Threats & Malware, Vulnerabilities
November 8, 2022
Via: Security WeekThe first part of the update, the ‘2022-11-01 patch level’, includes fixes for 17 security defects, 12 of which could lead to escalation of privilege (EoP), three to denial of service (DoS), and two leading to information disclosure. All of […]
Threats & Malware, Vulnerabilities
October 28, 2022
Via: The Hacker NewsGoogle on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser. The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Security researchers Jan […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
September 12, 2022
Via: Security WeekThe Pixel components impacted by the two critical bugs are Trusty and kernel. Tracked as CVE-2022-20231 and CVE-2022-20364, both issues could lead to escalation of privileges, Google explains. Three medium-severity vulnerabilities addressed with the latest Pixel security updates impact kernel […]
Threats & Malware, Vulnerabilities
August 31, 2022
Via: Dark ReadingGoogle’s first stable channel version of Chrome 105 for Windows, Mac, and Linux, released this week, contained fixes for 24 vulnerabilities in previous versions of the software, including one “critical” flaw and eight that the company rated as being of […]
August 24, 2022
Via: The Hacker NewsThe threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services have also set their sights on Google Workspace users. “This campaign specifically targeted chief executives and other senior members of various organizations which […]
Threats & Malware, Virus & Malware
August 24, 2022
Via: CSO OnlineA new strain of ransomware has been making victims for the past two months, masquerading as a Google software update application and reusing an open-source password management library for encryption. Dubbed HavanaCrypt by researchers from Cybereason, the new ransomware program […]
Threats & Malware, Vulnerabilities
August 18, 2022
Via: Help Net SecurityApple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild. About the vulnerabilities (CVE-2022-32894, CVE-2022-32893) CVE-2022-32894 is out-of-bounds write issue in the operating systems’ […]
Threats & Malware, Vulnerabilities
August 17, 2022
Via: Naked SecurityThe latest update to Google’s Chrome browser is out, bumping the four-part version number to 104.0.5112.101 (Mac and Linux), or to 104.0.5112.102 (Windows). According to Google, the new version includes 11 security fixes, one of which is annotated with the […]
Cloud security, Security, Threats & Malware, Vulnerabilities
August 15, 2022
Via: Security WeekCalled kCTF, the program was launched in 2020 to provide security researchers with the means to report vulnerabilities in the Google Kubernetes Engine (GKE), for which they receive a flag. “All of GKE and its dependencies are in scope, but […]
Threats & Malware, Vulnerabilities
August 3, 2022
Via: Security WeekThe internet giant has paid out a total of approximately $90,000 for the flaws patched in the latest version of Chrome, but it has yet to determine the rewards for two of the issues, including a high-severity bug. The highest […]
Mobile, Threats & Malware, Vulnerabilities, Wireless security
August 2, 2022
Via: Security WeekThe critical vulnerability is tracked as CVE-2022-20345 and it affects the System component. It has been patched with Android 12 and 12L updates. According to Google, an attacker does not require additional execution privileges to remotely execute arbitrary code over […]
July 7, 2022
Via: Dark ReadingA cryptocurrency wallet service provider serving more than 2 million users worldwide and managing about $3 billion worth of Bitcoin was found to contain API vulnerabilities tied to how external authentication logins were implemented. The bugs are fixed, but the […]
June 24, 2022
Via: Threat PostGoogle is warning victims in Kazakhstan and Italy that they are being targeted by Hermit, a sophisticated and modular spyware from Italian vendor RCS Labs that not only can steal data but also record and make calls. Researchers from Google […]
Threats & Malware, Vulnerabilities
June 20, 2022
Via: The Hacker NewsA security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 (CVSS […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
June 7, 2022
Via: Security WeekThe most severe of the flaws addressed with the June 2022 security updates, Google says, impacts the System component and could lead to remote code execution (RCE). Tracked as CVE-2022-20127, the vulnerability impacts Android versions 10, 11, 12, and 12L. […]
May 27, 2022
Via: Security WeekGoogle has boasted that Chrome OS has never been hit by ransomware and says there is no evidence of a “successful virus attack”. The Chrome browser, on the other hand, has been increasingly targeted in zero-day attacks. The tech giant […]
May 6, 2022
Via: TechRadarSome of the world’s biggest tech companies have announced plans to try and remove the need for passwords for good. Apple, Google and Microsoft have joined forces to push the wider availability of passwordless logins in a major way, promoting […]
April 27, 2022
Via: The Hacker NewsGoogle on Tuesday officially began rolling out a new “Data safety” section for Android apps on the Play Store to highlight the type of data being collected and shared with third-parties. “Users want to know for what purpose their data […]
Threats & Malware, Vulnerabilities
April 20, 2022
Via: Threat PostGoogle Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the team of security researchers has been keeping tabs. In a year-in-review report on the number instances a zero-day bug has been exploited in […]
April 12, 2022
Via: The Hacker NewsGoogle on Monday disclosed that it’s taking legal action against a nefarious actor who has been spotted operating fraudulent websites to defraud unsuspecting people into buying non-existent puppies. “The actor used a network of fraudulent websites that claimed to sell […]