Google Archives - Page 8 of 12 - Cyber Security Minute

Bugs in Signal, other video chat apps allowed attackers to listen in on users

Issued by: Help Net Security

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed. Searching for bugs in video chat apps In early…

Vulnerabilities

Holiday gifts getting smarter, but creepier when it comes to privacy and security

Issued by: Help Net Security

A Hamilton Beach Smart Coffee Maker that could eavesdrop, an Amazon Halo fitness tracker that measures the tone of your voice, and a robot-building kit that puts your kid’s privacy at risk are among the 37 creepiest holiday gifts of 2020 according to Mozilla. Researchers reviewed 136 popular connected gifts available for purchase in the…

Vulnerabilities

Google patches actively exploited zero-day bug that affects Chrome users

Issued by: Blog Malwarebytes

Google has recently released Chrome version 86.0.4240.111 to patch several holes. One is for a zero-day flaw – that means a vulnerability that is being actively exploited in the wild. The flaw, which is officially designated as CVE-2020-15999, occurs in the way FreeType handles PNG images embedded in fonts using the Load_SBit_Png function. FreeType is…

Mobile Security

Apple and Google Team Up on Virus ‘Contact Tracing’ by Smartphone

Issued by: Security Week

The move brings together the largest mobile operating systems in an effort to use smartphone location technology to track and potentially contain the global COVID-19 outbreak. The move would allow apps to be created enabling smartphones powered by Apple software and Google-backed Android operating system to exchange information with a joint “opt in system” using…

Network Security

5 considerations for building a zero trust IT environment

Issued by: Help Net Security

Zero trust isn’t a product or service, and it’s certainly not just a buzzword. Rather, it’s a particular approach to cybersecurity. It means exactly what it says – not “verify, then trust” but “never trust and always verify.” Essentially, zero trust is about protecting data by limiting access to it. An organization will not automatically…

Vulnerabilities

Google fixes another Chrome zero-day exploited in the wild

Issued by: Help Net Security

For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have been shared about the attacks and about the flaw itself, apart from the short description that says it’s a type confusion flaw in V8, the JavaScript…

Network Security

High-risk Google account owners can now use their iPhone as a security key

Issued by: Help Net Security

Google users who opt for the Advanced Protection Program (APP) to secure their accounts are now able to use their iPhone as a security key. About Google’s Advanced Protection Program Google introduced the Advanced Protection Program in late 2017, to help high-risk users – journalists, human rights activists, IT admins, executives, etc. keep their Google…

Application Security

All apps on Google Play are safe: Fact or fiction?

Issued by: Kaspersky Blog

We always recommend downloading Android apps from official stores and nowhere else. But that doesn’t mean there are no viruses in the Google Play. It is true, however, that you’ll find fewer of them in the official store than on third-party sites, and they get removed on a regular basis. How Google monitors the security…

Application Security

High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps

Issued by: Help Net Security

Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ yearly report, Vulnerabilities and Threats in Mobile Applications 2019, found that critical vulnerabilities are slightly more common in Android applications, compared to their iOS counterparts (43% vs. 38%)….