Security News

The Austrian data protection authority has ruled that use of Google Analytics by a German company is in breach of European law in light of the Schrems II EU-US data sharing ruling. Datenschutzbehörde, or DSB, has found that a German publisher, not named in the case, was in breach of Article 44 of the General Data Protection Regulation in the use and operation of Google Analytics - commonly used throughout web publishing and ecommerce - because of its movement of personal data to the United States.

Google Drive ended 2021 as the most abused cloud storage service for malware downloads, according to security provider Netskope. In its "January 2022 Cloud and Threat Report" released Tuesday, Netskope noted that cloud storage apps gained even greater adoption in 2021.

The Commission nationale de l'informatique et des libertés, France's data protection watchdog, has slapped Facebook and Google with fines of €150 million and €60 million for violating E.U. privacy rules by failing to provide users with an easy option to reject cookie tracking technology. HTTP cookies are small pieces of data created while a user is browsing a website and placed on the user's computer or other device by the user's web browser to track online activity across the web and store information about the browsing sessions, including logins and details entered in form fields such as names and addresses.

The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week. So they tell you they will send you a Google authentication code in the form of a voice call or a text message, and then ask you to repeat the number back to them to prove you're real.

Attackers are taking advantage of the comment feature in Google Docs to send people emails with malicious links, says Avanan. A new report released Thursday by email security provider Avanan looks at a new phishing campaign that abuses a popular feature in Google Docs to deploy malicious emails.

Attackers are using the "Comments" feature of Google Docs to send malicious links in a phishing campaign targeted primarily at Outlook users, researchers have discovered. Researchers from email collaboration and security firm Avanan, a CheckPoint company, first observed "a new, massive wave of hackers leveraging the comment feature in Google Docs" in December, Avanan Cybersecurity Researcher/Analyst Jeremy Fuchs wrote in a report published Thursday.

A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. Google Docs is used by many employees working or collaborating remotely, so most recipients of these emails are familiar with these notifications.

France's National Commission on Informatics and Liberty, the country's data privacy and protection body, has announced a 60 million euro sanction against Facebook and a 150 million euro penalty against Google. As a result, today CNIL announced an administrative fine of 60 million Euros against Facebook Ireland Ltd. and an additional 100,000 Euros per day of delay of compliance, starting from March 2022.

The Federal Bureau of Investigation says Americans who share their phone number online are being targeted by Google Voice authentication scams. If successful, they will set up a Google Voice account in their victims' names or hijack their Gmail accounts which will later be used in other fraud schemes or in phishing attacks.

Google has rolled out the first round of updates to its Chrome web browser for 2022 to fix 37 security issues, one of which is rated Critical in severity and could be exploited to pass arbitrary code and gain control over a victim's system. Security researcher Yangkang of Qihoo 360 ATA, who has previously disclosed zero-day vulnerabilities in Apple's WebKit, has been credited with discovering and reporting the flaw on November 30, 2021.