Security News

Despite Google's best efforts to keep Android users safe, malware does manage to slip into Google Play from time to time, and the 21 malicious apps that Avast identified recently are proof of that. The offending applications appear to have been downloaded roughly 8 million times before being discovered.

Fragomen, a law firm that provides Google with I-9 employment verification compliance services, says the personal information of some people was compromised in a recent data breach. In a notice of data breach filed with California's Office of the Attorney General, Fragomen is informing affected Google employees of a data breach that it discovered on September 24, and which has resulted in personal information being compromised.

Researchers have discovered a raft of malicious gaming apps on Google Play that come loaded with adware, signaling that the tech giant continues to struggle with keeping bad apps off its online marketplace. Among these endeavors include stronger vetting mechanisms-which resulted in more than 790,000 apps that violate Google's policies for app submission stopped last year before they were ever published-as well as an alliance with three endpoint security firms to help stop malicious apps before they get to Google Play.

Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads. The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps were downloaded nearly eight million times from Google's app marketplace.

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management technology used by online streaming sites like Disney, Hulu and Netflix to prevent their content from being pirated. The latest cracks in Widevine concern the encryption technology's protection for L3 streams, which is used for low-quality video and audio streams only.

Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP has disclosed a data breach that exposed current and former Google employees' personal information. Fragomen is one of the USA's largest law firms covering immigration law, with over 582 attorneys in 47 locations worldwide.

A massive data breach suffered by the Nitro PDF service impacts many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. On October 21st, Nitro Software issued an advisory to the Australia Stock Exchange, stating that they were affected by a "Low impact security incident" but that no customer data was impacted.

Google Cloud's global sales force will now collaborate with Cysiv to help customers simplify the security of their cloud workloads. Security is a shared responsibility, and Cysiv's capabilities complement Google Cloud's secure infrastructure, storage, services and communications, with important measures that will further ensure customer's sensitive data, workloads and IT environment are adequately protected from cyberattacks and insider threats, while meeting compliance requirements.

Starting with Chrome 86, Google is automatically hiding website notification spam on sites showing a pattern of sending abusive notification content to visitors. "Our goal with these changes is to improve the experience for Chrome users and to reduce the incentive for abusive sites to misuse the web notifications feature."

Google released an update to its Chrome browser that patches a zero-day vulnerability in the software's FreeType font rendering library that was actively being exploited in the wild. Security researcher Sergei Glazunov of Google Project Zero discovered the bug which is classified as a type of memory-corruption flaw called a heap buffer overflow in FreeType.