You are reading the article What You Need To Know About The Acedeceiver Trojan That’s Affecting Some Ios Devices updated in December 2023 on the website Katfastfood.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested January 2024 What You Need To Know About The Acedeceiver Trojan That’s Affecting Some Ios Devices
Stock, non-jailbroken iOS devices appear to be vulnerable to a new security threat; a trojan known as AceDeceiver, which can be installed on an iOS device without the user’s knowledge and without the help of an enterprise certificate. Once installed, it will spread malware and unwanted software to the user’s device.
AceDeceiver only seems to be affecting those located in China at this point in time, but because that could change on the fly, you need to know how to protect yourself so similar threats don’t affect users across the globe in the future.
How the AceDeceiver iOS trojan worksAceDeceiver is the first iOS malware we’ve seen that abuses certain design flaws in Apple’s DRM protection mechanism — namely FairPlay — to install malicious apps on iOS devices regardless of whether they are jailbroken. This technique is called “FairPlay Man-In-The-Middle (MITM)” and has been used since 2013 to spread pirated iOS apps, but this is the first time we’ve seen it used to spread malware. (The FairPlay MITM attack technique was also presented at the USENIX Security Symposium in 2014; however, attacks using this technique are still occurring successfully.)
Apple allows users purchase and download iOS apps from their App Store through the iTunes client running in their computer. They then can use the computers to install the apps onto their iOS devices. iOS devices will request an authorization code for each app installed to prove the app was actually purchased. In the FairPlay MITM attack, attackers purchase an app from App Store then intercept and save the authorization code. They then developed PC software that simulates the iTunes client behaviors, and tricks iOS devices to believe the app was purchased by victim. Therefore, the user can install apps they never actually paid for, and the creator of the software can install potentially malicious apps without the user’s knowledge.
Because the apps can be installed by way of the bogus authentication without user consent, those affected by the trojan are in danger of having their personal data, such as their Apple ID login information, snooped on or stolen.
It’s explained that there were originally three “wallpaper” apps in the App Store between July of 2023 and February of 2023 that managed to pass Apple’s review process and allowed the attackers to obtain a copy of Apple’s DRM authorization code.
Despite Apple removing these malicious apps from the App Store in February, iOS devices remain in danger for their security because the vulnerability still hasn’t been patched in Apple’s DRM protection mechanism and the attackers still have a copy of that authorization code that can be used to install malicious apps.
How it affects usersUsers of the infected apps are prompted to install an app on their Windows (not Mac) machines known as Aisi Helper, which claims to be a useful piece of software that could help with restoring devices, jailbreaking them, backing them up, or even cleaning out junk files from them.
Regardless of what it said it would do, Aisi Helper would actually contact a third-party app store that was being controlled by a third-party. It would then enable the attackers behind the third-party app store to use the DRM authorization code they obtained from the official App Store to install malware and apps on the user’s device over the USB connection to the Windows PC without their knowledge.
Specifically, Aisi Helper would automatically install a very specific app onto the iOS device that was tailored to the attackers’ needs, and would ask the user to enter their Apple ID login information to enable more features within the app. These Apple IDs would later be phoned back home to the attackers to keep for their records. This, of course, meant that users Apple IDs were being compromised by the malware.
Who’s still affected?Again, although it seems to only be affecting some people in certain regions of China, the attackers could always modify their app to affect others anywhere else in the world until Apple officially fixes the DRM vulnerability that the attackers are exploiting.
How to protect yourselfIf you use a Windows machine, avoid downloading sketchy software. If you downloaded Aisi Helper, remove it immediately. Those with Macs will be unable to run the Aisi Helper tool, but there’s no telling whether or not this could change in the future.
If prompted to enter your Apple ID for any reason, ensure that you’re entering it into a legitimate Apple app only, and never for a third-party app. Due to App Store restrictions, a third-party app should never ask for access to your Apple ID, so any third-party app asking for it should throw up red flags for you immediately.
Other steps to take, as recommended by Palo Alto Networks, include:
Check to make sure no strange enterprise certificates have been installed on your device
Check to make sure no strange provisioning profiles have been installed on your device
Enable two-factor authentication for your Apple ID
Change your Apple ID password as soon as possible
The security firm also notes that any enterprise certificates or provisioning profiles related to AceDeceiver could have names equal or similar to:
aisi.aisiring
aswallpaper.mito
i4.picture
Wrapping upAnother day, another vulnerability. Fortunately, by following Palo Alto Networks’ recommendations above, you can help keep yourself safe from this or similar attacks that may exist. Sometimes there is no way to tell if there are other rogue attacks out there like this one until it’s too late.
Source: Palo Alto Networks via Mac Rumors
You're reading What You Need To Know About The Acedeceiver Trojan That’s Affecting Some Ios Devices
What You Need To Know About The “Rosetta” Flash Exploit
Flash? What’s That?Everyone who’s tech-savvy already knows that Flash isn’t exactly the safest piece of software to use. It’s written in stone: Avoid opening non-trustworthy pages with Flash. While the vast majority of the public is not aware of this, what is perhaps even worse is that they’re not aware that Flash has an exploit that can really ruin their day. This is why you’re about to find out what this new exploit, known informally as the “Rosetta” exploit, is and what you can do about it.
For those of you who don’t understand what Flash is, it’s the software you sometimes use to view animated content online. Websites like YouTube operated largely on Flash until recently. In case you’re curious, it’s developed and maintained by Adobe after an acquisition from Macromedia.
OK, So What Is The Rosetta Exploit?An engineer at Google discovered something awry in Flash’s software. It was basically a security hole that allowed anyone who exploited it to gain access to things like cookies and any other additional data that the browser provides in a request. The engineer, Michele Spagnuolo, developed a tool called “Rosetta Flash” that showed how malicious SWF (Flash content) files can be used to do the things he claimed could happen. For years, the exploit has been out in the open and no one bothered to fix it until now. That fact alone should make you a bit wary of using Flash in the first place.
How to Protect YourselfLuckily for you, Adobe has come up with a fix and it’s already available. The best way to protect yourself at this moment is to update Flash. It’s that simple. Of course, you should also keep your browser up to date!
If you’re using Chrome, Flash will automatically update if you update your browser. The same goes for Internet Explorer versions 10 and 11.
However, if you’re using Firefox, you will need to manually update Flash using the link I provided above. In case you’re curious, the latest version number is 14.0.0.145.
How to Prevent Any Future Exploits But How do I Watch Videos Without Flash?Don’t panic! There’s a little thing called hypertext markup language (HTML). For several years, it’s been the language that people used to display whatever you see in websites. Until recently, the only thing it did was allow you to create static content. Without helpers like Flash and other media languages and software, you’d just see websites as they were in the 90s.
This is not the case anymore, though. HTML5, the latest revision of HTML, allows for dynamic multimedia content to be implemented into web pages directly without needing extra layers of software running on top of it. This means you can see videos directly without having to use Flash. Most of the largest websites already support this, so you don’t need to do anything. Just stop using Flash!
All you need to use HTML5 is the latest version of either Chrome, Firefox, Internet Explorer, Opera, or Safari. Using this link, you can see how compatible each one is with the new language. Oh, and don’t worry about your smartphone or tablet. They already support this as long as you’re using one of the mainstream browsers.
The important thing is to leave Flash behind and learn to live without it. Its outdated technology and security risks it presents make it more of a hassle to have around. It’s time for Flash to retire!
To disable flash, follow the proper procedure for your browser:
Internet Explorer – Follow this guide.
Goodbye, Flash! Or Not?While most prominent multimedia websites already support HTML5, it’s not always going to be a Flash-free world out there. In the event that Flash is absolutely crucial for you to view content, ensure that the website you’re visiting is trustworthy first. If you’ve never used it, assume hostility on first contact. Safer browsing breeds healthier computers!
Miguel Leiva-Gomez
Miguel has been a business growth and technology expert for more than a decade and has written software for even longer. From his little castle in Romania, he presents cold and analytical perspectives to things that affect the tech world.
Subscribe to our newsletter!
Our latest tutorials delivered straight to your inbox
Sign up for all newsletters.
By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy. We will not share your data and you can unsubscribe at any time.
Everything You Need To Know About The Fica Tax
Small business owners are required to collect, report and remit FICA taxes to the IRS. If they don’t, the business owner may face penalties and fines.
The FICA tax comprises Social Security, Medicare and unemployment benefits.
Outside of increases due to inflation, FICA taxes don’t change much, which means small business owners can set it and forget it.
This article is for small business owners wanting to learn more about the FICA tax and how to calculate it.
Paying taxes is a key responsibility of owning a business. While business owners need to be aware of several types of taxes, the biggest one is the Federal Insurance Contributions Act (FICA) tax. FICA taxes are paid by both employers and employees to cover Social Security and Medicare. Since this is such an important payroll tax, business owners need to know what exactly these taxes entail, how to calculate them and when to pay them.
What is FICA?FICA is the federal income tax that business owners are required to pay on their employees’ behalf. They do that by withholding 10% to 37% of pay from workers’ paychecks. The employee’s income and filing status will determine how much the IRS gets in federal income taxes. In addition to the money they withhold from employee paychecks, employers are responsible for paying their own share of the tax.
FICA comprises three taxes: Social Security tax, Medicare tax (with an additional tax for high-income employees), and Federal Unemployment Tax Act (FUTA) tax.
Social Security tax: The Social Security tax, which is 12.4% of income, is split between the employee and employer. Business owners are required to withhold 6.2% from employees’ paychecks and match the remaining 6.2%. As of 2023, a maximum of $142,800 can be taxed to cover Social Security. This means that those who make more than that are only taxed for Social Security on the initial $142,800, not on anything more than that.
Medicare tax: The Medicare tax is 2.9%, which is also split between the employee and employer. The employer withholds 1.45% of their employees’ wages and pays 1.45%. There is no limit on the income that can be taxed for Medicare.
Additional Medicare tax: There is an additional 0.9% tax for high-income earners – those who make over $200,000 as a single filer, $250,000 as a married person filing jointly, or $125,000 as a married person filing separately. There is no employer match for this added tax.
FUTA: The Federal Unemployment Tax Act was created to fund the nation’s unemployment benefit programs. Employers are required to pay 6% of the first $7,000 of workers’ wages. Businesses that pay this tax fully and on time receive a 5.4% credit, which lowers their FUTA tax responsibility to 0.6%.
Breakdown of FICA taxesType of taxSocial Security taxMedicare taxAdditional Medicare taxFUTA taxPercentage of income12.4%2.9%0.9%6% of the first $7,000 of workers’ wagesWho pays?Employee and employerEmployee and employer
Married employees who make over $125,000 and are filing separately
Single employees who make over $200,000
Married employees who make over $250,000 and are filing jointly
EmployerRequired withholding from employees’ paychecks6.2%1.45%N/AN/ARequired employer match6.2%1.45%N/AN/AMaximum taxable income$142,800No limitNo limit$7,000
Key Takeaway
FICA’s three components are Social Security, Medicare and FUTA taxes. Employers and employees split the bill for the Social Security and Medicare portion of FICA, and high-income employees pay an additional Medicare tax.
What payments are not subject to FICA taxes, and who is exempt?FICA doesn’t apply to all wages. These are some types of compensation that are not subject to FICA taxes:
Wages paid after an employee dies
Wages paid to disabled employees after they begin collecting Social Security disability insurance benefits
Expense reimbursements on mileage
Employer retirement contributions
Did You Know?
While most employees must pay FICA taxes, there are some exceptions. Employees who have worked for the government since 1984, as well as some state workers, may not have to pay FICA taxes.
How is FICA calculated?Calculating FICA tax contributions of an employee and employer is straightforward. You multiply the employee’s gross pay by the tax rates for Social Security and Medicare. If your employee earned $1,000 this week and is required to contribute 6.2% to Social Security and 1.45% to Medicare, it would amount to $76.50. The employer would pay the other half plus FUTA.
Calculating the FICA tax can get cumbersome if you have tens or hundreds of employees. The good news is that the best payroll software, CPAs, and payroll services calculate it for you.
“Once you establish a payroll policy and have it up and running, it’s rare for a small business to run into trouble with FICA taxes,” said Mike Slack, manager of The Tax Institute at H&R Block. “The only thing that changes yearly with FICA is the maximum wage limit for Social Security.”
How do self-employed people calculate FICA taxes?Those who are self-employed or independent contractors are required to pay both the employer and employee Social Security, Medicare, and Medicare surtax, which is known as the self-employed tax. For 2023, self-employed workers and independent contractors pay a total of 15.3% in FICA taxes.
The Medicare surtax applies to single filers earning more than $200,000 per year and married couples earning at least $250,000 who are filing jointly. Small business owners pay this tax at the end of the year when they file their income tax returns. The IRS allows self-employed workers to claim 50% of the self-employment taxes paid as a deduction on their federal income taxes for the year.
Individuals registered as a sole proprietorship, LLC or partnership are on the hook for the self-employment tax. If you report your business taxes on Schedule C when filing your personal tax returns, you have to pay the self-employment tax.
Key Takeaway
Self-employed people have federal income taxes too, but it’s called the self-employed tax. It covers Social Security, Medicare, and the Medicare surtax if it applies.
Are FICA withholdings mandatory?The Federal Insurance Contributions Act is the federal law that requires employers to withhold Social Security, Medicare and FUTA taxes from employees’ wages. It is mandatory and ultimately the employer’s responsibility. Small business owners who fail to collect, report, or remit payroll taxes to the IRS face penalties and interest on the money they owe.
Small business owners may also face penalties if they misclassify workers as independent contractors. Under FICA rules, you don’t have to pay taxes on independent contractors, but if the IRS finds that your “independent contractors” should be treated as full-time workers, you could be in trouble.
“The employer is the ultimate party responsible for FICA taxes,” Slack said. “Let’s say the corporation does not deposit those taxes over a certain period of time – the IRS can fine the owner.”
Everything You Need To Know About Quibi
Quibi is yet another video-streaming service founded by a titan of the entertainment industry. Jeffrey Katzenberg has some serious Hollywood clout as chairman of Disney during its animation renaissance and co-founder of DreamWorks Animation. While Katzenberg certainly has the credentials, how does Quibi hope to differentiate itself in an already over-crowded field? Read on to find out what Quibi is all about and whether or not you should subscribe.
What Does Quibi Even Mean?Quibi stands for “quick bites” and doubles as the ethos of the entire platform. Quibi is hoping to pioneer a new way of consuming television. All of the content on Quibi will take the form of short, episodic TV and movies divided into “chapters.” This means that viewers can watch an episode from start to finish in five to ten minutes.
The idea stems from the fact that most people have periodic downtime in their day. Whether that’s on their daily commute to work or while they’re putting together something for dinner, Quibi hopes to fill these gaps in our day with content. Because Quibi is designed to be watched in moments of spontaneity, Quibi is only available on mobile devices.
What Kind of Content Will Quibi Have?Quibi isn’t going to simply chop up existing TV shows into more manageable run times. Instead, Quibi is investing heavily into original content made specifically for this new format. With approximately $1.75 billion to play with, Quibi is courting big name stars and creative talent to develop their shows. With that sort of cash, Quibi is aiming to cover all of the bases.
Are cooking shows your thing? How about immersive prestige dramas? Are you a reality junkie? Do you love to laugh? What about being scared senseless? Quibi is aiming to scratch virtually every entertainment itch you can imagine.
Furthermore, Quibi will also feature non-scripted content such as documentaries and shows dedicated to news and popular culture. At launch, Quibi will be home to approximately 50 different shows, but expect that number to increase as time goes on.
One of the most interesting facets of Quibi is its unique approach to the way we hold our devices. Quibi employs “Turnstyle,” a sort of pan-and-scan technique that seamlessly makes the best use of your screen real estate, whether you’re holding it in landscape or portrait.
Criticisms of QuibiDespite being only a few days old, Quibi already has its critics. The biggest complaint about the new streaming service seems to be the fact that Quibi is available exclusively for mobile devices. Because of this, Quibi is not available on TVs in any way, shape or form. There is no Quibi app available for Android TV or other smart TV platforms. Additionally, there are no apps for the Amazon Fire Stick, Apple TV, Roku, game consoles or other streaming boxes. Furthermore, Quibi does not support Chromecast or AirPlay, so you can forget about casting your Quibi shows to your TV.
Quibi Pricing StructureUnlike other short-form video platforms like YouTube and TikTok, Quibi is a premium service. This means that there is no free option, so if you want to watch, you’re going to have to pony up those credit card details. That being said, Quibi is a bit cheaper than the competition. Quibi subscribers have a choice of two pricing tiers.
The base option is $4.99 per month; however, you’re going to have to sit through the occasional ad. Alternatively, you can opt for the premium tier which will run you $7.99 per month. These prices aren’t exactly cheap, and the folks at Quibi seem to recognize that. Because of this, Quibi is offering a 90-day free trial in the hopes of getting you hooked. But be quick – the 90-day free trial expires at the end of April.
How Do I Get Quibi?As we mentioned earlier, Quibi has been designed exclusively for mobile devices, and it doesn’t look like that will change any time soon. For better or worse, this means that everything Quibi has to offer is going to be delivered to you solely through the screen of your phone.
Subscribe to our newsletter!
Our latest tutorials delivered straight to your inbox
Sign up for all newsletters.
By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy. We will not share your data and you can unsubscribe at any time.
What You Need To Know About Automated Machine Learning? A Guide
A guide understand what is Automated Machine Learning, its processes, benefits, uses, and types
The technique of teaching computers to learn from data is known as machine learning. A subset of artificial intelligence (AI) encompasses it. Automated machine learning (AutoML), as its name implies, is a method of fully automating the process of using machine learning to solve issues in the real world. Algorithms are used in this process to automatically choose and improve machine learning models. It may be used to automatically choose algorithms, prepare data, and adjust hyperparameters. By minimizing the need for human interaction, AutoML may be utilized to speed up the machine-learning process. The optimal algorithms and hyperparameters are automatically chosen, which can increase the precision of machine learning models.
A branch of artificial intelligence called automated machine learning is concerned with developing algorithms that can automatically develop and improve machine learning models. It may be used to improve a wide range of machine-learning models, including clustering, classification, and regression, among others. These algorithms are capable of choosing the optimal machine learning algorithm automatically for a certain dataset and job and can also automatically adjust the hyperparameters of the selected algorithm.
Benefits of AML include:
Automated machine learning can quicken the machine learning process by eliminating the need for operator intervention.
Enhance machine learning models’ accuracy: Automated machine learning may enhance machine learning models’ accuracy by choosing the appropriate algorithms and hyperparameters on the fly.
Reduce the need for human input: By automating the whole machine learning application process to real-world issues, it also lowers the requirement for human input.
Enhance data quality: Automated machine learning may enhance data quality by pre-processing data and automatically choosing the optimum algorithms and hyperparameters.
Error reduction: By automating the selection and optimization of machine learning models, automated machine learning may minimize the risk of errors.
minimize the time needed to create a machine learning model: By automating the selection and optimization of machine learning models, technology can minimize the time needed to create a machine learning model.
Automated machine learning can be of three primary types:
Model pre-training is the process of pre-processed data being used to automatically choose and train a machine learning model. In addition to automatically optimizing the hyperparameters of the chosen method, model pre-training may be used to automatically choose the optimal machine learning algorithm for a specific dataset and job.
Model tuning is the practice of automatically altering a machine learning model’s parameter to improve performance. In addition to automatically optimizing the hyperparameters of the chosen algorithm, model tuning may be used to automatically choose the optimal machine learning method for a specific dataset and job.
Model generation: Using this method, a machine learning model may be built from scratch. The optimum machine learning method for a particular dataset and job may be picked automatically via model generation, and its hyperparameters can also be automatically optimized.
AutoML selects and applies a machine learning algorithm for a specific job. To do this, two ideas are combined; neural architecture search-based automated design of neural networks. It makes it easier for AutoML models to find novel architectures for issues that call for them. Transfer learning is the process through which pre-trained models apply their expertise to fresh data sets.
AutoML may modify current architectures to address new issues through transfer learning. Users with little experience with machine learning and deep learning may then interact with the models using a relatively easy scripting language like Python. Classification, regression, and prediction are just a few activities for which automated machine learning may be utilized.
Hisilicon: What You Need To Know About Huawei’S Chip Design Unit
What is an SoC? Here’s everything you need to know about smartphone chipsets
Just like major rivals Apple and Samsung, HUAWEI designs its own processors. Doing so gives the company more control over how hardware and software interact with each other, resulting in products that punch above their weight, specification wise. In that sense, HiSilicon has become an indispensable part of HUAWEI’s mobile success. The range of HiSilicon processors has expanded over the years, covering not just flagship products, but the mid-range too.
Here’s everything you’ll ever want to know about HiSilicon, HUAWEI’s chip designing company.
A quick history of HiSiliconHUAWEI is a veteran in the telecommunications business. The company was founded in 1987 by former People’s Liberation Army engineer Ren Zhengfei. This fact has weighed heavily on the US government’s attitude towards the company — historically and even more recently with 2023’s trade embargo controversy.
HUAWEI established its handset division in 2003 and shipped its first phone, the C300, in 2004. In 2009, the HUAWEI U8820, also known as the T-Mobile Pulse, was the company’s first Android phone. By 2012 HUAWEI launched its first 4G smartphone, the Ascend P1. Before smartphones, HUAWEI provided telecommunication networking equipment to customers around the world, which remains a core part of its business today.
In 2011, Richard Yu, current HUAWEI CEO, decided that HiSilicon should build in-house SoCs to differentiate its smartphones.
HiSilicon was founded in 2004 to design various integrated circuits and microprocessors for its range of consumer and industry electronics, including router chips and modems for its networking equipment. It wasn’t until Richard Yu became the head of HUAWEI in 2011 — a position he retains to this day — that the company started looking at SoC design for phones. The rationale was simple; custom chips allow HUAWEI to differentiate itself from other Chinese manufacturers. The first notable Kirin mobile chip was the K3 series in 2012, but HUAWEI continued to use chips from other silicon companies in most of its smartphones at the time. It wasn’t until 2014 that today’s Kirin brand of mobile chips appeared. The Kirin 910 powered the company’s HUAWEI P6 S, MediaPad, and Ascend P7.
The HiSilicon-Qualcomm rivalry
Some of the current chip tensions can be traced back to an old rivalry between HUAWEI and mobile processor giant Qualcomm.
HUAWEI used to be a major purchaser of Qualcomm’s Snapdragon processors and continued to use its chips in some of its more cost-effective HONOR smartphones in recent years (HUAWEI has now sold HONOR ). However, HUAWEI’s most popular recent smartphones are based solely on Kirin technology. As the company’s share of the smartphone market accelerated over the past five years, Qualcomm’s partners felt the squeeze.
Although Qualcomm’s Snapdragon still powers the majority of smartphone manufacturers, HUAWEI’s rise to the top three has produced a major rival. Speaking in a 2023 interview with The Information, a HiSilicon manager stated the company viewed Qualcomm as its “No. 1 competitor.”
However, the start of hostilities began well before HUAWEI’s mobile surge. It started shortly after HiSilicon announced its first mobile processors. Qualcomm began heavily redacting product information, despite HUAWEI still being a customer, concerned that the company may share information with HiSilicon. The company’s concerns perhaps weren’t unfounded, as HUAWEI employees noted that working on the Nexus 6P with Google taught them a lot about hardware and software optimization. Although nothing has ever been proven in court.
HUAWEI and Qualcomm are in closer competition than ever as they race for 5G and IoT related patents.
Outside of SoCs, the two giants have been battling it out for patents related to IoT and other connected technologies, particularly those involving 5G. Qualcomm has been the dominant holder of patents for the CDMA, 3G, and 4G industry standards, which, along with integrated modems in its chipsets, quickly thrust Snapdragon processors to the top of the Android ecosystem. This position is less secure with the rollout of 5G, as HUAWEI bulked up on patents for both consumer and industry 5G technologies, putting the two on another collision course.
Update the detailed information about What You Need To Know About The Acedeceiver Trojan That’s Affecting Some Ios Devices on the Katfastfood.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!