Critical Security Update (2024 April 4)
Critical Security Update
Two Android Device Vulnerabilities & Conflict Between Microsoft/Google
Risk 1: Low
Issue: A new vulnerability for Android devices, known as Vultur, mimics and fakes being a version of McAfee Security. The app allowed remote device control and specifically targets banking apps.
Resolution: Android users should be on guard against any app that appears to be McAfee and double-check the legitimacy if they have a version of a McAfee app installed.
Risk 2: Medium
Issue: Google Pixel, Google’s popular smartphone, has announced two vulnerabilities that allow users to access phone data without physical access to the device.
Resolution: Google has announced a fix for the vulnerability so any Pixel user should apply the recent device update immediately.
This also serves as a reminder to minimize the data we store on mobile devices.
Risk 3: Low
Issue: With recent security enhancements at Google, Microsoft is claiming that mail from their servers has an increased flag rating to get sent to Spam folders in Gmail. The claim has been confirmed.
Resolution: This is not a great announcement in early April. If you are waiting on e-mails from clients, please check your Spam folder as these recent settings may be flagging incorrectly.
Announced Data Breaches
Multiple Governmental Dept of India
OWASP
MarineMax
PandaBuy
AT&T (confirmed)
SurveyLama
Omni Hotels
Jackson County, Missouri
US Department of State