A new Google Chrome bug has been uncovered, which reportedly allows websites to record audio and video, without alerting the user or providing any visual indicators. Although the bug requires users to grant it permission to access audio and video features, it could potentially be used for spying on targets.
The bug was reportedly discovered by AOL developer Ran Bar-Zik, who reported the flaw to Google. However, Google said that it doesn't consider the issue to be valid security vulnerability, indicating that there is no quick fix on the way. Bar-Zik told that he came across the bug at work, when handling a website that ran WebRTC code.Read more
An Android malware campaign called Judy has been discovered lurking in more than 40 apps in the Google Play Store, and it might have punched its way through as many as 36.5 million devices. Check Point discovered the malware that thankfully doesn't resort to ransomware or stealing bank credentials.
Instead, it installs a form of auto-clicking adware to generate large amounts of fraudulent clicks on advertisements in order to raise money for the perpetrators. The malware has a reach of anywhere between 8.5 million and 36.5 million users worldwide from 41 different apps offered for sale on the Google Play Store.Read more
Google is planning to track billions of credit and debit card sales to compare online ad clicks with money spent offline. Google Attribution will allow advertisers to see whether online ad campaigns generate offline sales. Announcing the service, Google said that it captures around 70% of credit and debit card transactions in the US.
Critics said it represented another blow to privacy. Google announced the new product in a blogpost, saying: "For the first time, Google Attribution makes it possible for every marketer to measure the impact of their marketing across devices and cross-channel - all in one place."Read more
Android malware capable of accessing smartphone users' location and sending it to cyberattackers remained undetected in the Google Play store for three years, according to a security company.
Discovered by IT security researchers, the SMSVova Android spyware poses as a system update in the Play Store and was downloaded between one million and five million times since it first appeared in 2014. The app claims to give users access to the latest Android system updates, but it's actually malware designed to compromise the victims' smartphone and provide the users' exact location in real time.Read more
In January, security researchers warned that Android users may soon face a spike in malware attacks after the source code of a banking Trojan leaked online. Now, confirming the fears, Google is taking action after sneaky malware crept onto its official app store.
On 17 April the strain, dubbed "BankBot", was discovered in an application called "HappyTimes Videos" on Google's Play Store. In addition, experts from Securify, a Dutch cybersecurity firm, recently found another infected app there, titled "Funny Videos 2017". The Trojan is able to pose as legitimate services, mostly banks and financial institutions.Read more
A new adware family changes the contact details of legitimate security companies in search results to promote tech support scams.
Dubbed Crusader, the adware is often installed as part of nuisanceware and free software bundles, downloading itself as a free browser extension for Chrome, a Firefox add-on, and Internet Explorer Browser Helper Object. When executed, the malware requests permissions to read and change the information on websites you visit, and should the user grant permission, their entire internet traffic is at risk of exploit or manipulation. Crusader pulls instructions from a configuration file downloaded after a user is infected.Read more
A researcher has flagged a bug in Google's Nest Cam and Dropcam Pro security cameras that allows an attacker within Bluetooth range to stop either device from recording.
Bluetooth range, of course, is exactly where a burglar would be when planning to ransack a home, and with attack code now publicly available, an intruder could knock Google's security cameras off a wireless network for 90 seconds. That mightn't sound so severe, but since the camera is designed to only store recorded footage in the cloud, the loss of connectivity means the device loses its surveillance capabilities for this period.Read more
A partnership between the secret-spilling group and Google, Microsoft, and Apple has already hit its first road block. Last week, WikiLeaks promised it would share the technical details and code of the hacking tools that the CIA has allegedly developed against Google, Apple, Microsoft and other tech companies.
This week, after days of waiting, the secret-spilling site finally made initial contact with the companies. But WikiLeaks founder Julian Assange's attempt to help these major tech companies find out exactly what bugs and vulnerabilities the CIA is or was allegedly taking advantage of, and then plug the holes, is not going very smoothly for now.Read more
Social media companies Facebook Inc, Alphabet Inc and Twitter Inc will have to amend their terms of service for European users within a month or face the risk of fines, a European Commission official said on Friday. U.S. technology companies have faced tight scrutiny in Europe for the way they do business, from privacy to how quickly they remove illegal or threatening content.
The Commission and European consumer protection authorities will "take action to make sure social media companies comply with EU consumer rules," the official said. Germany, the most populous EU state, said this week it planned a new law calling for social networks such as Facebook to remove slanderous or threatening online postings quickly or face fines of up to 50 million euros ($53 million).Read more
Google and Levi's first announced Project Jacquard back in June 2015, promising smart clothes that would be capable of interacting with the mobile devices of the wearer.
Almost two years later, the unlikely partnership has now revealed that a smart jacket named the Commuter will be released into the market in the fall, with a price tag of $350. The Commuter jacket was unveiled by Google and Levi's in May of last year at the Google I/O conference as the first product under Project Jacquard. More details regarding the smart clothing was unveiled at SXSW 2017, including its price tag of $350 once it is launched in the fall.Read more