Tag Archive for: Version

That mobile version of CyberPunk 2077 is almost definitely malware

/in


Ransomware masquerading as a mobile version of the highly anticipated open-world videogame CyberPunk 2077 has been discovered by security researchers at Kaspersky. A Windows version of the malware has also been discovered.

Kaspersky malware analyst Tatyana Shishkova revealed that a fake website disguised to look like Google’s Play Store was offering a mobile version of the CyberPunk 2077 game but which actually installed ransomware on the unsuspecting victim’s device.

Source…

Many Android apps still use a vulnerable Google Play Core library version

/in


Google has always advertised Google Play Store not only as the Android app store but also as a trustworthy and secure source of apps. That security, however, is only as strong as Google Play services itself and when the code behind that becomes open to security exploits, the house can easily come crumbling down. Unfortunately, while Google has already plugged up a recent security hole in its Google Play Core Library, app developers aren’t doing their part and putting their own apps and their users at risk.

The Google Play Core Library, as the name implies, is one of the most basic and most fundamental components of Google’s mobile services that Android apps can use to make developers’ and users’ lives easier. It provides functionalities like downloading additional languages, assets, or features without having to update the app itself from Google Play Store. Pretty much all Android apps in the Play Store make use of these functions, making the Core Library a critical part of any Android app.

Unfortunately, a severe flaw in the Core Library took advantage of that functionality in order to make the library actually execute malicious code. Check Point Research goes into detail about how the exploit works and it is a pretty frightening vulnerability if left unaddressed. Fortunately, Google already patched the Play Core Library last April before the vulnerability was publicly disclosed in August.

Rather than end on that good note, however, the security researchers warn that app developers still haven’t updated to this most recent version of the Google Play Core Library. Unlike server-side fixes where Google does all the work on its end, this kind of fix has to be applied by app developers on their own by updating their apps to use the fixed version of the library. By its last count, they estimate 13% of apps on the Google Play Store haven’t yet.

This basically means that these apps and users are still vulnerable to this security flaw that is now known by security experts and hackers alike. While a few have responded to Check Point’s report and…

Source…

AWS Announces the Next Version of Amazon Aurora Serverless, a New Capability that Makes it Easier to Migrate from SQL Server to Amazon Aurora, and an Open Source Project to Help More Organizations Leave SQL Server for PostgreSQL

/in


SEATTLE–()–Today at AWS re:Invent, Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company (NASDAQ: AMZN), announced the next version of Aurora Serverless, as well as a new capability that makes it easier for customers to migrate from SQL Server to Amazon Aurora PostgreSQL, and a new open source project that helps even more organizations migrate off legacy databases to open source alternatives. For customers that don’t want to deal with the work associated with self-managing database capacity, Amazon Aurora Serverless v2 scales to hundreds of thousands of transactions in a fraction of a second, delivering up to 90% cost savings compared to provisioning for peak capacity. AWS also announced Babelfish for Aurora PostgreSQL, a new capability for Amazon Aurora that allows customers to run SQL Server applications directly on Amazon Aurora PostgreSQL with little to no code changes. Finally, AWS shared its plans to open source Babelfish for PostgreSQL under the permissive Apache 2.0 license and make it available on GitHub. Together these innovations make Amazon Aurora even more attractive for a wide range of workloads, and bring the benefits of Amazon Aurora and PostgreSQL to more organizations. To get started, visit https://aws.amazon.com/rds/aurora/

Old-guard, legacy databases that have been developed and used for many decades typically require a well-trained and funded support staff to run and manage them. These commercial databases offer high performance and advanced availability features, but are expensive, complex to manage, and have high lock-in. Moreover, customers that are self-managing commercial databases are often at the mercy of old-guard database vendors and the brazen tricks they play, such as imposing arbitrary and punitive licensing terms. Today, more than a hundred thousand customers are choosing to run their database workloads on Amazon Aurora because it delivers the performance and availability of the highest-grade commercial databases at one tenth of the cost, making it the fastest-growing service in AWS history. In total, more than 350,000 databases have been migrated to AWS using AWS Database Migration Service (DMS). Today’s…

Source…

Chrome gets patched again, but 83% of users aren’t running the latest version | 2020-11-20

/in


Chrome gets patched again, but 83% of users aren’t running the latest version | 2020-11-20 | Security Magazine




Source…