Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild. Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Indexed DB API respectively, with the internet giant … [Read more...] about Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years
Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years, as the U.S. government partners with private sector companies to address threats facing the country in the wake of a string of sophisticated malicious cyber activity targeting critical infrastructure, laying bare the risks to data, organizations, … [Read more...] about Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years
Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
A malware known for targeting macOS operating system has been updated once again to add more features to its toolset that allows it to amass and exfiltrate sensitive data stored in a variety of apps, including apps such as Google Chrome and Telegram, as part of further "refinements in its tactics." XCSSET was uncovered in August 2020, when it was found targeting Mac developers … [Read more...] about Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine
An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network. "This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in an analysis published Friday. "By mounting this exploit, the attacker can grant … [Read more...] about Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine
Google Extends Support for Tracking Party Cookies Until 2023
Google's sweeping proposals to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years. "While there's considerable progress with this initiative, it's become clear that more time is needed across the ecosystem to get this … [Read more...] about Google Extends Support for Tracking Party Cookies Until 2023
Google Workspace Now Offers Client-side Encryption For Drive and Docs
Google on Monday announced that it's rolling out client-side encryption to Google Workspace (formerly G Suite), thereby giving its enterprise customers direct control of encryption keys and the identity service they choose to access those keys. "With client-side encryption, customer data is indecipherable to Google, while users can continue to take advantage of Google's native … [Read more...] about Google Workspace Now Offers Client-side Encryption For Drive and Docs
Malware disguised as Minecraft mods on Google Play, continued
Although we recently reported finding 20 apps in Google Play posing as Minecraft modpacks — the most popular with more than a million downloads — Minecraft-themed malware continues to pop up in Google Play. Instead of doing anything they claimed, the apps turned users’ smartphones and tablets into extremely intrusive advertising tools. To be clear, the apps were totally useless … [Read more...] about Malware disguised as Minecraft mods on Google Play, continued
Google to Let Android Users Opt-Out to Stop Ads From Tracking Them
Google is tightening its privacy practices that could make it harder for apps on Android phones and tablets to track users who have opted out of receiving personalized interest-based ads. The change will go into effect sometime in late 2021. The development, which mirrors Apple's move to enable iPhone and iPad users to opt-out of ad tracking, was first reported by the Financial … [Read more...] about Google to Let Android Users Opt-Out to Stop Ads From Tracking Them
Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer
Cybersecurity researchers on Wednesday publicized the disruption of a "clever" malvertising network targeting AnyDesk that delivered a weaponized installer of the remote desktop software via rogue Google ads that appeared in the search engine results pages. The campaign, which is believed to have begun as early as April 21, 2021, involves a malicious file that masquerades as a … [Read more...] about Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer
Google Chrome update patches CVE-2021-21193 vulnerability
Google Chrome urgently requires an update to patch a severe vulnerability. You may be tired of updating Chrome (the latest urgent update was just last month), but it’s that time again, and with good reason: Cybercriminals have already exploited this vulnerability. What is CVE-2021-21193? On March 12, Google released stable build 89.0.4389.90 for Chrome, patching five … [Read more...] about Google Chrome update patches CVE-2021-21193 vulnerability