Security News

Many distinguished font creators provide open source fonts available for personal and commercial use, and numerous free-and-properly-licensed font collections do exist, including the well-known Google Fonts. Google Fonts not only "Solves" your licensing issues by offering open source fonts that you are allowed to use commercially, it can also solve your "How to serve it" hassles, too.

The app, which is fully functional as a 2FA authenticator, comes loaded with the Vultur stealer malware that targets and swoops down on financial data. Once downloaded, the app installs Vultur banking trojan, which steals financial and banking data on the compromised device - but can do much more.

Google on Tuesday announced that it is abandoning its controversial plans for replacing third-party cookies in favor of a new Privacy Sandbox proposal called Topics, which categorizes users' browsing habits into approximately 350 topics. Subsequently, when a user visits a participating site, the Topics selects three of the interests - one topic from each of the past three weeks - to share with the site and its advertising partners.

Google is rolling out new warning banners in Google Drive to alert users of potentially suspicious files that threat actors could use for malware delivery and in phishing attacks. "If a user opens a potentially suspicious or dangerous file in Google Drive, we will display a warning banner to help protect them and their organization from malware, phishing, and ransomware," Google explains.

Users were left startled as Google Drive's automated detection systems flagged a nearly empty file for copyright infringement. One of the files in Dolson's Google Drive, 'output04.

An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could be exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said the issues impact both Zoom clients and Multimedia Router servers, which transmit audio and video content between clients in on-premise deployments.

Google has announced on Thursday that it has started warning users when they open potentially suspicious or dangerous files hosted on Google Drive. "We will display a warning banner to help protect [users] and their organization from malware, phishing and ransomware. These warnings are already available when opening Google Docs, Sheets, Slides, and Drawings," Google noted.

Typically, a web browser permits scripts on one web page to access data on a second web page only if both pages have the same origin/back-end server. Without this security policy in place, a snooper who manages to inject a malicious script into one website would be able to have free access to any data contained in other tabs the victim may have open in the browser, including access to online banking sessions, emails, healthcare portal data and other sensitive information.

An improperly implemented API that stores data on browsers has caused a vulnerability in Safari 15 that leaks user internet activity and personal identifiers. The Safari bug can then expose publicly available information from, say, a Google account.

There's a problem with the implementation of the IndexedDB API in Safari's WebKit engine, which could result in leaking browsing activity in real-time and even user identities to anyone exploiting this flaw. IndexedDB is a widely used browser API that is a versatile client-side storage system with no capacity limits.