iPhone 7s, iPhone 7s Plus to Launch in Red Casing Next Year: Report

screenshot-2016-12-08-22-42-02HIGHLIGHTS

  • The next year variants may be called iPhone 7s, iPhone 7s Plus
  • Apple may introduce a new Red colour variant into the mix
  • A more premium iPhone 8 tipped to be also introduced alongside

 

This year, Apple introduced the Black and Jet Black colour options with the iPhone 7 and iPhone 7 Plus smartphones. Now, a fresh report claims that the successors will bring in another new option – Red.

Macotakara reports that the successors next year will add a Red colour variant into the already existing options of – Gold, Rose Gold, Silver, Black, and Jet Black. The report further claims that the successors will be called the iPhone 7s and iPhone 7s Plus – refuting previous rumours of iPhone 8 and iPhone 8 Plus naming, said to mark the 10-year anniversary.

It further notes that the iPhone 7s and iPhone 7s Plus will not include wireless charging or the shift to glass casing, but will instead see an upgrade in hardware i.e. a new ‘more powerful’ A11 chipset. This new chip will be introduced alongside the new Red colour option.

A recent KGI report had spoken an almost similar story. The report said that Apple would release three variants, with one being the iPhone 8 premium variant to mark its tenth anniversary. The iPhone 8 will come with significant upgrades including the bezel-less curved OLED display, no Home Button, an optical fingerprint sensor, and an all-glass casing. However, KGI analyst Ming Chi Kuo said that wireless charging would trickle into all the three variants, something that the fresh Macotakara report now refutes. Kuo, however claims, that wireless charging adapters will be bundled with just the premium model, and the base model buyers will have to buy it as an additional separate accessory.

Due to shortage of supply of OLED panels, Apple has reportedly also decided to introduce OLED displays only on the iPhone 8 premium variant, and keep LCD panels on the other two iPhone variants. We strongly recommend you to take all of this very lightly, as these are just initial reports pouring in, and Apple could very well change strategy before the new iPhones head for production.

What would you think of a Red coloured iPhone? Let us know in the comments below:

Advertisements

MacBook Pro 2016 Graphics Card Issues Will Be Fixed by macOS Sierra 10.12.2 Update, Alleged Federighi Email Claims

macbookpro_1477895738021

HIGHLIGHTS

  • Craig Federighi confirmed a software fix in next macOS update
  • It will resolve all MacBook Pro users’ visual glitches woes
  • macOS Sierra 10.12.2 is currently in beta mode

 

A number of users have reported graphics card issues in their new MacBook Pro 2016 laptops, with some even reporting unrecoverable crashes. Now, Apple’s Senior Vice President of Software Engineering Craig Federighi has reportedly replied to a grievance mail claiming that the issue has been resolved in the latest beta of macOS Sierra 10.12.2.

Developer and public beta program members are currently testing macOS Sierra 10.12.2, and the beta cycle for the particular is expected to end soon. According to the alleged email by Federighi, the commercial release of macOS Sierra 10.12.2 will mean the end of the graphics card issue and all those visual glitches.

MacRumors got hold of the alleged response email, and it reads, “Thanks for the note! We believe we have addressed all of these graphics issues in the latest [beta] of Sierra 10.12.2 (available at beta.apple.com). I hope that you enjoy your new MacBook Pro – it’s a fantastic machine!”

Many users claim that the graphics card starts showing problems when using Adobe Media Encoder, and the computer eventually crashes, while others claim issues with the Photos app. One user’s MacBook Pro allegedly started ‘flashing violently with red/ green hues and a sort of chequerboard pattern.

Most users are convinced that the dedicated GPU in the 15-inch MacBook Pro 2016 with Touch Bar is causing this issue, however many 13-inch MacBook Pro 2016 users (with Function Keys and with Touch Bar) have also made the same complaint. While MacRumors claims that the mail cannot be verified, there’s little reason for it to be fake. In any case, all shall be known once macOS Sierra 10.12.2 is released. Recently, many MacBook Pro users also reported battery life issues claiming that their fully charged laptops are dying in just three hours of normal usage.

Are you experiencing any glitches on your new MacBook Pro 2016? Let us know in the comments below.

Dial Toll Free Number to Use Paytm Without Internet, Smartphone

paytmphone_1481085760663

HIGHLIGHTS

  • You can call 1800 1800 1234 to transact on Paytm
  • This will work even without a smartphone or the Paytm app
  • You do not need an Internet connection for this feature

 

Paytm on Wednesday announced a new feature that will allow anyone to make payments using a Paytm wallet without Internet or smartphone. You will still need a smartphone (or access to a PC) in order to create your Paytm account, and link it to your phone number – and of course to load funds into the wallet. However, you will have the option to use Paytm without Internet or smartphone to make payments on a day to day basis. All you require is working phone – even if it is a feature phone.

How to use Paytm without Internet or smartphone?

To do this, Paytm has launched a toll free phone number – 1800 1800 1234 – you will have to call it from your registered mobile number in order to set your PIN. You’ll hear a voice message letting you know that you’ll get a call back to set the PIN.

After that, you can make payments using Paytm without Internet and smartphone by calling this number, typing in the phone number of the recipient, then the amount, and finally typing in your PIN for confirmation.

Where can this Paytm toll free number be used?

Although it’s not the easiest method for making payments, there could be a number of situations where this feature of using Paytm without Internet or smartphones is useful. For example, several of us have older relatives who still prefer to use feature phones for the simplicity of use. For such users, who are now forced to transact digitally owing to the demonetisation of Rs. 500 and Rs. 1000 notes, Paytm’s toll free number would be helpful. On the other hand, for people who are still using feature phones because they don’t have a smartphone, this number, along with a visit to a cyber cafe, could be very empowering. And of course, there are also people who might prefer to use this method rather than tap through multiple screens on an app.

However we have to point out that our first several attempts at getting through to Paytm to set a PIN were unsuccessful as the number was routinely busy. It took half an hour of trying before we were able to sign up for the service, and after that, payments were again a problem because the number was busy on the next few tries.

This might just be because of the initial rush for signups for the option to use Paytm without Internet and smartphone, but it paints a worrying picture – if someone is trying to make a payment using this method, they might not have access to other forms of online payments, and so if the system fails due to the number being busy, it would be a huge problem.

Apple iPhone 8 Leaks and Rumours So Far: Specifications, Release Date, and More

apple_logo_1477462945517

HIGHLIGHTS

  • Apple iPhone 8 leaks suggest it will have not have the Home button
  • Rumoured iPhone 8 features include OLED screen, wireless charging
  • Apple may launch 3 or more variants of iPhone 8, leaks say

The iPhone launch is usually the biggest technology event of the year, but the launch of the iPhone 8will be even more important, as 2017 marks the tenth anniversary of the original iPhone. With such a momentous occasion at hand, all eyes are on Apple, and all the new features it is expected to bring to the iPhone product line.

There are already all kinds of iPhone 8 rumours swirling around right now – for example, it’s been reported that Apple working on more than 10 prototypes of the next iPhone. Though over nine months remain before the iPhone 8 launch, the excitement about the smartphone is palpable, and leaks have already started pouring in, giving us a fair idea of what to expect from the device. Here’s a look at everything we know about the iPhone 8, Apple’s next flagship smartphone.

iPhone 8 may have an all-glass body

The all-glass body that we last saw Apple use with iPhone 4S is expected to make a comeback, with many iPhone 8 leaks suggesting that the next Apple smartphone will use curved glass on the back. This falls in line with KGI Securities analyst Ming-Chi Kuo’s prediction that Apple will not use aluminium or plastic in iPhone 8.

iPhone 8 may come in three (or more) screen sizes

While fans have become used to a choice of two flagship iPhone variants (4.7- and 5.5-inch displays) over the past three generations of iPhones, the iPhone 8 rumours say it may come in three screen sizes, or even more. According to analysts citing supply chain sources, Apple may launch iPhone 8 variants with 5-inch, and 5.8-inch, screens.

Barclays analysts say that the company will release the iPhone 8 with 5-inch and 5.8-inch displays, while maintaining the same overall size as the iPhone 7 and iPhone 7 Plus. This effectively means a bigger, bezel-less screen in the same dimensions as that of the predecessors.

On the other hand, Ming-Chi Kuo – who has a great track record of Apple predictions – says that the company will release a 4.7-inch iPhone 8 with LCD panel and a 5.8-inch iPhone 8 with AMOLED display, which consumes less power and delivers better contrast. However, if the AMOLED supplies are insufficient, Apple may launch the iPhone 8 with 4.7-inch and 5.5-inch LCD panels, and a premium iPhone 8 model with 5.8-inch AMOLED screen.

A report by Japan’s Nikkei newspaper also talks about a premium iPhone 8 with a 5.5-inch or larger display. This report also says that the premium iPhone 8’s display will be curved on the sides, as we have seen earlier on Samsung Galaxy S6 Edge and Galaxy S7 Edge the other two variants will have flat display panels, it adds.

iPhone 8 will not have a Home button

This is the most frequently leaked of all rumoured iPhone 8 features: that the iPhone 8 will not have the Home button. Instead, the Touch ID fingerprint sensor and the selfie camera of the iPhone 8 will be integrated in the touchscreen itself. iPhone 8 may even have some new 3D Touch functionalities that enable it to replace some of the functions of the Home button.

iPhone 8 may debut a new haptic feedback system

Apple will reportedly use a small, high-performance motor in the iPhone 8 to deliver better haptic feedback. So iPhone 8 buyers may get different vibration feedback for each function, such as switching between apps, going back to the home-screen, and unlocking the device.

iPhone 8 will probably have wireless charging

Another common iPhone 8 leaked is wireless charging. While wireless charging has been used by many smartphones, Apple’s take on the feature will be different. Apparently, iPhone 8 will feature long-range wireless charging that will not require the user to place the device on a charging station or even very close to it. South Korea’s Economic Daily News says Apple will use a wireless charging back cover for iPhone 8, so the feature may not be built-in.

iPhone 8 may have an iris scanner

The ill-fated Samsung Galaxy Note 7 had an iris scanner, and the feature may make its way to the next Apple flagship smartphone as well, according to iPhone 8 leaks. Ming-Chi Kuo says Apple is working on introducing advance biometric features in the smartphone, so an iris scanner on the iPhone 8 may indeed become a reality. However, some reports say that the iris scanner feature will be ready for 2018, and not next year.

iPhone 8 camera may offer 3D photography

The Korea Economic Daily says that Apple is studying ways to use LG Innotek’s 3D camera module in the iPhone 8. LG Innotek’s 3D camera module will be used in the iPhone 8’s dual rear camera system, alongside the 3D technology Apple acquired with the buyout of LinX in 2015, to deliver photos with 3D effects.

Apart from this, iPhone 8 may feature Optical Image Stabilisation (OIS) in the telephoto lens as well as the wide-angle lens. The iPhone 7 only has OIS in the wide-angle lens.

It’s likely to be named iPhone 8

While past naming conventions dictate that the 2017 iPhone models would be called iPhone 7s, and iPhone 7s Plus, most rumors say may not be the case. The tenth anniversary of the iPhone launch in 2007, will make next year’s release a pretty big occasion for Apple. You can expect the name of the smartphone to be iPhone 8, though it is not beyond Apple to just call it something like the ‘New iPhone’.

iPhone 8 will probably be launched in September 2017

Apple has launched the next iteration of the iPhone in September for several years now, so it’s probably safe to say you can expect to see the official unveiling of iPhone 8 in September 2017. The first phase of iPhone 8 should begin 10 days or two weeks later, most likely on a Friday.

Moto G5 and Moto G5 Plus Purported Specifications, Release Date, Images Leaked

img_02162

HIGHLIGHTS

  • Image suggest the G5 Plus will keep the fingerprint sensor on the front
  • Specifications seem identical to the Moto G4 and Moto G4 Plus
  • Leak also suggests a March 8 release for the devices

There has so far been very little information regarding Motorola’s followup to the Moto G4 and Moto G4 Plus smartphones. However, some alleged images of what could be the Moto G5 and Moto G5 Plus have surfaced on the Internet.

The images and specifications of the fifth generation Moto G devices were leaked online in the form of a screenshot posted by The Android Soul. The images show the front of the devices and are not clear enough to make out any notable difference from their fourth-gen counterparts. If the images are true, it seems like the Moto G5 Plus will keep the fingerprint sensor on the front while the Moto G5 will not get the sensor.

moto-g5-specs-g5-plus_1480754831428

On the specifications front, the Moto G5 and Moto G5 Plus seem to be identical, except the former will sport a 13-megapixel rear camera while the latter will get a 16-megapixel camera. With a 5.5-inch full-HD display, 5-megapixel front camera, and an octa-core processor for both the devices, the Moto G5 and Moto G5 Plus sound incredibly similar to their predecessors. As always, until there’s an official confirmation, you should take all this with a pinch of salt.

Furthermore, the Moto G5 and Moto G5 Pus will be offered with a 16GB storage, but only the Moto G5 Plus will get a 32GB variant as well. The screenshot also suggests Turbo Charging feature for both the devices.

As for the operating system, the Moto G5 and Moto G5 Plus are expected to launch with Android 7.0 Nougat out-of-the-box. The Android 7.0 Nougat began rolling out for the Moto G4 and Moto G4 Plus in October. Meanwhile, the Android 7.1.1 has also begun rolling out to a few Android One users and is expected to roll out for Nexus and Pixel owners in the coming days.

Coming back to the Moto G5 and Moto G5 plus, the images and specs are among the first leaks on the devices that have appeared on the Internet, so it’s best to wait for additional confirmation before getting too excited. Lastly, the leak also suggests a March 8 release for the devices, and though the market for the devices is yet to be revealed, you can expect India to be on that list.

Dropbox Hacked — More Than 68 Million Account Details Leaked Online

dropbox

Hackers have obtained credentials for more than 68 Million accounts for online cloud storage platform Dropbox from a known 2012 data breach.

Dropbox has confirmed the breach and already notified its customers of a potential forced password resets, though the initial announcement failed to specify the exact number of affected users.

However, in a selection of files obtained through sources in the database trading community and breach notification service Leakbase, Motherboard found around 5GB of files containing details on 68,680,741 accounts, which includes email addresses and hashed (and salted) passwords for Dropbox users.

An unnamed Dropbox employee verified the legitimacy of the data.

Out of 68 Million, almost 32 Million passwords are secured using the strong hashing function “BCrypt,” making difficult for hackers to obtain users’ actual passwords, while the rest of the passwords are hashed with the SHA-1 hashing algorithm.

These password hashes also believed to have used a Salt – a random string added to the hashing process to further strengthen passwords in order to make it more difficult for hackers to crack them.

“We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users,” said Patrick Heim, Head of Trust and Security for Dropbox.

“We initiated this reset as a precautionary measure so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”

Dropbox initially disclosed the data breach in 2012, notifying users that one of its employee passwords was acquired and used to access a file with users’ email addresses, but the company didn’t disclose that the hackers were able to pilfer passwords too.

But earlier this week, Dropbox sent out emails alerting its users that a large chunk of its users’ credentials was obtained in 2012 data breach that may soon be seen on the Dark Web marketplace, prompting them to change their password if they hadn’t changed since mid-2012.

“Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012,” the company wrote. “Our analysis suggests that the credentials relate to an incident we disclosed around that time.”

Dropbox is the latest to join the list of “Mega-Breaches,” that revealed this summer, when hundreds of Millions of online credentials from years-old data breaches on popular social network sites, including LinkedIn, MySpace, VK.com and Tumblr, were sold on Dark Web.

The takeaway:

Change your passwords for Dropbox as well as other online accounts immediately, especially if you use the same password for multiple websites.

Also use a good password manager to create complex passwords for different sites as well as remember them. We have listed some best password managers that could help you understand the importance of password manager and choose one according to your requirement.

Facebook Introduced Open Source Detection Tool For Windows.

Screenshot 2016-09-28 12.24.48.png

Facebook successfully ported its SQL-powered detection tool, osquery, to Windows this week, giving users a free and open source method to monitor networks and diagnose problems.

The framework, which converts operating systems to relational databases, allows users to write SQL-based queries to detect intrusions and other types of malicious activity across networks.

Facebook debuted the open source tool in 2014 as cross-platform, but for the last two years it was only supported on Ubuntu, CentOS, and Mac OS X operating systems. Facebook isn’t the biggest Windows shop, but the company confirmed in March that because so many users were asking for it, it was building a version of the tool for Windows 10.

The tool reimagines running processes – concepts such as loaded kernel modules and open network connections – as SQL tables to better assist in visualizing data. Nick Anderson, a security engineer at Facebook who announced the news on Tuesday, said the security team regularly uses the framework to gather information on browser extensions used on its corporate network. The tool makes it easier for them to single out and remove malicious extensions.

“As adoption for osquery grew, a strong and active community emerged in support of a more open approach to security,” Anderson wrote, “We saw the long-held misconception of ‘security by obscurity’ fall away as people started sharing tooling and experiences with other members of the community.”

Screenshot 2016-09-28 12.25.59.png

Mike Arpaia, a former Facebook engineer who worked on osquery’s development team announced initial plans for the Windows osquery version in March and promised it would have cross-platform support, a monitoring daemon, and an active development system. Arpaia left Facebook this summer and co-founded Kolide, a Boston-based startup that uses osquery to help companies better monitor their infrastructure.

These are Top 10 Stupid Passwords Used to Hijack IoT Devices

screenshot-2016-09-28-12-20-10

Malware targeting Internet of Things or IoT devices is becoming more and more prevalent, with new families discovered every month, all working in the same way.

IoT malware, usually targeting various Linux flavors used to power these devices, is rarely a danger to the people or companies behind these devices, but everyone else.

All IoT malware discovered in the past two years has been seen doing the same thing. The infection starts with a crook or automated service employing brute-force attacks, trying to guess the IoT device’s admin password by trying thousands of username-password combinations.

If users haven’t changed their device’s default credentials, then crooks usually get access to the device after a few seconds. At this point, the malware alters the device by adding special code to communicate with one of its command and control servers, ensnaring it into a worldwide botnet, mainly used to execute DDoS attacks, relay proxy traffic for crooks, and brute-force other IoT devices.

In August, Kaspersky discovered that Linux-based botnets had become the most popular DDoS botnets on the market.

Only in targeted attacks, you’ll see someone use many IoT device as a pivot point inside a network, but generally, in the vast majority of cases, IoT devices are used as bots for DDoS attacks.

All of this is simplified by device owners who don’t secure their devices with custom passwords. According to Symantec, the table below shows the most often encountered passwords in IoT devices around the world.

Top usernames Top passwords
root admin
admin root
DUP root 123456
ubnt 12345
access ubnt
DUP admin password
test 1234
oracle test
postgres qwerty
pi raspberry

As you can see for yourself, most are easy guesses and are the standard passwords for equipment running on Raspberry Pi platforms, Ubuntu, or others.

According to Symantec, most of today’s IoT-malware comes with cross-platform support, and can target all major IoT hardware platforms such as x86, ARM, MIPS, and MIPSEL platforms. In some cases, there were malware families that went beyond these popular platforms and also targeted PowerPC, SuperH and SPARC architectures.

How to Scan for Vulnerabilities Using Nessus.

screenshot-2016-09-28-11-46-54

Welcome back guys. Today we will see how you can check for vulnerabilities using Nessus.

Usually vulnerability scans are done before doing the penetration tests. The database of Vulnerability scanners contains the list of all the knows vulnerabilities and checks if your system or network is vulnerable to those. Later pentesters check if the scan results are true or not.

Vulnerability scanners are quite known for being inaccurate. And it is fair right, if vulnerability scan can give you complete vulnerability list who needs a pentester ?

Nessus is one of the famous vulnerability scanners  out there and it has become a standard for pentesting.  Recently even the U.S government has switched to Nessus and now all of their federal office and U.S. military bases use Nessus to check for vulnerabilities.

If you want to be a white hat hacker/pentester, you have to be familiar with vulnerability scanners.

Step 1:

First  download Nessus( Free version ) from the Tenable website. You can find it right here. You have to be registered to download, so give your mail to receive the activation code and start downloading process by selecting your Operating system.

screenshot-2016-09-28-11-50-04

Step 2:

Once your download is completed, install Nessus. Your default browser will open and shows something like the one below. Nessus uses a client and server architecture. Your server on localhostand the browser represents the client.

screenshot-2016-09-28-11-51-31

You are very likely to receive a warning like the one below which says “Your connection is not secure.”

screenshot-2016-09-28-11-53-43

Now  you have to enter an exception for the Nessus connection on the port 8834.

screenshot-2016-09-28-11-54-57

Step 3:

Now we are ready to use Nessus and find vulnerabilities. You have to first set up an account. This is the account which you will be using to log into the Nessus server.

Once you activated the user you are good to go.

Step 4:

Now you will receive  a screen like that below. Select “New Scan.”

screenshot-2016-09-28-11-56-41

This opens a screen, which asks you to name your scan and enumerate your targets.

For simplicity sake I named it “First Scan” and had it scan my local network at 192.168.1.0/24. You can name yours whatever you like, but make certain to use the IPs on your network, then click “Save.”

screenshot-2016-09-28-12-00-15

Now click on the “Launch” button.

Step 5:

When the vulnerability scan is complete, it will list each of the hosts by IPs scanned, and the associated risks to each. The risks are color coded, with the burnt orange being the most critical.

screenshot-2016-09-28-12-11-27

Click on “Vulnerabilities” in the top-line menu to display all the vulnerabilities found on the network.

screenshot-2016-09-28-12-12-37

When an individual vulnerability is selected, it displays more detail on that particular vulnerability.

Finally, results can be saved in several different formats for reporting purposes. Click on the “Export” tab to pull down a menu with:

  • Nessus
  • PDF
  • HTML
  • CSV

Nessus DB

screenshot-2016-09-28-12-14-12

In my case, I chose PDF a menu pops up with the name of the file, and asks which program to open it up with.

screenshot-2016-09-28-12-14-56

Nessus has become the de facto standard in vulnerability scanners, and every white hat hacker should be familiar with it.

Hope this tutorial helped. Share your opinion in the comments below

Researcher finds a way to Delete and Modify Facebook Messages Sent to Other Users.

screenshot-2016-09-27-22-15-33

Sometimes I receive emails from our readers who wanted to know how to hack Facebook account, but just to delete some of their messages they have sent to their friends or colleagues mistakenly or under wrong circumstances like aggression.

How to hack a Facebook account? It is probably the biggest “n00b” question you will see on the Internet.

The solution for this query is hard to find — but recently researchers have shown that how you can modify or alter your messages once you have pressed the SEND button in Facebook Messenger.

According to the researcher Roman Zaikin from cyber security firm Check Point, a simple HTML tweak can be used to exploit Facebook online chat as well as its Messenger app, potentially allowing anyone to modify or delete any of his/her sent message, photo, file, and link.

Though the bug is simple, it could be exploited by malicious users to send a legitimate link in a Facebook chat or group chat, and later change it to a malicious link that could lead to a malware installation, tricking victims into infecting their systems.

Here’s How the Exploit Works:

The exploit works on the way Facebook assigns identities to chat messages. Each chat message has a unique “message_id” identifier that could be revealed by sending a request to http://www.facebook.com/ajax/mercury/thread_info.php.

Once message_id is identified, an attacker could alter its respective message content and send it back to Facebook servers which accept the new content as legitimate and push it back to the victim’s PC or mobile device.

“By exploiting this vulnerability, cyber criminals could change a whole chat thread without the victim realizing,” said Oded Vanunu, Head of Products Vulnerability Research at Check Point.

“What’s worse. The hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations. We applaud Facebook for such a rapid response and putting security first for their users.”

Researchers discovered the vulnerability earlier this month and notified Facebook about the flaw.

The social networking giant promptly moved to fix the vulnerability, though Facebook explained that the flaw only affected its Messenger app on Android.

Based on our investigation, this simple misconfiguration in the Messenger app on Android turned out to be a low-risk issue, and it’s already been fixed,” Facebook wrote in its blog post published Tuesday.

Additionally, Facebook claims the vulnerability could not be exploited to infect its users’ PCs with malicious software, as the company is using anti-spam and anti-virus filters to detect malware and spams.