Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ … [Read more...] about Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices
Google Researcher Reported 3 Flaws in Apache Web Server Software
If your web-server runs on Apache, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.Apache recently fixed multiple vulnerabilities in its web server software that could have potentially led to the execution of arbitrary code and, in specific scenarios, even could allow attackers to … [Read more...] about Google Researcher Reported 3 Flaws in Apache Web Server Software
A Google Drive ‘Feature’ Could Let Attackers Trick You Into Installing Malware
An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images, enabling bad actors to perform spear-phishing attacks comparatively with a high success rate.The latest security issue—of which Google is aware but, unfortunately, left unpatched—resides in the "manage versions" … [Read more...] about A Google Drive ‘Feature’ Could Let Attackers Trick You Into Installing Malware
Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards
Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google … [Read more...] about Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards
PhantomLance Android backdoor on Google Play
Last July, our colleagues at Doctor Web detected a Trojan backdoor on Google Play. Such discoveries are not exactly an everyday occurrence, but they’re hardly unheard of — researchers do find Trojans on Google Play, sometimes hundreds at a time. This Trojan, however, was surprisingly sophisticated for malware found on Google Play, so our experts decided to dig deeper. They … [Read more...] about PhantomLance Android backdoor on Google Play
Update Google Chrome Browser to Patch New Critical Security Flaws
Google has released an urgent software update for its Chrome web browser and is urging Windows, Mac, and Linux users to upgrade the application to the latest available version immediately.Started rolling out to users worldwide this Wednesday, the Chrome 77.0.3865.90 version contains security patches for 1 critical and 3 high-risk security vulnerabilities, the most severe of … [Read more...] about Update Google Chrome Browser to Patch New Critical Security Flaws
Google Uncovers How Just Visiting Some Sites Were Secretly Hacking iPhones For Years
Beware Apple users!Your iPhone can be hacked just by visiting an innocent-looking website, confirms a terrifying report Google researchers released earlier today.The story goes back to a widespread iPhone hacking campaign that cybersecurity researchers from Google's Project Zero discovered earlier this year in the wild, involving at least five unique iPhone exploit chains … [Read more...] about Google Uncovers How Just Visiting Some Sites Were Secretly Hacking iPhones For Years
Google Will Now Pay Anyone Who Reports Apps Abusing Users’ Data
In the wake of data abuse scandals and several instances of malware app being discovered on the Play Store, Google today expanded its bug bounty program to beef up the security of Android apps and Chrome extensions distributed through its platform.The expansion in Google's vulnerability reward program majorly includes two main announcements.First, a new program, dubbed … [Read more...] about Google Will Now Pay Anyone Who Reports Apps Abusing Users’ Data
CamScanner is a malicious Android app with more than 100 million downloads in Google Play
Kaspersky researchers recently found malware in an app called CamScanner, a phone-based PDF creator that includes OCR (optical character recognition) and has more than 100 million downloads in Google Play. Various resources call the app by slightly different names such as CamScanner — Phone PDF Creator and CamScanner-Scanner to scan PDFs. Official app stores such as Google … [Read more...] about CamScanner is a malicious Android app with more than 100 million downloads in Google Play
Google Proposes ‘Privacy Sandbox’ to Develop Privacy-Focused Ads
Google today announced a new initiative—called Privacy Sandbox—in an attempt to develop a set of open standards that fundamentally enhances privacy on the web while continuing to support a free, open and democratic Internet through digital advertisements.A lot of websites on the Internet today, including The Hacker News, rely on online advertisements as their primary source of … [Read more...] about Google Proposes ‘Privacy Sandbox’ to Develop Privacy-Focused Ads