Apple's latest software update for its iPhone and iPad brought several security patches, including a weakness in Wi-Fi-connected devices which could expose users to nearby hackers.

But according to Zhi Zhou, a security engineer at Ant Financial Light-Year Security Labs, there is a wireless network naming bug affecting Apple's iOS which could effectively disable iPhone's ability to connect to Wi-Fi networks. The bug was first spotted by Carl Schou, who discovered that his iPhone's Wi-Fi functionality gets disabled on joining a Wi-Fi network with the name "%p%s%s%s%s%n" even after rebooting the phone.

Carl Schou noted that after joining the WiFi with the SSID “%p%s%s%s%s%n” his iPhone's WiFi functionality permanently got disabled and neither rebooting nor changing SSID could fix it.

Analysis of the SSID Format String Bug



The bug stems from the manner Apple's iOS parses the SSID input, which triggers a denial of service in the process; it concatenate the SSID to a format string and pass it to WFLog:message: method. With the destination as 3 so it was the second xref of CFStringCreateWithFormatAndArguments that triggered the denial of service.



It could have had some serious implications in an instance that bad actors exploit the issue to plant fraudulent Wi-Fi hotspots with the name to break a device's wireless networking features. But for the exploitability, the rest of the parameters doesn't quite seem likely to be controllable, thus making this case inexploitable.

After all, you'll need to connect to that WiFi to trigger this bug, where the SSID is visible to the victim and a phishing Wi-Fi portal page might be even more effective.

How to Mitigate the iPhone Wi-Fi naming bug?



If perhaps, you experimented with it and your iPhone has been affected by the bug, you would need to have the iOS network settings reset by going to Settings > General > Reset > Reset Network Settings and confirm.

Albeit, it rarely looks like a format string bug which is seen nowadays, but luckily, Android devices are not affected.

Apple's iOS susceptible to Wi-Fi network naming bug

Of course, you want the fastest and the best Internet connection. Every one of the 4.66 billion active Internet users across the globe wants the same thing. By ensuring that your Mac, iPad or iPhone automatically prioritizes and connects to the strongest available Wi-Fi network is going to help you with blazing fast browsing speed.

Regardless of whether you have multiple access points in your house or got a bunch of saved networks in an area, you can get the best connection at all times by simply setting network priority. It is important to know that isn’t an option or button on your Apple devices that just lets you set a Wi-Fi network on priority. This is because your device will connect to one of the available networks automatically and it is typically the one with the best strength.

But, the problem arises when you are in areas with multiple Wi-Fi networks. Then your device might get connected to any one of the saved networks and it might not necessarily be the fastest one. But, you can manually manipulate this. Are you looking to set the Wi-Fi network priority on your Apple devices? Read on to know what you have to do.

Wi-Fi Network on Priority in Macs



macOS is all about user-friendliness and one of the features that are often ignored by Mac users is the ability of their device to prioritize saved networks by the order in which you want Mac to connect to them. This allows you to define which network has a higher priority so that your Mac will connect to them when they’re available and even if you’re working on a different network, your device will switch to the prioritized network when it becomes available.



If your Mac is connected to multiple networks, you can simply delete a Wi-Fi network that isn’t useful to you anymore. This will make sure that your device doesn’t get connected to a network that doesn’t offer you the speed and signal strength that you are looking for. Also, you can forget all of the accumulated networks and add them back again one by one. Remember that the last network which you add is going to be the high priority one.

Next, you can follow these steps:

  • You can access the feature in your Mac that helps you prioritize Wi-Fi by clicking on the Wi-Fi icon in the menu bar and go to Open Network Preferences or you can go to Settings and then to the Network preference pane.
  • From the Network preference pane, make sure that you have selected Wi-Fi in the left sidebar and then from the right sidebar, you have to click on the ‘Advanced’ button which you can find toward the bottom.
  • In the next window, you’ll be presented with a column titled ‘Preferred Networks’ where you’ll find all of your remembered networks and it will be listed. You will notice a ‘+’ and ‘-‘ buttons below that window and these buttons will help you to move the networks up and down according to your preference. So, the networks that you place on top of the list are going to be the high-priority ones and your device will first connect to them if they’re available. To lower the preference of the network, you just need to move it down the list.


When you’re done, simply click OK and your Mac will save those settings.

Wi-Fi Network Priority on Apple iOS



  • Manually connect to a Wi-Fi network – Even though your device will probably automatically connect to a network, but if that is not your preferred network, you can always manually connect. You can do this on iPad, iPhone, and also Mac. On your iPad or iPhone, you can switch Wi-Fi networks from the Control Center or the Settings app. From the Control Center, you have to go to the Wi-Fi icon and from the list of available networks, select one that you prefer.
  • Sync network priority from Mac to iPhone/iPad – If you own a Mac, you can set the Wi-Fi priority there (as mentioned before) and then sync the settings with your iPhone or iPad. You will have to be signed in with the same Apple ID on both the systems and also keep the iCloud keychain turned on. You can check these settings on System Preferences on your macOS and click on the Apple ID. Then make sure that the Keychain box is clicked. On your iPad or iPhone, you have to go to iCloud and then Keychain to ensure that it is toggled on. When both these settings are turned on, it means that you are ready to sync.


In conclusion, prioritizing Wi-Fi networks will most definitely help to bring better connection speed and range. Therefore, you can go ahead and try these hacks out if you want to have a more smoother experience.

How to Set Wi-Fi Network Priority on Apple devices - iPhone, iPad, and Mac?

Psiphon's circumvention system employs a combination of secure and obfuscation technologies (VPN, SSH, and HTTP Proxy) to enable Web users to securely bypass the content-filtering systems used by governments to impose extralegal censorship of the Internet.

But now, threat actors are finding ways to leverage Psiphon VPN and app like Telegram to install Windows Remote Access Trojan (RAT) which is capable of stealing sensitive data from victims' devices, according to cybersecurity firm Kaspersky, which has attributed the campaign to the advanced persistent threat (APT) group, Ferocious Kitten.

Ferocious Kitten is an Iranian cyber-espionage group that has operated under the radar since 2015, by deploying a host of obfuscation techniques to implant malware that remains undetected on target devices, such as Android phones and PCs.

How Hackers are targeting Psiphon VPN Users and stealing sensitive data from victims' devices?



Hackers targeting of Psiphon hinges on the popularity of the services in Iran, and underlines the fact that the payloads were developed to target Iranian users, with the decoy content deployed by the malicious files often politically themed and involving images or videos of resistance or strikes against the Iranian regime.



Kaspersky researchers findings correspond to two weaponized documents uploaded to VirusTotal in July 2020 and March 2021 which were embedded with macros, that when enabled, could drop next-stage payloads to deploy new implant called MarkiRat. The backdoor allow adversaries access to targeted personal data, such as recording of keystrokes, clipboard content capture, download and upload of files, coupled with the ability to execute arbitrary commands on the victim's machine.

The attackers equally experimented with some variants of MarkiRat found to intercept the execution of apps like Chrome and Telegram to launch the malware and keeping it persistently anchored to the PC, making it harder to be detected or removed; among the discovered exploits included a backdoored version of the open-source VPN tool, Psiphon.

The group's command-and-control infrastructure is believed to have hosted Android applications in forms of DEX and APK files, which raises the question if the threat actor is simultaneously developing malware targeted at Android users.

While Ferocious Kitten's domestic focus may have shielded the group from international scrutiny, Kaspersky’s discovery shows that cyber-surveillance of the Iranian public is now more extensive and intrusive than previously imagined.

Psiphon VPN exploited by Hackers to install Windows Remote Access Trojan

The long expected elementary OS 6 release is taking shape nicely with beta 2 release which is now available for public testing, for those who are seeking for a sneak peek into a variety of features that are in store for the final release.

As the second beta release, elementary OS 6 Beta 2 contains some ambitious plans which the development team has for the stable release, which includes serving as an open and privacy-focused replacement for macOS and Windows, with the so-called pay-what-you-want model.

And what's perhaps the major highlight in elementary OS 6 Beta 2 is the addition of first party Flatpak applications; transitioning to Flatpak packages for any pre-installed apps is now a work-in-progress.

What's New in elementary OS 6 Beta 2?



The addition of Flatpak applications means that more first-party applications will now embrace Flatpak packaging, and also, it will make its way to third-party applications that are available in the App Center which developers can copy to make their own applications available as a Flatpak package.



Besides the addition of first party Flatpak applications, elementary OS 6 beta 2 brings some key upgrades along with several under-the-hood improvements. Such as the few UI tweaks to the installer for a cleaner look and also made available is a subtle animation with the installation progress instead of just a static icon.

Additionally, this release brings the ability to add online accounts from System settings, allowing users to add mail and calendar accounts, with IMAP and CalDav standards fully supported. And added accounts shows up in apps like Tasks, Calendar, and Mail making the experience rather seamless.

How to Download elementary OS 6 Beta 2?



If you're already running the first beta, you'll need to re-install Beta 2 for proper testing and the installer window size remains the same. You ou can get the elementary OS 6 Beta 2 for public testing from its official builds page.

But note that this release is only meant for testing and development purposes, so don't install it on your main production system.

elementary OS 6 is taking shape nicely with beta 2 release

Polkit (PolicyKit) is a toolkit that controls system-wide privileges in Unix-like operating systems, offering an organized way for non-privileged processes to communicate with privileged ones.

While a privilege escalation vulnerability has been discovered in the Polkit service that could be exploited by an unprivileged attacker to bypass authorization and escalate permissions as a root user.

The vulnerability which is tracked as CVE-2021-3560 (with CVSS score of 7.8) affects Polkit versions 0.113 to 0.118 and was discovered by Kevin Backhouse, GitHub security researcher, who stated that the issue was introduced in a code commit made in 2013.

How the Polkit Flaw allow Unprivileged Linux users Root Access?



The function `polkit_system_bus_name_get_creds_sync` is employed to get the uid and pid of the process requesting the action, and it does this by sending the unique bus name of the requesting process, typically something like ":1.96", to `dbus-daemon`.



These unique names are assigned and managed by `dbus-daemon` and cannot be forged, so this is a good way to check the privileges of the requesting process. The vulnerability happens if the requesting process disconnects from `dbus-daemon` before the call to `polkit_system_bus_name_get_creds_sync` begins.

In this instance, the unique bus name is no longer valid, so `dbus-daemon` sends back an error reply, which error case is handled in `polkit_system_bus_name_get_creds_sync` by setting the value of the `error` parameter, but it still returns `TRUE`, rather than `FALSE`.

This means that all callers of `polkit_system_bus_name_get_creds_sync` need to carefully check whether an error was set.

How to Mitigate against the Polkit Vulnerability?



Some of the popular Linux distributions affected by the polkit vulnerability includes Fedora 21 (or later), RHEL 8, Debian "Bullseye," and Ubuntu 20.04; albeit the issue has been fixed in Polkit version 0.119, released on June 3.

Therefore, Linux users are advised to update their Linux installations in order to mitigate any potential risk that may arise from the Polkit flaw.

Polkit Vulnerability grant Attackers Root Access on Linux Systems

ImgDownloader is a versatile all-in-one image downloading engine for automatic downloading of images and thus, helping content creators to curate contents easily.

It presents to you a very powerful image downloader tool that enables you to download all images from any site, including Pinterest and Instagram Images which are know to be hard nuts to crack. And ImgDownloader doesn't stop at just images, you can also get videos and MP4 files instantly.

Imagine the sheer possibility of downloading your entire image results in bulk, that is what you get by using ImgDownloader, you can even enter your desired image keyword and preview the images returned through Google’s index, and easily download all or specific image with a single click.

Major Websites that You can download Images in Bulk using ImgDownloader



ImgDownloader works across all websites, including the popular ones listed below which seems to restrict easy download of images.



  • Instagram Image Downloader: Downloading an image from Instagram does not come easy, as the platform makes it very difficult to download and safe images from it. But with ImgDownloader downloading your favorite celebrities images is an simple as a breeze.
  • Google Image Downloader: Are the type that requires bulk image curation from Google and don't know how to go about it? ImgDownloader allows you to download images in bulk using google search engine.
  • Pinterest Image Downloader: Here you can easily download images from Pinterest in just one click.



Additionally, you are not restricted to just these mentioned major image sources, as ImgDownload works across all websites, simply paste the image URL and ImgDownloader will automatically fetch all the images within the web address. It even retrieve images hidden in the CSS/JS files and you can preview all the images, download each of them or use the "Download All" button to get all of them in one click.

How to Download Bulk Images from Instagram using ImgDownloader?



ImgDownloader as a powerful bulk image downloader allows you to easily download images from any Instagram profile. Find the steps to follow in downloading your favorite images from Instagram below:

Step 1:

Go to imgdownloader.com, and you will find the Instagram tab at homepage, simply select it and enter your search keywords.

Step 2:

Then click on the search button to fetch images related to the keyword. Alternatively, you can copy the Instagram Image URL and paste it direct into the website to fetch all the images.

Step 3:

If you choose either approach, you'll be presented with a preview of 10-12 images with the ability to load more by simply clicking the button below. You can load as many images or all, by selecting the Download All button to download all the images.

Finally, you will see a message "Packaging and Downloading" which depending on your network speed, may take a few minutes. After which, you will get a zip file of all images. You can follow similar process to download images from Google search.

ImgDownloader Review: Download and Save Images with one Online Tool

The internet standard, TLS (Transport Layer Security), secure the communication between the servers and clients over the internet, and designed to be application layer independent, allowing many diverse communication protocols.

While ALPACA is an application layer protocol content confusion attack, which exploits TLS servers with different protocols that uses compatible certificates, like wildcard certificates. And attackers can also redirect traffic from one subdomain to the other, resulting a valid TLS session.

According to a group of researchers from Ruhr University Bochum, M√ľnster University and Paderborn University, the attack breaks the authentication of TLS making cross-protocol attacks possible where the behavior of a protocol service could compromise the other at the application layer.

How ALPACA Attack takes advantage of TLS Flaw for Cross-Protocol Attacks?



The general TLS flaw behind ALPACA is found within the server authentication, which potentially affects all TLS servers that have compatible certificates with other TLS services, therefore making all the servers vulnerable.



There are three possible ways an attacker can use cross-protocol attacks against webservers and Email servers exploiting vulnerable FTP, namely: the Upload Attack, the Download Attack and the Reflection Attack, whereby the attacker executes a reflected XSS in context of the victim site.

But the success of the ALPACA attack depends on many preconditions which need to be fulfilled, like the generic attack requires a MitM attacker to intercept and divert the victim's traffic at the TCP/IP layer. And the potential consequences of ALPACA attack are dependent on the interactions of two unknown protocols, with a number of undesirable behaviors possible.

How Can Admins mitigate these TLS attacks?



There are two extensions that can provide some protection to the application layer protocol in TLS, namely: SNI and ALPN. While SNI is the client that allow the server to know about the hostname it needs to connect to, and also useful in virtual hosting configurations. And the SNI standard allows the server to terminate the connection when the hostname doesn't match that of the server, which could prevent ALPACA attacks in practice. However, this strict behavior is rarely implemented, even among the best web servers.

But the good news is that many vendors have updated their servers to remove exploitation vectors and adding countermeasures in the application layer and/or TLS implementation. With the TLS library maintainers haven reviewed the ALPN and SNI implementations and updated their code and documentation to allow implementation of countermeasures by developers.

ALPACA Attack: TLS Flaw exposes Secure Sites to Cross-Protocol Attacks

If you've ever desired having eye-catching photos on social media, then what you need is Photo Effects by Vertexshare, which includes filters, black and white photo effects to make your photo feel a bit old.

While blurring photos editor add contrast to colors and highlight subject, Photo Effect takes things a notch higher with advanced algorithms to enhance your photos quality.

In fact, it has never been so easy to add effects and filters to photos, as with Photo Effects, you can even enhance your photo using a gallery of stunning imagery.

What are the Main Features of Photo Effects?



Photo Effects is perhaps a great boon to photo editors or creators, especially those on a shoestring budget. With such advanced features as listed below:



  • Smart DRC: Use the smart DRC for dynamic range compression and contrast enhancement of digital images.
  • Tone Mapping: Change the tone mapping of your photo to make flat HDR images more punchy and full of details.
  • Shadows and Highlights: Provide special algorithm to change the highlights, shadows and tonal width.
  • Exposure: Easily Adjust the photo exposure including lightness, contrast and saturation.
  • Local Contrast: Local contrast enhancement increases "local" contrast in smaller portions while protecting large-scale s/h details.
  • Sharpness: Sharpen and enhance the edge to create incredible effects. Make the photo clear.
  • White Balance: Adjust the color temperature and correct color casts that result from certain lighting situations.
  • Noise Reduction: Get rid of the noises from the photo that taken by digital camera. Enhance and improve photo quality.


Additionally, there are capabilities such as Channel Mixer, Soft light, Vignette and Presets, among others.

How to use Photo Effects preset filters with one click



It is pretty easy to create your own filters and effects manually using Photo Effects, with over 15 preset effects available.



Step 1:

Using sliders to get customized effects
This is a very straightforward process, as you can move the sliders to create natural tones and colours and get the results instantly.

Step 2:

Using the inbuilt preset effects to enhance photo automatically.

You've been availed with more than 15 filters that you can easily apply, including FortisEnhanced, Freya, Namaewa, StrongHold, VignetFairye and so on.

Conclusion



Photo Effects is a freemium professional photo effect editor, packed with various tuners that allows you to apply adjustments to your photo to make it look amazing in an instant.

And the minimalist design and AI enhanced intuitive settings ensure the app can be easily mastered by both newcomers and experts. If perhaps, you really want to improve the quality of your photos, then you won't fail to try out Photo Effects absolutely free.

Photo Effects for Windows and Mac: Create cool photo effects easily

N3Cr0m0rPh Malware, also known as Necro Python, is a family of botnet written in Python which was discovered in 2015, with Windows systems often the initial targets.

Now, both Linux and Windows devices are targets, with active exploits recorded at the start of 2021, which malware campaign dubbed "FreakOut" exploits vulnerabilities in network-attached storage (NAS) devices running on Linux machines.

It co-opt the Linux machines into a botnet useful for launching DDoS (distributed denial-of-service) attacks and Monero cryptocurrency mining.

How N3Cr0m0rPh Malware Family gets Upgraded with New Evasive tricks?



According to researchers at Cisco Talos, there is a newly discovered malware campaign that utilizes the Necro Python bot with new functionality and improved chances running undetected on infected vulnerable systems.



The upgraded botnet contains exploits for over 10 different web apps, including the SMB protocol. It combines RAT-like and DDoS functionalities to download and launch more payloads; with stealth in mind it installs a rootkit that hides the malware presence on the system.

Additionally, the botnet injects malicious code to execute a JavaScript-based miner from a remote server in HTML and PHP files stored on the infected systems.

What Organizations Need to Do to Mitigate such Malware Attacks?



While the core functionality had remained the same, with IRC for communicating with the C2 server and commands for launching DDoS, backdoor and stealing and exfiltrating data; it has increased chances of spreading and infecting more systems.

And notably, it exploits vulnerabilities in Vesta Control Panel, VMWare vSphere, SCO OpenServer, and other related products; which makes it mandatory for users to ensure that these products are up-to-date and always apply patches for their devices to shut off vulnerabilities.

N3Cr0m0rPh Malware Family Upgraded with New Evasive tricks

openSUSE Leap's clear advantage is the provision of at least 18 months of updates for each release; with openSUSE Leap 15.2 released last year to close the gap between SUSE Linux Enterprise (SLE) having the same binary packages in the enterprise version.

The latest version, openSUSE Leap 15.3 recently released is built not just from SUSE Linux Enterprise source code like in the previous versions, but with the exact same binary packages, thus strengthening the flow between Leap and SLE. And it comes as a rock-solid addition to the openSUSE 15.x series which carries all the attributes of its predecessors, making it hugely beneficial for migration projects and user acceptance testing.

Besides having the same binary packages as in SUSE Enterprise Linux, openSUSE Leap 15.3 comes with several other major changes that makes it a really exciting release.

What's New in openSUSE Leap 15.3 Release?



openSUSE Leap already runs great on several architectures, but this new release brings support for IBM Z and LinuxONE (s390x) systems, and directly uses binary packages from SLE for aarch64, powerpc64, and x86_64, which users can find the images on get.opensuse.org.



There is also the visual changes, with major new features in Xfce 4.16 including new icons and palette, as Xfce shines out of the box. And the Settings Manager has received a visual refresh of its filter box, which can be hidden permanently too. Also, the DNF package manager will be updated to version 4.7.0 that provides new features in the whole stack and expected improvements, with the DNF Python API stable and supported.

Additionally, there are security several updates like containerd, podman, kubeadm and cri-o. And openSUSE Leap 15.3 will offer users more power to develop, ship and deploy containerized applications with the newer container technologies maintained in the distribution. As Kubernetes gives a huge boost to container orchestration capabilities, allowing automated deployments, scale, and management of containerized applications.

How to Download or Upgrade to openSUSE Leap 15.3?



If you are a new user and want to have a feel of openSUSE Leap, you can get the latest ISO from the official download website.

However, if you're an existing user, you will have to make sure that you are running Leap 15.2 before upgrading to Leap 15.3. You can find a more detailed information about the upgrade process in the official release notes.

openSUSE Leap 15.3 strengthens the flow between Leap and SLE

Google has rolled out Chrome 91 on the stable channel, with the latest version of the browser bringing tons of features including the super-fast non-optimizing Sparkplug compiler, that compiles bytecode to machine code.

While Google had earlier introduced a two-tier compiler system in the V8 engine made up of Ignition and Turbofan for JavaScript execution in Chrome browser. The Ignition is responsible for executing the JavaScript while Turbofan optimizes the code for maximum performance, these compilers make tradeoffs during the different phases of JavaScript execution.

As part of Chrome’s V8 JavaScript/WebAssembly engine, Sparkplug will be nestled between the Ignition interpreter and the TurboFan optimizing compiler; thus filling the gap between the JavaScript execution tradeoffs.

How Sparkplug compiler will ensure faster performance in Chrome?



Sparkplug does not depend on gathered information while executing JavaScript for generating machine native codes, which allows for quicker execution and generating high-performance codes.



It compiles directly from bytecode instead of JavaScript source; thus Sparkplug compiles functions already compiled to bytecode, and the bytecode compiler having done work such as determining if parentheses are arrow functions, variable resolution, and desugaring destructuring statements.

And given that it compiles directly to machine code through a single linear pass over the bytecode, it emits code that matches the execution of that bytecode.

How to Download or Upgrade to Chrome 91?



Google updates for Chrome happens in the background, and also, users can install the latest version manually, by clicking on "About Google Chrome" from the Help menu; with the result tab display showing if the browser has been updated or the download-and-upgrade button.

Apart from the Sparkplug compiler feature, the new update also brings many performance improvement under the hood, which according to Google, Chrome 91 is 23 percent faster than the previous version.

Chrome Sparkplug compiler to boost JavaScript performance

AlmaLinux is a free Linux distribution, a complete binary-compatible release running the Red Hat Enterprise Linux (RHEL) operating system source code.

While the first stable release of AlmaLinux, v 8.3 was introduced on March 30, 2021; initially built by CloudLinux experts, AlmaLinux is now being owned and governed by the community. The latest release, AlmaLinux 8.4 brings a lot of security improvements such as Secure Boot which is now fully supported and OpenSCAP security profiles ready for production.

AlmaLinux 8.4 is coming one short week after the release of RHEL 8.4, and as a production ready, stable release and ready to power all your computing needs and workloads.

What's New in AlmaLinux 8.4 Release?



AlmaLinux 8.4 biggest change is perhaps the most requested feature, Secure Boot, which is now fully supported in this latest release.



Other changes include new module streams and compiler updates, with the release of a devel repo. More detailed changes can be found below:

  • PowerTools repo is now disabled by default
  • OpenSCAP security profiles are now ready for production
  • Secure Boot is now fully supported
  • devel repo released with extra packages and build dependencies


You can also find link to the upstream release notes here, which will provide you with a complete list of changes and updates to this release.

How to Download or Upgrade to AlmaLinux 8.4?



AlmaLinux 8.4 is available in three installation ISO images, AlmaLinux-8.4-x86_64-boot.iso, AlmaLinux-8.4-x86_64-minimal.iso, and AlmaLinux-8.4-x86_64-dvd.iso; but it is recommended to download ISO images using the torrent links.

Alternatively, you can get a mirror from the list on mirrors.almalinux.org website closest to your geographic area, as local mirrors will be a lot faster than using repo.almalinux.org and download a suitable ISO image from the 8.4/isos/x86_64/ directory.

AlmaLinux 8.4 Release: CentOS-like distro based as a precise RHEL clone