A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers … [Read more...] about Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages
Three dangerous vulnerabilities in Google Chrome
Google has released an emergency update for the Chrome browser that addresses three vulnerabilities: CVE-2021-37974, CVE-2021-37975, and CVE-2021-37976. Google experts consider one of the vulnerabilities as critical and the other two as highly dangerous. What’s worse: according to Google cybercriminals have already exploited two of these three vulnerabilities. Therefore, Google … [Read more...] about Three dangerous vulnerabilities in Google Chrome
Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild. Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Indexed DB API respectively, with the internet giant … [Read more...] about Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years
Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years, as the U.S. government partners with private sector companies to address threats facing the country in the wake of a string of sophisticated malicious cyber activity targeting critical infrastructure, laying bare the risks to data, organizations, … [Read more...] about Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years
Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
A malware known for targeting macOS operating system has been updated once again to add more features to its toolset that allows it to amass and exfiltrate sensitive data stored in a variety of apps, including apps such as Google Chrome and Telegram, as part of further "refinements in its tactics." XCSSET was uncovered in August 2020, when it was found targeting Mac developers … [Read more...] about Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine
An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network. "This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in an analysis published Friday. "By mounting this exploit, the attacker can grant … [Read more...] about Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine
Google Extends Support for Tracking Party Cookies Until 2023
Google's sweeping proposals to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years. "While there's considerable progress with this initiative, it's become clear that more time is needed across the ecosystem to get this … [Read more...] about Google Extends Support for Tracking Party Cookies Until 2023
Google Workspace Now Offers Client-side Encryption For Drive and Docs
Google on Monday announced that it's rolling out client-side encryption to Google Workspace (formerly G Suite), thereby giving its enterprise customers direct control of encryption keys and the identity service they choose to access those keys. "With client-side encryption, customer data is indecipherable to Google, while users can continue to take advantage of Google's native … [Read more...] about Google Workspace Now Offers Client-side Encryption For Drive and Docs
Malware disguised as Minecraft mods on Google Play, continued
Although we recently reported finding 20 apps in Google Play posing as Minecraft modpacks — the most popular with more than a million downloads — Minecraft-themed malware continues to pop up in Google Play. Instead of doing anything they claimed, the apps turned users’ smartphones and tablets into extremely intrusive advertising tools. To be clear, the apps were totally useless … [Read more...] about Malware disguised as Minecraft mods on Google Play, continued
Google to Let Android Users Opt-Out to Stop Ads From Tracking Them
Google is tightening its privacy practices that could make it harder for apps on Android phones and tablets to track users who have opted out of receiving personalized interest-based ads. The change will go into effect sometime in late 2021. The development, which mirrors Apple's move to enable iPhone and iPad users to opt-out of ad tracking, was first reported by the Financial … [Read more...] about Google to Let Android Users Opt-Out to Stop Ads From Tracking Them