Security News
In the case of computer science professor Douglas Leith, this truth is that Google has been taking detailed notes of every telephone call and SMS message made and received on the default Android apps. In brief, Leith set up a man-in-the-middle attack on his phones to crack open the data links' HTTPS/SSL encryption.
Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine.
Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild. This update was available immediately when BleepingComputer checked for new updates by going into Chrome menu > Help > About Google Chrome.
North Korean threat actors exploited a remote code execution zero-day vulnerability in Google's Chrome web browser weeks before the bug was discovered and patched, according to researchers. Google TAG now revealed it believes two threat groups-the activity of which has been publicly tracked as Operation Dream Job and Operation AppleJeus, respectively-exploited the flaw as early as Jan. 4 in "Campaigns targeting U.S. based organizations spanning news media, IT, cryptocurrency and fintech industries," according to a blog post published Thursday by Google TAG's Adam Weidemann.
Google on Thursday described how it apparently caught and thwarted North Korea's efforts to exploit a remote code execution vulnerability in Chrome. Exploiting the bug clears the way to compromise a victim's browser and potentially take over their computer to spy on them.
Roskomnadzor, Russia's telecommunications regulator, has banned Alphabet's news aggregator service Google News and blocked access to the news. Google.com domain for providing access to "Unreliable information" on the ongoing war in Ukraine.
A malicious Android app that steals Facebook credentials has been installed over 100,000 times via the Google Play Store, with the app still available to download. The Android malware is disguised as a cartoonifier app called 'Craftsart Cartoon Photo Tools,' allowing users to upload an image and convert it into a cartoon rendering. Over the past week, security researchers and mobile security firm Pradeo discovered that the Android app includes a trojan called 'FaceStealer,' which displays a Facebook login screen that requires users to log in before using the app.
The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts. A popular mobile app in the official Google Play store called "Craftsart Cartoon Photo Tools" has racked up more than 100,000 installs - but unfortunately for the app's enthusiasts, it contains a version of the Facestealer Android malware.
Google's Threat Analysis Group took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform as part of widespread phishing campaigns that involved sending no fewer than 5,000 business proposal-themed emails a day to 650 targeted organizations globally.
Google's Threat Analysis Group has provided a rare look inside the operations of a cybercriminal dubbed "Exotic Lily," that appears to serve as an initial-access broker for both Conti and Diavol ransomware gangs. Researchers' analysis exposes the business-like approach the group takes to brokering initial access into organizations' networks through a range of tactics so its partners can engage in further malicious activity.