May 03, 2023Ravie LakshmananPrivacy / Technology Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags. "The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible … [Read more...] about Apple and Google Join Forces to Stop Unauthorized Tracking Alert System
A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
May 02, 2023Ravie LakshmananMalvertising / Cyber Threat In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been observed leveraging the technique to deliver a new Windows-based financial trojan and information stealer called LOBSHOT. "LOBSHOT continues to collect victims while staying under the radar," Elastic Security … [Read more...] about A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
Apr 25, 2023Ravie LakshmananPassword Security / Authentication Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) to the cloud. "This change means users are better protected from lockout and that services … [Read more...] about Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
Update Google Chrome (and other Chromium-based browsers)
Another day – another browser vulnerability discovered! Indeed, the number of dangerous security holes has doubled within a week! Only recently we highlighted the urgent need to update iOS and macOS due to a major bug in Apple WebKit (the engine inside Safari and other browsers in iOS). And now, due to a similar threat in terms of exploitability, you need to update other … [Read more...] about Update Google Chrome (and other Chromium-based browsers)
Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability
Apr 15, 2023Ravie LakshmananZero-Day / Browser Security Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript … [Read more...] about Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability
Zero-click remote hacks for Samsung, Google, and Vivo smartphones
Smartphones, tablets, and even cars with Samsung Exynos microprocessors are at risk of remote hacking. Bug hunters at Google Project Zero say you just need the victim’s phone number. This is due to the presence of 18 vulnerabilities in the Exynos baseband radio processor, which is widely used in Google, Vivo, Samsung, and many other smartphones. Four of them are critical and … [Read more...] about Zero-click remote hacks for Samsung, Google, and Vivo smartphones
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
Mar 11, 2023Ravie LakshmananCyber Threat Intelligence The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. According to cybersecurity company eSentire, malicious ads are used to spoof a wide range of legitimate apps and services such as Adobe, OpenAPI's ChatGPT, Spotify, Tableau, and … [Read more...] about BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors
Feb 24, 2023Ravie LakshmananMobile Security / Firmware Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor (AP), it's just one of the many processors of a system-on-chip (SoC) that cater to various tasks like cellular communications … [Read more...] about Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors
Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
Feb 24, 2023Ravie LakshmananPrivacy / Data Safety An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies and … [Read more...] about Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
Feb 15, 2023Ravie LakshmananPrivacy / Technology Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running Android 13. "The Privacy Sandbox Beta provides new APIs that are designed with privacy at the core, and don't use identifiers that can track your activity across apps and websites," the search and … [Read more...] about Google Rolling Out Privacy Sandbox Beta on Android 13 Devices