Security

Mon
17
Apr
John Lister's picture

Severe Android Voicemail Bug Hijacks Phones Remotely

Google has warned users of some Android handsets to turn off some voice call features. A series of vulnerabilities could mean attackers can compromise a handset just by knowing its phone number. The problem involves four vulnerabilities in a ... Samsung-made component called an Exynos chipset. It's used for voice calls made over mobile data rather than the voice network. At the time of writing, Google says the affected products include phones made by Samsung (A04, A12, A13, A21s, A33, A53, A71, M12, M13, M33, S22), Google itself (Pixel 6 and 7) and Vivo (S6, S15, S16, X30, X60, X70) along with ... (view more)

Thu
30
Mar
John Lister's picture

Email Malware Returns With New Tricks

A notorious botnet that spreads malware through fake emails is back in action. Emotet has returned with some new tactics to try to bypass security checks. Emotet had already gained a reputation for being (comparatively) successful at fooling humans ... and computers alike. Its most notable characteristic was that it not only used messages that appeared to come from a trusted contact, but that it addressed the recipient by name and even appeared to be a reply to a previous genuine message. Most commonly, Emotet sends malware through Microsoft Word documents with macros. These are now disabled by ... (view more)

Fri
03
Mar
John Lister's picture

Samsung Tackles 'Zero-Click' Malware

Samsung's flagship phone is getting special protection against a particularly nasty form of mobile malware. It combats zero-click attacks, which can steal data or compromise a handset without needing any action by the user. The hacking technique ... hasn't been widely seen in real-world attacks on Android phones, though Samsung claims it has worked on Apple devices. Samsung clearly believes it's just a matter of time before attackers find a vulnerability that would make such an attack almost irresistible. The company explains that a zero-click attack would exploit such a vulnerability by sending ... (view more)

Tue
14
Feb
John Lister's picture

FBI Hits Ransomware Gang

The FBI says it disrupted a major ransomware network that had already taken around $100 million in payments. It says its work to infiltrate the Hive group saved a potential $130 million in future demands. The group is said to have compromised ... networks run by hospitals and schools among other organizations. The $100 million compares with an estimated annual total of $886 million payments in the US across all ransomware attacks. (Source: nbcnews.com ) Scammers Pay Royalties Hive is one of the more notorious "ransomware-as-a-service" groups. Its business model means individual attackers will use ... (view more)

Fri
10
Feb
John Lister's picture

Android To Block Older Apps

The next version of Android may make it much harder to install and run apps from third party sources. The change will mainly affect older apps that haven't been updated in some time. Unlike with Apple's iPhones, Android handsets aren't restricted to ... apps from the official App Store. Users may either use other app stores (other than the Google Play Store), or download and manually install apps from the web in a process known as "sideloading." Doing this doesn't require any "hacking" of the device, though users do have to change the phone's settings and confirm they understand the ... (view more)

Wed
01
Feb
John Lister's picture

Social Media Moderation Elicits Free Speech Probe

The Supreme Court has asked the government for advice over two cases involving social media. The court is reviewing challenges to laws that could effectively ban moderation on sites. The state laws in Florida and Texas both limit the ability of ... social media companies to moderate some content, though they would work in different ways. The Florida law covers online platforms with more than 100 million users. It says companies must publish their moderation rules and apply them consistently to all users. It also says companies cannot ban any user who is an active political candidate for a future ... (view more)

Mon
23
Jan
John Lister's picture

Report: Most Smart Devices Patched 2 Years, Max

Some "smart" home products could become unsupported in just two years according to a consumer group. That could mean premium features stop working and may even create security risks. The details come from "Which?," a British organization very ... similar to Consumer Reports in the US. It explored a big potential problem with smart tech: that the support for such features is often guaranteed for much less time than the expected useful lifespan of the product itself. The group researched smart features, meaning devices were linked to the Internet or a local network and allowing extra ... (view more)

Mon
09
Jan
John Lister's picture

US Politicians Told to Delete TikTok

TikTok has been banned from all US federal government devices over security fears. The ban even extends to phones issued to members of the House of Representatives. The government ban was introduced in the "omnibus" spending bill recently passed by ... Congress. It gives federal employees two months to delete the app, along with any others issued by developers ByteDance, from government-issued handsets. Although the bill did not cover politicians, the House of Representatives chief administrative Catherine Szpindor has written to the house's members and staff to say the rules will now apply to ... (view more)

Thu
05
Jan
John Lister's picture

Millions Will Lose Chrome Updates

Google's Chrome browser will soon be unsafe to use on Windows 7, 8 or 8.1. Google is about to finally ditch support for the systems, meaning no more updates. Version 109 of Chrome, scheduled for a full public release on January 10th, 2022, will be ... the last available for those editions. Starting with version 110, expected in February, new versions will only be available for Windows 10 and later. (Source: google.com ) Windows 7, 8 and 8.1 users can still run Chrome 109 (or earlier versions) but the browser will become increasingly outdated with no new features or performance fixes. More ... (view more)

Thu
22
Dec
John Lister's picture

Windows 8.1 End of Life: No More Security Fixes

Windows 8.1 will no longer receive security updates from next month. It is said to effect millions of users. Microsoft has reminded users that January 10th, 2020 is the "end of support" date for the system. That means it will continue to work, but ... users will no longer get any updates or fixes, whether for security or performance bugs. The deadline also means an end to technical support from Microsoft of any kind. (Source: microsoft.com ) The system has already past the mainstream support deadline in 2018. That's when Microsoft stopped adding any new features. No Pay-To-Secure Option Unlike ... (view more)

Pages

Subscribe to RSS - Security