Security News

Teradata announced a set of enhancements for Teradata Vantage on Google Cloud, making it easier for Teradata customers to use the Google Cloud services they prefer in a consumption pricing model. The platform enhancements highlight Teradata's commitment to its Google Cloud offering, as well as its commitment to provide Vantage customers with the choice, integration, and consistency they need to leverage their modern data platform in the cloud.

Adlumin announced that its platform will now integrate directly with Google Workspace, giving customers the ability to ingest crucial audit logs from their Google Workspace domains. Google Workspace is a suite of secure, cloud-native collaboration and productivity apps powered by Google AI and has become a viable competitor to Office365.

Google Chrome now hinders attackers' efforts to exploit security bugs on systems with Intel 11th Gen or AMD Zen 3 CPUs, running Windows 10 2004 or later. This is possible after the adoption of Intel's Control-flow Enforcement Technology, supported on Windows 10 computers through an implementation known as Hardware-enforced Stack Protection which adds enhanced exploit protection to all compatible devices.

MITRE announced last week that the latest update to the popular ATT&CK framework introduces techniques related to containers and the Google Workspace platform. ATT&CK v9 adds container-related attack techniques, which is the result of a project conducted by MITRE's Center for Threat-Informed Defense and sponsored by Microsoft, Citigroup and JPMorgan Chase.

As more companies and independent developers are switching to Progressive Web Apps as their preferred solution for native apps, Microsoft and Google are slowly adding new PWA features to improve the web apps experience on Windows and other platforms. For those unaware, Progressive web app, or PWA, is the latest web technology that allows anyone to use web sites as native mobile or desktop apps.

Google has urged the UK's Supreme Court to throw out a £3bn lawsuit brought by an ex-Which director over secretly planted tracking cookies on devices running Safari, on the grounds that local law doesn't allow for opt-out class action lawsuits. The case, being heard over two days this week in the Supreme Court, the final court of appeal in Britain for civil cases, has huge implications for legal businesses and investors as well as data protection law.

Google's Chrome browser has several security vulnerabilities that could pave the way to multiple types of attacks, including a V8 bug that could allow remote code execution within a user's browser. Liu told SecurityWeek that the bug is somewhat mitigated by the fact that it doesn't allow attackers to escape the sandbox where Chrome runs, meaning attackers can't reach any of the other program, data and applications on the computer.

Google on Wednesday began a legal bid at Britain's highest court to try to block a class action alleging that it illegally tracked millions of iPhone users. In October 2018, the High Court dismissed the case but the Court of Appeal overturned the decision in October 2019, allowing it to proceed.

An update released this week by Google for Chrome 90 patches yet another serious vulnerability affecting the V8 JavaScript engine used by the web browser. Liu told SecurityWeek that the flaw can be exploited for remote code execution in the targeted user's browser, but noted that, similar to other recently disclosed V8 vulnerabilities, it does not escape the Chrome sandbox - a sandbox escape bug is needed to exploit CVE-2021-21227 in real world attacks.

It turns out, this header, now being returned by GitHub sites, is actually meant for website owners to opt-out of Google FLoC tracking. BleepingComputer also noticed the entire github.com domain had this header set, indicating GitHub did not want its visitors to be included in Google FLoC's "Cohorts" when visiting any GitHub page.