Security News

Google Cloud and Sigfox announced that the leading global 0G network and IoT platform services provider, has partnered with Google Cloud, to scale its cloud infrastructure and extend its IoT services portfolio. Google Cloud will also enable faster improvements to Sigfox's connectivity, geolocation, and other value-added services towards ultra-low-cost and ultra-low-power IoT solutions.

Chromium-based browsers such as Microsoft Edge and Google Chrome will soon support the Intel CET security feature to prevent a wide range of vulnerabilities. Intel's Control-flow Enforcement Technology is a hardware security feature initially introduced in 2016 and added to Intel's 11th generation CPUs in 2020.

Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. After inspecting phishing and malware campaigns blocked by Gmail within five months, Google found that 42% of all targets were from the US, with the next two most targeted users being from the UK and Japan.

Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. That means when Safari users visit a website with Safe Browsing active, their IP addresses will be associated with an Apple domain rather than their internet service provider or corporate network.

Hands On. Google has big ambitions for its new Open Source Vulnerabilities database, but getting started requires a Google Cloud Platform account and there are other obstacles that may add friction to adoption. The company wants to see more discipline and checks in critical open-source software, and revealed that it maintains its own private repositories for many projects to guard against compromised code or newly committed vulnerabilities.

Kind old Google has published data on targeted email attacks and dispensed advice to help users separate friend from foe. The pandemic has presented malware-laden email flingers with a world of opportunity and a whole new set of attack vectors.

A barcode scanner app, with over 10 million downloads, was booted from the Google Play marketplace after users began to complain of mobile-ad overload. The makers of the app, called Barcode Scanner, intentionally altered the code of the app via an update turning it from a benign app to adware, according to researchers. Tipped by a user, researchers at Malwarebytes explained, the publisher added new heavily obfuscated code to the app that directed the default mobile web browser to launch and serve-up ads - whether the barcode app was active or not.

Global Payments and Google announced an expansive multi-year partnership to deliver innovative cloud-based products and capabilities, enabling best-in-class digital merchant customer experiences worldwide. As part of the partnership, Global Payments will migrate its merchant acquiring technology to Google Cloud, and will provide merchant acquiring services to Google to extend its global market reach.

Cybercriminals have been using a novel approach to exfiltrate data that involves directly injecting malicious Google Chrome extensions onto victims' Windows machines via the abuse of Google's cloud synching function. The malicious add-on is disguised as a "Forcepoint Endpoint Chrome Extension for Windows," with the attackers using the security company's logo to enhance an air of legitimacy.

Google last week announced the launch of OSV, which the internet giant has described as a vulnerability database and triage infrastructure for open source projects. OSV should make it easier for the users of open source software to find out which vulnerabilities impact them.