Security News

Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and more photos in the cloud, significant privacy concerns arise because even a single compromise of a user's credentials give attackers unfettered access to all of the user's photos.

Google this week announced a series of updates to its Google Play policies that are meant to improve overall user privacy and security and provide more control over ads personalization. As per the new policy, all applications in Google Play will be required to detail their privacy and security practices by April 2022.

Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against. While always running and scanning every app installed and launched on the device, "The endurance test revealed that this service does not provide particularly good security: every other security app offers better protection than Google Play Protect."

Google has announced today more details regarding their upcoming Google Play 'Safety section' feature that provides users information about the data collected and used by an Android app. In May, Google pre-announced upcoming changes to the Google Play Store requiring app developers to share what info their apps collect, how collected data is used, and what privacy/security features the apps utilize.

Google has revealed that its bug bounty program - which it styles a "Vulnerability Reward Program" - has paid out for 11,055 bugs found in its services since 2010. 11,055 bugs seems like a lot, but it's not out of step with other vendors.

Google says it has paid more than $29 million in rewards for pre-patch vulnerability data over the past 10 years. Since the launch of Google Vulnerability Rewards Program 10 years ago, the company said it paid bounties on 11,055 vulnerabilities that were reported by 2,022 researchers from 84 countries.

Historically, Twitter allows users to create a new account using a phone number or email address and a password. Google.com, allowing you to use your Google account to register a new Twitter account.

Google has announced a new platform and community designed to host all its Vulnerability Rewards Programs under the same roof. In all, Google says that the researchers have been rewarded $29,357,516 since January 2010, when it launched the Chromium vulnerability reward program.

Boutique cloud engineering and agile DevOps firm, Hunter Strategy, announced their entrance to Google Cloud's partner network. As a Google Cloud Partner, Hunter joins a premier alliance of Cloud engineers to expand services offerings around cloud advisory, migration, software security, automation, orchestration, and robust managed services capabilities.

A malware known for targeting macOS operating system has been updated once again to add more features to its toolset that allows it to amass and exfiltrate sensitive data stored in a variety of apps, including apps such as Google Chrome and Telegram, as part of further "Refinements in its tactics." Earlier this April, XCSSET received an upgrade that enabled the malware authors to target macOS 11 Big Sur as well as Macs running on M1 chipset by circumventing new security policies instituted by Apple in the latest operating system.