Security News

Google is currently working on fixing a known issue causing a Google Chrome web browser version launched earlier today for Apple processors to suddenly crash. "Earlier today we updated our Chrome download page to include a new version of Chrome optimized for new macOS devices featuring an Apple processor," Chrome Support Manager Craig Tumblison said.

Qualys announced it has worked with Google Cloud to provide out-of-the-box support for Google Cloud Artifact Registry for its Container Security solution. Qualys Container Security scanning will assess all images for software inventory, vulnerabilities and misconfigurations, and provide a unified view across multiple Google Cloud regions.

If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. How to change it? Oddly enough, the process for changing your Google account password isn't terribly intuitive.

Google is asking Chrome desktop users to prepare to update their browsers once again as two more zero-day vulnerabilities have been identified in the software. CVE-2020-16017 is described by Google as a "Use-after-free in site isolation," which is the Chrome component that isolates the data of different sites from each other.

Google has released Chrome 86.0.4240.198 for Windows, Mac, and Linux to address two zero-day vulnerabilities exploited in the wild. Google Chrome 86.0.4240.198 will roll out over the coming days.

Google has released another update for Chrome 86 to patch two more zero-day vulnerabilities that have been exploited in the wild. Google has credited "Anonymous" for reporting the flaws - it's unclear if it's the same or two different anonymous individuals - and it has not shared any information about the attacks in which they have been exploited.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

Fans of the popular Minecraft video game are in the crosshairs of cybercriminals, who have loaded up Google Play with scam apps bent on fleecing players out of cash. According to researchers, the mobile apps for Android fool users into spending hundreds of dollars per month, by offering skins, wallpapers and game mods for Minecraft and other games at super-premium prices.

One of the fixed flaws is being actively exploited, the Windows Kernel Cryptography Driver vulnerability disclosed by Google's Project Zero at the end of last month. The CVE-2020-17087 driver bug was also exploited with CVE-2020-15999, a remote-code exec vulnerability in Chrome's font-parsing code, to also hijack targeted people's PCs. All three bugs are now patched; installing the latest software updates fixes them.

Microsoft has fixed today a Windows kernel zero-day vulnerability exploited in the wild as part of targeted attacks and publicly disclosed by Project Zero, Google's 0day bug-hunting team, last month. According to Project Zero researchers Mateusz Jurczyk and Sergei Glazunov who discovered it, the security flaw currently tracked as CVE-2020-17087 is a pool-based buffer overflow found in the Windows Kernel Cryptography Driver.