Google

Pierluigi Paganini February 08, 2021
Google launches Open Source Vulnerabilities (OSV) database

Google announced the launch of OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. Google last week announced the OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. The database aims at helping both open source maintainers and consumers of open source projects. The archive […]

Pierluigi Paganini January 06, 2021
Google fixed a critical Remote Code Execution flaw in Android

Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google released an Android security update that addresses 43 flaws, including a critical remote code execution vulnerability in the Android System component tracked as CVE-2021-0316. Google addressed the flaws with the release of Security patch levels […]

Pierluigi Paganini January 05, 2021
How to bypass the Google Audio reCAPTCHA with a new version of unCaptcha2 attack

A German security researcher demonstrated how to break, once again, the Google Audio reCAPTCHA with Google’s own Speech to Text API. Back in 2017, researchers from the University of Maryland demonstrated an attack method, dubbed unCaptcha, against Google’s audio-based reCAPTCHA v2. The system receives the audio challenge, downloads it, and submits it to Speech To […]

Pierluigi Paganini December 16, 2020
EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

The European Union is going to unveil two laws, the Digital Services and Digital Markets Acts, that will impose new rules for tech giants. The European Union is set to unveil two laws, the Digital Services and Digital Markets Acts, that aim at defining new rules for the digital market, especially for the operations of […]

Pierluigi Paganini November 03, 2020
Google fixes the second zero-day in Chrome in 2 weeks actively exploited

Google released Chrome 86.0.4240.183 for Windows, Mac, and Linux to fix 10 security vulnerabilities, including an RCE zero-day exploited in the wild. Google has released Chrome 86.0.4240.183 for Windows, Mac, and Linux that address ten security vulnerabilities including a remote code execution (RCE) zero-day (CVE-2020-16009) exploited by threat actors in the wild. The RCE is […]

Pierluigi Paganini October 30, 2020
Google discloses unpatched Windows zero-day exploited in the wild

Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Project Zero team, revealed on Twitter that the vulnerability […]

Pierluigi Paganini October 27, 2020
Google removes a set of 21 malicious apps from the Play Store

Google has removed 21 malicious apps from the official Play Store because they were found to serve intrusive and annoying ads. Google has removed 21 new malicious apps from the official Play Store because they were found displaying intrusive ads. The following malicious apps were spotted by researchers from cybersecurity firm Avast: Shoot Them Crush […]

Pierluigi Paganini October 27, 2020
Fragomen law firm data breach exposed Google employee’s data

Immigration law firm Fragomen has disclosed a data breach that exposed current and former Google employees’ personal information. Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP, one of the most prominent US law firms covering immigration law, disclosed a data breach. The security breach exposed current and former Google employees’ personal information after […]

Pierluigi Paganini October 21, 2020
Chrome 86.0.4240.111 fixes actively exploited CVE-2020-15999 zero-day

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […]

Pierluigi Paganini October 10, 2020
Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP)

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). The Advanced Protection Program aims at protecting users with high visibility and sensitive information (i.e. activists, journalists, and political parties), who are exposed to the risk of targeted attacks. Google announced an improved malware protection. In March, Google […]