8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. “These PUP (potentially Read more…
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data? Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where Read more…
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks Read more…
Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users Nov 06, 2024Ravie LakshmananCloud Security / Phishing Protection Google’s cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. “We Read more…
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System Nov 05, 2024Ravie LakshmananMobile Security / Vulnerability Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw Read more…
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel attack chain Read more…
Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign Oct 18, 2024Ravie LakshmananThreat Intelligence / Phishing Attack Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. “This tactic involves displaying fake error Read more…
Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale Oct 09, 2024Ravie LakshmananCybercrime / Threat Detection Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed Read more…
Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection Oct 07, 2024Ravie LakshmananCybersecurity / Mobile Security Google has announced that it’s piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced Read more…
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer Read more…