Security News

Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
2022-08-10 16:50

A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites. Posting links to phishing pages on various legitimate sites aims to increase traffic and boost the malicious site's search engine rankings.

Google now blocks Workspace account hijacking attempts automatically
2022-08-10 16:18

Google Workspace now has stronger protections for risky account actions, automatically blocking hijacking attempts with identity verification prompts and logging them for further investigation. The enhanced account protection capabilities are available to all Google Workspace customers, including legacy G Suite Basic and Business customers.

Google's bug bounty boss: Finding and patching vulns? 'Totally useless'
2022-08-10 16:00

Simply finding vulnerabilities and patching them "Is totally useless," according to Google's Eduardo Vela, who heads the cloud giant's product security response team. Instead, they've got to exploit the bug: connect to Google Kubernetes Engine instances, hack it, and use the bug to steal the hidden flags.

Dissecting Google’s Titan M chip: Vulnerability research challenges
2022-08-09 04:00

The enterprise-grade Titan M security chip was custom built to help protect data. Derived from the same chip Google uses to protect its cloud data centers, it handles processes and information, such as passcode protection, encryption, and secure transactions in apps.

Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google
2022-08-04 23:45

Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store. The free Phantom Wallet app that Pearlman downloaded early from Google Play was a fake.

Facebook ads push Android adware with 7 million installs on Google Play
2022-07-30 15:14

Several adware apps promoted aggressively on Facebook as system cleaners and optimizers for Android devices are counting millions of installations on Google Play store. To evade deletion, the apps hide on the victim's device by constantly changing icons and names, masquerading as Settings or the Play Store itself.

Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware
2022-07-30 03:40

A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code readers, VPN services, and call recorders, among others.

Google delays removal of third-party cookies in Chrome through 2024
2022-07-28 16:32

Google delays removal of third-party cookies in Chrome through 2024. Google is pushing back its plan to get rid of third-party cookies in Chrome to the latter half of 2024, according to a company blog published Wednesday.

Google Delays Blocking 3rd-Party Cookies in Chrome Browser Until 2024
2022-07-28 16:16

Google on Wednesday said it's once again delaying its plans to turn off third-party cookies in the Chrome web browser from late 2023 to the second half of 2024. "The most consistent feedback we've received is the need for more time to evaluate and test the new Privacy Sandbox technologies before deprecating third-party cookies in Chrome," Anthony Chavez, vice president of Privacy Sandbox, said.

Cyberspies use Google Chrome extension to steal emails undetected
2022-07-28 15:10

A North Korean-backed threat group tracked as Kimsuky is stealing emails from Google Chrome or Microsoft Edge users browsing their webmail accounts using a malicious browser extension. The extension, dubbed SHARPEXT by Volexity researchers who spotted this campaign in September, supports three Chromium-based web browsers and can steal mail from Gmail and AOL accounts.