Google

Smashing Security #145: Apple and Google willy wave while home assistants spy – DoH!

Apple’s furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist John Leyden.


2 min read

Smashing Security #144: Google helps the FBI, Twitter Jack’s hijack, and car data woes

Should Google really be helping the FBI with a bank robbery? What’s the story behind the Twitter CEO claiming there’s a bomb in their offices? And how much does your car really know about you?

And we mourn the loss of Doctor Who legend Terrance Dicks…


2 min read

bitdefender.com

Google’s bug bounty bid to make big Android apps more secure

Google’s bug bounty has been expanded to not only covers the firm’s own products, but additionally all apps in the official Google Play store which have had 100 million or more installs.

Read more in my article on the Hot for Security blog.


0 sec read

Won a free iPhone? No, it’s Calendar spam

An increasing number of people are reporting that their calendars are being bombarded with spam invitations. Here is how to stop them appearing in your Google calendar.


1 min read

YouTube joins Facebook and Twitter, disabling accounts targeting Hong Kong protests

Good luck to the social media sites playing whack-a-mole as they try to police the activities of state-sponsored groups trying to influence the public’s opinion with co-ordinated campaigns. This isn’t going to be a problem that’s easy to fix.


1 min read

Google contractors told to stop listening to conversations captured on your Home assistant… for now, in Europe at least

Google has agreed to temporarily stop listening to audio captured by its Google Home smart speaker across the European Union… after an investigation was started by German regulators.


44 sec read

Smashing Security #139: Capital One hacked, iMessage flaws, and anonymity my ass!

Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to… Penelope?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.


2 min read

Google found a way to remotely attack Apple iOS devices by sending a boobytrapped iMessage

Have you updated your iPhone and iPad to iOS 12.4 yet?

If you care about your security and privacy, then Google researchers have given you a very good incentive to do so as soon as possible.


1 min read

Smashing Security #135: Zombie grannies and unintended leaks

We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Oli Skertchly.


1 min read

bitdefender.com

Bought a second-hand Nest Cam? It might have been spying on you

Even if you initiated a factory reset of the popular Nest Cam Indoor home security camera, connected to third-party partner services via Works with Nest, it might still be possible for a user to access its video feed.

Read more in my article on the Bitdefender BOX blog.


0 sec read

Smashing Security #131: Zap yourself from the net, and patch now against BlueKeep

Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


1 min read

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware… and how Carole gets her diva on.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


2 min read

Smashing Security #129: Too Long; Didn’t Listen

Don’t hire a hacker, they might scam you! What works and what doesn’t when it comes to protecting your email account? And China’s controversial social credit system comes under the microscope.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

bitdefender.com

Google stored business customers’ passwords in plaintext on its servers… for 14 years

Google has admitted that some of its business customers of G Suite (formerly known as Google Apps) had their passwords stored on the company’s internal servers for 14 years in plaintext.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

bitdefender.com

Don’t have your account hijacked. Secure your online accounts with more than a password, says Google

Research published at the end of last week argues that the typical user can significantly harden the security of their online accounts by linking a recovery phone number that can send an alert if there is suspicious activity on the account.

Read more in my article on the Hot for Security blog.


0 sec read

tripwire.com

Google and Facebook scammed out of $123 million by man posing as hardware vendor

Even the most tech savvy companies in the world can fall for business email compromise.

A Lithuanian man has this week pleaded guilty to tricking Google and Facebook into transferring over $100 million into a bank account under his control after posing as a company that provided the internet giants with hardware for their data centers.

Read more in my article on the Tripwire State of Security blog.


0 sec read