FreshRSS

🔒
☐ ☆ ✇ The Hacker News

Swedish Data Protection Authority Warns Companies Against Google Analytics Use

By Ravie Lakshmanan — July 4th 2023 at 17:58
The Swedish data protection watchdog has warned companies against using Google Analytics due to risks posed by U.S. government surveillance, following similar moves by Austria, France, and Italy last year. The development comes in the aftermath of an audit initiated by the Swedish Authority for Privacy Protection (IMY) against four companies CDON, Coop, Dagens Industri, and Tele2. "In its audits
☐ ☆ ✇ The Hacker News

Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

By Ravie Lakshmanan — June 20th 2023 at 05:05
Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as APT-C-35 and Viceroy Tiger. The espionage activity involves duping Android smartphone owners into
☐ ☆ ✇ The Hacker News

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits

By Ravie Lakshmanan — June 14th 2023 at 10:21
At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept (PoC) exploit for purported zero-day flaws in Discord, Google Chrome, and Microsoft Exchange Server. VulnCheck,
☐ ☆ ✇ Naked Security

S3 Ep138: I like to MOVEit, MOVEit

By Paul Ducklin — June 8th 2023 at 16:56
Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)

s3-ep138-1200

☐ ☆ ✇ Naked Security

Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now

By Paul Ducklin — June 6th 2023 at 18:28
Chrome and Edge 0-days patched.

☐ ☆ ✇ The Hacker News

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

By Ravie Lakshmanan — June 6th 2023 at 10:21
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type
☐ ☆ ✇ The Hacker News

Severe Flaw in Google Cloud's Cloud SQL Service Exposed Confidential Data

By Ravie Lakshmanan — May 26th 2023 at 16:25
A new security flaw has been disclosed in the Google Cloud Platform's (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. "The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP data like secrets, sensitive files, passwords, in addition
☐ ☆ ✇ The Hacker News

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

By Ravie Lakshmanan — May 26th 2023 at 06:38
A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to the VirusTotal public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put to use in the wild
☐ ☆ ✇ The Hacker News

GUAC 0.1 Beta: Google's Breakthrough Framework for Secure Software Supply Chains

By Ravie Lakshmanan — May 25th 2023 at 05:45
Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to secure their software supply chains. To that end, the search giant is making available the open source framework as an API for developers to integrate their own tools and policy engines. GUAC aims to aggregate software security metadata from different sources
☐ ☆ ✇ The Hacker News

Data Stealing Malware Discovered in Popular Android Screen Recorder App

By Ravie Lakshmanan — May 24th 2023 at 10:33
Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app (APK package name "com.tsoft.app.iscreenrecorder"), which accrued over 50,000 installations, was first uploaded on September 19, 2021. The malicious functionality
☐ ☆ ✇ The Hacker News

Warning: Samsung Devices Under Attack! New Security Flaw Exposed

By Ravie Lakshmanan — May 20th 2023 at 04:15
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a
☐ ☆ ✇ The Hacker News

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

By Ravie Lakshmanan — May 19th 2023 at 12:28
Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting
☐ ☆ ✇ WIRED

How to Stop Google From Deleting Your Inactive Account

By Reece Rogers — November 25th 2023 at 14:00
Your inactive profiles, like Gmail or Docs, could turn into digital dust later this year. A few clicks can save them.
☐ ☆ ✇ The Hacker News

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

By Ravie Lakshmanan — May 17th 2023 at 11:52
A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party remote management tools within compromised environments. Google-owned Mandiant attributed the activity to a threat group it tracks under the name UNC3944, which is also known as Roasted 0ktapus and Scattered Spider. "This method of attack was unique in
☐ ☆ ✇ The Hacker News

Google Announces New Privacy, Safety, and Security Features Across Its Services

By Ravie Lakshmanan — May 10th 2023 at 18:31
Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The tech giant's latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and transparency over their personal data. Here is a short list of the newly introduced features -
☐ ☆ ✇ The Hacker News

Why Honeytokens Are the Future of Intrusion Detection

By The Hacker News — May 10th 2023 at 11:15
A few weeks ago, the 32nd edition of RSA, one of the world's largest cybersecurity conferences, wrapped up in San Francisco. Among the highlights, Kevin Mandia, CEO of Mandiant at Google Cloud, presented a retrospective on the state of cybersecurity. During his keynote, Mandia stated: "There are clear steps organizations can take beyond common safeguards and security tools to strengthen their
☐ ☆ ✇ The Hacker News

Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads

By Ravie Lakshmanan — May 5th 2023 at 07:21
A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and smartphone wallpaper packs. The apps have since been taken down. The operation primarily targets users
☐ ☆ ✇ Naked Security

Tracked by hidden tags? Apple and Google unite to propose safety and security standards…

By Paul Ducklin — May 3rd 2023 at 19:58
To bleat, or not to bleat, that is the question.

☐ ☆ ✇ The Hacker News

Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts

By Ravie Lakshmanan — May 3rd 2023 at 13:45
Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution across Google Accounts on all platforms. Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to use a traditional password. This, in turn, can be achieved by simply unlocking their computer or
☐ ☆ ✇ The Hacker News

Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices

By Ravie Lakshmanan — May 3rd 2023 at 09:24
Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags. "The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across Android and
☐ ☆ ✇ The Hacker News

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads

By Ravie Lakshmanan — May 2nd 2023 at 07:09
In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been observed leveraging the technique to deliver a new Windows-based financial trojan and information stealer called LOBSHOT. "LOBSHOT continues to collect victims while staying under the radar," Elastic Security Labs researcher Daniel Stepanic said in an analysis published last week. "One
☐ ☆ ✇ The Hacker News

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

By Ravie Lakshmanan — May 1st 2023 at 08:52
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The agency attributed the phishing campaign to APT28, which is also known by the names Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, Sednit, and Sofacy. The email messages come with the subject line "
☐ ☆ ✇ The Hacker News

Google Blocks 1.43 Million Malicious Apps, Bans 173,000 Bad Accounts in 2022

By Ravie Lakshmanan — May 1st 2023 at 05:10
Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being published to the Play Store in 2022. In addition, the company said it banned 173,000 bad accounts and fended off over $2 billion in fraudulent and abusive transactions through developer-facing features like Voided Purchases API, Obfuscated Account ID, and Play Integrity
☐ ☆ ✇ Naked Security

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

By Paul Ducklin — April 30th 2023 at 01:23
These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short.

☐ ☆ ✇ Naked Security

Google wins court order to force ISPs to filter botnet traffic

By Naked Security writer — April 28th 2023 at 19:59
CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.

☐ ☆ ✇ Naked Security

S3 Ep132: Proof-of-concept lets anyone hack at will

By Paul Ducklin — April 27th 2023 at 16:55
When Doug says, "Happy Remote Code Execution Day, Duck"... it's irony. For the avoidance of all doubt :-)

☐ ☆ ✇ The Hacker News

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

By Ravie Lakshmanan — April 27th 2023 at 15:56
Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not only hold criminal operators of malware accountable, but also those who profit from its distribution.
☐ ☆ ✇ Naked Security

Google leaking 2FA secrets – researchers advise against new “account sync” feature for now

By Paul Ducklin — April 26th 2023 at 17:59
You waited 13 years for this feature in Google Authenticator. Now researchers are advising you to wait a while longer, just in case...

☐ ☆ ✇ The Hacker News

Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis

By Ravie Lakshmanan — April 25th 2023 at 10:39
Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape.  Powering the cybersecurity suite is Sec-PaLM, a specialized large language model (LLM) that's "fine-tuned for security use cases." The idea is to take advantage of the latest advances in AI to augment
☐ ☆ ✇ The Hacker News

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

By Ravie Lakshmanan — April 25th 2023 at 04:33
Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) to the cloud. "This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security,"
☐ ☆ ✇ Naked Security

Double zero-day in Chrome and Edge – check your versions now!

By Paul Ducklin — April 24th 2023 at 19:59
Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?

☐ ☆ ✇ The Hacker News

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

By Ravie Lakshmanan — April 22nd 2023 at 06:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows - CVE-2023-28432 (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability  CVE-2023-27350 (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control
☐ ☆ ✇ The Hacker News

GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform

By Ravie Lakshmanan — April 21st 2023 at 12:13
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim's Google account. Dubbed GhostToken by Israeli cybersecurity startup Astrix Security, the shortcoming impacts all Google accounts, including enterprise-focused Workspace accounts. It
☐ ☆ ✇ Naked Security

S3 Ep131: Can you really have fun with FORTRAN?

By Paul Ducklin — April 20th 2023 at 17:55
Loop-the-loop in this week's episode. Entertaining, educational and all in plain English. Transcript inside.

☐ ☆ ✇ The Hacker News

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

By Ravie Lakshmanan — April 19th 2023 at 15:41
Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group (TAG), which is monitoring the activities of the actor under the name FROZENLAKE, said the attacks continue the "group's 2022 focus
☐ ☆ ✇ The Hacker News

Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released

By Ravie Lakshmanan — April 19th 2023 at 13:47
Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library. Clément Lecigne of Google's Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on April 12, 2023. "
☐ ☆ ✇ Naked Security

FBI and FCC warn about “Juicejacking” – but just how useful is their advice?

By Paul Ducklin — April 17th 2023 at 18:17
USB charging stations - can you trust them? What are the real risks, and how can you keep your data safe on the road?

☐ ☆ ✇ The Hacker News

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose

By Ravie Lakshmanan — April 17th 2023 at 16:32
Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft. The development was reported by the Israeli business newspaper Calcalist, citing unnamed sources, adding the company "hasn't been fully active for a while" and that it "has been in a difficult situation for several
☐ ☆ ✇ The Hacker News

Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites

By Ravie Lakshmanan — April 17th 2023 at 11:46
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google's infrastructure for malicious ends. The tech giant's Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed moniker HOODOO, which is
☐ ☆ ✇ The Hacker News

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

By Ravie Lakshmanan — April 15th 2023 at 03:58
Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been
☐ ☆ ✇ The Hacker News

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

By Ravie Lakshmanan — April 13th 2023 at 20:00
Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement. "Those risks span everything from
❌