Google fails to spot adware-riddled Android apps in Play store
If you want to steer clear of malware on Android, just stick to Google Play. I am sure you have heard this line before. And it makes sense, if you think about it, as Google subjects apps to security checks prior to approving them. So, it makes sense to hand out that piece of advice whenever new Android malware is discovered in the wild. But what if the malicious bits are found in Google Play itself? A change of tune is in order.
Security firm Avast details how three popular, seemingly harmless Android apps -- but, riddled with adware -- have been tricking users into visiting unwanted sites, installing other apps, to fix different non-existent issues, like fake malware infections, porn-filled storage (though, I have to say, it is far from an unlikely scenario, in some cases) and so on.
New tool to identify website vulnerabilities
Many of the security breaches that have made the headlines over the past year have been due to some form of web vulnerability. It's no surprise that the web has become the main route for cyber attacks as highlighted by things like Shellshock.
But identifying these flaws manually can be a mammoth task. Which is why cloud security provider Qualys is announcing the latest version of its Web Application Scanning (WAS) tool.
Samsung launches advanced enterprise mobility solution
The increasing use of mobile devices for business has highlighted the need for solutions to manage devices and keep them secure.
Samsung has recognized the growing importance of this and has announced the release of the Good app container and management system on the Samsung KNOX enterprise security platform for Android.
UK companies pay more attention to cyber security
We reported a few weeks ago on research showing that cloud security was becoming a concern outside the IT department and having an impact on the boardroom.
Now a new study in the UK by Tom Neaves, Managing Consultant at security specialist Trustwave backs this up, showing that cyber security is increasingly becoming a corporate issue.
Relying on Windows 10 security is risky for business
Microsoft’s latest operating system, Windows 10, unveiled earlier this month, places a fresh emphasis on corporate security. But there are already industry rumblings that over-reliance on Microsoft’s new security features could be dangerous.
Windows 10 is designed to run across the types of devices common to most business users: PCs, laptops, tablets and smart phones. In order to safeguard users’ privileged data, the new OS uses a two-factor authentication system utilizing biometric ID in the form of a finger or thumb print. Users can enroll a single device, such as a smart phone, which will effectively become their mobile credential. It will enable them to sign-in into all of their PC’s, networks, and web services as long as their smart phone is nearby.
Surprise! Adobe Flash has a security flaw on Windows, Mac and Linux
Well, it's been a week since we've heard about a security vulnerability in Adobe Flash -- that's like a lifetime in terms of this program. While the application is slowly receding, it's far from dead and that means users have reason for worry. Of course, using Flash at all is a general concern -- it's a highly targeted platform for attackers.
Now Adobe is issuing it's latest warning, this one for "drive-by attacks". The flaw is technically known as CVE-2015-0313, though that moniker does little good for the end-user. What people really need to know is that the problem has been found to be used on the web.
How the cloud boosts business security
One of the most interesting aspects of the "Cloud Computing in 2015" infographic produced by QuoteColo is this: 94 percent of business managers state that security has improved after adopting cloud applications.
While reading this stat on an infographic is comforting, we want to explore the statistic more to discover why and how cloud applications have made businesses more secure. But before we can get into why cloud applications have made businesses more secure, we need to talk about the false illusion of porous cloud security.
IBM announces new cloud-based identity protection
Many of the things we do online require an ID and password, but typically whilst this makes things easier for the site it doesn't always do a lot to protect the user, who may be revealing more information than they need.
For example you may have to reveal your full date of birth and address to a video streaming service in order to verify your age and region, running a risk that the information may fall into the wrong hands.
Warning -- Microsoft's new iOS Outlook app is insecure
After buying Acompli late last year, Microsoft didn’t take long to rebrand the mobile email app as Outlook and launch Android and iOS versions. But it seems that in the rush to get the app out of the door, Microsoft failed to ensure that it was suitably secure.
In fact, IBM developer René Winkelmeyer suggests that enterprise users stop using the app immediately. He was shocked to discover a trio of security issues in the mobile version of Outlook. Perhaps the most worrying discovery is that users' personal credentials are stored in the cloud -- username and password included.
Control access to folders with Anvi Folder Locker Free
There are many ways to keep your PCs confidential files safe from snoopers. You could encrypt them individually. Store them in a password-protected archive. Maybe just bury them deep in some unexpected area of your file system.
Anvisoft’s Anvi Folder Locker Free aims to simplify the process by applying protection at the folder level. In just a few seconds it can hide a folder, add password protection, maybe just make it read-only – whatever suits your needs.
British army's 77th Brigade to wage psychological war on Facebook
The British army is creating a new battalion of online soldiers in the form of the 77th Brigade. Hundreds of recruits will make up the division and will engage in "non-lethal warfare" on Mark Zuckerberg's social network from April.
The 77th Brigade will engage in psyops (psychological operations) to try to influence the opinions of civilians in certain parts of the world, as well looking to change the behavior of those engaged in various forms of warfare. The activities of groups such as ISIS (Islamic State) have shown the importance of the internet in general, but social networks in particular, to spreading ideas, messages and propaganda, and this is what the army is looking to manage.
Doxing: what it is, and how to avoid it happening to you [infographic]
There are many potential dangers to using the internet, and most people are familiar with the idea of identity theft, unauthorized access to online accounts and the like. But there's another hazard which has come to prominence recently: doxing. The idea is not new, having its roots back in the 90s, but there have been numerous high profile cases of celebrities who have fallen victim to "document dropping".
This involves releasing personal information about someone to the internet -- information that could be embarrassing, personally revealing, or something that the victim would just rather keep to themselves. Interestingly, doxing is not necessarily illegal, but that doesn't mean that the ramifications are not far-reaching.
US firms don't want to hand over source code and provide backdoors to Chinese government
Technology firms in the US have written to the Chinese government asking for a postponement to the introduction of rules that would oblige companies to hand over source code as well as providing backdoors into hardware and security products sold to Chinese banks. A group of companies wrote to the Communist Party committee on cybersecurity to express disapproval at plans to underrcut the requirements later in the year.
China says that it is concerned solely with cybersecurity and wants foreign technology companies to submit to audits in addition to complying with the other demands. Outside China, the feeling is that the proposed regulations have been designed to either control outside business, or to scare companies out of the market, opening the way for Chinese firms.
Federal cyber security rules should learn from industry guidelines
A single DDoS attack could cost over $400,000
One of the major worries for online businesses is being subject to a DDoS attack. As well as damaging reputations these can have a serious effect on finances too.
According to a new study by Kaspersky Lab the average cost of a DDoS attack ranges between $52,000 and $444,000 dollars depending on the size of the business.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.
