Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Can iOS Activation Lock Be Bypassed?

December 7, 2016 by  
Filed under Around The Net

Comments Off on Can iOS Activation Lock Be Bypassed?

Two researchers report that they have discovered a way to bypass the activation lock feature in iOS that’s supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.

The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.

The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.

One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.

The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it. This is supposed to restore the state of the tablet from where it was left off, in this case, loading the WPA2 screen again with the long strings of characters filled in.

“After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock,” he said in a blog post.

Hemanth said he reported the issue to Apple on Nov. 4, and the company is investigating it. He tested the bypass on iOS 10.1, which was released on Oct. 24.

Last week, a researcher named Benjamin Kunz Mejri, from German outfit Vulnerability Lab, posted a video showing the same bypass, but on the newer iOS 10.1.1 version.

Kunz Mejri’s method is similar and also involves overflowing the Add Wi-Fi form fields with long strings of characters but also requires rotating the tablet’s screen in order to trigger the crash after the smart cover trick.

Apple has not yet confirmed that issue and did not immediately respond to a request for comment.

Source- http://www.thegurureview.net/mobile-category/researcher-prove-ios-activation-lock-can-be-bypassed.html

Microsoft Unveils ‘Send’ Mobile App

August 4, 2015 by  
Filed under Computing

Comments Off on Microsoft Unveils ‘Send’ Mobile App

Microsoft unveiled a mobile-minded alternative to email that’s focused primarily on short, quick messages.

Named Send, the new tool aims to deliver a simple experience much like that offered by text messaging or instant messaging software but without the need to know a co-worker’s mobile number or username. Instead, Send lets users quickly fire off a message to any co-worker using just their email address; no subject line, salutations or signatures are required.

“On my way,” might be one example, or “Are you in the office today?”

The app connects to Office 365 business and school email accounts to find frequent and recent contacts; users need only tap on one to start a conversation. A “Quick Reply” option allows for speedy responses.

That Office 365 connection, meanwhile, also means conversations are synced with Outlook, letting users continue them from anywhere. Messages sent using Send are treated internally like any other work email and comply with an organization’s email compliance policies, Microsoft said.

Send is now available free for iPhone through the Microsoft Garage in the U.S. and Canada. Versions for Windows Phone and Android are coming soon, as are additional IT controls. Currently the app works with Office 365 business and school email accounts, but Microsoft plans to make it more broadly available in the coming months, it said.

Source

Anthem Gets Hacked

February 17, 2015 by  
Filed under Computing

Comments Off on Anthem Gets Hacked

Health insurer Anthem Inc, which has nearly 40 million U.S. customers, has confirmed that hackers had breached one of its IT systems and stolen personal information relating to current and former consumers and employees.

The No. 2 health insurer in the United States said the breach did not appear to involve medical information or financial details such as credit card or bank account numbers.

The information accessed during the “very sophisticated attack” did include names, birthdays, social security numbers, street addresses, email addresses and employment information, including income data, the company said.

Anthem said that it immediately made every effort to close the security vulnerability and reported the attack to the FBI. Cybersecurity firm FireEye Inc FEYE. said it had been hired to help Anthem investigate the attack.

The company did not say how many customers and staff were affected, but the Wall Street Journal earlier reported it was suspected that records of tens of millions of people had been taken, which would likely make it the largest data breach involving a U.S. health insurer.

Anthem had 37.5 million medical members as of the end of December.

“This attack is another reminder of the persistent threats we face, and the need for Congress to take aggressive action to remove legal barriers for sharing cyber threat information,” U.S. Rep. Michael McCaul, a Republican from Texas and chairman of the Committee on Homeland Security, said in a statement late Wednesday.

Source

Adobe Data Found Online

November 18, 2013 by  
Filed under Around The Net

Comments Off on Adobe Data Found Online

A computer security firm has discovered data it says belongs to some 152 million Adobe Systems Inc user accounts, suggesting that a breach reported a month ago is much larger than Adobe has so far disclosed and is one of the largest on record.

LastPass, a password security firm, said that it has found email addresses, encrypted passwords and password hints stored in clear text from Adobe user accounts on an underground website frequented by cyber criminals.

Adobe said last week that attackers had stolen data on more than 38 million customer accounts, on top of the theft of information on nearly 3 million accounts that it disclosed nearly a month earlier.

The maker of Photoshop and Acrobat software confirmed that LastPass had found records stolen from its data center, but downplayed the significance of the security firm’s findings.

While the new findings from LastPass indicate that the Adobe breach is far bigger than previously known, company spokeswoman Heather Edell said it was not accurate to say 152 million customer accounts had been compromised because the database attacked was a backup system about to be decommissioned.

She said the records include some 25 million records containing invalid email addresses, 18 million with invalid passwords. She added that “a large percentage” of the accounts were fictitious, having been set up for one-time use so that their creators could get free software or other perks.

She also said that the company is continuing to work with law enforcement and outside investigators to determine the cost and scope of the breach, which resulted in the theft of customer data as well as source code to several software titles.

The company has notified some 38 million active Adobe ID users and is now contacting holders of inactive accounts, she said.

Paul Stephens, director of policy and advocacy for the non-profit Privacy Rights Clearinghouse, said information in an inactive database is often useful to criminals.

He said they might use it to engage in “phishing” scams or attempt to figure out passwords using the hints provided for some of the accounts in the database. In some cases, people whose data was exposed might not be aware of it because they have not accessed the out-of-date accounts, he said.

“Potentially it’s the website you’ve forgotten about that poses the greater risk,” he said. “What if somebody set up an account with Adobe ten years ago and forgot about it and they use the same password there that they use on other sites?”

Source

Websites ‘Leaking’ User Info To Other Firms

October 19, 2011 by  
Filed under Around The Net

Comments Off on Websites ‘Leaking’ User Info To Other Firms

Many top websites share their visitors’ names, usernames or other personal information with their partners without alerting users and, in some cases, without knowing they’re doing it, according to a new study from Stanford University.

Many websites “leak” usernames to third-party advertising networks by including usernames in URLs that the ad networks can see in referrer headers, said the study, released Tuesday by Stanford Law School’s Center for Internet and Society. While there’s a debate in legal circles whether usernames are personal information, there’s a growing consensus among computer scientists that Web-based companies can use usernames to identify their owners, said Jonathan Mayer, a Stanford graduate student who led the study.

“The vast majority of usernames are unique,” he said. “Given the prevalence of social networking, often times, once you have a username for a social network, you then also have a person’s real name, possibly a photo, possibly more.”

Other websites share first names, email addresses and other information with advertising or other partners, Mayer said at a privacy conference in Washington. Those identifiers “get associated not just with what you’re doing right now, but get associated with what you’ve done in the past, and what Web browsing activity you may have in the future,” he said.

Source….

Visa Offers New Payment Service

March 20, 2011 by  
Filed under Around The Net

Comments Off on Visa Offers New Payment Service

Visa announced Wednesday it is developing a new service that will allow U.S. customers to send money directly to one another, presenting new competition to PayPal.

Visa already lets people send money to Visa accounts in many other countries, but this will be the first time it will offer the service in the U.S.

People who use banks that participate in the new program will be able to send money directly to someone’s Visa account by entering the recipient’s Visa account number, e-mail address or mobile-phone number in an online payment form.

Visa said it has made deals with two payment companies, Fiserv and CashEdge, so that those companies can allow their customers to send money to Visa accounts. Banks offer Fiserv’s ZashPay and CashEdge’s Popmoney services to their customers for sending money to other people. The first banks are expected to make the Visa service available through CashEdge and Fiserv in the second half of the year, Visa said. It’s not clear whether Visa will offer the service on its own.  Read More…