Information Technology

Is there a Bluetooth tracker surreptitiously monitoring your location? Your smartphone can now alert you. Maria Diaz/ZDNETIn May 2023, Google and Apple announced they were joining forces to unveil a new specification aimed at enhancing user privacy with Bluetooth-enabled tracking devices. This initiative is designed to prevent people from using these devices to track others without their consent, marking a significant step towards safeguarding personal privacy in the digital age.In a joint statement yesterday, both companies announced that an alerting mechanism is being rolled out to iOS and Android users.Also: The best AirTag accessories you can buyThis capability is rolling out in iOS 17.5 for iPhone users and to Android 6.0+ devices. This will alert users if someone else’s AirTag, Find My Device network-compatible tracker tag or other industry specification-compatible Bluetooth tracker is moving about with them. When a tracker that is not registered on their device is detected moving with them over time, the device displays an alert: “[Item] Found Moving With You.”The potential victim has several options to address the situation. They can view the tracker’s identifier, activate a sound on the tracker to help locate it and access detailed instructions on how to disable it. This set of features is designed to empower individuals to protect themselves effectively against unwanted tracking, enhancing personal security and peace of mind. More

Jack Wallen/ZDNETGoogle plans to modify the built-in Password Manager in Chrome for Android to ensure passwords can’t be accidentally deleted. If you use Google Password Manager, you could find yourself in an unwanted situation where all your saved passwords are deleted when clearing browser data.Also: The best VPN services (and how to choose the right one for you)Android Police reported that Redditor /u/harish9294 switched from a more traditional password manager solution and opted for Google Password Manager for an “integrated and unified experience.” Unfortunately, that switch caused the user to lose all their saved passwords after clearing Chrome’s cached data. More

Jack Wallen/ZDNETGoogle has released a critical security update for the Chrome web browser. The zero-day flaw, CVE-2024-4671, is a “use-after-free” vulnerability in Chrome’s Visuals component.You might be asking, “what is Chrome’s Visuals component?” In short, it’s the part responsible for rendering and displaying content in the browser. Everyone uses a browser to open content, so everyone’s vulnerable.Specifically, the vulnerability enables an attacker to exploit out-of-bounds memory access. In English, that means if you go to a website with a malicious webpage, it can foul up your computer. It doesn’t matter if your machine’s running Linux, macOS, or Windows. This security hole is an equal-opportunity troublemaker.Also: 5 ways to declutter your Chrome browser – and take back control of your tab lifeDiscovered by an anonymous researcher and reported directly to Google, CVE-2024-4671 has a Common Vulnerability Scoring System (CVSS) rating of 8.8, which means it’s a serious vulnerability.It could be worse — ratings above 9.0 are critical, aka Fix It Right Now — but this is bad enough. An attacker can use this flaw to read data from your computer, cause crashes, and even take over a PC. In short, it’s bad news.What really makes this one a stinker is that it’s being exploited now. The advisory notes that Google is aware that an exploit for CVE-2024-4671 exists in the wild. More

KrulUA/Getty Images With widening attack surfaces and technology infrastructures that are no longer necessarily physical, Singapore says its cybersecurity legislation must keep up with the changing threat landscape and be adequately administered to keep its critical infrastructures resilient. The Cybersecurity (Amendment) Bill was passed on Tuesday following two readings in parliament to address “shifts in […] More

picture alliance/Getty Images Reddit has introduced a new public content policy that lays out a framework for how partners and third parties can access user-posted content on its site. This policy will apply alongside the site’s existing privacy policy, which covers how Reddit handles private user data, and its current content policy, which covers what […] More

JuSun/Getty Images Security researchers have revealed a method for rendering any virtual private network (VPN) useless. And they suspect that their exploit may have been in the wild for years — and malicious actors may already know about it. Researchers at the Leviathan Security Group have uncovered a method for exposing a user’s traffic when […] More

Boris SV/Getty Images As more companies use generative artificial intelligence (AI) in their workflows, how they oversee training data is becoming increasingly important.  On Tuesday, data security provider BigID announced new capabilities geared towards Microsoft Copilot that tailor training data, strengthen AI security, and streamline compliance efforts. The features help organizations “scan for, classify, label, curate, […] More

Maria Diaz/ZDNETZDNET’s key takeawaysThe Blink Mini 2 More