This is bad. Google actively receives location data from Android users even when location services have been switched off. Starting from early 2017, Android phones have been gathering addresses of nearby cellular towers and sending this data back to Google. The most troubling part is that this has been going on even when users have disabled location services.
According to the publication, Android handsets collected location data pretty much all the time and subsequently relayed all stored information back to Google once connected to the internet. Quarts claims that all modern Android phones are affected by this vulnerability.Read more
The Google Play Store is seeing a wave of malware-infested apps like never before. Four separate security companies have reported — or are preparing to release reports — on malware campaigns currently underway via Android apps available on the Play Store.
Reports published today by Dr.Web, Malwarebytes, and McAfee reveal the presence of three new Android malware families hidden in games and apps uploaded on the Play Store. An ESET spokesperson told Bleeping Computer the company also found a new multi-stage malware strain they're going to detail in a report later today.Read more
When you think you've seen it all, malware authors always find a way to impress you. Today's "that's clever!" moment comes courtesy of a criminal group that's been spreading a new version of the Zeus Panda banking trojan since June, this year.
Instead of relying on old techniques of malvertising and spam campaigns, this group has taken a novel approach, never before seen in the distribution of banking trojans. Black-hat SEO, for the win! This Zeus Panda group decided to rely on a network of hacked websites, on which they inserted carefully chosen keywords in new pages or hid the keywords inside existing pages.Read more
California — California's Central Valley is known for its miles and miles of farm orchards, fights over water rights, and, these days, high unemployment. High-tech? Not so much.
But I was here on Monday to see in action a cutting-edge technology that has the potential to greatly reshape our economy and society — the self-driving car. Waymo, Google's autonomous vehicle spinoff, has its testing facility at a decommissioned Air Force base. The company invited several dozen reporters to see its cars in action, get a ride in one, and hear its case that its technology is all-but ready for the real world.Read more
Google is offering security experts a bounty to identify Android app flaws as the Alphabet Inc unit seeks to wipe out bugs from its Google Play store.
Each flaw will score at least $1,000 under the program announced on Thursday to back up automated checks that have failed to block malware and other problems that security experts say infect the 8-year-old app store far more than Apple Inc’s rival App Store. Google will partner with HackerOne, a bug bounty program management website, to target a list of apps and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus.Read more
Google’s artificial intelligence group, DeepMind, has unveiled the latest incarnation of its Go-playing program, AlphaGo – an AI so powerful that it derived thousands of years of human knowledge of the game before inventing better moves of its own, all in the space of three days.
Named AlphaGo Zero, the AI program has been hailed as a major advance because it mastered the ancient Chinese board game from scratch, and with no human help beyond being told the rules. In games against the 2015 version, which famously beat Lee Sedol, the South Korean grandmaster, in the following year, AlphaGo Zero won 100 to 0. The feat marks a milestone on the road to general-purpose AIs.Read more
Google has booted eight Android apps from its Play marketplace, even though the apps have been downloaded as many as 2.6 million times. The industry giant took action after researchers found that the apps add devices to a botnet and can perform denial-of-service attacks or other malicious actions.
The stated purpose of the apps is to provide a skin that can modify the look of characters in the popular Minecraft: Pocket Edition game. Under the hood, the apps contain highly camouflaged malware known as Android.Sockbot, which connects infected devices to developer-controlled servers.Read more
The Google Home Mini fits most of the features of the tech giant’s popular Home smart speakers into a $50, four-inch-wide package, except for the larger, $130 version’s better acoustics. But it is still very, very good at listening.
As many as 4,000 Google Home Minis handed out at Made By Google press and pop-up events could have a flaw making them capture virtually all audio around them before uploading the recordings to Google servers, Android Police reported on Tuesday. According to Android Police’s Artem Russakovskii, he received a demo unit at an October 4th tech press event and installed the device in his bathroom.Read more
Seven flaws in what is known as Dnsmasq can be exploited by attackers who can use the bugs to carry out remote code execution, information exposure or a denial of service attacks against affected devices.
Google researchers identified the flaws in a research paper, the same day a patch for affected hardware arrived. Google also published proof-of-concept code to demonstrate the flaws and is urging hardware vendors to deploy patches as soon as possible. Dnsmasq is open-source software that can be found in Android OS and Mac OS X. It’s also included in popular desktop Linux distributions, and in home routers and IoT devices.Read more
Another month, another bunch of Android malware that's found its way onto Google Play. That's according to researchers from Check Point, who claimed to have found the second-biggest outbreak to ever hit Google's platform, with as many as 21.1 million infections from one malware family.
The malware's been dubbed ExpensiveWall after hiding inside wallpaper apps. The researchers warned it sent fraudulent premium SMS messages and charged for fake services. In the latest outbreak detected by Check Point, ExpensiveWall infected at least 50 apps, which together were downloaded between 1 million and 4.2 million times.Read more