Latest news with #AdvancedDataProtection
Forbes
2 days ago
- Business
- Forbes
Google's Surprising Update—Make Your Pixel More Like iPhone
Pixel is suddenly more like iPhone Google is narrowing the security and privacy gap between Android and iPhone, with Pixel the unbeatable front-runner when it comes those new features. Now users are reporting the best update yet — it's a single click but it completely changes your phone. We're talking Android 16's game-changing Advanced Data Protection, which locks down Android in an iPhone-like manner preventing any apps being installed from outside Play Store, still Android's biggest security and privacy vulnerability. This wasn't expected in beta, and so will surprise users seeing this new setting now. The new mode also stops users connecting to dangerous networks, enforces safe browsing and enables the new scam and fraud defenses that Google is rolling out. Per Android Authority, Google is now 'letting Android 16 testers try Advanced Protection mode for maximum phone security,' helping users who enable the new setting 'secure your phone from outside threats, even yourself, in one click.' Google says this new mode provides its 'strongest protections against targeted attacks,' advising that it's for 'users who need heightened security.' But in my view it's much more widely applicable and adds sensible precautions for everyday users, especially those with less expertise who would welcome the reassurance. In short, it turns a Pixel and eventually other Androids into something more akin to an iPhone. New security mode is now available. Android is also moving ahead of iPhone with it's new Intrusion Detection feature, which in an 'industry-first,' Google says, 'securely backs up device logs in a privacy-preserving and tamper-resistant way, accessible only to the user. These logs enable a forensic analysis if a device compromise is ever suspected.' You cannot tweak Google's new security mode, it's either on or off. It's disabled by default, but I'd recommend you enable it when it's available to you. Either in beta now or in the stable Android 16 release which is expected from next month. As Android Authority says, 'it's like a security blanket that aims to make sure your device is safe from known threats, like no sideloading, USB data access, and more.' Google says there will be more to come: 'We are committed to continuously expanding the security and privacy capabilities within Advanced Protection, so users can benefit from the best of Android's powerful security features.' That includes an API enabling third-party apps to shore up their own security when this is enabled.
The Star
07-05-2025
- Business
- The Star
US lawmakers criticise UK backdoor order to Apple, warn of cybercriminal risks
An Apple logo is seen at the entrance of an Apple Store in downtown Brussels, Belgium March 10, 2016. REUTERS/Yves Herman BRUSSELS (Reuters) -U.S. House Judiciary Chair Jim Jordan and Foreign Affairs Chair Brian Mast warned Britain on Wednesday that its order to Apple to create a backdoor to its encrypted user data could be exploited by cybercriminals and authoritarian regimes. Apple, which has said it would never build a so-called back door into its encrypted services or devices, has challenged the order at the UK's Investigatory Powers Tribunal (IPT). The iPhone maker withdrew its Advanced Data Protection feature for UK users in February following the UK order. Users of Apple's iPhones, Macs and other devices can enable the feature to ensure that only they — and not even Apple — can unlock data stored on its cloud. "Creating a backdoor into end-to-end encrypted systems, as the TCN does, introduces systemic vulnerabilities that can be exploited by malicious actors, including cybercriminals and authoritarian regimes," Jordan and Mast wrote in a joint letter to Britain's Home Secretary Yvette Cooper. TCN (Technical Capability Notice) refers to the UK order. "These vulnerabilities would not only affect UK users but also American citizens and others worldwide, given the global nature of Apple's services," they said. They urged Cooper to allow Apple to disclose the existence of the order to the U.S. Department of Justice so it can evaluate whether it complies with the U.S.-UK agreement made under the CLOUD Act which prohibits orders requiring companies to decrypt data. Under UK laws, American companies would commit a criminal offence if they disclose or confirm such an order, even to their home government. "We urge the Home Office to reconsider the issuance of TCNs that require the weakening of encryption, as such measures conflict with international human rights standards, including the European Court of Human Rights' ruling that undermining encryption violates privacy rights," the lawmakers said. Britain's Home Office has said a warrant would be needed for any individual's data to be accessed. (Reporting by Foo Yun Chee; Editing by Richard Chang)
Yahoo
07-05-2025
- Business
- Yahoo
US lawmakers criticise UK backdoor order to Apple, warn of cybercriminal risks
Yahoo is using AI to generate takeaways from this article. This means the info may not always match what's in the article. Reporting mistakes helps us improve the experience. Yahoo is using AI to generate takeaways from this article. This means the info may not always match what's in the article. Reporting mistakes helps us improve the experience. Yahoo is using AI to generate takeaways from this article. This means the info may not always match what's in the article. Reporting mistakes helps us improve the experience. Generate Key Takeaways By Foo Yun Chee BRUSSELS (Reuters) -U.S. House Judiciary Chair Jim Jordan and Foreign Affairs Chair Brian Mast warned Britain on Wednesday that its order to Apple to create a backdoor to its encrypted user data could be exploited by cybercriminals and authoritarian regimes. Apple, which has said it would never build a so-called back door into its encrypted services or devices, has challenged the order at the UK's Investigatory Powers Tribunal (IPT). The iPhone maker withdrew its Advanced Data Protection feature for UK users in February following the UK order. Users of Apple's iPhones, Macs and other devices can enable the feature to ensure that only they — and not even Apple — can unlock data stored on its cloud. "Creating a backdoor into end-to-end encrypted systems, as the TCN does, introduces systemic vulnerabilities that can be exploited by malicious actors, including cybercriminals and authoritarian regimes," Jordan and Mast wrote in a joint letter to Britain's Home Secretary Yvette Cooper. TCN (Technical Capability Notice) refers to the UK order. "These vulnerabilities would not only affect UK users but also American citizens and others worldwide, given the global nature of Apple's services," they said. They urged Cooper to allow Apple to disclose the existence of the order to the U.S. Department of Justice so it can evaluate whether it complies with the U.S.-UK agreement made under the CLOUD Act which prohibits orders requiring companies to decrypt data. Under UK laws, American companies would commit a criminal offence if they disclose or confirm such an order, even to their home government. "We urge the Home Office to reconsider the issuance of TCNs that require the weakening of encryption, as such measures conflict with international human rights standards, including the European Court of Human Rights' ruling that undermining encryption violates privacy rights," the lawmakers said. Britain's Home Office has said a warrant would be needed for any individual's data to be accessed. (Reporting by Foo Yun Chee; Editing by Richard Chang)
Associated Press
29-04-2025
- Business
- Associated Press
GhangorCloud Announces Partnership with Array Networks to Defend Enterprises Against Malicious Insider/Outsider Attacks
Application Delivery Networking Leader Teams with GhangorCloud to Strengthen Security Readiness SAN JOSE, CA, UNITED STATES, April 29, 2025 / / -- GhangorCloud, a leading provider of intelligent information security and data privacy compliance enforcement solutions, today announced it has established an OEM partnership with Array Networks to bundle its 4th generation Advanced Data Protection platform with Array's security offerings. Through the partnership, Array Networks gains access to powerful cybersecurity capabilities, including automated data classification and policy enforcement, identity and role-based access control, real-time monitoring and incident response, and compliance and regulatory support. GhangorCloud is a leading innovator that has rapidly gained adoption as users seek to counter advanced cyberthreats. The company experienced significant business momentum in 2024 with a 45% compound annual growth rate (CAGR) year-over-year and has expanded its global footprint, attracting customers across North America, the Middle East, and the Asia-Pacific regions. Most notably, GhangorCloud has secured new marquee clients, including Fortune 500 companies, underscoring its position as a trusted provider of advanced cyber security solutions. To celebrate the company's market success, GhangorCloud will re-brand as GC Cybersecurity in Q2. GhangorCloud's 4th Generation Advanced Data Protection solution, delivered through its Information Security Enforcer (ISE) platform, introduces a next-generation architecture for protecting sensitive data across applications in hybrid and cloud environments. Leveraging patented AI-driven data classification and policy automation, the system identifies and classifies sensitive information in real-time and without manual intervention. It then enforces context-aware access controls based on user identity, role, and intent. The Advanced Data Protection solution monitors data flows at granular levels, enabling dynamic enforcement of security policies and preventing unauthorized transmissions or exfiltration events. 'We're committed to delivering best-in-class performance and security for modern enterprise infrastructures,' said Array Networks' CEO, Joe Hwang. 'By deploying GhangorCloud's 4th Generation Advanced Data Protection technology at our customers' sites, we are elevating our capabilities to a much more robust standard. GhangorCloud's powerful suite of capabilities provide the precision and automation necessary to protect against critical threats, so this partnership not only strengthens our cybersecurity posture but also empowers our customers to meet complex data compliance and privacy mandates with confidence.' 'This marks a milestone in expanding the reach and impact of our award-winning Advanced Data Protection technology,' said Tarique Mustafa, Founder, CEO and CTO of GhangorCloud, Inc. By aligning with a proven leader in application delivery networking, we're not only enhancing enterprise security outcomes but accelerating the growth of our global partner ecosystem. The collaboration exemplifies our strategy to work with world-class technology providers to deliver integrated, high-performance security solutions at scale, propelling our business momentum and enabling broader adoption across industries and geographies.' Visit GhangorCloud (AKA: GC Cybersecurity) at the 2025 RSA Conference in San Francisco, from April 28th – May 1st in booth #5181. Tweet this: GhangorCloud Announces OEM Partnership with Array Networks to Defend Enterprises Against Malicious Insider and Outsider Attacks #Informationsecurity #Dataprivacycompliance #Compliance #ArtificialIntelligence #AI #eDiscovery #Dataclassification About GhangorCloud Headquartered in Silicon Valley, GhangorCloud (now GC Cybersecurity) is a leading provider of intelligent information security and data privacy compliance enforcement solutions. GhangorCloud's Information Security and Consumer Compliance solutions protect data based on its contextual and conceptual significance, using a powerful policy engine and security algorithms to identify, classify, and protect large volumes of information in real-time with unprecedented accuracy. The company is founded by Silicon Valley security veterans Tarique Mustafa and Bhanu Panda, and is backed by a team, board and advisors that include leading authorities from companies like Symantec, McAfee, Trend Micro, Cisco, Juniper, Alteon and Array Networks. For more information, see Joe Austin email us here Public Relations Visit us on social media: LinkedIn YouTube X Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Forbes
28-04-2025
- Forbes
Google's Gmail Upgrade—Why You Need To Change Your App
Take this new warning seriously NurPhoto via Getty Images Update: Republished on April 28 with new report into AI fueled email attacks. As an interesting week for Google comes to an end, with Gmail under attack from hackers and Chrome under attack from legislators, a new warning has been issued for its 3 billion users. This was entirely predictable — and you need to take it seriously. As I've said before, the flurry of excited headlines that followed Google's announcement that it was bringing end-to-end encryption to Gmail were premature. Putting aside the fact this isn't really end-to-end encryption, because a user's organization controls the security and not their own client or 'end,' there are other serious concerns. End-to-end encryption doesn't work in email. By its nature, it's an open architecture. That's why it's one of the few data types excluded from Apple's end-to-end encrypted enclave under its Advanced Data Protection. Platforms such as Proton provide a walled garden to address this and password protect emails sent outside. Google can end-to-end encrypt emails within an organization or when it's Gmail to Gmail as it controls both ends, albeit that's still not strictly end-to-end encryption per the point above. But when the recipient 'is not a Gmail user, Gmail sends them an invitation to view the E2EE email in a restricted version of Gmail. The recipient can then use a guest Google Workspace account to securely view and reply to the email.' Wired correctly warns that 'the fear is that scammers will take advantage of this new and more secure communication mechanism by creating fake copies of these invitations that contain malicious links, and prompt targets to enter their login credentials for their email, single sign-on services, or other accounts.' The other issue is that end-to-end encrypting emails breaks other Gmail features. Its new AI-powered relevancy search, for example, can't operate on encrypted emails, so they will be missing from any results. As Google confirmed to me, its cloud AI processing rightly can't see fully encrypted user content. All these problems stem from the same cause. Email needs a rethink. It's an archaic platform reliant on a past-due architecture. It's similar to SMS, an open standard that worked for decades but then ran out of steam. Users now demand less spam and scams, better authentication as to who's contacting them, and secured content in messaging. Google says it will add a warning with its new encrypted emails, telling users 'be careful when signing in to view this encrypted message. This message is from an external sender and is encrypted. Make sure you trust the sender and their identity provider before entering your username and password.' But as MalwareBytes suggested to Wired, 'it's almost as if someone at Google knew this was a bad idea and asked for a warning to be added. It's quite likely fraudsters will jump on the opportunity to craft phishing emails using this exact same template, even including the original warning that will be overlooked.' And the acceleration of AI-fueled phishing attacks makes this more dangerous and likely to scale more quickly as well. This is the same reason you're seeing warnings that email attacks can even seem to come from Google itself. And similarly, a new warning has hit Zoom users with a device take-over attack that seems to come from Zoom. Polymorphic phishing, a form of AI mass customization to tweak individual emails at scale to evade detection is accelerating fast. 'Polymorphic phishing emails have become highly sophisticated,' Security Week warns, 'creating more personalized and evasive messages that result in higher attack success rates. Of all phishing emails we analyzed, 82% contained some form of AI usage, a 53% year-over-year increase.' Remember, the exploitation of Gmail's new encryption per the various warning now being issued relies on phishing emails being sent out, dressed up as Google's encrypted email notifications with a link. All of which is now ridiculously simply with AI. As the team warns, 'AI scans publicly available data on the victim's role, interests, and communication style to send a personalized and convincing message.' All of which means the lure around the encrypted email link can be fully personalized. If you're in a new job or a new home, the secure document might pretend to link to that. The enterprise email market is flying, 'with more businesses and individuals relying on email as a primary means of communication, the demand for advanced email solutions has skyrocketed,' per a new industry report. But that growth is driven by the easy of deployment of cloud platforms — including Gmail — and its openness. Encrypting email content within an organization does make sense, as does the occasional restricted email sent between email platforms. But the idea that fully encrypted email becomes mainstream will not work with today's platforms. And so, if you want fully encrypted comms, just use a different app.
