Millions of users installed malicious Minecraft apps from Google Play
“Since August 2014, Minecraft lovers who like to play the popular game on their Android phones have been targeted with apps that are purportedly cheats for the game, but …
Account recovery via secret questions is a bad idea
Secret questions offer far lower security than user-chosen passwords, and should never be used as the only way to reclaim access to a lost account, Google researchers have …
Security firm publishes details, exploit code for Google App Engine flaws
Polish firm Security Explorations has published technical details and PoC code for several security issues identified in Google App Engine (GAE) for Java.The company has found …
How Google handles “right to be forgotten” requests
Google has released a new report on its implementation of “right to be forgotten” requests, and has revealed that it has removed 58.7 percent of the URLs it was …
Google completes ban of extensions not in the Chrome Web Store
Google is slowly but surely working on preventing developers of malicious Chrome extensions from delivering their wares to users.First, in May 2014, they made it so that …
Researcher neutralizes Google’s Password Alert with a few lines of code
Google’s Password Alert extension for Chrome, which was released on Wednesday, has received its first critical security update less than 24 hours later, as infosec …
Chrome extension protects your Google account from phishers
Google developers have created Password Alert, an open source Chrome extension that aims to prevent users from entering their Google password in a phishing site or, …
How Google saw the DDoS attack against Github and GreatFire
The recent DDoS attacks aimed at GreatFire, a website that exposes China’s internet censorship efforts and helps users get access to their mirror-sites, and GitHub, the …
Google blocks Java plugin in new Chrome by default
Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle’s Java plugin and other plugins that use …
Large malvertising campaign linked to potentially compromised Google ad reseller
Dutch infosec firm Fox IT has spotted a lage scale malvertising campaign that seems to originate from Bulgarian Google ad reseller EngageLab. The first redirection has been …
Google boots unwanted ad injector extensions from Chrome Web Store
Google is done with tolerating sneaky ad injectors and, following the results of a study they recently conducted, they removed from the Chrome Web Store 192 deceptive Chrome …
Google decides to stop trusting CNNIC certificates
In the wake of last week’s incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an …