Security News

The first step to data privacy is admitting you have a problem, Google
2022-03-28 10:17

In the case of computer science professor Douglas Leith, this truth is that Google has been taking detailed notes of every telephone call and SMS message made and received on the default Android apps. In brief, Leith set up a man-in-the-middle attack on his phones to crack open the data links' HTTPS/SSL encryption.

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
2022-03-25 19:11

Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine.

Emergency Google Chrome update fixes zero-day used in attacks
2022-03-25 19:10

Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild. This update was available immediately when BleepingComputer checked for new updates by going into Chrome menu > Help > About Google Chrome.

Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
2022-03-25 13:19

North Korean threat actors exploited a remote code execution zero-day vulnerability in Google's Chrome web browser weeks before the bug was discovered and patched, according to researchers. Google TAG now revealed it believes two threat groups-the activity of which has been publicly tracked as Operation Dream Job and Operation AppleJeus, respectively-exploited the flaw as early as Jan. 4 in "Campaigns targeting U.S. based organizations spanning news media, IT, cryptocurrency and fintech industries," according to a blog post published Thursday by Google TAG's Adam Weidemann.

We blocked North Korea's Chrome exploit, says Google
2022-03-25 01:39

Google on Thursday described how it apparently caught and thwarted North Korea's efforts to exploit a remote code execution vulnerability in Chrome. Exploiting the bug clears the way to compromise a victim's browser and potentially take over their computer to spy on them.

Russia bans Google News for "unreliable" info on war in Ukraine
2022-03-23 20:55

Roskomnadzor, Russia's telecommunications regulator, has banned Alphabet's news aggregator service Google News and blocked access to the news. Google.com domain for providing access to "Unreliable information" on the ongoing war in Ukraine.

Android password-stealing malware infects 100,000 Google Play users
2022-03-21 20:29

A malicious Android app that steals Facebook credentials has been installed over 100,000 times via the Google Play Store, with the app still available to download. The Android malware is disguised as a cartoonifier app called 'Craftsart Cartoon Photo Tools,' allowing users to upload an image and convert it into a cartoon rendering. Over the past week, security researchers and mobile security firm Pradeo discovered that the Android app includes a trojan called 'FaceStealer,' which displays a Facebook login screen that requires users to log in before using the app.

Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
2022-03-21 19:18

The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts. A popular mobile app in the official Google Play store called "Craftsart Cartoon Photo Tools" has racked up more than 100,000 installs - but unfortunately for the app's enthusiasts, it contains a version of the Facestealer Android malware.

Google Uncovers 'Initial Access Broker' Working with Conti Ransomware Gang
2022-03-20 22:47

Google's Threat Analysis Group took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform as part of widespread phishing campaigns that involved sending no fewer than 5,000 business proposal-themed emails a day to 650 targeted organizations globally.

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
2022-03-18 14:49

Google's Threat Analysis Group has provided a rare look inside the operations of a cybercriminal dubbed "Exotic Lily," that appears to serve as an initial-access broker for both Conti and Diavol ransomware gangs. Researchers' analysis exposes the business-like approach the group takes to brokering initial access into organizations' networks through a range of tactics so its partners can engage in further malicious activity.