Dec 18, 2022Ravie Lakshmanan Google on Friday announced that its client-side encryption for Gmail is in beta to its Workspace and education customers to secure emails sent using the web version of the platform. This development comes at a time when concerns about online privacy and data security are at an all-time high, and it is certainly welcomed by users who value the … [Read more...] about Google Takes Gmail Security to the Next Level with Client-Side Encryption
Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers
Dec 08, 2022Ravie LakshmananPatch Management / Zero-Day An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to target South Korean users by capitalizing on the recent Itaewon Halloween crowd crush to trick users into downloading malware. The discovery, reported by Google Threat Analysis Group researchers Benoît Sevens and Clément … [Read more...] about Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022. Type … [Read more...] about Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild
Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012. The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest version of Cobalt Strike is version … [Read more...] about Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild
Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569. "Observed DEV-0569 attacks show a pattern of continuous … [Read more...] about Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware
Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023
Internet behemoth Google on Tuesday said it plans to roll out Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year. "The Privacy Sandbox Beta will be available for ad tech and app developers who wish to test the ads-related APIs as part of their solutions," the company said. To that end, developers will need to complete an enrollment … [Read more...] about Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023
Google to Pay $391 Million Privacy Fine for Secretly Tracking Users’ Location
Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. "Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information," Oregon Attorney … [Read more...] about Google to Pay $391 Million Privacy Fine for Secretly Tracking Users’ Location
Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis … [Read more...] about Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
CrowdStrike a Google Chrome Enterprise Recommended Partner
Organizations today face an onslaught of attacks across devices, identity and cloud workloads. The more security telemetry an organization has to work with, the better threat hunters can contextualize events to find and remediate potential threats. Google recently announced Chrome Enterprise Connectors Framework, a collection of plug-and-play integrations with industry-leading … [Read more...] about CrowdStrike a Google Chrome Enterprise Recommended Partner
Google Launches GUAC Open Source Project to Secure Software Supply Chain
Google on Thursday announced that it's seeking contributors to a new open source initiative called Graph for Understanding Artifact Composition, also known as GUAC, as part of its ongoing efforts to beef up the software supply chain. "GUAC addresses a need created by the burgeoning efforts across the ecosystem to generate software build, security, and dependency metadata," … [Read more...] about Google Launches GUAC Open Source Project to Secure Software Supply Chain