Tag Archive for: secure

Veeam’s New ‘Cyber Secure Program’ Teams Tech with Ransomware Response Experts — Virtualization Review

/in


News

Veeam’s New ‘Cyber Secure Program’ Teams Tech with Ransomware Response Experts

Along with purpose-built technology to combat ransomware, Veeam Software’s new Cyber Secure Program also offers up a team of experts to help organizations wield that tech to fight threat actors.

“When there is an attack, customers are connected with Veeam’s dedicated Ransomware Response Team and the program offers post-incident support to enable rapid recovery,” said the specialist in data protection and ransomware recovery.

The three-pronged approach of Veeam Cyber Secure includes the expert help for secure design and implementation along with ransomware recovery support backed up by a recovery warranty for help in all three phases of an attack: pre-incident, during incident and post-incident.

The teams of experts include a dedicated support account manager and “Ransomware SWAT Team” to help with immediate action in case of a cyber incident

The new offering comes in the wake of the company’s 2024 Data Protection Report that revealed ransomware is still plaguing IT as the No 1. cause of server outages.


Causes of Outages
[Click on image for larger view.] Causes of Outages (source: Veeam).

“Consider the past 12 months: 76 percent of organizations have been attacked at least once, with 26 percent reporting being attacked at least four times and only 13 percent believe they can recover successfully after an attack,” Veeam said. “It’s clear that organizations need a comprehensive cyber protection and support program, ultimately ensuring they are well-prepared when cyberattacks occur.”

A Jan. 31 news release further fleshed out the new program’s three key components.

  • Confident Security: Attentive and dedicated design and implementation assistance to ensure Veeam best practices in securely implementing Veeam solutions to the highest security standards. Customers receive advanced seven-phase onboarding support and rigorous quarterly security…

Source…

WhatsApp Ensures Secure Android Google Drive Backups

/in


WhatsApp, an immensely popular messaging application available on Android devices, has taken significant measures to enhance security and privacy for its users. As part of this initiative, WhatsApp has introduced end-to-end encryption for its Google Drive backups on Android, ensuring that users’ data remains protected and inaccessible to unauthorized individuals.

Enhanced Security Measures

With the implementation of end-to-end encryption for Google Drive backups, WhatsApp aims to provide its users with an additional layer of security. This encryption ensures that the content of the backups, including text messages, photos, and videos, is securely stored and can only be accessed by the authorized user. Even WhatsApp itself cannot decrypt the data, providing peace of mind to users concerned about their privacy.

Furthermore, this encryption applies to both the backup file stored on Google Drive and the transfer of data during the backup process, furthering the protection of users’ personal information.

Seamless user experience

WhatsApp has taken great care to ensure that implementing end-to-end encryption for Google Drive backups does not compromise the user experience. Backing up and restoring data remains a seamless process with minimal user interference, allowing users to continue enjoying the convenience and accessibility of their backups whilst knowing that their data is being protected.

The encryption does not inhibit users from efficiently navigating, searching, or accessing their backups, ensuring the preservation of their individual preferences and prior usage patterns.

Opting for Encryption

WhatsApp encourages all Android users to enable encryption for their Google Drive backups. By enabling this feature, users can enhance the security of their backups and fortify their privacy, making it significantly more difficult for unauthorized individuals to gain access to their personal data.

To activate encryption, users simply need to navigate to the settings within the WhatsApp application on their Android device and access the ‘Chats’ section. Here, they can select the ‘Chat backup’ option and proceed to toggle on the ‘Include videos’ and ‘Include voice…

Source…

Chrome Exploits Patched To Secure Your Browsing

/in


In a bid to fortify the security of its Chrome browser, Google has swiftly addressed seven vulnerabilities, with one particularly menacing zero-day exploit. This critical flaw, identified as CVE-2023-6345, centers around an integer overflow bug within Skia, an open-source 2D graphics library. Users can breathe a sigh of relief with the latest Chrome update, as critical security vulnerabilities have been addressed and Chrome exploits patched for enhanced online safety.

 

Google Chrome Security Updates

Discovered and reported by Benoît Sevens and Clément Lecigne from Google’s Threat Analysis Group on November 24, 2023, CVE-2023-6345 has gained notoriety for being actively exploited in the wild. An integer overflow vulnerability in Skia, this flaw poses a substantial risk to Chrome users.


The Silent Culprit: CVE-2023-2136 Resurfaces


Notably, this isn’t the first time an integer overflow in Skia has been exploited. In April 2023, Google tackled a similar issue (CVE-2023-2136) that had also fallen victim to zero-day exploitation. There’s a concerning possibility that CVE-2023-6345 may serve as a patch bypass for its predecessor.

CVE-2023-2136 allowed a remote attacker, who compromised the renderer process, to potentially execute a sandbox escape through a carefully crafted HTML page. The recurrence of this vulnerability emphasizes the evolving nature of cyber threats.


Chrome Exploits Patched

 

The latest Chrome security patches and updates mark Google’s proactive approach in addressing seven zero-day vulnerabilities since the beginning of the year. Each flaw is assigned a Common Vulnerability Scoring System (CVSS) score, highlighting its severity. 

The vulnerabilities include:

  • CVE-2023-2033 (CVSS score: 8.8) – Type confusion in V8
  • CVE-2023-2136 (CVSS score: 9.6) – Integer overflow in Skia
  • CVE-2023-3079 (CVSS score: 8.8) – Type confusion in V8
  • CVE-2023-4762 (CVSS score: 8.8) – Type confusion in V8
  • CVE-2023-4863 (CVSS score: 8.8) – Heap buffer overflow in WebP
  • CVE-2023-5217 (CVSS score: 8.8) – Heap buffer overflow in vp8 encoding in libvpx


Chrome Exploits Patched: Actions Required


To mitigate potential threats, users are strongly urged to upgrade to Chrome…

Source…

Google tests a ‘Private Space’ feature on Android phones, allowing secure hiding of apps

/in


Minute Mirror - Subscribe
Minute Mirror - Subscribe

For Android smartphones, Google is actively developing a feature called “Private Space” that will allow users to safely conceal apps. This feature, which is expected in a future Android OS update, allows users to hide files and apps from other users, similar to Samsung’s Secure Folder feature that has been around for six years.

This feature, found in the Security & Privacy settings, enables users to create a protected Android user profile using biometrics or a password/PIN. Mishaal Rahman found this development in the Android 14 QPR2 beta. This feature improves privacy when sharing the device by hiding not just the presence of the app but also its notifications.

To preserve the covert use of the “Private Space” feature, Google is thinking of implementing a search bar trigger to reveal these apps.
The possible inclusion of the feature in Android 15 may indicate that smartphone makers will use it more widely, giving more people access to Samsung’s Secure Folder-like features. Rahman points out that not all features were activated in the most recent beta because it’s still in development.

Source…