Google offers new Apps and Activities dashboards and free Zix encryption

Google has bolstered the security of its Apps platform with new reports providing insight into the number of devices accessing the account over the past month. The Devices and Activity dashboard displayed all devices active on an account in the last 28 days and those still signed in. Security director and mentalist Eran Feigenbaum said […]

Google releases enterprise malware watchdog called ‘Santa’ for Mac OS

While some consumers find Apple’s XProtect anti-malware enough protection for their Mac, most enterprises running Apple machines don’t, including Google, which has developed its own lockdown software. Dubbed Santa, the software developed by Google’s Macintosh Operations Apple Team “keeps track of binaries that are naughty and nice”. Google released the tool on GitHub last week […]

This is how Google is dealing with ‘right to be forgotten’ requests

Google is employing a big team of lawyers, engineers and paralegals who have so far evaluated over half a million URLs that were requested to be delisted from search results by European citizens, the company said. About six months after the Court of Justice of the European Union (CJEU) gave Europeans the right to compel […]

A new critical flaw affects Android OS except Lollipop

The security researcher Jann Horn discovered a privilege escalation flaw that affects Android OS devices except the Lollipop version. A critical vulnerability affects the Android OS versions prior to 5.0 that could be exploited by an attacker to bypass ASLR and run arbitrary code on a target device under specific conditions. The vulnerability was fixed in […]

Privilege Escalation Risk Fixed in Android Lollipop, Lower Versions Vulnerable

A security risk in Android versions below 5.0 (Lollipop) could allow a potential attacker to bypass the ASLR defense and execute code of their choice. The glitch touches on deserialization of input data and refers to java.io.ObjectInputStream’s unsuccessful check if an object is in fact serializable before reverting the process. In the context of data […]

Chrome 39 Disables SSLv3 Fallback, Awards $41,500 / €33,000 in Bounties

Google announced version 39 of its Chrome browser, which disables fallback to buggy SSL 3.0 from a more secure cryptographic protocol in case of client-server connection errors, thus eliminating the risk of a POODLE attack. The new release of the browser has received a total of 42 security fixes and it is the first one […]

Google Releases Nogotofail Tool to Test Network Security

The last year has produced a rogues’ gallery of vulnerabilities in transport layer security implementations and new attacks on the key protocols, from Heartbleed to the Apple gotofail flaw to the recent POODLE attack. To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing […]

Google Drive once again exploited in a sophisticated phishing attack

Cybercriminals and states-sponsored hackers are leveraging Google Drive site and other cloud storage to operate in a stealthy way and avoid detection. Cybercriminals and attackers are exploiting once again Google Drive infrastructure to avoid detection. The exploitation of Google Drive cloud storage by cyber criminals is not a novelty, a few days ago experts at […]

Bad actors are using Gmail Drafts to control their bots

Security company Shape Security discovered a new strain of malware which is exploiting Gmail service as a communication channel with control server. Security experts at Shape Security announced to have found a new strain of malware that implements a smart technique to communicate with command and control servers, the commands are hidden in unassuming Gmail […]

A malicious dialler disguised as an App for adults, hides and resists attempts to remove it

A malicious dialler disguised as an application for adults could become a big problem for Android users, as the malware systematically removes traces of itself from the phone and makes deinstallation impossible through normal means, Dr. Web researchers warn. Once installed, the malware places its shortcut – without an icon or any captions – on […]