Security News

Tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages. "After the reversal of Roe v. Wade and with more rights cutbacks on the way, tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages."

Indonesia's competition regulator, the Komisi Pengawas Persaingan Usaha has alleged that Google has violated local anti-monopoly laws by abusing its dominant position for the distribution of apps and its requirement that developers must use its payment systems. Google therefore has a lot to lose if it is found to have abused its monopoly.

Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information and in some cases, passwords, to Google and Microsoft respectively. In cases where Chrome Enhanced Spellcheck or Edge's Microsoft Editor were enabled, "Basically anything" entered in form fields of these browsers was transmitted to Google and Microsoft.

South Korea's Personal Information Protection Commission has issued two large fines for privacy violations: a $50 million penalty for Google and $22 million for Meta. The PIPC's beef is that neither Google nor Meta properly obtain consent or inform users on how they collect and use data, particularly with regards to behavioral information used to predict interests for marketing and advertising purposes.

Google closed its $5.4 billion Mandiant acquisition today in a move that brings the threat intel and incident response giant under the Google Cloud umbrella. Six months and one shareholder lawsuit later, the two companies' combined services and products help customers shift to a "More proactive approach" to security operations, according to Google Cloud CEO Thomas Kurian.

Google's open source security team says OSS-Fuzz, its community fuzzing service, has helped fix more than 8,000 security vulnerabilities and 26,000 other bugs in open source projects since its 2016 debut. The group would like to see open source developers do more fuzzing to make the world a better place, or at least make software a bit more secure.

Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations. Google TAG says its attribution is based on multiple overlaps between UAC-0098, Trickbot, and the Conti cybercrime group.

Google says some former Conti ransomware gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations. Google TAG says its attribution is based on multiple overlaps between UAC-0098, Trickbot, and the Conti cybercrime group.

A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive. The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.

A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android users through apps that have tens of thousands of installations. Malware analysts at Cleafy, an Italian online fraud management and prevention company, discovered SharkBot in October 2021.