Security

Deleting empty folders is often a good idea to keep a computer clutter-free and make it easier to see what you're actually looking for. But Microsoft has warned users not to delete an empty folder called "inetpub" in Windows. Although the folder is ... empty for most users, it's actually part of a security fix. The problem is Microsoft forgot to tell anyone about it. The folder shows up in the system drive. That's the hard drive which houses Windows itself. For many, and likely most, users this would be the C drive. Normally "inetpub" would only appear if you use a tool called Internet ... (view more)

WhatsApp Windows users have been warned to check they are running the latest edition. A new update fixes a bug which could make it much easier to distribute malware. The issue is not with the more familiar mobile app, nor with the website version ... that's available by visiting https://web.whatsapp.com/ in a browser. Instead it's with the downloadable WhatsApp for Desktop Windows app that lets users make video calls and share their screen among other benefits. The security flaw involves the way users can send attachments. As The Register explains, such files come with accompanying data called ... (view more)

Scams involving "look-alike" domain names have risen dramatically according to a security company. It suggests the attacks, which trick people into visiting or trusting a site based on what looks like a legitimate domain name, are up more than 400 ... percent in the past year. The report comes from BlueVoyant, a company which offers cybersecurity services to a range of companies. It looks at two main forms of look-alike scam. (Source: bluevoyant.com ) One is to replace characters in a domain name with easily mistaken characters such as MICROS0FT.com or goog1e.com. The other is to use the ... (view more)

Google says it has fixed one of the oldest security and privacy issues affecting Internet users. Chrome will soon make it impossible for sites to exploit the way links change color after you visit them. While different sites can override the ... defaults, most web browsers will display links in blue. However, if you've previously visited a site by clicking on a link, browsers will often show it in a different color (purple, for example). The idea is to make it easier to avoid going back to a site that wasn't helpful, or to quickly find a site you've previously accessed when you're using a search ... (view more)

Google has confirmed users who are completely locked out of their Gmail accounts after an attack can still recover their access. However, they have just seven days to act after the breach. The issue involves cases when an attacker not only gains ... access to an account, but then changes security and recovery settings. These can include an alternative email address or a phone number. In both cases the idea is that if a user knows their account is breached, they can issue a password reset request. They will then be able to choose a new password and regain access. This will at the least limit the ... (view more)

Google Pixel phones can now detect potential scams in text messages and voice calls in real time. The company says the technology runs locally on phones, meaning it shouldn't compromise privacy. After a beta testing program, Google is rolling out ... Scam Detection for messages to any handset running Google Messages . This app is available for download on the Google Play Store and can replace the default messaging app on most Android phones. Users who install it gain access to Google’s latest messaging features, including spam protection, end-to-end encryption, and AI-powered scam detection. ... href="/news/11523/google-ai-can-now-detect-phone-scams-real-time" class="more-link">view more)

Gmail is to stop using SMS text messages as a way to authenticate accounts. It's concluded the security measure is no longer secure or efficient. The SMS message test is a common example of two-factor authentication, the idea that accounts should ... always be protected by two different factors, often including something the customer knows (such as a password), something they have (such as a smartphone), and where they are (using an IP address). This means most of the time the customer can simply log in with a password from their normal location or IP address. With two-factor authentication ... (view more)

Politically and financially motivated hacking groups are increasingly working together, according to new research. This collaboration has led to a dangerous pooling of resources, making cybercriminals more effective than ever. The research, ... conducted by Mandiant (a security firm owned by Google's parent company), suggests that hackers are becoming more specialized in their skill sets and working in partnership to maximize their impact. Just as in the corporate world, these cybercriminals are forming networks where each group focuses on a particular aspect of hacking - whether it's gaining ... (view more)

Chrome may soon make it even easier to change a password after a data breach. An in-test feature would actively change the password on the user's behalf. The change would affect what happens when Google auto-fills a password field using a stored ... password. The browser already checks such stored passwords against a database of passwords that have been breached and released publicly. At the moment Chrome will simply warn users about such a breach and prompt them to change it. However, the user will need to manually go to the password settings section or account settings on the website in ... (view more)

Google is to take stronger actions against apps that turn out to be potentially harmful. It may revoke permissions where the app is already on a user's device. One of the most notable aspects of Google's management of Android apps is its particular ... balance of security and privacy. Although it will remove apps suspected or confirmed to be malicious from the Play Store, it doesn't usually do much if anything about devices which already have the app installed. The optional Google Play Protect can technically deactivate suspicious apps, but usually it's left to users to hear about the issue (for ... (view more)