Information Technology

Google says it blocked 1.2 million apps from being published to the Google Play store because the company detected policy violations in its app review processes, preventing “preventing billions of harmful installations” on Android devices.  Google’s Play Store reviews have often been seen as less strict than those in Apple’s App Store. However, Google is making bigger efforts to protect the privacy and security of people using the three billion active Android devices in use today and it has stopped 1.2 million policy violating apps from being distributed on the Play store through its app review process.  Google says it also banned 190,000 bad accounts in 2021 as part of its efforts to hinder malicious and spammer developers. It also closed 500,00 inactive or abandoned developer accounts. 

“Last year we introduced multiple privacy focused features, enhanced our protections against bad apps and developers, and improved SDK data safety. In addition, Google Play Protect continues to scan billions of installed apps each day across billions of devices to keep people safe from malware and unwanted software,” Google’s Android and Privacy teams said in a blogpost. SEE: Google: We’re spotting more zero-day bugs than ever. But hackers still have it too easyGoogle’s initiatives in 2021 aimed to strike a balance between end-user safety and convenience for the developers whose work drives the Play Store, which had about 3.5 million apps available for download. The volume of transactions on Apple’s and Google’s app stores is staggering. According to mobile ad analytics firm App Annie, consumers spent $170 billion on mobile apps in 2021, with roughly 65% share of revenues going to Apple’s App Store and 35% going to Google Play. Consumers downloaded 230 billion new apps in 2021, or about 435,000 apps per minute. But 98.3 billion of those downloads were by users in China where Google Play is not available, while US consumers accounted for 12 billion of the total.  In an effort to improve transparency for end users, Google introduced a data safety program last May that requires developers to give users details about the types of data collected by an app, the use of encryption, and how data is used. Google requires developers to fix any detected violations of policy. They risk further enforcement if they don’t comply with Google’s requested fixes. Developers have until July 20 to declare to Play store users information required in the data safety initiative.  Google also regularly removes malicious apps from the Play store after they’re discovered by third-party researchers, who still manage to find them on a reasonably regular basis. To help developers manage rejections during the review process, Google has added a Policy and Programs section to the Google Play console for developers. It also has a page to appeal decisions and track the status of a submission.   The benefits of these initiatives are greater for those who’ve upgraded to the latest versions of Android. “As a result of new platform protections and policies, developer collaboration and education, 98% of apps migrating to Android 11 or higher have reduced their access to sensitive APIs and user data,” Google claims. “We’ve also significantly reduced the unnecessary, dangerous, or disallowed use of Accessibility APIs in apps migrating to Android 12, while preserving the functionality of legitimate use cases.”SEE: The best Android phones: Better than the iPhone?Google also noted that it disallowed the collection of Advertising ID (AAID) and other device identifiers from all users in apps solely targeting children. These included identifiers such as the SIM Serial number, MAC address, SSID, IMEI, and IMSI. It also gave all users the ability to delete their Advertising ID entirely, regardless of the app. Google Pixel is a small share of the overall Android market, but these users gained a new Security hub, or a single page to manage all security settings. 

Smartphones More

Written by

Chris Duckett, APAC Editor

Chris Duckett
APAC Editor

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Full Bio

Image: Shutterstock
During 2021, the top 15 vulnerabilities that were exploited — as observed by the US Cybersecurity and Infrastructure Security Agency, US NSA, US FBI, the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, New Zealand National Cyber Security Centre, and the United Kingdom’s National Cyber Security Centre — led to remote code execution (RCE) across a range of products, and left IT administrators with a short window to keep their house in order. “For most of the top exploited vulnerabilities, researchers or other actors released proof of concept code within two weeks of the vulnerability’s disclosure, likely facilitating exploitation by a broader range of malicious actors,” the agencies said in an alert. Topping the list was the RCE hole in Java logging library Apache Log4j, also known as Log4Shell, that was disclosed in December. “The rapid widespread exploitation of this vulnerability demonstrates the ability of malicious actors to quickly weaponize known vulnerabilities and target organizations before they patch,” the alert said. This was followed by CVE-2021-40539, an RCE hole in Zoho ManageEngine, and seven vulnerabilities in Exchange that became known as ProxyShell and ProxyLogin. Next on the list was CVE-2021-26084 in Atlassian Confluence, which US Cybercom warned was facing mass exploitation in September. In this instance, the agencies said the exploit code was released a week after it was disclosed. The final vulnerability from 2021 on the list was CVE-2021-21972, which impacted VMware vSphere. Completing the list was a quartet of vulnerabilities that were highlighted in July, consisting of CVE-2020-1472 in Microsoft Netlogon which is also called Zerologon, CVE-2020-0688 in Exchange, CVE-2019-11510 from Pulse Secure Connect, and CVE-2018-13379 impacting Fortinet FortiOS and FortiProxy. A secondary list of another 15 CVEs was also issued, and included holes in Accellion FTA, and additional RCE bugs in VMware vCenter and the Windows print spooler. To mitigate these vulnerabilities, the agencies repeated advice on timely patching, having a centralised patch management system, and shifting to cloud or managed service providers if rapid scanning is not considered doable. The advice added that organisations should enforce multifactor authentication on all users without exception, with VPN logins in particular called out, as well as regularly reviewing privileged accounts at least yearly and adopting the least privilege principle. Companies should also move to allowlisting, properly segment networks to limit lateral movement, and constantly monitor attack surfaces. Related Coverage More

Written by

Aimee Chanthadavong, Senior Journalist

Aimee Chanthadavong
Senior Journalist

Since completing a degree in journalism, Aimee has had her fair share of covering various topics, including business, retail, manufacturing, and travel. She continues to expand her repertoire as a tech journalist with ZDNet.

Full Bio

Google has now expanded Google Search removal requests to include additional personally identifiable contact information, such as a person’s phone number, email address, or physical address.Up until now, people have been able to request the removal of other certain sensitive information from Search, such as doxxing content — which is when a person’s contact information is shared in a malicious way — or information like bank account or credit card numbers that could be used for financial fraud.Under the expanded policy, users can also request for the removal of additional information that may pose a risk for identity theft — such as confidential log-in credentials — when it appears in search results. “The availability of personal contact information online can be jarring — and it can be used in harmful ways, including for unwanted direct contact or even physical harm. And people have given us feedback that they would like the ability to remove this type of information from Search in some cases,” Google Search global policy lead Michelle Chang wrote in a post.Chang said when a Google Search removal request is submitted, Google evaluates all the content on the web page. Following the evaluation, Google may remove the provided URL from all search queries; remove the search results in which the query includes a person’s name or other provided identifiers, such as aliases; or in some circumstances deny the request. “We will evaluate all content on the web page to ensure that we’re not limiting the availability of other information that is broadly useful, for instance in news articles,” Chang said. “We’ll also evaluate if the content appears as part of the public record on the sites of government or official sources. In such cases, we won’t make removals.”Google warned, however, that removing content from Google Search does not remove it from the internet, and recommended that people contact the hosting site directly if that is what they want it removed entirely. This latest update follows on from Google rolling out a new policy last October to enable people under the age of 18, or their parents or guardian, to request the removal of their images from Google search results. RELATED COVERAGE More

Security is imperative for companies to deter trespassers and would-be thieves and to protect valuable equipment crucial for businesses to operate successfully.  A robust setup with cameras, sensors, and night vision can take the pressure off security teams and give business owners peace of mind out-of-hours. Luckily for organizations, the emergence of the Internet of Things (IoT) technology, mobile connectivity, apps, and cloud technologies has radically changed the security landscape and made it easier than ever to set up multi-room and on-premise systems. The possibilities are endless: cloud or local feed storage, customizable or automatic alerts and alarms, smartphones and tablet connectivity, wired or wireless, battery-powered or mains options, video capture, night vision, audio feeds of varying quality, and the ability to check-in, in real-time, are all on offer and can be tailored depending on the requirements of your business.  To make navigating the variety of hardware and vendor ecosystems available to today’s company owners less of a challenge, we have assembled our top ten picks for businesses. 

Ring Stick Up Cam Solar

Best home security camera

Ring

Once the case, heavy-duty, wired surveillance systems were the only options available to protect a business premise. Times have changed, and with the explosion in mobile solutions and the increased bandwidth offered by broadband and 4G/5G, there are mobile-friendly options for SMBs seeking a budget-conscious security option.  The benefit of the Ring camera range, including indoor, outdoor, stick-up, and floodlights, lies within its flexibility. Each camera can be connected to the same account and accessed via smartphone, alerting users to motion from all areas.  Of particular note are Stick Up Cams, which can be placed inside or outdoors and on flat surfaces or walls. Battery and wired options are available, as well as devices that come with a solar panel and backup battery pack. The Spotlight and Floodlight models, too, are of interest given their inbuilt security sirens.  As there are a variety of different cameras users can pick from, a mix-and-match set up to protect a premise is possible.ProsFlexible and quick setupsProfessional monitoring availableBolt-on ecosystem additions available, including outdoor camerasConsLong shipping timeMultiple camera costs are high

Google Nest Cam

Discreetly keep an eye out for intruders outside of hours

Nest

Google Nest cameras will be of interest to business owners already in the Nest ecosystem — including users of the Nest Thermostat, Nest CO2 alarms, as well as Nest X Yale Locks. The Nest Cam Indoor and Outdoor cameras are mobile options for on-premise security. They are best suited for budget-friendly users that need basic security measures in place. The cameras can record footage in 1080p HD, and when it comes to the outdoor version, this quality is maintained at night through infrared LEDs. You can pick up battery or wire-powered options. Both versions have inbuilt speakers and will alert users via their mobile devices if suspicious activity or visitors are detected by motion and noise sensors. Once the app has been installed, and an account has been set up, monitoring begins.  Subscriptions vary.ProsEasy setupMobile device monitoring and accessFlexible optionsConsExpensive for single cameras

Wyze Cam v3

Best budget security camera

Wyze

If you want to dip a toe into the world of IoT and intelligent home security devices, you may want to consider the Wyze Cam v3, one of the most affordable options on the market today.The Wyze Cam v3 is a $35 internet-connected camera offering 1080p recording, IP65 quality for indoor or outdoor use, a CMOS sensor designed to improve nighttime vision, a siren, and two-way communication.The camera can be part of a wider Wyze security ecosystem, including outdoor cameras, motion sensors, leak sensors, keypads, and entry monitors. ProsAdditional security products on offer to create a wider security networkSmall, compact designBudget-friendlyConsLimited cloud storage included unless subscribed

Arlo Pro 4

Wireless monitoring for the workplace

Arlo

Another option is the Arlo Pro 4. This slimline, business-ready option can be used either in or outdoors, being a weather-resistant model with a variety of mounting options that can detect both sound and motion. The Arlo Pro 4, available in black or white, can work as a day-to-day camera on the shop floor; a discreet camera placed outside to act as a night watchman, or as a part of a full network of cameras in a large workplace. A spotlight to improve low-light recording is included alongside object scanning and detection.Arlo’s camera is compatible with Amazon Alexa, Google Assistant, and Apple HomeKit. Users will receive real-time alerts whenever motion or sound is detected, and footage is captured in up to 2K HDR resolution. The vendor has also implemented Activity Zones which can be set to reduce unwanted or nuisance notifications.ProsSix months of battery lifeMagnetic mountsConsAn Arlo Secure subscription is required for premium features 

SimpliSafe security systems

Best for small homes and apartments

SimpliSafe

SimpliSafe is another worthy addition to our list and would suit users who need a flexible solution for smaller homes and apartments. SimpliSafe is a Wi-Fi-connected security solution backed by real-time monitoring in remote centers. While wired, in the case of a blackout, devices in the SimpliSafe range have backup batteries. The basic ‘Essentials’ package, starting at $219, includes a base station, keypad, three entry sensors, and one motion sensor. A free HD camera is also included in the bundle at the time of writing.Other packages and bolt-on options include panic buttons, freeze and water sensors, smoke detectors, and sirens. ProsNo drilling requiredStylish, discreet designConsExpensive 

What is the best home security camera?

The Ring Stick Up Cam Solar is the best home security camera, offering an exceptional product at an affordable price. We loved the easy setup, professional monitoring, and the entire range of Ring security products.

How did we choose these security cameras?

The requirements of home and business security cameras vary: the average consumer may lean toward an easy-to-install, budget-conscious product, whereas a company may be more inclined to invest in a more powerful alternative to protect valuable assets. In each case, we have considered as many aspects of a security system as possible, including recording capabilities, environmental use, and cost — both upfront and due to ongoing subscriptions.

Which is the right security camera for you?

When you are selecting your home security camera, you should consider the pain points at home or at your business location. What areas are the most important when it comes to monitoring? What assets do I need to protect? When might my home or premises be most vulnerable?If you’re working from home, for example, you might forgo constant video capture and a subscription, settling instead for clips and the ability to check-in while you’re away. However, if there is valuable stock in an office that is shut at night, you might pivot toward an option including night vision and constant video/audio feeds.Security cameraPricePower sourceVideoRing Stick Up Cam Solar$149Solar1080p HD, Live View, Night VisionGoogle Nest Cam$100Wired1080p HDWyze Cam v3$36Wired1080p HD, Live View, Color Night VisionArlo Pro 4$180Battery/Solar1080p, Color Night VisionSimpliSafe$270BatteryHD video with Night Vision

Is it necessary to subscribe to a monitoring service?

No, but technology services now — ranging from streaming to IoT — will not usually stop at hardware: revenue models are pivoting to subscriptions, too. If you want constant monitoring and footage to be stored beyond a specific period of time, you may need to sign up.

Will pets trigger alerts on a home security camera?

This was once a common problem with earlier forms of IoT and smart cameras, but vendors are constantly improving false-positive rates through improved object detection and the implementation of features such as ‘activity’ zones. 

Do I have to connect my camera to assistants like Amazon Alexa?

This bolt-on integration is usually added to make products more appealing and for the convenience for users, but you do not need to connect your home security system to anything else in your IoT ecosystem.

Are there alternative security cameras worth considering?

While our top picks have included a variety of functions and uses, the below are still worth consideration.

ZDNet Recommends More

Victims of ransomware attacks are paying higher ransoms than ever before, but there are signs that organisations are starting to take heed of cybersecurity advice, making them more resilient to cyber criminals. According to analysis by cybersecurity researchers at Sophos, the average ransom payment made by victims to choose to pay cyber criminals for a decryption key to restore their files and servers following a successful ransomware attack has increased to $812,260 – an almost five-fold increase compared with the 2020 average of $170,000. And the proportion of victims who pay ransoms of over $1 million has also risen substantially, up from 4% of ransom payments in 2020 to 11% in 2021 – meaning one in ten successful ransomware attacks is providing cyber criminals with a million dollar pay day. According to analysis by Sophos, just under half of ransomware victims pay the ransom, perceiving it to be the quickest way to restore the network – even though decryption keys provided by cyber criminals can’t be trusted and paying a ransom might just show that the victim is an easy target who could be extorted again. Ransomware attacks continue to be successful because cyber criminals can still exploit common cybersecurity vulnerabilities to enter networks and carry out campaigns. But while ransomware is still a major cybersecurity issue, there are signs that the situation could be about to get better.SEE: Cybersecurity: Let’s get tactical (ZDNet special report)”I’m a little optimistic for the first time in years about ransomware – I think we might be at the peak of our worst right now and I’m hoping we start to turn a corner,” Chester Wisniewski, principal research scientist at Sophos told ZDNet, citing how government bodies like the US Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have stepped in in “a meaningful way” to provide accessible and useful advice on how to improve cybersecurity. “The advice they’re giving and the things they’re doing are actually helping – I don’t think enough organisations are listening to them yet, but at least the resources are accessible, approachable and usable, so it’s a good start,” he said In addition to this, cyber insurance providers are demanding better security preparations from companies before issuing policies, while Wisniewski says the US sanctions against Russia following its invasion of Ukraine has had an impact on American businesses which do not want to pay ransoms to cyber criminals who are often working out of that region. “We’re seeing it being a really serious motivator for American companies and insurance companies to not pay ransoms,” said Wisniewski But while there are some encouraging signs, it’s unlikely ransomware is going away anytime soon.  The reason ransomware is so lucrative for cyber criminals is because there are victims who pay the ransoms. And if there are organisations out there who are vulnerable to cyber attacks and are still willing to pay six-figure ransom demands, there’s always going to be ransomware groups trying to exploit this. “I don’t think you’re ever going to deter the hardcore ransomware groups because there’s too much money to be made when they’re getting multi-million dollar hits,” said Wisniewski. “Crooks aren’t going to walk away from that, even if it’s a one in twenty chance – it’s still a million dollars,” he added.  MORE ON CYBERSECURITY More

Bronze President has potentially shifted from Asia to focus on Russia as the invasion of Ukraine continues. Also known as Mustang Panda, TA416, or RedDelta, the Chinese cyberespionage group has been active since at least 2018 and has traditionally focused on gathering intelligence from NGOs, research institutes, and internet service providers (ISPs).

Ukraine Crisis

Past countries and regions on the hit list include Europe, Mongolia, Russia, Vietnam, and South Africa. According to Secureworks Counter Threat Unit (CTU), the group is either “sponsored or at the very least tolerated by the Chinese government” and “appears to be changing its targeting in response to the political situation in Europe and the war in Ukraine.” Recent campaigns have primarily focused on Southeast Asia, with targets infiltrated for “political and economic” data theft and ongoing, long-term surveillance. However, CTU says that Bronze President has now pivoted to Russian speakers alongside European organizations. “This suggests that the threat actors have received updated tasking that reflects the changing intelligence collection requirements of the People’s Republic of China (PRC),” the researchers say. Government-sponsored — or, perhaps, tolerated — cyberattackers are tasked with activities that will benefit their government somehow. This often includes intelligence-gathering, spying, and activities that improve situational awareness, especially in times of conflict. These activities don’t only include ‘enemies’ or ‘hostile’ states — it also extends to who a country considers an ally or friend. CTU suggests that the recent Bronze President shift could indicate “an attempt by China to deploy advanced malware to computer systems of Russian officials.”

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Bronze President is suspected of targeting the Russian military. The team analyzed a malicious executable called “Blagoveshchensk – Blagoveshchensk Border Detachment.exe,” which was disguised with a .PDF icon and heavily obfuscated to hide a downloader for PlugX malware. (The city of Blagoveshchensk is close to the Chinese border and is home to part of the Russian military.)If executed, the file will display a decoy document (written in English, oddly), which describes the refugee situation and EU sanctions. In the background, a downloader grabs PlugX from a command-and-control (C2) server previously tied to campaigns in Europe. PlugX is a Remote Access Trojan (RAT) capable of file exfiltration, executing remote command shells, establishing a backdoor, and deploying additional malicious payloads. Bronze President has a wide range of tools, including Cobalt Strike, the China Chopper backdoor, RCSession, and ORat, at its disposal. In March, ESET said the group was taking advantage of the war to spread a new Korplug/PlugX RAT variant, dubbed Hodur, via Ukraine & Russia-themed phishing campaigns. In other cybersecurity news related to Russia and Ukraine, Aqua Security has been tracking the use of cloud repositories by those on both sides of the conflict. The researchers found that 40% of public repositories with descriptions or names linked to the invasion, including tools and guides, promoted denial-of-service (DoS) activities “aimed at disrupting the network traffic of online services.” See alsoHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Written by

Chris Duckett, APAC Editor

Chris Duckett
APAC Editor

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Full Bio

Chinese drone maker DJI dropped a quick note on Tuesday to state it was suspending operations in Russia and Ukraine. “DJI is internally reassessing compliance requirements in various jurisdictions,” the note said. “Pending the current review, DJI will temporarily suspend all business activities in Russia and Ukraine. We are engaging with customers, partners and other stakeholders regarding the temporary suspension of business operations in the affected territories.” A week earlier, the company said it deplored any harm caused by the use of its products, particularly militarily. DJI said it produces products for consumers, and is “unequivocally opposed” to attempts that mount munition on its drones and has refused customisations for military use. “DJI believes strongly in these principles. Our distributors, resellers, and other business partners have committed to following it when they sell and use our products,” it said. “They agree not to sell DJI products to customers who clearly plan to use them for military purposes, or help modify our products for military use, and they understand we will terminate our business relationship with them if they cannot adhere to this commitment.” In March, Ukrainian Vice Prime Minister and Minister of Digital Transformation Mykhailo Fedorov accused Russia of using DJI drones to kill children, and called on DJI to block products being used in Ukraine that were not brought there, and to block drones purchased and activated in Russia, Syria, and Lebanon. Related Coverage More

Google has commenced the roll out of its new data safety section for Android users on the Play Store. The new section will require app developers to inform users on how they collect data, who has access to that data, and what data is collected.Further information available to users will include whether the developer has qualified their security practices against a global security standard, whether the app has committed to follow Google Play’s Families Policy, and more granular details relating to an app’s security practices such as whether users can ask for data to be deleted. Google will also require developers revise their data safety section when updating the functionality or data handling practices of their apps.  “We heard from users and app developers that displaying the data an app collects, without additional context, is not enough. Users want to know for what purpose their data is being collected and whether the developer is sharing user data with third parties,” the company said in a blog post.”In addition, users want to understand how app developers are securing user data after an app is downloaded. That’s why we designed the data safety section to allow developers to clearly mark what data is being collected and for what purpose it’s being used. Users can also see whether the app needs this data to function or if this data collection is optional.”Although the roll out of the new section has already commenced, developers have until the July 20 to fill out the section. Moreover, Google encouraged users to access the Android privacy dashboard to manage app permission for the use of location data, microphone, camera options, and to also review data access by apps.The new requirements come a month after Google removed an app with over 100,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users and, additionally, after Google was reportedly fined €2 million by the Paris Commercial Court for acting abusively to developers with apps on the Play Store.Related Coverage More