Category: Android

Google, the web search giant owned by Alphabet Inc., has introduced a new security feature designed to protect your data in case your phone is stolen. At the moment, this feature is available on select Android devices, specifically Google Pixel models running Android 15 and certain Samsung Galaxy smartphones running One UI 7 and above.

The feature, called “Identity Check,” is aimed at enhancing your phone’s security by locking sensitive settings when the device is taken outside of trusted locations. However, it’s important to note that this feature does not come enabled by default—it must be manually activated by the user.

What Does the Identity Check Feature Do?

Once activated, the Identity Check feature ensures that only those with authorized access can make changes to sensitive settings on the device. These settings are protected through biometric authentication, such as fingerprint or facial recognition, which must be verified before any changes can be made. The feature activates when the device is taken out of trusted locations—locations you’ve previously set based on your 4G or 5G service provider’s geolocation services.

Sensitive Settings Protected by Identity Check:

Changing the Lock Screen, PIN, or Password: Unauthorized users can’t alter your security settings without biometric verification.

Changing Biometrics (e.g., fingerprint or face unlock): Any changes to biometric authentication settings will require authentication.

Accessing Password Manager: Passwords and passkeys saved in the Password Manager are locked from unauthorized access.

Performing a Factory Reset: Unauthorized users cannot reset the phone without the proper biometric authentication.

Disabling Theft Protection Features: Any anti-theft protections cannot be disabled without authentication.

Viewing or Changing Trusted Locations: Users cannot alter the list of trusted locations or disable the Identity Check feature.

Setting Up a New Device or Transferring Data: A new device setup or data transfer from a stolen or existing device will require biometric authentication.

Removing a Google Account: Unauthorized users cannot remove the Google account from the device.

Accessing Developer Options: Developer settings are locked from unauthorized access.

How Does It Work?

The Identity Check feature is activated whenever the phone’s geolocation changes and it moves outside of the trusted locations set by the user. For example, if the phone is stolen and moved to an unfamiliar location, the phone will prompt the user for biometric verification before allowing access to sensitive settings.

While this functionality isn’t entirely new (Android devices have always used location-based security features), the introduction of Identity Check focuses on making this kind of security feature more effective and reliable, especially in the case of theft.

Why It’s a Game Changer

In regions where smartphone thefts are on the rise, like London, this feature could be a major step forward in preventing unauthorized access to stolen devices. Mobile thefts have become an increasing problem, and this added layer of security could make it much harder for thieves to access or manipulate sensitive data on stolen phones.

By requiring biometric authentication when sensitive settings are accessed outside of trusted locations, Identity Check offers an additional layer of security that could potentially deter theft or reduce the likelihood of data breaches following a stolen device.

In short, Google’s new Identity Check feature is a proactive and effective solution to improve the security of Android devices, particularly when dealing with theft or unauthorized access.

 

The post Google launches new Identity Check feature for data security appeared first on Cybersecurity Insiders.

Ever wonder how those "free" browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets. Plus, we take a look at Kagi, the search engine you pay not to show you adverts, and discuss what you should do with your old, no-longer-wanted technology. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Space Bears Ransomware Targets Atos SE in Major Cyberattack

Atos SE, the France-based global leader in cloud computing and cybersecurity services, has confirmed a major cybersecurity breach involving the ransomware group Space Bears. The cybercriminals claim to have compromised Atos’ database, extracting sensitive data by exploiting a known vulnerability. The attack is part of a growing wave of ransomware campaigns that target large corporations for financial extortion.

The attack occurred on December 28, 2024, and led to the deployment of file-encrypting malware that disrupted Atos’ servers. In response, Atos issued a public statement acknowledging the breach and assured that an investigation was underway. While the company has yet to release detailed information about the scope of the breach, it promised to provide updates as the investigation progresses.

The timing of the attack is particularly notable. It occurred just weeks after Atos had announced the completion of its financial restructuring plan, which had been overseen by its creditors. The timing has raised concerns about whether the cyberattack was linked to these internal corporate changes, though there is no official statement connecting the two events at this time.

As a leading player in cybersecurity, Atos’ own infrastructure and its clients’ data were likely a key target for the cybercriminal group. Atos’ response to the breach and its commitment to uncover the full details of the attack will be closely watched by the cybersecurity community and its clients, who rely on the company for cloud and cybersecurity services.

Android’s ‘Find My Device’ Feature Triggers False Alerts

Android users have been facing a frustrating issue with the Find My Device feature, as it has been sending out false alarms for the past two weeks. These notifications are triggered when registered devices are moved, but the alarms are incorrectly set off even when the devices remain in trusted locations, such as within the home.

The issue appears to be most prevalent for households with both Android and Apple iOS devices. Experts speculate that the interference between these two operating systems, coupled with Bluetooth-enabled devices, is behind the false alerts. The problem seems to be exacerbated when Android devices are in close proximity to Apple devices, causing cross-platform interference that triggers unnecessary notifications.

To address the issue, cybersecurity professionals are recommending that Android users activate the whitelisting feature on their devices, that should be activated by default. Whitelisting allows users to specify which devices and locations are trusted, helping to streamline the alert system and reduce the occurrence of false alarms. By restricting alerts to only those situations where there is a genuine risk, whitelisting can help improve the user experience for those affected by the bug.

While the issue has been widespread, Android’s development team has not yet released an official fix. However, users can take steps to mitigate the problem by updating their settings and minimizing the chances of receiving erroneous alerts.

AT&T and Verizon Defend Their Networks Against Cyber Espionage Claims

In response to allegations of being targeted by the Chinese-linked Salt Typhoon cyber espionage campaign, American telecom giants AT&T and Verizon have issued statements confirming that their networks remain secure from any compromise related to the threat. The Salt Typhoon campaign, which has reportedly been active since 2016, is believed to have targeted multiple telecom networks across North America, with particular focus on espionage activities aimed at government officials and sensitive communications.

The controversy surrounding these claims escalated after Anne Neuberger, a White House official, suggested in a public statement that eight North American telecom networks were impacted by the campaign, with AT&T possibly being the ninth target. This revelation raised concerns about the scope and impact of the espionage operation, which allegedly involved the theft of sensitive data, including government communications.

FBI officials later corroborated these concerns, noting that Salt Typhoon may have compromised data related to government officials’ calls and messages. However, both AT&T and Verizon have vigorously denied any breach of their networks, reassuring the public that their security measures are robust and have successfully thwarted any attempts at espionage.

These statements come in the wake of growing scrutiny of foreign cyber activities targeting critical infrastructure in the West. The Salt Typhoon campaign, reportedly linked to Chinese state-sponsored hackers, highlights the ongoing threat posed by cyber espionage, particularly against telecom networks, which are essential for secure communications and data transmission.

AT&T and Verizon’s swift responses have been welcomed by both the telecom industry and government officials, who continue to monitor the situation closely to ensure that such vulnerabilities do not compromise national security. The FBI’s ongoing investigation into the Salt Typhoon campaign is expected to provide further insights into the extent of the threat and the potential targets of these malicious activities.

The post Google trending Cybersecurity headlines for the last weekend appeared first on Cybersecurity Insiders.

Germany has launched an investigation into reports of a significant cyber threat believed to be linked to the BadBox Malware, which has allegedly infected over 192,000 devices across the country. These devices include a wide array of electronics, such as media players, digital picture frames, streaming devices, smart TVs, smartphones, and tablets. The malware is thought to have emerged as a new cyber threat, adding to the growing list of challenges posed by evolving digital security risks.

This latest development follows the earlier appearance of Malibot, another malicious software that has been targeting Android devices in recent months. Both of these cyber attacks are suspected to have originated from China, as reported by the HUMAN Satori Threat Intelligence team, a prominent cybersecurity organization based in New York.

Satori Intelligence, which collaborates with tech giants like Google and assists law enforcement agencies in neutralizing cyber threats, has been actively working to trace and dismantle these security breaches. The term “Satori” is derived from Japanese Buddhist philosophy, meaning “awakening” or “enlightenment,” symbolizing the organization’s mission to uncover hidden cyber threats and bring them into the light.

How BadBox Malware Works

The BadBox Malware is primarily affecting devices that are running outdated or unsupported operating systems, or those that have ceased receiving regular security updates. This makes them more vulnerable to cyber attacks. Interestingly, some cybersecurity platforms suggest that BadBox may be specifically targeting devices that are already compromised by Triada, a type of Android malware that was previously preinstalled on certain devices, leaving them exposed to further exploits.

According to reports from the German Federal Office for Information Security (BSI), which is leading the investigation into the infections, the malware is capable of a range of malicious activities.

These include:

Bypassing Traditional Security Features – BadBox can circumvent conventional security measures, such as antivirus software and firewalls, allowing it to gain deeper access to infected systems.

Data Exfiltration – The malware is capable of silently collecting sensitive information from infected devices and transmitting it to external servers, which could potentially include personal data, financial information, or business secrets.

Ad Fraud and Espionage – The malware can be used to hijack advertising networks for fraudulent purposes, potentially generating revenue for cybercriminals through illegal means. It can also facilitate espionage, allowing attackers to monitor and steal data from victims.

Ransomware Distribution – In addition to these activities, BadBox acts as a bot in a larger network, helping spread ransomware across connected devices, further exacerbating the impact of the attack. It can also serve as a proxy to evade surveillance by law enforcement and security agencies.

Protecting Yourself from Cyber Threats

As these attacks continue to evolve, experts emphasize the importance of regular device updates as one of the most effective defenses against malware like BadBox. Users are strongly encouraged to:

a.) Update devices regularly to ensure that they are protected by the latest security patches and bug fixes.

b.) Install reliable security software to provide an additional layer of defense against cyber threats.

c.) Be cautious about suspicious apps or downloads, particularly those from untrusted sources.

d.) Follow best practices for mobile security, such as using strong passwords, enabling two-factor authentication, and avoiding public Wi-Fi networks for sensitive activities.

Cybersecurity experts warn that the spread of BadBox and similar malware is a reminder of the constant need for vigilance in an increasingly digital world. With cybercriminals continually developing new methods to exploit vulnerabilities, users must stay proactive in safeguarding their devices and personal data.

Looking Ahead

The investigations into BadBox and Malibot malware are ongoing, and authorities are working to mitigate the impact on affected individuals and organizations. As the situation develops, the BSI and other cybersecurity agencies are expected to release further advisories and guidelines to help users protect themselves from these malicious attacks. The fight against such threats underscores the growing importance of global cooperation in cybersecurity, as well as the need for ongoing education and awareness around digital safety practices.

The post Germany Investigates BadBox Malware Infections, Targeting Over 192,000 Devices appeared first on Cybersecurity Insiders.

For years, there’s been a widely held belief that iOS devices—such as iPhones—are virtually immune to phishing attacks, largely due to Apple’s strong emphasis on security and its reputation for prioritizing user protection. In contrast, Android devices, with their more open operating system, were often viewed as more vulnerable to such cyber threats.

However, a recent report from Lookout, a prominent mobile security company, challenges this assumption. According to the findings in their Mobile Threat Report, iOS devices are actually more susceptible to phishing attacks than Android devices. This revelation comes as a surprise to many, especially given Apple’s long-standing efforts to maintain a secure ecosystem. The report also highlights that phishing is not just a random occurrence—state-sponsored actors, particularly from countries like Russia, North Korea, and China, are identified as the primary culprits behind these attacks.

The findings also draw attention to the growing sophistication of threats targeting mobile users. Phishing attacks often serve as a gateway for more dangerous forms of malware, such as Trojans and spyware. These malicious programs are increasingly used for espionage purposes, with many attackers targeting individuals interested in surveilling their loved ones. The rise of “surveillance culture” is evident, as more people seek to monitor the activities of those close to them—further increasing the risk of falling victim to cybercrime.

The WhatsApp and Facebook Outage: A Possible Hack or State-Sponsored Attack?

Meanwhile, a significant disruption occurred on Wednesday afternoon when several online services, including WhatsApp, Facebook, and other Meta platforms, experienced a widespread outage. Incidentally in this downtime that occurred during the release of the report, users were unable to access the services, leading to widespread speculation. Some commentators on social media raised concerns that the disruption could have been the result of a targeted cyberattack, potentially from hackers or even a state-sponsored actor.

Such outages are not only inconvenient but can also serve as a reminder of the vulnerabilities inherent in our increasingly digital lives. As these platforms become central to communication, commerce, and social interaction, the stakes for securing them against external threats have never been higher. Whether the outage was truly caused by malicious actors or a technical issue remains unclear, but the episode raises important questions about the robustness of major digital services.

FBI Warning on Messaging Security: Is It Time to Rethink Communication?

Adding to the growing concerns over mobile security, the FBI issued a stark warning just a week ago. The law enforcement agency advised iPhone and Android users to stop using traditional SMS or messaging services between the two platforms due to the lack of end-to-end encryption between them. In its place, the FBI recommended that users switch to more secure messaging services, such as WhatsApp or Telegram, which offer end-to-end encryption as a standard feature.

While the FBI’s recommendation is based on the fact that unencrypted messages could be intercepted, it has raised some eyebrows. Critics question the true level of security these alternative platforms offer. After all, even though WhatsApp and Telegram are promoted as secure, no system is entirely immune from vulnerabilities. Moreover, many wonder if the law enforcement’s message is contradictory or even somewhat strange, given that we can never be entirely sure about the transparency and implementation of the security measures they advocate. How much can we really trust that these platforms uphold the highest standards of privacy, or is there a possibility that their security features could be compromised?

Do Major Service Providers Live Up to Their Cybersecurity Promises?

With these new revelations, the question on many people’s minds is whether companies like Twitter, Signal, WhatsApp, and others truly live up to their cybersecurity claims. These services assure users that all data—including text, images, and videos—shared via their platforms is encrypted. According to their statements, this means that no third party, including hackers or even the platforms themselves, should be able to snoop on or access this data. Encryption is a critical component in maintaining privacy, and these companies have made it a cornerstone of their marketing strategies.

But while encryption is a powerful tool, the reality of cybersecurity is far more complex. As we’ve seen with recent data breaches and high-profile cyberattacks, no system is entirely foolproof. Encryption can provide a strong layer of protection, but other vulnerabilities, such as user behavior and software flaws, can still expose sensitive information.

Conclusion: The Future of Mobile Security

As the digital landscape continues to evolve, the security of mobile devices and online services will only become more critical. The growing sophistication of phishing attacks, the potential risks of using unencrypted messaging platforms, and the vulnerabilities that continue to emerge in widely used services like WhatsApp and Facebook all point to a pressing need for stronger, more transparent security measures.

While companies like Apple, Google, and Meta continue to invest heavily in cybersecurity, users must remain vigilant and informed about the risks they face. Regularly updating devices, using encrypted messaging platforms, and exercising caution when interacting with unknown links or suspicious emails can all help mitigate the growing threat of cyberattacks. As for the future, only time will reveal whether current security protocols are enough to protect us from the increasingly sophisticated threats that continue to emerge.

The post Apple iOS devices are more vulnerable to phishing than Android appeared first on Cybersecurity Insiders.

The Federal Bureau of Investigation (FBI) has issued a strong warning to smartphone users, urging them to avoid sending regular text messages between Android and iPhone devices. According to the FBI, such message exchanges are vulnerable to interception by hackers or third parties, potentially compromising sensitive information.

This warning comes amid growing concerns about a cyber espionage campaign allegedly conducted by a Chinese hacking group known as “Salt Typhoon.” The group is believed to have been targeting telecom networks in the U.S. for several years, stealing large volumes of data, including metadata such as call and message timestamps, as well as information on the recipients of communications. The Pentagon only became aware of the campaign earlier this year.

Reuters reports that the hacking group has been infiltrating telecom networks for the past three years, siphoning off crucial data from various services, including communications from high-profile individuals, such as celebrities using providers like Virgin. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also issued a notification regarding the widespread nature of these espionage activities.

In light of these concerns, the FBI is advising users to switch to encrypted messaging apps like WhatsApp for sending text, photos, videos, and documents. These platforms use encryption to convert messages into unreadable formats, making it more difficult for third parties to monitor or intercept the content.

While Google has recently promoted its Messages app as offering strong encryption, this feature is not enabled by default, and users may experience issues with features like ‘read receipts’ if encryption is activated. Any disruptions in message synchronization could increase the risk of security breaches. It remains to be seen how Apple’s iMessage platform addresses these encryption concerns.

Meanwhile, the Chinese government has denied these allegations, calling them false. In a statement, they accused the U.S. of spying on its own citizens in the name of national security, citing whistleblower Edward Snowden‘s 2013 revelations as evidence of American surveillance activities since 2012.

The post FBI asks users to stop exchanging texts between Android and iPhones appeared first on Cybersecurity Insiders.

For the past five years, Google, the undisputed titan of the internet, has found itself embroiled in a series of lawsuits across the globe. Users, advocates for data privacy, and even governments have raised alarms about the massive amounts of personal information Google collects through its Chrome browser and Android mobile operating system. The search giant, which has long held a dominant position in the online world, is now facing increased scrutiny regarding its practices, particularly how it collects, stores, and sells user data.

In a dramatic shift, U.S. regulators have now called for Google’s parent company, Alphabet Inc., to dismantle its Chrome and Android divisions. The proposal stems from concerns over the company’s growing monopoly, particularly its ability to control the online experience through its pre-installed search engine and default browser settings. Google’s stranglehold on both mobile operating systems and web browsers has effectively given it an unparalleled opportunity to influence what users see online, while collecting vast amounts of data along the way.

The Monopolistic Power of Chrome and Android

Google’s dominance in search and mobile operating systems has been cemented over the past two decades. Chrome has become the most widely used web browser, accounting for more than 60% of global browser market share, while Android commands over 70% of the mobile OS market. These products act as gateways to the internet for billions of users, meaning Google has direct access to the search habits, online behavior, and personal data of millions every day.

At the heart of the controversy lies the allegation that Google uses its Chrome and Android platforms to reinforce a biased online experience. The default search engine on Android phones, for instance, is Google Search, and its web browser Chrome, despite being one of the most popular tools on the internet, stores search queries and browsing histories. This data is then analyzed and sold to advertising companies, which bombard users with targeted ads based on their online behavior. The result is a highly curated, surveillance-driven browsing experience that benefits Google at the expense of privacy.

The U.S. Department of Justice has argued that Google’s ability to maintain a monopoly over internet search and browsing is a violation of anti-trust laws. The core of the department’s push for a breakup is not just about competition; it’s also a matter of privacy. Google’s dominance in search means it can control which websites users are likely to visit and what content they will see. This kind of influence is troubling, particularly when paired with the company’s ability to track and monetize user data on a scale never before seen in the digital age.

A Proposed Solution: The Separation of Chrome and Android

In an unprecedented move, the U.S. government has suggested that Google divest its Chrome and Android divisions into two separate entities, to be sold to interested buyers. The rationale behind this is to dismantle Google’s monopoly and give other competitors a fair shot at succeeding in the browser and operating system markets. By selling off Chrome and Android to independent companies, Google would no longer be able to control both the search engine and the device ecosystems in such an overwhelming manner.

This proposal is being hailed as a potential turning point not only for competition in the tech industry but also for data privacy. As separate entities, Chrome and Android could be run by companies that are more committed to user privacy, rather than using personal data as the cornerstone of their business models. The sale of these two divisions could also bring an end to the legal battles Google has faced worldwide over its surveillance practices, as the new owners would be subject to fresh regulatory scrutiny and would have to comply with stricter data protection laws.

The Potential Impact on Rival Search Engines

If the breakup of Google’s browser and mobile divisions were to go forward, it could also provide a significant opportunity for rival search engines like Microsoft’s Bing and Yahoo to gain ground. Currently, Google Search is the default engine on Android devices, which means it dominates mobile searches. If Google no longer has control over Android, other search engines could have a fairer opportunity to compete, potentially reshaping the landscape of internet search.

For companies like Microsoft and Yahoo, this shift would be a welcome development. Despite their search engines being popular alternatives, neither has been able to break the near-total dominance Google has in the market. Microsoft’s Bing, for instance, has long struggled to gain traction, partly because of Google’s entrenched position on Android devices. A breakup of Google’s Android and Chrome operations would level the playing field, allowing users to more easily choose competing search engines and browsers.

A Political Shift: Trump and the Future of Tech Regulation

There is also speculation that the political landscape could further influence the outcome of this case. As Donald Trump prepares for his second term as president, many expect that the U.S. government will take an even more aggressive stance on regulating big tech companies. With his administration taking office in January 2025, it’s possible that Trump will champion the breakup of Google, portraying it as a necessary step to curtail the overreach of Silicon Valley.

The prospect of a new president overseeing tech regulation could bring about a quicker resolution to the ongoing legal challenges surrounding Google’s practices. For rival companies, this could be a moment of relief, allowing them to gain a larger foothold in the market. For privacy advocates, it could signal a significant victory in the fight against surveillance capitalism and data exploitation.

Conclusion

The U.S. government’s proposal to break up Google’s Chrome and Android divisions is a bold move in the ongoing battle over privacy, market dominance, and user rights in the digital age. If successful, this step could bring an end to Google’s long-standing monopoly, offering a more competitive environment for other tech firms while addressing the ongoing concerns about data privacy. However, it’s also clear that the implications of such a decision would reverberate far beyond just Google, potentially reshaping the entire internet ecosystem and altering how users interact with the digital world. As the debate unfolds, all eyes will be on Washington to see if the White House will take action to curb the power of the tech giant and restore balance to the online world.

The post US urging Google to sell its Android and Chrome browser to banish Data Privacy and Market competition concerns appeared first on Cybersecurity Insiders.

Google is preparing to introduce a new threat detection feature for its Android 14 and 15 operating systems by the end of this year. This innovative feature aims to enhance device security by preventing unauthorized access in the event of theft or snatching. When the device detects suspicious activity, such as being grabbed and the thief running or driving away, it will automatically lock the screen. To regain access, the legitimate user must enter a passcode that was set up during the initial SIM activation.

Details about this threat detection lock tool are still limited. However, according to discussions on various Android tech forums, the system will leverage data from the device’s gyroscope and accelerometer, along with other parameters, to identify unusual movement patterns. Users will be able to unlock their devices using a secret code established during the initial phone setup.

Phone thieves and snatchers should take note: this feature has the potential to block factory resets, a common tactic used by thieves to erase and repurpose stolen phones.

Initially, this feature will be available for devices running Android 15, with a gradual rollout planned for Android 14, 13, 12, and 11 devices in the following months. Starting in April 2024, it will also extend to devices running Android 10.

This remote locking feature represents the second major security enhancement introduced for Android users, now available in its Beta version across all compatible mobile devices.

And this feature will be working in tandem with Find My Device feature that was introduced to all android users in February this year.

The post Google to launch threat detection AI powered feature to all Android phones appeared first on Cybersecurity Insiders.