Get a free copy of powerful DVD ripping and video conversion software [Deals]

DVD players are going the way of the Walkman, leaving many of us with vast libraries of obsolete discs. Of course the movies and TV shows themselves aren’t obsolete — just their shiny plastic medium — but with hard drive space getting more and more vast it makes less and less sense to let a […]

(via Cult of Mac – Tech and culture through an Apple lens)


Прочетете повече

These comprehensive coding lessons are priced to move [Deals]

This doorbuster of a deal will give you a wide range of essential coding knowledge that can pay for itself by pumping up your resume. With 8 Courses and over 74 hours of training, you can gain the major coding languages and skills that you’ve been waiting to learn. This body of knowledge normally runs […]

(via Cult of Mac – Tech and culture through an Apple lens)


Прочетете повече

Top tools and tips for mastering the modern design landscape [Deals]

The way we use technology to communicate is transforming, and design is changing right along with it. Being caught up with the tools and techniques of web, visual and interactive design is key to being effective in the field of technology, which makes these deals especially exciting and useful. Macaw Code-Savvy Web Design Tool – […]

(via Cult of Mac – Tech and culture through an Apple lens)


Прочетете повече

Pay what you want to become a master of the world of WordPress [Deals]

So you want to be a blogger. One way or another you’re going to have to reckon with the big cheese in blogging, WordPress. To get your arms around the subject, we’ve gathered a bundle of a dozen courses that cover the ins and outs of using the dominant platform in the blog-o-sphere, and the […]

(via Cult of Mac – Tech and culture through an Apple lens)


Прочетете повече

Ending Soon: Pay what you want for these 10 productivity-enhancing apps [Deals]

Want to give your Mac a +10 level-up without your wallet taking a hit? Then we’ve got the deal for you. With these 10 apps, your computer will be capable of a whole new level of productivity, from running Windows applications to optimizing your calendar, building websites to instantly converting media files. And right now […]

Прочетете повече

Ending soon: A lifetime of masterclasses in web development for 96% Off [Deals]

Learning is a life-long task, so why not give yourself a lifetime to learn? OSTraining’s top notch developer courses on web design usually go for $2,000, but right now you can get a lifetime subscription for just $79. The more than 2,500 videos are taught by top experts on topics like WordPress, Drupal, Joomla, SEO, […]

Прочетете повече

Hot deals ending soon: Here’s your last chance to save big on web developer training and lots more [Deals]

; It’s always a good time for a great deal, and we’ve got some good ones ending soon. Get in on dramatically dropped prices on top products like Dragon Dictate, REMXD bluetooth headphones, and lots more before they drop off the…Read more ›

Прочетете повече

New iOS Mail Bug Allows iCloud-Like Popups to Steal User Passwords [iOS Blog]

A new bug facing the iOS Mail app was found recently by security specialist Jan Soucek (via The Register). The malicious bug is capable of delivering false iCloud log-in prompts by allowing remote HTML content to be loaded through an email message delivered to the intended victim. The bug then delivers a convincing iCloud log-in box for users to re-enter their Apple ID and password. Soucek says that Apple did not respond to his discovery of the bug when he stumbled across it back in January.

„Back in January 2015 I stumbled upon a bug in iOS’s mail client, resulting in HTML tag in e-mail messages not being ignored. This bug allows remote HTML content to be loaded, replacing the content of the original e-mail message. JavaScript is disabled in this UIWebView, but it is still possible to build a functional password „collector“ using simple HTML and CSS.“

The bug isn’t relegated to only iCloud phishing attacks, however, letting anyone with access to it customize the attack to ask for whichever username and password credentials they feel the need for. Soucek kept the details of the bug only between himself and Apple, letting the company have time to possibly fix the attack and inform him of its progress. Given the company’s remaining quietness on the subject, he decided to publish the proof of concept – called the Mail.app inject kit – on GitHub in hopes of spreading its awareness.

„It was filed under Radar #19479280 back in January, but the fix was not delivered in any of the iOS updates following 8.1.2. Therefore I decided to publish the proof of concept code here.“

While Soucek’s actions bring the malicious bug to more people’s attentions and can help stop it in due time, it also means there’s a wider chance for phishers to deploy it on their own. Until Apple comments on the story and offers a fix for the bug, it’ll be safest to take precaution when any password prompt emerges while browsing email in iOS.





Прочетете повече