Connect with us

Tech

Prosser: Fourth-Generation iPhone SE to Adopt Same Design As iPhone XR – MacRumors

Published

 on


Apple will base the next-generation iPhone SE on the design it used for the iPhone XR, claims leaker Jon Prosser, citing new information from his sources.

In the latest episode of the Geared Up podcast with Andru Edwards and Jon Rettinger (via AppleTrackr), Prosser claims that “The SE 4, from what I understand – and I don’t think I’ve said this publicly – is just the ‌iPhone‌ XR.”

As it is modeled after the ‌‌iPhone‌‌ 8 and prior ‌‌iPhone SE‌‌, the current third-generation ‌iPhone SE‌, released earlier this year, continues to feature thick top and bottom display bezels, unlike Apple’s other iPhones. Also, all other iPhones now feature ‌Face ID, so a potential switch to the ‌iPhone‌ XR design would mark the death knell for the ‌iPhone‌’s Home button.

The ‌iPhone‌ XR, which is no longer listed on Apple’s stores, has a 6.1-inch LCD display, whereas the current ‌iPhone SE‌ has a 4.7-inch display, so the change would additionally bring about a bigger screen size for Apple’s most inexpensive ‌iPhone‌.

The only other solid rumor about the next ‌iPhone SE‌ has come from display industry consultant Ross Young, who has proven to be a reliable source of information for future Apple products.

According to Young, Apple is planning to release a fourth-generation ‌‌iPhone SE‌‌ with a larger 5.7-inch display as early as 2023, although he did not say if such a model would retain the Home button and top and bottom bezels or adopt a notched screen with ‌‌Face ID‌.

Related Stories

Apple’s third-generation iPhone SE will feature an iPhone XR-like design with Touch ID and be the company’s last iPhone with an LCD display, according to Chinese site MyDrivers.
A machine translation of the report explains that the design of the third-generation iPhone SE is based on the iPhone XR, and will feature a Touch ID fingerprint scanner built into the side button, as well as an LCD…

2022 iPhone SE Will Have 5G But No Design Changes, Major Update Coming in 2024

The upcoming 2022 iPhone SE will gain 5G technology and an updated A-series chip, but it will not feature major design changes, leaker Dylandkt said today, echoing many of the previous iPhone SE rumors we’ve heard.
Third-generation iPhone SE rumors have been confusing for the last couple of years because some of the information pointed toward a major redesign with an iPhone 11-style look…

iPhone SE With Larger 5.7-Inch Display May Launch in 2023, ‘iPhone SE+ 5G’ Also Rumored

Apple is planning to release a fourth-generation iPhone SE with a larger 5.7-inch display as early as 2023, according to display industry consultant Ross Young, who has proven to be a reliable source of information for future Apple products.
The fourth-generation iPhone SE has until now been rumored to launch in 2024, but Young now says a 2023 release is looking more likely….

Apple Reportedly Planning to Launch New iPhone SE Models in 2022 and 2023

Apple is planning to launch two new iPhone SE models over the next two years, according to TF Securities analyst Ming-Chi Kuo.
In a note to investors seen by MacRumors, Kuo explained that Apple has two new iPhone SE models planned for 2022 and 2023 respectively. The 2022 iPhone SE will reportedly launch in the first half of the year and feature 3GB of memory, according to Kuo, while the 2023 …

Buyer’s Guide: Don’t Buy an iPhone SE Right Now – New Model Imminent

The third-generation iPhone SE is expected to arrive in less than a week with a number of notable features and improvements, so prospective customers should now hold off on buying an iPhone SE until the new model arrives.
Based on reports from reliable sources over the past two years, the third-generation iPhone SE is currently expected to bring at least three main improvements: A15…

New iPhone SE Inches Closer to Launch as Suppliers Begin Preparing for Shipments

Multiple component suppliers in Apple’s supply chain are gearing up for shipments of a third-generation iPhone SE, slated for launch in the first half of 2022, according to industry sources cited by Taiwanese publication DigiTimes.
The full report has yet to be released, but a paywalled preview reads as follows:VCM suppliers see no cutback in orders for new iPhones: VCM (voice coil motor)…

Hands-On With Apple’s Most Lackluster Smartphone: The 2022 iPhone SE

Apple last week introduced the 2022 iPhone SE, an upgraded version of its low-cost smartphone. The 2022 iPhone SE looks identical to the 2020 model, featuring only internal upgrades, and it is arguably Apple’s most lackluster iPhone. So who is it for? Read on to find out what we think.
Subscribe to the MacRumors YouTube channel for more videos. If you’ve seen the 2020 iPhone SE, well, you’ve…

Popular Stories

‘Apple Watch Pro’ Rumored to Feature Larger 47mm Case Size With Flat Display

The so-called “Apple Watch Pro” will feature a larger 47mm case size, according to a report today from Japanese website Mac Otakara. By comparison, the Apple Watch Series 7 is available in 41mm and 45mm case sizes.
A larger 47mm case size would result in the Apple Watch Pro having a larger display, which could measure in at 1.99 inches diagonally.
The report, citing information received…

Four Wildcard Features Rumored for iPhone 14

We’re less than two weeks from the launch of the iPhone 14 and iPhone 14 Pro. We’ve been hearing rumors about these new iPhones for almost a year, and while many rumored features have been reported repeatedly, there are a few wildcard features we’ve heard about that we aren’t so sure we’ll see on the upcoming iPhones, and we’ve listed four below.
Satellite Connectivity
Bloomberg reports…

Top Stories: Apple Event Announced, iPadOS 16 Officially Delayed, and More

Mark your calendars! Apple has officially announced that it will be holding a media event on Wednesday, September 7, where we’re expecting to see the iPhone 14 and additional announcements. The uncharacteristically early official announcement two weeks ahead of time may be due to this marking the return of standalone in-person media events for the first time in almost three years.
Other news …

10 Apple Devices You Shouldn’t Buy Right Now

Ahead of Apple events expected over the next two months, there are now ten Apple devices that customers currently should not buy, with replacement models fast approaching.
The fall is always a very busy period for Apple, often with at least two special events to launch new products and the release of major software updates for all of the company’s platforms. This year looks to be no…

When Are iPhone 14 Pre-Orders?

Apple has now announced that it will hold an event on Wednesday, September 7 where the company is highly likely to unveil the iPhone 14 lineup – so when are pre-orders of the new devices expected to begin?
iPhone 14 concept render by Ian Zelbo based on purported leaked information In a recent report that correctly predicted that an Apple event will take place on September 7, Bloomberg’s Mark…

Adblock test (Why?)



Source link

Continue Reading

Tech

New Microsoft Security Alert: State-Sponsored 0Day Exchange Server Attacks Confirmed – Forbes

Published

 on


Microsoft confirmed on September 30 that it is investigating two zero-day vulnerabilities that impact Exchange Server 2013, 2016 and 2019. Between them, there are more than 200,000 installations in businesses worldwide. Microsoft goes on to warn that a single, likely state-sponsored, threat group has been confirmed as exploiting both vulnerabilities by chaining them together. Microsoft adds that the CVE-2022-41040 and CVE-2022-41082 chain attacks have facilitated “hands-on-keyboard access, which the attackers used to perform Active Directory reconnaissance and data exfiltration.” While Microsoft says, it has observed these attacks against ten organizations so far, given the Exchange Server user base and the fact that the vulnerabilities are now known, the potential for further attacks is great.

The risk is significant

As such, Mike Walters, the vice-president of vulnerability and threat research at Action1, has warned that “the risk from these zero-days is significant” to many SME and enterprise companies with “vast amounts of critical data.” Security Researchers at GTSC initially disclosed that attacks were underway.

CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability, while CVE-2022-41082 enables remote code execution (RCE) via PowerShell. The former is being used to trigger the latter in a chain exploit if the attacker is authenticated at the user level in Exchange Server.

CISA advises Exchange Server users and admins to act now

Indeed, the Cybersecurity & Infrastructure Security Agency (CISA) has issued a statement urging both users and administrators to apply mitigations while awaiting an official patch from Microsoft. Microsoft is working on releasing this as soon as possible, although a timescale has not yet been given. Microsoft has further confirmed that this impacts on-premise Exchange Server installations, and Exchange Online users are unaffected by the vulnerabilities.

Microsoft has released a script for on-premise users that will mitigate the exploited SSRF vector and has released an automatic URL rewrite mitigation for users of the Exchange Server Emergency Mitigation Service.

Adblock test (Why?)



Source link

Continue Reading

Tech

Google Stadia Will Shut Down in 2023, All Purchases to Be Refunded – CNET

Published

 on



Cloud gaming service Google Stadia will shut down on Jan. 18, the search giant said in blog post Thursday. Google will refund all Stadia hardware purchased through its Google Store, along with all games and add-on content purchased from the Stadia store.

The tech giant aims to have all the refunds completed by mid-January. 

People using Stadia will still to be able to access to their game libraries, including Pro games if you had an active Pro subscription as of Thursday. In an email sent to players, Google warned that publisher support for games may vary, and it’s possible that your gameplay experience may be affected during the shut-down period (suggesting that some games could vanish or lose features early). 

It appears that Google didn’t tell many developers about the shut-down prior to the public blog post. Destiny 2 makers Bungie tweeted on Thursday about coming up with “a plan of action” in the wake of the announcement. Assassin’s Creed developer Ubisoft intends to allow players who’ve bought its games on Stadia to bring them to PC through its Ubisoft Connect digital distribution service, it said Friday. 

Google talked to at least one studio (Luxor Evolved developer Olde Skuul) about reimbursement for lost revenue as a result of the abrupt change, Axios reported Friday.

Explaining the move, Stadia vice president and general manager Phil Harrison noted Google’s investments in gaming through its Google Play digital distribution service, its cloud tech and YouTube streaming.

“A few years ago, we also launched a consumer gaming service, Stadia,” he said in the blog post. “And while Stadia’s approach to streaming games for consumers was built on a strong technology foundation, it hasn’t gained the traction with users that we expected so we’ve made the difficult decision to begin winding down our Stadia streaming service.”

Many employees on the Stadia team will be reassigned to other roles within Google, the blog post noted.

The cloud gaming service launched in November 2019, to a mixed reception.


Now playing:
Watch this:

Playing Google Stadia for the first time

7:03

“Stadia isn’t delivering new games [at the moment], it’s just trying to deliver a new way to play through streaming. One that you can already get from other providers,” CNET’s Scott Stein wrote at the time. “Until Google finds a way to loop in YouTube and develop truly unique competitive large-scale games, Stadia isn’t worth your time yet.”

Despite having some solid games in its library, Stadia failed to evolve. Google shuttered its in-house development studio in 2021, hinting that its gaming ambitions were shifting away from Stadia.

Stadia also had plenty of cloud gaming competition, with Xbox, PlayStation, Nvidia and Amazon all offering alternatives. 

It hasn’t been a total bust for the company, with Harrison saying the tech can be applied to YouTube, Google Play and its augmented reality projects. 

That tech will also be made available to Google’s industry partners. Sony gave its own streaming service a headstart in 2015 by buying the patents of OnLive — an early game streaming service — shortly before the once-promising startup shut down.

Adblock test (Why?)



Source link

Continue Reading

Tech

High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers – Ars Technica

Published

 on


Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world.

The currently unpatched security flaws have been under active exploit since early August, when Vietnam-based security firm GTSC discovered customer networks had been infected with malicious webshells and that the initial entry point was some sort of Exchange vulnerability. The mystery exploit looked almost identical to an Exchange zero-day from 2021 called ProxyShell, but the customers’ servers had all been patched against the vulnerability, which is tracked as CVE-2021-34473. Eventually, the researchers discovered the unknown hackers were exploiting a new Exchange vulnerability.

Webshells, backdoors, and fake sites

“After successfully mastering the exploit, we recorded attacks to collect information and create a foothold in the victim’s system,” the researchers wrote in a post published on Wednesday. “The attack team also used various techniques to create backdoors on the affected system and perform lateral movements to other servers in the system.”

On Thursday evening, Microsoft confirmed that the vulnerabilities were new and said it was scrambling to develop and release a patch. The new vulnerabilities are: CVE-2022-41040, a server-side request forgery vulnerability, and CVE-2022-41082, which allows remote code execution when PowerShell is accessible to the attacker.

“​​At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems,” members of the Microsoft Security Response Center team wrote. “In these attacks, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082.” Team members stressed that successful attacks require valid credentials for at least one email user on the server.

The vulnerability affects on-premises Exchange servers and, strictly speaking, not Microsoft’s hosted Exchange service. The huge caveat is that many organizations using Microsoft’s cloud offering choose an option that uses a mix of on-premises and cloud hardware. These hybrid environments are as vulnerable as standalone on-premises ones.

Searches on Shodan indicate there are currently more than 200,000 on-premises Exchange servers exposed to the Internet and more than 1,000 hybrid configurations.

Wednesday’s GTSC post said the attackers are exploiting the zero-day to infect servers with webshells, a text interface that allows them to issue commands. These webshells contain simplified Chinese characters, leading the researchers to speculate the hackers are fluent in Chinese. Commands issued also bear the signature of the China Chopper, a webshell commonly used by Chinese-speaking threat actors, including several advanced persistent threat groups known to be backed by the People’s Republic of China.

GTSC went on to say that the malware the threat actors eventually install emulates Microsoft’s Exchange Web Service. It also makes a connection to the IP address 137[.]184[.]67[.]33, which is hardcoded in the binary. Independent researcher Kevin Beaumont said the address hosts a fake website with only a single user with one minute of login time and has been active only since August.

Kevin Beaumont

The malware then sends and receives data that’s encrypted with an RC4 encryption key that’s generated at runtime. Beaumont went on to say that the backdoor malware appears to be novel, meaning this is the first time it has been used in the wild.

People running on-premises Exchange servers should take immediate action. Specifically, they should apply a blocking rule that prevents servers from accepting known attack patterns. The rule can be applied by going to “IIS Manager -> Default Web Site -> URL Rewrite -> Actions.” For the time being, Microsoft also recommends people block HTTP port 5985 and HTTPS port 5986, which attackers need to exploit CVE-2022-41082.

Microsoft’s advisory contains a host of other suggestions for detecting infections and preventing exploits until a patch is available.

Adblock test (Why?)



Source link

Continue Reading

Trending