android webview | Breaking Cybersecurity News | The Hacker News

Security researchers have warned of a pair of vulnerabilities in the Google Play Store that could allow cyber crooks to install and launch malicious applications remotely on Android devices. Tod Beardsley, technical lead for the Metasploit Framework at Rapid7 warns that an X-Frame-Options (XFO) vulnerability – when combined with a recent Android WebView (Jelly Bean) flaw – creates a way for hackers to quietly install any arbitrary app from the Play store onto victims' device even without the users consent. USERS AFFECTED The vulnerability affects users running Android version 4.3 Jelly Bean and earlier versions of Android that no longer receive official security updates from Android security team for WebView , a core component used to render web pages on an Android device . Also, users who have installed third party browsers are affected. According to the researcher, the web browser in Android 4.3 and prior that are vulnerable to a Universal Cross-Site Scripting (

Owning a smartphone running Android 4.3 Jelly Bean or an earlier versions of Android operating system ?? Then you are at a great risk, and may be this will never end. Yes, you heard right. If you are also one of millions of users still running Android 4.3 Jelly Bean or earlier versions of the operating system, you will not get any security updates for WebView as Google has decided to end support for older versions of Android WebView – a default web browser on Android devices. WebView is the core component used to render web pages on an Android device, but it was replaced on Android 4.4 KitKat with a more recent Chromium-based version of WebView that is also used in the Chrome web browser. Just a day after Google publicized a bug in Windows 8.1 before Microsoft could do anything about it, Tod Beardsley, a security analyst from Rapid7 who oversees the Metasploit project, discovered a serious bug in the WebView component of Android 4.3 and earlier that possibly left m

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica