Security News
Now web security professionals are asking developers to do their part by recognizing that Spectre broke the old threat model and by writing code that reflects the new one. Last month, Mike West, a Google security engineer, drafted a note titled, "Post-Spectre Web Development," and Mozilla's Daniel Veditz of the W3C's Web Application Security Working Group asked the group to come to a consensus on supporting the recommendations.
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. Last year, security researchers disclosed a new version of the NAT Slipstreaming vulnerability that allows malicious scripts to bypass a website visitor's NAT firewall and access any TCP/UDP port on the visitor's internal network.
Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims' companies.
Signaling a major shift to its ads-driven business model, Google on Wednesday unequivocally stated it would not build alternate identifiers or tools to track users across multiple websites once it begins phasing out third-party tracking cookies from its Chrome browser by early 2022. Over the years, third-party cookies have become the mainstay driving digital ad business, but mounting concerns about data privacy infringement have led major browser vendors such as Apple, Mozilla, Brave, and Microsoft to introduce countermeasures to pull the plug on invasive tracking technology, in turn forcing Google to respond with similar privacy-first solutions or risk losing customer trust.
Google has added a new feature to Google Chrome Canary that makes it easier for users to test new hidden features under development. When Google creates a new browser feature, it is first tested in Google Chrome Canary and Google Chrome Beta.
Google has added a new feature to Google Chrome Canary that makes it easier for users to test new hidden features under development. When Google creates a new browser feature, it is first tested in Google Chrome Canary and Google Chrome Beta.
With the arrival of Google Chrome v89 on Tuesday, Google is preparing to test a technology called Federated Learning of Cohorts, or FLoC, that it hopes will replace increasingly shunned, privacy-denying third-party cookies. Bennett Cyphers, staff technologist at the Electronic Frontier Foundation, argues FLoC is "a terrible idea," and urges Google to refocus its efforts on building a web that serves the people who use it.
This month Google begins a public test of a technology it says will eventually replace browser cookies in an effort to boost Chrome browser user privacy. The as-yet unproven technology allows browsers to group people together by their interests and give them more anonymity yet still allow for appropriate targeted advertising, which remains at the core of the company's interest in outfitting their Chrome browser with FLoC. Google's stance is that it will balance the need to preserve people's privacy by preventing individual tracking with giving advertisers and publishers the relevant info they need to recognize their target audience.
A Dutch government report identifying "10 high data protection risks" for users of Google Workspace, formerly known as G Suite, has been revised after Google's response, and now says eight high risk issues still remain. Despite the name, this is not an offshoot of Google's Redmond-based rival, but a government department which manages vendor relations with the company, and which undertook to assess the risks of deploying Google Workspace instead of Office 365, in a process called a DPIA. It has conducted similar studies into privacy risks with Microsoft's services.
As cloud computing continues to grow, Google Cloud is quickly becoming one of the most popular solutions. The Google Cloud Certifications Practice Tests + Courses Bundle helps you get certified faster, with 43 hours of video content and over 1,000 practice questions.