Subterms
Paul Souders/Getty Images In a new white paper, Vendor Kernels, Bugs and Stability, the infrastructure software and Rocky Linux company CIQ presents a compelling argument that Linux vendor kernels are plagued with security vulnerabilities due to the flawed engineering processes that backport fixes. Also: The top three Linux 6.9 kernel upgrades While this may shock […] More
Kyle Kucharski/ZDNETIf you’re using Google’s Chrome browser, it’s time to update it — and fast.Google confirmed this week that it has released Chrome 125 for Windows, Mac, and Linux. The update includes a range of patches to security flaws, including a zero-day exploit called CVE-2024-4947. Zero-day exploits are vulnerabilities in software that malicious actors may know about and can easily target users because the software maker has yet to patch the flaw. And if that sounds familiar, it’s because Google released another patch last week to fix another zero-day exploit.Also: Meet Hackbat: An open-source, more powerful Flipper Zero alternativeCVE-2024-4947 refers to “Type Confusion in V8” Javascript. The flaw, which was discovered by security researchers Vasily Berdnikov and Boris Larin at security company Kaspersky, could enable hackers to target individual users and cause their browsers to crash. It could also be used to execute code that could put their data at risk.For its part, Google shared a few precious details about the flaw, saying instead that “access to bug details and links may be kept restricted until a majority of users are updated with a fix.” The company added that it’s “aware that an exploit for CVE-2024-4947 exists in the wild,” but it stopped short of providing details. More
Kerry Wan/ZDNETGoogle’s Android 15 is launching later this year. But Google is already talking about some of the important security updates users can expect when it’s made available.The tech giant said on Wednesday that it’s planning a host of security updates for Android 15 and its Google Play marketplace that could ultimately improve user security. In a blog post, Dave Kleidermacher, vice president of engineering, Android security, and privacy, said his company is committed to ensuring “user safety is a top priority.” The updates unveiled in his blog post center mainly on “fraud and scam protection features” that will close some of the loopholes malicious actors use to target Android users.Also: 5 exciting Android features Google just announced at I/O 2024That said, the updates will be coming to Android 15, an operating system that Google is currently testing in beta and won’t be made available to its entire user base until later this year. So, while the updates will undoubtedly help some users, their effect won’t be felt until Android 15 launches sometime this fall. More
JuSun/Getty Images A hacker who calls himself Menelik has taken credit for not one but two recent data breaches against PC maker Dell. In the first attack as reported by TechCrunch, he claims to have accessed a Dell online portal through which he stole customer names, physical addresses, and order information. Staging a second attack […] More
Richard Sharrocks/Getty Images For years, some of the world’s biggest tech companies have been shielded from lawsuits by Section 230 of the Communications Decency Act. But newly proposed legislation could change that — and have major implications for tech companies themselves. House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) and Ranking Member Frank […] More
Pablo Trujillo Like the Flipper Zero but want something a little more powerful? Then this open-source penetration testing tool may be for you. But you will have to build it yourself. Or more accurately, you will have to get a company that prints circuit boards and adds the components to build one for you. That […] More
Is there a Bluetooth tracker surreptitiously monitoring your location? Your smartphone can now alert you. Maria Diaz/ZDNETIn May 2023, Google and Apple announced they were joining forces to unveil a new specification aimed at enhancing user privacy with Bluetooth-enabled tracking devices. This initiative is designed to prevent people from using these devices to track others without their consent, marking a significant step towards safeguarding personal privacy in the digital age.In a joint statement yesterday, both companies announced that an alerting mechanism is being rolled out to iOS and Android users.Also: The best AirTag accessories you can buyThis capability is rolling out in iOS 17.5 for iPhone users and to Android 6.0+ devices. This will alert users if someone else’s AirTag, Find My Device network-compatible tracker tag or other industry specification-compatible Bluetooth tracker is moving about with them. When a tracker that is not registered on their device is detected moving with them over time, the device displays an alert: “[Item] Found Moving With You.”The potential victim has several options to address the situation. They can view the tracker’s identifier, activate a sound on the tracker to help locate it and access detailed instructions on how to disable it. This set of features is designed to empower individuals to protect themselves effectively against unwanted tracking, enhancing personal security and peace of mind. More
Jack Wallen/ZDNETGoogle plans to modify the built-in Password Manager in Chrome for Android to ensure passwords can’t be accidentally deleted. If you use Google Password Manager, you could find yourself in an unwanted situation where all your saved passwords are deleted when clearing browser data.Also: The best VPN services (and how to choose the right one for you)Android Police reported that Redditor /u/harish9294 switched from a more traditional password manager solution and opted for Google Password Manager for an “integrated and unified experience.” Unfortunately, that switch caused the user to lose all their saved passwords after clearing Chrome’s cached data. More
