After launching iOS and iPad OS 16.5.1 earlier today, we thought the updates were over for the day. Nope. Apple just released the second beta for iOS 17 and iPad OS 17. Which is honestly the update that most people were looking for.
The update is fairly large, coming in at around 1.46GB in size. But that’s expected with a beta update. As there’s a lot of things changing here, and potentially new features being added.
Additionally, this new beta has a new update screen too. Now, at the bottom of the screen, you’ll see a blue “Update Now” button, as well as an “Update Tonight” button below it. So you can choose to have it update tonight while it’s charging, or to do it right away.
What’s new in iOS 17
Despite iOS 17 being rumored as a pretty small update, and one that is focusing mostly on bug fixes, there are quite a few quality of life improvements here. That includes new call screens for when you call people. This also includes a pretty large revamp for the iMessage app. Which now gives you an app drawer for all of your iMessage apps. Among a few other things.
Now with Beta 2, Apple is not releasing any major changelog here. Which is not a surprise, since this is a beta.
However, many are hoping that Apple has improved battery life and fixed a few bugs like the keyboard. Battery life has been pretty horrendous on iOS 17 Beta 1, where many of us are charging twice a day now. And the keyboard is probably the worse bug on iOS 17 right now. Basically, it will disappear when you need it, or stick around when you don’t. It also becomes transparent (sort of) over spotlight search results. Making it pretty tough to read.
Obviously, this is a beta, so things are going to change. But hopefully this second beta is a bit better. The Public Beta will be launching next month.
Initially launched on the Galaxy S22 series last year, and the Galaxy S23 series in 2023, the Galaxy Enhance-X app is now available for a bunch of additional Galaxy premium smartphones, Samsung announced. Along with the announcement, Samsung confirmed its powerful AI image editor app is now out of beta.Officially launched on June 20, the Galaxy Enhance-X app is available for a range of premium Galaxy smartphones, including the Galaxy S23 series, S22 series, S21 series, Note20 series, Z Fold4, Z Flip4, Z Flip3, Z Fold2, Z Flip 5G and Z Flip LTE devices powered by One UI 5.1 or above.
In addition to these premium smartphones, Samsung announced that support for Galaxy Enhance-X on Galaxy A series, Galaxy M series and Galaxy tablets will be available at a later date. However, the company didn’t say if all the features that owners of Galaxy premium users benefit from will also be available to those who own non-premium phones.
If you haven’t used Samsung’s Galaxy Enhance-X app, it’s worth noting that this app promises to automatically refine any visual noise, blur and low details, thus improving the image quality. What makes the app extremely easy to use is that all this is done with a single tap.
That’s not to say that the AI image editor app doesn’t have a wide range of tools that allows users to customize their images. If you want, you can use different levels of HDR intensity, take advantage of the Upscale tool to boost the resolution of images under 1MP by up to four times, as well as remove shadows from certain areas in a picture.
The Galaxy Enhance-X editing functions include a bunch of other features such as Brighten, Fix Blur, Sharpen, Remove Reflection and Fix Lens Distortion. The app is available for download for free via the Galaxy Store.
Recent reports indicate that a cyber attack hit the European Investment Bank (EIB) – DDoS Attack claimed to be from Russian threat actors.
Cybercrime activities have seen a large rise after the Russia-Ukraine LoCs heated up in 2022.
Several threat groups have targeted several countries and organizations in support of Ukraine and Russia.
These threat actors have previously threatened to target the Western financial system supporting Ukraine.
DDoS Attack on the EIB – Speculation
As per the current attack report, there has been a DistributedDenial of Service attack against the EIB, which was speculated to have been done by the Killnet gang.
EIB is owned by the European member states and is said to hold around €500 billion in funds.
The EIB spokesperson said, “While we have seen groups claiming responsibility for the incident, we will not speculate at this stage.” So as this was said, Anonymous Sudan, another Hacktivist group, has also posted on their Telegram channel, which reads, “ Anonymous Sudan | KILLNET Start a Devastating Campaign against the European Bank Sector.”
Their Modus Operandi revolves around conducting a DDoS flood on the targeted servers flooding them with traffic that results in becoming unavailable for usage.
This threat group is in link with the Russian threat actors and has support from the country’s authorities.
However, Critical Infrastructure was unaffected as the organizations kept their critical operational systems off the grid.
Cybercrime groups have been taking advantage of the situation in Ukraine and conducting various activities under the “Support for Ukraine” hood.
The countries must look into their critical infrastructure and protect it at all costs by bringing criminals to justice.
Amazon is facing a lawsuit from the FTC over alleged deceptive practices with its Prime membership service. According to the lawsuit, Amazon had tricked customers into signing up for Amazon Prime memberships, then made it hard to cancel those memberships.
Amazon “sabotaged” their attempts to cancel, the lawsuit states. Noting that the process was intentionally designed to steer customers away from cancelling. The signup process is at the heart of the matter. The FTC alleges that customers were unknowingly signing up for a recurring Prime subscription. As Amazon made it a challenge to buy things without Prime, while failing to inform them that the buy button they were clicking to complete the transaction was also an agreement to the membership.
Amazon Prime has a monthly cost of $14.99 a month, although you can sign up for an annual subscription that carries a price tag of $139 instead. This saves you about $40 a year. For those prices, customers often get free two-day shipping on many different products. In addition to freebies from services like Prime Gaming, and thousands of movies and shows to stream through Prime Video.
The FTC has been investigating Amazon over Prime since 2021
While the FTC has just now filed the lawsuit against Amazon, the regulatory agency has been investigating the company over the alleged deceptive practices since 2021. The lawsuit states.
It also alleges that Amazon has done everything possible to prevent changes that would make the cancellation process simpler for customers. In some cases Amazon slowed changes that would aid consumers in cancelling their Prime membership if the company wasn’t able to stave them off, the lawsuit says.
This week’s Amazon Prime lawsuit from the FTC is merely one of a handful of the company’s legal worries. An earlier report states that the US senate is planning to investigate the company over its warehouse safety practices. It’s also facing a lawsuit over jointly inflating iPhone prices alongside Apple.
It’s no secret that Amazon’s warehouse safety standards and employee working conditions have been a matter of concern for some time now. However, Amazon has now found itself in hot water, as the US Senate Health, Education, Labor and Pensions (HELP) Committee is investigating the company’s alleged warehouse safety practices.
The letter sent by Senate HELP Committee Chairman Bernie Sanders accuses Amazon of prioritizing profits above all else, resulting in unsafe working environments for warehouse staff and inadequate access to medical care. Additionally, the letter highlights Amazon’s knowledge of these working conditions and intentional disregard for them, reflecting a corporate culture that treats employees as expendable.
Furthermore, the letter references data from the Strategic Organizing Center (SOC), a coalition of North American labor unions, which characterizes Amazon’s safety record as exceptionally hazardous. This is because, in the past year alone, warehouse workers experienced nearly 39,000 injuries, with 95% of them being severe enough to require time off work or modified duties. Moreover, Amazon’s warehouses reported a serious injury rate of 6.6 injuries per 100 workers, more than double the rate reported in non-Amazon warehouses.
Amazon’s response
In response to Sanders’ letter, Steve Kelly, an Amazon spokesperson, stated, “Our critics can manipulate data to fit their narrative, but the truth is that we’ve made progress, as evident from our numbers. Since 2019, we have reduced our rate of recordable injuries across our global network by over 23%, and our Lost Time Incident Rate has decreased by 53%. These facts are easily verifiable by examining the data we report to OSHA.”
Despite the company’s response, Sanders has demanded that CEO Jassy provide more information on Amazon’s rates of injury and employee turnover, as well as data regarding the company’s on-site medical clinic called AMCARE, dating back to 2019. Additionally, he also seeks clarification on whether Amazon has conducted any internal or third-party investigations into the potential relationship between the pace of work in its warehouses and the prevalence or cost of injuries. Lastly, Amazon has until July 5 to respond to Sanders’ warehouse safety inquiries.
So just like most of you guys out there, I have WhatsApp installed on one of the best Android phones on the market — my Pixel 6a. I use the app to stay in touch with family and to double check suspicious IMs.
Now, that last part is important, because hits — naturally — puts my profile at risk. As such, a few days ago, I was in shock, because after a quick call via the instant messaging app, the green microphone access indicator on the top right of my screen stays on.
Mark Zuckerberg was listening to me!
Yes, I freaked out. Despite being the guy who wrote the guide on how to stay safe from Malware, that doesn’t make my phone immune to malicious software. Nor does it make me any less of a risk-taker. By which I mean bad decision maker, but you get my point.
Well, luckily, thanks to a tweet from Android Developers, I can now rest assured that it was just a bug. Right?Right?
A recent Android bug affecting a limited number of WhatsApp users produced erroneous privacy indicators and notifications in the Android Privacy Dashboard.
Users can now update their WhatsApp app to address this issue.
We thank WhatsApp for their partnership and apologize…
Well, it turns out that this has happened to many other users online, so we can start a support group WhatsApp chat if you’d like to. The good news is that it was just a false alarm, though, so this will maybe, probably not happen again.
WhatsApp — as far as we know — did not actually have unlimited, full-time access to your microphone in order to siphon out data to Meta’s attention-span-analysis farms. The privacy dashboard overestimated the risk at hand and some friendly neighbor-web Google engineers took care of the issue.
And, while on the subject: kudos to Meta and WhatsApp’s team for collaborating with Google on this one, as the fix actually rolled out through a patch to the IM app. So, if you’ve had this weird bug happen to you: you probably have a pending update right now.
As of now, we can say that no damage has been done — beyond potential emotional scarring. If you happen to find yourself in this bug-a-licious situation, just restart your phone and it should be fine. Right?Right?…
As drone technology becomes commonplace, managing drone security gets crucial. Researchers have demonstrated that in their recent study via EMFI (electromagnetic fault injection) side-channel attack against a commonly-used drone. Executing such attacks allows an attacker to gain complete control of the target drone.
EMFI Attack Allowing Drone Takeover
IOActive – an industrial security solutions provider – demonstrated the vulnerability of unmanned aerial vehicles (UAVs) or drone systems to sneaky EMFI side-channel attack.
Though drones come with numerous security measures to prevent cyber attacks, their innate technology that relies on wireless connections and remote operation make them highly vulnerable to various interception attacks.
As explained in the white paper, the IOActive team devised a trivial attack strategy to extract a target drone’s firmware decryption keys and achieve code execution. Executing this attack required them to develop the desired technical setup.
In their experiment, the researchers took DJI Mavic Pro as the subject drone to test the proposed electromagnetic fault injection (EMFI) attack. EMFI attacks typically disrupt the target system’s hardware when performing certain operations, like changing CPU behavior, without physical alterations. Thus, these attacks help conduct covert side-channel attacks, often benefiting the adversary with the desired access control.
Whereas they selected DJI Mavic Pro due to its huge user base and known vulnerabilities. Also, these drones boast numerous security features, such as Trusted Execution Environment (TEE) and Secure Boot. In turn, reverse engineering the drone’s firmware helped the researchers better understand the attack stages and the subsequent impact on the drone.
The ultimate result of their entire experiment came as complete takeover of the target drone by achieving code execution and gaining access to sensitive data, including encryption keys. The researchers have explained the entire attack setup and technical steps in their white paper.
Recommended Mitigations
Since IOActive’s effort shed light on a new type of cyber threat to drones – EMFI attacks – the researchers advise the drone developers to implement EMFI countermeasures in their products, both at the hardware and software level.
IOActive explained that hardware countermeasures are more effective in preventing EMFI but incur more cost. In contrast, software-level countermeasures are convenient to deploy during the final development stages, but they aren’t effective in mitigating all sorts of risks. Therefore, addressing both these aspects together is critical.
The Swing VPN app, which is available on the official Google Play Store under the name Swing VPN – Fast VPN Proxy, has more than 5 million downloads.
Swing VPN is a legitimate VPN app developed for Android and iOS systems by Limestone Software Solutions. However, according to researcher Lecromee, the Android version of this app is a DDoS botnet and allegedly harbours malicious intent as it can carry out distributed denial of service attacks (DDoS attacks).
Screenshot from Lecromee’s report
It all started when Lecromee’s friend informed him about observing an unusual request pattern on his cellphone. The phone continually sent requests to a specific website every 10 seconds. The app allegedly used different tactics to hide its malicious actions to keep the attack undetected.
Initially, Lecromee blamed the issue on malware or a virus. However, further investigation revealed that all requests were sent from the Swing VPN app, which his friend had installed on his phone. The requests were sent to the same site that Lecromee’s friend had never accessed or visited, which made the researcher suspicious of the app.
To investigate further, Lecromee installed the Pcapdroid app to check his terminal’s log communication and inspect Swing VPN’s operations. At this point, Lecromee was uncertain whether the Swing app had a malicious agenda. He observed that the Swing VPN app sent some requests to a site.
To determine the actual intention of the app, he used mitmproxy to capture the sent data. He identified that the app figures out the real IP address right after installation, language selection, and accepting the Privacy Policy. It then sends a request to Bing and Google with the query “What is my IP?” Lecromee also learned that the app parses the returned HTML and identifies IPs from the responses, mainly to find the config files to upload.
After identifying its required config type, the app sends requests to two different config files stored in the developer’s personal Google Drive account. These files are requested from specific personal servers, several GitHub repositories, or Google Drive accounts. The app concludes its initialization process by connecting to an ad network to load ads and finally stores data in a local cache before proceeding to a DDoS site.
This is the page where Swing VPN sent the request. The website is managed by Turkmenistan Airlines (turkmenistanairlines.tm).
The researcher was surprised that the request payload contained specific data and that the endpoint of the requests was also extracting many of the site’s resources by sending one request every 10 seconds.
“Since flight search is a quite intensive task that requires a lot of databases and server resources, it is clear that the goal is to stress the server out of resources so that normal users won’t be able to access it when needed,” Lecromee said in a technical blog post.
As of June 2023, the app had over 5 million installations on Android, and splitting it by ten yields a potential of 500k RPS. That’s impressive for DDoSing. Lecromee criticized Google for having a weak security system that allows malicious apps to exploit unsuspecting users’ devices.
Hackread, however, cannot confirm this claim for now. We will update this story with the latest information about the Swing app soon.
It’s always a great day to be a gamer, but today is especially good to be a Nintendo fan. The company just held its latest Nintendo Direct where it announced some exciting games for the Switch. What was announced? What should you be excited about? Let’s dive in! Here are the top announcements during the June 2023 Nintendo Direct.
The showcase featured a full 40 minutes of announcements for the Nintendo Switch. Some of the games were surprises like a new Super Mario Bros. game (we’ll get to that later in the article). Other games are long-awaited titles (like the fourth installment to a certain adorable gaming franchise).
June 2023 Nintendo Direct rundown: Major announcements
Let’s start off with some of the headlining announcements. These are games that really stole the show and are sure to get the majority of the fans jumping to click the Pre-order button.
Pikmin 4
It’s been nearly 10 years since the last Pikmin game graced us, and we were all wondering when the next one was going to come. Well, Nintendo finally dropped the trailer for this Pikmin 4.
In this game, you’ll crash land on a strange new world (familiar, huh?) and meet the plant-like creatures called Pikmin. You’ll gather and use the Pikmin to perform tasks and solve puzzles. As you explore, you’ll find different pieces to repair your ship and eventually leave the planet.
New additions to the franchise include a new canine creature called Otchi who will be crucial to your journey. Also, for the first time, you’ll be able to explore at night.
Pokemon Scarlet/Violet Hidden Treasures of Area Zero
This is a new DLC pack released for Pokemon Scarlet and Violet. It’s called “Hidden Treasures of Area Zero”, and it involves two new adventures. The first one is called The Teal Mask, and it takes place during a festival in the countryside. On the opposite side of the coin, the second adventure, “The Indigo Disk” takes place in a futuristic academy.
Information on these paid DLC packs will come out in the future.
Super Mario RPG Remake
If you enjoyed Super Mario RPG back in the SNES days, then you’ll be excited about this upcoming title. This is a from-the-ground-up remake of the original game, so the graphics, animations, music, and everything else have been revamped for the Switch.
While this is a remake, it will still play faithful to the original installment. So, you’ll still embark on an adventure with turn-based combat and all of the original characters.
Launch: November 17th, 2023
Upcoming unnamed Peach game
During the presentation, the company showed off some footage of a new adventure surrounding Princess Peach. It looks like it takes place on a stage as if it’s all a play. She uses some light magic attacks and it seems that something special happens to her when she stands on a particular spot on the stage. It was only a teaser, so there’s not much information available.
Launch: Sometime next year
Super Mario Bros. Wonder
This is the next 2.5D Super Mario Bros. adventure. Just like the Super Mario Bros. games we’ve grown up with, you’ll be running through different levels with a plethora of different characters from the franchise.
As you play, you’ll pick up different powers that will have certain effects. Since this is a new game, the company is introducing some new items. Starting off with the Wonder Flower, this will open up a completely different version of the stage where a bunch of wild and crazy things happen. This is the headlining feature of this game.
Also, there’s a new mushroom that will turn Mario into an elephant. So, there’s that. Also, along the way, you’ll see different talking flowers.
Launch: October 10th, 2023
Here are the other exciting announcements
Now, let’s get into some more exciting announcements from the company.
Sonic Superstars
We’ve been talking about a lot of Mario stuff, but our boy Sonic isn’t exactly empty-handed. Nintendo announced that Sonic Superstars will be coming to the Nintendo Switch in the fall this year.
It’s an all-new adventure where you can play as either Sonic, Tails, Knuckles, or Amy. You’ll be racing through different beautiful worlds while discovering some new powers. Also, for the first time in the series, there’s four-person multiplayer.
Launch: Sometime this Fall
Persona 5 Tactics
Sonic Superstars wasn’t the only SEGA title announced. Those who love Persona will love the new turn-based spin-off of Persona 5. In this game, your team finds themselves in an unfamiliar world. There, they meet a person named Erina who’s fighting off an army that’s trying to invade that world.
Launch: November 17th, 2023 (Pre-orders start today)
Luigi’s Mansion Dark Moon remastered
The second installment in the Luigi’s Mansion series is going to be making its way to the Nintendo Switch. It will have improved visuals that will utilize the more powerful hardware.
Launch: Sometime next year
Detective Pikachu Returns
The popular game that spawned a popular movie is back. Detective Pikachu Returns takes you on a new adventure with your adorable Pikachu who loves coffee. More information will come out in the future.
Batman Arkham Trilogy
The smash-hit Batman Arkham series of games is now making its way to the Switch (well, most of them). This is a pack of three games: Batman: Arkham Asylum, Batman: Arkham City, and Batman: Arkham Knight. Batman: Arkham Origins is not part of this package, as it’s not a part of the trilogy. The games will involve all of the DLC, as well.
Launch: Sometime this Fall
Mario + Rabbids: The Last Spark Hunter
There’s a new DLC for Mario + Rabbids: Sparks Of Hope. In the DLC, your team of characters happens upon a musical planet. There, they’ll fight off new enemies and discover new wonders.
Vampire Survivor on Switch
The hit game Vampire Survivor is officially launching on the Nintendo Switch. This is a survivor game where you’re facing hordes of terrifying monsters. You’re tasked with surviving 30 rounds of increasing enemies. As you play, you’ll gather different items that will aid you in the battle. However, that might not be enough.
Launch: August 17th, 2023
Dragon Quest Monsters: The Dark Prince
This is a new game that puts a different spin on the Dragon Quest series. In this game, your character is cursed and unable to fight monsters. So, they need to become a monster wrangler. They’ll collect and fuse different monsters to use them in the battle against other monsters.
Launch: December 1st, 2023
Watch the event
There are more exciting announcements explained in the presentation. You can check out the rest of the announcements by watching the video below.
Apple has iOS 16.5.1 today, along with iPad OS 16.5.1. It has also released macOS Ventura 13.4.1 and watchOS 9.5.2. So quite a few updates today from Apple. But so far, no word on the iOS 17 Beta 2. An update that a lot of beta testers are eagerly awaiting due to the pretty poor battery life in the first Beta.
iOS 16.5.1 is a pretty small bug fix, since it is a point update. According to the update screen, this is roughly a 283MB bug fixing update. Apple specifically calls out an issue being fixed that was caused when using the Lightning to USB3 Camera adapter. Among other security updates.
So for everyone not on the iOS 17 Beta path, there’s an update for you, on literally every platform. Just head into Settings. Tap on General, and then Software Update.
Where’s iOS 17 Beta 2?
The second beta for iOS 17 is imminent. Prominent Apple leaker, Mark Gurman mentioned on Twitter yesterday that he’d expect Beta 2 to launch today, and the first public beta coming next month. So it could come later today, or tomorrow, or even next week.
Those on the beta are really excited for a second beta, because while the first beta was pretty stable, the battery life was anything but. With many having to charge their iPhone 14s (which are still fairly new) multiple times a day. Including myself. Luckily, I was working on reviewing some Android phones over the last two weeks, so I wasn’t using my iPhone as much. And the terribly battery life didn’t hit me as much.
The stable version of iOS 17 is set to come in September, so there’s still plenty of betas coming ahead of that stable release. Hopefully things get better, especially in the battery department by then. I’d expect to see at least four more betas for iOS 17, before the release candidate.
-1.webp)
.png
)
