Security News
A court in Moscow has imposed a fine of $358 million on Google LLC for failing to restrict access to information considered prohibited in the country. Last month, the organization fined 68 million rubles Google LLC for the umpteenth time for failure to remove prohibited information.
Google has removed eight apps from its Google Play store that were propagating a new variant of the Joker spyware, but not before they already had garnered more than 3 million downloads. The trojan would hide in the advertisement frameworks utilized by the malicious apps propagating it; these frameworks aggregate and serve in-app ads.
Following the launch of a new "Data safety" section for the Android app on the Play Store, Google appears to be readying to remove the app permissions list from both the mobile app and the web. The Data safety section, which Google began rolling out in late April 2022, is the company's answer to Apple's Privacy Nutrition Labels in iOS, allowing users to have a unified view of an app's data collection and processing practices.
A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times. The malware, named 'Autolycos,' was discovered by Evina's security researcher Maxime Ingrao to be in at least eight Android applications, two of which are still available on the Google Play Store at the time of this writing.
A new ransomware family is being delivered as a bogus Google Software Update, using Microsoft functionality as part of its attack. Researchers with Trend Micro say they uncovered the latest threat, dubbed "HavanaCrypt", a ransomware package that presents itself as a Google Software Update though it is a.NET-compiled application.
Google is testing a new 'Quick Intensive Throttling' feature that reduces CPU time by 10%, extending the battery life for laptops and mobile devices. In Chrome 87, Google introduced a new feature called 'Intensive Wake Up Throttling' that prevents JavaScript from waking up a tab more than once a minute after it has been suspended and hidden from view for more than 5 minutes.
Google's latest update to the Chrome browser fixes a varying number of bugs, depending on whether you're on Android, Windows or Mac, and depending on whether you're running the "Stable channel" or the "Extended stable channel". The Stable channel is the very latest version, including all new browser features, currently numbered Chrome 103.
While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year. Chrome 103 for Android and Version 103.0.5060.114 for Windows and Mac, outlined in separate blog posts published Monday, fix a heap buffer overflow flaw in WebRTC, the engine that gives the browser its real-time communications capability.
Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native apps.
Google has issued an unexpected update to its Chrome browser to address a zero-day WebRTC flaw that is actively being exploited. The fix is installing Chrome 103.0.5060.114 for Windows and Chrome 103.0.5060.71 for Android, both of which will appear soon.