iOS 7 | Breaking Cybersecurity News | The Hacker News

Italian Researcher Michele Spagnuolo recently revealed a serious vulnerability in the popular Mailbox iPhone app . Mailbox is a tidy iOS the email app recently purchased by Dropbox , has a pretty wide-open hole that could allow bad actors to hijack your device. The flaw occurs in the latest version of Mailbox (1.6.2) currently available from the App Store, that  executes any Javascript which is present in the body of HTML emails. With exploitation of this vulnerability, users could be subject to account hijacking, spam and phishing attacks by simply opening an HTML email containing embedded javascript. You can see a video demonstration below: The good news is that the problem is probably not as bad as it looks, because iOS is tightly sandboxed, its security features are built with this functionality in mind and normally do not allow any potentially harmful operation to take place without the user's permission. Mailbox's statement on this issue, &quo

Last week Apple releases the iPhone 5S  with Touch ID , a fingerprint-scanning feature, promoted by the company as " Your fingerprint is one of the best passwords in the world ". Just after the launch of iOS7 , Hackers around the world come up with a series of security issues and privacy concerns. One of the most embarrassing hack released yesterday, when a group of German Hackers fooled the iPhone 's biometric fingerprint security by just using a high resolution photo of someone's fingerprint. Now, We all are aware about many secret surveillance projects of NSA like PRISM , where U.S. government is collecting data from these Internet companies including - Apple. Apple claimed that, iPhone will never upload fingerprints to their server, but can we believe them anymore ? It is already proven that, During Surveillance operations and for Backup purpose, Smartphone applications can upload anything from your device to their online servers without any

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Just two days back Apple has yet fixed a security flaw in iOS 7 that allows anyone to bypass the lock screen to access users' personal data and the next one has already appeared. The new vulnerability was discovered by Karam Daoud, a 27 year old from the West Bank city of Ramallah in Palestine, that allows anyone to make calls from a locked iPhone , including international calls and calls to premium numbers. In a video, Daoud showed that calls can be made to any number from a locked iPhone running iOS 7 by using a vulnerability in the device's emergency calling function. The person needs to dial a number and then rapidly tap the call button until an empty screen with an Apple logo appears and makes the call to the particular number. The Forbes writer tested the flaw on two iPhone 5 devices on separate networks and it worked both times. This is the second malfunction found in the lock screen since iOS 7 was seeded to all iPhone owners this past Wednesday.

Like most iOS lock screen vulnerabilities, the passcode lock screen on iOS 7 also suffers from a bug that allows anyone with direct access to the iPhone or iPad. Although Apple claims to have fixed 80 security vulnerabilities with iOS 7, including the ability to bypass the lock screen in iOS 6.1.3, the same person who found the previous vulnerability has found yet another in iOS 7. Discovered by ' Jose Rodriquez ', an iPhone user reported a security flaw in iOS that lets anyone bypass the lockscreen passcode and access sensitive information stored in photos, Twitter, email and more. The flaw resides on users who lock their devices with a traditional PIN code or password. The security flaw is demonstrated in the video below and it works as follows: Swipe up from the bottom of the Lock screen to open Control Center and Launch the Clock app. Open the Alarm Clock section of the Clock app and Hold down the power button. Quickly tap Cancel the immediately doubl

It's been over a day now since Apple 's online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. " We apologize that maintenance is taking longer than expected. If your program membership was set to expire during this period, it has been extended and your app will remain on the App Store. If you have any other concerns about your account, please contact us. Thank you for your patience. " message said. Since that time, developers have been unable to access the site and cannot visit the forums or download Mac or iOS SDKs, the iOS 7 beta, or the Mavericks beta. It was first seemed like Apple having some backend issues but according to tweets from many developers, they have received a message from Apple that an attempt was made to reset their user ID's password . Such notices pointing that Apple's Developer Center website may have been compromised. But if it is a sec