blog trackingRealtime Web Statistics Google Archives | Page 2 Of 26 | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant - Part 2

Posts Tagged ‘Google’

31 Security bugs fixed in Google Chrome 34

Source: National Cyber Security – Produced By Gregory Evans

Google has announced the stable release of Chrome 34, an update brining number of fixes, functionality improvements and security updates. In total, 31 security vulnerabilities have been patched in this latest version 34.0.1847.116 which includes medium to high severity bugs. The list of high severity bugs are UXSS in V8, OOB access in V8, Integer overflow in compositor, Use-after-free in web workers, Use-after-free in DOM, Memory corruption in V8, Use-after-free in rendering, Url confusion with RTL characters and Use-after-free in speech. The medium severity bugs include Use-after-free in speech, OOB read with window property and Use-after-free in forms. A total of $29,500 has been awarded to researchers who reported the above security vulnerabilities. Source: http://whogothack.blogspot.co.uk/2014/04/31-security-bugs-fixed-in-google-chrome.html#.VlYVZFUrLIU The post 31 Security bugs fixed in Google Chrome 34 appeared first on Am I Hacker Proof. View full post on Am I Hacker Proof

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post 31 Security bugs fixed in Google Chrome 34 appeared first on National Cyber Security.

View full post on National Cyber Security

Researchers Get $10,000 for Hacking Google Server with Malicious XML

Source: National Cyber Security – Produced By Gregory Evans

A critical vulnerability has been uncovered in Google that could allow an attacker to access the internal files of Google’s production servers. Sounds ridiculous but has been proven by the security researchers from Detectify.The vulnerability resides in the Toolbar Button Gallery (as shown). The team of researchers found a loophole after they noticed that Google Toolbar Button Gallery allows users to customize their toolbars with new buttons. So, for the developers, it is easy to create their own buttons by uploading XML files containing metadata for styling and other such properties.This feature of Google search engine is vulnerable to XML External Entity (XXE).   It is an XML injection that allows an attacker to force a badly configured XML parser to “include” or “load” unwanted functionality that can compromise the security of a web application.“The root cause of XXE vulnerabilities is naive XML parsers that blindly interpret the DTD of the user supplied XML documents. By doing so, you risk having your parser doing a bunch of nasty things. Some issues include: local file access, SSRF and remote file includes, Denial of Service and possible remote code execution. If you want to know how to patch these issues, check out the OWASP […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Researchers Get $10,000 for Hacking Google Server with Malicious XML appeared first on National Cyber Security.

View full post on National Cyber Security

Google Chrome vulnerability allows Websites to Eavesdrop on You

Source: National Cyber Security – Produced By Gregory Evans

Just imagine, you are sitting in front of your laptop and your laptop is listening to your nearby conversations. What if the recorded audio from the system’s microphone is being instantly uploaded to a malicious website?Google has created a speech-recognition Application Programming Interface (API) that allows websites to interact with Google Chrome and the computer’s microphone allows you to speak instead of typing into any text box, to make hands-free web searches, quick conversions, and audio translator also work with them.In January, a flaw was discovered in Google Chrome that enabled malicious websites with speech recognition software to eavesdrop on users’ conversations from background without their knowledge using an outdated Google speech API.A new similar vulnerability in Google Chrome has been discovered by Israeli security researcher, Guy Aharonovsky, claimed that the Chrome’s speech-recognition API has a vulnerability that allows attackers to turn victim’s machine into a listening port without asking for any permission, even if your microphone is completely disabled. “Even blocking any access to the microphone under chrome://settings/content will not remedy this flaw.” he said in a blog post. Reported vulnerability exploits the “-x-webkit-speech” feature of Chrome’s speech-recognition API and allows a malicious web application to eavesdrop in the background […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Google Chrome vulnerability allows Websites to Eavesdrop on You appeared first on National Cyber Security.

View full post on National Cyber Security

A ‘most private place’: Trust Google with your data above government bodies, says Alphabet’s Eric Schmidt

Source: National Cyber Security – Produced By Gregory Evans

A ‘most private place’: Trust Google with your data above government bodies, says Alphabet’s Eric Schmidt

Google is the “safest and most private place” to store data, Alphabet Inc. executive chairman Eric Schmidt said this week as he addressed privacy concerns over data collected by Google’s machine- learning mechanisms. Machine learning is a branch of computer science in which algorithms are constructed to learn from data and make more accurate predictions over time. Google uses such mechanisms in a variety of its services, including improving its search engine services, filtering spam in Gmail and classifying users’ photos in its Google Photos app. “We work very hard to keep people’s data private and to give [them] control over it,” Schmidt said during a live video conference with reporters in Tokyo on Tuesday. “You can control what Google keeps of you … and we keep your data protected using incredibly powerful encryption.” Schmidt also condemned government hacking of technology companies, adding that Google is a safer place to entrust your data than government agencies or bodies. “We are upset that it appears that the US government and the Chinese government … have attacked computer companies without permission,” said Schmidt. Source: http://www.scmp.com/tech/enterprises/article/1877771/most-private-place-trust-google-your-data-above-government-bodies

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post A ‘most private place’: Trust Google with your data above government bodies, says Alphabet’s Eric Schmidt appeared first on National Cyber Security.

View full post on National Cyber Security

First Paid Fake Android Antivirus App Downloaded 10,000 times from Google Play Store

Source: National Cyber Security – Produced By Gregory Evans

Well, we all are very conscious, when it comes to the security of our personal information, security of our financial data and security of everything related to us. In the world of Smart devices where our Smartphones knows more than we know ourselves.To keep our device protected from harmful viruses, malware or spyware, we totally depend on various security products such as antivirus, firewall and privacy guard apps, that we typically install from some trusted sources, Google Play Store. Most Antivirus apps are available to download for free, but some of them are paid with extra premium features like advance firewall protection, anti theft, App Locker or Cloud Backup etc.But do you believe that just because you’re downloading an application from an official app store and also if its a premium paid version, you’re safe from malicious software? Think twice.In Past, Mobile Security Researchers had spotted numerous fake mobile antivirus scanners that were available for free download at Google’s Play marketplace, but its the first time when a cyber criminals are offering a fake, but paid Antivirus Solution called ‘Virus Shield’ for your Android device at Google’s play store.Virus Shield masquerade itself as an antivirus that claims to “protect you and […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post First Paid Fake Android Antivirus App Downloaded 10,000 times from Google Play Store appeared first on National Cyber Security.

View full post on National Cyber Security

French Researchers Hack Google Now And Siri Remotely, Silently Via Headphones

Source: National Cyber Security – Produced By Gregory Evans

Researches on the French government’s payroll have discovered a new way to remotely and silently seize control of personal assistants such as Google Now or Microsoft’s Siri installed on a smartphone. The brilliant hacking technique only works within short distances, and requires the target to plug microphone-enabled earphones into a mobile phone. The cyberattack exploits the headphone cord’s doubling as an antenna. Hackers then send electromagnetic signals to the earphones, which are turned into audio input. Then the mobile device interprets it as normal voice commands. Researchers Chaouki Kasm and José Lopes Esteves uncovered the hack. They warned that the security vulnerability of voice-command capable handsets could result in critical security issues. In fact, the possibilities are unlimited. Kasm and Esteves work for the French government agency L’Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI). Its director Vincent Strubel explained that the hacking method could be used in crowded areas such as bars or airports, simultaneously hacking many smart phones in one location, according to The Verge. However, the hacking method has several limitations. For example, the microphone-enabled earphones must be plugged in, and the user must enable voice commands on the phone’s lock screen. That is the default […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post French Researchers Hack Google Now And Siri Remotely, Silently Via Headphones appeared first on National Cyber Security.

View full post on National Cyber Security

Google Nexus 5X pre-orders will probably start shipping soon as cards are charged

Although Google previously announced that LG Nexus 5X pre-orders will start shipping by October 22nd, it looks like some lucky customers might get their hands on the new LG-made Nexus handsets sooner than anticipated.

Some of those who have pre-ordered the LG Nexus 5X have recently started seeing their order status change to “Processing”, with credit/debit cards being charged for their order. Usually when a company starts charging cards, the product is ready to start shipping.

If you’re more interested in the Huawei Nexus 6P, then note that some orders …

View full post on PhoneArena

Google Play Store to soon reorganize the main navigation options

It looks like there are changes coming to the Google Play Store to change the way you navigate content. The big change is to switch from having six category tabs at the top of the Play Store home page – apps, games, movies & TV, music, books, and newsstand – there will now be just two options – apps & games, and entertainment.
As you can see in the image above, the change will create two main tabs on the Play Store home page, one for apps & games and one for entertainment. The end result does create a cleaner look and an spot for the big …

View full post on PhoneArena

Google Nexus 5X release date looms closer: starts shipping on October 22nd

The release date for the Google Nexus 5X is looming closer. The smaller of the two new Nexus phones will leave warehouses and start shipping to customers on October 22nd and it should take no longer than a few days until it ends up in customer’s hands. Previously, Google has only vaguely said that the phone will be available in October, but having a specific date adds some certainty.

The Nexus 5X is the successor to one of the most popular devices in the Nexus series – the 2013 Nexus 5. The new phone is also made by LG and features a somewhat similar …

View full post on PhoneArena

Google starts deep linking iOS apps from Safari, throws shade at Apple

Apple usually isn’t all that subtle when it comes to putting down competitors, especially Google. But, Google tends to be a bit more passive aggressive with its jabs, and that shows again in the new announcement to developers talking about how to deep link to iOS apps from Google search results in the Safari browser.This means that a search result for a location will show as a deep link that bumps users directly to that place page within an app like Yelp. 

Of course, in the announcement Google couldn’t help mentioning that not only has Android had this feature for a long …

View full post on PhoneArena

Page 2 of 26«12345»1020...Last »

My Twitter

  • RT @GregoryDEvans: IT’S TIME FOR BOTH PARTIES TO GET SERIOUS ABOUT CYBERSECURITY: PICKS OF THE WEEK https://t.co/8B5WykWYGP https://t.co/XU…
    about 3 hours ago
  • RT @GregoryDEvans: Teacher Gets Rid Of Homework, Gets A+ From Students And Parents https://t.co/HJVDfZCChe
    about 3 hours ago
  • RT @GregoryDEvans: ALLEGED NSA HACKERS PROBABLY GAVE AWAY A SMALL FORTUNE BY LEAKING EXPLOITS https://t.co/CxrIh0WXHy https://t.co/3YMQmX1b…
    about 7 hours ago
  • RT @GregoryDEvans: Turkish journalist Baris Pehlivan jailed for terrorism was framed by hackers, says report https://t.co/DNFlEB7ZFV https:…
    about 8 hours ago
  • RT @GregoryDEvans: John Krasinski Is The Kind Of Dad Who Shows Photos Of His Newborn At A Movie Premiere https://t.co/rEvveKkuAK
    about 15 hours ago

AmIHackerProof.com By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans