Security Affairs

FEBRUARY 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 Type Confusion bug, tracked as CVE-2023-4762 , to its Known Exploited Vulnerabilities (KEV) catalog.

Spyware 104

Spyware Hacking Cybersecurity Risk 104

Bleeping Computer

NOVEMBER 3, 2023

Google Play, Android's official app store, is now tagging VPN apps with an 'independent security reviews' badge if they conducted an independent security audit of their software and platform. [.]

VPN 118

VPN Software Mobile 118

Malwarebytes

MAY 15, 2024

Apple and Google have announced an industry specification for Bluetooth tracking devices which help alert users to unwanted tracking. Bluetooth tag manufacturers including Chipolo, eufy, Jio, Motorola, and Pebblebee have all said that future tags will be compatible.

Manufacturing 93

Manufacturing Mobile Engineering Internet 93

Naked Security

MAY 3, 2023

To bleat, or not to bleat, that is the question.

119

119

Google Security

APRIL 8, 2024

Posted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Keeping people safe and their data secure and private is a top priority for Android. We gave careful consideration to the potential user security and privacy challenges that come with device finding services. Imagine you drop your keys at a cafe.

Encryption 90

Encryption Risk Architecture Mobile 90

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” reads the report published by Google TAG.

Government 113

Government Surveillance Cybercrime Ransomware 113

The Hacker News

NOVEMBER 28, 2023

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library.

107

107

Bleeping Computer

SEPTEMBER 22, 2023

Security researchers with the Citizen Lab and Google's Threat Analysis Group (TAG) revealed today that three zero-days patched by Apple on Thursday were abused as part of an exploit chain to install Cytrox's Predator spyware. [.]

Spyware 116

Spyware 116

Security Affairs

SEPTEMBER 8, 2023

The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). “Recently, TAG became aware of a new campaign likely from the same actors based on similarities with the previous campaign. ” reads the advisory published by Google TAG. .

Cybersecurity 106

Cybersecurity Media Accountability Software 106

Security Affairs

MARCH 18, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine’s government for intelligence purposes. Below is the tweet published by TAG chief, Shane Huntley, who cited the Google TAG Security Engineer Billy Leonard. ” wrote Leonard. China is working hard here too. government.

Government 100

Government Engineering Phishing Hacking 100

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

DDOS 94

DDOS Phishing Government Hacking 94

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild.

Spyware 108

Spyware Surveillance Mobile Hacking 108

Appknox

MAY 12, 2022

Internet and software giant Google recently recalibrated how it categorizes its Playstore apps. Google's Android applications are tagged with 'nutrition labels' based on the security practices and the data they collect from users to share with third parties.

Mobile 143

Mobile Internet Internet Software 143

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 88

Phishing Education Accountability Telecommunications 88

Anton on Security

JANUARY 10, 2024

So, we ( Tim and Anton , the crew behind the podcast ) wanted to post another reflections blog based on our Cloud Security Podcast by Google being almost 3 (we will be 3 years old on Feb 11, 2024, to be precise), kind of similar to this one. Changes in 2022 and Beyond in Cloud Security” (2022 season opener!) “EP8

Cloud Migration 130

Cloud Migration Government Network Security Risk 130

Penetration Testing

JANUARY 16, 2024

On Tuesday, Google rolled out a crucial update to patch a zero-day flaw in its widely-used Chrome browser.

Penetration Testing 99

Penetration Testing 99

Security Affairs

JULY 27, 2023

It was developed by Zimbra, Inc The vulnerability is reflected Cross-Site Scripting (XSS) that was discovered by Clément Lecigne of Google Threat Analysis Group (TAG). Google TAG researchers focus on identifying and countering advanced and persistent threats. Zimbra this week released version ZCS 10.0.2

Hacking 85

Hacking Cyber threats Risk Information Security 85

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing 113

Manufacturing Government Phishing Passwords 113

Security Boulevard

MARCH 12, 2024

The goal is to eliminate a broad class of software defects that make up to 70 percent of all vulnerabilities, according to researchers at Microsoft and Google. The post A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity appeared first on Security Boulevard.

Software 59

Software 59

The Hacker News

MAY 26, 2023

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). The spyware, which is delivered by means of

Spyware 121

Spyware Marketing 121

Security Affairs

AUGUST 2, 2023

Another piece of sensitive information that the research team observed included a Google Tag Manager ID. Google Tag Manager is a tool used to optimize update measurement codes and related code fragments, collectively known as tags, on a website or mobile app.

Passwords 96

Passwords Accountability Mobile Hacking 96

The Hacker News

JUNE 6, 2023

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023.

Engineering 99

Engineering 99

Security Affairs

MARCH 31, 2022

The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. Google experts pointed out that this is the first time that the cyberspies target NATO and military of multiple Eastern European countries. ” reads the report published by the TAG team.

Phishing 76

Phishing Accountability Government Hacking 76

Bleeping Computer

NOVEMBER 30, 2022

Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a Spanish software company. [.].

Spyware 113

Spyware Software 113

Malwarebytes

MAY 10, 2023

Last week we reported that Google and Apple were looking for input on a draft specification to alert users in the event of suspected unwanted tracking. Apple and Google said other tracker makers like Samsung, Tile, Chipolo, eufy Security, and Pebblebee have expressed interest in their draft.

Ransomware 98

Ransomware 98

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. TAG researchers tracked more than 30 vendors selling exploits or surveillance capabilities to nation-state actors. ” reads the report published by Google.

Surveillance 114

Surveillance Mobile Spyware Telecommunications 114

Security Affairs

JUNE 6, 2023

Google released security updates to address a high-severity zero-day flaw in the Chrome web browser that it actively exploited in the wild. Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. ” reads the advisory published by the company.

Engineering 90

Engineering Hacking Information Security 90

Security Affairs

JULY 13, 2023

“A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 ” The vulnerability is reflected Cross-Site Scripting (XSS) that was discovered by Clément Lecigne of Google Threat Analysis Group (TAG). Google TAG researchers focus on identifying and countering advanced and persistent threats.

Hacking 87

Hacking Backups Cyber threats Authentication 87

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 102

Spyware Surveillance Risk Internet 102

Heimadal Security

FEBRUARY 21, 2023

According to a new report released by Google’s Threat Analysis Group (TAG) and Mandiant, Russia’s cyber attacks against Ukraine increased by 250% in 2022. The company said it observed […] The post Google Confirms Increase In Russian Cyber Attacks Against Ukraine appeared first on Heimdal Security Blog.

Cyber Attacks 101

Cyber Attacks Media Government Cybersecurity 101

Heimadal Security

JUNE 24, 2022

For many years, Google has been monitoring the activity of commercial spyware sellers and in conjunction with Google’s Project Zero, discovered the fact that RCS Labs, an Italian vendor, utilizes unusual drive-by downloads as first infection vectors to target iOS and Android mobile users. What Happened?

Spyware 116

Spyware Mobile Cybersecurity 116

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. According to Google’s Threat Analysis Group (TAG) researchers, who spotted the campaign, the attacks were launched by multiple hack-for-hire actors recruited on Russian-speaking forums.

Accountability 128

Accountability Malware Phishing Social Engineering 128

Security Affairs

DECEMBER 1, 2019

Google revealed that over 12,000 of its users were targeted by state-sponsored hackers in the third quarter of this year. Google’s Threat Analysis Group (TAG) revealed that it has detected and blocked attacks carried out by nation-state actors on 12,000 of its users in the third quarter of this year. Pierluigi Paganini.

Phishing 129

Phishing Accountability Advertising Cyber Attacks 129

Security Affairs

DECEMBER 8, 2022

Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. Google Threat Analysis Group researchers discovered the zero-day vulnerability in late October 2022, it was exploited by APT37 using specially crafted documents. ” reads the post published by TAG.

Internet 98

Internet Internet Engineering Malware 98

The Hacker News

DECEMBER 2, 2022

Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022.

Engineering 94

Engineering 94

Security Affairs

JULY 30, 2023

Google’s Threat Analysis Group Google states that more than 40% of zero-day flaws discovered in 2022 were variants of previous issues. Google's 2022 Year in Review of in-the-wild 0-days is out! ” reads the report published by Google TAG. 0-clicks usually target components other than the browser.

Firewall 86

Firewall Software Hacking Internet 86

Security Affairs

MARCH 9, 2022

Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. Google announced to have blocked a phishing campaign originating conducted by China-linked cybereaspionage group APT31 (aka Zirconium , Judgment Panda, and Red Keres) and aimed at Gmail users associated with the U.S.

Government 90

Government Phishing DDOS Hacking 90