Nintendo The Nintendo Switch 2<!–> is finally almost here. And if you missed out on the chance to preorder the console, don’t fret: Plenty of retailers including Best Buy–> and GameStop<!–> have officially partnered with Nintendo to ensure that stores have at least some physical stock available for customers on launch day June 5. To […] More
Roku Roku is one of the biggest names in streaming services, and ever since the first Roku-branded TVs hit the market in 2023, they’ve been a go-to choice for affordable and reliable TVs. And whether you’re looking to upgrade your main screen in your home theater, or are looking for a cheap second screen, you […] More
<!–> ZDNET’s key takeaways You can buy the latest Galaxy Book5 Pro for a starting retail price of $1,349. It sports a brilliant 3K touchscreen and large touchpad, plus Intel’s Lunar Lake chip delivers next-gen performance. Despite the better hardware, this laptop shares some design flaws as its predecessor. –> For a limited time, the […] More
Sabrina Ortiz/ZDNETThose of you with Microsoft 365 subscriptions may have noticed that Copilot now pops up in Word and other applications in the suite. How did it get there when you didn’t buy or request Copilot and don’t necessarily want it? Blame it on Microsoft’s usual sleight of hand.Also: The Microsoft 365 Copilot launch was a total disasterIn an effort to push Copilot, Microsoft has added the AI to its Microsoft 365 Family and Personal plans. Open Excel, PowerPoint, or OneNote, and you’ll now see a Copilot icon on the ribbon. That’s not so bad, as you can easily ignore it. But launch Microsoft Word, and Copilot gets in your face with an icon in the left margin and a huge, annoying message prompting you to “Draft with Copilot.” More
Kerry Wan/ZDNETIf you have a Samsung account you haven’t used in a while, consider checking on it to see if there’s anything you need. Otherwise, it might get deleted.Until now, inactive Samsung accounts have been left untouched. If you switched phones to another brand, you had a little assurance that your old information would still be there if you ever needed it or decided to go back to Samsung someday. Also: Grab the Samsung Galaxy S25 for up to $560 off – here’s howThat’s changing soon.In a recent email to affected customers (first reported by sammobile.com), the company said it’s implementing a new policy for inactive accounts starting July 31. If a user hasn’t logged in for 24 months, that account, and everything associated with it — like Samsung Cloud data, stored photos, device backups, Samsung Wallet and Samsung Health details, downloaded apps, Find My Mobile data, and more — will be deleted. More
<!–> ZDNET’s key takeaways The RayNeo Air 3S is available for $269 These XR glasses provide advanced micro-OLED screens, dual speaker chamber design, and a 201-inch screen visual experience There are no light-blocking shades or electrochromic dimming capability, and productivity support is limited to native MacOS and Windows support. more buying choices Just about every […] More
Elyse Betters Picaro / ZDNETDo you own an Asus router? If so, your device may have been one of thousands compromised in a large campaign waged by cybercriminals looking to exploit it. In a blog post published Wednesday, security firm GreyNoise revealed that the attack was staged by what it suggests is “a well-resourced and highly capable adversary.”Also: Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and moreTo gain initial access, the attackers used brute-force login techniques and two different methods to bypass the built-in authentication. They’ve also been able to exploit certain vulnerabilities not yet assigned official CVE numbers. Once they’d accessed the router, they were able to run arbitrary system commands by exploiting a known security flaw identified as CVE-2023-39780.Though no malware was actually installed, the attackers certainly left their mark. More than 9,000 Asus routers affectedBy using built-in Asus settings, they were able to set up SSH access, a secure way to connect to and control a remote device. They also installed a backdoor to return easily to the router’s firmware without worrying about authentication. The backdoor was stored in non-volatile memory (NVRAM), which meant it couldn’t be removed by rebooting the router or updating its firmware. To avoid being caught, the criminals even disabled logging, which would otherwise record their access. Also: Why no small business is too small for hackers – and 8 security best practices for SMBsBased on data from internet scanner Censys, more than 9,000 Asus routers are affected, and that number is growing. However, GreyNoise said that over the past three months, it witnessed only 30 related requests to access the affected routers. That seems to be a sign that the campaign is moving along slowly and quietly. If no malware is installed, what’s the goal behind the attack? “This appears to be part of a stealth operation to assemble a distributed network of backdoor devices — potentially laying the groundwork for a future botnet,” GreyNoise said in its post.And who’s behind it?”The tactics used in this campaign — stealthy initial access, use of built-in system features for persistence, and careful avoidance of detection — are consistent with those seen in advanced, long-term operations, including activity associated with advanced persistent threat (APT) actors and operational relay box (ORB) networks. While GreyNoise has made no attribution, the level of tradecraft suggests a well-resourced and highly capable adversary.” Also: Your old router could be a security threat – here’s why and what to doThe language used by GreyNoise, particularly the reference to APTs, suggests a nation-state or attackers working on behalf of a hostile government. Though GreyNoise didn’t cite any particular adversary, such attacks have been attributed to different countries, including China, Russia, North Korea, and Iran.Using its AI-powered payload analysis tool Sift and its observation grid, GreyNoise discovered the attack on March 18. But the firm said it waited until now to disclose it publicly so it could have time to consult with its government and industry partners.”In the past few years, networking gear especially for the home, SOHO, and SMB market segments, has had a rough go with attackers increasingly targeting these devices,” John Bambenek, president at cybersecurity firm Bambenek Consulting, told ZDNET. “The risk of the household being compromised is minimal, they’ll simply have their router be used to launch attacks on other parties (though they might start experiencing more captchas when they engage in their routine internet use). Sophisticated attackers are going for these devices because they intend to do something, and it’ll be more than cryptomining.” More
Qualcomm Wireless tech maker Qualcomm has patched three zero-day security flaws that it says may have already been exploited in the wild. In a security bulletin published Monday, the company revealed that the issue affects a driver for the Adreno Graphics Processing Unit, which is found in devices powered by its Snapdragon processors. Also: The […] More
