New research: How effective is basic account hygiene at preventing hijacking
Posted by Kurt Thomas and Angelika Moscicki Every day, we protect users from hundreds of thousands of account hijacking attempts. Most attacks stem from automated bots with access to third-party password breaches, but we also see phishing and targeted...
Advisory: Security Issue with Bluetooth Low Energy (BLE) Titan Security Keys
Posted by Christiaan Brand, Product Manager, Google Cloud We’ve become aware of an issue that affects the Bluetooth Low Energy (BLE) version of the Titan Security Key available in the U.S. and are providing users with the immediate steps...
Queue the Hardening Enhancements
Posted by Jeff Vander Stoep, Android Security & Privacy Team and Chong Zhang, Android Media TeamAndroid Q Beta versions are now publicly available. Among the various new features introduced in Android Q are some important security hardening changes. While...
What’s New in Android Q Security
Posted by Rene Mayrhofer and Xiaowen Xin, Android Security & Privacy Team With every new version of Android, one of our top priorities is raising the bar for security. Over the last few years, these improvements have led to...
Quantifying Measurable Security
Posted by Eugene Liderman, Android Security & Privacy Team With Google I/O this week you are going to hear about a lot of new features in Android that are coming in Q. One thing that you will also hear...
Google CTF 2019 is here
Posted by Jan Keller, Security Technical Program ManagerJune has become the month where we’re inviting thousands of security aficionados to put their skills to the test...In 2018, 23,563 people submitted at least one flag on their hunt for the...
Better protection against Man in the Middle phishing attacks
Posted by Jonathan Skelker, Product Manager, Account SecurityWe’re constantly working to improve our phishing protections to keep your information secure. Last year, we announced that we would require JavaScript to be enabled in your browser when you sign in...
The Android Platform Security Model
Posted by Jeff Vander Stoep, Android Security & Privacy TeamEach Android release comes with great new security and privacy features. When it comes to implementing these new features we always look at ways to measure the impact with data...
Gmail making email more secure with MTA-STS standard
Posted by Nicolas Lidzborski, Senior Staff Software Engineer, Google Cloud and Nicolas Kardas, Senior Product Manager, Google Cloud We’re excited to announce that Gmail will become the first major email provider to follow the new SMTP MTA Strict Transport Security (MTA-STS)...
Android Security & Privacy Year in Review 2018: Keeping two billion users, and their data, safe and sound
Posted by Meghan Kelly, Android Security & Privacy Team We're excited to release today the 2018 Android Security and Privacy Year in Review. This year's report highlights the advancements we made in Android throughout the year, and how we've...
Managed Google Play earns key certifications for security and privacy
Posted by Mike Burr, Android Enterprise Platform SpecialistWith managed Google Play, organizations can build a customized and secure mobile application storefront for their teams, featuring public and private applications. Organizations' employees can take advantage of the familiarity of a...
Open-sourcing Sandboxed API
Posted by Christian Blichmann & Robert Swiecki, ISE Sandboxing teamMany software projects process data which is externally generated, and thus potentially untrusted. For example, this could be the conversion of user-provided picture files into different formats, or even executing...
Disclosing vulnerabilities to protect users across platforms
Posted by Clement Lecigne, Threat Analysis GroupOn Wednesday, February 27th, we reported two 0-day vulnerabilities — previously publicly-unknown vulnerabilities — one affecting Google Chrome and another in Microsoft Windows that were being exploited together.To remediate the Chrome vulnerability (CVE-2019-5786),...
Android Security Improvement update: Helping developers harden their apps, one thwarted vulnerability at a time
Posted by Patrick Mutchler and Meghan Kelly, Android Security & Privacy TeamHelping Android app developers build secure apps, free of known vulnerabilities, means helping the overall ecosystem thrive. This is why we launched the Application Security Improvement Program five...
Google Play Protect in 2018: New updates to keep Android users secure
Posted by Rahul Mishra and Tom Watkins, Android Security & Privacy Team In 2018, Google Play Protect made Android devices running Google Play some of the most secure smartphones available, scanning over 50 billion apps everyday...
HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider
A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...
Washington Issues Temporary License to Huawei
Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August.
Despite reports emerging over the weekend of various chipmakers...
GDPR: The Best Strategy For International Businesses
The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
How Cyber-Secure Are Business Travelers? New Report Says Not Very
I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...
Haas F1 team leans on service providers as security force multipliers
If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...
