Google News, Articles and Updates

Google adds VPC Service Controls to its cloud

Google has launched a new cloud-based service - called VPC Service Controls - aimed at helping organisations secure data I transit and at rest.

Google policy change abolishes ads for cryptocurrencies

Google this week updated its financial services policy, effective June 2018, to prohibit the advertising of cryptocurrencies and related content.

Google gets sued for denying "right to be forgotten" request

A businessman, whose "right to be forgotten" request was denied by Google to "defend the public's right to access lawful information", has filed a lawsuit in the high court in a bid to make Google remove references to his criminal past.

Mobile ransomware & banking malware thrive as hackers put focus on mobile

Security patches introduced by Apple and Google reduced instances of jailbreaking and minimised firmware flaws, but the use of mobile ransomware, banking malware, and malicious apps by cyber-criminals shot through the roof in 2017.

Google divulges vulnerability in Microsoft Edge before patch is ready

Microsoft misses Project Zero disclosure deadline. Security researchers at Google's Project Zero have publicised a flaw in Microsoft Edge before a patch has been readied.

Google will label all HTTP sites 'not secure' starting in July 2018

Google recently announced that the Chrome browser will soon start flagging every site not using HTTPS encryption as "not secure."

Scarabey ransomware introduces new tactics, distribution

The malicious actors behind Scarab ransomware have rolled out a new variant, one that uses a different distribution method and ransom threat in order to infect computers and ensure payment.

Google's DoubleClick network exploited to serve cryptominers

A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.

TopHat campaign targets Middle East with malware exploiting Google+, Pastebin, and

A wave of attacks leveraging the popular third-party services Google+, Pastebin, and is targeting individuals and organisations within the Palestinian Territories.

Chrome desktop update remedies 53 bugs, adds Spectre and Meltdown mitigations

Google's latest stable channel update for the Chrome browser on Windows, Mac and Linux desktop machines includes fixes for 53 security issues, including three high-severity vulnerabilities.

British hacker jailed for cyber-attacks against Pokemon, Google, and Skype

A British computer hacker was arrested on charges stemming from launching thousands of cyber-attacks against firms, including Pokemon, Google and Skype.

Experts: Fixing Spectre and Meltdown has required 'new computer science'

A Google official on Thursday referred to the Spectre and Meltdown computer chip bugs as "the most challenging and hardest to fix in a decade," requiring unprecedented levels of cooperation.

Security issue found in AMD's Platform Security Processor

Security researchers have discovered a flaw in the AMD PSP (Platform Security Processor), which could enable hackers to execute code in a security module that stores data such as passwords, certificates, and encryption keys.

Cloud-based docs the new frontier for phishing attacks

Ever on the lookout for a new avenue of attack, cyber-criminals have figured out a method of using Google App Scripts to automatically download malware hosted in Google drive to any computer.

36 malicious apps advertised as security tools spotted in Google Play

Trend Micro researchers notified Google that 36 malicious apps on Google Play are posing as security tools.

Severe security flaw found in Windows 10-bundled password manager

A Google researcher has uncovered a severe security flaw in a password management tool that has been widely bundled with Windows 10.

Letter submitted in lawsuit alleges Uber hacked competitors' networks

A letter written on behalf of a former Uber employee contains allegations that the transportation company illegally hacked and surveilled its competitors.

Google patches 37 security issues in Chrome

Google issued patches for 37 security issues in Chrome, with one being rated critical and six considered high risks, with the release of Chrome 63.0.3239.84.

Bug in anti-malware defenses mistakenly blocks users' Google Docs files

Google issued a public apology on Thursday after a bug mistakenly caused its defences against malware, phishing, and spam to block some users' access to Google Docs files on 31 October.

Google bug tracker service flaw allowed access to new vulnerability reports

A private website Google used to track bugs in its own products was discovered to have its own set of flaws that could have exposed sensitive vulnerability reports - now fixed.

News Feature: Google Security interview "human solutions - the way to go."

Google has launched of a range of personal and corporate security enhancements (below) this month. Google security expert Allison Miller, spoke to SC about the organisation's approach to security and privacy concerns.

'Unverified app' warning adds anti-phishing protection to G Suite

Google claims new 'unverified app' warning will cut down on phishing attacks from within G Suite by giving users information on potentially dodgy apps and scripts.

ICO, surprisingly, doesn't lose its mind over NHS DeepMind experiment

Despite ruling that the Royal Free NHS Trust failed to comply with data protection laws in its experiment with Google DeepMind, the ICO has not slapped the trust with a fine, saying, "The Data Protection Act is not a barrier to innovation."

XSS flaw found in the Google's PHP API client enables phishing attacks

Security researchers have discovered a bug in Google's PHP client library for accessing Google APIs that could enable criminals to take advantage of the cross-site scripting flaw and carry out a phishing attack.

ICYMI: £77m phish; Czech win; ATM theft; Netflix ransom; Bank squat

In Case You Missed It: Google & Facebook phished; Czechs win exercise; ATM theft; Netflix ransom snub; Bank domains spoofed

[Updated] Google phishing attack nets one million accounts with crafty spoof

A sophisticated phishing attack against one million of its users has been stopped, and Google says that swift action prevented it from becoming much worse.

Web hacking only getting worse as webmasters fail to patch ageing code

As part of its #NoHacked campaign, Google has published figures on the state of website security, and the trend doesn't look good.

Ear, ear: Hacker could defeat Google reCAPTCHA with speech recognition

Google's reCAPTCHA anti-robot widget has been found to be susceptible to a robot attack that leverages its own online services.

Google mistakes large volume of NHS traffic to be a botnet

NHS Digital said "We are aware of the current issue concerning NHS IP addresses which occasionally results in users being directed to a simple verification form when accessing Google."

Android tops 2016 vulnerability list. Security industry says "meh!"

The Common Vulnerabilities and Exposures (CVE) statistics for 2016 are in and it doesn't make great reading for Google. Or does it? Davey Winder runs the numbers.