#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Google | Breaking Cybersecurity News | The Hacker News

Category — Google
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System

Nov 05, 2024 Mobile Security / Vulnerability
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective sub-directories, according to a code commit message . There are currently no details about how the vulnerability is being weaponized in real-world attacks, but Google acknowledged in its monthly bulletin that there are indications it "may be under limited, targeted exploitation." The tech giant has also flagged CVE-2024-43047, a now-patched security bug in Qualcomm chipsets, as having been actively exploited. A use-after-free vulnerability in the Digital Signal Processor (DSP) Service, a successful exploitation of the security flaw could lead to memory corrupti
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Google's AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Nov 04, 2024 Artificial Intelligence / Vulnerability
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software," the Big Sleep team said in a blog post shared with The Hacker News. The vulnerability in question is a stack buffer underflow in SQLite, which occurs when a piece of software references a memory location prior to the beginning of the memory buffer, thereby resulting in a crash or arbitrary code execution. "This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of t
cyber security

Earn a Master's in Cybersecurity Risk Management

websiteGeorgetown UniversityCyber Security
Lead the future of cybersecurity risk management with an online Master's from Georgetown.
Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale

Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale

Oct 09, 2024 Cybercrime / Threat Detection
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance ( GASA ) and DNS Research Federation ( DNS RF ) to combat online scams . The initiative, which has been codenamed the Global Signal Exchange ( GSE ), is designed to create real-time insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data sources in order to create more visibility into the facilitators of cybercrime. "By joining forces and establishing a centralized platform, GSE aims to improve the exchange of abuse signals, enabling faster identification and disruption of fraudulent activities across various sectors, platforms and services," Google said in a blog post shared with The Hacker News. "The goal is to create a user-friendly, efficient solution that operates at an internet-scale, and is accessible to qualifying organizations, with GASA and the DNS Research Federation managing access." The tech giant said it has sh
cyber security

Permiso Security's 2024 State of Identity Security Report

websitePermisoThreat Detection / Identity Security
More than 90% of respondents expressed concern over their team and tooling's ability to detect identity-based attacks. Learn about critical gaps in security programs and what environments pose the most risk to security teams. Download the Report.
Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks

Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks

Oct 03, 2024 Mobile Security / Technology
Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell tower or base station over a radio interface. "This function inherently involves processing external inputs, which may originate from untrusted sources," Sherk Chung and Stephan Chen from the Pixel team, and Roger Piqueras Jover and Ivan Lozano from the company's Android team said in a blog post shared with The Hacker News. "For instance, malicious actors can employ false base stations to inject fabricated or manipulated network packets. In certain protocols like IMS (IP Multimedia Subsystem), this can be executed remotely from any global location using an IMS client." What's more, the firmware powering the
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Sep 20, 2024 Encryption / Digital Security
Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even Google," Chrome product manager Chirag Desai said . The PIN is a six-digit code by default, although it's also possible to create a longer alpha-numeric PIN by selecting "PIN options." This marks a change from the previous status quo where users could only save passkeys to save passkeys to Google Password Manager on Android. While the passkeys could be used on other platforms, it was necessary to scan a QR code using the device where they were generated. The latest change removes that step, making it a lot easier for users to sign in to online services using passkeys by simply scanning their biometrics. Google noted that support for iOS is expected to arrive soon
Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw

Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw

Sep 04, 2024 Vulnerability / Mobile Security
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National Vulnerability Database (NVD), it concerns a logic error that could lead to local escalation of privileges without requiring any additional execution privileges. "There are indications that CVE-2024-32896 may be under limited, targeted exploitation," Google said in its Android Security Bulletin for September 2024. It's worth noting that CVE-2024-32896 was first disclosed in June 2024 as impacting only the Google-owned Pixel lineup. There are currently no details on how the vulnerability is being exploited in the wild, although GrapheneOS maintainers revealed that CVE-2024-32896
Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

Aug 27, 2024 Vulnerability / Browser Security
Google has revealed that a security flaw that was patched as part of a software update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965 , the vulnerability has been described as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine. "Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page," according to a description of the bug in the NIST National Vulnerability Database (NVD). A security researcher who goes by the online pseudonym TheDog has been credited with discovering and reporting the flaw on July 30, 2024, earning them a bug bounty of $11,000. Additional specifics about the nature of the attacks exploiting the flaw or the identity of the threat actors that may be utilizing it have not been released. The tech giant, however, acknowledged that it's aware of the
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

Aug 10, 2024 Vulnerability / Mobile Security
As many as 10 security flaws have been uncovered in Google's Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. "The Quick Share application implements its own specific application-layer communication protocol to support file transfers between nearby, compatible devices," SafeBreach Labs researchers Or Yair and Shmuel Cohen said in a technical report shared with The Hacker News. "By investigating how the protocol works, we were able to fuzz and identify logic within the Quick Share application for Windows that we could manipulate or bypass." The result is the discovery of 10 vulnerabilities – nine affecting Quick Share for Windows and one impacting Android – that could be fashioned into an "innovative and unconventional" RCE attack chain to run arbitrary code on Windows hosts. The RCE attack chain has been codenamed QuickShell
Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Aug 06, 2024 Mobile Security / Vulnerability
Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. "There are indications that CVE-2024-36971 may be under limited, targeted exploitation," the tech giant noted in its monthly Android security bulletin for August 2024. As is typically the case, the company did not share any additional specifics on the nature of the cyber attacks exploiting the flaw or attribute the activity to a particular threat actor or group. Google's own Pixel line is also impacted by the bug, according to its Pixel update bulletin . That said, Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw, suggesting that it's likely being exploited by commercial spyware vendors to infiltrate Android devices in narrowly targeted attacks. The Augus
Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Jul 10, 2024 Cybersecurity / Phishing Attack
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program ( APP ). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said . Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on the FIDO Authentication standard, the technology is designed to secure online accounts against potential takeover attacks by ditching passwords in favor of biometrics or a PIN. Passkeys can simultaneously act as a first- and second-factor, entirely obviating the need for a password. Earlier this May, the tech giant revealed that passkeys are being used by over 400 million Google accounts. High-risk users , who are at an elevated exposure to cyber-attacks because of who they are and what they do (e.g., journalists, elected officials, political campaign staff, human rights
Google to Block Entrust Certificates in Chrome Starting November 2024

Google to Block Entrust Certificates in Chrome Starting November 2024

Jun 29, 2024 Cybersecurity / Website Security
Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted [ certificate authority ] owner," Google's Chrome security team said . To that end, the tech giant said it intends to no longer trust TLS server authentication certificates from Entrust starting with Chrome browser versions 127 and higher by default. However, it said that these settings can be overridden by Chrome users and enterprise customers should they wish to do so. Google further noted that certificate authorities play a privil
Google Introduces Project Naptime for AI-Powered Vulnerability Research

Google Introduces Project Naptime for AI-Powered Vulnerability Research

Jun 24, 2024 Vulnerability / Artificial Intelligence
Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target codebase," Google Project Zero researchers Sergei Glazunov and Mark Brand said . "The agent is provided with a set of specialized tools designed to mimic the workflow of a human security researcher." The initiative is so named for the fact that it allows humans to "take regular naps" while it assists with vulnerability research and automating variant analysis. The approach, at its core, seeks to take advantage of advances in code comprehension and general reasoning ability of LLMs, thus allowing them to replicate human behavior when it comes to identifying and demonstrating security vulnerabilities. It encompasses several components such as a Code Browser tool
Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

Jun 14, 2024 Privacy / Ad Tracking
Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users. "While the so-called 'Privacy Sandbox' is advertised as an improvement over extremely invasive third-party tracking, the tracking is now simply done within the browser by Google itself," noyb said . "To do this, the company theoretically needs the same informed consent from users. Instead, Google is tricking people by pretending to 'Turn on an ad privacy feature.'" In other words, by making users agree to enable a privacy feature, they are still being tracked by consenting to Google's first-party ad tracking, the Vienna-based non-profit founded by activist Max Schrems alleged in a complaint filed with the Austrian data protection authority. Privacy Sandbox is a set of proposals put forth by the i
Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

Jun 13, 2024 Mobile Security / Vulnerability
Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896 , has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details related to the nature of attacks exploiting it, but noted "there are indications that CVE-2024-32896 may be under limited, targeted exploitation." The June 2024 security update addresses a total of 50 security vulnerabilities, five of which relate to various components in Qualcomm chipsets. Some of the notable issues patched include denial-of-service (DoS) issue impacting Modem, and numerous information disclosure flaws affecting GsmSs, ACPM, and Trusty.  The updates are available for supported Pixel devices , such as Pixel 5a with 5G, Pixel 6a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel 8a, and Pixel Fold. Earlier this April, Google resolved
Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Jun 10, 2024 Social Media / Influence Operation
Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People's Republic of China (PRC). "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs," Google Threat Analysis Group (TAG) researcher Billy Leonard said in the company's quarterly bulletin released last week. The tech giant said it also terminated Ads, AdSense, and Blogger accounts linked to two coordinated influence operations with ties to Indonesia that shared content supportive of the ruling party in the country. Another big cluster dismantled by Google involved a network of 378 YouTube channels that it said originated from a Russian consulting firm and disseminated content that projected Russia in a favorable light and denigrated Ukraine and the West. The company further terminated one AdSense account and blocked 10 domains from showing up in Google News an
The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash

The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash

Jun 07, 2024 Artificial Intelligence / Privacy
Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools. To that end, apps that generate content using AI must ensure they don't create Restricted Content , have a mechanism for users to report or flag offensive information , and market them in a manner that accurately represents the app's capabilities. App developers are also being recommended to rigorously test their AI models to ensure they respect user safety and privacy. "Be sure to test your apps across various user scenarios and safeguard them against prompts that could manipulate your generative AI feature to create harmful or offensive content," Prabhat Sharma, director of trust and safety for Google Play, Android, and Chrome, said . The development com
Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024

Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024

May 24, 2024 Vulnerability / Browser Security
Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild. Assigned the CVE identifier  CVE-2024-5274 , the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by ClĂ©ment Lecigne of Google's Threat Analysis Group and Brendon Tiszka of Chrome Security on May 20, 2024. Type confusion vulnerabilities  occur when a program attempts to access a resource with an incompatible type. It can have  serious consequences  as it allows threat actors to perform out-of-bounds memory access, cause a crash, and execute arbitrary code. The development marks the fourth zero-day that Google has patched since the start of the month after  CVE-2024-4671 ,  CVE-2024-4761 , and  CVE-2024-4947 . The tech giant did not disclose additional technical details about the flaw, but  acknowledged  that it "is aware that an exploit for CVE-2024-5274 exists in the wild
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

May 16, 2024 Browser Security / Vulnerability
Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier  CVE-2024-4947 , the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris Larin on May 13, 2024. Type confusion vulnerabilities  arise when a program attempts to access a resource with an incompatible type. It can have  serious impacts  as it allows threat actors to perform out-of-bounds memory access, cause a crash, and execute arbitrary code. The development marks the third zero-day that Google has patched within a week after  CVE-2024-4671  and  CVE-2024-4761 . As is typically the case, no additional details about the attacks are available and have been withheld to prevent further exploitation. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the company  said .
New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

May 14, 2024 Vulnerability / Zero Day
Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as  CVE-2024-4761 , is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024. Out-of-bounds write bugs  could be typically exploited by malicious actors to corrupt data, or induce a crash or execute arbitrary code on compromised hosts. "Google is aware that an exploit for CVE-2024-4761 exists in the wild," the tech giant  said . Additional details about the nature of the attacks have been withheld to prevent more threat actors from weaponizing the flaw. The disclosure comes merely days after the company patched  CVE-2024-4671 , a use-after-free vulnerability in the Visuals component that has also been exploited in real-world attacks. With the latest fix, Google has addressed a total of six zero-days since the sta
Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices

Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices

May 14, 2024 Location Tracking / Privacy
Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. "This will help mitigate the misuse of devices designed to help keep track of belongings," the companies said in a joint statement, adding it aims to address "potential risks to user privacy and safety." The proposal for a cross-platform solution was  originally unveiled  exactly a year ago by the two tech giants. The capability – dubbed " Detecting Unwanted Location Trackers " (DULT) – is available in Android devices running versions 6.0 and later, and iOS devices with iOS 17.5, which was officially shipped yesterday. As part of the industry specification, Android users will  receive  a "Tracker traveling with you" alert if an unidentified Bluetooth tracking device is detected as moving along with them over
Expert Insights / Articles Videos
Cybersecurity Resources