But there are increasingly complicated “Rube Goldberg attacks” that layer multiple approaches to fool you, according to principal researcher at SophosLab Andrew Brandt. In an example of such an attack, Brandt observed scammers first operating over the phone to get a target to click an email also sent by the scammer. Once clicked, the email would activate an attack chain that included malware and remote access software.

More likely, you’ll encounter it on a much simpler level. You might get a text from someone pretending to be your boss asking for gift cards or be tricked into clicking a malicious link that phishes your credentials. But one way or another you’ll probably run into it eventually, as an estimated 98 percent of cyberattacks rely to some extent on social engineering tactics, according to research from Splunk.

There are some other warning signs people can look out for. Having to download an unusually big file, a password protected zip file that can’t be scanned for malware or a suspicious shortcut file are all signs of a potential attack, according to Brandt. But a lot of it’s a gut feeling — and taking time to step back before proceeding to consider what could go wrong.

“It is a practice that takes repetition and rehearsal over and over again to reflexively distrust what people say to you who you don’t know,” Brandt said.

Huffman said people can try to avoid falling victim by acknowledging the limitations of a digital environment, and asking questions like: Does it make sense for this person to reach out to me? Does this person behave in a trustworthy manner? Does this person have the authority or position of power to give these directions? Does this person truly understand the topic we’re discussing?

Social engineering attacks happen constantly, to huge corporations as well as everyday people. Knowing that our good-natured traits can be our greatest weakness when faced with this variety of bad actors, it can be tempting to stop being nice altogether for safety’s sake. The key is balancing our social instincts with healthy skepticism. “You can be helpful,” said Huffman, “but be cautious.”

This article originally appeared on Engadget at https://www.engadget.com/how-social-engineering-takes-advantage-of-your-kindness-170043531.html?src=rss 

iOS 17 is here. Apple has made the annual update available to all users on eligible devices, meaning you can install it right now without bothering with beta programs. The 2023 iPhone software update includes significant updates to Messages, FaceTime, the keyboard and more.

You can install iOS 17 on any iPhone from 2018 or later. Once you know your device is eligible, you can head to Settings > General > About > Software Update to manually initiate the download and installation.

This year’s iOS upgrade includes audio message transcriptions and a rethinking of the Messages app. (iMessage apps and other tools now live behind a plus button next to the text entry field.) FaceTime adds video voicemails, and you can even take calls on an Apple TV, using an iPhone or iPad as the camera. StandBy mode is a new feature that turns your handset into a smart display when it’s charging and positioned horizontally. Meanwhile, NameDrop lets you quickly exchange contact info with new friends by tapping your devices together, and a new inline predictive text feature lets the keyboard predict and (optionally) finish your sentences for you.

You can read more about the new features in Engadget’s full iOS 17 preview. For more details on installing the update, you can read our tutorial.

This article originally appeared on Engadget at https://www.engadget.com/ios-17-is-now-available-171458248.html?src=rss 

iPadOS 17 is available now. The annual update lacks a single headline-grabbing feature, but the sum of its smaller changes enhances the experience of using Apple’s tablet. Changes include Stage Manager refinements, along with Lock Screen additions and interactive widgets to match the iPhone’s new features from a year ago.

You can install iPadOS 17 on recent models. It supports the iPad Pro 12.9 (2nd-gen or later), iPad Pro 10.5, iPad Pro 11 (1st-gen or later), iPad Air (3rd gen or later), standard iPad (6th gen or later) and iPad mini (5th gen or later). If you don’t know which device you have, you can navigate to Settings > General > About > Model Name to determine which one it is.

Once you know your device is eligible, you can head to Settings > General > About > Software Update to manually initiate the download and installation. If you had auto-updates turned on, it would install eventually, but perhaps not until later in the week.

iPadOS 17 catches up on a couple of iOS 16 features that didn’t make it to the iPad last year, including a revamped and more customizable Lock Screen (including an easier and more robust wallpaper picker) and interactive widgets. In addition, the Health app makes its way to the bigger screen and you can more easily adjust Stage Manager to fit your needs. Finally, iOS 17’s FaceTime and Messaging updates are included on the tablet software as well. You can read more about iPadOS 17’s features in Engadget’s full preview.

This article originally appeared on Engadget at https://www.engadget.com/ipados-17-is-ready-to-download-171507612.html?src=rss 

It’s a big day for Apple users as the company is rolling out major operating system updates for most of its devices (Mac users need to wait a bit longer). Just ahead of the Apple Watch Series 9 and Apple Watch Ultra 2 arriving later this week, the company has released watchOS 10. If you have an Apple Watch Series 4 or above, you can install it now.

The biggest change is the introduction of widgets (which are a bit like Glances from Apple’s original wearable) for every watch face, which include two new ones. You’ll be able to use the Digital Crown to cycle through your widgets and see access features like timers, stopwatches and podcasts when those are active. 

The World Clock app should make it easier to understand the time of day in different parts of the world at a glimpse thanks to the addition of dynamic background colors. for various timezones. In the Activity app, you’ll be able to rotate the crown to see more data via corner shortcuts. There’s the option to connect to Bluetook bike sensors to help cyclists track more data too. The Compass, Mindfulness and Medications apps are all getting updates as well. 

Perhaps two of the biggest updates for most people are related to FaceTime. You can view a FaceTime video message on your Watch and join Group FaceTime audio calls.

The Apple Watch Series 9 and Apple Watch Ultra 2 will get some exclusive features powered by the new S9 SiP, including Siri requests that are processed on-device rather than through Apple’s servers. They also support a new Double Tap feature Apple designed to make it easier to carry out the main action in each app. Both devices will be available on September 22.

This article originally appeared on Engadget at https://www.engadget.com/watchos-10-has-arrived-bringing-widgets-back-to-the-apple-watch-171753537.html?src=rss 

Google is continuing its shift away from smart devices by discontinuing support for both Zoom and Google Meet on its Nest Hub Max, 9to5Google reported. Some users have started receiving notifications that they can no longer join meetings from the device beginning September 28. The news follows Zoom’s July announcement that Nest Hub Max support will end for the video calling service on September 30 — guess Google really wanted the services gone by October.

We were fans of the Google Nest Hub Max when it first came out in 2019, giving it an 86 in our review for features like its high-quality display and sound. It initially only offered Google Duo, but the subsequent emergence of the pandemic led to the rollout of Zoom and Meet, and the device soon became known (and bought) for video calling. Now, those programs are on their way out. Plus, Google stopped all game and third-party voice app support in June, and its Nest Cam still hasn’t moved over to the Google Home app.

Nest Hub Max owners aren’t pleased with the changes: One Reddit user said, “What will it become? A giant paperweight.” Another user mentioned seeking a refund since the video calling feature convinced them to buy the device.

This article originally appeared on Engadget at https://www.engadget.com/the-google-nest-hub-max-will-no-longer-support-two-of-the-biggest-meeting-apps-154550964.html?src=rss 

GE Health says it plans to develop an AI-assisted ultrasound imaging tool that is so easy to use, that even healthcare providers without specialized training will be able to operate it. The device’s research and development will be funded by a $44 million grant from the Bill & Melinda Gates Foundation, which has historically invested in the roll-out of new technologies in resource-poor settings to address gaps in healthcare access.

GE says the AI-powered imaging technology has been designed to be dispersed to low-and-middle income countries where the services of healthcare providers may be stretched thin. The ultrasound tool will be more effective at providing clear readings of lung and ultrasound scans across maternal and fetal care as well as pediatric lung health. These areas of medicine are particularly notable because maternal and child mortality is mostly preventable if medical intervention occurs early. Proper medical imaging is key to achieving timely diagnosis, guides treatment decisions and can improve treatment outcomes.

GE’s $3 billion ultrasound business, has recently focused on the development pipeline of AI software with the acquisition of med tech companies like Caption Health, which will help design this particular ultrasound device. The company appears committed to a strategy of increasing spending on AI-related projects both now and in the near future.

This article originally appeared on Engadget at https://www.engadget.com/ge-is-working-on-ai-powered-ultrasounds-to-combat-pediatric-and-maternal-mortality-rates-034020572.html?src=rss 

Just like X (formerly Twitter), would-be competitor T2 Social has a new name, and it’s one that might ring a bell. Starting today, the service is called Pebble. And no, it’s not a revival of the e-ink smartwatch company of yore.

Pebble said in an email to users that T2, which is run by former X/Twitter employees, was a placeholder name. It opted for Pebble after reviewing more than 60 options. The team plumped for that one because “a tiny stone can cause ripples across a whole pond. Just like sharing your stories and insights can create waves in our community.”

It’s certainly an interesting choice. Pebble (the smartwatch) blew up on Kickstarter, only to go out of business a few short years later. Fitbit snapped up its intellectual property and Google later bought that business. That certainly doesn’t seem ominous for the prospects of Pebble (the social media platform). 

The latest entity to go by Pebble hasn’t taken off in the same way as Bluesky (which recently passed a million users), Post (440,000 registered users as of June) or Threads (more than 100 million users in less than a week). Pebble has somewhere north of 15,000 registered users. In fairness, the service limited signups and opted for an invite system, which is also changing today as anyone with an X account can now join.

In addition, Pebble has rolled out a new tab called Ideas. Here, you can see a list of AI-generated suggestions for your next post or reply. Pebble CEO Gabor Cselle suggested this will help foster a kinder, safer and more enjoyable environment for everyone, though some might suggest that could lead to a more boring experience all around. As Wired, which first reported on the GAI feature, put it, “the Ideas feature’s sometimes peppy or stilted prose could easily leave one’s social feed feeling artificial and dull.”

This article originally appeared on Engadget at https://www.engadget.com/would-be-x-competitor-t2-social-is-now-called-pebble-no-not-that-pebble-150021871.html?src=rss 

It’s almost time for Amazon’s annual fall hardware event, where the company typically announces a bunch of upcoming devices, including new entries for its ereader and smart speaker lines. On September 20, the company will stage Devices at its second headquarters in Arlington, Virginia. Amazon will not be streaming it to the public, but Engadget will be there to liveblog so you can follow along and read about its new products as soon as they’re announced, starting at 11AM ET. 

Last year, one of the event’s main reveals was the Kindle Scribe, a 10.2-inch ereader that comes with a pen that you can use to jot down notes on its 300 ppi display. It was launched with a retail price of $340 — and it still costs that much — but it’s been on sale since. The company also announced a redesigned Echo Studio that features a new spatial audio processor, as well as a new Echo Dot with a larger driver, at the event. Plus, Amazon revealed a “no-contact” sleep tracker called the Halo Rise and a refresh of the Fire TV Cube. 

In the security department, the company announced two new cameras from Ring, along with the Spotlight Cam Pro and Spotlight Cam Plus. While those aren’t quite out of the ordinary, Amazon is known to reveal more exciting devices at the event from time to time. In 2021, it introduced an Alexa-powered robot named Astro that can patrol your home, while it revealed a Ring drone that can fly around your house the year before that. 

This article originally appeared on Engadget at https://www.engadget.com/how-to-watch-and-follow-amazons-2023-devices-event-153059840.html?src=rss 

Panos Panay is leaving Microsoft after 19 years with the company, as confirmed via an official tweet. He’s been operating as the chief product officer with Microsoft, heading up Windows 11 development and the company’s Surface line. Rajesh Jha, Microsoft’s vice president of experience and devices, broke the news in an email to employees, as reported by The Verge.

Panay was hired on by Microsoft back in 2004 as a group program manager, overseeing a number of premium products. After heading the development of the initial Surface line of tablets and hybrid laptops, he was named the company’s chief product officer in 2018. His rise continued in 2021 when he was promoted to executive vice president after a successful Windows 11 launch, eventually becoming involved in a leadership team that directly advised CEO Satya Nadella.

There’s been no actual reason given by either party, but Panay says he has “decided to turn the page and write the next chapter.” The timing here is a bit suspicious, as Microsoft’s conducting a livestream event on Thursday that will almost certainly be dedicated to new Surface products. We reached out to the company for clarification as to why Panay left his position and what that means moving forward. We’ll update this post when we hear more.

As for what’s next, Microsoft has already said that Yusuf Mehdi, Microsoft’s current corporate vice president of modern life, search and devices, will take Panay’s place as the head of the Windows and Surface divisions. The company also still seems committed to two areas of the business that Panay consistently championed: integrating AI into Windows 11 and mixed-reality. Microsoft CEO Satya Nadella said in a statement released to TechCrunch that the company remains “steadfast and convicted in our strategy.” We’ll have to see how this unfolds Thursday during Microsoft’s Surface-centric event.

This article originally appeared on Engadget at https://www.engadget.com/microsofts-panos-panay-leaves-company-after-nearly-20-years-153513258.html?src=rss