Tag: Google

November 8, 2022

The first part of the update, the ‘2022-11-01 patch level’, includes fixes for 17 security defects, 12 of which could lead to escalation of privilege (EoP), three to denial of service (DoS), and two leading to information disclosure. All of […]

October 28, 2022

Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser. The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Security researchers Jan […]

September 12, 2022

The Pixel components impacted by the two critical bugs are Trusty and kernel. Tracked as CVE-2022-20231 and CVE-2022-20364, both issues could lead to escalation of privileges, Google explains. Three medium-severity vulnerabilities addressed with the latest Pixel security updates impact kernel […]

August 31, 2022

Google’s first stable channel version of Chrome 105 for Windows, Mac, and Linux, released this week, contained fixes for 24 vulnerabilities in previous versions of the software, including one “critical” flaw and eight that the company rated as being of […]

August 24, 2022

The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services have also set their sights on Google Workspace users. “This campaign specifically targeted chief executives and other senior members of various organizations which […]

August 24, 2022

A new strain of ransomware has been making victims for the past two months, masquerading as a Google software update application and reusing an open-source password management library for encryption. Dubbed HavanaCrypt by researchers from Cybereason, the new ransomware program […]

August 18, 2022

Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild. About the vulnerabilities (CVE-2022-32894, CVE-2022-32893) CVE-2022-32894 is out-of-bounds write issue in the operating systems’ […]

August 17, 2022

The latest update to Google’s Chrome browser is out, bumping the four-part version number to 104.0.5112.101 (Mac and Linux), or to 104.0.5112.102 (Windows). According to Google, the new version includes 11 security fixes, one of which is annotated with the […]

August 15, 2022

Called kCTF, the program was launched in 2020 to provide security researchers with the means to report vulnerabilities in the Google Kubernetes Engine (GKE), for which they receive a flag. “All of GKE and its dependencies are in scope, but […]

August 3, 2022

The internet giant has paid out a total of approximately $90,000 for the flaws patched in the latest version of Chrome, but it has yet to determine the rewards for two of the issues, including a high-severity bug. The highest […]

August 2, 2022

The critical vulnerability is tracked as CVE-2022-20345 and it affects the System component. It has been patched with Android 12 and 12L updates. According to Google, an attacker does not require additional execution privileges to remotely execute arbitrary code over […]

July 7, 2022

A cryptocurrency wallet service provider serving more than 2 million users worldwide and managing about $3 billion worth of Bitcoin was found to contain API vulnerabilities tied to how external authentication logins were implemented. The bugs are fixed, but the […]

June 24, 2022

Google is warning victims in Kazakhstan and Italy that they are being targeted by Hermit, a sophisticated and modular spyware from Italian vendor RCS Labs that not only can steal data but also record and make calls. Researchers from Google […]

June 20, 2022

A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 (CVSS […]

June 7, 2022

The most severe of the flaws addressed with the June 2022 security updates, Google says, impacts the System component and could lead to remote code execution (RCE). Tracked as CVE-2022-20127, the vulnerability impacts Android versions 10, 11, 12, and 12L. […]

May 27, 2022

Google has boasted that Chrome OS has never been hit by ransomware and says there is no evidence of a “successful virus attack”. The Chrome browser, on the other hand, has been increasingly targeted in zero-day attacks. The tech giant […]

May 6, 2022

Some of the world’s biggest tech companies have announced plans to try and remove the need for passwords for good. Apple, Google and Microsoft have joined forces to push the wider availability of passwordless logins in a major way, promoting […]

April 27, 2022

Google on Tuesday officially began rolling out a new “Data safety” section for Android apps on the Play Store to highlight the type of data being collected and shared with third-parties. “Users want to know for what purpose their data […]

April 20, 2022

Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the team of security researchers has been keeping tabs. In a year-in-review report on the number instances a zero-day bug has been exploited in […]

April 12, 2022

Google on Monday disclosed that it’s taking legal action against a nefarious actor who has been spotted operating fraudulent websites to defraud unsuspecting people into buying non-existent puppies. “The actor used a network of fraudulent websites that claimed to sell […]