Tag Archives: Google

Posted on Author Atlantic Computer Services Categories Blog

Google Assistant Tool Will Automate Password Changes

A handy new Google Assistant is coming soon to a device near you.  The new feature is designed to automate the frustrating and often time-consuming task of changing your passwords after a breach.

This information is according to a tweet from Max Weinbach and a separate report from a group called the Android Police.

Google has already implemented a powerful tool to detect when users are making use of passwords that have been compromised in a breach.  This new feature will build on that. Based on screenshots captured by Weinbach, you’ll soon see a new “Change Password Automatically” button when you investigate which of your passwords have been compromised.

The company announced the feature last year during Google I/O and it does have a few caveats. The biggest is that it only works on supported sites, but given that Google is behind it, it’s hard to imagine a scenario in which the majority of sites on the web didn’t flock to support the new feature.

When you use the new feature, the Assistant will automatically display the appropriate web page for changing one’s password on a supported site. Then Chrome’s built-in password manager will take over, automatically generating a new password, then storing the new login details without any input needed from the user.

This is fantastic news indeed. We love the fact that Google is working on this while simultaneously working with Apple and Microsoft to eventually get rid of passwords altogether. All this is in preference for a much more secure FIDO passkey.

That effort to get rid of passwords is still at least a year away. This one will be rolled out in just a few months.  As such, it will be a great intermediate step designed to keep users safer until a more robust and permanent solution can be rolled out.  Kudos to Google for their hard work on this front!

0
Posted on Author Atlantic Computer Services Categories Blog

Google Soon Informing Users About What Data Apps Collect

A small but important change is coming to your Android apps.  Soon you’ll notice a new Data Safety section on the Google Play Store which will provide greater transparency about exactly what data the apps you install are collecting.

The change is meant to serve as a “privacy label” that will allow users to evaluate the data an app will collect on them before they install it, so they can make better and more informed decisions about what to install.

In addition to requiring developers to disclose exactly what data they ‘re collecting, they will also have to disclose what data they will share with third parties. That essentially forces development teams to disclose the purpose behind the collection.

The new feature will also give users access to more than just the high-level view.  For additional details, they’ll be able to click on any given data category to find out the particulars involved.

That sounds amazing but believe it or not, there’s more.  The third leg of the new Data Safety section will include details about the app’s security practices, outlining what specific mechanisms the developers use to protect and safeguard collected data.  Here, users will also be able to see if they’re given the option to ask for the deletion of their collected data at any time.

On top of that, the new Data Safety section will specify if the app in question adheres to the Google Play Families Policy which is aimed squarely at protecting children.

Google is taking a careful and measured approach to the rollout. So if you have an Android device, don’t expect that you’ll start seeing details in the Data Safety section right away. It will happen over the next few weeks. It will appear and then get increasingly fleshed out.

As of now, app Developers can begin declaring how collected data is used and they have until July 20th of this year (2022) to complete their submissions.

These are fantastic changes.  Kudos to Google for this.  Great news indeed.

0
Posted on Author Atlantic Computer Services Categories Blog

Some Android Devices May Have Media File Security Vulnerability

Do you have an Android device?  Is it built around a Qualcomm or MediaTek chipset?  If you answered yes to both of those questions, be aware that researchers at Check Point have recently discovered an issue which could put your device at risk.

The team discovered a flaw in the implementation of the ALAC (Apple Lossless Audio Codec) which was open-sourced back in 2011.  The flaw could allow remote code execution on your device and unfortunately, Qualcomm and MediaTek are two of the industry’s largest chip manufacturers.

The good news is that both Qualcomm and MediaTek acted quickly, and this issue has already been resolved.  The problem involved three separate flaws tracked as CVE-2021-0674 (medium severity with a 5.5 score), CVE-2021-0675 (high severity with a 7.8 score), and CVE-2021-30351 (critical severity with a 9.8 score).

While MediaTek did not release a formal statement about the matter, Qualcomm did.

It reads in part, as follows:

“Providing technologies that support robust security and privacy is a priority for Qualcomm Technologies. We commend the security researchers from Check Point Technologies for using industry-standard coordinated disclosure practices. Regarding the ALAC audio decoder issue they disclosed, Qualcomm Technologies made patches available to device makers in October 2021. We encourage end users to update their devices as security updates have become available.”

If you haven’t installed any security patches for your device since December of last year, grab the latest and install it at your earliest convenience and you’ll be all set.  Until then, be sure not to open any audio files from unknown sources which is good advice even after you’ve installed the patch.  One can never be too cautious.

Kudos to the sharp-eyed researchers at Check Point and to both Qualcomm and MediaTek for their fast action here.  That’s how it’s done.

0
Posted on Author Atlantic Computer Services Categories Blog

Sharkbot Malware Found In Several Android Antivirus Apps

If you own an Android device, odds are excellent that your go-to source for apps of any kind is the Google Play Store.  That includes antivirus apps to help keep your device safe.

Unfortunately, the hackers of the world are aware of that fact and are always on the lookout for ways to capitalize on that.

Recently, researchers at Check Point have made a disturbing discovery.  Six different apps on the Play Store were recently found to be poisoned variants containing the Sharkbot malware. Sharkbot is designed to steal usernames and passwords by displaying cleverly disguised overlay windows that appear over the login window you expect to see when you visit a given website.

Instead of entering your login credentials on the site you thought you were visiting, you instead inadvertently feed the credentials to the bot. The bot dutifully exfiltrates them to a command-and-control server so the hackers controlling the malicious code can abuse them at their leisure.

To add insult to injury, all six of the poisoned apps appeared to be perfectly legitimate antivirus apps. Even worse is those apps were downloaded by unsuspecting users more than fifteen thousand times before Google caught the issue and removed them from the Play store.

Alexander Chailytlko is the cyber security researcher who led the team that made the discovery. They have an intriguing theory about how the hackers were able to get their poisoned code past Google’s robust series of checks against exactly such things.

Per Chailytko, “We think that they were able to do it because all malicious actions were triggered from the C&C server, so the app could stay in the “OFF”-state during a test period in Google Play and turn “ON” when they get to the users’ devices.”

If that theory proves correct and there’s little reason to doubt it  Google is going to have a tough time keeping that sort of thing from happening in the future. That means the Play Store may not be quite the safe place most people expect.  That’s troubling indeed.

0
Posted on Author Atlantic Computer Services Categories Blog

This Android Malware Will Steal Your Facebook Credentials

Do you have an Android device?  Even if you don’t, you know someone who does.

Google is incredibly good at spotting poisoned copies of apps on its Play Store and getting rid of them before they can spread to the devices of users who rely on the safety and security offered by the Play Store.

As good as they are, they’re not perfect and sometimes malicious code masquerading as a legitimate app can slip through the company’s impressive filtering system.

Recently, the company discovered that an Android app that has more than 100k installs contains a trojan called “FaceStealer” which displays a Facebook login screen that requires users to log in before they can make use of the app.

Although the Facebook login prompt looks official, it is not and all a user accomplishes by entering their login credentials is to give those credentials to the hackers that control the code.  Given that millions of people around the world use their Facebook login details to connect to a host of other websites, this essentially gives the hackers the keys to your digital kingdom. From that point there’s really no end to the amount of damage they can do.

In addition to making the discovery itself, the researchers who originally brought the poisoned app to Google’s attention did a deep dive into the malicious code and discovered that the author has apparently automated the repackaging process. This means that it’s a trivial matter to turn almost any legitimate app into a carrier of this trojan.

Given that fact, it’s worth asking the question, “How many other poisoned apps might there be on the Play Store right now?”

It’s a fair question with no easy answer.  Your best bet is to practice extreme caution when downloading any app, only get them from the Google Play store and do as much due diligence as possible before committing to an installation.

0
1 2 3 4 5 6 31