The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Latest Cyber Security, Hacking & Tech News: google apps

Google Stored G Suite Users' Passwords in Plain-Text for 14 Years

Google Stored G Suite Users' Passwords in Plain-Text for 14 Years

May 22, 2019Swati Khandelwal
After Facebook and Twitter, Google becomes the latest technology giant to have accidentally stored its users' passwords unprotected in plaintext on its servers—meaning any Google employee who has access to the servers could have read them. In a blog post published Tuesday, Google revealed that its G Suite platform mistakenly stored unhashed passwords of some of its enterprise users on internal servers in plaintext for 14 years because of a bug in the password recovery feature. G Suite, formerly known as Google Apps, is a collection of cloud computing, productivity, and collaboration tools that have been designed for corporate users with email hosting for their businesses. It's basically a business version of everything Google offers. The flaw, which has now been patched, resided in the password recovery mechanism for G Suite customers that allows enterprise administrators to upload or manually set passwords for any user of their domain without actually knowing their
New Android Malware Apps Use Motion Sensor to Evade Detection

New Android Malware Apps Use Motion Sensor to Evade Detection

January 18, 2019Mohit Kumar
Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research team, infecting thousands of Android users who have already downloaded them with banking malware. The apps in question masquerade as a currency exchange app called Currency Converter and battery saver app called BatterySaverMobi , and are using motion-sensor inputs of infected Android devices to monitor them before installing a dangerous banking Trojan called Anubis. The malicious Android apps, with a large number of fake five-star reviews, use this clever trick instead of traditional evasion techniques in order to avoid detection when researchers run emulators (which are less likely to use sensors) to detect such malicious apps. &quo
Reminder—Third Party Gmail Apps Can Read Your Emails, "Allow" Carefully!

Reminder—Third Party Gmail Apps Can Read Your Emails, "Allow" Carefully!

July 03, 2018Mohit Kumar
Reminder—If you've forgotten about any Google app after using it once a few years ago, be careful, it may still have access to your private emails. When it comes to privacy on social media, we usually point fingers at Facebook for enabling third-party app developers to access users personal information—even with users' consent. But Facebook is not alone. Google also has a ton of information about you and this massive pool of data can be accessed by third-party apps you connect to, using its single sign-on service. Though Google has much stricter privacy policies about what developers can do with your data, the company still enables them to ask for complete access of your Google account, including the content of your emails and contacts. The entire Facebook's  Cambridge Analytica privacy saga highlights how crucial it is to keep track of the apps you have connected to your social media accounts and permitted to access your data. Last year, Google itself prom
Google Play Store increases Android APK Size Limit from 50MB to 100MB

Google Play Store increases Android APK Size Limit from 50MB to 100MB

September 30, 2015Swati Khandelwal
Google is doubling the maximum APK file size on the Play Store from 50 MB to 100 MB . That means... Android app developers can now build higher quality Apps and Games that users love. Of course, for an end user it may affect the overall app performance and installation time, as well as mobile data connectivity. Google Wants Developers to Create Richer Apps By increasing file size limit from 50 MB to 100 MB, Google wants to encourage developers for creating richer apps and games , as well as help avoid the need for downloading additional files after the initial APK download. There are two primary purposes of setting a cap for APKs. The limit ensures: Developers write code efficiently and keep an eye on the overall size of their app Users don't have to wait too long to download an app or game from the Play Store However,  Expansion Files are still there to help developers build apps that exceed the 100MB barrier , but the aim to increase the base lim
New Android Smartphones will Come with Fewer Pre-installed Apps

New Android Smartphones will Come with Fewer Pre-installed Apps

August 25, 2015Khyati Jain
A sigh of relief indeed! Google is finally listening to us; it is ditching its haunting bloatware from the upcoming Android smartphones and tablets. As per the current situation, our Android devices are attacked with Google's suite of apps like Google Play Games, Google Newsstand, Google Play Books. The new Samsung Galaxy Note 5 is expected not to be pre-occupied with Google+. Though Android is an open source platform where a user can only give their inputs, the final call is taken by Google; writes and updates Android itself. We can get our own copy from the Android Open Source Project (AOSP) repository. For this, Google has listed thorough instructions to help you build it into a fully functioning version of Android. No Space for Unwanted Apps The phone manufacturers are also given access to the Android source code for free exactly in the same way as users. They can modify and change any parts they like. However, when it comes to installing G
Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication

Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication

January 23, 2015Wang Wei
A critical cross-site scripting ( XSS ) vulnerability in the Google Apps administrator console allowed cyber criminals to force a Google Apps admins to execute just about any request on the https://admin.google.com/ domain. The Google Apps admin console allows administrators to manage their organization’s account. Administrators can use the console to add new users, configure permissions, manage security settings and enable Google services for your domain. The feature is primarily used by many businesses, especially those using Gmail as the e-mail service for their domain. The XSS flaw allowed attackers to force the admin to do the following actions: Creating new users with "super admin" rights Disabling two-factor authentication ( 2FA ) and other security measures from existing accounts or from multiple domains Modifying domain settings so that all incoming e-mails are redirected to addresses controlled by the attacker Hijack an account/email by resett
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.