Security

Fri
07
Feb
John Lister's picture

Google Play to Limit Permissions on Rogue Apps

Google is to take stronger actions against apps that turn out to be potentially harmful. It may revoke permissions where the app is already on a user's device. One of the most notable aspects of Google's management of Android apps is its particular ... balance of security and privacy. Although it will remove apps suspected or confirmed to be malicious from the Play Store, it doesn't usually do much if anything about devices which already have the app installed. The optional Google Play Protect can technically deactivate suspicious apps, but usually it's left to users to hear about the issue (for ... (view more)

Wed
05
Feb
John Lister's picture

Edge Browser Finally Combats Tech Support Scams

Microsoft's Edge browser now has a "scareware blocker" available for optional use. It attempts to recognize bogus claims that a computer has been compromised by malware. Scareware can come from a deliberate scam website, a compromised site, or a ... pop-up window running on a legitimate site that hijacks or takes advantage of advertising space. Whatever the source, the effect is normally the same: highly visible warnings of a supposed malware infestation, often in a full-screen window that's difficult to escape. Some versions even include an audio warning. The idea is to panic the user into ... (view more)

Fri
10
Jan
John Lister's picture

Users Warned Over Google Calendar Invites

Scammers are using bogus Google Calendar invites to distribute malicious links. Google has urged users to check a setting in their Calendar account. The campaign, spotted by security company Checkpoint, takes advantage of the way the Google Calendar ... lets users invite friends, family or other contacts to an event. An acceptance will add the event to the invitee's own Google Calendar and automatically update it with any changes of time, date or other details. Usually it's possible to invite somebody just by knowing their email address. The scam involves sending an email that's been manipulated ... (view more)

Mon
06
Jan
John Lister's picture

Travel Site Typo Reveals Security Loophole

Travel site Booking.com says one customer getting access to another customer's bookings was not a security breach. The problem appears to be a system that was set up without considering the possibility of human error. Website Arstechnica.com ... reported the case of a customer identified only as "Alfie," who received a confirmation email for a trip he knew nothing about. He was surprised to login to his account and find the details of the booking. (Source: arstechnica.com ) Typo Trouble After Alfie made multiple enquiries to Booking.com's support staff, he received no useful response. ... (view more)

Wed
18
Dec
John Lister's picture

'Corrupted' Files Could Bypass Antivirus, Infect PC

Hackers have found a sneaky way to bypass antivirus software by intentionally corrupting documents. As always, human vigilance remains a key weapon against such tactics. Putting malware into file attachments and persuading people to open them ... remains one of the key ways attackers operate. Often such tactics involve taking advantage of known security flaws in popular software or in operating systems. The current attack is somewhat more targeted: the documents contain a QR code in the hope that either the user (manually) or the device (automatically) will scan them and open the associated ... (view more)

Fri
06
Dec
John Lister's picture

Google Play to Warn of Poor Quality Apps

Google may soon warn users before they download a mediocre app. It's the first time the warnings will appear for matters of quality rather than security. The changes were spotted by Android Authority and are buried away in the code of the Play Store ... app. The code would make the app display one of three messages: This app is frequently uninstalled compared to similar apps on Play Play has limited user data about this app This app has few active users compared to others on Play Apps Not Blocked Based on the way the code is integrated, it doesn't appear this will be a high-profile warning such ... (view more)

Fri
29
Nov
John Lister's picture

Windows Security Patches Won't Need Reboot

Windows 11 users may soon be able to install updates without needing to reboot their computers. The "hotpatch" system will initially debut for business users. The idea of a Windows update without a reboot isn't new but has previously only been ... available for Windows Server and Datacenter versions, where even a brief period offline during a reboot can be problematic. (Source: techradar.com ) The new hotpatch system will initially be available for Enterprise users of Windows 11 (if already updated to the 24H2 version), covering both the outright purchase and 365 subscription models. Users will ... (view more)

Mon
21
Oct
John Lister's picture

Google Facing Breakup in US Court Case

The Department of Justice says it may ask a judge to forcibly break up Google's business over its alleged monopoly abuses. Google called it an overreach and says such a move could kill Android or Chrome. Google lost a court case in August for ... breaking antitrust laws in the way it built up and maintained a 90 percent market share in online searches. The DOJ must now put proposals before a court on how to remedy this breach. In a preliminary filing, the DOJ says it is considering the most serious option of "structural remedies". That could mean Google would no longer be able to maintain its ... (view more)

Fri
11
Oct
John Lister's picture

Facebook Fined for Password Failure

Facebook's parent company has been fined the equivalent of $100 million for storing user passwords in plain text. Failing to encrypt the passwords breached Europe's General Data Protection Regulation (GDPR). Meta, which runs Facebook and Instagram, ... broke the rules despite there being no evidence that anyone accessed the passwords without authorization or that anyone was then able to access accounts. Delay In Coming Clean The company was found to have breached the GDPR on four counts. Two involved failing to adequately secure personal data, one involved not properly documenting these failures ... (view more)

Wed
02
Oct
John Lister's picture

Necro Malware Infects 'Modified' Spotify, WhatsApp

"Modified" versions of popular apps have helped distribute a nasty piece of Android malware. The tactic expanded the reach of the Necro Trojan despite Google's security checks. Necro was able to survive for some time before discovery, largely ... because the infection wasn't obvious to users. Its main purpose was to hijack phones and use them to make money for the people behind the malware. This included displaying paid ads in the background so that users didn't see them, but the scammers were able to claim revenue from advertisers. The malware would also install apps on the phone to earn ... (view more)

Pages

Subscribe to RSS - Security