Insta360 launches the One RS 1-inch 360 Edition


(Pocket-lint) – Insta360 has announced its latest addition to the Insta360 One RS family, the 1-inch 360 Edition.

Co-engineered with Leica, the new camera completely transforms the One RS form factor.

It still has the same core in the middle, but due to the size of the new sensors (and lenses), the assembly has been reconfigured into a vertical format.

The dual 1-inch sensors are the largest we’ve ever seen on a consumer 360 camera, and should offer far superior low-light performance and image fidelity.

“The 1-Inch 360 Edition represents Insta360’s continued mission to make One RS the most comprehensive and versatile camera on the market. This latest edition turns One RS into a powerful 6K camera capable of impressive performance even in low light,” said JK Liu, founder of Insta360. 

The new module can shoot 360 videos at up to 6K resolution and take 21MP stills. 

“We’re excited to bring Leica’s optical and digital imaging expertise into a new product segment with the One RS 1-Inch 360 Edition. Creators can take advantage of both the camera’s 360 capture capabilities and its dual 1-inch sensors, no longer having to choose between creativity and premium image quality,” said Matthias Harsch, CEO of Leica Camera AG.

Of course, since the core of the camera is the same unit as the One RS, you’ll benefit from many of the great features that we saw on that camera.

This includes FlowState stabilisation, horizon levelling, AI subject tracking and timelapse and star lapse modes.

In addition, the 1-inch 360 edition introduces PureShot HDR photo mode. This uses AI and exposure bracketing to create high-dynamic-range 360 images.

This impressive camera doesn’t come cheap, though, it’ll set you back $799.99 / £809.99 for the full kit. If you already have an Insta360 One RS core, the upgrade kit can be had for a little less and is priced at $649.99 / £659.99.

Given the higher price bracket, it would seem Insta360 is targeting professional users with this release and it’s less likely to be the camera of choice for hurtling down a hill on a skateboard.

If you’re one of those who can take advantage of such a fancy 360 camera, it’s available to purchase today at Insta360’s website and select retailers worldwide.

squirrel_widget_12853426

Writing by Luke Baker.





Microsoft Exchange servers worldwide hit by stealthy new backdoor


Microsoft Exchange servers worldwide hit by stealthy new backdoor

Getty Images

Researchers have identified stealthy new malware that threat actors have been using for the past 15 months to backdoor Microsoft Exchange servers after they have been hacked.

Dubbed SessionManager, the malicious software poses as a legitimate module for Internet Information Services (IIS), the web server installed by default on Exchange servers. Organizations often deploy IIS modules to streamline specific processes on their web infrastructure. Researchers from security firm Kaspersky have identified 34 servers belonging to 24 organizations that have been infected with SessionManager since March 2021. As of earlier this month, Kaspersky said, 20 organizations remained infected.

Stealth, persistence, power

Malicious IIS modules offer an ideal means to deploy powerful, persistent, and stealthy backdoors. Once installed, they will respond to specifically crafted HTTP requests sent by the operator instructing the server to collect emails, add further malicious access, or use the compromised servers for clandestine purposes. To the untrained eye, the HTTP requests look unremarkable, even though they give the operator complete control over the machine.

“Such malicious modules usually expect seemingly legitimate but specifically crafted HTTP requests from their operators, trigger actions based on the operators’ hidden instructions if any, then transparently pass the request to the server for it to be processed just like any other request,” Kaspersky researcher Pierre Delcher wrote. “As a result, such modules are not easily spotted by usual monitoring practices: they do not necessarily initiate suspicious communications to external servers, receive commands through HTTP requests to a server that is specifically exposed to such processes, and their files are often placed in overlooked locations that contain a lot of other legitimate files.”

Kaspersky

Once SessionManager is deployed, operators use it to profile the infected environment further, gather passwords stored in memory, and install additional tools, including a PowerSploit-based reflective loader, Mimikat SSP, ProcDump, and a legitimate Avast memory dump tool. Kaspersky obtained multiple SessionManager variants that date back to at least March 2021. The samples show a steady evolution that has added more features with each new version. The most recent version of the malicious module includes the following:

Command name
(SM_SESSION cookie value)
Command parameters
(additional cookies)
Associated capability
GETFILE FILEPATH: path of file to be read. FILEPOS1: offset at which to start reading, from file start.

FILEPOS2: maximum number of bytes to read.

Read the content of a file on the compromised server and send it to the operator as an HTTP binary file named cool.rar.
PUTFILE FILEPATH: path of file to be written.

FILEPOS1: offset at which to start writing.

FILEPOS2: offset reference.

FILEMODE: requested file access type.

Write arbitrary content to a file on the compromised server. The data to be written in the specified file is passed within the HTTP request body.
DELETEFILE FILEPATH: path of file to be deleted. Delete a file on the compromised server.
FILESIZE FILEPATH: path of file to be measured. Get the size (in bytes) of the specified file.
CMD None. Run an arbitrary process on the compromised server. The process to run and its arguments are specified in the HTTP request body using the format: <executable path>t<arguments>. The standard output and error data from process execution are sent back as plain text to the operator in the HTTP response body.
PING None. Check for SessionManager deployment. The “Wokring OK” (sic.) message will be sent to the operator in the HTTP response body.
S5CONNECT S5HOST: hostname to connect to (exclusive with S5IP).

S5PORT: offset at which to start writing.

S5IP: IP address to connect to if no hostname is given (exclusive with S5HOST).

S5TIMEOUT: maximum delay in seconds to allow for connection.

Connect from compromised host to a specified network endpoint, using a created TCP socket. The integer identifier of the created and connected socket will be returned as the value of the S5ID cookie variable in the HTTP response, and the status of the connection will be reported in the HTTP response body.
S5WRITE S5ID: identifier of the socket to write to, as returned by S5CONNECT. Write data to the specified connected socket. The data to be written in the specified socket is passed within the HTTP request body.
S5READ S5ID: identifier of the socket to read from, as returned by S5CONNECT. Read data from the specified connected socket. The read data is sent back within the HTTP response body.
S5CLOSE S5ID: identifier of the socket to close, as returned by S5CONNECT. Terminate an existing socket connection. The status of the operation is returned as a message within the HTTP response body.

Remember ProxyLogon?

SessionManager gets installed after threat actors have exploited vulnerabilities known as ProxyLogon within Microsoft Exchange servers. Kaspersky has found it infecting NGOs, governments, militaries, and industrial organizations in Africa, South America, Asia, and Europe.

Kaspersky

Kaspersky said it has medium-to-high confidence that a previously identified threat actor that researchers call Gelsemium has been deploying SessionManager. Security firm ESET published a deep dive on the group (PDF) last year. Kaspersky’s attribution is based on the overlap of code used by the two groups and victims targeted.

Disinfecting servers that have been hit by SessionManager or similar malicious IIS modules is a complicated process. Kaspersky’s post contains indicators that organizations can use to determine if they’ve been infected and steps they should take in the event they’ve been infected.



Apple TV+ to host panels at Comic-Con, featuring cast and crew from ‘Mythic Quest,’ ‘Invasion,’ and more




AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple TV+ will make its debut at Comic-Con and will host four panels centered around fan-favorite shows.

For the first time, fans attending San Diego Comic-Con will have a chance to attend panels focused on the streaming service’s critically-acclaimed shows.

Three of the panels focus on individual shows, including “Severance,” “For All Mankind,” and “Mythic Quest.” A fourth panel is designed to show attendees how the storytellers behind Apple TV+ series build immersive worlds.

The panels are as follows:

Inside “Severance”: Cast and crew will share “innie” secrets“innie” secrets from the first season of the show.

The Alternate World of “For All Mankind”: Cast and crew join together to discuss the third season of Apple’s critically-acclaimed alternate reality series.

The Players of “Mythic Quest”: Attendees will be able to listen to their favorite “Mythic Quest” stars take a deep dive into the workplace comedy, and get an exclusive look at the upcoming third season.

Storytellers of Apple TV+: Creator Ronald D. Moore of “For All Mankind,” executive producer Simon Kinberg of “Invasion,” co-creator of “Mythic Quest” Megan Ganz, and showrunner Jonathan Tropper of “See” will discuss creating the unique worlds of their series and share exclusive sneak peeks of upcoming episodes. Attendees will also get to watch a sneak peek at the second season of “Foundation.”

Apple did not give the panels’ times or locations but plans to announce them soon. Comic-con is set to run from July 21 through July 24.

In addition to its panels, Apple will host a unique “Severance” experience for Comic-Con goers at the Hard Rock Hotel. Con attendees will be able to get “severed” and experience what it’s like to be a first-day employee at Lumon.



Challenges in the workers’ comp space


“In terms of wins, I would have to say – and I probably have a unique perspective here – but I would say that the proliferation of bespoke and tech solutions are driving really significant improvements in efficiency throughout the claims process,” Combes said. “I mean, if we think about commercial auto as a prime example of how these kinds of mobile applications have really smoothed out the claims process and really accelerated those types of claim resolutions, I think that’s a definite win.

“We’re seeing more and more tech. The investment in insurtech last year was as big as it’s ever been,” he said. “So I’d say that’s definitely a win, because the industry definitely gains from all this innovation.”

Read next: NCCI releases report on workers’ comp legislation

Combes said that one of the challenges the industry was facing was an exodus of talent.

“In terms of losses, I would have to say that the Great Resignation – the talent departing the industry right now – I think is a really significant factor,” he said. “It’s one that is going to be challenging throughout 2022 – to find and retain and develop the kind of talent that we’ve seen leave the industry. I think that’s going to be a big loss at the end of the day.”

Combes also said that the COVID-19 pandemic presented challenges to industry that impacted the workers’ compensation space.

“The first major challenge was the transition, the massive pivot that had to occur for people to work from home,” he said. “…It presented huge technical challenges for a lot of large organizations that didn’t have the IT infrastructure to support all of those people working remotely. … And we’ve seen all sorts of subsequent challenges. I mean, just in terms of the long-haul COVID claims, and who knows how those are actually going to bear out? … So there’s a lot of challenges, and I don’t think we’re at the end of it.”

 



Meet the WWDC22 Swift Student Challenge winners – Discover


In the lead-up to Apple’s Worldwide Developers Conference, young people from around the globe used Swift Playgrounds to showcase their coding skills as part of the Swift Student Challenge. This year, they include submissions from first-time participants Jones Mays II, Angelina Tsuboi, and Josh Tint.

All three teens are harnessing the power of coding to create apps that help solve problems in their communities — and are among more than 350 students from 40 countries and regions who were selected as 2022 challenge winners.

Learn more about some of the WWDC22 Swift Student Challenge winners



Nikon Z30 mirrorless camera is designed for vloggers


(Pocket-lint) – Nikon has announced a mirrorless camera model that’s aimed at vloggers and content creators.

The Nikon Z30 features a DX-format 20.9-megapixel CMOS sensor with electronic vibration reduction built into the camera itself. It shoots video in up to 4K with Full HD at 120 frames-per-second also available.

The camera can record up to 125 minutes uninterrupted (35 minutes at 4K UHD).

There is a stereo microphone built into the new Nikon, although an external mic can be added. On board noise reduction will reduce unwanted wind ambience.

Its rear touch-screen monitor is vari-angle, so you can switch it around for self-recording and photos.

Eye and animal detection tech is included in the Z30 to maintain focus when shooting people and pets. And, as well as video, you can shoot still images with auto focus in up to 11fps too.

There are 20 in-camera filters for videos and stills, while Bluetooth and Wi-Fi connectivity also allow you to connect it to a smart device for further editing (via the SnapBridge app).

The Nikon Z30 is compatible with the brand’s Nikkor-Z lenses and there are a range of vlogging accessories available to customise the camera to best fit your needs.

It will be available from 14 July, priced at £699 / $709 / €829 for the body alone, £839 / $849 / €999 for a standard kit that also features a Z DX 16-50mm f/3.5-6.3 VR lens.

Writing by Rik Henderson.





YouTube content creator credentials are under siege by YTStealer malware


YouTube content creator credentials are under siege by YTStealer malware

Getty Images

In online crime forums, specialization is everything. Enter YTStealer, a new piece of malware that steals authentication credentials belonging to YouTube content creators.

“What sets YTStealer aside from other stealers sold on the Dark Web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of,” Joakim Kennedy, a researcher at security firm Intezer wrote in a blog post on Wednesday. “When it comes to the actual process, it is very similar to that seen in other stealers. The cookies are extracted from the browser’s database files in the user’s profile folder.”

As soon as the malware obtains a YouTube authentication cookie it opens a headless browser and connects to YouTube’s Studio page, which content creators use to manage the videos they produce. YTStealer then extracts all available information about the user account, including the account name, number of subscribers, age, and whether channels are monetized.

The malware then encrypts each data sample with a unique key and sends both to a command and control server.

The structure of the YTStealer code and the unique identifier used for each sample leads Intezer to suspect that YTStealer is being sold as a service to other threat actors. Company researchers further noticed that files used to install the malware on victim computers loaded other credential stealers, including ones called RedLine and Vidar.

Many of the files are disguised as installers for legitimate tools or software. They included fake installers for:

  • OBS Studio, a piece of an open source streaming software
  • Video editing software, including Adobe Premiere Pro, Filmora, and HitFilm Express
  • Audio applications and plugins such as Antares Auto-Tune Pro, Valhalla DSP, FabFilter Total, and Xfer Serum
  • Game modes and cheats for games such as Grand Theft Auto V, Roblox, Counter-Strike, and Call of Duty
  • Driver tools such as “Driver Booster” and “Driver Easy,” which bill themselves as a means for improving gaming computer performance
  • “Cracks” for legitimate software or services including Norton Security, Malwarebytes, Discord Nitro, Stepn, and Spotify Premium

Hardcoded into the YTStealer is the domain youbot[.]solutions. It’s not immediately clear if the domain is connected to Youbot Solutions LLC, which is registered in the New Mexico registry of corporations. Attempts to reach the company for comment weren’t successful.



Select merchants now offering 4% Apple Card Daily Cash until July 31




AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

A number of merchants are now offering 4% Daily Cash to all Apple Card customers back on online or in-app purchases until the end of the month of July.

According to the terms published by Apple, the offer is only valid for up to a $3000 cumulative spend total across the online or in-app stores across eight different stores.

  • StubHub
  • J. Crew
  • Yeti
  • Crocs
  • Petco
  • Ray-Ban
  • Hotel Tonight
  • Fandango

For these merchants, all purchases that are under the cumulative total will deposit 4% of the cost into the associated Apple Cash card of the account. If an Apple Cash card isn’t available, it will be applied as a credit on the balance. Apple noted in the fine print that the offer does not apply to gift card purchases.

These stores span a variety of different categories. StubHub and Fandango sell event and movie tickets, respectively. J. Crew sells apparel for men, women, and children.

Yeti offers high-quality audio recording equipment, while Crocs sells casual footwear. Petco offers pet food as well as services for the animals.

This is just the latest in a long line of promotions Apple has offered for users of its credit card. In December 2021, new Apple Card customers received 5% Daily Cash for purchasing Apple products. More recently in April 2022, new users received $75 in Daily Cash after they have signed ups and have the credit card active.



13 Apps Make the Coupon Provider Ranking Top 10


If you’re looking for coupon apps, we’ve got a deal for you. How about 13 for the price of 10? 

In the latest edition of PYMNTS’ Provider Ranking of Coupon Apps, 13 contenders have earned a place in the Top 10. 

With three tied scores allowing contenders to share some of the spots in the Top 10, there was room for three more apps to join this elite group. Beyond that, there’s close competition at the top, as the apps in the highest five positions are within 10 points of each other. 

Now, let’s take a closer look at this crowded field. 

The Top 5 

Retaining the No. 1 spot that it earned last month is Honey Smart Shopping Assistant. This app has again earned a score of 86. 

Four points behind, there are two runners-up tied with a score of 82. Groupon was in this position last month, while GasBuddy has moved up from fourth. It’s also improved its score by one point. 

Holding onto the No. 3 position is Flipp, this time with a score of 80. 

Also keeping its position in the field is Ibotta. This app holds the No. 4 spot with a score of 78. 

Next up is GoodRx. This app is running fifth, as it did last month, now with a score of 76, which is two points higher than last time. 

The Top 10 

Ten points behind that, two contenders are tied with a score of 66. Receipt Hog was here last month, while Rakuten has moved up one place. Both are also among this month’s movers and shakers, as Receipt Hog has added three points to its score since last time, and Rakuten has added six. 

After another gap in the field — 12 points this time — there’s No. 7. Shopkick has moved up to this position after running ninth last time and has earned a score of 54. 

Gaining two positions since last month, Slickdeals now rests in the eighth position with a score of 48. 

Next up, ShopSavvy has entered the Top 10 in the ninth position. This mobile app that finds prices, reviews and discounts on scanned items has earned a score of 44. 

There’s another tie in the tenth position. Checkout 51 and Coupons.com join the Top 10 this month with a score of 36 and close out this month’s edition of the Provider Ranking of Coupon Apps. 

——————————

NEW PYMNTS DATA: HOW UTILITIES AND CONSUMER FINANCE COMPANIES CAN ENHANCE THE BILL PAYMENTS EXPERIENCE

About: More than half of utilities and consumer finance companies have the capability to process all monthly bill payments digitally. The kicker? Just 12% of them do. The Digital Payments Edge, a PYMNTS and ACI Worldwide collaboration, surveyed 207 billing and collections professionals at these companies to learn why going totally digital remains elusive.