Security News

Google is working on a new feature that allows you to disable or enable Chrome extensions based on site-by-site basis. The Chrome Web Store has many extensions, but there's a catch - some extensions can cause website problems, and some sites do not allow extensions like ad blockers.

Google users don't have enough choice over whether - and to what extent - they agree to "Far-reaching processing of their data across services," Germany's competition regulator says, adding that the tech giant should change its "Data processing" terms and practices. They should also be allowed to "Limit the processing of data to the specific service used" and "Be able to differentiate between the purposes for which the data are processed," it said.

Google announced that the Google for Startups Growth Academy: Cybersecurity program now accepts applications from EU companies. The three-month program, announced last fall, will start in April and connect the finest of Google with the top European cybersecurity firms.

Google has settled two more of the many location tracking lawsuits it had been facing over the past year, and this time the search giant is getting an even better deal: just $29.5 million to resolve complaints filed in Indiana and Washington DC with no admission of wrongdoing. The cases filed in the Midwestern state and the capital are similar to those settled elsewhere in the US in the last 12 months and center on allegations that Google deceived users into handing over location data, which it then turned into billions in advertising dollars.

Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its "Deceptive" location tracking practices. The search and advertising giant is required to pay $9.5 million to D.C. and $20 million to Indiana after the states sued the company for charges that the company tracked users' locations without their express consent.

A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The problem, in a nutshell, has to do with how the Google Home software architecture can be leveraged to add a rogue Google user account to a target's home automation device.

Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google search results in the form of malicious ads by hijacking searches for specific keywords.

DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it perceives as an annoyance and a privacy risk for its users. A standalone web browser is also in the works, currently in beta and only available for macOS. The company announced today that all its Chrome, Firefox, Brave, and Microsoft Edge apps and browser extensions will now actively block Google sign-in prompts displayed on sites.

Scammers using Google Ads, stolen blog articles, and a "Popunder" ad scheme on adult websites pulled in more than $275,000 a day by generating millions of ad impressions every month. Once on the Txxx iframe page, the user may click on a video or thumbnail, which triggers a real click on a Google Ad on the popunder page underneath, he wrote.

Microsoft has confirmed today that Samsung and Google have fixed an Intune enrollment issue affecting Galaxy S22 smartphones running Android 13. On affected S22 devices, Android users cannot complete enrollment if they create a Work Profile for Bring Your Own Device provisioning.