Google Archives - Page 11 of 12 - Cyber Security Minute

Google Patches 81 Android Vulnerabilities With September 2017 Updates

Issued by: Security Week

A total of 81 security vulnerabilities have been addressed in this month’s set of security patches for the Android platform. 13 of the flaws were rated Critical severity. The security bulletin has two security patch levels, each focused on addressing vulnerabilities in specific components. The 2017-09-01 security patch level fixes a total of 30 vulnerabilities, 10 of…

Malware & Threats

Google wants iOS Gmail users to think twice about following suspicious links

Issued by: Help Net Security

Google has announced the rollout of new anti-phishing checks for the iOS Gmail app: in less than two weeks, all users will be confronted with two warnings if they attempt to follow a suspicious link from within the app. The first one is a pop-up, warning generally about untrusted nature of the site they are…

Application Security

Google Inviting 2-Step Verification SMS Users to Google Prompt

Issued by: Security Week

Google this week will start inviting 2-Step Verification (2-SV) SMS users to try Google Prompt, its year-old method of approving sign-in requests on smartphones. Launched in June 2016, Google prompt allows users to approve sign-in requests via 2-SV by simply tapping “Yes” on a prompt. Available for both Android and iOS users, Google prompt received…

Mobile Security

Google Patches Critical Vulnerabilities in Android

Issued by: Security Week

Google on Wednesday announced that a total of 138 vulnerabilities were addressed in the Android platform with the release of this month’s set of security patches. The July 2017 Android Security Bulletin was split in two partial security patch level strings: the 2017-07-01 security patch level that addresses issues in the platform itself, and the 2017-07-05 security patch…

Vulnerabilities

Google’s whack-a-mole with Android adware continues

Issued by: Help Net Security

Why can’t Google put a stop to adware on their official Android app marketplace? The analysis by Trend Micro researchers of a Trojan Android ad library dubbed Xavier tells the story. The Xavier ad library is third stage of evolution of the AdDown family, which was initially able to install apps behind the user’s back,…

Network Security

New class of attacks affects all Android versions

Issued by: Help Net Security

Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include advanced clickjacking, unconstrained keystroke recording, stealthy phishing, the silent installation of a God-mode app (with all permissions enabled), and silent phone unlocking + arbitrary actions (while keeping the screen off),” the researchers, from Georgia…

Malware & Threats

Russian hackers use OAuth, fake Google apps to phish users

Issued by: CIO Security

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens too. It’s sneaky hack that’s particularly worrisome, because it can circumvent Google’s 2-step verification, according to security firm Trend Micro. The group, known as…

Network Security, Software Security

Google Expands Safe Browsing Protection on macOS

Issued by: Security Week

Google announced this week that it will expand Safe Browsing on macOS in an effort to protect Chrome users against unwanted ad injections and unauthorized settings changes. “Safe Browsing is broadening its protection of macOS devices, enabling safer browsing experiences by improving defenses against unwanted software and malware targeting macOS,” Google’s Kylie McRoberts and Ryan…

Vulnerabilities

Google Discloses Unpatched Windows GDI Vulnerability

Issued by: Security Week

An unpatched vulnerability affecting the Windows Graphics Device Interface (Windows GDI) was publicly disclosed last week after Microsoft failed to address it within 90 days after being notified. The issue was disclosed by Mateusz Jurczyk, an engineer with Google’s Project Zero team, who initially discovered it along with other bugs in the user-mode Windows GDI…

Malware & Threats

Google Paid Out $9 Million in Bug Bounties Since 2010

Issued by: Security Week

Google has awarded researchers more than $9 million since the launch of its bug bounty program in 2010, including over $3 million paid out last year. According to the company, more than 1,000 payments were made last year to roughly 350 researchers from 59 countries. The biggest single reward was $100,000 and over $130,000 were…