Tag Archive for: Check

Indian Govt Reveals ‘High-Risk’ Vulnerabilities Affecting Android Users: Check Details

/in


If you are using an Android device, it’s crucial to be aware that the Indian government’s Computer Emergency Response Team has issued a warning regarding ‘high’ security risk vulnerabilities in Android. The team emphasises that these exploits have the potential to allow attackers to gain sensitive information and execute arbitrary code on your phone.

Which Android Versions Are Affected?

These vulnerabilities are found in Android versions 11, 12, 13, and 14. This implies that even if you have the latest Android version, you are not exempt from these risks.

CERT-In highlights that multiple vulnerabilities exist within the framework, system, arm components, and MediaTek components, Unisoc components, Qualcomm components, and Qualcomm close-sourced components.

How To Protect Yourself?

To safeguard your device, you will need to have Android “Security patch levels of 2024-02-05 or later to address all of these issues.” So, when the OEM of your device releases the said update, simply download the latest available update.

Considering the ‘high’ severity rating, it’s advisable to focus on additional security-enhancing features. Enable two-factor authentication, use a robust passcode, and maintain good digital hygiene practices.

These Are The Vulnerabilities Affecting the Aforementioned Android versions

CVE-2023-32841, CVE-2023-32842, CVE-2023-32843, CVE-2023-33046, CVE-2023-33049, CVE-2023-33057, CVE-2023-33058, CVE-2023-33060, CVE-2023-33072, CVE-2023-33076, CVE-2023-40093, CVE-2023-40122, CVE-2023-43513, CVE-2023-43516, CVE-2023-43518, CVE-2023-43519, CVE-2023-43520, CVE-2023-43522, CVE-2023-43523,CVE-2023-43533, CVE-2023-43534, CVE-2023-43536, CVE-2023-49667, CVE-2023-49668, CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-0014, CVE-2024-0029, CVE-2024-0030, CVE-2024-0031, CVE-2024-0032, CVE-2024-0033, CVE-2024-0034, CVE-2024-0035, CVE-2024-0036, CVE-2024-0037, CVE-2024-0038, CVE-2024-0040, CVE-2024-0041, CVE-2024-20003, CVE-2024-20006, CVE-2024-20007, CVE-2024-20009, CVE-2024-20010, CVE-2024-20011.

top videos

  • Samsung Will Bring Its AI Features To These Old Galaxy

  • Will AI Take Jobs? Microsoft CEO Satya Nadella Explains

  • Meta To Start Labelling AI-Generated Images on Its…

    • Source…

    Messaging, News Apps Stuffed With Data Stealing Malware Listed On Google Play Store; Check List Here

    /in


    VajraSpy Malware: Instances of malicious apps appearing on Google Play Store have been on the rise in recent times. Continuing this series, ESET researchers identified 12 Android apps with malicious code, six of which were listed on the Play Store. Most of these apps were messaging apps with one being from the news category. The apps execute VajraSpy, a remote access trojan (RAT) code of the Patchwork APT group on the affected device.

    Depending on the permissions granted to these apps, they can steal call logs, contacts, messages and files from an affected device. Plus, it can extract messages from WhatsApp and Signal, record calls, click photos using the camera, intercept notifications and search files on the compromised handset. Among the most affected regions with this campaign were Pakistan and India. According to ESET Research, the apps on Play Store absorbed over 1,400 installs.

    Also Read: Clean Malware From Android And Windows Devices With These Govt-Approved Free Tools

    The cybersecurity firm managed to geolocate 148 devices compromised with the VajraSpy due to its weak security protocol. The blog of WeLiveSecurity stated that these bad actors used a “honey-trap romance scam” to lure victims to install the malware. Here is the list of apps that were available on the Play Store:

     Privee Talk

     MeetMe

     Let’s Chat

     Quick Chat

     Rafaqat (News)

     Chit Chat

    The above-stated apps have now been removed from Google Play Store. (Image:Unsplash)

    While the apps have been removed from the Play Store, here are the other apps that were available in the wild

    YohooTalk

     TikTalk

     Hello Chat

     Nidus

     GlowChat

     Wave Chat

    Also Read: Operation Triangulation To Xamalicious To Chameleon Trojan, Latest Threats Targeting iOS, Android Users; How To Be Safe

    ESET researcher Lukas Stefanko noted that the impact of VajraSpy due to third-party app markets remains unknown due to the lack of download figures. As a precautionary measure, users must not download chat apps from links received from unknown people and monitor the permissions of apps on their devices.

    Google shared a statement to BleepingComputer: “We take security and privacy claims against apps seriously, and if we…

    Source…

    Anti Ransomware Market Challenges 2023: Size, Share, and Forecasts | Sophos, Check Point, Cybereason

    /in


    Step into the world of boundless opportunities in the global Anti Ransomware market with INFINITY BUSINESS INSIGHTS as your trusted partner. Our report goes beyond mere information; it’s your gateway to unlocking unparalleled potential. Dive deep into the market’s intricacies, exploring End User insights, Types, Applications, Major Players, and more. With our global forecast spanning from 2023 to 2030, you’ll gain the power to anticipate trends and seize the future. Be the industry leader, armed with the knowledge to outperform the competition. Join us in this exciting adventure, where data shapes destiny, and innovation leads to success. The global Anti Ransomware market beckons, and we hold the key to unlock its untapped potential.

    Market Expansion Forecast:
    Foresee a robust Compound Annual Growth Rate (CAGR) of 17.6% in the Anti Ransomware market from 2023 to 2030.

    Click to get Anti Ransomware Market Research Sample PDF Copy Here @
    https://www.infinitybusinessinsights.com/request_sample.php?id=1691835&MODE=hpp

    The Key Players in this Market are:
    Sophos, Check Point, Cybereason, Faronics, Bitdefender, Malwarebytes, Kaspersky, Mimecast, Seqrite, Trend Micro, Clonix, McAfee, Acronis, Qihoo 360

    The Anti Ransomware Market encompasses software solutions and services designed to detect, prevent, and mitigate ransomware attacks. Ransomware is a type of malware that encrypts a victim’s data and demands a ransom for its decryption. Anti-ransomware tools help organizations protect their data and systems by identifying and blocking ransomware threats, providing backup and recovery options, and strengthening cybersecurity measures. This market serves businesses and individuals across various sectors who aim to safeguard their digital assets and sensitive information from ransomware attacks, which continue to pose a significant cybersecurity threat. As ransomware attacks evolve, the Anti Ransomware Market continues to evolve with innovative security solutions.

    Secure Your Insights: Purchase the Full Report Now:
    https://www.infinitybusinessinsights.com/checkout?id=1691835&price=&MODE=hpp

    Global Anti Ransomware: Scope of the Report:
    Our comprehensive market analysis delves into the Global Anti…

    Source…

    Got an internet-enabled chastity device? Check your online security now.

    /in


    If you’re into chastity play, you might own an internet-enabled chastity device designed to share your kink with your partner. And you also might want to change your password.

    TechCrunch reports that several flaws in an unnamed smart sex toy manufacturer’s servers have exposed over 10,000 of its users’ personal data, including information which can be used to identify them. This includes email addresses, plaintext passwords, home addresses, IP addresses, PayPal logs, and even GPS coordinates.

    Unfortunately, there’s no quick and easy way of knowing whether you’ve been impacted. The company has not been publicly identified in order to protect its customers, as the vulnerability has not yet been fixed.

    SEE ALSO:

    What to look for when buying a sex toy

    However, TechCrunch has confirmed that the company makes chastity devices for penises, which can be controlled by a partner using an Android app and an internet connection. Said partner can also track the person wearing the device via GPS. 

    Chastity devices, such as harnesses, cages, and straps, form part of chastity play, a kink which involves one partner using a device to prevent themselves from becoming fully aroused. The idea is that once the person is freed from the device, they’ll be able to unleash their full desire.

    If you own an internet-enabled chastity device, it might be time for an internet security checkup — and perhaps some consideration to the idea of deleting any unused accounts. Even if you do change your sex toy’s password, your new one could be just as exposed if the server flaw isn’t addressed.

    And if you indulge in the cardinal security sin of reusing passwords, you should definitely change any that share the same one as your chastity device.

    SEE ALSO:

    What are password managers and how to pick the right one

    According to the publisher, the vulnerability was first detected by an anonymous security researcher, who told TechCrunch they reached out to notify the sex toy company on July 17. Then, when they did not receive any response, the researcher reportedly vandalised the company’s website to leave a warning to users on Aug. 23.

    “[COMPANY] has left the site wide open, allowing any script kiddie to grab any and…

    Source…