Category Archives: Google

Smashing Security #145: Apple and Google willy wave while home assistants spy – DoH!

Apple’s furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist John Leyden.

Smashing Security #144: Google helps the FBI, Twitter Jack’s hijack, and car data woes

Should Google really be helping the FBI with a bank robbery? What’s the story behind the Twitter CEO claiming there’s a bomb in their offices? And how much does your car really know about you?

And we mourn the loss of Doctor Who legend Terrance Dicks…

Google Discovers Massive iPhone Hack

Researchers at Google announced the discovery of a hacking campaign that used hacked websites to deliver malware to iPhones.

Project Zero, Google’s security research team, discovered fourteen previously unknown vulnerabilities, called zero day exploits, that were capable of compromising iPhones. Further research revealed a small collection of hacked websites capable of delivering malware to iPhone users visiting those sites.

“There was no target discrimination; simply visiting the hacked site was enough for the exploited server to attack your device, and if it was successful, installing a monitoring implant. We estimate that these sites receive thousands of visitors per week,” wrote Project Zero member Ian Beer in a blog post announcing their findings.

The data accessible on the compromised phones included the user’s location, their passwords, chat histories, contact lists, and full access to their Gmail accounts. 

“Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services… even after they lose access to the device,” said Beer.

The hacking campaign was active for at least two years before it was discovered by Project Zero. The research team informed Apple of their findings, and the targeted vulnerabilities were patched in an update in February 2019. 

The post Google Discovers Massive iPhone Hack appeared first on Adam Levin.

Google Expands Scope of One Bug Bounty Program, Launches Another

Google has decided to expand the scope of one of its bug bounty programs as well as launch another security rewards initiative. On 29 August, Android Security & Privacy team members Adam Bacchus, Sebastian Porst, and Patrick Mutchler announced that the Google Play Security Reward Program (GPSRP) will now cover all Google Play apps with […]… Read More

The post Google Expands Scope of One Bug Bounty Program, Launches Another appeared first on The State of Security.

Alert! 27 apps found on Google Play Store that prompt you to install Fake Google Play Store

Quick Heal Security Lab spotted 27 malicious apps of dropper category on official “Google Play Store”. These apps have been removed from Play Store after Quick Heal Security Lab reported it to Google last week. These apps continuously show installation prompt for fake “Google Play Store”. If any user falls…