Security

Mon
14
Aug
John Lister's picture

Google Admits Play Store Security Loophole

Google says malware creators are using a simple workaround to bypass security on the official Play Store for Android apps. The problem is that the simplest fix would undermine one of the key differences between Android and closed systems such as ... Apple. In theory, all apps in the Play Store are vetted for security, including malware checks. That's one of the reasons Google recommends only using the Play Store, while still giving users the choice to get and install Android software from other sources. The problem is that scammers are using an extremely simply workaround called "versioning". ... (view more)

Thu
10
Aug
John Lister's picture

Keyboard Sounds May Reveal Secrets

Researchers say they can accurately figure out what somebody is typing from the sound of their keyboard. The "technique" has some significant practical flaws but is a useful reminder of good password practice. The researchers looked into a theory ... that seems to get tested every few years: that different keys make different sounds. That's partly because they are differing distances from the device recording the audio and partly because the gaps between pressing different letters may vary depending on the typing style. The main difference with this latest test was using deep learning, which aims ... (view more)

Thu
03
Aug
John Lister's picture

Google: 0-Day Bugs Down, But Risk Still High

The number of 0-day bugs, which give hackers a dangerous advantage, fell in 2022 according to Google. However, the company warns this may risk misleading complacency that forgets other factors. The figures come from Google's Threat Analysis Group, ... which aims to track, identify and report security bugs, regardless of the software or hardware concerned. The logic is that the better Internet security is overall, the better it is for an Internet-dependent business such as Google. For the past nine years, it's put together an annual tally of 0-day bugs. While definitions vary, Google classes them ... (view more)

Tue
25
Jul
John Lister's picture

Google to Block Internet for Some Employees

Google will stop some of its employees accessing the Internet. It's a bold experiment to see if it can reduce security threats without affecting performance. The idea is reduce the risk of hackers getting access to employee machines, either to get ... hold of data on those machines or to use them as an entry point into Google's network. Perhaps unsurprisingly, Google's internal data is particularly attractive to attackers, whether they are seeking financial gain, political or commercial advantage, or plain old mischief making. For example, attackers being able to find out how Google ranks ... (view more)

Mon
17
Jul
John Lister's picture

Google VPN Gets Key Tweak

Google is to give users of its VPN service more control over the location they want their traffic to appear to come from, rather than just selecting a country. It should overcome a problem with localized webpage information. A virtual private ... network (VPN) is designed to overcome problems with an inherent aspect of the Internet: that both Internet data and its origin are readily accessible by default. One analogy likens it to vehicles passing through a giant glass tube. Even when the data itself is encrypted, the origin and destination can still be discovered. In the analogy, a VPN is like ... (view more)

Wed
05
Jul
John Lister's picture

'LetMeSpy' Spouse Spying App Hacked

An app for spying on a partner or employee has been hacked. It means victims of the spying could face further data security threats. LetMeSpy is what the makers call a "parental control" and "employee control" and what critics call "stalkerware" or ... "spouseware". Once installed on a phone, it lets the person who installed it remotely access text messages, call logs and precise location. (Source: techcrunch.com ) The marketing is somewhat inconsistent with what the company says its intended use is for, suggesting people might put it on their own phone so that they can find the phone when lost, ... (view more)

Wed
07
Jun
John Lister's picture

60,000 Android Apps Were Malware

More than 60,000 Android apps contained a nasty piece of malware designed to steal banking information. The scam doesn't target the official Google Play store, but rather third-party sources. The rogue apps fall into two main categories. Some are ... designed to closely resemble real, popular apps. Others are promoted as "modded" versions of genuine apps that are supposedly identical but with an alteration that supposedly removes ads or a requirement to pay a subscription. In reality, the scammers have taken the genuine apps, copied them, and made one modification. Unfortunately that modification ... (view more)

Fri
19
May
John Lister's picture

One in Three Used Drives Not Secure

A data recovery firm says it found 3.1 million "deleted" files on a second-hand hard drive. It also found 35 percent of drives had readily-restorable files. The experiment by Secure Data Recovery comes with an obvious warning. It's a company that ... helps people recover deleted or corrupted files from their own drives, so it has an interest in highlighting that such recovery is possible. That said, in this experiment conducted for Tech Radar, the company only tackled those drives where recovering data proved a straightforward task. (Source: techradar.com ) This involved buying 100 hard drives, ... (view more)

Fri
05
May
John Lister's picture

'Juice Jacking' Warnings May Be Overblown

An FBI branch has warned people not to use free USB charging points as they could spread malware. The agency says it's safer to use a charger plug and power outlet. However, the FCC notes that while such attacks are technically possible, there's no ... evidence of it actually happening. The FBI Denver Officer posted on Twitter: "Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead." The ... (view more)

Thu
20
Apr
John Lister's picture

Quantum Computing to Boost Security using Random Numbers

Quantum computers could produce genuinely random numbers according to new research. It could boost security, an ironic effect given fears over the ways cyber criminals could use quantum computing. In extremely simplified terms, a quantum computer ... uses quantum physics in which something can exist in more than one state at a time. That's in contrast to traditional computing where data is stored in bits that represent either a 0 or a 1 at any given time. To date, the main claimed advantage of quantum computing has been processing speed. The same "bit" representing multiple states removes a ... (view more)

Pages

Subscribe to RSS - Security