Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud - Related to are, ai, android, microsoft, patch

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw.

Hikvision – short for Hangzhou Hikvision Digital Technology – is a Chinese state-owned manufacturer of video surveillance equipment. Their end-individuals span over 100 countries (including the United States, despite the FCC labeling Hikvision “an unacceptable risk to [website] national security” in 2019).

Last Fall, a command injection flaw in Hikvision cameras was revealed to the world as CVE-2021-36260. The exploit was given a “critical” [website] out of 10 rating by NIST.

Despite the severity of the vulnerability, and nearly a year into this story, over 80,000 affected devices remain unpatched. In the time since, the researchers have discovered “multiple instances of hackers looking to collaborate on exploiting Hikvision cameras using the command injection vulnerability,” specifically in Russian dark web forums, where leaked credentials have been put up for sale.

The extent of the damage done already is unclear. The authors of the research could only speculate that “Chinese threat groups such as MISSION2025/APT41, APT10 and its affiliates, as well as unknown Russian threat actor groups could potentially exploit vulnerabilities in these devices to fulfill their motives (which may include specific geo-political considerations).”.

With stories like this, it’s easy to ascribe laziness to individuals and organizations that leave their software unpatched. But the story isn’t always so simple.

, senior director of threat intelligence at Cybrary, Hikvision cameras have been vulnerable for many reasons, and for a while. “Their product contains easy to exploit systemic vulnerabilities or worse, uses default credentials. There is no good way to perform forensics or verify that an attacker has been excised. Furthermore, we have not observed any change in Hikvision’s posture to signal an increase in security within their development cycle.”.

A lot of the problem is endemic to the industry, not just Hikvision. “IoT devices like cameras aren’t always as easy or straightforward to secure as an app on your phone,” Paul Bischoff, privacy advocate with Comparitech, wrote in a statement via email. “Updates are not automatic; customers need to manually download and install them, and many customers might never get the message. Furthermore, IoT devices might not give customers any indication that they’re unsecured or out of date. Whereas your phone will alert you when an upgrade is available and likely install it automatically the next time you reboot, IoT devices do not offer such conveniences.”.

While individuals are none the wiser, cybercriminals can scan for their vulnerable devices with search engines like Shodan or Censys. The problem can certainly be compounded with laziness, as Bischoff noted, “by the fact that Hikvision cameras come with one of a few predetermined passwords out of the box, and many individuals don’t change these default passwords.”.

Between weak security, insufficient visibility and oversight, it’s unclear when or if these tens of thousands of cameras will ever be secured.

The Toronto Zoo, the largest zoo in Canada, has provided more information about the data stolen during a ransomware attack in January 2024.

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Hap......

We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-......

Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud

Google has revealed the rollout of artificial intelligence (AI)-powered scam detection capabilities to secure Android device customers and their personal information.

"These capabilities specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations," Google noted. "And more phone calling scammers are using spoofing techniques to hide their real numbers and pretend to be trusted companies."

The business expressed it has partnered with financial institutions to improved understand the nature of scams end-clients are encountering, thereby allowing it to devise AI models that can flag suspicious patterns and deliver real-time warnings over the course of a conversation without sacrificing user privacy.

These models run completely on-device, alerting people in the event of a likely scam. people then have an option to either dismiss or analysis and block the sender. The setting is enabled by default and applies only to conversations with phone numbers that are not in the device's contact list.

The tech giant also emphasized that consumers' conversations remain private and that if they choose to investigation a chat as spam, then the sender details and recent messages with that sender are shared with Google and carriers.

The feature is launching in English first in the [website], the [website], and Canada, with broader expansion planned for a later date.

Furthermore, a similar scam detection for phone calls is being expanded to all English-speaking Pixel 9+ consumers in the [website] The feature was first introduced in November 2024.

It's worth pointing out that while this feature is off by default to give individuals control, the call audio is processed ephemerally and is never used during phone calls with contacts.

"If enabled, Scam Detection will beep at the start and during the call to notify participants the feature is on," Google mentioned. "You can turn off Scam Detection at any time, during an individual call or for all future calls."

The development comes weeks after Google revealed that more than 1 billion Chrome clients are using the Enhanced Protection mode of Safe Browsing in the web browser.

"If you turn on Enhanced Protection, much of the additional protection you receive comes from advanced AI and machine learning models designed to spot dangerous URLs engaging in known phishing, social engineering, and scam techniques," the organization stated.

"Safe Browsing's Enhanced Protection models can identify URLs designed to look similar to trusted domains. It also uses advanced AI and machine learning techniques to protect you from dangerous downloads."

Passwords are rarely appreciated until a security breach occurs; suffice to say, the importance of a strong password becomes clear only when faced wit......

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero......

A new campaign is targeting companies in Taiwan with malware known as Winos [website] as part of phishing emails masquerading as the country's National Taxa......

Microsoft Patch Tuesday, February 2025 Edition

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited.

All supported Windows operating systems will receive an upgrade this month for a buffer overflow vulnerability that carries the catchy name CVE-2025-21418. This patch should be a priority for enterprises, as Microsoft says it is being exploited, has low attack complexity, and no requirements for user interaction.

Tenable senior staff research engineer Satnam Narang noted that since 2022, there have been nine elevation of privilege vulnerabilities in this same Windows component — three each year — including one in 2024 that was exploited in the wild as a zero day (CVE-2024-38193).

“CVE-2024-38193 was exploited by the North Korean APT group known as Lazarus Group to implant a new version of the FudModule rootkit in order to maintain persistence and stealth on compromised systems,” Narang noted. “At this time, it is unclear if CVE-2025-21418 was also exploited by Lazarus Group.”.

The other zero-day, CVE-2025-21391, is an elevation of privilege vulnerability in Windows Storage that could be used to delete files on a targeted system. Microsoft’s advisory on this bug references something called “CWE-59: Improper Link Resolution Before File Access,” says no user interaction is required, and that the attack complexity is low.

Adam Barnett, lead software engineer at Rapid7, showcased although the advisory provides scant detail, and even offers some vague reassurance that ‘an attacker would only be able to delete targeted files on a system,’ it would be a mistake to assume that the impact of deleting arbitrary files would be limited to data loss or denial of service.

“As long ago as 2022, ZDI researchers set out how a motivated attacker could parlay arbitrary file deletion into full SYSTEM access using techniques which also involve creative misuse of symbolic links,”Barnett wrote.

One vulnerability patched today that was publicly disclosed earlier is CVE-2025-21377, another weakness that could allow an attacker to elevate their privileges on a vulnerable Windows system. Specifically, this is yet another Windows flaw that can be used to steal NTLMv2 hashes — essentially allowing an attacker to authenticate as the targeted user without having to log in.

, minimal user interaction with a malicious file is needed to exploit CVE-2025-21377, including selecting, inspecting or “performing an action other than opening or executing the file.”.

“This trademark linguistic ducking and weaving may be Microsoft’s way of saying ‘if we told you any more, we’d give the game away,'” Barnett expressed. “Accordingly, Microsoft assesses exploitation as more likely.”.

The SANS Internet Storm Center has a handy list of all the Microsoft patches released today, indexed by severity. Windows enterprise administrators would do well to keep an eye on [website], which often has the scoop on any patches causing problems.

[website] writes that existing Office 365 individuals who are paying an annual cloud license do have the option of “Microsoft 365 Classic,” an AI-free subscription at a lower price, but that many clients are not offered the option until they attempt to cancel their existing Office subscription.

In other security patch news, Apple has shipped iOS [website], which fixes a zero day vulnerability (CVE-2025-24200) that is showing up in attacks.

Adobe has issued security updates that fix a total of 45 vulnerabilities across InDesign, Commerce, Substance 3D Stager, InCopy, Illustrator, Substance 3D Designer and Photoshop Elements.

Chris Goettl at Ivanti notes that Google Chrome is shipping an revision today which will trigger updates for Chromium based browsers including Microsoft Edge, so be on the lookout for Chrome and Edge updates as we proceed through the week.

We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-......

The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a mil......

Look at any article with advice about best practices for cybersecurity, and about third or fourth on that list, you’ll find something about applying p......