Categories
India News Tech Lite Technology

CERT-In finds multiple vulnerabilities in Android

The affected software includes Android versions 12, 12L, 13, and 14….reports Asian Lite News

The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Friday warned users of multiple vulnerabilities in Android which could allow an attacker to obtain sensitive information, gain elevated privileges and cause denial-of-service (DoS) conditions on the targeted system.

The affected software includes Android versions 12, 12L, 13, and 14.

“Multiple vulnerabilities have been reported in Android which could be exploited by an attacker to obtain sensitive information, gain elevated privileges and cause a denial of service condition on the targeted system,” said the CERT-In advisory.

According to the cyber agency, these vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel, Arm components, MediaTek components, Imagination Technologies and Qualcomm closed-source components.

CERT-In advised users to apply appropriate updates when made available by the respective OEMs (original equipment manufacturers).

Last week, CERT-In warned about a vulnerability in Checkpoint Network Security gateway products, which could allow hackers to compromise users’ data.

According to its advisory by the national cyber-security agency, attackers can use the vulnerability to access certain information on “internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades.”

Warning over bug in Checkpoint gateway products

CERT-In has warned about a vulnerability in Checkpoint Network Security gateway products, which could allow hackers to compromise users’ data.

According to its advisory by the national cyber-security agency, attackers can use the vulnerability to access certain information on “internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades”.

This, in certain scenarios, could potentially lead the attacker to move laterally and gain domain admin privileges, warned the agency.

The vulnerability exists in Checkpoint Network Security gateway products due to the unrecommended password-only authentication method.

“The vulnerability (CVE-2024-24919) is being exploited in the wild,” said CERT-In, urging users to apply fixes issued by the company.

Checkpoint has discovered the vulnerability and issued the fix.

“Following our security update, Check Point’s dedicated task force continues investigating attempts to gain unauthorised access to VPN products used by our customers,” said the company in its security update.

“Exploiting this vulnerability can result in accessing sensitive information on the Security Gateway,” it added.

CERT-In, which comes under the Ministry of Electronics & Information Technology, last week warned users of vulnerabilities in Google Chrome and Siemens products, which could allow an attacker to execute arbitrary code on the targeted system.

ALSO READ: David Cameron falls victim to hoax video call

Categories
Social Media Tech Lite Technology

WhatsApp working on passkey support for Android beta

The platform also rolled out a ‘link with phone number’ feature on Android beta, which allows users to link their account to WhatsApp Web by using their phone number…reports Asian Lite News

Meta-owned messaging platform WhatsApp is reportedly working on a new passkey feature for account verification on Android beta.

The passkey feature will provide users with an easy way to sign in safely, reports WABetaInfo.

A passkey is a short sequence of numbers or letters that is used to verify users’ identity. It also serves as a kind of security code that makes sure that only authorised devices can be verified.

“Since the passkey will use your fingerprint, face, or screen lock to verify your identity, this definitely enhances security, adding an extra layer of protection beyond traditional methods like PINs,” the report said.

The passkey feature is currently under development and is expected to be available in a future update of the app.

On Sunday, it was reported that the messaging platform had started to roll out an admin review feature for group chats on Android beta.

The feature allows everyone in the group chat to report messages shared in the conversation to the group admins. With this feature, the group admins can gain assistance in monitoring the group even when they are not there.

Last month, the company had released new safety tools for when users receive messages from unknown phone numbers, on Android beta.

The platform also rolled out a ‘link with phone number’ feature on Android beta, which allows users to link their account to WhatsApp Web by using their phone number.

In June, the Meta-owned platform had launched a feature which allows users to send high-quality videos, on Android beta.

While this feature preserves video dimensions, minor compression will still be applied to the video, thus sending videos in their original quality is not possible.

ALSO READ-Samsung may integrate ChatGPT into Internet Browser app

Categories
Media Social Media Tech Lite

Telegram rolls out story feature on its platform

Telegram has raised $210 million from several investors via bond sales. The investors include its founder and CEO Pavel Durov…reports Asian Lite News

Encrypted messaging platform Telegram on Friday announced the roll-out of a new Story feature on its platform.

The new feature will allow premium users of the app to post stories that can be seen by the audience of their choice, including non-premium users.

The Story feature is now available in the latest version of Telegram for Android, iOS, and Desktop. The new feature will appear at the top of the screen, right above the global chat search, which will allow users to share photos, videos, and text that disappear after 6, 12, 24 or 48 hours, or can be set to remain permanently on the user’s profile.

Users can separately choose people who can see the story. Telegram’s Stories will also support dual camera functionality, enabling users to capture photos and videos simultaneously with both the front and rear cameras.

Moreover, premium users can add more features to their stories, such as animated stickers, polls, and quizzes, allowing premium users to create more engaging and interactive stories.

Meanwhile, Telegram has raised $210 million from several investors via bond sales. The investors include its founder and CEO Pavel Durov.

John Hyman, Telegram Chief Investment Adviser, told TechCrunch that the platform raised the capital by issuing bonds worth $270 million because “interest rates have gone up significantly since 2021, the bonds have a different issue price”.

ALSO READ-Threads set to cross 100 mn users as Twitter traffic dips

Categories
Social Media Tech Lite

WhatsApp rolling out ‘link with phone number’ feature on Android

The official changelog of the application mentioned that an updated sticker tray with improved navigation is now available on the platform…reports Asian Lite News

Meta-owned messaging platform WhatsApp is widely rolling out a tweaked interface that features translucent bars, on iOS.

With the new interface, the platform is providing users a translucent tab bar and navigation bar, reports WABetaInfo.

Users can open any section of the application to check if the translucent effect is available to their account. However, users might need to restart the app once after downloading the new update.

“If you don’t have this feature, note that some accounts may receive it over the coming weeks, as indicated in the official changelog,” the report said.

Meanwhile, last week, the messaging platform was widely rolling out a redesigned sticker and GIF picker on iOS.

The official changelog of the application mentioned that an updated sticker tray with improved navigation is now available on the platform.

This updated feature lets users scroll the picker upwards, allowing them to easily access a larger grid of items.

ALSO READ-Apps with 1.5 mn installs found sending data to China

Categories
Tech Lite

New Android malware discovered that steals passwords

On Google Play, both legitimate versions of these apps have over a million downloads…reports Asian Lite News

A new Android malware known as ‘FluHorse’ has been discovered, which targets users in Eastern Asia with malicious apps that look like legitimate versions with over 1,00,000 installs.

According to Check Point Research, these malicious apps are designed to extract sensitive information, including user credentials and Two-Factor Authentication (2FA) codes.

FluHorse malware targets multiple sectors in Eastern Asia and is typically distributed via email.

In some cases, high-profile entities such as government officials were targeted at the initial stages of the phishing email attack.

One of the most concerning aspects of FluHorse is its ability to go undetected for long periods of time, making it a persistent and dangerous threat that is difficult to detect.

According to the report, FluHorse attacks start with targeted and malicious emails sent to high-profile individuals, urging them to take immediate action to resolve an alleged payment issue.

Usually, the target is directed to a phishing website through a hyperlink included in the email. Once there, they are prompted to download the phoney APK (Android package file) of the fake application.

The FluHorse carrier apps mimic ‘ETC,’ a Taiwanese toll collection app, and ‘VPBank Neo,’ a Vietnamese banking app.

On Google Play, both legitimate versions of these apps have over a million downloads.

Moreover, the report said that upon installation, all three fake apps request SMS access in order to intercept incoming 2FA codes in case they are required to hijack the accounts.

The fake apps mimic the original user interfaces but lack functionality beyond two to three windows that load forms that capture the victim’s information.

Following the capture of the victims’ account credentials and credit card information, the apps display a “system is busy” message for 10 minutes to make the process appear realistic while the operators act in the background to intercept 2FA codes and leverage the stolen data.

ALSO READ-WhatsApp rolling out ‘side-by-side’ feature on Android tablets

Categories
Business

Android 14 may change phone’s share menu

Esper’s Mishaal Rahman spotted that the tech giant developed an experimental, hidden copy of the share sheet that resides within Android 13…reports Asian Lite News

Google’s upcoming system software update, Android 14, will reportedly change Android devices’ share sheet.

The company has long been working on enhancing the share sheet, but since it can only be updated with a new Android version, progress is slow, reports Android Police.

Esper’s Mishaal Rahman spotted that the tech giant developed an experimental, hidden copy of the share sheet that resides within Android 13.

It was identical to the existing share sheet in terms of appearance and functionality, however, unlike it, it was a mainline module.

As a result, it could be updated using Play Services, such as the Bluetooth stack or networking components, because it is separate from Android itself, the report said.

Last month, it was reported that the tech giant was working on a new feature for Android 14 that would allow Android devices to stay connected to the internet even after they get very old.

It would allow devices to update their root certificates, or digital certificates that belong to the issuing authority, on the fly, as root certificates on Android devices can currently only be updated via system updates.

ALSO READ: Chinese tracking device found in UK govt car

Categories
Business Tech Lite Technology

Android powers 3B devices globally

Sameer Samat, VP of product management at Android and Google Play, revealed this during the Google I/O Developer Conference 2021….reports Asian Lite News

There are more than three billion active Android devices in the world now, according to Google.

Sameer Samat, VP of product management at Android and Google Play, revealed this during the Google I/O Developer Conference 2021.

Google added over 500 million active Android devices since I/O event in 2019 and one billion devices since 2017.

However, according to media reports, there may be mock more active devices if taken the Chinese Android-based devices into account.

Apple revealed earlier this year that there are now more than 1 billion active iPhones, and 1.65 billion Apple devices in active use overall.

In January 2019, Apple said that it had reached 900 million active iPhone users.

At the I/O conference 2021, Google also unveiled a brand new look for its mobile operating system — Android 12 — features bigger buttons, a large clock on the homescreen that changes in size depending on how many notifications appear.

According to Samat, Android 12 includes the biggest design change in Android’s history.

“We rethought the entire experience, from the colours to the shapes, light and motion. The result is that Android 12 is more expressive, dynamic and personal than ever before,” Samat said during the conference.

ALSO READ: HCL to hire 1,000 techies in UK