Google Fixes Critical Android Vulnerabilities
Google this week released its July 2018 set of Android patches to address tens of vulnerabilities in the mobile operating system, including several rated as Critical. The Internet giant addressed 11 vulnerabilities as part of the 2018-07-01 security patch level, including three rated Critical and 8 High risk bugs. The issues impact framework, media framework,…
Thousands of Organizations Expose Sensitive Data via Google Groups
Google has issued a warning to G Suite users after researchers discovered that thousands of organizations expose sensitive information through misconfigured Google Groups instances. The Google Groups service allows users to create mailing lists, host internal discussions, and process support tickets. These types of communications can include highly sensitive information, which is why it’s important…
What will voice-assistant ads “look” like?
Anyone who doesn’t use, or at least hasn’t heard of, voice assistants belongs to a very exclusive club. For many, it’s easier to ask Google, Alexa, or Siri a question rather than typing in a search query. However, as with any futuristic technology, care is called for when it comes to voice helpers. We’ve already posted…
Google to Delete ‘Secure’ Label from HTTPS Sites
Google plans to remove the “secure” label from HTTPS websites starting in September 2018, a move intended to acknowledge HTTPS as the standard for browser security. Users should expect all the sites they visit to be secured with HTTPS, the company reported last week. Earlier this year, Google announced plans to mark all HTTP sites as “not…
Google Researcher Finds Critical Flaws in uTorrent Apps
Google researcher Tavis Ormandy discovered several critical vulnerabilities in the classic and web-based versions of BitTorrent’s uTorrent application. Patches have been released, but it appears that not all flaws have been fixed properly. Ormandy found that the uTorrent Classic and the uTorrent Web apps create an HTTP RPC server on ports 10000 and 19575, respectively….
Google Researcher Finds Critical Flaw in Keeper Password Manager
Google Project Zero researcher Tavis Ormandy recently discovered that the Keeper password manager had been affected by a critical flaw similar to one he identified just over one year ago in the same application. Ormandy found the security hole after noticing that Keeper is now installed by default in Windows 10. He remembered a vulnerability…
Google offers Advanced Protection for high-risk users of its services
High-risk Google users – journalists, human rights and civil society activists, but also campaign staffers and people in abusive relationships – can now take advantage of Google’s Advanced Protection Program to keep their account safe from extremely targeted attacks. What is Advanced Protection? “Advanced Protection provides Google’s strongest security, designed for those who are at…
FBI asks people for digital evidence of Las Vegas shooting
An article about the horrific shooting in Las Vegas was the first thing I saw after getting on the computer this morning. Using Google to search for “Las Vegas shooting” showed an SOS alert at the top of the search results; Google launched SOS alerts in July to help people in a crisis. And this…
Chrome will tag FTP sites as “Not secure”
Google Chrome 63, expected to be released sometime around December, will label resources delivered over the FTP protocol as “Not secure”, a member of the Chrome security team has shared. This change is part of Google’s continuous effort to “accurately communicate the transport security status of a given page.” “We didn’t include FTP in our…
Phishers targeting LinkedIn users via hijacked accounts
A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts that have been hijacked by the phishers, thus increasing the likelihood that recipients will trust the message and click on the link. The messages/emails say that the sender has…