Apple iPhone app | Breaking Cybersecurity News | The Hacker News

Security researchers have illustrated a new app-in-the-middle attack that could allow a malicious app installed on your iOS device to steal sensitive information from other apps by exploiting certain implementations of Custom URL Scheme . By default on Apple's iOS operating system, every app runs inside a sandbox of its own, which prevent all apps installed on the same device from accessing each other's data. However, Apple offers some methods that facilitate sending and receiving very limited data between applications. One such mechanism is called URL Scheme, also known as Deep Linking, that allows developers to let users launch their apps through URLs, like facetime:// , whatsapp:// , fb-messenger:// . For example, when you click "Sign in with Facebook" within an e-commerce app, it directly launches the Facebook app installed on your device and automatically process the authentication. In the background, that e-commerce app actually triggers the URL Sch

China has long been known for its strict censorship which makes it difficult for foreign technology companies to do business in the world's most populous country of over 1.35 billion people. Now, the new law issued by the Chinese government will expand its strict Internet monitoring efforts into mobile apps, targeting operators including Apple. However, Google currently doesn't operate its app store in China. The Cyberspace Administration of China (CAC) has imposed new regulation on distributors of mobile apps that requires both app stores and app developers keep a close eye on users and maintain a record of their activities for at least 60 days . The Chinese internet regulator has introduced the new legislation with the intent to fight issues like terrorism, pornography, violence, money fraud and distribution of malicious contents. However, this new move by the Chinese government will tighten its control over the Internet, especially the mobile apps used for private encry

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms

An open source software group, Open Whisper Systems , has announced the release of Signal 2.0 — the second version of its free and open source messaging application for iPhone and iPad users. Signal  app is specifically designed to make secure and easy-to-use encrypted voice calling. But that's what the application was providing in its previous release introduced last July with  Signal 1.0 . Apple's iMessage also provides encrypted communication, but it was challenged by security researchers in 2013, revealing that  Apple controls the key infrastructure  and could, in turn, be compelled to change a key anytime they want, and read the content of your messages. But there was no way to send secure messages from an iPhone iMessage to an Android phone, or vice versa, unless you signed up for a monthly subscription plan and got the person you wanted to communicate with to sign up for it too. GAME CHANGER: SIGNAL 2.0 Signal 2.0 lets you send end-to-end encrypted messages to us