Google Gives Users More Choice with Location-Tracking Apps
Developers will have a new option to for Android apps to track location only when in use. Source: www.threatpost.com
Mobile Security
MAGA ‘Safe Space’ App Developer Threatens Security Researcher
The mobile app, dubbed a “Yelp for Conservatives,” was found with an open API leaking reams of user data. Source: https://threatpost.com
Google Patches Critical Bluetooth RCE Bug
In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high. Source: https://threatpost.com
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises. Source: www.threatpost.com
RSAC 2019: Most Consumers Say ‘No’ to Cumbersome Data Privacy Practices
Consumer confidence in companies keeping their data safe is at an all-time low, but password hygiene and not reading EULAs and app permissions remain big problems. Source: www.threatpost.com
Project Zero Discloses High-Severity Apple macOS Flaw
Google Project Zero researchers detailed a new high-severity macOS flaw after Apple failed to patch it by the 90-day disclosure deadline. Source: www.threatpost.com
Thunderclap Flaws Shatter Peripheral Security
Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals. Source: https://threatpost.com
High-Severity SHAREit App Flaws Open Files for the Taking
SHAREit has fixed two flaws in its app that allowed bad actors to authenticate their devices and steal files from a victim’s device. Source: www.threatpost.com
ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers
The attack threatens users with location-tracking, DoS, fake notifications and more. Source: www.threatpost.com
Google Ditches Passwords in Latest Android Devices
Google has announced FIDO2 certification for devices running on Android 7 and above – meaning that users can use biometrics, fingerprint login or PINs instead of passwords. Source: www.threatpost.com