Security News > 2023 > July

Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China.

Every website owner or webmaster grapples with the issue of spam on their website forms. CleanTalk Anti-Spam is a cloud-based tool designed to block various types of spam that website administrators encounter daily.

A mysterious squid-like cosmic cloud, this nebula is very faint, but also very large in planet Earth's sky. Discovered in 2011 by French astro-imager Nicolas Outters, the Squid Nebula's bipolar shape is distinguished here by the telltale blue-green emission from doubly ionized oxygen atoms.

CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month's Android security updates. With this month's security updates for the Android operating system, Google patched two more security flaws tagged as being exploited in attacks.

The Council's inaugural Cloud Data Management Benchmark Report, based on responses from more than 250 data professionals in more than 30 countries across the globe, found that less than half of the companies it polled trust cloud security and reliability enough to store their more crucial data there. The EDM Council benchmark study found that among the companies polled, cloud data management is still in the early stages, with respondents characterizing the status of their data management for cloud-deployed data in "Developmental" or "Defined" stages and few at the "Achieved" or "Enhanced" stages of maturity.

This cheat sheet covers the basics of Microsoft Edge, including how to set up the browser and optimize and use key features. This cheat sheet covers the basics of Microsoft Edge, including how to set up the browser and then optimize and use its key features.

Once the malicious software is installed, it redirects incoming calls to a call center under the control of the criminals. To facilitate the routing of voice traffic, "Letscall" utilizes cutting-edge technologies such as voice over IP and WebRTC. It also makes use of Session Traversal Utilities for NAT and Traversal Using Relays around NAT protocols, including Google STUN servers, to ensure high-quality phone or video calls and bypass NAT and firewall restrictions.

Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the server using specially crafted media files. Mastodon has about 8.8 million users spread across 13,000 separate servers hosted by volunteers to support distinct yet inter-connected communities.

Email and network security firm Barracuda is working to fix an ongoing issue that triggers invalid login errors and prevents Email Gateway Defense users from signing into their accounts. "We are investigating login problems seen by users and have identified the problem. We are working on fixing the issue with a tentative timeline for the fix to be released on or before July 14th," Barracuda says.

As vulnerabilities continue to rise and security evolves, it is becoming increasingly apparent that conventional vulnerability management programs are inadequate for managing the expanding attack surface. As a result, many security teams are scrambling to adopt modern vulnerability management programs that are capable of identifying and thwarting contemporary vulnerability-based threats.