Security News

Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions. These files are commonly distributed through third-party sites, allowing you to install apps outside of Google Play.

Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Based on the test results and whether it causes significant issues with the displaying of websites, Google will begin to gradually phase out third-party cookies for the rest of its users starting in the third quarter of 2024.

A password-less database containing an estimated 1.3 million sets of Dutch COVID-19 testing records was left exposed to the open internet, and it's not clear if anyone is taking responsibility.Among the information revealed in the publicly accessible and seemingly insecurely configured database were 118,441 coronavirus test certificates, 506,663 appointment records, 660,173 testing samples and "a small number" of internal files.

Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they've taken on their Android smartphones. The new feature "Introduces the ability to effortlessly access and edit your most recent photos and screenshots from your Android mobile device in Snipping Tool on your PC," the Windows Insider team said.

Microsoft says that tests of a controversial new Windows 11 feature that automatically opens the AI-powered Copilot assistant after Windows starts are limited to systems with 27-inch displays. For now, the option also requires enrolling in the company's Windows Insider program since the change is currently being tested in the Windows 11 Insider Preview Build 23615, released last Thursday in the Dev Channel.

Its data-driven approach, combined with expert insights, makes it a benchmark for understanding, testing, and improving web application security. Conducting threat modelling to understand the application's design, how data flows, and potential areas of weakness.

Signal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others. "Think of The Staging Environment as a parallel Signal universe: you'll need to install and run a new build, and register for a new account with a phone number," O'Leary said.

Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. Without DNR support, users must manually enter the info of encrypted DNS servers on their local area network within the network settings.

In this Help Net Security interview, Charles d'Hondt, Head of Operations, Ambionics Security, talks about the necessity of implementing continuous penetration testing because yearly ones are not enough. Many organizations have been accustomed to annual penetration tests.

Sponsored The cyber attack which culminated in the personal details of 1.5m patients being compromised after hackers broke into the databases of SingHealth in 2018 provides a stark illustration of why organizations in Singapore need to remain vigilant and well protected against further incidents. Fostering the knowledge and expertise to do precisely that is the intention behind the Exercise Cyber Star program.