Tag Archive for: Stunning

Sorry iPhone Users — WhatsApp’s Stunning New Update Is Not For You


So, this is nasty new surprise for millions of iPhone users. It seems that WhatsApp has fixed the most alarming security issue plaguing its 2 billion users. But not for you—this absolutely critical new fix is Android only. Your serious problem is not going away.

The issue is the account hijacks that continue to plague users worldwide. The fact this has not yet been addressed is stunning, given the scale of the issue and the publicity it has generated. But finally, it seems there is some relief. At least for Android users.

Some of these account hijacks are stupidly simple—tricking users into WhatsApp’s forwarding six-digit SMS verification codes that are then used by attackers to transfer your WhatsApp to their own phones. They then message your contacts, pretending to be you, usually requesting money. Other attacks are more complex, such as the “account suspension hack” we warned you about in April, where anyone can block your WhatsApp account by repeatedly entering incorrect codes against your number.

The first of these issues can be prevented by setting up 2FA inside WhatsApp—Settings / Account / Two-Step Verification. This is different to the code WhatsApp sends by SMS, and it prevents any trickster from stealing your account. The second can’t be prevented unless/until WhatsApp stops automating account suspensions without checking that the request comes from an account holder.

What’s always been most annoying about this problem is that it seems so ridiculous. There is a phone number associated with your WhatsApp account, a text is sent to that number to verify a new install, but the app cannot check that the phone on which it is being installed is the one associated with that same number. Cue the hijacks.

There are clearly privacy issues with WhatsApp pulling identifying data from the device—except that it does plenty of that anyway. This isn’t Signal we’re talking about. But even the suspension attack is so basic as to be laughable. It would not be difficult to find ways to prevent what is essentially a brute force attack on your account from a third-party device in a different location.

Anyway,…

Source…

The SolarWinds hack is stunning. Here’s what should be done

 

The information that is emerging about Russia’s extensive cyberintelligence operation against the United States and other countries should be increasingly alarming to the public. The magnitude of the hacking, now believed to have affected more than 250 federal agencies and businesses — primarily through a malicious update of the SolarWinds network management software — may have slipped under most people’s radar during the holiday season, but its implications are stunning.

According to a Washington Post report, this is a massive intelligence coup by Russia’s Foreign Intelligence Service (SVR). And a massive security failure on the part of the United States is also to blame. Our insecure internet infrastructure has become a critical national security risk — one that we need to take seriously and spend money to reduce.

President-elect Joe Biden’s initial response spoke of retaliation, but there really isn’t much the United States can do beyond what it already does. Cyberespionage is business as usual among countries and governments, and the United States is aggressively offensive in this regard. We benefit from the lack of norms in this area and are unlikely to push back too hard because we don’t want to limit our own offensive actions.

Biden took a more realistic tone last week when he spoke of the need to improve US defenses. The initial focus will likely be on how to clean the hackers out of our networks, why the National Security Agency and US Cyber Command failed to detect this intrusion and whether the 2-year-old Cybersecurity and Infrastructure Security Agency has the resources necessary to defend the United States against attacks of this caliber. These are important discussions to have, but we also need to address the economic incentives that led to SolarWinds being breached and how that insecure software ended up in so many critical US government networks.

Software has become incredibly complicated. Most of us almost don’t know all of the software running on our laptops and what it’s doing. We don’t know where it’s connecting to on the internet — not even which countries it’s connecting to — and what data it’s sending. We…

Source…

Financial Cyber Security Market to Witness Stunning Growth:


Financial Cyber Security

Financial Cyber Security

Latest Research Study on Financial Cyber Security Market published by AMA, offers a detailed overview of the factors influencing the global business scope.Financial Cyber Security Market research report shows the latest market insights with upcoming trends and breakdown of the products and services.The report provides key statistics on the market status, size, share, growth factors, Challenges and Current Scenario Analysis of the Financial Cyber Security. Demand from top notch companies and government agencies is expected to rise as they seek more information on COVID-19. Check Demand Determinants section for more information.
Players Includes:

McAfee, LLC (United States), Proofpoint (United States), Cygilant, Inc. (Unietd States), Palo Alto Networks, Inc. (United States), FireEye, Inc. (United States), Broadcom, Inc. (United States), AO Kaspersky Lab (Russia), Ernst & Young Global Limited (United Kingdom), IBM (United States), Experian Information Solutions Inc. (United States), Accenture plc (Ireland), Airbus SE (France), AT&T Intellectual Property (United States), Vmware, Inc. (United States), Pitney Bowes Inc. (United States) and Amazon Web Services, Inc. (United States)

Free Sample Report + All Related Graphs & Charts @ : https://www.advancemarketanalytics.com/sample-report/128828-global-financial-cyber-security-market
The global finance cyber security market is expected to grow at a slow pace during the forecast period, according to the AMA study. The rising awareness for data privacy across the financial sector and growing demand for secured financial transactions are expected to be some of the major factors aiding into the growth of this market. However, the market is expected to witness a slight decline in the growth during the next few years but it is again expected to rise with a healthy pace after the COVID-19 pandemic is over.
Keep yourself up-to-date with latest market trends and changing dynamics due to COVID Impact and Economic Slowdown globally. Maintain a competitive edge by sizing up with available business opportunity in Digital Asset Management Market various segments and emerging territory. Market…

Source…

Android Circuit: Massive Galaxy S11 Leaks, Stunning Honor 9X Launches, Pixel 4’s Missing Features – Forbes

  1. Android Circuit: Massive Galaxy S11 Leaks, Stunning Honor 9X Launches, Pixel 4’s Missing Features  Forbes
  2. Samsung launches first Android 10 beta for the Galaxy Note 10 series  Android Central
  3. Why are we not shocked when flagship Android smartphones turn out to be buggy, toxic hellstews?  ZDNet
  4. Android 10 beta for Note10 series is now live – GSMArena.com news  GSMArena.com
  5. View full coverage on read more

“android security news” – read more