Pierluigi Paganini
August 01, 2018
Google recently removed 145 applications from the official Google Play store because they were found to carry malicious Windows executables inside. Researchers from Palo Alto Networks revealed that Google removed more than 145 apps from the Play store because they were carrying a Windows malware, The apps were uploaded to the Google Play store between October […]
Pierluigi Paganini
July 28, 2018
Google has updated the Play Store Developer Policy page to ban mobile mining apps that mine cryptocurrencies using the computational resources of the devices. Due to the surge in cryptocurrency prices, many legitimate websites and mobile apps are increasingly using cryptocurrency miners. Following Apple’s decision of banning cryptocurrency mining apps announced in June, also Google has updated the Play […]
Pierluigi Paganini
May 21, 2018
Google awarded the 18-year-old student Ezequiel Pereira a total of $36,337 for the discovery of a critical remote code execution vulnerability that affected the Google App Engine. The Google App Engine is a framework that allows Google users to develop and host web applications on a fully managed serverless platform. In February, Pereira gained access to […]
Pierluigi Paganini
March 22, 2018
Google announced that mitigations for devices with Intel processors that are affected by the Spectre and Meltdown vulnerabilities will be available for latest stable channel update for Google’s Chrome OS operating system. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data. The Meltdown attack could allow attackers to read […]
Pierluigi Paganini
January 22, 2018
Google has awarded a record $112,500 to a security researcher for reporting an exploit chain that could be used to hack Pixel smartphones. Last week the Google disclosed the technical details of the exploit chain that was devised in August 2017 by the Guang Gong from Alpha Team at Qihoo 360 Technology. The exploit chain triggers two […]
Pierluigi Paganini
December 08, 2017
The OpenSSL Project released the OpenSSL 1.0.2n version that addresses two vulnerabilities discovered by the Google researcher David Benjamin. Benjamin discovered the vulnerabilities using the OSS-Fuzz fuzzing service. The first “moderate severity” issue, tracked as CVE-2017-3737, is related to an “error state” mechanism implemented since OpenSSL 1.0.2b. “OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an “error state” […]
Pierluigi Paganini
December 04, 2017
Google has expanded enforcement of Google’s Unwanted Software Policy waring Android developers to explicitly declare data collection behaviors. A few days ago, Google was caught collecting users’ location data even when location services were disabled, many privacy experts questioned the behavior of the tech giant. Google promptly admitted the practice and suspended it. Now Google made another move to […]
Pierluigi Paganini
November 29, 2017
Siemens published a security advisory to confirm that four of the seven Dnsmasq vulnerabilities affect some of its SCALANCE products In October, Google security experts disclosed seven distinct vulnerabilities in the Dnsmasq software package. From the authors’ website, “Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot.” In practice, the Dnsmasq code has been widely leveraged in […]
Pierluigi Paganini
November 28, 2017
Google identified a new family of Android malware dubbed Tizi spyware by using Google Play Protect, it spies on popular apps like WhatsApp and Telegram. In May, Google introduced the defense system called Google Play Protect to protect the Android devices, it implements a machine learning and app usage analysis to identify any malicious activity on the […]
Pierluigi Paganini
November 23, 2017
Google is secretly gathering location data from billions of Android users, the news is disconcerting and once again raise the debate about user’s privacy. The disconcerting discovery was made by researchers from Quartz. Big G has been caught collecting location data on every Android device owner in the past 11 months. The worse news is that the […]
