Search This Blog

Powered by Blogger.

Blog Archive

Labels

About Me

Showing posts with label Security Update. Show all posts

Android Latest Security Feature Protects Users from Cyber Scams

 

Google is developing a new security feature for Android that prevents users from updating sensitive settings while a phone call is in process. The in-call anti-scammer measures include prohibiting users from enabling settings to install apps from unidentified sources and providing accessibility access. The development was initially reported by Android Authority. 

Users who attempt to do so during phone calls receive the following message: "Scammers frequently request this type of action during phone calls, thus it is blocked to protect you. If you are being directed to take this activity by someone you do not know, it could be a scam.” 

Furthermore, it prevents users from granting an app access to accessibility services during a phone call. The feature is now active in Android 16 Beta 2, which was released earlier this week. With this latest update, the goal is to increase friction to a technique that malicious actors frequently utilise to propagate malware. 

These tactics, known as telephone-oriented attack delivery (TOAD), entail sending SMS messages to potential targets and encouraging them to contact a number by creating a false feeling of urgency.

Last year, NCC Group and Finland's National Cyber Security Centre (NCSC-FI) revealed that fraudsters were distributing dropper programs via SMS messages and phone calls to deceive users into installing malware like Vultr. 

The development comes after Google increased restricted settings to cover more permission categories, preventing sideloaded applications from accessing sensitive data. To combat fraud, it has also enabled the automated blocking of potentially unsafe app sideloading in markets such as Brazil, Hong Kong, India, Kenya, Nigeria, the Philippines, Singapore, South Africa, Thailand, and Vietnam. 

Sideloading the safe way 

By following certain guidelines and best practices, you can sideload apps in a safer manner. To reduce the risks of sideloading, you can take the following actions. 

Verify the source: Only download apps from reliable and trustworthy sources. Avoid downloading applications from random websites, torrents, or file-sharing services. 

Check app authenticity: Ensure that the sideloading app is the original, unaltered version from the developer. Verify the app's digital signature if possible. 

Enable unknown sources selectively: On Android, you must allow "Unknown Sources." This enables you to sideload apps. This should be switched off when not in use. 

Employ a reputable APK repository: Aptoide and APKMirror are two trustworthy third-party app stores to use when sideloading Android apps. These programs select apps and examine them for malware. 

Use mobile security software: To safeguard your smartphone from possible dangers, use a trustworthy mobile security application. Malicious sideloaded apps can also be detected by many security applications.

Apple's Latest iPhone Update: Bad News for Millions of Google Users

 

If the latest reports are correct, Apple consumers have just over a fortnight to wait until the launch of iOS 18.1 and the belated arrival of Apple Intelligence, the flagship feature in the latest iOS release. Until then the most significant update is still RCS, the even more belated upgrade of stock SMS on iPhones. 

As security experts commented before, Apple’s RCS upgrade has a lot of security flaws—no end-to-end encryption is the key one, with its lack being a major step back, but there’s also patchy carrier adoption, no full iMessage integration, and no end in sight for those dreaded green bubbles.

But Google campaigned hard for years, cajoling Apple into making this move as its own Android Messages app lost ever more ground to WhatsApp and other over-the-tops, while Apple seemingly brushed away any concerns, with its critical US user base continuing to iMessage between themselves. 

And, while Google has teased Apple over their flawed RCS implementation, it has also made it clear how welcome this is. But there was always the chance that Google and its consumers would not see the equal playing field they desired, and that risk appears to be coming true. 

Android Authority recently claimed that "iPhone users are not as into RCS as their Android buddies would have liked." There are some clear barriers to better adoption, particularly carrier support. But the underlying issue is much simpler: WhatsApp. This long-awaited partial integration of iMessage and Google Messages has been so delayed that WhatsApp has effectively locked down every significant market outside of the United States (and China). 

With Apple's iMessage security being one of its main selling points, security and privacy have grown so central to the iPhone and its user base that an update that abandons all of that appears counter-intuitive in every sense. The fact that even Google is unable to view user content due to its extensive usage of end-to-end encryption throughout its own platform—which is akin to Apple's—makes this situation worse. However, all of that disappears when using cross-platform RCS texting.,

A SQL Injection bug Hits the Django web Framework

 

A serious vulnerability has been addressed in the most recent versions of the open-source Django web framework. 

Updates decrease the risk of SQL Injection

Developers are advised to update or patch their Django instances as soon after the Django team issues versions Django 4.0.6 and Django 3.2.14 that fix a high-severity SQL injection vulnerability. 

Malicious actors may exploit the vulnerability, CVE-2022-34265, by passing particular inputs to the Trunc and Extract methods.

The issue, which can be leveraged if untrusted data was used as a kind/lookup name value, is said to be present in the Trunc() and Extract() database functions, according to the researchers. It is feasible to lessen the danger of being exploited by implementing input sanitization for these functions.

Bugfixes 

Django's main branch and the 4.1, 4.0, and 3.2 release branches have all received patches to fix the problem. 

"This security update eliminates the problem, but we've found enhancements to the Database API methods for date extract and truncate that should be added to Django 4.1 before its official release. Django 4.1 releases candidate 1 or newer third-party database backends will be affected by this until they can be updated to the new API. We apologize for the trouble," Django team stated.

VMware Patched SSRF& Arbitrary File Read Flaws in vCenter Server

 

VMware has published security upgrades for the vCenter Server after addressing arbitrary file read and server-side request forgery (SSRF) vulnerabilities in the vSphere Web Client (FLEX/Flash).

A VMWare security alert was released on November 23 and the US Cybersecurity and Infrastructure Security Agency (CISA) also encouraged enterprises to use vulnerable instances of the server management platform to deploy required upgrades. 

In terms of severity, both flaws were labelled as 'important.' The most serious, with a CVSS rating of 7.5, is the arbitrary file read flaw (CVE-2021-21980), which if exploited might allow a nefarious attacker to get access to sensitive data. The SSRF vulnerability (CVE-2021-22049) was discovered in the vSAN Web Client (vSAN UI) plugin, with a CVSS of 6.5. An attacker might take advantage of this vulnerability by gaining access to an internal service or making a URL request from outside of the vCenter Server. 

VMware has released security updates for vCenter Server versions 6.5 and 6.7 that address both vulnerabilities. The issues do not impact the 7.x release line, which cannot utilise vSphere Web Client (FLEX/Flash).Cloud Foundation's 3.x release line is still waiting for patches for both problems, whereas 4.x is untouched. 

VMware acknowledged Orz lab's 'ch0wn' for disclosing the arbitrary file read issue and the QI-ANXIN Group's'magiczero for reporting the SSRF. As per Statista, three of the top five server virtualization systems with the largest market share are VMware platforms, with vSphere leading the pack and vCenter Server ranking fifth. 

VMware's dominance in the server virtualization market, along with many organisations' latency to implement upgrades, has made its systems great targets for skilled attackers. The Daily Swig revealed in September that another significant arbitrary file upload flaw in the vCenter Server was being exploited. 

In June, it was revealed that thousands of vCenter Server instances remained unpatched for three weeks after a pair of serious issues in the vSphere Client (HTML5) were discovered.