Google’s wired Nest security camera has dropped to its lowest price to date. The second-gen device is for indoor use and it’s motion sensitive. It’s capable of capturing 1080p HDR video. You can , which is $30 or 30 percent off the regular price of $100, at Amazon if you opt for the fog or linen colorway. However, if you go for the snow variant you can save a little more. That one is , or 32 percent off.
Google
Google’s second-gen wired Nest security camera has dropped to its lowest price ever.
The Nest Cam uses AI to discern between people, animals and vehicles. It can send you alerts via the Google Home app, and you won’t need a subscription for that. You will need a Nest Aware plan if you want up to 60 days of video history. Otherwise, Google will offer three free hours of event video history. Handily, if you have a Wi-Fi outage, up to an hour of event recordings will be stored on the device itself.
There’s a two-way audio function, so you can chat with house guests if you’re not home. In the event of an unwanted visitor, you can contact emergency services directly from the Google Home app if you’re a Nest Aware member who is perhaps using a tablet instead of a phone. You’ll be able to view live video feeds on compatible smart displays and smart TVs too.
Nest Aware subscribers can receive notifications when familiar faces are recognized. There’s also the option to set up home and away routines so the camera doesn’t capture video while you’re at your place.
Elsewhere, the Outdoor Nest Cam with Floodlight is on sale too. It has That’s just $10 more than the lowest price we’ve seen for it to date.
For weeks now, unidentified threat actors have been leveraging a critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software, running arbitrary code on vulnerable firewalls, with root privilege.
Multiple security researchers have flagged the campaign, including Palo Alto Networks’ own Unit 42, noting a single threat actor group has been abusing a vulnerability called command injection, since at least March 26 2024.
This vulnerability is now tracked as CVE-2024-3400, and carries a maximum severity score (10.0). The campaign, dubbed MidnightEclipse, targeted PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewall configurations with GlobalProtect gateway and device telemetry enabled, since these are the only vulnerable endpoints.
Highly capable threat actor
The attackers have been using the vulnerability to drop a Python-based backdoor on the firewall which Volexity, a separate threat actor that observed the campaign in the wild, dubbed UPSTYLE. While the motives behind the campaign are subject to speculation, the researchers believe the endgame here is to extract sensitive data. The researchers don’t know exactly how many victims there are, nor who the attackers primarily target. The threat actors have been given the moniker UTA0218 for now.
“The tradecraft and speed employed by the attacker suggests a highly capable threat actor with a clear playbook of what to access to further their objectives,” the researchers said. “UTA0218’s initial objectives were aimed at grabbing the domain backup DPAPI keys and targeting active directory credentials by obtaining the NTDS.DIT file. They further targeted user workstations to steal saved cookies and login data, along with the users’ DPAPI keys.”
In its writeup, The Hacker News reported that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added this flaw to its Known Exploited Vulnerabilities (KEV) catalog, giving federal agencies a deadline of April 19 to apply the patch and otherwise mitigate the threat.
“Targeting edge devices remains a popular vector of attack for capable threat actors who have the time and resources to invest into researching new vulnerabilities,” Volexity said.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“It is highly likely UTA0218 is a state-backed threat actor based on the resources required to develop and exploit a vulnerability of this nature, the type of victims targeted by this actor, and the capabilities displayed to install the Python backdoor and further access victim networks.”
The Blink Mini 2 home security camera was only announced a month ago, and it’s already on sale. The camera is 25 percent off in both colors — black and white — in a deal on Amazon, bringing the already budget-friendly system down to just $30. The Blink Mini 2 can be used indoors or outdoors, offers HD footage in the daytime or at night and has an LED spotlight. It can be paired with one of Amazon’s smart displays for Alexa voice controls. The camera is a plug-in device, though, so you’ll need to place it somewhere with an outlet.
Blink
Blink’s new indoor/outdoor security camera is 25 percent off.
You’ll also need to pick up the weather-resistant power adapter if you intend to put it outside. A bundle including that adapter is on sale as well, shaving $10 off its normal price of $50. Amazon-owned Blink announced the Mini 2 camera in March, touting improvements to image quality and the option for HD night view in color thanks to its spotlight. The camera also has motion detection and two-way audio, so you can hear what’s going on and, if you want, let whoever’s on the other side hear you too.
With the Blink subscription, you can get additional features out of the Mini 2. That includes smart notifications, like person detection, the ability to stream up to 90 minutes of live video and cloud storage for event clips. If you already own a Blink Video Doorbell, the Mini 2 camera can be used with that system to work as a chime when someone rings the doorbell. In the box you’ll get one camera, a mounting kit and stand, and one USB-C cable and power adapter for indoor use.
Purchasing the Mini 2 will get you a 30-day free trial of the Blink Subscription Plan, too. If you plan on keeping it after that, it’ll cost $3 per month per device. You can also opt to pay $10 per month to cover an unlimited amount of devices if you have a multi-camera setup.
Amid political headwinds and economic uncertainty, we find ourselves in a challenging time for business. The economy is being impacted by the combination of ongoing high inflation and limited GDP growth. Meanwhile, supply chains are being disrupted by international conflicts (e.g., Ukraine, Gaza and the Houthi insurgency) and the ongoing impact of Brexit. And so, businesses are being pulled in multiple directions due to economic pressures and uncertainty – the two things they hate most. Due to these challenges, it’s safe to say we are living through a ‘cost of doing business’ crisis.
This crisis has seen cybersecurity teams suffer pushback from decision-makers about new investments. With instability resulting in spending decisions being delayed, they are faced with ‘in-real-terms’ or even actual budget cuts for the first time. This is forcing them to be as agile as possible to continue responding to the evolving security landscape because the classic market drivers – the evolving threat landscape, increasing digital transformation, mounting regulatory reform and the ongoing skills shortage – mean that security teams are being asked to deliver more with less. Thus, the knee-jerk response of ‘salami-slicing’ costs, let alone not acting at all, is simply not an option.
To maintain an appropriate level of security, finding a way to continue protecting their company will therefore be an uphill battle. Security leaders must find new ways to demonstrate the value of the investment decisions they seek.
Dominic Trott
UK product manager, Orange Cyberdefense.
Security as an enterprise risk management topic
Any organization failing to protect its sensitive digital assets from today’s increasingly sophisticated cyber threats stands to pay a high price. According to our recent Security Navigator report, there was a global surge of 46% in cyberattack victims in 2023.
A significant contributor to this is the tendency of businesses to view security merely as a checkbox on their compliance list rather than addressing it as part of a broader (and consistent) enterprise risk management strategy. This implies a lack of communication, with the C-suite not fully understanding the way that security delivers value across their organization.
However, cyber resilience should start in the boardroom, with organizations aligning cybersecurity closely with their business objectives. Achieving this requires enhanced collaboration between CISOs, security and the wider leadership team to foster a deeper understanding of internal security needs and how they can support business goals by defending their most important assets and maintaining ‘business as usual’ in the face of attacks.
Executive meetings should therefore regularly address security as an enterprise risk management topic, emphasizing the significance of partnerships and collaboration between the board and security teams. They can do this by making sure that they understand the risk management strategy of their business leaders, working to quantify the security risk that they face and presenting security decisions in terms that help the board to map this security risk posture against their risk appetite. This will allow security experts to advise on how budgets could be allocated most strategically and facilitate open discussions about the inherent risk versus cost challenges posed by potential cyber incidents.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Always relate to the business strategy
Our research also found that the past year saw large enterprises account for 40% of security incidents. With more stakeholders, these organizations often suffer by trying to take multiple perspectives onboard, which can make business and security alignment more challenging. Security leaders must focus their activity and investments towards the most critical risks that are most contextually relevant. Otherwise, they risk ‘boiling the ocean’ – diminishing the impact of their spending power by diluting focus.
A lack of business focus on the security strategy can lead to organizations missing out on the adoption of new tools and technologies that could provide a competitive advantage. For example, at our annual Summit in November, an informal discussion between partners and customers found that only around a quarter of security leaders in attendance had ChatGPT enabled for staff, with the remaining citing it was blocked for security reasons. However, businesses that can find a way for security teams to enable such technologies safely will reap the rewards and put themselves ahead of their competitors.
To overcome this issue, security teams must learn how to ‘do business with the business.’ This means understanding what the wider business is struggling with and, crucially, being able to explain how they can support it. To achieve this, it is critical to make new tools ‘secure by design,’ as solutions that both enhance security while preserving usability can help to hone a competitive edge. However, this hinges on security teams being involved in new projects from the start so they can demonstrate their value for business initiatives.
Unfortunately, this stands in contrast to the traditional situation whereby security is brought in at the end and/or as an afterthought, perceived by the rest of the business as a ‘blocker’ that slows down or dilutes the value of such projects. By helping business leaders think creatively about how finance, security and business strategies align, security teams can help drive the business agenda.
Automation to the rescue
However, this level of collaboration with the broader business can be time-intensive for security teams, who are also trying to maintain appropriate defenses and respond to threats. One way of tackling this is by optimizing security operations and using automation so they can spend time on more meaningful tasks, without taking their foot off the gas.
Whilst every procedure holds importance, security teams need to reassess how they prioritize their time and how mundane, everyday tasks can be dealt with to free up – or ‘create’ – capacity. If this is done right they can improve security metrics, minimize incident response times and therefore reduce exposure to risk, while at the same time creating more time to work closer with business leaders to drive home the importance of their role.
Ultimately, security should be part of the answer not part of the problem when it comes to overcoming the ‘cost of doing business.’ By freeing up resources with the help of automation, security teams can build a more strategic role in the boardroom, and forge closer ties with business leaders to proactively address vulnerabilities and unlock a competitive advantage.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
RCS is the successor to SMS and will soon see much broader adoption, as Apple is expected to bring RCS support to iPhones later this year. Ahead of its wider adoption, Google is adding some security measures to make RCS even more secure for users, and it involves warning users about possible risks.
Google Messages will warn users about visiting links sent by unknown users via RCS
It has been revealed that Google Messages will soon warn users about the risk of visiting links sent via RCS by users who aren’t on their contacts list. This feature isn’t live on the stable version of Google Messages yet and is under testing. It was spotted by Android enthusiast @AssembleDebug (via PiunikaWeb) in the latest beta version (20240402_01_RCO0) of Google Messages. An X user pointed out that this feature even works with links received via SMS. In recent Galaxy phones, the Google Messages app is the default SMS and RCS app instead of Samsung Messages.
With this feature, Google is ensuring that users understand the risk they are taking by visiting URLs (links) that they receive from people they don’t know or aren’t in their contacts list. Users must click the ‘Continue With Possible Risk checkmark and click Continue to visit the link.
RCS is a huge upgrade over SMS. It allows you to send long text messages, high-resolution images and videos, stickers, locations, voice messages, and more. It supports typing indicators and managing messages from the web. It supports group chats, individual message replies, and other advanced features.
Hackers recently stole hundreds of thousands of social security numbers from an American consulting firm, with victims across the US possibly affected.
Greylock McKinnon Associates (GMA) has filed a new report with the Office of the Maine Attorney General, and sent a breach notification email to affected individuals.
In its filing, the company said that 341,650 individuals have had their sensitive data, and Social Security Numbers (SSN), stolen by unidentified threat actors.
Identities unknown
In the letter, seen by TechCrunch, GMA told the victims that it fell prey to a “sophisticated cyberattack” in May last year. In the attack, the threat actors stole people’s names, birth dates, addresses, and Medicare Health Insurance Claim Numbers, which also contained Social Security Numbers associated with a member.
Furthermore, “some” medical information and/or health insurance information was also stolen. While the attack did happen almost a year ago, it was in early February that GMA was notified that it had resulted in the theft of sensitive, personal data. It is unclear why GMA took so long to conclude its investigation of the breach.
GMA is a consulting firm providing litigation support services in civil litigation matters. The data it held was obtained by the U.S. Department of Justice (DoJ) as part of a civil litigation matter, and then passed over to the company. “We received your information in our provision of services to the DOJ in support of that matter,” GMA said in the letter. “DOJ has advised us that you are not the subject of this investigation or the associated litigation matters. The DOJ informed GMA that this incident does not impact your current Medicare benefits or coverage.”
The identity of the attackers, or their motives, remain unknown. No threat actors have assumed responsibility for the attack just yet. It is also no known if the data was grabbed from a specific litigation process.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
A high-severity vulnerability has been recently discovered in certain D-Link Network Attached Storage (NAS) instances which could be used to run malicious code, steal sensitive data, and mount denial-of-service (DoS) attacks.
Cybersecurity researcher Netsecfish, who discovered the flaw, found multiple instances of D-Link’s NAS devices have an arbitrary command injection flaw in the “system” parameter, and a hardcoded account that can be used to access the device. As a result, hackers can run commands as they please:
“Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive information, modification of system configurations, or denial of service conditions,” the researcher said.
No patch
The vulnerability is tracked as CVE-2024-3273. Apparently, there are roughly 92,000 of these D-Link NAS devices in use today, meaning that the attack surface is relatively large.
Multiple models are affected, including: DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013; DNS-325 Version 1.01; DNS-327L Version 1.09, Version 1.00.0409.2013; and DNS-340L Version 1.08.
Unfortunately, the patch is not coming. These devices, D-Link confirmed to BleepingComputer, are way past their end of life, and as such will not be fixed. The company released a security bulletin, and urged its customers to replace the devices with newer versions as soon as possible.
“All D-Link Network Attached storage has been End of Life and of Service Life for many years [and] the resources associated with these products have ceased their development and are no longer supported,” the spokesperson told the publication. “D-Link recommends retiring these products and replacing them with products that receive firmware updates.”
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Even those that receive firmware updates should never be exposed to the internet as cybercriminals see them as valuable targets.
The cost of ditching Windows 10 at your business and upgrading to the latest software might end up being a rather expensive process, Microsoft has revealed.
Microsoft is ending support for Windows 10 on October 14, 2025, with businesses then needing to pay out for its Extended Security Updates (ESU).
The company has now unveiled details on how much businesses will need to have to pay if they want to keep using Windows 10 after its official end of support deadline without being left open to security attacks.
Costly Windows 10 upgrade
In a blog post explaining the changes, Microsoft reminded businesses that will need to keep using Windows 10 after support ends that they will need to enroll those PCs in the ESU program.
There will be three paid options for businesses looking to extend their support, Microsoft said – the traditional 5-by-5 activation key method, a cloud-based activation method, and activation included with your Windows 365 subscription.
The former is the base license package, costing $61 per device for Year 1, with users simply downloading an activation key and applying it to whichever individual Windows 10 devices they have selected for the ESU program.
Companies will also be able to access ESU through their existing Windows 365 subscription at no extra cost, with devices automatically be activated to receive security updates without any additional steps.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Finally, Microsoft also has a “special offer” for organizations using a Microsoft cloud-based update management solution such as Microsoft Intune or Windows Autopatch, who can access a 25% discount, meaning their ESU will cost $45 per user for up to five devices for Year 1.
“ESUs allow you to receive critical and/or important security updates for Windows 10 PCs when you need extra time to move to Windows 11,” the company noted.
“Organizations that run legacy software are at a higher risk of security breaches and potential compliance violations. While Windows 10 PCs will continue to function after they reach end of support, they will no longer receive security updates, bug fixes, feature improvements, or security issue resolutions. Upgrading to Windows 11 or transitioning to a new Windows 11 PC will help you deliver the best, most secure computing experience to your employees—and help protect your organization.”
The beta version of Ubuntu 24.04 won’t be released on time, the developers have confirmed, following concerns about a major security threat.
Instead of launching on April 4, the latest Ubuntu version, which also holds the codename Noble Numbat, will now be released on April 11 after developers Canonical decided to push the release for a week because of the discovery of CVE-2024-3094, a critical vulnerability recently discovered in xz-utils.
XZ-utils is a set of data compression tools and libraries used by major Linux distros. The vulnerability was introduced to XZ version 5.6.0 by a pseudonymous attacker, and persisted throughout 5.6.1 as well.
Securing future versions
The majority of Linux distros seem to be affected by the flaw. Ubuntu 24.04 (but not older versions), Red Hat, Fedora Rawhide, and Fedora 40, as well as some Kali Linux versions, and some Arch Linux installation media, are affected.
Red Hat Enterprise Linux (RHEL) versions, stable Debian releases, as well as Linux Mint, Gentoo Linux, Alpine Linux and Amazon Linux are not affected, it was said.
In the Discourse post, Canonical said it will “remove and rebuild all binary packages that had been built for Noble Numbat after the CVE-2024-3094 code was committed to xz-utils (February 26th), on newly provisioned build environments.” This should make the latest Ubuntu release safe from the vulnerability which was given a severity score of 10.0.
Tom’s Hardware speculates that the launch of the final 24.04 version – planned for April 25 – could also be delayed. A survey on Mastodon, set up by a former Canonical employee, showed that out of roughly 100 respondents, only a slim majority (56% versus 44%) expects the version to be released on time.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Earlier this week, Binarly released a free scanner to make hunting for the flaw faster, more seamless, and with fewer false positives.
Another major WordPress plugin was found vulnerable to a high-severity flaw which allowed malicious actors to steal sensitive information from the website, including password hashes.
LayerSlider has published a new security advisory, saying the product is now in version 7.10.1, but adding, “This update includes important security fixes.”
While the announcement does not detail the vulnerability fixed, The Hacker News reported that the project fixed an SQL injection vulnerability impacting versions 7.9.11 through 7.10.0. This vulnerability is now tracked as CVE-2024-2879, and has a severity score of 9.8 (critical).
Targeting WordPress
On its website, LayerSlider describes itself as a “visual web content editor, a graphic design software, and a digital visual effects application all in one”. It also claims to be used by “millions” of people worldwide. LayerSlider is a commercial WordPress plugin, with annual license packages ranging from $26 to $159.
Being the world’s most popular website builder, and used by roughly half of all the websites in existence, WordPress is a major target for cybercriminals everywhere. However, with the platform generally considered safe, hackers have turned their attention to third-party themes and plugins, as these are rarely as secure as the platform itself.
There are thousands of themes and plugins for WordPress, all of which build upon and improve the WordPress experience. Some are free to use, but commercial ones usually have a dedicated team that works on improvements and security. As a result, most of the time, hackers will go for free-to-use themes and plugins – many have millions of users, but have been abandoned by their developers and contain vulnerabilities that are never (or rarely) addressed.
To remain secure, admins should only install themes and plugins they intend on using, and make sure they are always updated to the latest version.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
