Security News

Android malware apps with 2 million installs found on Google Play
2022-08-18 19:19

A new batch of thirty-five malware Android apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims' mobile devices. The apps were found by security researchers at Bitdefender, who employed a real-time behavior-based analysis method to discover the potentially malicious applications.

Google blocks third record-breaking DDoS attack in as many months
2022-08-18 16:00

To put things in perspective, this is about 76 percent larger than the previous record DDoS attack that Cloudflare thwarted earlier that same month. Not only is this the third such record-breaking DDoS flood in the past few months - this includes two earlier HTTPS-based attacks blocked by Cloudflare in April and June - but it comes as Google and other security researchers warn that network-flooding events are getting worse, growing in size and frequency.

Google blocks largest HTTPS DDoS attack 'reported to date'
2022-08-18 16:00

A Google Cloud Armor customer was hit with a distributed denial-of-service attack over the HTTPS protocol that reached 46 million requests per second, making it the largest ever recorded of its kind. In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in June.

Google Patches Chrome’s Fifth Zero-Day of the Year
2022-08-18 14:31

Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. Google credits Ashley Shen and Christian Resell of its Google Threat Analysis Group for reporting the zero-day bug, which could allow for arbitrary code execution, on July 19.

Google, Apple squash exploitable browser bugs
2022-08-17 22:47

Google has issued 11 security fixes for desktop Chrome, including one bug that has an exploit for it out in the wild. This is the fifth Chrome bug Google has fixed this year that has either been exploited or had exploit code in the wild.

Software developer cracks Hyundai car security with Google search
2022-08-17 20:19

A developer says he was able to run his own software on his car infotainment hardware after discovering the vehicle's manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples. Turns out the encryption key in that script is the first AES 128-bit CBC example key listed in a NIST document.

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
2022-08-17 13:41

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on July 19, 2022.

Google fixes fifth Chrome zero-day bug exploited this year
2022-08-17 11:39

Google has released a security update for the Chrome browser that addresses close to a dozen vulnerabilities, including a zero-day flaw that is being exploited in the wild. The security update is currently rolling out for Windows, Mac and Linux.

Google releases Android 13 with improved privacy and security features
2022-08-16 12:07

Google released Android 13, and it is already rolling out to eligible Pixel smartphones. In this Help Net Security video, you'll learn more about the latest privacy and security features of Google's mobile operating system.

Google fined $60 million over Android location data collection
2022-08-13 15:08

The Australian Competition and Consumer Commission announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. "Google, one of the world's largest companies, was able to keep the location data collected through the 'Web & App Activity' setting and that retained data could be used by Google to target ads to some consumers, even if those consumers had the"Location History" setting turned off," said ACCC Chair Gina Cass-Gottlieb.