Location tracking on smartphones is increasingly common, prompting users to take steps to protect their privacy. Both Android and iOS systems offer users the ability to manage app permissions for location access, allowing them to choose between precise, approximate, or no access. While some apps require detailed location data, many do not, underscoring the importance of reviewing app permissions. Android users can limit tracking by deleting their advertising ID through specific settings, while iOS users benefit from more restrictive default settings that prevent unauthorized access to a unique tracking identifier. Users are advised to regularly check and adjust their privacy settings accordingly.

Smartphone Users Urged to Tighten Location Privacy Settings Now Ars Technica

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has classified a high-severity vulnerability in Microsoft SharePoint, identified as CVE-2024-38094, as part of its Known Exploited Vulnerabilities catalog following indications of active exploitation. This deserialization vulnerability, which carries a CVSS score of 7.2, permits authenticated attackers with Site Owner permissions to inject arbitrary code into SharePoint Server. Microsoft has addressed this issue in its July 2024 Patch Tuesday updates. The concern is amplified by the existence of proof-of-concept exploits in the public domain, despite no confirmed real-world incidents. CISA requires Federal Civilian Executive Branch agencies to implement the security updates by November 12, 2024.

CISA Warns of Critical Microsoft SharePoint Vulnerability Amid Active Exploitation The Hacker News

Vanderbilt University Medical Center (VUMC) employees are encountering a rise in "vhishing," a sophisticated scam that uses AI-generated voice messages to mimic trusted individuals and deceive victims into revealing sensitive information or making financial transactions. This form of voice phishing employs advanced AI techniques, including deep learning algorithms, to create highly convincing impersonations, making it difficult for targets to discern the fraud. The consequences of falling for such scams can be severe, leading to significant financial loss and identity theft. To address these threats, VUMC is working on strategies to educate employees about the risks associated with AI voice scams.

Vanderbilt Medical Center Employees Targeted by Sophisticated AI Voice Scams Vanderbilt University Medical Center

David Finn, Executive Vice President of Governance, Risk, and Compliance at First Health Advisory, underscores the critical need for healthcare organizations to effectively manage cybersecurity risks, particularly as ransomware attacks rise. He emphasizes that assessing risks should involve input from multiple stakeholders, not just IT teams, to gain a comprehensive understanding of how cybersecurity impacts patient care and operations. Finn advocates for a robust incident response plan, regular security training for all staff, and basic cyber hygiene practices, while also promoting collaboration with public and private sectors to enhance threat intelligence sharing.

Strengthening Cyber Resilience: Finn Urges Healthcare to Combat Ransomware Threats Health IT Answers