More stories

  • in

    Why rebooting your phone daily is your best defense against zero-click hackers

    ZDNETIn the last decade, spyware tools have been repeatedly found on the phones of journalists, activists, and politicians, including US officials, raising concerns over the unprecedented proliferation of spyware technologies and, subsequently, the lack of protections within the tech space amid growing threats.Also: Google releases responsible AI report while removing its anti-weapons pledgeLast Friday, Meta’s WhatsApp revealed that it had discovered a hacking campaign targeting about 90 users, mostly journalists and civil society members across two dozen countries. According to a WhatsApp spokesperson, the Israeli spyware company Paragon Solutions — now acquired by Florida-based private equity firm AE Industrial Partners — was behind the attack.What is a zero-click capability? Graphite, Paragon’s spyware, was found to have infiltrated WhatsApp groups by simply sending users a malicious PDF attachment. Without users’ knowledge, it can access and read messages on encrypted applications like WhatsApp and Signal.This is also known as a zero-click attack, which means that targets do not have to take any actions for their devices to become compromised. In contrast, phishing or one-click attacks require user interaction with a malicious link or attachment. Moreover, once a phone is infected with a zero-click capability, the operator of the attack can secretly gain total access to the phone by exploiting a security vulnerability.Also: How to turn on Private DNS Mode on Android – and why it’s a must for securityIn an interview with ZDNET, Rocky Cole, co-founder of mobile threat protection company iVerify, explains that “in the case of graphite, via WhatsApp, some kind of payload, like a PDF or an image, [was sent to the victims’ devices] and the underlying processes that receive and handle those packages have vulnerabilities that the attackers exploit [to] infect the phone.”While public reporting does not specify “whether graphite can engage in privilege escalation [vulnerability] and operate outside WhatsApp or even move into the iOS kernel itself, we do know from our own detections and other work with customers, that privilege escalation via WhatsApp in order to gain kernel access is indeed possible,” Cole states.iVerify has uncovered instances where “a number of WhatsApp crashes on [mobile] devices [they’re] monitoring with iVerify” have appeared to be malicious in nature, leading the iVerify team to believe that the malicious attacks are “potentially more widespread” than just the 90 people reported to have been infected by graphite.While the WhatsApp attack was predominantly launched against members of civil society, mobile spyware is an emerging threat against all members of society because mobile exploitation is more widespread than one might think, Cole notes. Moreover, “the result is an emerging ecosystem around mobile spyware development and an increasing number of VC-backed mobile spyware companies are ‘under pressure to become profitable enterprises,'” he states.This ultimately “creates marketing competition” for spyware merchants and “lowers barriers” that would deter these mobile exploitation attacks.Also: The top 10 brands exploited in phishing attacks – and how to protect yourselfJust a month ago, WhatsApp won a lawsuit  against NSO after a federal judge in California found that NSO was exploiting a security vulnerability within the messaging app to deliver Pegasus. The infamous NSO Group  — notably known for infecting the phones of journalists, activists, and Palestinian rights organizations — has used similar zero-click capabilities through their Israeli-made Pegasus spyware, a commercial spyware and phone hacking tool.Historically, the NSO Group has avoided selling to US-based clients and has also been banned by the US Commerce Department under the Biden administration for allegedly supplying spyware to authoritarian governments. However, “shifting political dynamics [under the Trump administration] raises the possibility that spyware may become more prevalent in the United States” — exacerbating mobile exploitation.”And the world is totally unprepared to deal with that,” Cole said. More

  • in

    If you’re not working on quantum-safe encryption now, it’s already too late

    BlackJack3D/Getty Images Remember Nokia? Back before smartphones, many of us carried Nokia’s nearly indestructible cell phones. They no longer make phones, but don’t count Nokia out. Ever since the company was founded in 1865, Nokia has successfully pivoted to industries showing promise. Here’s a fun trivia fact you can use at your next party: Nokia […] More

  • in

    Get up to 50% off EcoFlow power stations with these great deals!

    There’s never been a better time to buy the EcoFlow Delta Pro Ultra. Adrian Kingsley-Hughes/ZDNETI test portable power stations for a living and hear from a lot of readers who’d love to get their hands on one, either for use at home as a backup power source or in a truck or RV for camping, but the cost puts them out of reach. I understand — they’re not cheap. Some are hundreds of dollars, others are thousands, so being able to grab a good deal is a great idea. And premium manufacturer EcoFlow is having a winter sale, so there’s never been a better time to prep for that next storm, power outage, or camping trip. But hurry, because these deals run until February 9th, after which they’re gone! Also: The best portable power stations you can buy Top EcoFlow deals More

  • in

    Have an old Kindle? How to add new books – and one thing you should never do

    David Gewirtz/ZDNETAs a tech professional, there are many things I know because I know things. But there are also things I learn about because it’s my job to fix the tech problems around the house. In this case, my wife had performed a factory reset on her cherished Kindle DX, which she purchased almost exactly ten years ago. After the reset, she couldn’t get any of her books to download. Also: The best Kindles of 2025: Expert tested and reviewedShe wanted to clean the Kindle of all its cruft. Every book she ever bought, up until the last time she powered up the machine, had been on that device before the reset. She thought a factory reset would be the fastest way to start with a clean slate. It was indeed a clean slate. All that was left was a dictionary and user guide, both installed as part of the reset process. And she couldn’t download anything else she wanted on there. I am not an active Kindle device user. I enjoy reading Kindle books on my iPhone, but I’ve never really bonded with Kindle devices. So I haven’t spent too much time tracking all their ins and outs. It took a bit of Googling to figure out that the reason my wife couldn’t download books over Wi-Fi to her Kindle DX is that the DX never supported Wi-Fi. The device did, however, come with full-time 3G cellular support, which is the mechanism by which she had loaded books on the thing throughout the years. Also: How to trade in your old devices for Amazon gift cardsRead that last paragraph and recognize that I’m writing this article in 2025, not 2014. In 2014, we had 3G. By 2025, most of the major carriers in the US have shut down their 3G networks. Amazon has also phased out support of 3G More

  • in

    ChatGPT’s Deep Research just identified 20 jobs it will replace. Is yours on the list?

    Getty Images/cagkansayin This week, OpenAI launched its Deep Research feature which can synthesize content from across the web into one detailed report in minutes leveraging a version of the company’s latest model, o3.  This feature is a powerful tool for workers, as it can save them hours by completing research autonomously. But can the technology’s […] More

  • in

    Too many tabs? Try these browsers with better tab management than Chrome

    ZDNETHave you ever stopped to look at how many tabs you have across the top of your browser? Is that number so large that you can’t make out the favicons for each of those sites, forcing you to click through them to find the site you need?The frustration described above is more common than you might think. Part of the reason is that many browsers still haven’t figured out how to manage tabs with any level of efficiency.Also: 5 great Chrome-like browsers that put your privacy firstHowever, a handful of browsers make working with an ever-growing list of tabs so much easier that you’ll wonder why you haven’t already made the switch.Trust me — once you’ve experienced real tab management in a web browser, you won’t look back. In fact, after I started using one of these browsers, I couldn’t go back to the old-school method of hunting for tabs in a sea of tiny icons.If that sounds like a frustration you’d prefer to leave behind, read on, my friend, because your tabs are about to get managed.1. OperaI’ll start with the browser that made me leave behind Firefox and never look back. That browser is Opera, and the feature is called Workspaces. With Workspaces, you create categorized spaces (such as Social Media, Shopping, News, and Work) and can open related tabs in those spaces, quickly switching back and forth. You could spend time viewing work-related sites in the Work Workspace and then move to the Shopping Workspace to find a new book to read. Hit the Social Media Workspace and craft a pithy post. Also: 5 great Chrome-like browsers that put your privacy firstWorkspaces can be accessed from the sidebar, and you can create as many as you need. Even better, you can pin specific tabs to specific workspaces. You can also customize keyboard shortcuts to allow you to switch from one workspace to the next without your hands leaving the keyboard. Opera is free to use and can be installed on Linux, MacOS, Windows, Android, and iOS.Best for: Those who want serious tab management, use different operating systems, and don’t mind installing closed-source software. More