Google has a message for webmasters serving up malware and it goes something like this: Fool me once, shame on you. Fool me twice, shame on me. Going forward, Google is plugging what it calls a "gap" in its online protection scheme that allowed sites serving up malicious content to become repeat offenders without much...
Read more...
Ahmed Mehtab, a student from Pakistan and the CEO of Security Fuse, is in the running to score a $20,000 payday from Google's bug bounty program. While there remains some red tape to clear, Mehtab is likely to receive the bounty for discovering a rather crafty flaw in Gmail relating to its authentication and...
Read more...
There's been no shortage of stories regarding Android security of the years, a fact that has worried some fans of the "openness" of the OS. Each new security story makes it seem more likely that the OS will become a little more locked-down, a la iOS. Well, that might not happen after all, because as it stands today...
Read more...
Once again Google and Microsoft are at odds over the former's decision to disclose a zero-day vulnerability affecting the latter's Windows operating system. Google alerted both Adobe and Microsoft on October 21, 2016, of previously disclosed security flaws it discovered and in the time that has passed Adobe has issued...
Read more...
The last thing you want to do is broadcast your bank or other sensitive login credentials for any Nosy Nellie to see. That's why a properly secured website asking for your confidential information uses encryption. Starting soon, Google's Chrome browser will tattle on websites that fail to secure your passwords and...
Read more...
Here's a reminder to always check the URL of a website before entering in your login details, folks. That bit of safe computing advice applies to all online services, both big and small. Lest anyone doubt that, security researcher Aiden Woods recently notified Google of a potential security flaw in the way it handles...
Read more...
Security researchers on Google's Project Zero team have discovered critical security flaws in several of Symantec's software security products, including its popular Norton line for consumers and Endpoint Protection for enterprises. No small thing, among the vulnerabilities are several wormable remote code execution...
Read more...
It's a dangerous online world out there and to keep the bad guys at bay, many companies require that employees use two-factor authentication. Typically the second method of verification entails tapping a Security Key or entering a verification code that's sent to a mobile device, but to make things easier Google is...
Read more...
Using passwords as a form of security may not be long for this world, not if Google gets its way. The Mountain View outfit's ATAP (Advanced Technology and Projects) division is hard at work on Project Abacus, a scheme that relies on biometric data to determine a person's identity rather than relying on traditional...
Read more...
Last week, we learned about the company teaming up with others, such as Microsoft and Yahoo, to make SMTP 'Strict Transport Security' a reality, a protocol that would make it even harder for malicious users to gain access to our email. In a new blog post, the company draws our attention to SMTP STS as well as a couple...
Read more...
If as a child you told your parents you wanted to be a bug hunter when you grow up, they'd probably dismiss the notion before telling you to go wash your hands before supper. But had you stuck with it, you could now show your parents just how lucrative it is to hunt bugs—programming bugs, that is. In fact, you can collect a cool $100,00 for
Read more...
It's not often that people feel compelled to side with Google on the topic of privacy, but the company's newest CEO, Sundar Pinchai, gives us a great reason to. As Brandon covered in great detail yesterday, Apple has been ordered by U.S. Magistrate Judge Sheri Pym to provide the FBI access to an iPhone 5c that was...
Read more...
It seems certain that we've all managed to wind up on a website at some point in time that had misleading elements, such as fake download buttons. While piracy is going to be the first thing that springs to many minds when this kind of sketchiness is brought up, it's hardly exclusive to that area. Some websites that...
Read more...
Password security is one of those things you either have or you don't. If you're password is a combination of alphanumeric characters and symbols with varying punctuation, congratulations, you're in much better shape than the guy who uses "12345," the same as found on his luggage. That said, traditional password input...
Read more...
Going on a bug hunt might not sound like the most exciting thing in the world, but for Project Zero, the name for a team of security analysts tasked by Google with finding zero-day exploits, a good old fashioned bug hunt is both exhilarating and productive. As a result of Project Zero's efforts to root out bugs in...
Read more...
Not long after Samsung announced that it would roll out security updates to Galaxy devices on a monthly basis, Google stood up and said, "Hey, great idea, we're going to do that with Nexus hardware!" That's not a verbatim quote, mind you, but it's the gist of what Google announced only hours after Samsung in regards...
Read more...
Earlier this week, we learned of a scary piece of malware that can strike almost all Android devices in use. As has become a theme of late, the exploit is trigged via a simple text message. While it's easy to assume that you'll be safe simply by not reading any unsolicited text messages from people you don't know...
Read more...
Google is putting up some serious cash in hopes that security researchers and Android dissectors in general will root out security vulnerabilities in exchange for monetary rewards. The expansion of its bug bounty program over to Android represents the first time the mobile operating system has been included, though at...
Read more...
As more and more of our daily lives shift online, there's an increased need to take control of privacy and security settings. That's not always easy to do, depending on the service. With that in mind, Google today unveiled a new hub for managing your Google settings called My Account, which gives you quick access to...
Read more...
Smartphone security is a double-edged sword. If you're lax with security and leave your phone unlocked all the time, you're inviting mischief. And if you lock it down with a passcode or some other method, you'll have to unlock it each time you use it. Or do you? Turns out Google's working on a new Smart Lock mode that...
Read more...
Google has long offered some serious protection in its Chrome Web browser from malicious software, and in some cases, I'd almost call it too protective. Nonetheless, the warnings the browser provides are good, because as unfortunate as it is, a lot of people end up downloading and installing something that's bundling...
Read more...
Dutch SIM card maker Gemalto has been enduring unwanted media attention for the past few weeks after reports surfaced that Britain’s GCHQ and the United States’ NSA may have breached the company’s networks. Today, Gemalto released a statement acknowledging that an attack in 2010 was probably the work of the spy...
Read more...
