Security

Wed
15
May
John Lister's picture

2.28 Million Rogue Apps Blocked By Google

Google says it blocked 2.28 million potentially malicious apps from getting into the official Play store last year. It stopped or paused a further 200,000 which didn't correctly use the permissions system. The figure for malicious app blocks is up ... almost half compared with 2022. Google didn't say conclusively whether that means more scammers are trying their luck or if it simply did a better job of detecting them. However, it did note the 2023 figure was "in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review ... (view more)

Fri
03
May
John Lister's picture

Windows Fix Breaks Some VPNs

Last month's Windows 10 and 11 updates included a bug that has broken VPN functions for some users. Microsoft is working on a fix but hasn't give a timescale. VPN stands for virtual private network. It's an approach to security and privacy that uses ... a secure connection between the user and the Internet. It's sometimes likened to a traffic tunnel: although the traffic still flows normally without disruption, it's not visible to anyone outside the tunnel. Using a VPN can disguise a user's IP address (which identifies their connection point to the Internet) and makes it much harder for anyone to ... (view more)

Wed
24
Apr
John Lister's picture

Microsoft Issues Mega-Security Patch

Microsoft has released one of the biggest Patch Tuesday updates ever. It includes 149 security fixes, including two "zero day bugs". Some reports suggest this is the most fixes in any monthly Microsoft update while others suggest it is "merely" the ... biggest in the past seven years. Either way, this is not a month for anyone who chooses to install Windows security fixes manually to hang about. Three of the fixes are for bugs Microsoft classes as "critical", meaning attackers could exploit them without requiring any action by the user. Almost all the rest are "important," meaning the attacker ... (view more)

Mon
22
Apr
John Lister's picture

'Find My Device' Works Even if Phone is Off

Google has launched a "find my phone" feature that can work even after the battery has run out. It's part of a major upgrade delayed by a dispute with Apple, though privacy remains a hot topic. The big upgrade is to the "Find My Device" network of ... what Google says is more than a billion Android devices including phones, watches and earbuds. It aims to overcome the problems that it's not necessarily viable (or desirable) for all portable devices to constantly be connected to cellular networks or WiFi, broadcasting their location ready to be tracked by their owner. Instead the idea is that each ... (view more)

Thu
28
Mar
John Lister's picture

Chrome Improves Real-Time Protection

Google says Chrome will now warn users about risky sites using real-time information. The improvements won't compromise user privacy. Chrome already offers a feature called Safe Browsing. The default option, "standard protection," kicks in when ... users are about to visit a site, download a file or install an extension. The feature compares the target URL (website address) against a database of known and suspected security risks and warns the user of a match. The optional "enhanced protection" option will also actively check the target site for any signs that it may be compromised, threaten ... (view more)

Mon
18
Mar
John Lister's picture

Security Experts Call for Ransomware Payment Ban

A former cyber security chief says governments should ban organizations from paying money to ransomware gangs. Ciaran Martin likened such payment to bans on paying terrorist kidnappers. The call has had a mixed response, with critics calling it an ... unfair constraint on business freedoms. Martin was the first head of the United Kingdom's National Cyber Security Centre. That's an organization overseen by the country's intelligence services that advises businesses and the public on cyber security threats. Ransomware has become a business worth an estimated $20 billion a year to criminals who gain ... (view more)

Wed
13
Mar
John Lister's picture

Windows Bug Exploited For Six Months

A Windows bug patched last month had been exploited for six months by hackers linked to North Korea. Microsoft reportedly knew about it and the delay in fixing it may have been down to internal bureaucracy. Security company Avast found the bug last ... August and reported it to Microsoft. At the time it was already a zero-day bug , meaning there was evidence hackers not only knew about the bug but where taking advantage of it. That meant Microsoft had "zero days" head start in coming up with a fix and rolling it out before hackers exploited it. Microsoft released a fix in the February "Patch ... (view more)

Fri
01
Mar
John Lister's picture

Android Malware Targets Banking Apps

The latest malware targeting banking users may have infected up to 200,000 Android devices. The criminals behind Anatsa have deliberately exploited what's meant to be a useful feature that makes users' lives easier. The attacks have some familiar ... features such as distributing the malware through free tools that perform some basic functions and finding ways around the Android permission system. What makes it a particularly nasty campaign is that it takes advantage of the Android Accessibility system. Security researchers at ThreatFabric spotted the malware in five apps with similar names: ... (view more)

Mon
26
Feb
John Lister's picture

TikTok Accused of Fueling Addiction

TikTok is under formal investigation for allegedly deliberately making its service addictive. It's the first test of how laws banning such behavior will operate. The Chinese-owned video company is controversial on both sides of the Atlantic. In the ... US, many federal and state agencies ban employees from using TikTok over security concerns, with Montana even attempting to ban it from the state altogether. (Source: guardian.com ) Now the European Commission says it has enough evidence from a preliminary investigation to move to formal proceedings against the company. It involves several alleged ... (view more)

Fri
23
Feb
John Lister's picture

Patch Tuesday a Must Install This Month

Microsoft has fixed two bugs which bypassed Windows security measures. Both were actively exploited before the fix, making it vital to install the updates. The fixes come in this month's "Patch Tuesday" update, the main monthly security update that ... Microsoft officially calls the "B update". It should download and install without further action for anyone with automatic updates switched on, but may need a reboot to complete. Both bugs affect most supported versions of Windows, including 10, 11 and Windows Server. Microsoft rates the two bugs as "important" and "moderate" respectively, though ... (view more)

Pages

Subscribe to RSS - Security