security

Tue
12
Nov
John Lister's picture

Google Play to Use Third Party Security to Scan Apps

Google is to use outside help to scan apps before they go into the Google Play store. It says the move is needed to cope with the continuing increase in the number of rogue Android apps. Just two weeks ago, 21 Android apps were reported to be rogue ... ; in early September, 24 apps were found to be rogue . The new "App Defense Alliance" involves Google working with three security companies, namely: ESET, Lookout and Zimperium. They all specialize in mobile security with a particular emphasis not just on spotting individual rogue apps, but on figuring out common characteristics and clues ... (view more)

Thu
31
Oct
John Lister's picture

Google Stops Indexing Adobe Flash Content

Google has taken yet another step to try to kill off Adobe Flash. The move will dramatically reduce the visibility of Flash content in its search results. Adobe Flash was once innovative and the primary way for delivering animated and interactive ... content online, including online-based browser games and even advertisements. Even so, many web designers seemed more interested in showing off their creativity with Flash rather than making a usable and useful site. Adobe Flash Security Bugs Severe As far back as 2010, Apple made the decision to ditch Flash entirely from its devices - a move that ... (view more)

Tue
29
Oct
John Lister's picture

21 Rogue Android Apps Need Removing

Security researchers have exposed more than 20 rogue Android apps that secretly load ads as part of a scam. The rogue apps perform their advertised tasks for cyber criminals, but also drain batteries and overheat phones in the process. It's another ... embarrassment for Google as all the apps were found in the official Google Play Store, which is designed to vet apps to reduce the chances of malicious activity. Remove These Rogue Android Apps Now Researchers at ESET antivirus say they found 42 apps have been part of an orchestrated campaign running since July last year. They were able to ... (view more)

Thu
24
Oct
John Lister's picture

Facebook Faces $35B in Facial Recognition Lawsuit

Facebook is set to face a $35 billion class action lawsuit over claims it used facial recognition tools without permission. The case will proceed despite Facebook's protest that no one suffered direct financial losses. The case is taking place in ... Illinois, where three individual lawsuits from 2015 were combined into a single class action case. It's based on Facebook using automated recognition on uploaded photographs. The way it works is like this: let's say that Bob uploads a photograph to Facebook, which also includes his friend Alice. After the upload is complete, Facebook scans the ... (view more)

Wed
23
Oct
John Lister's picture

Microsoft Unveils New 'Secured-core' PC Protection

Microsoft is working with PC makers to tackle malware that strikes before Windows is loaded into memory. It's adapting a technology currently used for the Xbox games console. The "Secured-core" initiative is designed to overcome a big limitation ... with most Windows security tools: they only work once Windows is already running. That doesn't tackle malware that targets the computer's firmware. This is software, usually called BIOS or UEFI, than runs immediately when a PC is switched on. Its main role is to check all the hardware is in place and connected, then load up the operating system such ... (view more)

Thu
17
Oct
John Lister's picture

New Windows Defender: Tamper Protection, Plus More

Microsoft is adding an extra layer of security to Windows 10: it's blocking malware from tampering with Windows Defender. That's a security tool that's available commercially to businesses but is also built in to Windows 10 without extra cost. ... Tamper Protection tackles a rather cheeky tactic used by some malware creators, namely having the malware access Windows Defender and switch off key features. The idea is to reduce the likelihood of malware being detected in action. The feature has been in testing since April, 2019 and is now ready for a public rollout. Naturally Microsoft is keeping ... (view more)

Thu
10
Oct
John Lister's picture

New Malware Infects Legit Downloads On the Fly

A new piece of malware can intercept Internet traffic to spot people downloading legitimate installation files and replace them with "infected" copies. Security company Kaspersky went as far as calling it "impressive" from a technical, if not moral ... standpoint. Kaspersky has dubbed the malware "Reductor," after a term that appears in some of the code. It discovered the malware in April, 2019, so the fact it's only just going public suggests it took some serious analysis. (Source: securelist.com ) The malware's operation is exceedingly complicated, but one a machine is infected with ... (view more)

Wed
09
Oct
John Lister's picture

Twitter Accused of Data Violation in Ad 'Mix Up'

Twitter has apologized for using customer security contact details for advertising purposes. Its underwhelming announcing has gone down badly with privacy groups and could have legal consequences. The blunder involved Twitter's advertising services, ... specifically tools called "Tailored Audiences" and "Partner Audiences." It works like this: advertisers upload their own marketing lists of email addresses and phone numbers to Twitter, along with an ad. Twitter then compares the marketing list to its own database of customers. It then shows the ad only to people who appear on ... (view more)

Wed
02
Oct
John Lister's picture

Major VOIP Security Flaws Discovered in Android

Researchers say they discovered eight security flaws in the way Android handles voice calls through the Internet. Unlike most such bugs which involve specific apps, these problems were with Android itself. The good news is that the researchers ... reported all of the bugs to Google while carrying out the project and most have now been fixed. However, it does raise concerns about the development and design of the system itself. (Source: github.io ) The researchers looked at the three latest Android versions (7, 8 and 9), specifically addressing the components that allow Voice Over Internet ... (view more)

Mon
16
Sep
John Lister's picture

Password Manager Bug Exposes Last Used Password

Password manager LastPass has suffered an embarrassing security glitch that reveals a user's last used password, though some security experts argue that pulling off the exploit would have been difficult at best. The purpose of LastPass is to solve ... the problem of people having too many passwords to remember, but not wanting to reuse passwords across multiple sites. Once somebody signs up to LastPass, they create a single master password which is completely secret. Even LastPass itself doesn't store this password, so if a user forgets it, they are out of luck. The master password then stores ... (view more)

Pages

Subscribe to RSS - security