Google News, Articles and Updates

GDPR compliance rush arrives - sites close, Google, Facebook face lawsuits

GDPR has been in play for less than 24 hours and several lawsuits have already been filed in the EU against Facebook and Google claiming each is not abiding by the new privacy regulations.

Google offers free DDoS protection services, and is removing HTTPS padlock

Googler olls out afree DDoS protection platform 'Project Shield' to protect news sites and free expression to defend the democratic process. Its also removing its 'green padlock' for HTTPS websites; HTTP sites to be marked 'insecure'

Google may contractually require OEMs to perform regular patching

Google is looking into the possibility of requiring device manufacturers to regularly patch their devices, by incorporating such a provision into future OEM agreements.

Supreme Court to hear Google privacy settlement case

A settlement with Google set to award US$ 8.5 million (£6.2 million) to privacy rights groups, universities and other organisations - instead of victims of privacy violations by the company - will go before the US Supreme Court.

Fitbit teams up with Google to make data available to healthcare pros

Fitbit and Google have inked a deal that will have the fitness device vendor upload data to Google's Cloud Healthcare API so it can be made accessible by healthcare providers.

Google adds VPC Service Controls to its cloud

Google has launched a new cloud-based service - called VPC Service Controls - aimed at helping organisations secure data I transit and at rest.

Google policy change abolishes ads for cryptocurrencies

Google this week updated its financial services policy, effective June 2018, to prohibit the advertising of cryptocurrencies and related content.

Google gets sued for denying "right to be forgotten" request

A businessman, whose "right to be forgotten" request was denied by Google to "defend the public's right to access lawful information", has filed a lawsuit in the high court in a bid to make Google remove references to his criminal past.

Mobile ransomware & banking malware thrive as hackers put focus on mobile

Security patches introduced by Apple and Google reduced instances of jailbreaking and minimised firmware flaws, but the use of mobile ransomware, banking malware, and malicious apps by cyber-criminals shot through the roof in 2017.

Google divulges vulnerability in Microsoft Edge before patch is ready

Microsoft misses Project Zero disclosure deadline. Security researchers at Google's Project Zero have publicised a flaw in Microsoft Edge before a patch has been readied.

Google will label all HTTP sites 'not secure' starting in July 2018

Google recently announced that the Chrome browser will soon start flagging every site not using HTTPS encryption as "not secure."

Scarabey ransomware introduces new tactics, distribution

The malicious actors behind Scarab ransomware have rolled out a new variant, one that uses a different distribution method and ransom threat in order to infect computers and ensure payment.

Google's DoubleClick network exploited to serve cryptominers

A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.

TopHat campaign targets Middle East with malware exploiting Google+, Pastebin, and bit.ly

A wave of attacks leveraging the popular third-party services Google+, Pastebin, and bit.ly is targeting individuals and organisations within the Palestinian Territories.

Chrome desktop update remedies 53 bugs, adds Spectre and Meltdown mitigations

Google's latest stable channel update for the Chrome browser on Windows, Mac and Linux desktop machines includes fixes for 53 security issues, including three high-severity vulnerabilities.

British hacker jailed for cyber-attacks against Pokemon, Google, and Skype

A British computer hacker was arrested on charges stemming from launching thousands of cyber-attacks against firms, including Pokemon, Google and Skype.

Experts: Fixing Spectre and Meltdown has required 'new computer science'

A Google official on Thursday referred to the Spectre and Meltdown computer chip bugs as "the most challenging and hardest to fix in a decade," requiring unprecedented levels of cooperation.

Security issue found in AMD's Platform Security Processor

Security researchers have discovered a flaw in the AMD PSP (Platform Security Processor), which could enable hackers to execute code in a security module that stores data such as passwords, certificates, and encryption keys.

Cloud-based docs the new frontier for phishing attacks

Ever on the lookout for a new avenue of attack, cyber-criminals have figured out a method of using Google App Scripts to automatically download malware hosted in Google drive to any computer.

36 malicious apps advertised as security tools spotted in Google Play

Trend Micro researchers notified Google that 36 malicious apps on Google Play are posing as security tools.

Severe security flaw found in Windows 10-bundled password manager

A Google researcher has uncovered a severe security flaw in a password management tool that has been widely bundled with Windows 10.

Letter submitted in lawsuit alleges Uber hacked competitors' networks

A letter written on behalf of a former Uber employee contains allegations that the transportation company illegally hacked and surveilled its competitors.

Google patches 37 security issues in Chrome

Google issued patches for 37 security issues in Chrome, with one being rated critical and six considered high risks, with the release of Chrome 63.0.3239.84.

Bug in anti-malware defenses mistakenly blocks users' Google Docs files

Google issued a public apology on Thursday after a bug mistakenly caused its defences against malware, phishing, and spam to block some users' access to Google Docs files on 31 October.

Google bug tracker service flaw allowed access to new vulnerability reports

A private website Google used to track bugs in its own products was discovered to have its own set of flaws that could have exposed sensitive vulnerability reports - now fixed.

News Feature: Google Security interview "human solutions - the way to go."

Google has launched of a range of personal and corporate security enhancements (below) this month. Google security expert Allison Miller, spoke to SC about the organisation's approach to security and privacy concerns.

'Unverified app' warning adds anti-phishing protection to G Suite

Google claims new 'unverified app' warning will cut down on phishing attacks from within G Suite by giving users information on potentially dodgy apps and scripts.

ICO, surprisingly, doesn't lose its mind over NHS DeepMind experiment

Despite ruling that the Royal Free NHS Trust failed to comply with data protection laws in its experiment with Google DeepMind, the ICO has not slapped the trust with a fine, saying, "The Data Protection Act is not a barrier to innovation."

XSS flaw found in the Google's PHP API client enables phishing attacks

Security researchers have discovered a bug in Google's PHP client library for accessing Google APIs that could enable criminals to take advantage of the cross-site scripting flaw and carry out a phishing attack.

ICYMI: £77m phish; Czech win; ATM theft; Netflix ransom; Bank squat

In Case You Missed It: Google & Facebook phished; Czechs win exercise; ATM theft; Netflix ransom snub; Bank domains spoofed