The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Google

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

October 14, 2021Ravie Lakshmanan
Google's Threat Analysis Group (TAG) on Thursday  said  it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33% increase from 2020, the internet giant said, with the spike largely  stemming  from "blocking an unusually large campaign from a Russian actor known as APT28 or Fancy Bear." Additionally, Google said it disrupted a number of campaigns mounted by an Iranian state-sponsored attacker group tracked as  APT35  (aka Charming Kitten, Phosphorous, or Newscaster), including a sophisticated social engineering attack dubbed "Operation SpoofedScholars" aimed at think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London's School of Oriental and African Studies (SOAS). Details of th
Google to turn on 2-factor authentication by default for 150 million users

Google to turn on 2-factor authentication by default for 150 million users

October 06, 2021Ravie Lakshmanan
Google has announced plans to automatically enroll about 150 million users into its two-factor authentication scheme by the end of the year as part of its ongoing efforts to prevent unauthorized access to accounts and improve security. In addition, the internet giant said it also intends to require 2 million YouTube creators to switch on the setting, which it calls two-step verification (2SV), to protect their channels from potential takeover attacks. "2SV is strongest when it combines both 'something you know' (like a password) and 'something you have' (like your phone or a security key)," Google's AbdelKarim Mardini and Guemmy Kim  said  in a post, adding "having a second form of authentication dramatically decreases an attacker's chance of gaining access to an account." The rollout follows the  company's proposals  to beef up account sign-ins earlier this May, when it said it intends to "automatically enrolling users in 2SV i
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

October 04, 2021Ravie Lakshmanan
A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive Technologies dubbed the advanced persistent threat (APT) group ChamelGang — referring to their chameleellonic capabilities, including disguising "its malware and network infrastructure under legitimate services of Microsoft, TrendMicro, McAfee, IBM, and Google."  "To achieve their goal, the attackers used a trending penetration method—supply chain," the researchers  said  of one of the incidents investigated by the firm. "The group compromised a subsidiary and penetrated the target company's network through it. Trusted relationship attacks are rare today due to the complexity of their execution. Using this method […], the ChamelGang group was able to achieve its goal a
Google now requires app developers to verify their address and use 2FA

Google now requires app developers to verify their address and use 2FA

June 29, 2021Ravie Lakshmanan
Google on Monday announced  new measures  for the Play Store, including requiring developer accounts to turn on 2-Step Verification (2SV), provide an address, and verify their contact details later this year. The new identification and two-factor authentication requirements are a step towards strengthening account security and ensuring a safe and secure app marketplace, Google Play Trust and Safety team said. As part of the changes, individual users and businesses in possession of Google Play developer accounts will be asked to specify an account type (personal or organization), a contact name, their physical address, as well as verifying the email address and phone number provided during account creation. In addition, the search giant is also mandating users of Google Play Console to sign in using Google's 2-Step Verification to prevent account takeover attacks. According to the timeline shared by Google, developer account owners will be able to declare their account type a
Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

June 11, 2021Ravie Lakshmanan
Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. "FLoC is premised on a compelling idea: enable ad targeting without exposing users to risk,"  said  Eric Rescorla, author of TLS standard and chief technology officer of Mozilla. "But the current design has a number of privacy properties that could create significant risks if it were to be widely deployed in its current form." Short for Federated Learning of Cohorts,  FLoC  is part of Google's fledgling  Privacy Sandbox  initiative that aims to develop alternate solutions to satisfy cross-site use cases without resorting to third-party cookies or other opaque tracking mechanisms. Essentially, FLoC allows marketers to guess users' interests without having to uniquely identify them, thereby eli
New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!

New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!

June 09, 2021Ravie Lakshmanan
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild. Tracked as  CVE-2021-30551 , the vulnerability stems from a type confusion issue in its V8 open-source and JavaScript engine. Sergei Glazunov of Google Project Zero has been credited with discovering and reporting the flaw. Although the search giant's Chrome team issued a terse statement acknowledging "an exploit for CVE-2021-30551 exists in the wild," Shane Huntley, Director of Google's Threat Analysis Group,  hinted  that the vulnerability was leveraged by the same actor that abused  CVE-2021-33742 , an actively exploited remote code execution flaw in Windows MSHTML platform t
Google to Let Android Users Opt-Out to Stop Ads From Tracking Them

Google to Let Android Users Opt-Out to Stop Ads From Tracking Them

June 04, 2021Ravie Lakshmanan
Google is tightening its privacy practices that could make it harder for apps on Android phones and tablets to track users who have opted out of receiving personalized interest-based ads. The change will go into effect sometime in late 2021. The development, which mirrors Apple's move to enable iPhone and iPad users to opt-out of ad tracking, was first  reported  by the Financial Times.  Once the revised policy goes live, Google is expected to completely cut off developers' access to the so-called "Advertising IDs," showing a "string of zeros" in its place. The Google Advertising ID (AAID), analogous to Apple's  IDFA , is a unique device identifier that can be used by app developers to track users as they move between apps to target ads better and measure the effectiveness of marketing campaigns. "Starting in late 2021, when a user opts out of interest-based advertising or ads personalization, the advertising identifier will not be available,&q
Google Chrome to Help Users Identify Untrusted Extensions Before Installation

Google Chrome to Help Users Identify Untrusted Extensions Before Installation

June 03, 2021Ravie Lakshmanan
Google on Thursday said it's rolling out new security features to Chrome browser aimed at detecting suspicious downloads and extensions via its Enhanced Safe Browsing feature, which it launched a year ago. To this end, the search giant said it will now offer additional protections when users attempt to install a new extension from the Chrome Web Store, notifying if it can be considered "trusted." Currently, 75% of all add-ons on the platform are compliant, the company pointed out, adding "any extensions built by a developer who follows the Chrome Web Store Developer Program Policies , will be considered trusted by Enhanced Safe Browsing." Enhanced Safe Browsing involves sharing real-time data with Google Safe Browsing to proactively safeguard users against dangerous sites. The company also noted that its integration with Safe Browsing's blocklist API helped improve privacy and security, with the number of malicious extensions disabled by the browser j
Google Researchers Discover A New Variant of Rowhammer Attack

Google Researchers Discover A New Variant of Rowhammer Attack

May 25, 2021Ravie Lakshmanan
A team of security researchers from Google has demonstrated yet another variant of the Rowhammer vulnerability that targets increasingly smaller DRAM chips to bypass all current mitigations, making it a persistent threat to chip security. Dubbed "Half-Double," the new hammering technique hinges on the weak coupling between two memory rows that are not immediately adjacent to each other but one row removed in an attempt to tamper with data stored in memory and attack a system . "Unlike  TRRespass , which exploits the blind spots of manufacturer-dependent defenses, Half-Double is an intrinsic property of the underlying silicon substrate," the researchers  noted . "This is likely an indication that the electrical coupling responsible for Rowhammer is a property of distance, effectively becoming stronger and longer-ranged as cell geometries shrink down. Distances greater than two are conceivable." Rowhammer attacks are similar to  speculative execution  
4 Major Privacy and Security Updates From Google You Should Know About

4 Major Privacy and Security Updates From Google You Should Know About

May 07, 2021Ravie Lakshmanan
Google has announced a number of user-facing and under-the-hood changes in an attempt to boost privacy and security, including rolling out two-factor authentication automatically to all eligible users and bringing iOS-styled privacy labels to Android app listings. "Today we ask people who have enrolled in  two-step verification  (2SV) to confirm it's really them with a simple tap via a Google prompt on their phone whenever they sign in," the company  said . "Soon we'll start automatically enrolling users in 2SV if their accounts are appropriately configured." Google Play To Get Apple-Like Privacy Labels The Google Play Store for Android is also getting a huge overhaul on the privacy front. The search giant said it plans to include a new  safety section  for app listings that highlights the type of data being collected and stored — such as approximate or precise location, contacts, personal information, photos and videos, and audio files — and how the dat
Google Reveals What Personal Data Chrome and Its Apps Collect On You

Google Reveals What Personal Data Chrome and Its Apps Collect On You

March 18, 2021Ravie Lakshmanan
Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. "After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it," the company  said  in a tweet. "Spying on users has nothing to do with building a great web browser or search engine." The " privacy nutrition labels " are part of a new policy that  went into effect  on December 8, 2020, mandating app developers to disclose their data collection practices and help users understand how their personal information is put to use. The insinuation from DuckDuckGo comes as Google has been steadily adding app privacy labels to its iOS apps over the course of the last several weeks in accordance with Apple's App Store rules, but not
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 05, 2021The Hacker News
As cloud computing continues to grow, Google Cloud is quickly becoming one of the most popular solutions.  However, relatively few engineers know this platform well. This leaves the door open for aspiring IT professionals who take the official exams. The Google Cloud Certifications Practice Tests + Courses Bundle  helps you get certified faster, with 43 hours of video content and over 1,000 practice questions. It covers seven Google exams, providing all the prep you could possibly need. You would normally expect to pay $639 for this training, but 'The Hacker News' has put together an eye-catching deal with Whizlabs Learning Center. Special Offer  —  For a limited time, you can  pick up all the content mentioned above for just $29.99  with this bundle. That means you save over $600 on the full price! As the demand for cloud computing experts grows, salaries are increasing. According to Glassdoor, engineers earn $117,785 a year on average. This bundle helps you join
Google Will Use 'FLoC' for Ad Targeting Once 3rd-Party Cookies Are Dead

Google Will Use 'FLoC' for Ad Targeting Once 3rd-Party Cookies Are Dead

March 04, 2021Ravie Lakshmanan
Signaling a major shift to its ads-driven business model, Google on Wednesday unequivocally stated it would not build alternate identifiers or tools to track users across multiple websites once it begins phasing out third-party tracking cookies from its Chrome browser by early 2022. "Instead, our web products will be powered by privacy-preserving APIs which prevent individual tracking while still delivering results for advertisers and publishers,"  said  David Temkin, Google's director of product management for ads privacy and trust. "Advances in aggregation, anonymization, on-device processing and other privacy-preserving technologies offer a clear path to replacing individual identifiers." The changes, which could potentially reshape the advertising landscape, are expected only to cover websites visited via Chrome and do not extend to mobile apps. At the same time, Google acknowledged that other companies might find alternative ways to track individual us
Apple will proxy Safe Browsing requests to hide iOS users' IP from Google

Apple will proxy Safe Browsing requests to hide iOS users' IP from Google

February 15, 2021Ravie Lakshmanan
Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. A built-in security-focused feature in the Safari browser, " Fraudulent Website Warning ," alerts users about dangerous websites that have been reported as deceptive, malicious, or harmful. To achieve this, Apple relies on  Google Safe Browsing  — or Tencent Safe Browsing for users in Mainland China — a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent. Any match against the database will prompt Safari to request Google or Tencent for the full list of URLs that correspond to the hashed prefix and subsequently block a user's access to the site with a warning. While the approach ensures t
New Chrome Browser 0-day Under Active Attack—Update Immediately!

New Chrome Browser 0-day Under Active Attack—Update Immediately!

February 04, 2021Ravie Lakshmanan
Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild. The company released  88.0.4324.150  for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine. "Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild," the company said in a statement. The security flaw was reported to Google by Mattias Buelens on January 24. Previously on February 2, Google  addressed six issues in Chrome , including one critical use after free vulnerability in Payments (CVE-2021-21142) and four high severity flaws in Extensions, Tab Groups, Fonts, and Navigation features. While it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft  disclosed  attacks carried out by North Korean hackers against security researc
Google Discloses Severe Bug in Libgcrypt Encryption Library—Impacting Many Projects

Google Discloses Severe Bug in Libgcrypt Encryption Library—Impacting Many Projects

January 31, 2021Ravie Lakshmanan
A "severe" vulnerability in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software could have allowed an attacker to write arbitrary data to the target machine, potentially leading to remote code execution. The flaw, which affects version 1.9.0 of libgcrypt, was discovered on January 28 by Tavis Ormandy of Project Zero, a security research unit within Google dedicated to finding zero-day bugs in hardware and software systems. No other versions of Libgcrypt are affected by the vulnerability. "There is a  heap buffer overflow  in libgcrypt due to an incorrect assumption in the block buffer management code," Ormandy  said . "Just decrypting some data can overflow a heap buffer with attacker controlled data, no verification or signature is validated before the vulnerability occurs." GnuPG addressed the weakness almost immediately within a day after disclosure, while urging users to  stop using  the vulnerable version. The latest version can be dow
New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

January 08, 2021Ravie Lakshmanan
Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication (2FA) device can clone it by exploiting an electromagnetic side-channel in the chip embedded in it. The vulnerability (tracked as CVE-2021-3011 ) allows the bad actor to extract the encryption key or the  ECDSA  private key linked to a victim's account from a FIDO Universal 2nd Factor (U2F) device like Google Titan Key or YubiKey, thus completely undermining the 2FA protections. "The adversary can sign in to the victim's application account without the U2F device, and without the victim noticing," NinjaLab researchers Victor Lomne and Thomas Roche  said  in a 60-page analysis. "In other words, the adversary created a clone of the U2F device for the victim's application account. This c
Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

January 05, 2021Ravie Lakshmanan
A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. "The idea of the attack is very simple: You grab the MP3 file of the audio reCAPTCHA and you submit it to Google's own speech-to-text API," Tschacher  said  in a write-up. "Google will return the correct answer in over 97% of all cases." Introduced in 2000, CAPTCHAs (or Completely Automated Public Turing test to tell Computers and Humans Apart) are a type of challenge-response tests designed to protect against automated account creation and service abuse by presenting users with a question that is easy for humans to solve but difficult for computers. reCAPTCHA  is a popular version of the CAPTCHA technology that was acquired by Google in 2009. The search giant released the  third iteration  of re
A Google Drive 'Feature' Could Let Attackers Trick You Into Installing Malware

A Google Drive 'Feature' Could Let Attackers Trick You Into Installing Malware

August 22, 2020Ravie Lakshmanan
An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images, enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. The latest security issue—of which Google is aware but, unfortunately, left unpatched—resides in the " manage versions " functionality offered by Google Drive that allows users to upload and manage different versions of a file, as well as in the way its interface provides a new version of the files to the users. Logically, the manage versions functionally should allow Google Drive users to update an older version of a file with a new version having the same file extension, but it turns out that it's not the case. According to A. Nikoci, a system administrator by profession who reported the flaw to Google and later disclosed it to The Hacker News, the affected functionally allows users to upload a new version wit
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.