Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Google. Show all posts
NordVPN
fake websites Google links malware Microsoft NordVPN

Fake Websites and Malware Threats: How to Stay Safe Online

 



Recent research from the cybersecurity company NordVPN has revealed a significant rise in online threats, with over 669 million malware attacks recorded in the UK in 2024 alone. This alarming number highlights the increasing risk of falling victim to fake websites, harmful ads, and malicious software, especially when browsing popular websites or using free video streaming platforms.  


Fake Websites Imitating Well-Known Brands  

Cybercriminals often create websites that look almost identical to popular tech companies like Google, Facebook, and Microsoft. Their main goal is to trick people into providing their login details, which can then be misused for criminal activities.  

NordVPN’s research shows that in 2024, over 85,000 fake web links were created to imitate Google's official platforms. Similarly, around 6,000 fake links were designed to look like Facebook, and nearly 5,000 were made to mimic Microsoft. Other major companies such as AT&T, Yahoo!, and Netflix were also targeted, with around 4,000 fake URLs created for each.  

A common tactic used by scammers is slightly altering the spelling of well-known brand names, hoping that people won't notice the difference. For example, they may change "Google" to "G00gle" or "Amazon" to "Arnazon." This simple trick often convinces users to enter their login details, unknowingly handing their information over to cybercriminals.  

Although these major tech companies have no involvement in the fraud, their popularity makes them easy targets for impersonation. Because people generally trust these brands, they often do not realize they have been scammed until it’s too late.  


Malware Hidden on Video Hosting Platforms  

Another major source of cyber threats is free video streaming websites, where users often go to watch movies, shows, or anime. According to NordVPN’s findings, over 1.5 billion attempts to infect devices with malware were blocked on such sites in 2024 alone.  

Websites related to entertainment, sports, and file-sharing are especially vulnerable. Malware infections on entertainment websites alone reached almost one billion, while sports sites recorded around 124 million attacks. Additionally, adult content sites and file-sharing platforms faced millions of malware infiltration attempts.  

The risk doesn't stop at malware. Many of these websites are filled with intrusive advertisements and hidden web trackers designed to collect user data. These trackers monitor your online activity, gathering information about your browsing habits, interests, and personal details. While companies use this data to target you with advertisements, it can become dangerous if hackers gain access to it.  


Understanding the Threats: Malware, Trackers, and Intrusive Ads  

Malware, short for malicious software, refers to harmful programs like viruses, spyware, ransomware, and trojans. If malware infects your device, it can steal your sensitive information, lock your files, or even give hackers full control of your device. This often happens when users unknowingly download files from untrusted websites or click on suspicious links.  

Trackers are small tools placed on websites to monitor your online behavior. Companies use this information for marketing purposes, but if the data is leaked, it can be misused by hackers for malicious purposes.  

Intrusive advertisements, commonly seen on free video streaming sites, pose another risk. These ads not only disrupt your browsing experience but can also direct you to harmful websites or secretly install malware on your device without your consent.  


Tips to Protect Yourself from Cyber Threats  

Cybersecurity expert Adrianus Warmenhoven suggests some practical ways to protect yourself from online threats like malware, intrusive ads, and web trackers. Here’s how you can stay safe:  

1. Avoid Free or Suspicious Websites

Websites offering free video hosting, downloads, or pirated content often hide harmful software. Avoid visiting such sites, as they are more likely to infect your device with malware.  

2. Be Careful with Unknown Emails and Messages

Cybercriminals often use emails or messages that promise big rewards or urgent updates to trick you into giving away personal information. Avoid clicking on links in emails that sound too good to be true or ask for your data.  

3. Always Verify Links Before Clicking  

Scammers often create fake links that look similar to popular websites. For example, a fake website might spell "Amazon" as "Arnazon" to confuse you. Always double-check the spelling of website links before clicking on them.  

4. Check Files Before Downloading

Malware can often be hidden in files disguised as legitimate downloads. To avoid downloading harmful files, always use reliable websites and scan files with antivirus software before opening them.  

5. Protect Your Personal Information

Limit the amount of personal information you share online, especially on social media. Cybercriminals can misuse details like your full name, location, or contact information for scams or identity theft.  

6. Keep Your Devices Updated 

Outdated software can make your device vulnerable to malware and other cyber threats. Regularly update your operating system, apps, and security software to patch any security flaws.  

By following these steps, you can reduce the risk of falling victim to online threats and ensure your personal information remains safe.

Read more »
Polymorphic Attack
cyber attack Google malware Online Scams Phishing Attack Polymorphic Attack

New Polymorphic Attack Enables Malicious Chrome Extensions to Impersonate Password Managers and Banking Apps

Researchers at SquareX Labs have uncovered a sophisticated “polymorphic” attack targeting Google Chrome extensions, allowing malicious extensions to seamlessly morph into trusted ones, such as password managers, cryptocurrency wallets, and banking apps. The attack exploits Chrome’s ‘chrome.management’ API to gain insights into the user’s installed extensions and then impersonates them to steal sensitive information. 

The attack begins when an unsuspecting user installs a seemingly legitimate extension—such as an AI-powered marketing tool—through the Chrome Web Store. Once installed, the extension gains access to the list of other installed extensions using the ‘chrome.management’ API. If this permission is not granted, attackers can use a stealthier approach, injecting malicious code into web pages to detect installed extensions based on unique resource requests. 

This information is then sent to an attacker-controlled server, which determines whether a targeted extension is present. If a high-value target, such as a password manager, is detected, the malicious extension initiates the impersonation process. SquareX demonstrated how attackers could disable a legitimate extension, like 1Password, using the ‘chrome.management’ API or by manipulating the user interface to hide it. Simultaneously, the malicious extension changes its name, icon, and behavior to mimic the real one. 
To lure victims into entering their credentials, attackers deploy deceptive tactics, such as displaying fake session expiration messages that prompt users to log back in via a phishing form.

The stolen credentials are then sent to the attackers, after which the malicious extension reverts to its original state and re-enables the genuine extension, making detection nearly impossible. 

SquareX Labs has responsibly disclosed the vulnerability to Google, warning that it remains exploitable even in the latest Chrome version. The researchers recommend that Google strengthen security measures by restricting abrupt extension modifications, such as icon or HTML changes, or at the very least, issuing user alerts when such modifications occur. They also criticize Google’s classification of the ‘chrome.management’ API as a “medium risk,” given its extensive use in widely trusted extensions, including ad blockers and password managers. 

As of now, Google has not implemented any direct countermeasures against this attack. BleepingComputer has reached out to the company for a statement and will update its report accordingly. Meanwhile, users are advised to exercise caution when installing Chrome extensions and to be wary of unusual login prompts that could be phishing attempts.
Read more »
QR code security
2FA Cyber Security cybercriminals Gmail Google Google Security Tools QR code QR code security

Google to Introduce QR Codes for Gmail 2FA Amid Rising Security Concerns

 

Google is set to introduce QR codes as a replacement for SMS-based two-factor authentication (2FA) codes for Gmail users in the coming months. While this security update aims to improve authentication methods, it also raises concerns, as QR code-related scams have been increasing. Even Google’s own threat intelligence team and law enforcement agencies have warned about the risks associated with malicious QR codes. QR codes, short for Quick Response codes, were originally developed in 1994 for the Japanese automotive industry. Unlike traditional barcodes, QR codes store data in both horizontal and vertical directions, allowing them to hold more information. 

A QR code consists of several components, including finder patterns in three corners that help scanners properly align the code. The black and white squares encode data in binary format, while error correction codes ensure scanning remains possible even if part of the code is damaged. When scanned, the embedded data—often a URL—is extracted and displayed to the user. However, the ability to store and quickly access URLs makes QR codes an attractive tool for cybercriminals. Research from Cisco Talos in November 2024 found that 60% of emails containing QR codes were spam, and many included phishing links. While some emails use QR codes for legitimate purposes, such as event registrations, others trick users into revealing sensitive information. 

According to Cisco Talos researcher Jaeson Schultz, phishing attacks often use QR codes for fraudulent multi-factor authentication requests to steal login credentials. There have been multiple incidents of QR code scams in recent months. In one case, a 70-year-old woman scanned a QR code at a parking meter, believing she was paying for parking, but instead, she unknowingly subscribed to a premium gaming service. Another attack involved scammers distributing printed QR codes disguised as official government severe weather alerts, tricking users into downloading malicious software. Google itself has warned that Russian cybercriminals have exploited QR codes to target victims through the Signal app’s linked devices feature. 

Despite these risks, users can protect themselves by following basic security practices. It is essential to verify where a QR code link leads before clicking. A legitimate QR code should provide additional context, such as a recognizable company name or instructions. Physical QR codes should be checked for tampering, as attackers often place fraudulent stickers over legitimate ones. Users should also avoid downloading apps directly from QR codes and instead use official app stores. 

Additionally, QR-based payment requests in emails should be verified through a company’s official website or customer service. By exercising caution, users can mitigate the risks associated with QR codes while benefiting from their convenience.
Read more »
YouTube Content Consumption
Google Internet Technology YouTube Content Consumption

YouTube at 20: How the Viral Video Site Forever Changed User's Content Consumption Habit

 

A simple meal with friends 20 years ago sparked one of the twenty-first century's most significant technology breakthroughs. YouTube, a video-hosting platform founded by three former PayPal employees, was poised to transform the worldwide entertainment sector. Today, it even poses a danger to traditional television titans, establishing itself as a must-see in the entertainment industry. streaming. How has this platform amassed billions of users? A look back on its remarkable rise.

YouTube was founded in 2005 by Steve Chen, Chad Hurley, and Jawed Karim, who intended to make it easier to share videos online. On February 14, 2005, the website youtube.com was launched. A few weeks later, on April 23, 2005, Jawed Karim uploaded his first video, Me at the Zoo. This 19-second video, in which he stands in front of elephants at the San Diego Zoo, came to represent the era of user-generated content. 

Google bought YouTube for $1.65 billion in October 2006, less than a year after its start. This acquisition constituted a watershed moment: YouTube now had access to Google's superior search engines and advertising solutions, which helped it grow its audience and monetise its content. YouTube now has over 2.5 billion monthly active users and 100 million premium subscribers, making it the undisputed leader in video streaming. 

Massive impact on culture and media 

Over the years, YouTube has dramatically transformed how we consume content: 

  • Millions of YouTubers have emerged, with some becoming real celebrities, such as MrBeastSqueezie and PewDiePie. 
  • With platforms like TEDx, CrashCourse, and e-penser, YouTube has emerged as an indispensable learning tool. 
  • YouTube's diverse range of media, from gaming to vlogs to podcasts, has propelled it to the forefront of digital entertainment. 

Threat to traditional television 

These days, YouTube is directly competing with cable channels and streaming services like Netflix and Disney+. With over a billion hours of video seen daily, YouTube is starting to gain traction as a viable substitute for television. In contrast to traditional media, YouTube does not rely on production companies; instead, its material is created by its users. 

This strategy has made it possible for the platform to provide an endless quantity of films that span every potential topic of interest. By 2027, YouTube may overtake cable TV networks in terms of paying customers, the experts predict. Every day, millions of people watch it thanks to its advertising and premium membership business model. 

YouTube's challenges and controversies 

YouTube has not been immune to criticism despite its spectacular success: 

Copyright: In its early days, the platform was inundated with pirated content. Google has to reach agreements with the studios to restrict the infringements. 

Content moderation: Fake news, violent or inappropriate content: the site is frequently chastised for its lack of control over the videos it distributes.

Competition from TikTok and Instagram: Faced with the rise of short videos, YouTube had to respond by developing YouTube Shorts, an alternative to TikTok's fast-paced entertainment. 

What you need to remember

YouTube has evolved from a simple sharing site to a global streaming behemoth in less than two decades. Its capacity to develop and adapt to trends positions it as a major player in the audiovisual landscape.

Today, YouTube has 2.5 billion monthly active users, over 100 million premium members, and 1 billion hours of video views per day. YouTube, with its hybrid model that combines television, social networking, and streaming services, is clearly the media of future.
Read more »
Safety
Cyber Security Data Data Safety data security Google Safety

Google Report Warns Cybercrime Poses a National Security Threat

 

When discussing national security threats in the digital landscape, attention often shifts to suspected state-backed hackers, such as those affiliated with China targeting the U.S. Treasury or Russian ransomware groups claiming to hold sensitive FBI data. However, a recent report from the Google Threat Intelligence Group highlights that financially motivated cybercrime, even when unlinked to state actors, can pose equally severe risks to national security.

“A single incident can be impactful enough on its own to have a severe consequence on the victim and disrupt citizens' access to critical goods and services,” Google warns, emphasizing the need to categorize cybercrime as a national security priority requiring global cooperation.

Despite cybercriminal activity comprising the vast majority of malicious online behavior, national security experts predominantly focus on state-sponsored hacking groups, according to the February 12 Google Threat Intelligence Group report. While state-backed attacks undoubtedly pose a critical threat, Google argues that cybercrime and state-sponsored cyber warfare cannot be evaluated in isolation.

“A hospital disrupted by a state-backed group using a wiper and a hospital disrupted by a financially motivated group using ransomware have the same impact on patient care,” Google analysts assert. “Likewise, sensitive data stolen from an organization and posted on a data leak site can be exploited by an adversary in the same way data exfiltrated in an espionage operation can be.”

The escalation of cyberattacks on healthcare providers underscores the severity of this threat. Millions of patient records have been stolen, and even blood donor supply chains have been affected. “Healthcare's share of posts on data leak sites has doubled over the past three years,” Google notes, “even as the number of data leak sites tracked by Google Threat Intelligence Group has increased by nearly 50% year over year.”

The report highlights how Russia has integrated cybercriminal capabilities into warfare, citing the military intelligence-linked Sandworm unit (APT44), which leverages cybercrime-sourced malware for espionage and disruption in Ukraine. Iran-based threat actors similarly deploy ransomware to generate revenue while conducting espionage. Chinese spy groups supplement their operations with cybercrime, and North Korean state-backed hackers engage in cyber theft to fund the regime. “North Korea has heavily targeted cryptocurrencies, compromising exchanges and individual victims’ crypto wallets,” Google states.

These findings illustrate how nation-states increasingly procure cyber capabilities through criminal networks, leveraging cybercrime to facilitate espionage, data theft, and financial gain. Addressing this challenge requires acknowledging cybercrime as a fundamental national security issue.

“Cybercrime involves collaboration between disparate groups often across borders and without respect to sovereignty,” Google explains. Therefore, any solution must involve international cooperation between law enforcement and intelligence agencies to track, arrest, and prosecute cybercriminals effectively.
Read more »
Quantum- safe Encryption
Cloud cloud service providers Cyber Security Digital Signatures Google Google Cloud PQC Quantum threats Quantum- safe Encryption

Google Cloud Introduces Quantum-Safe Digital Signatures

 

As quantum computing advances, Google Cloud is taking a significant step toward securing its platform against future threats. The company has announced the introduction of quantum-safe digital signatures in its Cloud Key Management Service (KMS), currently available in preview. 

This move is part of a broader initiative to prepare for the potential risks that quantum computers pose to modern encryption systems. While fully capable quantum computers are not expected to be widely available for at least a decade, they could one day break most of today’s encryption methods in a matter of hours. This looming possibility has led to concerns over a harvest-now-decrypt-later strategy employed by cybercriminals. 

In this method, attackers steal encrypted data today, intending to decrypt it once quantum computing becomes powerful enough. To counter this risk, researchers are developing post-quantum cryptography (PQC)—encryption techniques specifically designed to withstand quantum attacks. One major security risk posed by quantum computing is the potential forgery and manipulation of digital signatures. 

Digital signatures authenticate documents and communications, ensuring they have not been tampered with. If compromised, they could allow attackers to impersonate legitimate users, forge transactions, or spread malware under trusted identities. Google Cloud recognizes the importance of addressing these concerns early and has introduced quantum-resistant digital signatures to build a more secure infrastructure. 

This initiative also aims to set an industry precedent for other cloud service providers. As part of its commitment to transparency and security, Google Cloud has announced that its quantum-related cryptographic implementations will be included in its open-source cryptographic libraries, BoringCrypto and Tink. This allows security researchers and developers to review, audit, and contribute to these implementations, ensuring their robustness against potential threats. 

The new quantum-safe digital signatures in Cloud KMS specifically implement ML-DSA-65 and SLH-DSA-SHA2-128S, two PQC algorithms that adhere to NIST (National Institute of Standards and Technology) standards. Google Cloud has also confirmed plans to integrate additional PQC algorithms into its Hardware Security Modules (HSMs), which are specialized devices designed to provide extra layers of cryptographic security.  

By rolling out these quantum-resistant digital signatures, Google Cloud is giving customers the opportunity to test PQC algorithms in Cloud KMS and provide feedback on their performance and integration. This allows businesses to prepare for a post-quantum future, ensuring their data remains secure even as computing power evolves. 

Google Cloud sees this initiative as a crucial first step toward a fully quantum-resistant cloud ecosystem, demonstrating its dedication to staying ahead of emerging cybersecurity challenges.
Read more »
TOAD
Android 16 CyberCrime CyberThreat Google In- Call Secuity malicious Phone Call Play Store Privacy Scammers TOAD

Enhanced In-Call Security in Android 16 Aims to Tackle Scammers

 


As part of a new security feature being developed by Google, users will no longer be able to modify sensitive settings when they are on a phone call. As a part of the in-call anti-scam protection, users are specifically prevented from enabling settings that allow applications to be installed from unknown sources and the grant of accessibility access as part of this in-call anti-scam protection. 

To mitigate the risk of scams exploiting these permissions during phone conversations, the developers of the app have developed several features. Android Authority was the first to report the development. As users attempt to alter their information while speaking to a customer service representative, a warning message appears stating as follows: "Scammers often request these actions during phone call conversations, so that is why it has been blocked. If users are guided to do this by someone they are not familiar with, it could be a scam." 

A new version of Android 16 Beta 2 was released this week, which introduced several new features and a modification to the phone call settings. The new features are intended to help improve not only the user experience but also to protect users against fraudulent scams. One of the features, which has just been introduced, is anti-scammer protection during phone calls, which is designed to protect the privacy and sensitive data of users during a phone call. 

The number of telephone scams has grown to an alarming level of sophistication, with scammers now employing ever-increasing sophistication to deceive unsuspecting individuals for fraudulent purposes. It is also common to install malware on individuals to gain access to sensitive information. Android 16 Beta 2 addresses this issue by implementing restrictions that prevent users from enabling certain sensitive settings, such as sideloading permissions, while a phone call is active, to reduce the risk of scams exploiting these permissions during conversations. 

The purpose of this measure is to enhance security by reducing the risk of scams. Moreover, Android 16 Beta 2 also introduces a restriction that prevents users from granting applications access to accessibility services when a phone call is currently underway. As of earlier this week, Android 16 Beta 2 now includes this feature, which was implemented by adding additional security measures to counter a technique commonly used by malicious actors to distribute malware. 

It was first introduced in Android 16 beta 2. As part of this method, which is known as telephone-oriented attack delivery (TOAD), a false sense of urgency is created and sent to potential victims to coerce them into calling a specific number. The NCSC-FI and the NCC Group reported in 2023 that cybercriminals were distributing dropper applications through SMS messages and phone calls to deceive individuals into installing malware, such as Vultr. The hacker community intended to use this technique to trick people into installing malware. 

 The company introduced several new security features as part of Android 15 when it began rolling out last year, aimed at reducing the risks caused by malicious applications as they were introduced. Google took these measures, among them was the automatic disabling of sensitive permissions for apps that weren't available in Gthe oogle Play Store or was downloaded from unverified sources that posed a threat to users. The goal of this enhancement is to better protect users from potential scams and the possibility of unauthorized access to sensitive information. 

The sideloading permission, which allows apps to install other apps, is disabled as a security measure by default to prevent malicious software from installing outside of official app stores, which poses significant risks for users. Users must be able to enable this permission manually through Settings > Apps > Special App Access > Install Unknown Apps. Furthermore, users who are enrolled in Advanced Protection Mode are not permitted to modify this permission due to the significant security risks involved. As a result, unauthorized installations can be prevented and overall device security will be enhanced. 

The Android 16 operating system offers additional security measures even if a user already allows sideloading or has installed malicious apps; the device also blocks the possibility of granting access to accessibility during phone calls when the user doesn't want it granted. This restriction is vital because applications that offer accessibility can exert a lot of control over a device, which may compromise user security and privacy. 

The misuse of such permissions can result in malicious applications stealing sensitive data or locking users out of their devices, as well as performing harmful actions. To combat scammers exploiting phone conversations as a way to install malware or gain unauthorized access to critical permissions, Google is preventing these changes during active calls. It is becoming increasingly sophisticated as cybercriminals utilize phone calls as a primary method of manipulating and defrauding individuals as online scams get more sophisticated. In particular, these scams are usually targeted at older people or those who are less familiar with digital security practices. 

Often, scammers use psychological tactics to deceive victims into following their instructions, such as inducing a false sense of urgency or fear. A scammer usually lures victims into installing applications, often under the guise of providing technical assistance with an issue that is fabricated. Once the attacker has installed the application, it gives him or her access to the victim's device, potentially allowing them to exploit it further. As part of Google's proactive efforts to mitigate these threats, it has implemented enhanced security features on Android 16. 

The Android 16 update will restrict users from sideloading applications or granting high-risk permissions during a phone call, which will help to reduce the effectiveness of such fraud schemes and improve overall user security. A significant advancement in mobile protection, especially as phone scams are becoming increasingly complex, this security feature represents a significant advance in mobile protection. 

With Google's introduction of obstacles into the scam process, Google hopes that fraudulent activity will become more difficult to carry out. Even in cases where scammers instruct victims to terminate a call and attempt the process again, the additional step required to activate certain settings may raise suspicion and may discourage the victim from trying it again. 

As part of Android 16 Beta 2, Google has implemented anti-scammer protections that allow users to access their phone while they are on a call, a proactive approach to fighting the growing threat of phone scams. By limiting access to sensitive settings while they are on a call, the company seeks to enhance user security and prevent malicious actors from exploiting them.
Read more »
Technology
Advanced Technology CyberCrime CyberThreat Google Google Quantum Sundar Pichai Technology

The Upcoming Tech Revolution Foreseen by Sundar Pichai

 


It was at the 2025 World Government Summit in Dubai on 15th-17th November that Sundar Pichai, CEO of Google and its parent company Alphabet, engaged in a virtual fireside conversation with the Moroccan Minister of State for Artificial Intelligence, Digital Economy and Remote Work Applications, HE Omar Al Olama. In their discussion, they explored Google's AI-first approach, highlighting how the company has consistently embraced long-term investments in foundational technologies and that the company has stayed committed to it.

Additionally, the conversation highlighted Google's culture of innovation that is continuously driving innovation within the organization, as well as its future vision of artificial intelligence and digital transformation. 

 According to Sundar Pichai, three important areas of technology will shape the future of humanity, and quantum computing is poised to lead the way. Pichai highlighted the transformative potential of quantum computing by saying, "Quantum computing will push the boundaries of what technology can do." He also stressed the ability to tackle complex challenges in health care, security, and science. Pichai believes that quantum advancements could lead to a revolution in drug discovery, improve the development of electric vehicle batteries, and accelerate progress in alternatives to conventional power sources, such as fusion. He called quantum computing the next major paradigm shift, following the rise of artificial intelligence. 

In addition to showing the capabilities of Google's cutting-edge Willow quantum chip, Pichai also discussed Google's latest quantum computing breakthrough, highlighting the company's most recent quantum computing breakthrough. The Willow quantum chip, which is at the forefront of the quantum computing world, solved a computation in less than five minutes that would normally take ten septillion years on a classical computer. That’s a one followed by 25 zeros, longer than the universe itself has existed. 

Pichai added that artificial intelligence was another significant force in technological advancement, alongside quantum computing. The prediction he gave was that artificial intelligence would continue to develop, becoming more intelligent, more cost effective, and increasingly integrating into daily lives. According to him, artificial intelligence is set to keep improving, becoming cheaper, and becoming more useful in the years to come, emphasizing its potential to become a part of everyday lives. A number of groundbreaking technological advances have been introduced by Google in recent months, including the release of Gemini 2.0 and the imminent release of Gemini 2.0 Flash for developers in the Gemini app by the end of the year. 

As for developments in artificial intelligence, there is a high probability that these developments will be showcased at the upcoming Google I/O conference, which should be held sometime in May, where the event is expected to take place. Additionally, Google has begun testing a new feature within Search Labs, called "Daily Listen," in addition to these artificial intelligence innovations. This personalized podcast experience curates and delivers news and topics tailored to the interests of the individual user, which improves engagement with relevant content. 

In December, Google announced that Gemini 2.0 Flash would become generally available for developers by January of next year. As part of this rollout, it is expected that the “Experimental” label will be removed from Gemini 2.0 Flash within the Gemini application. In addition, there is an increasing amount of anticipation surrounding "2.0 Experimental Advanced" which will be available to paid subscribers, and we expect more details on what it has to offer upon its official release. 

Google is continuing to expand its artificial intelligence-driven offering with NotebookLM Plus that is expected to be available for Google One subscribers beginning in early 2025. It is also expected that Gemini 2.0 will be integrated into other Google products, including AI Overviews in Search, in the coming months. This timeframe is aligned with the anticipated Google I/O event, traditional to be held in early May, when more Google products are expected to be integrated. 

Sundar Pichai, the CEO of Google, recently shared his views with employees regarding the urgency of the current technological environment, pointing out how technology has rapidly advanced and how Google can reimagine its products and processes for the next era, thanks to the rapid pace of innovation. Besides acknowledging the challenges faced by employees affected by the devastating wildfires in Southern California, he also noted the difficulties facing the company as a whole. 

As Pichai highlighted earlier this month, 2025 is going to be a pivotal year for Google, and he urged employees to increase their efforts in artificial intelligence development and regulatory compliance. Despite the increasing level of competition in artificial intelligence and the increasing level of regulatory scrutiny that surrounds it, he stressed the importance of ensuring the company stays on top of innovation while navigating a dynamic policy environment.
Read more »
Youtube
2FA Data Breach Emails Google Youtube

Google Fixes YouTube Security Flaw That Exposed User Emails

 



A critical security vulnerability in YouTube allowed attackers to uncover the email addresses of any account on the platform. Cybersecurity researchers discovered the flaw and reported it to Google, which promptly fixed the issue. While no known attacks exploited the vulnerability, the potential consequences could have been severe, especially for users who rely on anonymity.


How the Vulnerability Worked

The flaw was identified by researchers Brutecat and Nathan, as reported by BleepingComputer. It involved an internal identifier used within Google’s ecosystem, known as the Gaia ID. Every YouTube account has a unique Gaia ID, which links it to Google’s services.

The exploit worked by blocking a YouTube account and then accessing its Gaia ID through the live chat function. Once attackers retrieved this identifier, they found a way to trace it back to the account’s registered email address. This loophole could have exposed the contact details of millions of users without their knowledge.


Google’s Reaction and Fix

Google confirmed that the issue was present from September 2024 to February 2025. Once informed, the company swiftly implemented a fix to prevent further risk. Google assured users that there were no reports of major misuse but acknowledged that the vulnerability had the potential for harm.


Why This Was a Serious Threat

The exposure of email addresses poses various risks, including phishing attempts, hacking threats, and identity theft. This is particularly concerning for individuals who depend on anonymity, such as whistleblowers, journalists, and activists. If their private details were leaked, it could have led to real-world dangers, not just online harassment.

Businesses also faced risks, as malicious actors could have used this flaw to target official YouTube accounts, leading to scams, fraud, or reputational damage.


Lessons and Preventive Measures

The importance of strong security measures and rapid responses to discovered flaws cannot be emphasized more. Users are encouraged to take precautions, such as enabling two-factor authentication (2FA), using secure passwords, and being cautious of suspicious emails or login attempts.

Tech companies, including Google, must consistently audit security systems and respond quickly to any potential weaknesses.

Although the security flaw was patched before any confirmed incidents occurred, this event serves as a reminder of the omnipresent risks in the digital world. By staying informed and following security best practices, both users and companies can work towards a safer online experience.



Read more »
National Security
Cyber Attacks CyberCrime Cybersecurity CyberThreat Global Attacks Google Mandiant Incident Response Groud National Security

National Security Faces Risks from Cybercrime Expansion

 


The incidence of cyberattacks globally increased by 125% in 2021 compared to 2020, posing a serious threat to businesses and individuals alike. Phishing continues to be the most prevalent form of cybercrime worldwide and is expected to continue this upward trend into 2022, showing that cybercrime is becoming more prevalent worldwide. 

 There was a report in 2021 that around 323,972 internet users were victims of phishing attacks, covering nearly half of all the individuals who were affected by data breaches. During the peak COVID-19 pandemic, around 220% of complaints of phishing were reported, further escalating cybersecurity risks. 

Nearly one billion emails were exposed as well in 2021, which has affected approximately one in five users of the internet, with approximately 60 million emails being exposed. The constant exposure of sensitive information may have contributed to the prevalence of phishing attacks, which reinforces the importance of enacting stronger cybersecurity measures to reduce the risk of such attacks. There have been numerous instances where criminal groups have deployed ransomware to disrupt business operations for extortion. 

They have recently included threats concerning the exposure of their stolen data in their extortion strategies. Now that this method is regarded as a standard practice, it has resulted in a significant increase in the amount of sensitive information that is publicized, which has resulted in such data becoming increasingly accessible, which presents opportunities for state intelligence agencies to obtain and utilize such data to their advantage.

The Mandiant Incident Response Group of Google recently released a report that indicated that in 2024, the organization worked to mitigate nearly four times as many cyber intrusions related to financially motivated groups as those related to nation-states. This report may help shed further light on the issue. Despite the differences in motivation, cybersecurity experts have observed that the tactics, techniques, and procedures used by financially motivated cybercriminals and state-sponsored threat actors appear to be merging, potentially by design, together as they pursue their objectives. 

In the opinion of Ben Read, Senior Manager at Google's Threat Intelligence Group, an expansive cybercriminal ecosystem has increased the number of state-sponsored hacking attacks, most likely because the ecosystem provides malware, exploits weaknesses, and, in some cases, facilitates broad-based cyber operations. In the course of his speech, he pointed out that when outsourcing capabilities to third parties, they are frequently more cost-effective and offer greater functionality than when developed directly by governments. 

According to a geopolitical perspective, a market-driven cyber attack can be just as damaging and disruptive as one orchestrated by a nation-state, underscoring the need for a comprehensive cybersecurity strategy that attracts as many resources as possible. Cybercrime played a significant role in the COVID-19 pandemic. Businesses were compelled to change over to remote working environments rapidly as a result of the virus spreading, which created vulnerabilities in security protocols and network misconfigurations that were exploited by cybercriminals. 

Consequently, malware attacks increased by 358% in 2020 and were 100 times greater than in the previous year as a result of the pandemic. Cybercrime victims per hour were also at an all-time high as a result of the epidemic. Cybercrime victims have been reported to have fallen victim to cybercrime on an average of 53 persons every hour for the entire year of 2019. However, the number is projected to be 90 per hour for 2020, which reflects a surge of 69%. 

It has been demonstrated that cybersecurity risks are increasing as a result of the rapid digital transformation resulting from the global health crisis in Pakistan. Cybercrime has become increasingly common in recent years in Pakistan, with financial fraud being the most common reported crime. The number of financial fraud-related cybercrimes reported in 2020, out of 84,764 total complaints received, surpassed incidents of hacking (7,966), cyber harassment (6,023), and cyber defamation (6,004) by a margin of 20,218 victims. 

Social media has further aggravated the problem as well, with the number of complaints submitted about financial fraud on these platforms increasing by 83% between 2018 and 2021. In 2021 alone, 102,356 complaints were filed, with 23% of the cases being linked to Facebook and one other social network. As a consequence, cybercrime has also seen a sharp increase in India, with reported cases of cybercrime increasing significantly over the last few years. 

In 2018, there were 208,456 reported incidents, and in the first two months of 2022, this number had already exceeded 212,485, which is significantly higher than the number of cases in 2018. There is no doubt the pandemic triggered a steady rise in cybercrime incidents, which increased from 394,499 in 2019 to 1,158,208 in 2020 and to 1,402,809 in 2021 due to the pandemic. In 2022, cybercrime in India is projected to increase by 15.3% from the first quarter to the second quarter, in addition to the number of websites that have been hacked in India, increasing from 17,560 in 2018 to 26,121 in 2020. 

As Ransomware attacks have risen over the years, it has also become a major concern for Indian organizations, with 78% affected by these attacks in 2021, which resulted in 80% of them encrypting data, a number that is higher than the global average of 66% for attacks and 65% for encryption. According to the Home Ministry, financial fraud continues to account for the largest percentage of reported incidents among cybercriminals in India, accounting for 75% of them between 2020 and 2023, reaching a peak at over 77% in that period. 

As a result of joint sanctions imposed on Tuesday by the United States, the United Kingdom, and the Australian governments, security experts and experts are concerned about a Russian bulletproof hosting provider, Zservers. Zservers is suspected of facilitating ransomware attacks, including those orchestrated under LockBit. There are certain applications that, according to the UK government, form part of an illicit cyberinfrastructure that facilitates cybercriminal activities, such as ransomware attacks, extortion, and storage of stolen data, and sustains the operations of cybercriminal businesses, which are responsible for such operations.

The British Foreign Secretary, David Lammy, has described Russia as a corrupt and implacable country characterized by its ruthlessness and corruption, stating that it is not at all surprising that some of the world's most notorious cybercriminals operate within its borders. Russian intelligence agencies themselves have been reported to use these cybercriminal tools and services. Google's Threat Intelligence Group has highlighted that Russian military operations in Ukraine are being supported by criminal cyber capabilities as part of Russia's strategy for bolstering military operations.

There are several specific examples, including the Russian military intelligence unit Sandworm, also known as APT44, that utilizes commercial hacking tools for cyber espionage and disruption, and Moscow also uses the RomCom group to conduct espionage activities against Ukraine, a group normally associated with cybercrime. It should also be noted that Russia is not the only country accused of blurring the line between state-sponsored hacking and crime. 

The Iranian threat actors have been reported to use ransomware to generate financial resources. They are also known to engage in cyber espionage, while Chinese cyber espionage groups are known to also get involved in cybercrime as a means to complement their activities. It is suspected that North Korea is a nation that actively exploits cyber operations for financial gain, and it heavily targets cryptocurrency exchanges and individual crypto wallets to generate revenue for its regime to support its nuclear programs. 

The threat of cybercrime is on the rise, and the government is being urged to take stronger measures to combat it. In a recent report, the Google Threat Intelligence Group emphasized the critical importance of disrupting cybercriminal operations, emphasizing that cyber threats are becoming a major national security threat. Google Threat Intelligence head Sandra Joyce recently issued a warning that cybercrime no longer needs to be seen as a minor issue and that considerable efforts are required to mitigate its impacts on international security going forward.
Read more »
Privacy
Apple Artificial Intelligence Cyberattacks Cybersecurity CyberThreat DPA Google Military Privacy

Apps Illegally Sold Location Data of US Military and Intelligence Personnel

 


Earlier this year, news reports revealed that a Florida-based data brokerage company had engaged in the sale of location data belonging to US military and intelligence personnel stationed overseas in the course of its operations. While at the time, it remained unclear to us as to how this sensitive information came into existence. 
 
However, recent investigations indicate that the data was collected in part through various mobile applications operating under revenue-sharing agreements with an advertising technology company. An American company later resold this data, which was then resold by that firm. Location data collection is one of the most common practices among mobile applications. It is an essential component of navigation and mapping, but it also enhances the functionality of various other applications. 
 
There are concerns that many applications collect location data without a clear or justified reason. Apple’s iOS operating system mandates that apps request permission before accessing location data. Regulations ensure privacy by providing transparency and control over the collection and use of location-related sensitive information. 
 
After revelations about the unauthorized sale of location data, Senator Ron Wyden (D-WA) requested clarification from Datastream regarding the source of the data. Wyden’s office also reached out to an ad-tech company but did not receive a response. Consequently, the senator escalated the matter to Lithuania’s Data Protection Authority (DPA) due to national security concerns. 
 
The Lithuanian DPA launched an official investigation into the incident. However, the results remain pending. This case highlights the complexities of the location data industry, where information is often exchanged between multiple organizations with limited regulation. 
 
Cybersecurity expert Zach Edwards pointed out during a conference that "advertising companies often function as surveillance companies with better business models." This growing concern over data collection, sharing, and monetization in the digital advertising industry underscores the need for stricter regulations and accountability. 
 
Security experts recommend that users disable location services when unnecessary and use VPNs for added protection. Given the vast amount of location data transmitted through mobile applications, these precautions are crucial in mitigating potential security risks.
Read more »
SparkCat
Android app removal Apple Breach Cyber Security Cybersecurity Data Google iOS malware SparkCat

Apple and Google Remove 20 Apps Infected with Data-Stealing Malware


Apple and Google have removed 20 apps from their respective app stores after cybersecurity researchers discovered that they had been infected with data-stealing malware for nearly a year.

According to Kaspersky, the malware, named SparkCat, has been active since March 2024. Researchers first detected it in a food delivery app used in the United Arab Emirates and Indonesia before uncovering its presence in 19 additional apps. Collectively, these infected apps had been downloaded over 242,000 times from Google Play Store.

The malware uses optical character recognition (OCR) technology to scan text displayed on a device’s screen. Researchers found that it targeted image galleries to identify keywords associated with cryptocurrency wallet recovery phrases in multiple languages, including English, Chinese, Japanese, and Korean. 

By capturing these recovery phrases, attackers could gain complete control over victims' wallets and steal their funds. Additionally, the malware could extract sensitive data from screenshots, such as messages and passwords.

Following Kaspersky’s report, Apple removed the infected apps from the App Store last week, and Google followed soon after.

Google spokesperson Ed Fernandez confirmed to TechCrunch: "All of the identified apps have been removed from Google Play, and the developers have been banned."

Google also assured that Android users were protected from known versions of this malware through its built-in Google Play Protect security system. Apple has not responded to requests for comment.

Despite the apps being taken down from official stores, Kaspersky spokesperson Rosemarie Gonzales revealed that the malware is still accessible through third-party websites and unauthorized app stores, posing a continued threat to users.
Read more »
Malware Attack
Cyber Attacks fake ads fake websites Google Google Ads Infostealer Malware Mallicious URLs Malware Attack

Cybercriminals Use Google Ads and URL Cloaking to Spread Malware

 

Cybercriminals are increasingly using Google ads and sophisticated cloaking techniques to push malware onto unsuspecting users. The latest example involves a fake Homebrew website that tricked users into downloading an infostealer designed to steal sensitive data, including login credentials and banking details. Security researcher Ryan Chenkie first noticed the malicious Google ad, which displayed the correct Homebrew URL, “brew.sh,” making it appear legitimate. 

However, once users clicked on the ad, they were redirected to a fraudulent clone hosted at “brewe.sh.” The deception was so convincing that even experienced users might not have spotted the trick before engaging with the site. The technique used in this campaign, known as URL cloaking, allows cybercriminals to manipulate how links appear in ads. According to Google, these attackers create thousands of accounts and use advanced text manipulation to bypass detection by both automated systems and human reviewers. This makes it difficult to catch fraudulent ads before they reach users. 

While Google has since removed the ad and is ramping up its security efforts, the issue highlights ongoing vulnerabilities in online advertising. The malware behind this attack, identified by security researcher JAMESWT as AmosStealer (also known as Atomic), is specifically designed for macOS systems. Developed in Swift, it is capable of running on both Intel and Apple Silicon devices. AmosStealer is a subscription-based malware service, sold to cybercriminals for $1,000 per month. 

Once installed, it can extract browser history, login credentials, bank account details, cryptocurrency wallet information, and other sensitive data. What makes this attack particularly alarming is its target audience. Homebrew is a package manager used primarily by macOS and Linux users, who are generally more tech-savvy than the average internet user. This suggests that cybercriminals are refining their tactics to deceive even experienced users. By leveraging Google’s ad platform to lend credibility to their fake sites, these attackers can reach a broader audience and increase their success rate.  

To protect against such malware campaigns, users should take extra precautions. Checking an ad’s displayed URL is no longer sufficient — verifying the website address after the page loads is crucial. Even a minor change in spelling, such as replacing a single letter, can indicate a fraudulent site. Another effective defense is avoiding Google ads altogether. Legitimate websites always appear in organic search results below the ads, so skipping the top links can help users avoid potential scams. 

Instead of clicking on ads, users should manually search for the company or product name to locate the official website. For those looking to minimize risks from malicious ads, alternative search engines like DuckDuckGo or Qwant offer more privacy-focused browsing experiences with stricter ad filtering. As cybercriminals continue to evolve their tactics, adopting safer browsing habits and remaining vigilant online is essential to avoiding security threats.
Read more »
VPN
CyberCrime Cybersecurity CyberThreat Fake VPN Google malware SEO VPN

Malware Infections Surge from Fake VPN Downloads

 


An attacker is reportedly injecting malware into infected devices using popular VPN applications to gain remote control of the devices they are attacking. Google's Managed Defense team reported this disturbing finding, which sheds light on how malicious actors use SEO poisoning tactics to spread what is known as Playfulghost.

It has become increasingly important for individuals who prioritize the protection of their personal data and online privacy to use virtual private networks (VPNs). VPNs establish a secure, encrypted connection between users' devices and the internet, protecting their IP addresses and online activity against prying eyes. 

However, it should be noted that not all VPN applications are trustworthy. The number of fake VPN apps being distributed under the guise of legitimate services is increasing, stealing the sensitive information of unsuspecting users. Researchers have discovered that during the third quarter of 2024, fake VPN applications have become increasingly widespread globally, which is a worrying trend. In comparison to the second quarter, security analysts have reported a 2.5-fold increase in user encounters with fraudulent VPN apps.

These apps were either infected with malware or were built in such a way that they could be exploited by malicious actors. As a result of this alarming development, it is critical to be vigilant when choosing VPN services. Users should take precautionary measures when choosing VPN services and ensure that the apps they download are legitimate before downloading to safeguard their data and devices. 

As more and more home users turn to virtual private networks (VPNs) as a means to safeguard their privacy, to ensure their internet activity is secure, and to circumvent regional content blocks, these VPNs are becoming increasingly popular. Scammers and hackers are aware that the popularity of VPNs is growing, and so they intend to take advantage of that trend as much as possible. 

As an example, recently it has been found that some VPNs have been found to have security vulnerabilities that do not make them as secure as they should be. Playfulghost is a backdoor similar to Gh0st RAT, a remote administration tool that is well-known in the security community. According to Google's expert, Playfulghost is "a backdoor that shares functionality with Gh0st RAT." The latter has been around since 2008, and it is considered one of the best. 

The traffic patterns of Playfulghost can be distinguished from those of other known threats, especially in terms of encryption and traffic patterns. There are several ways hackers use phishing and SEO poisoning to trick their victims into downloading malicious software onto their computers, and according to a Google expert, one victim was tricked into opening a malicious image file for Playfulghost to run remotely from a remote location, which results in the malware being downloaded onto his computer. In the same vein, SEO poisoning techniques employed trojanized virtual private network (VPN) apps to download Playfulghost components from a remote server on the victims' devices (see GIF below). 

Infected with Payfulghost, an attacker can remotely execute a wide range of tasks on the device once it has been infected. It is particularly dangerous as a virus. Data mining is capable of capturing keystrokes, screenshots, and audio, as well as capturing screenshots. In addition to this, attackers can also perform file management activities, including opening, deleting, and writing new files. Security experts from Google have warned that a new malware threat has been detected that is very dangerous. It is known as Playfulghost and is distributed worldwide via fraudulent VPN apps. Researchers have warned that this scam uses sophisticated techniques to trick users into downloading infected VPN software, including what is called "SEO poisoning". 

There is something especially cruel about this latest cyberattack because signing up for one of the best VPN deals is usually an easy way to improve users' level of privacy and security online. Unfortunately, those who installed the fake VPN applications laced with malware in the last few days have now found themselves in the worst possible position due to the malware they have installed. As people know, the purpose of Playfulghost is to allow hackers to monitor every letter users type on their keyboard, a practice known as keylogging. 

It can also record audio from the built-in microphone on users' computers, laptops, tablets, or desktops, and it can also be used as a tool to record what they are seeing on the screen, which is often used for blackmail. The dangerous malware also enables attackers to remotely execute various file management activities, including opening, deleting, and writing new files, This can enable hackers to download and install other types of malware on machines infected with Playfulghost. Playfulghost also makes it possible for attackers to perform various file management activities remotely, such as opening, deleting, and creating files, allowing hackers to download and install other kinds of malware on computers infected with this dangerous malware. 

As it turns out, Playfulghost's functionality is quite similar to Gh0st RAT, which has wreaked havoc on PCs since 2001 and is now a public open-source tool, whose source code was released in 2008. Since this code is widely available, there have been several copies and clones created, including the latest variant. In addition to utilizing distinct traffic patterns and encryption, Google security researchers have pinpointed two methods by which the malware is being spread by hackers, according to their study. The first is using the infected computers' network cables and the second is via the Internet. 

 The first thing to know is that cybercriminals are utilizing phishing emails — unsolicited messages that entice people to download malicious software. One of the earliest examples that was spotted by Google's team involved emails with themes such as "Code of Conduct" which trick users into downloading the attached file, which turned out to be Playfulghost, a nasty infection. 

Another documented case has also been found in which a victim was tricked into opening a malicious image file and when they opened it in the background Playfulghost was automatically installed and activated on their computer from a remote server. Secondly, the malware may also be spread by bundling it with popular VPN apps in a process known as SEO poisoning. This method has been gaining popularity recently among virus creators. Search engine poisoning is the act of manipulating or hacking a search engine to make malicious downloads appear as an official import.
Read more »
Phishing Scams
2FA Cyber Attacks cybersecurity challenges Google Google Ads Hackers MalwareBytes Online Advertising Online Scams phishing kit Phishing Scams

Google Ads Phishing Scam Reaches New Extreme, Experts Warn of Ongoing Threat


Cybercriminals Target Google Ads Users in Sophisticated Phishing Attacks

Cybercriminals are intensifying their phishing campaigns against Google Ads users, employing advanced techniques to steal credentials and bypass two-factor authentication (2FA). This new wave of attacks is considered one of the most aggressive credential theft schemes, enabling hackers to gain unauthorized access to advertiser accounts and exploit them for fraudulent purposes.

According to cybersecurity firm Malwarebytes, attackers are creating highly convincing fake Google Ads login pages to deceive advertisers into entering their credentials. Once stolen, these login details allow hackers to fully control compromised accounts, running malicious ads or reselling access on cybercrime forums. Jérôme Segura, Senior Director of Research at Malwarebytes, described the campaign as a significant escalation in malvertising tactics, potentially affecting thousands of advertisers worldwide.

How the Attack Works

The attack process is alarmingly effective. Cybercriminals design fake Google Ads login pages that closely mimic official ones. When advertisers enter their credentials, the phishing kits deployed by attackers capture login details, session cookies, and even 2FA tokens. With this information, hackers can take over accounts instantly, running deceptive ads or selling access to these accounts on the dark web.

Additionally, attackers use techniques like cloaking to bypass Google’s ad policies. Cloaking involves showing different content to Google’s reviewers and unsuspecting users, allowing fraudulent ads to pass through Google's checks while leading victims to harmful websites.

Google’s Response and Recommendations

Google has acknowledged the issue and stated that measures are being taken to address the threat. “We have strict policies to prevent deceptive ads and actively remove bad actors from our platforms,” a Google spokesperson explained. The company is urging advertisers to take immediate steps if they suspect their accounts have been compromised. These steps include resetting passwords, reviewing account activity, and enabling enhanced security measures like security keys.

Cybersecurity experts, including Segura, recommend advertisers exercise caution when clicking on sponsored ads, even those that appear legitimate. Additional safety measures include:

  • Using ad blockers to limit exposure to malicious ads.
  • Regularly monitoring account activity for any unauthorized changes.
  • Being vigilant about the authenticity of login pages, especially for critical services like Google Ads.

Despite Google’s ongoing efforts to combat these attacks, the scale and sophistication of phishing campaigns continue to grow. This underscores the need for increased vigilance and robust cybersecurity practices to protect sensitive information and prevent accounts from being exploited by cybercriminals.

Read more »
Technology
Cyberattacks CyberCrime Cyberhackers Cybersecurity Google Google Docs Microsoft Word Proton Docs Technology

Proton Docs vs Google Docs in the Productivity Space

 


For those who are concerned about privacy, Proton has announced an end-to-end encrypted document editor intended to be a viable alternative to Microsoft Word and Google Docs. This application, released on Wednesday by the Swiss software vendor best known for its encrypted email app, provides office workers with many document creation features they might use in their daily work.

Swiss-based and privacy-conscious Proton is now focusing on cloud-based document editing as it has built up its email, VPN, cloud storage, password manager, and cloud storage offerings. Proton Docs, a newly launched service that offers an array of features and privacy protections, might be just what users need to make it work for them.

With regards to its user interface and user experience, Proton Docs draws inspiration from Google Docs while also introducing its distinctive twists. In addition to its clean, minimalist design, Proton Docs has a central focus on the document, and users can find familiar functions with icons at the top representing the common formatting options (such as bold, italics, headings, and lists).

However, the top of the screen does not have a dedicated menu bar, and all options can be found in the default toolbar. Proton Docs keeps a very similar layout to Google Docs and, therefore, if someone is transitioning from Google Docs to Proton Docs, they should not have any problems getting started with their drafts right away. The work that was done by Proton was excellent.

A lot of the basic features of Proton Docs are similar to those of Google Docs, and the first thing users will notice is that the application looks very much like Google Docs: white pages with a formatting toolbar up top, and a cursor at the top that displays who is in the document as well as a cursor to clear the document at the top. The fact is that this isn’t particularly surprising for a couple of reasons.

First of all, Google Docs is extremely popular, and the options for styling a document editor are not that many. In other words, Proton Docs has been created in large part to offer all the benefits of Google Docs, just without Google. Docs are launching inside Proton Drive today, and as part of the privacy-focused suite of work tools offered by Proton, it will be the latest addition.

It has become clear that Proton has expanded its offering from email to include a calendar, a file storage system, a password manager, and more since it began as an email client. Adding Docs to the company's ecosystem seems like a wise move since it aims to compete against Microsoft Office and Google Workspace, and it was coming soon after Proton acquired Standard Notes in April.

According to Proton PR manager Will Moore, Notes would not disappear — Docs is borrowing some of its features instead. Proton Docs is a full-featured, end-to-end encrypted word processor with the ability to store files and even its users' keys (keystrokes and cursor movements) end-to-end encrypted, so that no one, including Proton staff, will be able to access any of the users' files (not even the users). This makes it much more difficult for hackers and data breaches to access the files, thereby making them more secure. There has been a lack of improvement in this area in Proton Docs.

However, even though it is part of the growing portfolio of the company, it does not fully integrate with its existing platform. There is no ability to access calendars and contacts from the sidebar like Google Docs, and it does not have the same functionality as Google Pages. Additionally, there is no easy way for users to import existing documents, files, or media from a Proton Drive account directly into the application.

In contrast, Google Docs provides the convenience of typing an "@" followed by the name of a file from users' Google Drive account and inserting the document from there as soon as they click the hyperlink. A feature such as this is particularly useful when a document needs to include multiple files in addition to the document itself. A second advantage of Proton Docs is the use of Swiss cloud servers, which provide storage of users' data on Proton Docs' servers in Switzerland.

It is thanks to the strict Swiss laws that protect the information stored on these servers that they cannot be accessed by regulatory authorities in regions like the European Union and the United States. A new feature known as Proton Docs is scheduled to be rolled out to Proton Drive customers starting today, with the ability to access the feature expected to be available to everyone within the next few days, as per Proton.

Powered by the Proton Drive platform, Proton Drive operates on a freemium model with individual subscriptions to the platform costing as little as €10 per month (approximately $10.80 when billed annually). The monthly subscription fee for Proton for Business is €7 per user per month and can be purchased in any amount.

Read more »
Privacy
Android App Cyberattacks CyberCrime Cyberhackers Cybersecurity CyberThreat Google iOS Malicious Network Privacy

Google Warns Users About Privacy Risks Posed by Certain Android Apps

 


It has recently been reported by a leading media outlet that more than 11 million Android devices have been infected with malicious software known as the Necro Trojan, which has crept into phones and tablets through unofficially modified applications, games, and game modifications. Google is making an effort to narrow the gap between Android 15 and iPhone on the front of security and privacy. 

The new Android OS brings several welcome changes that will protect its users, their devices, and their data better over time. These include live threat detection that can identify malware and abuse of permissions as soon as they are detected, mobile network defence, and tighter controls over what apps are performing behind the scenes. There is still a lot of room on Android for permission abuse since it relates to that shadowy area between apps that behave properly and outright spyware—of which there are still a lot of examples available.

There is no doubt that Apple led the charge in limiting location tracking, and use of sensitive phone functionality like a camera, messaging, and contacts, as well as restricting access to location data. Google has released Android 15 on millions of Pixel devices, and it is now available for download. Although this update emphasizes security and privacy over anything else, two of its most important and headline-grabbing features were left out of the new upgrade. 

Two things are coming shortly, but the first one is not coming until the end of the year, and the second one is imminent. Google's new mobile network security, which prevents users from having their identities tracked and intercepted via the network, is maybe the most significant long-term security feature that is missing. It has been leaked that Android 15 will include an improved Privacy Dashboard as a part of the updates brought by the new version. 

9to5Google reports that, in the next few weeks after Android 16 Developer Preview 1 was released last month, Google will release a 7-day history for the privacy dashboard in Android 15, the first time that a 7-day history has been added. This is expected to be released via the Google Play system update in November 2024." It has been announced in the past month that Google will soon launch a 7-day history for the Privacy dashboard in Android 16, following the introduction of Android 16 Developer Preview 1 last month. There is a new system update to Google Play in November 2024 that will bring this update to the public. 

When the app is installed, go to the Settings app > Privacy & Security > Privacy dashboard to access the privacy information. There is now an option "Show 7 days" in the overflow menu located in the upper-right corner of the screen, joining the existing "Show system" option at the top.  Throughout the following tables, users will notice that the stats will change from "Past 24 hours" to "Past 7 days" as a longer timeframe for the usage of Location, Camera, and Microphone gets introduced.  This is the most sensitive spyware function on users' phones, and they need to pay special attention to how it is being used. 

The best advice for users would be to stop stopping permissions from being granted in the first place and not monitor afterwards, but rather to stop granting them in the first place. Even though an app might have no dangerous permissions, it can still pose a risk. There is no such thing as a safe number of permissions for an app, according to Cybernews researchers. By just installing the app on a device, the app has access to many more permissions that are considered harmless and non-dangerous. 

The apps used in these scenarios can still perform tasks such as starting up, staying in the background, accessing confidential information, etc. Taking this into consideration, it is critical to regularly remove unnecessary apps, revoke excessive permissions that infringe on privacy, and consider visiting the same services through the web browser rather than using the device's app store. This is a new Android Remote Access Trojan (RAT), and it combines both the classic VNC and overlay capabilities, as well as features often associated with spyware, to produce a powerful and sophisticated Android Trojan. 

There are keyloggers embedded in this program, as well as monitoring routines that provide the ability to capture user data and intercept user interactions, which makes it a powerful tool for spying on users and stealing credentials. Accessibility Services is also a permission that is never granted to any app without its requirement. Accessibility Services are also a system tool, which malware is capable of abusing to take control of devices and their key system functions if given regardless of their necessity. 

Additionally, a new feature that detects scam calls is being rolled out starting with Pixel devices. Specifically, it's available to U.S. phones by Google users with the Pixel 6 or newer device in English. This new update might be making some Samsung Galaxy owners jealous as they watch on with a sense of envy. As the headlines speculate on when the Android 15 beta will debut, the speculation continues again this week, with no sign of an imminent stable release until next year, and the release of Samsung's Galaxy S25 smartphone series only a year away. 

A certain degree of risk is inherent in every mobile application, which makes it imperative for the user to maintain a high level of precaution when it comes to ensuring the security of their data and privacy. Security experts insist that it is crucial to carefully review app permissions before granting them access to users' devices. Users should always disable location services whenever possible—concerned, however, that some applications may not be able to operate properly without them should turn off geotagging for photographs when not required. 

There can be many sensitive information contained in location and geotagging information. It is likely that marketers, and potentially malign actors, will analyze this information to develop a comprehensive profile of each individual's movements and habits based on the information they gathered. To protect the phone's privacy, users must not underestimate the implications of such access. There is expert advice that users should revoke permissions for apps that appear too restrictive on the app's functionality for their utility. 

The best course of action is to uninstall an application if it is unable to customize permissions and poses privacy concerns to users without having the ability to customize them. Research on highly secure messaging applications designed for both iPhone and Android platforms could benefit those looking to enhance the level of security in their communication. As the world of communication becomes increasingly interconnected, these apps cater to users' needs in terms of privacy and data encryption.
Read more »
Subscribe to: Posts (Atom)