Security News

Google has announced a new experimental Abuse Research Grants Program for abuse-related tactics and product issues outside the scope of existing Vulnerability Research Grants and the Vulnerability Reward Program. Grant amounts for the new Abuse Research Grants Program will vary from $500 up to $3,133.

Google on Thursday said it's rolling out new security features to Chrome browser aimed at detecting suspicious downloads and extensions via its Enhanced Safe Browsing feature, which it launched a year ago. Currently, 75% of all add-ons on the platform are compliant, the company pointed out, adding "Any extensions built by a developer who follows the Chrome Web Store Developer Program Policies, will be considered trusted by Enhanced Safe Browsing."

Google has built an online tool that maps out all the dependencies in millions of open-source software libraries and flags up any unpatched vulnerabilities. "It then constructs a full dependency graph - transitively tracking dependencies, dependencies' dependencies, and so on - and incorporates the metadata, then publishes it so you can see how it all might affect your software. And the information it provides is continually updated."

This time around, the Google PPC ads targeted specific IP ranges in the U.S. and "Probably some other countries," researchers wrote. Google says that it uses proprietary technology and malware detection tools to "Regularly scan all creatives", that it forbids ads when they try to call fourth parties or sub-syndication to uncertified advertisers, that it pulls ads distributing malware, and that authorized buyers whose ads are found to contain malware are placed on a minimum three-month suspension.

Google has added new protection capabilities for Enhanced Safe Browsing users in Chrome, warning them when installing untrusted extensions and allowing them to request more in-depth scans of downloaded files. The Safe Browsing feature, available in Google Chrome since 2007, warns you of dangerous events when visiting malicious websites by checking URLs against a list of unsafe sites stored within Chrome.

Google has made it possible for you to password protect your search history within your cloud account. Did you know anyone could walk up to your computer and view your Google search history? Anything you have searched for in Google is visible.

Egnyte announced new integrations with Google Workspace and Dropbox to help companies secure and govern their sensitive cloud content. The integrations enable companies' Google and Dropbox users to apply Egnyte's platform to locate their valuable content in each cloud solution and control risks via a unified, turnkey approach.

Blue Hexagon offers agentless cloud-native AI security at runtime for Google Cloud. "With the rise of cloud-based Infrastructure as a Service and Platform as a Service driving rapid enterprise workload migration to the cloud, new challenges with security of cloud compute and network are ever emerging," said Nayeem Islam, CEO and Co-founder, Blue Hexagon.

Versa Networks announced its integration with Google Cloud Network Connectivity Center, allowing for secure and reliable connectivity to cloud workloads and on-premises resources in an automated, dynamic approach that reduces total costs of ownership. The integration between Versa SASE and Google Cloud represents continued development in security, SD-WAN, bandwidth management, and high availability differentiation and innovation to deliver the most consistent and high-performing user experience for secure access to applications anywhere in the world.

A fake version of the popular remote desktop application AnyDesk, pushed via ads appearing in Google search results, served up a trojanized version of the program. The campaign even bested AnyDesk's own ad campaign on Google - ranking higher in its paid results.