Google announced the launch of OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. Google last week announced the OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. The database aims at helping both open source maintainers and consumers of open source projects. The archive […]
Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google released an Android security update that addresses 43 flaws, including a critical remote code execution vulnerability in the Android System component tracked as CVE-2021-0316. Google addressed the flaws with the release of Security patch levels […]
A German security researcher demonstrated how to break, once again, the Google Audio reCAPTCHA with Google’s own Speech to Text API. Back in 2017, researchers from the University of Maryland demonstrated an attack method, dubbed unCaptcha, against Google’s audio-based reCAPTCHA v2. The system receives the audio challenge, downloads it, and submits it to Speech To […]
The European Union is going to unveil two laws, the Digital Services and Digital Markets Acts, that will impose new rules for tech giants. The European Union is set to unveil two laws, the Digital Services and Digital Markets Acts, that aim at defining new rules for the digital market, especially for the operations of […]
Google released Chrome 86.0.4240.183 for Windows, Mac, and Linux to fix 10 security vulnerabilities, including an RCE zero-day exploited in the wild. Google has released Chrome 86.0.4240.183 for Windows, Mac, and Linux that address ten security vulnerabilities including a remote code execution (RCE) zero-day (CVE-2020-16009) exploited by threat actors in the wild. The RCE is […]
Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Project Zero team, revealed on Twitter that the vulnerability […]
Google has removed 21 malicious apps from the official Play Store because they were found to serve intrusive and annoying ads. Google has removed 21 new malicious apps from the official Play Store because they were found displaying intrusive ads. The following malicious apps were spotted by researchers from cybersecurity firm Avast: Shoot Them Crush […]
Immigration law firm Fragomen has disclosed a data breach that exposed current and former Google employees’ personal information. Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP, one of the most prominent US law firms covering immigration law, disclosed a data breach. The security breach exposed current and former Google employees’ personal information after […]
Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […]
Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). The Advanced Protection Program aims at protecting users with high visibility and sensitive information (i.e. activists, journalists, and political parties), who are exposed to the risk of targeted attacks. Google announced an improved malware protection. In March, Google […]