security

At least eight apps in the official Microsoft Store were secretly designed to use a computer's resources without permission. It undermines Microsoft's efforts to promote the store as a "safe source of software." In the past few years, Microsoft has ... heavily pushed the idea of Windows users getting software from an app store - similar to the way mobile devices work - rather than the more traditional method of getting programs from a third-party sources and installing them directly to the PC or smartphone / tablet. There's even a special 'S' mode for Windows 10 that only allows the ... (view more)

Security researchers say some major password manager tools could be flawed. But they also say it's still sensible to use them, just with a degree of caution. It's a fact that using the same password for multiple sites is a massive security risk. ... That's because if one site gets hacked, it could mean that hackers can use the same password on another website to gain access to potentially sensitive information, resulting in identity theft or financial loss. Password manager tools (such as Roboform and Dashlane ) aim to overcome two big dilemmas with online passwords - which is keeping passwords ... (view more)

Security researchers have warned a notorious piece of malware has returned to Android. It's in disguise, posing as a legitimate and popular VPN application. Researchers at the security firm Bitdefender have dubbed the malware as "Triout," which was ... first spotted last August. It's a particularly nasty piece of malware as it carries out multiple hostile acts. (Source: bitdefender.com ) These include recording phone calls, reading incoming SMS messages, taking pictures and videos, and collecting location data such as GPS coordinates. Triout is designed to operate without being detected ... (view more)

Russia may briefly disconnect from the Internet as a cyber-defense exercise. It's being billed as an attempt to see if the country could keep the benefits of the Internet without having to interact with the rest of the world, though critics suggest ... it is nothing more than political censorship. Russian officials are said to fear that other countries may be taking measures to block its country from the Internet. On paper there does not appear to be any such proposals, though NATO (the North Atlantic Treaty Organization) has threatened some form of sanctions over alleged cyber attacks by Russia ... (view more)

Infopackets Reader Sam J. writes: " Dear Dennis, I have an older TPLink TL-WDR3500 router and I would like to attach a USB or external hard drive to it using the ' Storage Sharing ' option so that I can share files through my network. This would be ... ideal for me so I can share my Roboform passwords across devices. The issue is that the Storage Sharing option will only work if I enable CIFS 1.0 protocol in Windows because that is what the router uses to make the attached storage appear as a network drive letter in File Explorer. It is my understanding that CIFS 1.0 has a massive security issue ... (view more)

A security researcher says he's found a major security flaw in the Mac's password storage tool. But he's refusing to publish the details as a protest against Apple's "bug bounty" program. Linuz Henze has produced a video showing what he calls an ... exploit of the Keychain feature in MacOS Mojave, the current edition of the operating system for Mac computers. Keychain is an application on Macs that lets users save passwords for online accounts and digital certificates so that they don't have to type them in again. Users can also open Keychain and access a full list of passwords. Normally every ... (view more)

Google has launched a new tool to make it easier to know if a password has been hacked. But the way it works has raised some questions. The tool is called "Password Checkup" and is an extension for the Chrome web browser. It's designed to deal with ... details that are known to be part of a security breach, rather than offering more general advice such as using long passwords. If a user installs Password Checkup, Google will run a check whenever they log in to any site (not just ones Google operates). If it matches any entries on a database of known breaches, Chrome will display a ... (view more)

An extremely creative form of malware on Android devices uses motion sensors to help stay undetected. It's designed to combat one of the key methods used by malware scanning tools. Trend Micro says it found the malware hidden in two Google Play ... Store apps named "BatterySaverMobi" and "Currency Converter," which claimed to provide functions as their names suggest. (Source: arstechnica.com ) Once installed, the apps downloaded malware in the background, then used a fake system update message to trick the user into giving permission to install it. The malware, named " ... (view more)

January 2020 marks the end of extended support for Windows 7 from Microsoft. This means Windows 7 users have just one year left to upgrade to either Windows 8 or 10 (or an alternative), before their systems become a major security risk. Support for ... Windows 7 comes in a two-stage process. The first is known as mainstream support, which means the system is under warranty and Microsoft offers free technical support over the phone and its online forums. During this time, Microsoft also continues developing new features, and users can get hot fixes which patch any performance or security problems ... (view more)

20 popular Android apps are sharing user data with Facebook without permission, according to a new report. Privacy International says the data sharing happens even if the user doesn't have a Facebook account. The organization tested 34 apps, each of ... which have been installed at least 10 million times on Android devices. It looked at data that was transmitted through the Facebook Software Development Kit (SDK). The kit is a set of tools that are designed to help app developers coordinate their apps with the Facebook system. This is more commonly associated with retrieving data from ... (view more)