Weekly cyber news

Update your Twitter app on your Android device

Twitter urges users to update their app on Android devices after discovering a vulnerability that could lead to other malicious apps access private information. Most users would already be protected by an Android security update, however 4% of users remain vulnerable.
No evidence has been found so far showing that this vulnerability had been exploited. Twitter claims that the bug has affected those using Android versions eight and nine. Where? version 10 is available and version 11 is on the way. The entire article can be found on BBC.


Cyber risk framework created by CISA

Cybersecurity and Infrastructure Security Agency (CISA) is working with industry partners to stay ahead of the latest security threats. CISA is working with an Energy department national laboratory to create a new cyber-risk framework called the National Critical Functions Risk Architecture. This will not be the “perfect formula that predicts the future” of major cyber risks, but hoping the big-data platform will identify the “common pathways” of cyber attacks.
CISA say the framework will complement the National Institute of Standards and Technology (NIST) framework. However, CISA’s NCF Risk Architecture is more of a data platform rather than a set of principles and best practices. 


How to keep your phone from tracking you – NSA’s tips

Tracking is very useful when you need it. But what can you do when you would like your device to stop feeding on your location? National Security Agency has shared a three-page primer on how to limit your location data exposure.
First thing first, turn off Bluetooth and Wi-Fi whenever you are not using them, for extra caution turn on Airplane mode. Ensure you decline location-sharing permissions for apps when possible or at least limit their availability to check your location to only when they are opened. Wired has more information on additional actions you could take to limit location sharing.