Security News

Google cuts Play Store dev fees to 15% for all subscriptions
2021-10-22 14:36

Google says this corresponds to roughly 3% of registered developers, as the rest distribute free apps that follow indirect monetization methods. The service fee is 15% for the first $1 million of earnings each year when enrolled and 30% subsequently, which gives smaller developers more help as they scale their business.

Google launches Android Enterprise bug bounty program
2021-10-21 16:00

Google has announced the launch of its first vulnerability rewards program for Android Enterprise with bounties of up to $250,000. "And since we believe scrutiny and transparency are key to improving security, we've launched our first Android Enterprise Vulnerability Rewards Program," said Rajeev Pathak, Senior Product Manager at Google.

Google Crushes YouTube Cookie-Stealing Channel Hijackers
2021-10-20 19:45

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on the ripped-off channels. The cookie-stealing, cryptocurrency-scam running channel hijackers are still out there, but they've shifted from Gmail to other email providers: "mostly email.

Google: YouTubers’ accounts hijacked with cookie-stealing malware
2021-10-20 15:49

Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors. The threat actors used social engineering and phishing emails to infect YouTube creators with information-stealing malware, chosen based on each attacker's preference.

Not just deprecated, but deleted: Google finally strips File Transfer Protocol code from Chrome browser
2021-10-20 13:07

The Chromium team has finally done it - File Transfer Protocol support is not just deprecated, but stripped from the codebase in the latest stable build of the Chrome browser, version 95. A lack of support for encrypted connections in Chrome's FTP implementation, coupled with a general disinterest from the majority of the browser's users, and more capable third-party alternatives being available has meant that the code has moved from deprecated to gone entirely.

Brave ditches Google for its own privacy-centric search engine
2021-10-19 21:28

Brave Browser has replaced Google with its own no-tracking privacy-centric Brave Search as the default search engine for new users in five regions. Historically, Brave used Google as its default search engine when searching from the address bar.

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages
2021-10-15 07:23

A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers connected to an add-on called AllBlock.

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries
2021-10-15 07:12

Google's Threat Analysis Group on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. Google said it disrupted a number of campaigns mounted by an Iranian state-sponsored attacker group tracked as APT35, including a sophisticated social engineering attack dubbed "Operation SpoofedScholars" aimed at think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London's School of Oriental and African Studies.

Google's VirusTotal reports that 95% of ransomware spotted targets Windows
2021-10-14 18:53

Google's VirusTotal service showing that 95 per cent of ransomware malware identified by its systems targets Windows. What systems are most attacked? 93.28 per cent of ransomware detected were Windows executables, and 2 per cent Windows DLLs, the report said.

Google sent 50,000 warnings of state-sponsored attacks in 2021
2021-10-14 15:20

Google said today that it sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021, a considerable increase compared to the previous year. "So far in 2021, we've sent over 50,000 warnings, a nearly 33% increase from this time in 2020," said Ajax Bash, a Google security engineer working with the company's Threat Analysis Group.