Security News

The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. BATLOADER, as the name suggests, is a loader that's responsible for distributing next-stage malware such as information stealers, banking malware, Cobalt Strike, and even ransomware.

Google is bidding adieu to an application that enabled Chrome users on Windows systems to get rid of unwanted software. The Cholocate Factory's Chrome Cleanup Tool was introduced in 2015 - initially as a standalone product and later integrated into the Chrome browser - and has run more than 80 million cleanups over the past eight years.

Secondly, introducing the dark web report in the U.S. will aid in better monitoring personal information.Google One has announced that VPN access will be expanded to all its plans, including the Basic plan that starts at $1.99/month.

Malicious actors can take advantage of "Insufficient" forensic visibility into Google Cloud Platform to exfiltrate sensitive data, a new research has found. "Unfortunately, GCP does not provide the level of visibility in its storage logs that is needed to allow any effective forensic investigation, making organizations blind to potential data exfiltration attacks," cloud incident response firm Mitiga said in a report.

Google Workspace has expanded its client-side encryption to Gmail and Google Calendar for users of Workspace Enterprise Plus, Education Standard and Education Plus, Google announced on Tuesday. Google Calendar for web browser, and Calendar on Android and iOS mobile apps in beta.

Attackers can exfiltrate company data stored in Google Cloud Platform storage buckets without leaving obvious forensic traces of the malicious activity in GCP's storage access logs, Mitiga researchers have discovered. "In normal usage, files inside storage objects are read multiple times a day as part of day-to-day activity of the organization," Mitiga cloud incident responder Veronica Marinov noted.

Google has announced the general availability of client-side encryption for Gmail and Calendar, months after piloting the feature in late 2022. The data privacy controls enable "Even more organizations to become arbiters of their own data and the sole party deciding who has access to it," Google's Ganesh Chilakapati and Andy Wen said.

Google continued its client-side encryption rollout, the feature generally available to some Gmail and Calendar users who can now send and receive encrypted messages and meeting invites. It follows a client-side encryption beta program for these same enterprise and education users that Google launched late last year.

The latest version of Google Chrome for macOS includes new optimizations that increase battery life on MacBooks. The reason why Google is optimizing Chrome battery consumption on Macs is likely because users report that Safari has much better performance on the system, leading them to use Apple's browser instead. Chrome's latest improvements will also be felt by those using older Apple hardware like Intel-based Macbooks.

Gmail client-side encryption is now generally available for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. The feature was first introduced in Gmail on the web as a beta test in December 2022, after being available in Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar since last year.