Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label data risks. Show all posts

Android's March 2022 Security Updates Patch 39 Vulnerabilities

 

This week Google has announced the release of security patches for 39 vulnerabilities for the March 2022 security update for Android devices. The most sensitive vulnerability is CVE-2021-39708 which gives a remotely exploitable elevation of privilege to malicious actors. This issue was found in the System component. 

“The most severe of these issues is a critical security vulnerability in the System component that could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation,” Google notes in its advisory. 

The first set of measures arrives on devices as the 2022-03-01 security patch level and addresses CVE-2021-39708 with 17 other bugs. 

According to the data, 10 security issues have been resolved in the System component in which nine issues were elevation of privilege and one was information disclosure vulnerability. Also, six vulnerabilities were resolved in Framework in which four were elevation of privilege and two denials of service bugs. Further, one security measure was patched in Android runtime (elevation of privilege) and the last was in Media Framework (information disclosure). 

Additionally, On Google Pixel devices, the March 2022 Android security measures also have resolved 21 flaws as part of the 2022-03-05 security patch level. Later addresses all of these vulnerabilities along with 41 other security flaws that hit Kernel components (13 flaws), Pixel (26), Qualcomm components (1), and Qualcomm closed-source components (1). 

The March 2022 security measures with patch level 2022-03-05 are released for the Pixel 3a series, Pixel 4 series, Pixel 4a series, Pixel 5, Pixel 5a, however, the Pixel 6 series update is delayed (again). Additionally, the Pixel-specific new measures introduced additional vulnerabilities in the Pixel software, kernel, and both open and closed-source Qualcomm components, the details of which have been given below. 

Global: Pixel 3a: SP2A.220305.012 Pixel 3a (XL): SP2A.220305.012 Pixel 4: SP2A.220305.012 Pixel 4 (XL): SP2A.220305.012 Pixel 4a: SP2A.220305.012 Pixel 4a (5G): SP2A.220305.012 Pixel 5: SP2A.220305.012 Pixel 5a (5G): SP2A.220305.012 Pixel 6: Waiting Pixel 6 Pro: delayed.

Cybersecurity Awareness Month Report Includes Cybersecurity Trends, Attitudes, and Behaviors

 



Cybersecurity experts are rigorously working to devise solutions for the ever-expanding attack tactics that cybercriminals come up with, there is ample research conducted in the sphere of cybersecurity as cyber police actively monitor and counter the increasingly sophisticated cybercrime. There are a number of applications and software that could be installed yet the crime rate has continued to quadruple which is indicative of the security loopholes. 

The National Cybersecurity Alliance and CybSafe published a report in which the firm polled 2,000 individuals across the U.S. and UK; the report’s key findings include cybersecurity trends, attitudes, and behaviors ahead of Cybersecurity Awareness Month this month. 

Lisa Plaggemier, Interim Executive Director, National Cybersecurity Alliance said that “The cybersecurity threat landscape is as complex and diverse as it has ever been. The daily headlines of data breaches and ransomware attacks is a testament to the problem getting worse, yet most people aren’t aware of the simple steps they can take to be a part of the solution. It’s critical to have a deeper understanding of both the challenges we face and the prevailing attitudes and behaviors among the public.” 

“Cybersecurity is about more than just tools, it’s about people,” said Oz Alashe, CEO at CybSafe. “Too often people are forgotten in cybersecurity conversations.” 

According to the research results, millennials (44%) and Gen Z (51%) have experienced more cyberattacks than baby boomers (21%). Meanwhile, 25% of millennials and 24% of Gen Zers have disclosed that their private data has been breached more often in comparison to baby boomers. Subsequently, 79% of baby boomers disclosed that they had never been a victim of cybercrime.

As per a survey, executing commonly known tech security measures such as strong passwords, multi-factor authentication (MFA), and others are the best way to protect the system. 

The corresponding responses of the public are as mentioned below: 

Password rules: 46% of respondents said that they go with different passwords for every online account, 20% said that they never or rarely do so. While 43% said that they create a long and unique password either “always” or “very often.” 

Software update installation lagging: 31% of respondents said they either sometimes, rarely, or never install software updates. Whereas, 48% of respondents said that they don’t know what MFA is. 

“Despite the myth that older individuals are more likely to be susceptible to cybercriminals and their tactics, our research has uncovered that younger generations are far more likely to recognise that they have been a victim of cybercrime,” said Plaggemier. 

“This is a stark reminder for the technology industry that we cannot take cybersecurity awareness for granted among any demographic and need to focus on the nuances of each different group. And, clearly, we need to rethink perceptions that younger individuals are more tech-savvy and engage more frequently in cybersecurity best practices than older technology users.” 

The report further substantiated that 34% of individuals have personally been a victim of a data breach. Of these individuals, 51% reported that they experienced data breaches more than once. While 19% of respondents said that they have been a victim of identity theft. Out of those who were a victim of cybercrime, 61% told that they did not report the incident.