PHA Family Highlights: Zen and its cousins
Posted Lukasz Siewierski, Android Security & Privacy Team Google Play Protect detects Potentially Harmful Applications (PHAs) which Google Play Protect defines as any mobile app that poses a potential security risk to users or to user data—commonly referred to...
Google Public DNS now supports DNS-over-TLS
Posted by Marshall Vale, Product Manager and Puneet Sood, Software EngineerGoogle Public DNS is the world’s largest public Domain Name Service (DNS) recursive resolver, allowing anyone to convert Internet domain names like www.example.com into Internet addresses needed by an...
Android Pie à la mode: Security & Privacy
Posted by Vikrant Nanda and René Mayrhofer, Android Security & Privacy TeamThere is no better time to talk about Android dessert releases than the holidays because who doesn't love dessert? And what is one of our favorite desserts during...
New Keystore features keep your slice of Android Pie a little safer
Posted by Brian Claire Young and Shawn Willden, Android Security; and Frank Salim, Google Pay New Android Pie Keystore FeaturesThe Android Keystore provides application developers with a set of cryptographic tools that are designed to secure their users' data....
Tackling ads abuse in apps and SDKs
Posted by Dave Kleidermacher, VP, Head of Security & Privacy - Android & PlayProviding users with safe and secure experiences, while helping developers build and grow quality app businesses, is our top priority at Google Play. And we’re constantly...
ASPIRE to keep protecting billions of Android users
Posted by Billy Lau and René Mayrhofer, Android Security & Privacy TeamCustomization is one of Android's greatest strengths. Android's open source nature has enabled thousands of device types that cover a variety of use cases. In addition to adding...
Announcing the Google Security and Privacy Research Awards
Posted by Elie Bursztein and Oxana Comanescu, Google Security and Privacy GroupWe believe that cutting-edge research plays a key role in advancing the security and privacy of users across the Internet. While we do significant in-house research and engineering...
Industry collaboration leads to takedown of the “3ve” ad fraud operation
Posted by Per Bjorke, Product Manager, Ad Traffic QualityFor years, Google has been waging a comprehensive, global fight against invalid traffic through a combination of technology, policy, and operations teams to protect advertisers and publishers and increase transparency throughout...
Combating Potentially Harmful Applications with Machine Learning at Google: Datasets and Models
Posted by Mo Yu, Android Security & Privacy TeamIn a previous blog post, we talked about using machine learning to combat Potentially Harmful Applications (PHAs). This blog post covers how Google uses machine learning techniques to detect and classify...
Introducing the Android Ecosystem Security Transparency Report
Posted by Jason Woloz and Eugene Liderman, Android Security & Privacy TeamAs shared during the What's new in Android security session at Google I/O 2018, transparency and openness are important parts of Android's ethos. We regularly blog about new...
A New Chapter for OSS-Fuzz
Posted by Matt Ruhstaller, TPM and Oliver Chang, Software Engineer, Google Security TeamOpen Source Software (OSS) is extremely important to Google, and we rely on OSS in a variety of customer-facing and internal projects. We also understand the difficulty...
Announcing some security treats to protect you from attackers’ tricks
Posted by Jonathan Skelker, Product ManagerIt’s Halloween 🎃 and the last day of Cybersecurity Awareness Month 🔐, so we’re celebrating these occasions with security improvements across your account journey: before you sign in, as soon as you’ve entered your...
Introducing reCAPTCHA v3: the new way to stop bots
Posted by Wei Liu, Google Product ManagerToday, we’re excited to introduce reCAPTCHA v3, our newest API that helps you detect abusive traffic on your website without user interaction. Instead of showing a CAPTCHA challenge, reCAPTCHA v3 returns a score...
Google tackles new ad fraud scheme
Posted by Per Bjorke, Product Manager, Ad Traffic QualityFighting invalid traffic is essential for the long-term sustainability of the digital advertising ecosystem. We have an extensive internal system to filter out invalid traffic – from simple filters to large-scale...
Android Protected Confirmation: Taking transaction security to the next level
Posted by Janis Danisevskis, Information Security Engineer, Android SecurityIn Android Pie, we introduced Android Protected Confirmation, the first major mobile OS API that leverages a hardware protected user interface (Trusted UI) to perform critical transactions completely outside the main...
Websites can steal browser data via extensions APIs
Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
6 Reasons We Need to Boost Cybersecurity Focus in 2019
Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency
Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information as well...
DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week
Trump dominated security headlines this week, but there's plenty of other news to catch up on.
Bulgaria Extradites Russian Hacker to US: Embassy
Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday.
read more
