Last week, the Federal Trade Commission (FTC) announced that it has required Google and YouTube to pay a settlement fee totaling $170 million after its video-sharing platform was found violating the Children’s Online Privacy Protection Act (COPPA). The complaint was filed by the FTC and the New York Attorney General, with the former set to receive the penalt

The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. According to The Verge, Google’s latest contract will require OEMs to supply Android security updates for two years and provide at least four updates within the firs

Reading through Google’s first quarterly Android Ecosystem Security Transparency Report feels like a mix of missed opportunities and déjà vu all over again. Much of what is in the new Android ecosystem security report is data that has been part of Google’s annual Android Security Year in Review report, including the rates of potentially harmful a

Everyone needs a web browser, and while Safari comes pre-installed on Macs, many people choose to use a different browser. You may want to do this for compatibility reasons—there may be sites or services you use that Safari doesn't handle correctly—or because you use a different browser at work; if you want to be able to sync bookmarks and history from your

If there's one app that just about everyone uses on their iPhone, iPad, or iPod touch, it's a web browser. You use your browser to get information, to shop, and for entertainment. iOS devices come with Apple's Safari browser pre-installed, but you can use a different browser if you wish. Unfortunately, on iOS you can't set a different browser as the default,

OpenSSL patches two low and medium severity vulnerabilities that were discovered by using Google’s open source OSS-Fuzz fuzzing service. The medium severity vulnerability tracked as CVE-2017-3736 was addressed with the release of OpenSSL 1.1.0g and 1.0.2m. The flaw is a carry propagating bug in the x86_64 Montgomery squaring procedure, it affects processors

Google has launched Google Play Security Reward, the bug bounty program that will pay $1,000 rewards for flaws in popular apps. Google has officially launched a bug bounty program for Android apps on Google Play Store, a measure that aims to improve the security of Android apps. The initiative, called Google Play Security Reward, will involve the security c

Google security experts disclosed seven distinct vulnerabilities in the Dnsmasq software package. Regardless of what you may think of Google as a company, it is difficult to criticize their prolific and in-depth security research. The latest example is their disclosure of seven distinct issues in the Dnsmasq software package. From the authors’ website,

A hacker using the online moniker of ‘Kuroi’SH’ defaced the Google Brazil domain on Tuesday afternoon, this isn’t the first high-profile target he breached. A hacker using the online moniker of ‘Kuroi’SH’ defaced the official Google Brazil domain on Tuesday afternoon. The defaced page displayed a message greeting his friends for

Google continues the ongoing effort to communicate the transport security status of a given page labeling resources delivered via FTP as “Not secure” in Chrome, Last week, Google announced that future versions of Chrome will label resources delivered via the File Transfer Protocol (FTP) as “Not secure.” The security improvement will be implement

A half dozen technology and security companies — some of them competitors — issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle ‘WireX,’ an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this mon

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out th

Google has identified a new strain of Android malware, the Lipizzan spyware, that could be used as a powerful surveillance tool. Malware researchers at Google have spotted a new strain of Android spyware dubbed Lipizzan that could exfiltrate any kind of data from mobile devices and use them as surveillance tools. The Lipizzan spyware is a project developed

A Lithuanian court on Monday ruled the extradite of a man to the US to face charges of allegedly swindling $100M from Google and Facebook via email scam. A Lithuanian man who is allegedly responsible for a $100 million scam (roughly 87 million euros) from tech companies Google and Facebook will be extradited to the United States soon. The Lithuanian citizen 

Last month KrebsOnSecurity published research into a large distributed network of apparently compromised systems being used to relay huge blasts of junk email promoting “online dating” programs — affiliate-driven schemes traditionally overrun with automated accounts posing as women. New research suggests that another bot-promoting botnet of