TCL’s First Absolutely Massive TVs Are Officially Here

Illustration for article titled TCL's First Absolutely Massive TVs Are Officially Here

Image: TCL

After being teased at CES earlier this year, TCL has officially announced pricing and availability for its monster 80-inch-plus displays. You know, for those of us who want our screens to effectively take up an entire wall in our homes.


TCL’s so-called XL Collection for 85-inch displays and above is its first for frankly outrageously large screens—the kind that essentially turn your home into a private movie theater. This year, the company will debut three 85-inch models: an 8K TV, a 4K QLED model (85R745) that’s powered by Roku, and a 4K 4-Series (85R435) that will also run on the Roku OS.

All of these are great options for cinephiles, of course (though I’m not totally convinced that anyone actually needs an 8K TV, given that 8K content is virtually nonexistent at this stage). For any ambitious gamers eyeing the XL Collection, you’ll want to consider the QLED, which comes equipped with 120Hz HDMI input support, Variable Refresh Rate, and THX Certified Game Mode.

Now, you may be asking yourself why on earth would you need a screen this large. Surely 65 inches is plenty of screen to replicate a cinematic experience, right? TCL pointed to streaming and vertical integration as a big, big reason to invest in a gargantuan display.

“Even though we’re finally seeing theaters open up, people have discovered the joy and simplicity of watching blockbuster movies at home,” Chris Larson, TCL Senior Vice President, said in a statement. “TCL’s XL Collection represents this next stage in the TV industry—large-size, powerful televisions that deliver premier movie-going experiences in the comfort and safety of your own living room—and we’re excited for users to get back that cinematic magic. Being one of only three global TV brands with full vertical integration, TCL continues to expand its big-screen production capacity to make the largest television screens with best-in-class imaging technology more accessible than ever.”

I’m going to be honest, that doesn’t sound too great for theaters that are already fighting to stay alive post-pandemic. But it’s true, TCL has made its XL collection very, very attractive to anyone who does prefer their cinematic experience take place from the comfort of their own living room couch. The 85-inch 4K QLED model retails for $3,000, which might be a little steep for some folks. But the 85-inch 4K 4-Series is priced at just $1,600—a steal if size alone is among the top priorities on your TV features wishlist.

No word yet on what the 85-inch OD Zero mini-LED powered 8K TV is going to cost yet. That one will go on sale later this year. It’s probably safe to expect it will cost you a pretty penny, though.


Cybercriminals Bought Facebook Ads for a Fake Clubhouse App That Was Riddled With Malware

Illustration for article titled Cybercriminals Bought Facebook Ads for a Fake Clubhouse App That Was Riddled With Malware

Photo: Josh Edelson/AFP (Getty Images)

Cybercriminals have been pushing Facebook users to download a Clubhouse app “for PC,” something that doesn’t exist. The app is actually a trojan designed to inject malware into your computer. The popular new invite-only chat app is only available on iPhone but worldwide interest in the platform has risen and users are clamoring for Android and, presumably, “PC” versions.


Per TechCrunch, the malicious campaign used Facebook ads and pages to direct platform users to a series of fake Clubhouse websites. Those sites, hosted in Russia, asked visitors to download the app, which they promised was just the most recent version of the product: “We tried to make the experience as smooth as possible. You can check it out right now!” one proclaims.

However, once downloaded, the app would begin signaling to a command and control (C&C) server. In cyberattacks, the C&C is typically the server that informs malware what to do once it has infected a system. Testing of the app through malware analysis sandbox VMRay apparently showed that, in one instance, it tried to infect a computer with ransomware.

Taking advantage of a popular new product to deploy malware is a pretty classic cybercriminal move—and given Clubhouse’s prominence right now, it’s no surprise that this is happening. In fact, researchers recently discovered a different fake Clubhouse app. Lukas Stefanko of security firm ESET revealed how another fictional “Android version” of the app was acting as a front for criminals looking to steal users’ login credentials from others services.

Fortunately, it doesn’t appear that this most recent campaign was too popular, as TechCrunch reports that the Facebook pages associated with the fake app only had a handful of likes.

It’s an interesting little incident, though it may be difficult to find out more about this tricky campaign because the websites hosting the fake app have apparently disappeared. The takedown of the sites appears to have disabled the malware. Facebook has also taken down the ads associated with the campaign.

Hackers Slipped Mysterious Malware Into Thousands of Macs But Researchers Can’t Figure Out Why

Illustration for article titled Hackers Slipped Mysterious Malware Into Thousands of Macs But Researchers Cant Figure Out Why

Photo: Justin Sullivan (Getty Images)

A new malware strain has infected Mac devices all over the world—most prominently in the U.S. and parts of Europe—though experts can’t decide where it came from or what it does.

The malicious program, discovered by security firm Red Canary and dubbed “Silver Sparrow,” has infected 29,139 macOS endpoints in 153 countries, with the largest infection rates in the U.S., the United Kingdom, France, Germany, and Canada. The program is also one of only a handful of malware strains that are compatible with products powered by Apple’s new M1 chip.

Researchers describe “Sparrow” as a ticking time bomb: the malware doesn’t appear to have any specific function yet. Instead, it lies in wait, checking in on an hourly basis with a control server to see if there are any new commands it should run on infected devices.


“After observing the malware for over a week, neither we nor our research partners observed a final payload, leaving the ultimate goal of Silver Sparrow activity a mystery,” writes Red Canary’s Tony Lambert. “We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution.” It’s also not totally clear to researchers how devices were infected.

Even more unsettling, “Sparrow” seems designed to erase itself from a computer once it has delivered its payload. The program “includes a file check that causes the removal of all persistence mechanisms and scripts” that “removes all of its components from the endpoint,” Lambert said. Ars Technica writes that such capabilities are typically found in “high stealth operations,” i.e., intrusion campaigns that are surreptitious in nature.

Two different strains of malware have been discovered. You can take a look at a technical break down of the two versions and how they function below:

Illustration for article titled Hackers Slipped Mysterious Malware Into Thousands of Macs But Researchers Cant Figure Out Why

Screenshot: Lucas Ropek/Red Canary


While researchers are ultimately stumped about the reason for the malware’s existence, they said that it represents a credible danger to infected systems.

“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” said Lambert.


Apple appears to have stepped in to stop the spread of the malware. The company told MacRumors that it has revoked the certificates of the developer accounts used to sign the “Sparrow”-related packages, which should stop any other Macs from being infected.

Still, if you are concerned your device may be compromised, you can check out the list of indicators provided by Red Canary.


M1 Malware Has Arrived

Illustration for article titled M1 Malware Has Arrived

Image: Apple

Now that Apple has officially begun the transition to Apple Silicon, so has malware.

Security researcher Patrick Wardle published a blog detailing that he’d found a malicious program dubbed GoSearch22, a Safari browser extension that’s been reworked for Apple’s M1 processor. (The extension is a variant of the Pirrit adware family, which is notorious on Macs.) Meanwhile, a new report from Wired also quotes other security researchers as finding other, distinct instances of native M1 malware from Wardle’s findings.

The GoSearch22 malware was signed with an Apple developer ID on Nov. 23,  2020—not long after the first M1 laptops were first unveiled. Having a developer ID means a user downloading the malware wouldn’t trigger Gatekeeper on macOS, which notifies users when an application they’re about to download may not be safe. Developers can take the extra step of submitting apps to Apple to be notarized for extra confirmation. However, Wardle notes in his writeup that it’s unclear whether Apple ever notarized the code, as the certificate for GoSearch22 has since been revoked. Unfortunately, he also writes that since this malware was detected in the wild, regardless of whether Apple notarized it, “macOS users were infected.”


The program itself appears to behave similarly to your standard adware. As in, if you’re infected with it, you’re subjected to seeing things like coupons, banners, pop-up ads, surveys, and other types of ads that promote shady websites and downloads. These types of malware also tend to collect your browsing data like IP addresses, sites you’ve visited, search queries, etc.

This is to be expected, and no, if you have an M1-powered computer, you shouldn’t fly into a panic just yet. To back it up a bit, the thing with the M1 processor is that the chip’s architecture is ARM-based whereas previously, Apple had relied on Intel x86 architecture. By making the switch, Apple promised super-fast performance and integrated security. And while we found the M1 chips delivered impressive results in our benchmark tests, it’s also clear that the chip is held back by limited software compatibility. Most apps out there right now weren’t developed to run natively on the M1 and require Apple’s Rosetta 2, which automatically converts software written for Intel chips into something the M1 can understand. To get the best performance Apple promised, you’d want software to be optimized for the M1 chip. That’s why developers are working on creating native M1 versions of their software. Naturally, malware developers also want their malware to operate at peak capacity on M1 devices.

The good news is security researchers and vendors are also working to develop methods of detecting M1 malware. According to Wired, however, you should expect a bit of a lag in detection rates when trying to find new types of malware. Given that inevitable lag, it’s concerning that malware authors have been able to rapidly transition from Intel to Apple Silicon. So far, the native instances of M1 malware that have been found aren’t significant threats. But! The M1 has only been around for a few months, and it’s likely that more types of malicious variants are on the way. Sure, eventually, security vendors will catch up and update detection tools to keep consumers safe. But in the meantime, if you’ve got an M1-powered laptop, it’s a good idea to double down on your security hygiene and think twice about what you click on.


Cook All the Delicious Things With 60% off a Highly Rated Insignia 5-Qt Air Fryer

Insignia 5-qt. Analog Air Fryer Stainless Steel | $40 | Best Buy

Insignia 5-qt. Analog Air Fryer Stainless Steel | $40 | Best Buy
Graphic: Elizabeth Lanier

Best Home DealsBest Home DealsThe best home, kitchen, smart home, and automotive deals from around the web, updated daily.

Insignia 5-qt. Analog Air Fryer Stainless Steel | $40 | Best Buy

You got a lot of foods to cook and eat, I get it. You want a healthy way to prepare them that doesn’t sacrifice taste? You have got to try an air fryer.

Cut down on the oils needed for traditional frying with this Insignia 5-qt. analog air fryer, just $40 right now at Best Buy. That’s half the price the same model goes for on Amazon.

What are you waiting for? This is Best Buy’s Deal of the Day, so it will probably go back up in price tomorrow.


Go Big or Go Home With a 75″ TCL 4K TV for $590

Best Tech DealsBest Tech DealsThe best tech deals from around the web, updated daily.

75″ TCL 4K TV | $590 | Best Buy

There are plenty of good reasons to get a new TV this winter. For one, Super Bowl LV is right around the corner and that’s always a good excuse to upgrade. Then you’ve got the PlayStation 5 and Xbox Series X, which demand the biggest 4K screen you can find. With that in mind, may I present to you this 75″ TCL 4K TV. Best Buy has it on sale for $590, which is $210 off its original price. This model is an Android smart TV, so it comes loaded up with streaming apps and extra functionality that’ll make it feel like a step up from your normal TV if you haven’t upgraded in a while. Most importantly: it’s 75″. I mean, that’s a big ole’ screen.

North Korean Hackers Successfully Phished Cyber Researchers Using a Fake Blog

Illustration for article titled North Korean Hackers Successfully Phished Cyber Researchers Using a Fake Blog

Photo: Photo by JACK GUEZ / AFP (Getty Images)

A recent phishing campaign by North Korean nation-state hackers successfully duped a number of security professionals who were involved in vulnerability research and development, according to a new report from Google’s Threat Analysis Group.

The unnamed threat group used various social engineering tactics to pose as fellow “white hat” security specialists, ensnaring the unsuspecting experts by convincing them that they were looking to collaborate on research, the TAG report shows.

The biggest part of this ruse involved the creation of a fake research blog, replete with write-ups and analysis. The hackers even lured in unsuspecting “guest” security writers to contribute, in an apparent “attempt to build additional credibility.” They also posted YouTube videos via social media in which they deconstructed “fake exploits” that they had executed—another scheme to build trust.


A number of threat researchers spoke out on Twitter Monday night, claiming they had been targeted by the campaign.

The hackers loaded their blog with malware, in an attempt to compromise researchers who visited it. Clicking on a write-up hosted on the site delivered malware and created a backdoor that would “begin beaconing” (i.e., communicating) with the hacker group’s command and control server. Zero-day vulnerabilities were likely used in this campaign, as a majority of targeted individuals were running fully patched Chrome browser and Windows 10 versions, the report notes.


Other methods of malware deployment occurred through “collaboration” on research. The report states:

“After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project. Within the Visual Studio Project would be source code for exploiting the vulnerability, as well as an additional DLL that would be executed through Visual Studio Build Events. The DLL is custom malware that would immediately begin communicating with actor-controlled C2 domains.”


A variety of tools were used to aid in the threat group’s deception —including emails, fake Twitter and Telegram accounts, LinkedIn, Keybase, and others. In their report, TAG researchers listed the URLs for a number of now-defunct social media and Linkedin accounts that they say were used in the hack.

Illustration for article titled North Korean Hackers Successfully Phished Cyber Researchers Using a Fake Blog

Image: Screenshot: Twitter


“We hope this post will remind those in the security research community that they are targets to government-backed attackers and should remain vigilant when engaging with individuals they have not previously interacted with,” TAG researchers wrote.

The researchers say they have not yet discovered the “mechanism of compromise” the hackers used against targeted security researchers, “but we welcome any information others might have.”