Security News

Google appears to be attempting a play for the crown, as it is reportedly poised to acquire infosec upstart Wiz. According to the New York Times and Wall Street Journal, Google is deep in talks to buy Wiz for $23 billion - the largest-ever sum its parent company Alphabet has paid for prey.

Google has announced a fivefold increase in payouts for bugs found in its systems and applications reported through its Vulnerability Reward Program, with a new maximum bounty of $151,515 for a single security flaw."As our systems have become more secure over time, we know it is taking much longer to find bugs - with that in mind, we are very excited to announce that we are updating our reward amounts by up to 5x," Google said.

After first announcing onboard AI in January, Samsung expanded what it's calling the Galaxy AI ecosystem on July 10 at the Galaxy Unpacked event in Paris. Samsung's two newest phones are the Galaxy Z Fold6 and Galaxy Z Flip6, both of which use Google's Gemini AI for translation, creative features and cosmetic changes.

Google has removed a potential obstacle for high-risk users who want to enroll in the company's Advanced Protection Program: they can now do it just by setting a passkey. Until now, new users were required to have two physical security keys to enroll in the first place.

Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program. Based on the FIDO Authentication standard, the technology is designed to secure online accounts against potential takeover attacks by ditching passwords in favor of biometrics or a PIN. Passkeys can simultaneously act as a first- and second-factor, entirely obviating the need for a password.

Google announced today that passkeys are now available for high-risk users when enrolling in the Advanced Protection Program, which provides the strongest level of account security. The Advanced Protection Program is a free service that protects the accounts of users such as activists, journalists, business leaders, and political teams, who are at a higher risk of being targeted by online attacks.

Computer hardware maker Zotac has exposed return merchandise authorization (RMA) requests and related documents online for an unknown period, exposing sensitive customer information. [...]

Proton has launched 'Docs in Proton Drive,' a free and open-source end-to-end encrypted web-based document editing and collaboration tool. Proton is a Swiss company renowned for its privacy-focused services, including Proton VPN, Proton Mail, Proton Pass, Proton Drive, and now also Proton Docs.

Google has launched kvmCTF, a new vulnerability reward program first announced in October 2023 to improve the security of the Kernel-based Virtual Machine hypervisor that comes with $250,000 bounties for full VM escape exploits. An active and key KVM contributor, Google developed kvmCTF as a collaborative platform to help identify and fix vulnerabilities, bolstering this vital security layer.

Multiple owners of Google Pixel 6 series phones have been reporting in the past week that their devices were "Bricked" after they performed a factory reset. The Pixel 6 series, released in late 2021, is approaching the typical upgrade cycle for many original buyers, and issues with the factory reset process have become significantly more impactful.