BuzzSec

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC). The attacks commence with phishing emails containing a Windows shortcut (LNK) file that's disguised as a Microsoft Office or PDF document. from The Hacker News https://thehackernews.com/2025/02/north-korean-apt-kimsuky-uses-lnk-files.html

Most people know that robots no longer sound like tinny trash cans. They sound like Siri , Alexa , and Gemini . They sound like the voices in labyrinthine customer support phone trees. And even those robot voices are being made obsolete by new AI-generated voices that can mimic every vocal nuance and tic of human speech, down to specific regional accents. And with just a few seconds of audio, AI can now clone someone’s specific voice . This technology will replace humans in many areas. Automated customer support will save money by cutting staffing at call centers . AI agents will make calls on our behalf, conversing with others in natural language . All of that is happening, and will be commonplace soon. But there is something fundamentally different about talking with a bot as opposed to a person. A person can be a friend. An AI cannot be a friend, despite how people might treat it or react to it. AI is at best a tool, and at worst a means of manipulation. Humans need to know w...

You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: "Pay $2 million in Bitcoin within 48 hours or lose everything." And the worst part is that even after paying, there’s no guarantee you’ll get your data back. Many victims hand over the money, only to receive nothing in return, or worse, get from The Hacker News https://thehackernews.com/2025/02/top-3-ransomware-threats-active-in-2025.html

Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below - CVE-2025-20124 (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote from The Hacker News https://thehackernews.com/2025/02/cisco-patches-critical-ise.html

In the first timeline of November 2024 I collected 128 events with a threat landscape dominated by malware... from HACKMAGEDDON https://www.hackmageddon.com/2025/02/06/1-15-november-2024-cyber-attacks-timeline/

As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws. Staying informed on these trends can help MSPs and IT teams from The Hacker News https://thehackernews.com/2025/02/navigating-future-key-it-vulnerability.html

A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs researcher Jyotika Singh said in an analysis. "It allows attackers to control infected systems from The Hacker News https://thehackernews.com/2025/02/asyncrat-campaign-uses-python-payloads.html

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-45195 (CVSS score: 7.5/9.8) - A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized from The Hacker News https://thehackernews.com/2025/02/cisa-adds-four-actively-exploited.html

Recently, I started working with my children's school to enhance their online safety measures and develop a digital mindfulness course in collaboration with their digital literacy lead. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/from-firewalls-to-digital-well-being-a-whole-school-approach-to-online-safety

Nearly half (46%) of businesses observed an increase in deepfakes and generative AI-related fraud last year, a new report from AuthenticID has found. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/protect-yourself-navigating-the-increase-in-deepfakes-and-phishing-scams

A security vulnerability has been disclosed in AMD's Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity. "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local from The Hacker News https://thehackernews.com/2025/02/amd-sev-snp-vulnerability-allows.html

Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. Successful exploitation of the flaw could lead from The Hacker News https://thehackernews.com/2025/02/google-patches-47-android-security.html

Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user's credentials and stage follow-on attacks. This could manifest in the form of post-exploitation actions that allow the attacker to send requests to the SharePoint API on behalf from The Hacker News https://thehackernews.com/2025/02/microsoft-sharepoint-connector-flaw.html

Check out the January updates in Compliance Plus so you can stay on top of featured compliance training content. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-cmp-content-updates-january-2025

This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky tricks online, simple steps are making a big difference.  Let’s take a from The Hacker News https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity.html

Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. "Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials," Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. The from The Hacker News https://thehackernews.com/2025/02/coyote-malware-expands-reach-now.html

Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker’s perspective has never been more important. In this from The Hacker News https://thehackernews.com/2025/02/what-is-attack-surface-management.html

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer. "Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a from The Hacker News https://thehackernews.com/2025/02/crazy-evil-gang-targets-crypto-with.html

Interesting . Blog moderation policy. from Schneier on Security https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-on-squid-brains-2.html

ESC4 Detection This week, Metasploit’s jheysel-r7 updated the existing ldap_esc_vulnerable_cert_finder module to include detecting template objects that can be written to by the authenticated user. This means the module can now identify instances of ESC4 from the perspective of the account that the Metasploit operator provided the credentials for. Metasploit has been capable of exploiting ESC4 for some time, but required users to know which certificate templates they had write access to. This closes an important gap in Metasploit’s AD CS coverage and should help users identify additional attack vectors. See the Metasploit AD CS documentaiton for steps on how ESC4 can be exploited using Metasploit. New module content (1) Craft CMS Twig Template Injection RCE via FTP Templates Path Authors: AssetNote, Valentin Lobstein, and jheysel-r7 Type: Exploit Pull request: #19772 contributed by jheysel-r7 Path: linux/http/craftcms_ftp_template AttackerKB reference: CVE-2024-56145 Desc...

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party. One of several current Fudtools sites run by the principals of The Manipulators. On January 29, the FBI and the Dutch national police seized the technical infrastructure for a cybercrime service marketed under the brands Heartsender , Fudpage and Fudtools (and many other “fud” variations). The “fud” bit stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances. The Dutch authorities said 39 servers and domains abroad wer...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA from The Hacker News https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html

Check out the 25 new pieces of training content added in January, alongside the always fresh content update highlights, new features and events.  from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-content-updates-january-2025

Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with from The Hacker News https://thehackernews.com/2025/01/google-bans-158000-malicious-android.html

Image: Shutterstock, ArtHead. In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit — a sprawling network tied to Chinese organized crime gangs and aptly named “ Funnull ” — highlights a persistent whac-a-mole problem facing cloud services. In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages. Funnull made headlines last summer after it acquired the domain name polyfill[.]io , previously the home of a widely-used open source code library that allowed older browsers to handle advanced functions that weren’t nativel...

Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations. "Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities," Google Threat from The Hacker News https://thehackernews.com/2025/01/google-over-57-nation-state-threat.html

Answered by Chris Brenton of Active Countermeasures | Questions compiled from the infosec community by Shelby Perry This article was originally published in the “On the Hunt” issue of our […] The post Questions From a Beginner Threat Hunter appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/questions-from-a-beginner-threat-hunter/

I’ve never actually seen the 2000 romantic drama Pay It Forward , but the movie’s core idea has stayed with me since I first heard of it: The best way to repay a favor or good deed is to do one for someone else. You ‘pay it forward,’ and ask that person to do likewise, creating an expanding web of positivity and goodwill. Cliche as it may sound, it’s served me well over my career. I’ve had many roles over the past 20 years, starting as a junior engineer  and progressing into management. My own mentors and coaches shaped my experiences along the way, contributing to that growth. In return, I try to do the same for others. Mentorship vs. coaching I want to briefly look at ‘mentorship’ versus ‘coaching,’ as they are often conflated. There is certainly overlap, but the approach and impetus differs. Mentorship involves dedicated guidance and support over time. The mentee drives the relationship, the ultimate goal, and the current focus. The mentor maps a path to the goal, and of...

Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in a from The Hacker News https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html

There are thousands of fake Reddit and WeTransfer webpages that are pushing malware. They exploit people who are using search engines to search sites like Reddit. Unsuspecting victims clicking on the link are taken to a fake WeTransfer site that mimicks the interface of the popular file-sharing service. The ‘Download’ button leads to the Lumma Stealer payload hosted on “weighcobbweo[.]top.” Boingboing post . from Schneier on Security https://www.schneier.com/blog/archives/2025/01/fake-reddit-and-wetransfer-sites-are-pushing-malware.html

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data. The ClickHouse database "allows full control over database operations, including the ability to access internal data," Wiz security researcher Gal from The Hacker News https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks. The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor from The Hacker News https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html

The North Korean threat actor known as the Lazarus Group has been observed leveraging a "web-based administrative platform" to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns. "Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API," SecurityScorecard's from The Hacker News https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html

The Department of Justice is investigating a lobbying firm representing ExxonMobil for hacking the phones of climate activists: The hacking was allegedly commissioned by a Washington, D.C., lobbying firm, according to a lawyer representing the U.S. government . The firm, in turn, was allegedly working on behalf of one of the world’s largest oil and gas companies, based in Texas, that wanted to discredit groups and individuals involved in climate litigation, according to the lawyer for the U.S. government. In court documents, the Justice Department does not name either company. As part of its probe, the U.S. is trying to extradite an Israeli private investigator named Amit Forlit from the United Kingdom for allegedly orchestrating the hacking campaign. A lawyer for Forlit claimed in a court filing that the hacking operation her client is accused of leading “is alleged to have been commissioned by DCI Group, a lobbying firm representing ExxonMobil, one of the world’s largest fossil ...

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the from The Hacker News https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html

from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-15-04-heads-up-bad-actors-abuse-google-translate-to-craft-phishing-attacks

from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-15-04

Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation strategies with AI has emerged as a critical solution. This blog explores how an AI SOC Analyst transforms alert management, addressing key SOC challenges while enabling faster investigations and responses. Security from The Hacker News https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html

Jen Easterly is out as the Director of CISA. Read her final interview : There’s a lot of unfinished business. We have made an impact through our ransomware vulnerability warning pilot and our pre-ransomware notification initiative, and I’m really proud of that, because we work on preventing somebody from having their worst day. But ransomware is still a problem. We have been laser-focused on PRC cyber actors. That will continue to be a huge problem. I’m really proud of where we are, but there’s much, much more work to be done. There are things that I think we can continue driving, that the next administration, I hope, will look at, because, frankly, cybersecurity is a national security issue. If Project 2025 is a guide, the agency will be gutted under Trump: “Project 2025’s recommendations—essentially because this one thing caused anger—is to just strip the agency of all of its support altogether,” he said. “And CISA’s functions go so far beyond its role in the information space...

AI is advancing at lightning speed, but it’s also raising some big questions—especially when it comes to security. The latest AI making headlines is DeepSeek, a Chinese startup that’s shaking up the game with its cost-efficient, high-performing models. But it’s also raising red flags for cybersecurity pros. DeepSeek overnight became a top contender, mostly driven by curiosity. It’s being praised for its efficiency, with models like DeepSeek-V3 and DeepSeek-R1 performing at a fraction of the cost and energy usage compared to competitors, being trained on Nvidia's lower-power H800 chips . from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/eye-opener-is-deepseek-the-next-threat-in-social-engineering

While passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing password length over complexity. Hashing, however, remains a non-negotiable. Even long secure passphrases should be hashed to prevent them from The Hacker News https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html

This webcast was originally aired on January 16, 2025. In this video, Kelli K. Tarala and CJ Cox discuss the challenges and strategies for improving governance, risk, and compliance (GRC) […] The post GRC for Security Managers: From Checklists to Influence appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/grc-for-security-managers-wrapup/

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials. "Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper," GMO Flatt Security researcher Ry0taK, who discovered the flaws from The Hacker News https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html

The ransomware landscape in 2024 continued to evolve at a rapid pace, outgrowing many of the trends we saw in 2023. Threat actors remained relentless and innovative, targeting organizations of all sizes and sectors. In this post, we’ll examine the latest data points, discuss notable groups, and estimate the potential impact on victims — helping security teams plan their defenses for the months ahead. 2024 by the Numbers Mid last year, Rapid7 Labs released our Ransomware Radar Report highlighting key stats for the first half of 2024. Here is how 2024 played out as a whole: Total number of leak site posts: 5,939 Number of active ransomware groups: 75 Average number of active groups per month: 45 Average ransom payment in Q3 2024: $479,237 (Source: Coveware ) Median ransom payment in Q3 2024: $200,000 (Source: Coveware ) Median percentage of companies that pay: 32% (Source: Coveware ) These numbers offer insight into just how expansive ransomware activity has become. While th...

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we'll equip you with sharp insights to from The Hacker News https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_27.html

A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what’s known in the business as a “magic packet.” On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Network’s Junos OS has been doing just that. J-Magic, the tracking name for the backdoor, goes one step further to prevent unauthorized access. After receiving a magic packet hidden in the normal flow of TCP traffic, it relays a challenge to the device that sent it. The challenge comes in the form of a string of text that’s encrypted using the public portion of an RSA key. The initiating party must then respond with the corresponding plaintext...

The Open Web Application Security Project has recently introduced a new Top 10 project - the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists.  Non-human identity security represents an emerging from The Hacker News https://thehackernews.com/2025/01/do-we-really-need-owasp-nhi-top-10.html

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon. from The Hacker News https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html

Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC. "MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a JScript file," from The Hacker News https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html

A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server.  The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it a from The Hacker News https://thehackernews.com/2025/01/metas-llama-framework-flaw-exposes-ai.html

A Travers’ beaked whale ( Mesoplodon traversii ) washed ashore in New Zealand, and scientists conlcuded that “the prevalence of squid remains [in its stomachs] suggests that these deep-sea cephalopods form a significant part of the whale’s diet, similar to other beaked whale species.” Blog moderation policy. from Schneier on Security https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-beaked-whales-feed-on-squid.html

A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network. The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, from The Hacker News https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html

A new survey by cybersecurity vendor Netwrix found that 84% of healthcare organizations spotted a cyberattack in the past twelve months, with phishing attacks accounting for 63% of these incidents. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/84-of-healthcare-organizations-sustained-cyberattacks-last-year

The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this from The Hacker News https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html

The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People's Republic of Korea (DPRK) in violation of international sanctions. The action targets Jin Sung-Il (진성일), Pak from The Hacker News https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html

Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations. "When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you're outside of trusted locations," Google said in a post announcing the from The Hacker News https://thehackernews.com/2025/01/androids-new-identity-check-feature.html