google – Page 2 – SSL and internet security news

Finding Vulnerabilities in Open Source Projects

February 2, 2022 infossl

google, microsoft, open source, Security technology, Uncategorized, vulnerabilities

The Open Source Security Foundation announced $10 million in funding from a pool of tech and financial companies, including $5 million from Microsoft and Google, to find vulnerabilities in open source projects: The “Alpha” side will emphasize vulnerability testing by hand in the most popular open-source projects, developing close working relationships with a handful of … Read More “Finding Vulnerabilities in Open Source Projects” »

People Are Increasingly Choosing Private Web Search

January 6, 2022 infossl

google, privacy, search engines, Security technology, Uncategorized, web privacy

DuckDuckGo has had a banner year: And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021, a 46.4% jump over 2020 (23.6 billion). That’s big. Even so, the company, which bills itself as the “Internet privacy company,” offering a search engine and other products designed to “empower you to … Read More “People Are Increasingly Choosing Private Web Search” »

Google Shuts Down Glupteba Botnet, Sues Operators

December 9, 2021 infossl

bitcoin, blockchain, botnets, cybersecurity, google, Security technology, Uncategorized

Google took steps to shut down the Glupteba botnet, at least for now. (The botnet uses the bitcoin blockchain as a backup command-and-control mechanism, making it hard to get rid of it permanently.) So Google is also suing the botnet’s operators. It’s an interesting strategy. Let’s see if it’s successful. Powered by WPeMatico

MacOS Zero-Day Used against Hong Kong Activists

November 12, 2021 infossl

activism, apple, china, cybersecurity, exploits, google, hacking, Security technology, Uncategorized, zero-day

Google researchers discovered a MacOS zero-day exploit being used against Hong Kong activists. It was a “watering hole” attack, which means the malware was hidden in a legitimate website. Users visiting that website would get infected. From an article: Google’s researchers were able to trigger the exploits and study them by visiting the websites compromised … Read More “MacOS Zero-Day Used against Hong Kong Activists” »

Storing Encrypted Photos in Google’s Cloud

July 30, 2021 infossl

academic papers, cloud computing, encryption, google, photos, Security technology, Uncategorized

New paper: “Encrypted Cloud Photo Storage Using Google Photos“: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and more photos in the cloud, significant privacy concerns arise because even a single compromise of a user’s credentials give … Read More “Storing Encrypted Photos in Google’s Cloud” »

Google’s Project Zero Finds a Nation-State Zero-Day Operation

April 8, 2021 infossl

cyberattack, google, Security technology, terrorism, Uncategorized, zero-day

Google’s Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”: The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to … Read More “Google’s Project Zero Finds a Nation-State Zero-Day Operation” »

Exploiting Spectre Over the Internet

March 18, 2021 infossl

exploits, google, Security technology, Uncategorized, vulnerabilities

Google has demonstrated exploiting the Spectre CPU attack remotely over the web: Today, we’re sharing proof-of-concept (PoC) code that confirms the practicality of Spectre exploits against JavaScript engines. We use Google Chrome to demonstrate our attack, but these issues are not specific to Chrome, and we expect that other modern browsers are similarly vulnerable to … Read More “Exploiting Spectre Over the Internet” »

Android Apps Stealing Facebook Credentials

June 30, 2020 infossl

android, credentials, facebook, google, malware, Security technology

Google has removed 25 Android apps from its store because they steal Facebook credentials: Before being taken down, the 25 apps were collectively downloaded more than 2.34 million times. The malicious apps were developed by the same threat group and despite offering different features, under the hood, all the apps worked the same. According to … Read More “Android Apps Stealing Facebook Credentials” »

Phishing Attacks Against Trump and Biden Campaigns

June 8, 2020 infossl

china, google, intelligence, phishing, Security technology, threatalerts, voting

Google’s threat analysts have identified state-level attacks from China. I hope both campaigns are working under the assumption that everything they say and do will be dumped on the Internet before the election. That feels like the most likely outcome. Powered by WPeMatico

Malware in Google Apps

May 5, 2020 infossl

espionage, google, kaspersky, malware, phishing, Security technology, spyware

Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam. At a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the … Read More “Malware in Google Apps” »