Digital screens in today’s day and age are the new faux pas. Screen-time has gone up significantly over the last decade, and many of us don’t really realize how much we rack up over the course of a day, a week, a month and year!
On average, a Canadian adult spends 13.1 hours per day on screen-time, exceeding the recommended limit. In only eight hours, we are exposed to 5.8 million flickers from our screens. While making efforts to reduce screen time is important, it’s just as vital to determine whether our devices are affecting us physically. BenQ, one of North America’s leading monitor brands, understands that professional individuals, and gamers often have limitations when it comes to how much screen time they rack up, which is why they’ve implemented eye-care technology into their high-performance monitors.
Developed to protect your eyes,BenQ’s Eye-CareU, ensures that that eyestrain, eye-pain, and headaches are reduced. Being the first monitor manufacturer to prioritize eye health, BenQ has fitted their monitors with innovative functions such as:
- Brightness Intelligence+, a feature that detects screen content and environmental lighting, adjusting display brightness and colour temperature
- Brightness Intelligence, a sensor that detects ambient light as well as the brightness and contrast of screen content. It adapts brightness and enhances dark areas on the display without overexposing in bright regions
- Flicker-free, a technology certified by international TÜV Rheinland, which eliminates flicker
- Low Blue Light, a technology that filters harmful blue light.
- Low Blue Light+, a technology that filters out the shorter, higher energy blue-violet radiation.
Here’s a round-up of some of BenQ’s high performance monitors that include the Eye-Care Solution:
EX240N – MOBIUZ 1ms 23.8″ 165Hz Gaming Monitor
- Adjusts display brightness and color temperature for a more comfortable viewing experience
- Colour Weakness Mode – Red and green filters help individuals with the common types of color vision deficiency distinguish colors more easily
GW2785TC 27″ 1080p Eye-Care Monitor
- Reading Mode – Designed to filter out harmful blue light
- Coding Mode – Devised to make every color pop out for easy readability and coding efficiency
- Care Mode – Specially-tuned to lowered brightness and color saturation to protect sensitive eyes
Hackers Using Havoc Post-Exploitation Framework In Attacks
Posted in Commentary with tags Security on February 16, 2023 by itnerdSecurity researchers at Zscaler ThreatLabz observed threat actors using the open-source C2 framework known as Havoc in attack campaigns targeting government organizations.
The Havoc framework is an advanced post-exploitation command and control framework is an alternative to paid options such as Cobalt Strike and Brute Ratel and is capable of bypassing the most current and updated version of Windows 11 Defender due to the implementation of advanced evasion techniques such as indirect syscalls and sleep obfuscation.
Matt Mullins, Senior Security Researcher at Cybrary had this to say:
“Command and Control (or C2) frameworks are nothing new to the threat actor community. For a long time, the FOSS (Free and Open-Source Software) community had a harder time keeping up with the features and functionality associated with premium paid tools like Cobalt Strike. This left learners, lower budget teams, and criminal groups with limited options around older frameworks like Empire, Metasploit, and some very basic custom tooling.
“This all changed around 2018, when it seems that C2 frameworks simply exploded in options. There were a number of very sophisticated tools that reached a fair degree of maturity (such as Sliver, Mythic, etc.) while older frameworks were forked and revisited (such as BC-Security’s Empire fork) that gave a wonderful buffet of options to the aforementioned groups.
“As with most things in the industry, as these options became available, so did the options being implemented in threat actor TTPs. Outside of these robust options being made available, paid tooling was beginning to be leaked. Cobalt Strike has had its source code leaked a number of times now, along with other paid tools being shared and cracked. Cracked software is nothing new but what is interesting is the specific shift of criminal groups to target cracking of red team software, as well as red teams for licenses.
“With such a cornucopia of options available to criminals, the detections and patterns used to previously sink paid tools aren’t nearly as effective. Take for consideration Cobalt Strike, it was already a big waste of money even back in 2018 because nearly every IR team, EDR tool, or any other defensive capability under the sun, has detection ruling built for a majority of its offerings. This means that it was only useful to advanced red teamers, or criminals, because of the amount of customization needed to get it to work. This brings me back to the original point, why would anybody waste their money or time on Cobalt Strike when they can just download Havoc and it “works” off of the shelf and bypasses detections? Criminals now no longer need to hunt for licenses or crack software, while red teams don’t need to pay absurd prices for tools that they have to know how to use and customize.
“The cat-and-mouse game of detection and innovation is about to accelerate in favor of the offensive side because of this blooming of C2s. Reflecting on the implementation of new tools like ChatGPT, along with other AI tools, and you now have more rapid generation of payloads, phishing emails, and other attacker-beneficial aspects. I can only surmise that we will see more breaches (and thus more potential undetected breaches) as a result of this increase in options and sophistication.”
The best thing about this for threat actors is thatit’s free! Which is bad for you and I.
Leave a comment »