security

Thu
20
Feb
John Lister's picture

Google: OEM Mods Make Android OS Less Safe

Google says phone and tablet makers who alter Android's code to add security measures may actually be undermining security. It says device manufacturers should stick to Android's own measures. Jann Horn of Google's Project Zero security team ... specifically pointed to an alteration made by Samsung for the Galaxy A50 phone, which he says contained a bug that made the device vulnerable to attack. He says he discovered and reported the bug to Samsung in September 2018 but it wasn't patched until Samsung's security updates released this month. (Source: blogspot.com ) Ironically Horn believes the ... (view more)

Wed
19
Feb
John Lister's picture

More Than 500 Rogue Chrome Extensions Removed

Google has removed more than 500 rogue Chrome extensions that were scamming both computer users and advertisers. Some rogue extensions have been operating for more than a year. The rogue extensions were spotted by security researcher Jamila Kaya and ... Jacob Rickerd of Cisco. They used a Cisco security tool called CRXcavator that's specially designed to assess Chrome extensions. (Source: duo.com ) The pair worked on a project to try to spot common patterns of bogus extensions. They started by assessing "a few dozen" extensions they knew to be rogue and were able to use patterns to expose 70 ... (view more)

Mon
10
Feb
John Lister's picture

Banking Malware Relays Passwords to Cyber Criminals

Researchers have warned of a sneaky trick that uses malware to collect passwords for online banking. The "Metamorfo" malware disables autocomplete to force users to retype passwords that can then be hijacked. Metamorfo is familiar to security ... researchers, but has developed two new characteristics. The first is that it no longer targets only financial institutions in Brazil, but has expanded to other countries. The seconds is a new tactic to make it more effective. The malware works in a familiar fashion. It's distributed through a .ZIP file that's disguised as an invoice attached to ... (view more)

Thu
06
Feb
John Lister's picture

Report: Malware Attacks Fall Year-on-Year

A computer security company claims malware attacks are on the decrease. The difference appears to be that criminals are more closely targeting attacks, which could be good news for the average user. The figures come from Sonicwall, which offers ... firewalls and other cyber security solutions. The data is based on the attacks and attempted attacks it detected among customers covering 1.1 million sites in 215 countries. (Source: sonicwall.com ) Although the actual numbers it gives aren't necessarily meaningful, the year-on-year comparisons between its new report covering 2019 and the one it did ... (view more)

Tue
04
Feb
John Lister's picture

Android Users: 17 Rogue Apps to Delete

A security company has spotted 17 rogue Android apps that users should immediately delete. All 17 apps were approved by the Google Play store, where they managed to get past Google's security checks. Bitdefender, which published the list of apps, ... says the apps aren't malware as such. However, they use tactics associated with malware creators and could seriously inconvenience users. Bitdefender dubs this as 'riskware'. The List Of Shame The apps to immediately delete are: 4K Wallpaper (Background 4K Full HD) Backgrounds 4K HD Barcode Scanner Car Racing 2019 Clock LED Explorer File ... (view more)

Mon
27
Jan
John Lister's picture

Windows 7 'End Of Life' Lasts Just 13 Days

Microsoft has issued one extra fix for Windows 7 after it passed the deadline for security updates to the system. In an all-too-familiar move, the extra update fixed a problem caused by the final scheduled update. January 14, 2020 officially marked ... the end of Windows 7's Extended Support period . During the Extended Support period, Microsoft no longer added new features or offered free support, but did issue security patches, fixed major bugs and offered chargeable support for consumers. That's now over and the official position is that there will be no further updates of any kind for Windows ... (view more)

Thu
23
Jan
John Lister's picture

Experts: Windows Feature Can Be Used as Ransomware

Ransomware attackers could turn a key Windows security tool against the system, according to new research. The tactic could also evade leading security tools. The research from SafeBreach Labs covered "EFS", otherwise known as Encrypting File ... System. EFS was released as far back as Windows 2000 (in the year 2000), and is somewhat similar to Bitlocker. The main difference between the two is that Bitlocker can encrypt an entire volume, while EFS can encrypt individual files and folders. In either case, the reason for encrypting files / folders or an entire volume is that if an ... (view more)

Wed
15
Jan
John Lister's picture

Critical Windows 10 Bug Needs Immediate Fix

The National Security Agency (NSA) has told Microsoft about a major Windows 10 bug which also affects Windows Server 2016 and 2019. A patch is already available and is a must install. For the NSA to tell Microsoft about a Windows vulnerability and ... then discuss it publicly is relatively rare. In the past, the NSA has used such security flaws to take advantage of potential suspects, as part of its surveillance program. In this case, the bug was so serious the NSA seems to have concluded any benefits it could gain itself would be more than wiped out by the threat to the general public (and US ... (view more)

Thu
02
Jan
John Lister's picture

No More Security Updates: Win7 Support Ends Jan 14

Microsoft will officially ditch support for Windows 7 in just a couple of weeks, a decade after the system debuted. It means Microsoft may face a difficult choice over security issues. January 14 will mark the end of Extended Support for Windows 7 - ... the second period of a Windows edition's lifespan. Mainstream support, which is the period when Windows 7 received new features and Microsoft deals with tech queries free of charge, already ended in 2015. (Source: bt.com ) Extended Support is where Microsoft charges for help and where the only updates are to fix security problems and major ... (view more)

Tue
31
Dec
John Lister's picture

Wyze Camera, Customer Database Leaked

A "smart" security camera maker has suffered a significant data breach. No video footage was leaked, but email addresses and details of some home gadgets were exposed. Manufacture Wyze hasn't revealed full details of how the breach happened, but ... denied that the leak was due to using cloud computing in China. According to Wyze, the exposed data covered 2.4 million customers and included "customer emails along with camera nicknames, WiFi SSIDs, Wyze device information, body metrics for a small number of product beta testers, and limited tokens associated with Alexa integrations. ... (view more)

Pages

Subscribe to RSS - security