http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2016-04-26 20:48:26 - Dancho Danchev's Blog Mind Streams of Information Security Knowledge : We've recently intercepted, a malicious campaign, utilizing, Google Docs, for, the purpose, of spreading, malicious software, potentially, exposing, the confidentiality, integrity, and availability, of the, targeted hosts In this, post, we'll profile, the malicious campaign, expose, the malicious, infrastructure, behind, it, provide, MD5s, and, discuss, in depth, the, tactics, techniques, and IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/604744.shtmlhttp://www.secuobs.com/revue/news/604744.shtml 2016-04-25 21:29:27 - Darknet The Darkside : http://www.secuobs.com/revue/news/604652.shtmlhttp://www.secuobs.com/revue/news/604652.shtml 2016-04-24 17:23:26 - Dancho Danchev's Blog Mind Streams of Information Security Knowledge : Malicious attackers, have, managed, to, infiltrate, and populate, Google Play, with, hundreds, of rogue, applications, exposing, users, to mobile, malware, compromising, the, integrity, of, their, devices, and, exposing, them, to, misleading, advertisements Once, a socially, engineered, user, obtains, the, application, and, execute, it, their, device, the malware, phones, back, to, a malicious IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/604512.shtmlhttp://www.secuobs.com/revue/news/604512.shtml 2016-04-21 11:40:36 - Global Security Mag Online : La Cour Suprême des Etats-Unis a rendu un arrêt, ce lundi 18 avril 2016, autorisant Google à mettre en œuvre son projet colossal de librairie numérique Fonctionnement et objectifs de la Google Library Il s'agit pour la firme américaine de numériser des livres, tombés dans le domaine public ou non, mis à disposition par des partenariats avec des bibliothèques, aux Etats-Unis et en Europe A l'issu du procédé de numérisation, plusieurs possibilités s'offrent alors à l'utilisateur Si l'ouvrage est - Risk Management http://www.secuobs.com/revue/news/604303.shtmlhttp://www.secuobs.com/revue/news/604303.shtml 2016-04-21 02:03:28 - Slashdot Your Rights Online : An anonymous reader writes A new study by Google and the University of California, Berkeley, claims over 700,000 websites were breached between June 2014 and June 2015 The research shows that miscreants had routinely hijacked thousands of vulnerable web servers for cheap hosting and traffic acquisition The exact number of recorded hijacking incidents within the period was 760,935 but google has been said they were able to curb the amount of breaches through direct communication with webmasters Google's Safe Browsing Alerts sends notifications to network admins when potentially dangerous URLs are detected on their networks These have reportedly increased the likelihood of a cleanup by more than 50 percent and reduced infection lengths by at least 62 percent According to The Next Web, WordPress topped the chart of platforms that experienced the most breaches almost half of all attacks English websites experienced the most attacks, with Chinese, German, Japanese and Russian language websites following closely behind IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/604282.shtmlhttp://www.secuobs.com/revue/news/604282.shtml 2016-04-20 05:51:00 - Slashdot Your Rights Online : darthcamaro writes For over a decade, Google's Safe Browsing technology has helped to alert users to dangerous sites, where malware and phishing exploits can be found Apparently, one of those unsafe sites is none other than Googlecom itself According to eWeek, Google's automatic spidering of the Web will catch some malicious sites, and by Google's own admission, there are sites in its index that will redirect users to locations that will attempt to install malware on their computers Google also admits and warns that by way of Googlecom and the sites linked in its index , 'Attackers on this site might try to trick you to download software or steal your information for example passwords, messages, or credit card information ' IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/604189.shtmlhttp://www.secuobs.com/revue/news/604189.shtml 2016-04-19 19:39:34 - Security Bloggers Network : Over the last year, Google detected nearly 800,000 compromised websites roughly 16,500 new sites every week exposing unsuspecting visitors to malware and scams The search engine giant detailed the findings of a study it conducted alongside the University of California, Berkley, which analyzed 760,935 hijacking incidents from July 2014 to June 2015 The Read More The post Google Discovered Nearly 800K Compromised Websites Exposing Visitors to Scams, Malware appeared first on The State of Security IMAGE http://www.secuobs.com/revue/news/604157.shtmlhttp://www.secuobs.com/revue/news/604157.shtml 2016-04-18 16:18:14 - TorrentFreak : The producer of dozens of movies including The Expendables trilogy and London Has Fallen has branded Barack Obama a coward for failing to take on Google over piracy Avi Lerner says that the government is scared of the search giant and anyone not helping to stop piracy should go to jail Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/604031.shtmlhttp://www.secuobs.com/revue/news/604031.shtml 2016-04-17 13:29:16 - TorrentFreak : The celebrity couple at the center of a row over a secret threesome will have to wait until Monday to find out whether their injunction forbidding the publication of their names will be upheld In the meantime anti-piracy outfit Web Sheriff has asked Google to remove links to dozens of news stories, all of which have been rejected Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/603962.shtmlhttp://www.secuobs.com/revue/news/603962.shtml 2016-04-15 22:51:29 - Slashdot Your Rights Online : An anonymous reader writes On Friday, Google announced it is making changes to Chrome Web Store's User Data Policy to ensure developers are more transparent about how their extensions handle customer data The company has notified developers and is giving them three months to comply with the changes Come July 15, 2016, company says, extensions that violate the policy will be removed from the Chrome Web StoreThe announcement comes amid a report that pointed out a rogue extension in the Chrome Web Store The incident was one of many we have seen in the past few months Following are the requirements that a developer must meet 1 Be transparent about the handling of user data and disclose privacy practices 2 Post a privacy policy and use encryption, when handling personal or sensitive information 3 Ask users to consent to the collection of personal or sensitive data via a prominent disclosure, when the use of the data isn't related to a prominent feature IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/603902.shtmlhttp://www.secuobs.com/revue/news/603902.shtml 2016-04-15 18:43:23 - Slashdot Your Rights Online : An anonymous cites an article on Ars Technica Two security researchers have published research exposing the potential privacy problems connected to using Web address shortening services When used to share data protected by credentials included in the Web address associated with the content, these services could allow an attacker to gain access to data simply by searching through the entire address space for a URL-shortening service PDF in search of content, because of how predictable and short those addresses are Both Microsoft and Google have offered URL shortening services embedded in various cloud services Microsoft included the 1drvms URL shortening service in its OneDrive cloud storage service and a similar service bingedit for Bing Maps -- branded domains of the bitly domain shortening service Microsoft has stopped offering the OneDrive embedded shortener, but existing URLs are still accessible Google Maps has an embedded a tool that creates URLs with the googl domain Vitaly Shmatikov of Cornell Tech and visiting researcher Martin Georgiev conducted an 18-month study in which they focused on OneDrive and Google Maps We did not perform a comprehensive scan of all short URLs as our analysis shows, such a scan would have been within the capabilities of a more powerful adversary , Shmatikov wrote in a blog post today, but we sampled enough to discover interesting information and draw important conclusions One of those conclusions was that Microsoft's OneDrive shortened URLs were entirely too easy to traverse IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/603894.shtmlhttp://www.secuobs.com/revue/news/603894.shtml 2016-04-13 09:27:10 - Slashdot Your Rights Online : An anonymous reader quotes a report from The Independent The European Commission is bringing forward plans to make major multinationals such as Google, Amazon and Facebook disclose exactly where and how much tax they pay across the continent The plan was expected to include rules requiring businesses earning more than 600 million euros a year nearly 700 USD to open up their tax affairs to public scrutiny, revealing their profits and accounts in every country in which they operate within the EU Since the Panama Papers, a new clause has reportedly been added to require the companies to say how much money they make in so-called tax havens A final, more general statement would reveal profits in the rest of the world, treated as a single item The plans will be presented by Britain's EU Commissioner, Lord Hill, who told the BBC This is a carefully thought through but ambitious proposal for more transparency on tax While our proposal on country-by-country reporting is not of course focused principally on the response to the Panama Papers, there is an important connection between our continuing work on tax transparency and tax havens that we are building into the proposal IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/603584.shtmlhttp://www.secuobs.com/revue/news/603584.shtml 2016-04-11 18:42:07 - Security Bloggers Network : Solutions Architects on the Performance Specialist Team at Akamai closely work on performance analytics, we do a lot of value confirmations for our customers we show how Akamai Web Performance Solutions benefit our customer's websites As part of our job, http://www.secuobs.com/revue/news/603453.shtmlhttp://www.secuobs.com/revue/news/603453.shtml 2016-04-11 14:11:08 - Help Net Security : A design decision by Google can be exploited by attackers to gain control of both devices needed to access users accounts protected via SMS-based 2-factor authentication This feature, which is considered a security flaw by the three researchers from VU University Amsterdam who discovered the potential problem, has still not been changed by Google, even though they have been notified of it in 2014 The researchers dubbed the vulnerability BAndroid Browser-to-Android If attackers have control More http://www.secuobs.com/revue/news/603414.shtmlhttp://www.secuobs.com/revue/news/603414.shtml 2016-04-11 11:11:34 - Slashdot Your Rights Online : totalcaos writes Attackers who control the browser on the PC of a user consuming Google services Gmail, Google etc can surreptitiously push and activate apps on the user's mobile device, bypassing SMS-based two-factor authentication 2FA via the phone How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication is a paper that explains the wider issues of phone-based 2FA Herbert Boss, professor of systems and security at Vrije Unversiteit Amsterdam, who co-authored the mobile security paper with the two PhD students, disclosed the vulnerability to Google but they still refuse to fix it IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/603394.shtmlhttp://www.secuobs.com/revue/news/603394.shtml 2016-04-08 15:31:36 - Security Bloggers Network : Ironically, these researchers managed to turn Google's giant image database against its own reCAPTCHA security system http://www.secuobs.com/revue/news/603259.shtmlhttp://www.secuobs.com/revue/news/603259.shtml 2016-04-07 16:55:00 - Security Bloggers Network : In an ongoing effort to share their knowledge and expertise, Google recently announced on its security blog that they have The post Google Vendor Security Review Tool Goes Open Source appeared first on Checkmarx http://www.secuobs.com/revue/news/603129.shtmlhttp://www.secuobs.com/revue/news/603129.shtml 2016-04-07 13:37:07 - Security Bloggers Network : Safe Browsing Alerts for Network Administrators is being upgraded with useful information for IT specialists http://www.secuobs.com/revue/news/603092.shtmlhttp://www.secuobs.com/revue/news/603092.shtml 2016-04-06 02:25:40 - Security Bloggers Network : Researchers have uncovered a new strain of advertising spyware in more than 100 Android apps downloadable from the official Google Play Store David Bisson reports http://www.secuobs.com/revue/news/602948.shtmlhttp://www.secuobs.com/revue/news/602948.shtml 2016-04-04 23:45:23 - Slashdot Your Rights Online : An anonymous reader writes A propaganda app developed by the Taliban was live on the Google Play store for two days before being removed, raising questions about Google's app review process, which includes a combination of human editors and algorithms According to a Taliban spokesperson speaking with Bloomberg, the app was part of our advanced technological efforts to make more global audience Its creation signaled how the group was expanding its use of technology to reach a wider audience When the app was first removed two days after it went live, the Taliban claimed it was due to technical issues In actuality, Google removed the app itself, as it was in violation of its policy that bans apps promoting hate speech, violence and illegal activities The app's publication is a high-profile example of a failure in Google's app review process, and one that raises questions about how thorough its human reviewers are with the apps they test The company announced last March that it had actually begun using algorithms along with an internal team of reviewers to analyze apps for policy violations prior to publishing It said apps would be reviewed by this team, hands-on, before the apps go live on Google Play Since Google relies heavily on its community of users and developers to flag apps for additional review, some apps are bound to fall through the cracks, leaving Google to reactively ban them instead of prohibit their publication in the first place It's fair to say Google's review process isn't perfect and could use some tweaking IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602835.shtmlhttp://www.secuobs.com/revue/news/602835.shtml 2016-04-01 15:18:46 - Global Security Mag Online : Les programmes malveillants ciblant Android et rapportant de l'argent à leurs auteurs grâce à la publicité qu'ils affichent deviennent de plus en plus répandus Les spécialistes de Doctor Web ont détecté un Trojan de ce type doté des fonctions de spyware et nommé AndroidSpy277origin dans plus de 100 applications sur Google Play La plupart des programmes dans lesquels est dissimulé AndroidSpy277origin représentent des fausses versions de logiciels populaires, dont le nom et l'apparence sont - Malwares http://www.secuobs.com/revue/news/602661.shtmlhttp://www.secuobs.com/revue/news/602661.shtml 2016-04-01 04:35:10 - Slashdot Your Rights Online : An anonymous reader writes Four years after the release of a groundbreaking study on the state of SSL TLS certificates in non-browser applications APIs to be exact , some programming languages fail to provide developers with the appropriate tools to validate certificates Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems According to the results, all tested programming languages PHP, Python, Go , in various configurations, failed to detect HTTPS connections that used revoked SSL TLS certificates This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library If the certificate was compromised and revoked by the owner, you will never know about it, noted Sucuri's Peter Kankowski IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602609.shtmlhttp://www.secuobs.com/revue/news/602609.shtml 2016-03-31 02:33:35 - Slashdot Your Rights Online : An anonymous reader writes The FBI has been citing a 1789 law, the All Writs Act, to compel Apple to assist the authorities in unlocking the iPhone 5c belonging to San Bernardino killer, Syed Farook The law allows for judges to issue orders for people or companies to do something despite Congress not passing laws to cover specific instances According to the Civil Liberties Union, the US government has cited the All Writs Act in 63 cases since 2008 to compel Apple or Google to assist in accessing data stored on an iPhone or Android device Most of the orders involved Apple To the extent we know about the underlying facts, these cases predominantly arise out of investigations into drug crimes, said Eliza Sweren-Becker, an ACLU attorney IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602488.shtmlhttp://www.secuobs.com/revue/news/602488.shtml 2016-03-30 23:37:16 - Slashdot Your Rights Online : An anonymous reader writes According to a report out of The Information, the No 2 US wireless carrier, ATT, is looking into partnering with Cyanogen because it thinks it could make a compelling Android-alternative smartphone for its customers In other words, ATT wants to use Cyanogen to help it load more bloatware on phones to help sell their other services, like DirecTV The Information's report suggests that ATT is snubbing Google by partnering with Cyanogen, because if the phone were to sell, it could put a damper on Google's continued attempts at making an Apple-like consistent experience across all Android Apparently, ATT is looking to partner with ZTE to manufacture the phone, though the US government issued trade sanctions on them just this month, with allegations that they had tried to illicitly re-export controlled items to Iran in violation of US export control laws IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602473.shtmlhttp://www.secuobs.com/revue/news/602473.shtml 2016-03-29 01:48:55 - Slashdot Your Rights Online : angry tapir quotes a report from Computerworld Oracle is seeking as much as 93 billion in damages in a long-running copyright lawsuit against Google over its use of Java in Android, court filings show Oracle sued Google six years ago, claiming the search giant needs a license to use parts of the Java platform in Google's market-leading mobile OS The two companies first went to trial in 2012, but the jury was split on whether or not Google's use of Java was protected by fair use Now they're headed back to the courtroom for a new trial scheduled to begin May 9, where Oracle's Larry Ellison and Google's Eric Schmidt will be present Currently, the sum Oracle is asking for is about 10 times as much as when the two companies went to trial in 2012 IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602232.shtmlhttp://www.secuobs.com/revue/news/602232.shtml 2016-03-28 17:36:40 - Slashdot Your Rights Online : An anonymous reader writes Citizens of mainland China unexpectedly found themselves with unfettered access to Google search late last night, commencing a golden age of censorship-free searching that lasted all of 105 minutes For the duration of the film Edward Scissorhands, lasting from 11 30pm on Sunday to 1 15am on Monday morning, Google's search -- but not other services like Gmail or YouTube -- was unblocked IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602201.shtmlhttp://www.secuobs.com/revue/news/602201.shtml 2016-03-25 22:31:11 - Slashdot Your Rights Online : An anonymous reader writes A demolition company has leveled the wrong housing duplex after one of its employees was misled by a Google Maps error Instead of bringing down a house destroyed by a tornado in Rowlett, Texas at 7601 Cousteau Drive, the wrecking crew demolished another home at 7601 and 7603 Calypso Drive, a block away Owners of the second house were waiting for their house to be repaired, since it didn't suffer major damages in the tornado The demolition company's CEO dismissed the incident as not a big deal The wrecking crew used Google Maps to find the house to demolish because they were brought in from a neighboring town, but failed to double-check with a neighbor before starting their work A Google engineer confirmed that Google Maps was showing the wrong information IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/602088.shtmlhttp://www.secuobs.com/revue/news/602088.shtml 2016-03-25 17:49:00 - TorrentFreak : In a new court filing Google strikes back at the MPAA, who want to keep their lead counsel from testifying at a deposition According to Google, the Hollywood group can't invoke its First Amendment privilege to keep its lobbying efforts secret in order to avoid scrutiny or embarrassment Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/602077.shtmlhttp://www.secuobs.com/revue/news/602077.shtml 2016-03-24 18:03:49 - Security Bloggers Network : Google has finally put together a more cohesive offering to bolster its Machine Learning platform read more http://www.secuobs.com/revue/news/601990.shtmlhttp://www.secuobs.com/revue/news/601990.shtml 2016-03-24 17:22:28 - TorrentFreak : In its ongoing efforts to have pirated content removed from the Internet, the BPI is about to hit a new milestone This week the music industry group will report its 200 millionth URL to Google Although the takedown notices are processed swiftly, the music industry group believes urgent reform is needed to properly address the piracy problem Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/601978.shtmlhttp://www.secuobs.com/revue/news/601978.shtml 2016-03-24 04:28:42 - Slashdot Your Rights Online : An anonymous reader quotes a report from TechCrunch Google is planning to compete with Nuance and other voice recognition companies head on by opening up its speech recognition API to third-party developers To attract developers, the app will be free at launch with pricing to be introduced at a later date The company formally announced the service today during its NEXT cloud user conference, where it also unveiled a raft of other machine learning developments and updates, most significantly a new machine learning platform The Google Cloud Speech API, which will cover over 80 languages and will work with any application in real-time streaming or batch mode, will offer full set of APIs for applications to see, hear and translate, Google says It is based on the same neural network tech that powers Google's voice search in the Google app and voice typing in Google's Keyboard Google's move will have a large impact on the industry as a whole -- and particularly on Nuance, the company long thought of as offering the best voice recognition capabilities in the business, and most certainly the biggest offering such services IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/601912.shtmlhttp://www.secuobs.com/revue/news/601912.shtml 2016-03-24 02:23:50 - Security Bloggers Network : Today Google announced the availability of Stackdriver a service and tool for keeping an eye on your applications as they run in Amazon Web and Google Cloud Services The company was began in 2012 and was acquired by Google in 2014 read more http://www.secuobs.com/revue/news/601902.shtmlhttp://www.secuobs.com/revue/news/601902.shtml 2016-03-23 14:08:57 - SecurityTube.Net : Software is the platypus of the legal world a beast that would be fantastical if you hadn't seen it for yourself It's part copyright, part patent, part trade secret The result is an ungainly patchwork of protection and, hence, restrictions that covers some aspects too well, others not at all, and generally just seems ill-suited for the creative functionality of software Messy areas of the law also tend to be the most expensive, so courts don't often have to wade too deeply into the protection of software But when Oracle sued Google over the use of Java APIs in the Android operating system, we had two well-heeled and highly motivated parties willing to fight for the soul of something that a lot of people cared around In this talk, I'll explain what really went down in Oracle v Google, dispelling several myths along the way speculate about what it means for the protection of and restrictions on software and wonder aloud about how the law could do a better job dealing with software The legal problems and challenges presented by software, hardware, e-commerce, social media and the Internet have long engaged Aaron Sanders founder Rick Sanders' interest Rick's first two cases of his career in Silicon Valley in 2001 involved the business and technology of making music available over the Internet Rick was hooked on intellectual property IP and especially the Internet He graduated from Vanderbilt University Law School in 2000 into the midst of the dot-com boom and bust His practice started with a well-known Silicon Valley law firm in 2000, and his first two cases involved downloading music over the Internet Since then, he has handled matters involving VOIP telephony, encryption software, online bidding systems and a certain hit song As you might expect, Rick writes and speaks frequently about intellectual-property, internet and free-expression issues A list of his more significant articles and speaking engagements may be found in his curriculum vitae PhreakNIC is a technology conference held annually in Middle Tennessee PhreakNIC started as an infosec hacker convention but has expanded over the years to include the maker scene, ham radio, DIY engineering, space and science nerds, the skeptics community, electronic and experimental music, gamers, anime, and general geekery For More Information Please Visit - http archivephreaknicinfo pn19 http://www.secuobs.com/revue/news/601824.shtmlhttp://www.secuobs.com/revue/news/601824.shtml 2016-03-22 18:48:12 - TorrentFreak : Millions of users of Android and iOS devices are using Google Now, the personal digital assistant that can respond to questions and offer intelligent recommendations Surprisingly, however, Google Now recently noted a user's interest in Deadpool and served up a Card linking to a torrent site offering it for download Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/601748.shtmlhttp://www.secuobs.com/revue/news/601748.shtml 2016-03-22 13:43:43 - LinuxSecurity.com Latest News : LinuxSecuritycom Google has announced the release of security software BinDiff for free In a blog post on Monday, Google software engineer Christian Blichmann said the software, a creation of zynamics -- which was acquired by Google in 2011 -- is now a free addition for security researcher toolkits http://www.secuobs.com/revue/news/601711.shtmlhttp://www.secuobs.com/revue/news/601711.shtml 2016-03-21 19:36:23 - Slashdot Your Rights Online : An anonymous reader writes A group of independent security researchers and major Silicon Valley tech giants have submitted a proposal for a new email protocol called SMTP STS Strict Transport Security In theory, this new extension looks like the HSTS HTTP Strict Transport Security extension to HTTPS Much like HSTS, SMTP STS brings message confidentiality and server authenticity to the process of starting an encrypted email communications channel The new protocol also works with HTTPS to avoid SSL TLS downgrades and MitM attacks The biggest names on the contributors list include Microsoft, Google, Yahoo, LinkedIn, and Comcast Last year, Oracle also submitted a similar proposal called DEEP Deployable Enhanced Email Privacy IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/601648.shtmlhttp://www.secuobs.com/revue/news/601648.shtml 2016-03-21 10:21:23 - Help Net Security : In case you missed it, Google announced on Friday that BinDiff, a comparison tool for binary files, can now be downloaded for free The tool is used to spot differences and similarities in disassembled code, and is helpful for identifying and isolating fixes for vulnerabilities in vendor-supplied patches, preventing duplicate analyses of files, retaining knowledge across teams of binary analysts where the individual workflows might vary from analyst to analyst At Google, the BinDiff core More http://www.secuobs.com/revue/news/601582.shtmlhttp://www.secuobs.com/revue/news/601582.shtml 2016-03-20 16:03:17 - Security Bloggers Network : If you don't enable two-step verification on your Google account, you might be making it easier for hackers to break in David Bisson's step-by-step guide explains how to enable the feature and better protect your account http://www.secuobs.com/revue/news/601549.shtmlhttp://www.secuobs.com/revue/news/601549.shtml 2016-03-18 11:46:27 - Advanced Password Cracking Insight : The recent update to one of our oldest tools, Elcomsoft System Recovery, brought long-overdue compatibility with Windows systems that sign in with online authentication via Microsoft Account While the tool can reset Microsoft Account passwords to allow instant logins to otherwise locked accounts, this is not the point The point is that we have finally http://www.secuobs.com/revue/news/601400.shtmlhttp://www.secuobs.com/revue/news/601400.shtml 2016-03-18 02:02:37 - CNIS mag : Déposer quelques amicus brief pour soutenir Apple face au FBI, c était bien Mais offrir un outil équivalent à ses propres usagers, c est mieux, viennent de réaliser subitement trois acteurs majeurs du monde Internet Une prise de conscience brutale que nous révèle un article du Guardian, malgré les liens plutôt resserrés qu entretiennent http://www.secuobs.com/revue/news/601374.shtmlhttp://www.secuobs.com/revue/news/601374.shtml 2016-03-17 23:14:15 - Slashdot Your Rights Online : An anonymous reader writes Alphabet's Google has quietly scored a major coup in its campaign to become an enterprise cloud computing powerhouse, landing Apple as a customer for the Google Cloud Platform, multiple sources with knowledge of the matter told CRN this week Previously, Apple had acknowledge using Amazon Web Services AWS and Microsoft Azure's rival cloud computing platforms in addition to its own data centers None of the services would have access to iCloud users' records The iCloud information is not at risk of being breached or otherwise observed by the ultimate owners of the platforms it resides on because of the very heavy encryption and partitioning technologies used, commended Chris Green, a tech expert at the consultancy Lewis CRN has mentioned the agreement between the two companies was done late last year IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/601360.shtmlhttp://www.secuobs.com/revue/news/601360.shtml 2016-03-17 15:30:17 - Security Bloggers Network : He phished and raided the accounts, but prosecutors couldn't find evidence that Ryan Collins, of Pennsylvania, had shared his spoils http://www.secuobs.com/revue/news/601326.shtmlhttp://www.secuobs.com/revue/news/601326.shtml 2016-03-16 20:17:15 - Slashdot Your Rights Online : alphadogg writes HTTPS is widely considered one of the keys to a safer Internet, but only if it's broadly implemented Aiming to shed some light on how much progress has been made so far, Google on Tuesday launched a new section of its transparency report dedicated to encryption Included in the new section is data highlighting the progress of encryption efforts both at Google and on popular third-party sites Our aim with this project is to hold ourselves accountable and encourage others to encrypt so we can make the Web even safer for everyone, wrote HTTPS evangelists Rutledge Chin Feman and Tim Willis on the Google Security Blog IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/601239.shtmlhttp://www.secuobs.com/revue/news/601239.shtml 2016-03-16 15:31:53 - Security Bloggers Network : Google had 0 successful submissions, so it doubled the bounty Get rich or hack trying, Google says, your fingers still twitching away http://www.secuobs.com/revue/news/601203.shtmlhttp://www.secuobs.com/revue/news/601203.shtml 2016-03-16 15:31:22 - Help Net Security : Google has added a new section to its Transparency Report, which will allow users to keep an eye on Google s use of HTTPS, and HTTPS use of the top 100 non-Google sites on the Internet HTTPS is an encrypted HTTP connection, Google explained for those who still don t know HTTPS relies on encryption SSL or TLS to secure the connection These web connections protect against eavesdroppers, man-in-the-middle attacks, and hijackers who attempt to spoof a trusted website More http://www.secuobs.com/revue/news/601197.shtmlhttp://www.secuobs.com/revue/news/601197.shtml 2016-03-15 08:56:21 - Help Net Security : Google has announced that it is testing its new payment app, Hands Free, which as the name suggests allows users to make payments without the need to use their hands, mobile device or wallets Relying on Wi-Fi, Bluetooth and location services to determine whether you re near a participating retailer, users would be able to pay for goods by simply uttering I ll pay with Google The cashier will then confirm the users identity by checking the More http://www.secuobs.com/revue/news/601049.shtmlhttp://www.secuobs.com/revue/news/601049.shtml 2016-03-15 08:38:58 - Global Security Mag Online : Alors que la Commission européenne mène actuellement une enquête sur les pratiques anti-trust du géant Google, ce dernier récidive en proposant un nouveau service Google Destination Après Google Shopping , le moteur de recherche lance un nouveau comparateur de prix, cette fois dans le domaine du voyage Google Destinations permet d'afficher en tête de page une suggestion de voyages Ainsi sont proposés les dates, les prix des billets d'avion et d'hébergement, pour une destination donnée - Risk Management http://www.secuobs.com/revue/news/601046.shtmlhttp://www.secuobs.com/revue/news/601046.shtml 2016-03-14 19:49:34 - Slashdot Your Rights Online : An anonymous reader shares a development on Google's ongoing battle with Russian regulators Google suffered a major blow in Russia on Monday, after the Moscow Arbitration court sided with an earlier ruling that Google had violated the country's anti-trust rules by having its apps and services bundled on Android smartphones Yandex, a Russia-based search engine, last year sued Google over anti-competitive practices, saying that Google was abusing its dominant position in the market to hurt competition In response, Google had noted that Android, which roughly owns 80 percent of the market, is a free and open source operating system At the time, the Russian Federal Anti-Monopoly Service FAS ruled that Android users must not be catered with Google's homegrown apps and services The Moscow's Arbitration Court ruling said on Monday that it fully supports the earlier FAS decision According to an Ars Technica report, Google will now be required to change its business practices with smartphone makers in Russia, or else face a fine if it fails to adhere to the ruling IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/601024.shtmlhttp://www.secuobs.com/revue/news/601024.shtml 2016-03-14 18:37:32 - Slashdot Your Rights Online : An anonymous reader writes Tech giants including Google, Facebook, Whatsapp and Snapchat are looking to increase the privacy of user data by expanding their encryption features The recent reports mark growing industry support for Apple in its fight to not allow authorities backdoor access into users' devices Facebook has suggested that it is increasing privacy of its Messenger service, while its instant messaging app Whatsapp also confirmed that it would be extending its encryption offering to secure voice calls Others reportedly joining the industry shift include Snapchat, which is working on securing its messaging service, and search heavyweight Google, which is currently developing an encrypted email project From The Guardian's substantially similar story from which the above-linked article draws WhatsApp has been rolling out strong encryption to portions of its users since 2014, making it increasingly difficult for authorities to tap the serviceâ TM s messages The issue is personal for founder Jan Koum, who was born in Soviet-era Ukraine When Apple CEO Tim Cook announced in February that his company would fight the government in court, Koum posted on his Facebook account âoeOur freedom and our liberty are at stakeâ His efforts to go further still are striking as the app is in open confrontation with governments Brazil authorities arrested a Facebook executive on 1 March after WhatsApp told investigators it lacked the technical ability to provide the messages of drug traffickers Facebook called the arrest âoeextreme and disproportionateâ The sooner, the better on this front as TechDirt points out, WhatsApp may be next on the list of communication tools to which the US government would like to give the Apple Treatment IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/601020.shtmlhttp://www.secuobs.com/revue/news/601020.shtml 2016-03-13 03:30:06 - Slashdot Your Rights Online : An anonymous reader writes Bitcoin exchange portal Bitstamp is warning users of a Google Chrome extension that steals their Bitcoin when making a transfer According to Bitstamp, this extension contains malicious code that is redirecting payments to its own Bitcoin address Bitcoin web app developer Devon Weller confirmed Bitstamp's findings, saying that the extension was secretly replacing Bitcoin QR codes with its own The extension's name is BitcoinWisdom Ads Remover and is still available on the Google Chrome Web Store In July 2015, many users reported having similar issues with the same extension IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/600912.shtmlhttp://www.secuobs.com/revue/news/600912.shtml 2016-03-11 16:54:14 - TorrentFreak : Hoping to find out more about the collaboration between the MPAA and Mississippi State Attorney General Jim Hood, Google recently requested a deposition of MPAA lead counsel Steve Fabrizio This week the Hollywood group told the court that the request goes too far, claiming that Google is using the legal process to uncover its anti-piracy strategies Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/600840.shtmlhttp://www.secuobs.com/revue/news/600840.shtml 2016-03-10 14:44:27 - LinuxSecurity.com Latest News : LinuxSecuritycom Today we feature a story about Weilin, a Google Summer of Code student turned PhD candidate The 12th instance of Google Summer of Code is just around the corner Visit our new program website at http gco gsoc for more information about how you can get involved http://www.secuobs.com/revue/news/600732.shtmlhttp://www.secuobs.com/revue/news/600732.shtml 2016-03-10 14:23:18 - Security Bloggers Network : After Watson conquered the Jeopardy game show in 2011, one human game still stood strong against AI Go But today, Go is Going, Going http://www.secuobs.com/revue/news/600730.shtmlhttp://www.secuobs.com/revue/news/600730.shtml 2016-03-10 13:20:42 - Security Bloggers Network : Google's latest Chrome update patches critical issues resulting in cash rewards for researchers http://www.secuobs.com/revue/news/600724.shtmlhttp://www.secuobs.com/revue/news/600724.shtml 2016-03-10 13:20:42 - Security Bloggers Network : The question is Who is liable http://www.secuobs.com/revue/news/600723.shtmlhttp://www.secuobs.com/revue/news/600723.shtml 2016-03-09 22:31:22 - Hackaday : We wake up this morning to the news that Google s deep-search neural network project called AlphaGo has beaten the second ranked world Go master who happens to be a human being This is the first of five matches between the two adversaries that will play out this week On one hand, this is a sign of maturing technology It has been almost twenty years since Deep Blue beat Gary Kasparov, the reigning chess world champion at the time Although there are still four games to play against Lee Sedol, it was recently reported that AlphaGo beat European Go champion Fan read more http://www.secuobs.com/revue/news/600636.shtmlhttp://www.secuobs.com/revue/news/600636.shtml 2016-03-09 15:24:53 - Security Bloggers Network : Google has patched three security issues in Chrome 49, the most recent version of its popular web browser On Tuesday, the United States Computer Emergency Readiness Team US-CERT released a bulletin announcing the tech giant s latest round of patches Google has released Chrome version 490262387 to address multiple vulnerabilities for Windows, Mac, and Linux, the Read More The post Google Releases Security Update for Chrome 49 appeared first on The State of Security IMAGE http://www.secuobs.com/revue/news/600590.shtmlhttp://www.secuobs.com/revue/news/600590.shtml 2016-03-08 19:01:22 - Security Bloggers Network : Google Chromebooks are clearly on the radar screens of IT organizations and are poised to potentially disrupt the entrenched platforms end-users have relied upon to do their jobs for years The simplicity and economics of the Google portfolio can make http://www.secuobs.com/revue/news/600499.shtmlhttp://www.secuobs.com/revue/news/600499.shtml 2016-03-08 14:14:39 - Help Net Security : In the March 2016 security update for the Android Open Source Project AOSP , Google has fixed 19 security issues, seven of which are considered to be critical Among these, and admittedly the most important to patch, are two remote code execution vulnerabilities in yes, you ve guessed it Mediaserver Mediaserver is a service in Android that allows the device to index media files that are located on it The vulnerabilities in question CVE-2016-0815, CVE-2016-0816 More http://www.secuobs.com/revue/news/600459.shtmlhttp://www.secuobs.com/revue/news/600459.shtml 2016-03-08 11:40:56 - Help Net Security : Google has open sourced its Vendor Security Assessment Questionnaire VSAQ Framework with the hope that other companies and developers could use it to improve their vendor security programs and or posture VSAQ is an interactive questionnaire application Its initial purpose was to support security reviews by facilitating not only the collection of information, but also the redisplay of collected data in templated form, the company explained At Google, questionnaires like the ones in this repository are More http://www.secuobs.com/revue/news/600446.shtmlhttp://www.secuobs.com/revue/news/600446.shtml 2016-03-08 11:03:37 - Security Bloggers Network : Without an established framework and standards, judging a vendor's security can be a tough task http://www.secuobs.com/revue/news/600443.shtmlhttp://www.secuobs.com/revue/news/600443.shtml 2016-03-07 07:03:45 - Hackaday : A few summers ago, Google and IEEE announced a one million dollar prize to build the most efficient and compact DC to AC inverter It was called the Little Box Challenge, with the goal of a 2kW inverter with a power density greater than 50 Watts per cubic inch To put this goal into perspective, the DC inverter that would plug into a cigarette lighter in your car has a power density of about 1 or 2 Watts per cubic inch Very expensive inverters meant for solar installations have a power density of about 5 Watts per cubic inch This read more http://www.secuobs.com/revue/news/600316.shtmlhttp://www.secuobs.com/revue/news/600316.shtml 2016-03-06 12:00:55 - TorrentFreak : Copyright holders are continuing to increase the number of pirate links they want Google to remove from its search results, which have now reached a record-breaking 100,000 reported URLs per hour This remarkable milestone is more than double the number of pirated links that were reported around the same time last year Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/600282.shtmlhttp://www.secuobs.com/revue/news/600282.shtml 2016-03-03 19:45:55 - Help Net Security : Trend Micro announced the expansion of its Cloud App Security at the RSA Conference Cloud App Security enhances cloud file sharing and collaboration services and Microsoft Office 365 with advanced threat protection and compliance controls, using standard published vendors APIs Since it started operating last July, it has protected Office 365 users from 500,000 malicious files and URLs The solution now enforces compliance and keeps malware out of cloud services on Box, Dropbox, and Google More http://www.secuobs.com/revue/news/600085.shtmlhttp://www.secuobs.com/revue/news/600085.shtml 2016-03-03 18:38:18 - The Tor Blog blogs : Interested in coding on Tor and getting paid for it by Google If you are a student, we have good news for you we have been accepted as a mentoring organization for Google Summer of Code 2016 Here's the facts GSoC gives you the opportunity to work on your own Tor-related coding project with one of the Tor developers as your mentor Your mentor will help you when you're stuck and guide you in becoming part of the Tor community Google pays you 5,500 USD for the three months of your project, so that you can focus on coding and don't have to worry about how to pay your bills Did we catch your attention These are your next steps Go look at the Google Summer of Code FAQ to make sure you are eligible to participate Have a look at our ideas list to see if one of those projects matches your interests If there is no project on that list that you'd want to work on, read the documentation on our website and make up your own Come to the tor-dev list or tor-dev on OFTC and let us know about your project idea Communication is essential to success in the summer of code, and we're unlikely to accept students we haven't heard from before reading their application So really, come to the list or IRC channel and talk to us Finally, write down your project idea using our template and submit your application to Google before March 25th We are looking forward to discussing your project idea with you http://www.secuobs.com/revue/news/600079.shtmlhttp://www.secuobs.com/revue/news/600079.shtml 2016-03-02 22:08:41 - Hackaday : You can find the funniest things in public government documents There s always ample evidence your local congress critter is working against the interests of their constituency, nation, and industry controlled by the commission they re chairperson of Rarely, though, do you find something surprising, and rarer still does it portend some sort of experiments conducted by Google at a spaceport in New Mexico In a publication released last week, Google asked the FCC to treat some information relating to radio experiments as confidential These experiments involve highly directional and therefore high power transmissions at 25 GHz, 58GHz, 24GHz, 71-76GHz, and 81-86GHz These read more http://www.secuobs.com/revue/news/599947.shtmlhttp://www.secuobs.com/revue/news/599947.shtml 2016-03-01 12:24:07 - Help Net Security : A few months ago, Google provided a data loss prevention DLP solution for Gmail to Google Apps Unlimited Customers The solution allows administrators to set up scanning of outbound emails and attachments in them and to quarantine, reject or modify them if sensitive data is being sent out On Monday, Google VP for security and privacy engineering Gerhard Eschelbeck announced that they have added new features to the solution Because sensitive information can reside not More http://www.secuobs.com/revue/news/599755.shtmlhttp://www.secuobs.com/revue/news/599755.shtml 2016-02-27 22:19:52 - Secure Thoughts : China has one of the strictest standards for internet censorship in the world This country has become known for blocking everything from Facebook to Skype, and in fact, any direct form of online communication is heavily restricted China even has their own version of Skype, which is under intense scrutiny The post How to Unblock Gmail and Other Google Apps in China appeared first on Secure Thoughts http://www.secuobs.com/revue/news/599570.shtmlhttp://www.secuobs.com/revue/news/599570.shtml 2016-02-26 18:21:54 - Slashdot Your Rights Online : An anonymous reader writes In a little over seven months, cybercriminals using click-jacking mobile malware to earn affiliate income have managed to push over 340 instances of the malware into Google Play The Porn Clicker, as ESET researchers have dubbed the threat, does not steal user information or download additional malware it simply clicks on ads generated by the attackers' servers and shown on pornographic websites The user is none the wiser, as the malicious app does so covertly IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/599506.shtmlhttp://www.secuobs.com/revue/news/599506.shtml 2016-02-26 16:10:29 - Slashdot Your Rights Online : An anonymous reader writes Louisville was one of the cities identified in 2015 as a potential Google fiber location Since then, Louisville has completed the pre-work Google requires and, most recently, unamiously passed an ordinance to remove legacy bureaucratic speed bumps to installing fiber on existing utility poles This applies to any telco wanting to add infrastructure, so that's good, right Well, not according to AT T They are suing the city to block this ordinance and prohibit the city from using its infrastructure as it sees fit to provide better broadband to its citizens IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/599495.shtmlhttp://www.secuobs.com/revue/news/599495.shtml 2016-02-26 11:38:05 - Global Security Mag Online : TGI de Paris 29 janvier 2016, Sarl Un Amour de Tapis v WW E-Services France Les acteurs de l'économie numérique ont très vite compris que le choix d'une marque pertinente était un critère décisif de la compétitivité et de la performance de leur site e-commerce La course à la créativité est donc lancée afin de disposer d'un nom de marque ou de domaine qui soit à la fois original et captif de l'attention du client internaute Les enjeux commerciaux y sont importants si l'on considère, comme il est souvent - Risk Management http://www.secuobs.com/revue/news/599465.shtmlhttp://www.secuobs.com/revue/news/599465.shtml 2016-02-26 08:40:04 - Help Net Security : In a little over seven months, cybercriminals using click-jacking mobile malware to earn affiliate income have managed to push over 340 instances of the malware into Google Play The Porn Clicker, as ESET researchers have dubbed the threat, does not steal user information or download additional malware it simply clicks on ads generated by the attackers servers and shown on pornographic websites The user is none the wiser, as the malicious app does so More http://www.secuobs.com/revue/news/599452.shtmlhttp://www.secuobs.com/revue/news/599452.shtml 2016-02-26 01:55:33 - Slashdot Your Rights Online : An anonymous reader writes Google plans to follow Microsoft in throwing its legal support behind Apple in its increasingly contentious dispute with the federal government around the iPhone connected with the San Bernardino terror attacks, according to sources At a congressional hearing on Thursday, Microsoft's legal chief, Brad Smith, said that the company plans to file an amicus brief next week in support of Apple's resistance to helping the FBI hack the phone Google will deliver its own supporting brief 'soon,' according to sources familiar with the company IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/599421.shtmlhttp://www.secuobs.com/revue/news/599421.shtml 2016-02-26 01:16:31 - Slashdot Your Rights Online : An anonymous reader writes Google's London-based AI group DeepMind has launched DeepMind Health, teaming up with the NHS to work on its first project The neuroscience-inspired company, bought by Google in 2014, said of the collaboration We want to see the NHS thrive, and to ensure that its talented clinicians get the tools and support they need to continue providing world-class care In its first initiative alongside kidney experts at London's Royal Free Hospital, DeepMind Health has introduced a mobile app called Streams The software is designed to support the provision of critical information to doctors and nurses in order to help detect the presence of acute kidney injuries AKI To support the development of the Streams app, the AI group has also acquired clinical task management app company Hark IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/599420.shtmlhttp://www.secuobs.com/revue/news/599420.shtml 2016-02-25 16:27:45 - Help Net Security : Google ie Alphabet has created a free DDoS protection service to help independent news sites, sites focused on human rights and on election monitoring withstand DDoS attacks, which have become a very modern form of censorship Called Project Shield, the service was launched in 2013, and has been in the testing phase until this Wednesday Now, administrators of any of the aforementioned types of sites, and independently of the side of a political dialogue they More http://www.secuobs.com/revue/news/599382.shtmlhttp://www.secuobs.com/revue/news/599382.shtml 2016-02-25 15:07:26 - Security Bloggers Network : If malware on your Android phone doesn't steal any of your information, doesn't spy upon your activities, doesn't infect any of your files, and remains invisible can we still consider it a bad thing The answer, of course, is yes Read more in my a http://www.secuobs.com/revue/news/599363.shtmlhttp://www.secuobs.com/revue/news/599363.shtml 2016-02-24 22:16:20 - Slashdot Your Rights Online : An anonymous reader writes According to a Reuters insider, France is seeking 16 billion euros in back taxes from Google, dwarfing what the United Kingdom recently agreed to pay France apparently has no interest in striking the same 'sweetheart tax' deal that put the UK into a critical light when it revealed that the search giant would pay only 130 million pounds of tax, a 18118 million settlement, for over 10 years in multi-billion dollar trade in the UK IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/599288.shtmlhttp://www.secuobs.com/revue/news/599288.shtml 2016-02-23 17:31:59 - Global Security Mag Online : Red Hat annonce l'extension de son alliance avec Google pour rendre Red Hat Gluster Storage disponible sur Google Cloud Platform Red Hat Gluster Storage est une solution scale-out sur le modèle shared-nothing Elle est maintenant disponible pour les utilisateurs de Google Cloud Platform qui recherchent une solution robuste et élastique pour stocker leurs fichiers en environnements de cloud public et hybride Red Hat Gluster Storage déployé sur Google Cloud Platform permet aux clients de - Produits http://www.secuobs.com/revue/news/599153.shtmlhttp://www.secuobs.com/revue/news/599153.shtml 2016-02-23 15:53:48 - Security Bloggers Network : Trojan clicker servers Google Play information Package names of trojan clickers found on the infected servers The post Android porn clicker on Google Play Appendix appeared first on We Live Security http://www.secuobs.com/revue/news/599141.shtmlhttp://www.secuobs.com/revue/news/599141.shtml 2016-02-23 10:16:42 - Help Net Security : The Acecard malware is capable of attacking users of nearly 50 different online financial applications and services and is able to bypass Google Play store security measures, according to Kaspersky Lab During the third quarter of 2015, Kaspersky Lab experts detected an unusual increase in the number of mobile banking attacks in Australia The suspicious activity was discovered to be the result of a single banking Trojan Acecard Acecard mobile banking Trojan family The Acecard More http://www.secuobs.com/revue/news/599064.shtmlhttp://www.secuobs.com/revue/news/599064.shtml 2016-02-22 17:56:20 - Slashdot Your Rights Online : itwbennett writes It only takes one day of online credentials being available on the Dark Web before login attempts will start, according to security company Bitglass, which set up a simulation using fake credentials for a Google Drive account, complete with real credit card details, fake corporate data and personal data, according to Bitglass' report Bitglass said there were three attempted logins to Google Drive in the first day and five attempted logins to the fake bank site Within two days, files were downloaded from the Google Drive account IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/599006.shtmlhttp://www.secuobs.com/revue/news/599006.shtml 2016-02-20 19:24:24 - Security Bloggers Network : We are facing a big problem, one that's hidden behind the more prominent issues of cybercrime, encryption wars, and vulnerability disclosure It's endemic to our digital infrastructure, and it's going to get worse over time And it's so complex that I' http://www.secuobs.com/revue/news/598890.shtmlhttp://www.secuobs.com/revue/news/598890.shtml 2016-02-19 13:26:38 - Security Bloggers Network : In the hours following Apple's letter about how it can't comply with a court order to decrypt a terrorist's phone, tech companies have lined up in support http://www.secuobs.com/revue/news/598783.shtmlhttp://www.secuobs.com/revue/news/598783.shtml 2016-02-19 04:47:41 - Security Bloggers Network : Google's top executive is standing with Apple for refusing to comply with a court order that would require it to create an iOS backdoor in order to assist with an ongoing federal investigation into last year's San Bernardino shooting David Bisson repo http://www.secuobs.com/revue/news/598747.shtmlhttp://www.secuobs.com/revue/news/598747.shtml 2016-02-18 16:10:47 - Global Security Mag Online : Oberthur Technologies OT annonce apporter son support à la commercialisation internationale d'Android Pay, avec un premier lancement planifié en Australie en 2016 Android Pay permettra aux détenteurs de n'importe quel appareil Android disposant de la technologie NFC Android KitKat 44 d'effectuer des paiements sans contact Grâce à sa plateforme de déploiement pour les paiements digitaux, OT permettra aux institutions financières de proposer ce nouveau service à leurs clients, en - Business http://www.secuobs.com/revue/news/598669.shtmlhttp://www.secuobs.com/revue/news/598669.shtml 2016-02-18 08:06:34 - SecurityTube.Net : Shawn Edwards, Sean Hopkins What data about you is really recorded And what is at risk if a hacker gains control of the systems used to collect it As it turns out in the case of your Google account, pretty much everything For More Information Please Visit - https wwwbsideshuntsvilleorg http wwwirongeekcom iphp page videos bsideshuntsville2016 mainlist http://www.secuobs.com/revue/news/598622.shtmlhttp://www.secuobs.com/revue/news/598622.shtml 2016-02-18 03:57:28 - Slashdot Your Rights Online : An anonymous reader writes After Tim Cook's eloquent letter explaining why Apple wouldn't help the FBI get encrypted data from the San Bernardino shooter's iPhone, the internet looked to Google to take a similar stand Now Google CEO Sundar Pichai has posted five tweets that seem to show he agrees with Cook Edward Snowden had previously suggested that Google's silence meant Google had picked a side, but it's not the public's IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/598604.shtmlhttp://www.secuobs.com/revue/news/598604.shtml 2016-02-17 23:33:56 - Slashdot Your Rights Online : An anonymous reader writes Edward Snowden, the most famous whistle blower in the world, is calling for Google to side with Apple and against the FBI in the most important tech case in a decade On Tuesday, the FBI asked Apple to help it crack the password on an iPhone belonging to a shooter in the high profile San Bernardino case Apple CEO Tim Cook quickly responded with a public letter denying the request, calling it an unprecedented step which threatens the security of our customers Google creates Android, the most-used mobile operating system for smartphones in the world Google has been nowhere near as firm as Apple about its stance on un-compromised encryption - Android is famously an open sourced platform that anyone can modify Snowden issued his message in a tweet IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/598583.shtmlhttp://www.secuobs.com/revue/news/598583.shtml 2016-02-17 20:10:00 - Security Bloggers Network : A critical vulnerability has been discovered in the Linux GNU C Library glibc that could potentially allow attackers to execute code on servers and gain remote control of Linux machines, applications and devices Researchers at Google and Red Hat uncovered the flaw independently and collaborated to deliver a patch, which has been made available Google Read More The post Google, Red Hat Release Patch for Critical glibc Vulnerability CVE-2015-7547 appeared first on The State of Security IMAGE http://www.secuobs.com/revue/news/598573.shtmlhttp://www.secuobs.com/revue/news/598573.shtml 2016-02-16 15:21:36 - LinuxSecurity.com Latest News : LinuxSecuritycom A significant number of board level executives still have such a poor grasp on cyber security issues that it threatens to put whole organisations at risk from data breaches http://www.secuobs.com/revue/news/598419.shtmlhttp://www.secuobs.com/revue/news/598419.shtml 2016-02-12 15:55:55 - Security Bloggers Network : Right to be forgotten material will no longer show up when somebody in France hops off Google's fr domain, for example http://www.secuobs.com/revue/news/598166.shtmlhttp://www.secuobs.com/revue/news/598166.shtml 2016-02-11 15:28:55 - Slashdot Your Rights Online : An anonymous reader writes Google has confirmed that it will be updating its 'right to be forgotten' so that any hidden content under the ruling is removed from all versions of its search engine in countries where it has been approved Until now Google had only been removing results from the originating country and European versions of its search engine, such as googlecouk and googlede The EU had previously asked for an extension of the rule to include all versions of Google Last year, French data protection authority CNIL threatened the tech giant with a sanction should it not remove data from all of its global platforms such as googlecom in addition to its European sites Now, Google's new extension of the 'right to be forgotten' is expected to come into force over the next few weeks IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/598037.shtmlhttp://www.secuobs.com/revue/news/598037.shtml 2016-02-11 15:21:08 - Security Bloggers Network : Google has announced that it will stop displaying ads that use Adobe Flash on websites beginning in January 2017 On Tuesday, Google made its plan public in a post on Google To enhance the browsing experience for more people on more devices, the Google Display Network and DoubleClick Digital Marketing are now going 100pourcents HTML5, Read More The post Google to Stop Displaying Flash Ads on Websites in 2017 appeared first on The State of Security IMAGE http://www.secuobs.com/revue/news/598036.shtmlhttp://www.secuobs.com/revue/news/598036.shtml 2016-02-11 12:27:18 - Security Bloggers Network : Adobe Flash's long lingering death scene is one step closer to its end http://www.secuobs.com/revue/news/598016.shtmlhttp://www.secuobs.com/revue/news/598016.shtml 2016-02-09 18:38:58 - Slashdot Your Rights Online : An anonymous reader writes A week ago, Google suddenly removed Adblock Fast from its Android app store Today, the ad blocker has been reinstated, enabling Samsung users to download it once again from Google Play Late last month, the browser preinstalled on Samsung's Android phones gained support for content-blocking plugins, and the first plugin to support the functionality was a free and open-source solution called Adblock Fast Rocketship Apps, the maker of Adblock Fast, uploaded the Android plugin on January 29, but Google rejected an app update on February 1 The app hit Google Play's top spot for free, new productivity apps on February 2, and was pulled by Google on the same day IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/597785.shtmlhttp://www.secuobs.com/revue/news/597785.shtml 2016-02-06 18:33:09 - Dinis Cruz Blog : During one of the recent Application Security training courses I delivered recently, one interesting example I gave during a section on Our dependencies on Technologies and Frameworks that we don't fully understand was the concept of how much of a threat to the UK economy is Google For example if Twitter or Facebook were not available from the UK, I don't think the impact would be significant But if Google and all its services search, mail, calendar, maps, geolocation, docs, spreadsheets, contacts, Google ID was suddenly not available, I bet that there would be a significant disruption to a LOT of individuals, business and government agencies There is a lot of talk in the UK about the Geopolitical threat of Russia and its control on natural resources used by the UK , but I'm pretty sure Google can do more damage Of course that it would be economical business suicidal for Google to do such a thing, but that doesn't make it less real or dangerous http://www.secuobs.com/revue/news/597560.shtmlhttp://www.secuobs.com/revue/news/597560.shtml 2016-02-04 19:15:42 - Security Bloggers Network : Google has announced that its is extending its Safe Browsing protection to shield you from a threat often used by scammers and malicious hackers deceptive download buttons Read more in my article on the Hot for Security blog http://www.secuobs.com/revue/news/597403.shtmlhttp://www.secuobs.com/revue/news/597403.shtml 2016-02-04 17:05:47 - Security Bloggers Network : Having rocketed to the top of the download charts in the Google Play store, the Android ad blocker AdBlock Fast fell down to earth with a bump yesterday as it was removed for violating developer guidelines http://www.secuobs.com/revue/news/597384.shtmlhttp://www.secuobs.com/revue/news/597384.shtml 2016-02-04 12:52:06 - Help Net Security : There's likely no Internet user that hasn't, at some point, been tricked into clicking on a deceptive download, install, or update button They are usually shown via ads, mimic dialogue boxes http://www.secuobs.com/revue/news/597356.shtmlhttp://www.secuobs.com/revue/news/597356.shtml 2016-02-04 11:04:42 - TorrentFreak : Google says it will go to war against the fake 'download' and 'play' buttons that attempt to deceive users on file-sharing and other popular sites An extension of its 'Safe Browsing' initiative launched eight years ago and tweaked last November, the moves will see users increasingly warned when Google and Chrome users are faced with deceptive practices Source TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/597348.shtmlhttp://www.secuobs.com/revue/news/597348.shtml 2016-02-03 15:11:48 - LinuxSecurity.com Latest News : LinuxSecuritycom Malwarebytes says it could take three to four weeks to fix security flaws found by Google in its popular anti-malware product http://www.secuobs.com/revue/news/597255.shtmlhttp://www.secuobs.com/revue/news/597255.shtml 2016-02-03 08:42:35 - Help Net Security : Google has plugged nine Android security holes with its February Nexus security update Of these, five are critical, four of high and one of moderate severity Here's the complete list The m http://www.secuobs.com/revue/news/597198.shtmlhttp://www.secuobs.com/revue/news/597198.shtml 2016-01-31 04:03:59 - Security Bloggers Network : Rowland Yu of SophosLabs is a great friend of Naked Security, being a regular contributor to our Android articles - so please vote for him to present at this year's RSA conference http://www.secuobs.com/revue/news/596969.shtmlhttp://www.secuobs.com/revue/news/596969.shtml 2016-01-30 10:19:27 - Security Bloggers Network : An Android Trojan's code has been found in more than 60 games distributed via the official Google Play Store, and is using steganography techniques to secretly receive further malicious code for execution on infected devices David Bisson reports http://www.secuobs.com/revue/news/596940.shtmlhttp://www.secuobs.com/revue/news/596940.shtml 2016-01-29 15:46:20 - LinuxSecurity.com Latest News : LinuxSecuritycom A year after Google's Chromium Security team proposed marking all HTTP sites which are non-secure, the company is preparing to implement the policy in Chrome http://www.secuobs.com/revue/news/596885.shtmlhttp://www.secuobs.com/revue/news/596885.shtml 2016-01-29 13:58:38 - Help Net Security : Dr Web researchers have discovered over 60 Trojanized game apps being offered on Google Play through more than 30 different game developer accounts The games are made to look like other popular o http://www.secuobs.com/revue/news/596873.shtmlhttp://www.secuobs.com/revue/news/596873.shtml 2016-01-26 03:29:45 - Reverse Engineering : submitted by http://www.secuobs.com/revue/news/596483.shtmlhttp://www.secuobs.com/revue/news/596483.shtml 2016-01-25 13:26:41 - Advanced Password Cracking Insight : As we all know, Google collects and processes an awful lot of data about pretty much everyone who is using the company s cloud services or owns a smartphone running the Android OS or, to be precise, is using a device with Google Mobile Services Just how much data is available was described in our previous http://www.secuobs.com/revue/news/596413.shtmlhttp://www.secuobs.com/revue/news/596413.shtml 2016-01-25 08:21:00 - Help Net Security : Here's an overview of some of last week's most interesting news, reviews and articles Deliberately hidden backdoor found on US government's comms system Researchers from Austrian infosec outf http://www.secuobs.com/revue/news/596390.shtmlhttp://www.secuobs.com/revue/news/596390.shtml 2016-01-23 15:04:42 - Slashdot Your Rights Online : itwbennett writes According to a new Google report, the search giant disabled more than 780 million bad ads, including include ads for counterfeit products, misleading or unapproved pharmaceuticals, weight loss scams, phishing ploys, unwanted software and trick-to-click cons, globally last year This marks a 49 percent increase over 2014 For perspective, it would take an individual nearly 25 years to look at the 780 million ads Google removed last year for just one second each, according to Google If the trend continues, Google's team of more than 1,000 staffers dedicated to killing spam will be even busier in 2016, and they could disable more than a billion junky ads IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/596322.shtmlhttp://www.secuobs.com/revue/news/596322.shtml 2016-01-23 09:31:12 - Slashdot Your Rights Online : whoever57 writes Google UK has come to an agreement with HMRC Her Majesty's Revenue and Customs under which it will recognize a larger share of its UK sales in the UK, instead of funnelling them through the Republic of Ireland In addition, Google will pay 130M UK Pounds in back taxes representing tax on sales since 2005 IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/596307.shtmlhttp://www.secuobs.com/revue/news/596307.shtml 2016-01-22 15:56:15 - Slashdot Your Rights Online : phantomfive writes As the Google v Oracle copyright case drags on, Oracle is claiming that Android has generated 31 billion in revenue for Google, 22 billion of which was profit Court records also show Google paid Apple 1 billion USD to keep their search bar on the iPhone A revenue sharing agreement was in place as well At one point, Apple got 34pourcents of the revenue generated by Google searches on iPhones Both companies later requested that the information be redacted from the record, but once something is released on the internet, it tends to stay there IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/596251.shtmlhttp://www.secuobs.com/revue/news/596251.shtml 2016-01-21 15:09:05 - LinuxSecurity.com Latest News : LinuxSecuritycom After being caught off guard by the disclosure of a serious flaw in the Linux kernel this week, Google has quickly developed a patch for Android and shared it with device manufacturers http://www.secuobs.com/revue/news/596131.shtmlhttp://www.secuobs.com/revue/news/596131.shtml 2016-01-20 21:34:15 - Slashdot Your Rights Online : An anonymous reader writes with this story about Director of Google Ideas Jared Cohen and his talk with the Royal Institute of International Affairs about stopping terrorists online Cohen contends that the best way to fight them online is to keep them confined to the dark web The Guardian reports Google's head of ideas, tasked with building tools to fight oppression, has said that to stop Isis being able to publicize itself on the internet requires forcing Isis from the open web During a talk with the Royal Institute of International Affairs at Chatham House, Jared Cohen said that it will not be possible to stop terrorists such as Isis from using Tor and the dark web The key to stopping the terrorist group from propagating online is therefore to hound them from the traditional web that which can be indexed by search engines Cohen said 'What is new is that they're operating without being pushed back in the same internet we all enjoy So success looks like Isis being contained to the dark web' IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/596075.shtmlhttp://www.secuobs.com/revue/news/596075.shtml 2016-01-19 20:54:32 - Reverse Engineering : submitted by MazeGen link comment http://www.secuobs.com/revue/news/595997.shtmlhttp://www.secuobs.com/revue/news/595997.shtml 2016-01-19 15:37:05 - Security Bloggers Network : We see that Ford and Google are discussing entering a collaborative arrangement in order to advance the progress of developing AUTOnomous AUTOmobiles which I m thinking of calling Auto-Autos or Auto-Squared , in a rapidly-evolving highly-competitive marketplace Could this be a dream come true After all, my book Engineering Safe and Secure Software Systems is all about http://www.secuobs.com/revue/news/595963.shtmlhttp://www.secuobs.com/revue/news/595963.shtml 2016-01-19 14:15:38 - Help Net Security : Authors Johnny Long, Bill Gardner, Justin Brown Pages 234 Publisher Syngress ISBN 0128029641 Introduction The Internet can be a great source of information, and Google Search can hel http://www.secuobs.com/revue/news/595944.shtmlhttp://www.secuobs.com/revue/news/595944.shtml 2016-01-17 10:01:31 - Hackaday : The world s largest model railway exhibit on display in Germany of course is quite the attraction The huge Miniatur Wunderland features towns and trains from Germany, Switzerland, Austria, and even a little America And it s all on Google Maps Frank accepted the challenge to build a tiny Google Streetview train, capable of traversing the entire Wunderland It features a fish-eye camera on both the front and rear car, and is powered by an Arduino the Wattuino Nanite 85 He upgraded the train to use tiny stepper motors to allow for precise movement along the tracks to get read more http://www.secuobs.com/revue/news/595782.shtmlhttp://www.secuobs.com/revue/news/595782.shtml 2016-01-13 14:20:37 - Vigilance vulnérabilités publiques : Un attaquant peut provoquer un Cross Site Scripting de WordPress Contact Form Integrated With Google Maps, afin d'exécuter du code JavaScript dans le contexte du site web http://www.secuobs.com/revue/news/595543.shtmlhttp://www.secuobs.com/revue/news/595543.shtml 2016-01-12 18:31:18 - Office of Inadequate Security : Paris Cowan reports A NSW tribunal has ruled that the state s Medical Council breached privacy laws when it published what http://www.secuobs.com/revue/news/595473.shtmlhttp://www.secuobs.com/revue/news/595473.shtml 2016-01-12 14:35:22 - Help Net Security : If you are using Trend Micro's Maximum Security 10 solution for Windows, you might want to update it to the latest available version as soon as possible If you don't you're opening yourself to the da http://www.secuobs.com/revue/news/595443.shtmlhttp://www.secuobs.com/revue/news/595443.shtml 2016-01-12 11:14:17 - Vigilance vulnérabilités publiques : Un attaquant peut utiliser une vulnérabilité dans le PDF Viewer de Google Chrome, afin d'obtenir des informations sensibles http://www.secuobs.com/revue/news/595424.shtmlhttp://www.secuobs.com/revue/news/595424.shtml 2016-01-11 21:39:13 - Risk Assessment Ars Technica : I don't even know what to say, exasperated researcher tells TrendMicro official http://www.secuobs.com/revue/news/595376.shtmlhttp://www.secuobs.com/revue/news/595376.shtml 2016-01-11 15:57:50 - Slashdot Your Rights Online : An anonymous reader writes Nvidia GPUs don't clear out memory that was previously allocated, and neither does Chrome before releasing memory back to the shared memory pool When a user recently fired up Diablo 3 several hours after closing an Incognito Mode window that contained pornography, the game launched with snapshots of the last private browsing session appearing on the screen revealing his prior activities He says, It's a fairly easy bug to fix A patch to the GPU drivers could ensure that buffers are always erased before giving them to the application It's what an operating system does with the CPU RAM, and it makes sense to use the same rules with a GPU Additionally, Google Chrome could erase their GPU resources before quitting IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/595355.shtmlhttp://www.secuobs.com/revue/news/595355.shtml 2016-01-11 15:28:54 - LinuxSecurity.com Latest News : LinuxSecuritycom Earlier this week, Mozilla was forced to backpedal on banning new SHA-1 digital certificates because the move completely cut off some Firefox users from the encrypted Web It appears that Google saw the problem coming http://www.secuobs.com/revue/news/595351.shtmlhttp://www.secuobs.com/revue/news/595351.shtml 2016-01-08 22:12:15 - Hackaday : It s a parent s worst nightmare Doctors tell you that your baby is sick and there s nothing they can do Luckily though, a combination of hacks led to a happy ending for Teegan Lexcen and her family When Cassidy and Chad Lexcen s twin daughters were born in August, smaller twin Teegan was clearly in trouble Diagnostics at the Minnesota hospital confirmed that she had been born with only one lung and half a heart Teegan s parents went home and prepared for the inevitable, but after two months, she was still alive Cassidy and Chad started looking for second opinions, and after read more http://www.secuobs.com/revue/news/595216.shtmlhttp://www.secuobs.com/revue/news/595216.shtml 2016-01-08 12:02:33 - TorrentFreak : After his new movie was downloaded more than a million times after being leaked in December, the producer of The Hateful Eight has directed his displeasure towards Google Richard Gladstein suggests the search giant has the ability to wipe out piracy but is throwing up a 'fair use' smokescreen to distract from the phenomenon Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/595177.shtmlhttp://www.secuobs.com/revue/news/595177.shtml 2016-01-08 09:47:10 - Slashdot Your Rights Online : Mark Wilson writes The Investigatory Powers Bill may only be in draft form at the moment, but the UK government has already received criticism for its plans Today, scores of pieces of written evidence, both for and against the proposals, have been published, including input from the Reform Government Surveillance RGS coalition Five key members of the coalition are Facebook, Google, Microsoft, Twitter and Yahoo In their written evidence, the quintet of tech companies express their concerns about the draft bill, seek clarification from the UK government, and issue warnings about the implications of such a bill The evidence document IPB0116 says that any surveillance undertaken by the government need to be 'targeted, lawful, proportionate, necessary, jurisdictionally bounded, and transparent' The coalition notes that many other countries are watching to see what the UK does IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/595171.shtmlhttp://www.secuobs.com/revue/news/595171.shtml 2016-01-07 21:48:19 - Risk Assessment Ars Technica : Apps with as many as a million downloads removed following their discovery http://www.secuobs.com/revue/news/595135.shtmlhttp://www.secuobs.com/revue/news/595135.shtml 2016-01-06 01:39:44 - Security Bloggers Network : If you have an Android, keep an eye out for updates from your vendor or carrier - there are some critical security patches out http://www.secuobs.com/revue/news/594913.shtmlhttp://www.secuobs.com/revue/news/594913.shtml 2016-01-05 17:52:42 - Security Bloggers Network : On January 4, Amazon announced that their WorkMail managed email and calendaring solution has reached general availability, which is nice for the folks who have been working on the project for the last year or so Tony Redmond's Exchange Unwashed read more http://www.secuobs.com/revue/news/594867.shtmlhttp://www.secuobs.com/revue/news/594867.shtml 2016-01-05 16:12:16 - LinuxSecurity.com Latest News : LinuxSecuritycom Google has fixed a new batch of vulnerabilities in Android that could allow hackers to take over devices remotely or through malicious applications http://www.secuobs.com/revue/news/594855.shtmlhttp://www.secuobs.com/revue/news/594855.shtml 2016-01-04 20:22:05 - Security Bloggers Network : Almost all devices running a modern version of Android are affected by at least one of the five critical flaws http://www.secuobs.com/revue/news/594782.shtmlhttp://www.secuobs.com/revue/news/594782.shtml 2015-12-30 18:17:50 - TorrentFreak : Copyright holders asked Google to remove more than 560,000,000 allegedly infringing links from its search engine in 2015 The staggering number is an increase of 60pourcents compared to the year before According to Google the continued surge is a testament that the DMCA takedown process is working, but some copyright holders disagree Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/594524.shtmlhttp://www.secuobs.com/revue/news/594524.shtml 2015-12-30 17:40:18 - Risk Assessment Ars Technica : AVG AntiVirus force-installed Chrome plugin that left browsing data vulnerable http://www.secuobs.com/revue/news/594519.shtmlhttp://www.secuobs.com/revue/news/594519.shtml 2015-12-30 06:56:28 - Slashdot Your Rights Online : An anonymous reader writes Techdirt is running a story about Square One Publishers Rudy Shur, and his confusion over the DMCA process, and exactly what Google has control over The story goes After being contacted by Google Play with an offer to join the team, Shur took it upon himself to fire off an angry email in response That would have been fine, but he somehow convinced Publisher's Weekly to print both the letter and some additional commentary Presumably, his position at a publishing house outweighed Publisher Weekly's better judgment, because everything about his email commentary is not just wrong, but breathtakingly so After turning down the offer to join Google Play Shur's previous participation hadn't really shown it to be an advantageous relationship , Shur decided to play internet detective Starting with this paragraph, Shur's arguments head downhill then off a cliff then burst into flames then the flaming wreckage slides down another hill and off another cliff h t The Digital Reader ' W e did discover, however, was that Google has no problem allowing other e-book websites to illegally offer a number of our e-book titles, either free or at reduced rates, to anyone on the Internet' There's a huge difference between allowing and things that happen concurrently with Google's existence Shur cannot recognize this difference, which is why he's so shocked Google won't immediately fix it 'When we alerted Google, all we got back was an email telling us that Google has no responsibility and that it is up to us to contact these sites to tell them to stop giving away or selling our titles' IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/594455.shtmlhttp://www.secuobs.com/revue/news/594455.shtml 2015-12-24 13:29:41 - Security Bloggers Network : Google has announced that it is piloting a new sign-in system that will, if successful, replace passwords User authentication will be delivered through a smartphone The post Google testing password-free account sign-in appeared first on We Live Secur http://www.secuobs.com/revue/news/594156.shtmlhttp://www.secuobs.com/revue/news/594156.shtml 2015-12-23 17:41:37 - Forensic Focus : ElcomSoft Co Ltd announces the release of Elcomsoft Cloud eXplorer, a digital forensic tool for acquiring data from Google accounts Implementing over-the-air acquisition of information collected by the search giant, Elcomsoft Cloud eXplorer provides access to users search history, contacts, comprehensive Chrome browsing history, saved logins and passwords, notes, messages, and much more It s not about Android , says Vladimir Katalov, ElcomSoft CEO Google collects and maintains massive amounts of information from registered customers using the many Google services from PCs and mobile devices Normally, the information is scattered around the many services offered under the single sign-on roof of Google Account Out tool pulls the data from all available sources, assembling available information in a single place Just looking at the amount of data that is available is extremely impressive http://www.secuobs.com/revue/news/594085.shtmlhttp://www.secuobs.com/revue/news/594085.shtml 2015-12-23 16:38:56 - Hackaday : Quick What s the difference in conductivity between silver and copper Today, that s easy to find out You just ask Google maybe even out loud if you have a phone handy But it wasn t that long ago that you needed another option Before the Internet age, a big part of being that guy or gal was knowing where to go to find things You had to be a master of the library s reference section, know what might be in an encyclopedia or an almanac However if you were a hardcore math, science, or engineering geek you probably had, at least, one read more http://www.secuobs.com/revue/news/594080.shtmlhttp://www.secuobs.com/revue/news/594080.shtml 2015-12-23 12:21:57 - Help Net Security : Infosec pros are moving beyond traditional passwords, and companies are expected to follow in the same direction Big companies like Google, with millions of users that currently need to enter logi http://www.secuobs.com/revue/news/594039.shtmlhttp://www.secuobs.com/revue/news/594039.shtml 2015-12-22 14:04:22 - Security Bloggers Network : Google has announced a two-step plan by which it intends to discontinue support for SHA-1 certificates over the course of the next year Researchers Lucas Garron Chrome security and David Benjamin Chrome networking articulate the Alphabet subsidiary s reasoning in a blog post published last Friday As announced last September and supported by further recent research, Read More The post Google Announces Plans to Discontinue Support of SHA-1 Certificates Over Next Year appeared first on The State of Security IMAGE http://www.secuobs.com/revue/news/593943.shtmlhttp://www.secuobs.com/revue/news/593943.shtml 2015-12-22 12:40:32 - Security Bloggers Network : Google is pushing for the early removal of support for SHA-1 certificates, now deemed unsafe http://www.secuobs.com/revue/news/593935.shtmlhttp://www.secuobs.com/revue/news/593935.shtml 2015-12-22 10:35:45 - Advanced Password Cracking Insight : In today s thoroughly connected world, everyone shares at least some of their personal information with, well, strangers Voluntarily or not, people using personal computers or mobile devices have some of their information transmitted to, processed, stored and used by multiple online service providers Took a selfie shot Your face and possibly your friends faces will http://www.secuobs.com/revue/news/593906.shtmlhttp://www.secuobs.com/revue/news/593906.shtml 2015-12-22 02:08:34 - Risk Assessment Ars Technica : It's becoming too cheap to attack such certificates for them to be safe to use http://www.secuobs.com/revue/news/593886.shtmlhttp://www.secuobs.com/revue/news/593886.shtml 2015-12-18 08:18:04 - Security Bloggers Network : Google and the art of safe mobile browsing With the vast majority of end users turning to Google as their search engine or default browser of choice, it comes as no surprise to learn that the company takes security seriously But in a perpetually changing landscape where anti-virus and anti-malware tools are constantly chasing their tails in order to stay up to date with the latest threats, there cannot be many small to medium-sized business owners who can afford to ignore the issues surrounding cyber security The post Google and the art of safe mobile browsing appeared first on Health Security Solutions http://www.secuobs.com/revue/news/593570.shtmlhttp://www.secuobs.com/revue/news/593570.shtml 2015-12-17 20:20:02 - Security Bloggers Network : The cloud storage arm of the Internet giant announced a new research grant program on Thursday that will fuel independent security researchers working to improve Google's data security http://www.secuobs.com/revue/news/593529.shtmlhttp://www.secuobs.com/revue/news/593529.shtml 2015-12-17 12:57:37 - Security Bloggers Network : New teams will be dedicated to the task of battling a deluge of racist and xenophobic hate speech that's risen with Germany's refugee crisis http://www.secuobs.com/revue/news/593469.shtmlhttp://www.secuobs.com/revue/news/593469.shtml 2015-12-16 10:13:32 - Security Bloggers Network : The remote code execution flaws impacted on a range of the cybersecurity firm's products http://www.secuobs.com/revue/news/593326.shtmlhttp://www.secuobs.com/revue/news/593326.shtml 2015-12-15 01:25:27 - Hacker Public Radio : Google Takeout, good for backup of gmail, or anything else from the Google-verse https wwwgooglecom takeout Thunderbird email client https wwwmozillaorg en-US thunderbird ImportExportTools for Thunderbird https addonsmozillaorg en-US thunderbird addon importexporttools http://www.secuobs.com/revue/news/593136.shtmlhttp://www.secuobs.com/revue/news/593136.shtml 2015-12-14 14:34:37 - Security Bloggers Network : It already works to keep harmful apps off Play Store, it says now it's time to flag nasty software, phishing sites and more http://www.secuobs.com/revue/news/593059.shtmlhttp://www.secuobs.com/revue/news/593059.shtml 2015-12-10 22:47:10 - Office of Inadequate Security : Sara Peters reports The Spy Banker Trojan is spreading through Brazil through the help of Google and Facebook, according to http://www.secuobs.com/revue/news/592815.shtmlhttp://www.secuobs.com/revue/news/592815.shtml 2015-12-10 19:54:16 - Security Bloggers Network : Introduction Zscaler ThreatLabZ has been closely monitoring a new Spy Banker Trojan campaign that has been targeting Portuguese-speaking users in Brazil The malware authors are leveraging Google Cloud Servers to host the initial Spy Banker Downloade http://www.secuobs.com/revue/news/592797.shtmlhttp://www.secuobs.com/revue/news/592797.shtml 2015-12-10 00:10:05 - Security Bloggers Network : I would like, belatedly, to add to my previous blog on the consultations on the Investigatory Powers Bill, the need not only to recognise that it applies to the tracking operations of Apple and Google and the other adware and spyware operators whose bloatware is clogging the Internet and slowing response times , but the need to give us informed and genuine not forced choice as to whether we want our communications data to be recorded in the unsafe to foreigners harbours of the USA http://www.secuobs.com/revue/news/592678.shtmlhttp://www.secuobs.com/revue/news/592678.shtml 2015-12-03 23:23:24 - Slashdot Your Rights Online : MojoKid writes The Electronic Frontier Foundation EFF caused quite a stir this week when it alleged that Google is using its Chromebook platform, which has made a significant impact in education markets, to snoop on students The charges were damning, with the EFF claiming that Google was violating its own corporate policies and using students' personally identifiable browsing data habits to refine its services, in addition to sharing that data with partners Obviously, Google would take such allegations seriously, and has thus responded to every claim brought forth by the EFF While we appreciate the EFF's focus on student data privacy, we are confident that our tools comply with both the law and our promises, including the Student Privacy Pledge said Jonathan Rochelle, the Director of Google Apps for Education With respect to Google Apps for Education Core Services GAFE , Rochelle asserts that all student data stored is only used to provide the services themselves and that student data isn't used for advertising purposes, nor are ads served to students Rochelle also explains that personally identifiable data of students is removed, and only aggregated data of its millions of users is utilized to help improve its services IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/592034.shtmlhttp://www.secuobs.com/revue/news/592034.shtml 2015-12-03 15:42:31 - Security Bloggers Network : Minors shouldn t be tracked or used as guinea pigs, with their data treated as a profit center, says the EFF's Nate Cardozo http://www.secuobs.com/revue/news/591972.shtmlhttp://www.secuobs.com/revue/news/591972.shtml 2015-12-02 15:17:40 - Slashdot Your Rights Online : itwbennett writes In a complaint PDF filed Tuesday with the Federal Trade Commission, the Electronic Frontier Foundation EFF claims that despite publicly promising not to, Google mines students' browsing data and other information, and uses it for the company's own purposes The EFF says Google's practice of recording everything students do while they're logged into their Google accounts, regardless of the device or browser they're using, puts the company in breach of Section 5 of the Federal Communications Act IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/591845.shtmlhttp://www.secuobs.com/revue/news/591845.shtml 2015-12-01 13:11:58 - Security Bloggers Network : Please promise to delete this blog post from your cache and forget that you ever read it http://www.secuobs.com/revue/news/591663.shtmlhttp://www.secuobs.com/revue/news/591663.shtml 2015-11-30 03:06:18 - Slashdot Your Rights Online : An anonymous reader writes Various sources report Israel's Deputy Minister for Foreign Affairs Tzipi Hotovely meeting with representatives of Google and YouTube to discuss censoring Palestinian videos believed to incite violence Original aricle in Hebrew from Maariv The open question is how Google and Youtube will define inciting violence Currently, all foreign journalists in the Palestinian territories are required to register with the Israeli military, and all footage must be approved through the Israeli Military Censor's office before being released However, according to the article in alternet individual Palestinians have been uploading videos showing violence by Israeli soldiers, including execution-style killings, and highlighting the living conditions in the territories, which Israeli authorities consider inflammatory IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/591501.shtmlhttp://www.secuobs.com/revue/news/591501.shtml 2015-11-26 14:52:59 - Slashdot Your Rights Online : An anonymous reader writes According to a Google report the company has evaluated 1,234,092 URLs from 348,085 requests since the EU's May 2014 right to be forgotten ruling, and has removed 42pourcents of those URLs Engadget reports To show how it comes to its decisions, the company shared some of the requests it received and its decisions For example a private citizen that was convicted of a serious crime, but had that conviction overturned during appeal, had search results about the crime removed Meanwhile a high ranking public official in Hungary failed to get the results squelched of a decades-old criminal conviction Of course, that doesn't mean the system is perfect and the company has already been accused of making mistakes IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/591317.shtmlhttp://www.secuobs.com/revue/news/591317.shtml 2015-11-26 14:01:48 - Security Bloggers Network : Lots of Europeans want Google to do lots of self-inflicted lobotomy It's evaluated a total of 1,234,092 URLs for right to be forgotten http://www.secuobs.com/revue/news/591302.shtmlhttp://www.secuobs.com/revue/news/591302.shtml 2015-11-25 14:53:59 - Vigilance vulnérabilités publiques : Un attaquant peut employer plusieurs vulnérabilités de Google Chrome http://www.secuobs.com/revue/news/591189.shtmlhttp://www.secuobs.com/revue/news/591189.shtml 2015-11-25 11:25:13 - Global Security Mag Online : Akamai Technologies, Inc annonce sa collaboration avec la plateforme Cloud de Google dans le cadre du programme Google Interconnect La participation d'Akamai doit permettre de réduire les coûts d'hébergement et de sortie, mais également d'améliorer les performances pour les clients Akamai qui utilisent la plateforme Cloud de Google La participation d'Akamai en tant que fournisseur de services d'interconnexion entre réseaux CDN et Google Cloud Platform vise à s'assurer que la plateforme Cloud de - Produits http://www.secuobs.com/revue/news/591169.shtmlhttp://www.secuobs.com/revue/news/591169.shtml 2015-11-23 01:10:48 - Security Bloggers Network : Newer Android phone and tablet owners aren't affected, but it does say something about Android's fragmentation of device security http://www.secuobs.com/revue/news/590812.shtmlhttp://www.secuobs.com/revue/news/590812.shtml 2015-11-22 20:21:55 - TorrentFreak : Google is facing a never-ending flood of takedown requests from copyright holders, breaking record after record The company currently processes a record breaking 1,500 links to pirate pages from its search results every minute, which is a 100pourcents increase compared to last year Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/590810.shtmlhttp://www.secuobs.com/revue/news/590810.shtml 2015-11-21 11:50:39 - TorrentFreak : When content is taken down in response to a DMCA notice, should service providers be required to stop the same content from reappearing Major copyright holders believe they should but the issue is complex Speaking at a copyright conference this week a Google counsel outlined several problems, concluding that the system just won't work Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/590757.shtmlhttp://www.secuobs.com/revue/news/590757.shtml 2015-11-19 15:15:50 - Slashdot Your Rights Online : An anonymous reader writes In a speech to the 6th Annual Financial Crimes and Cybersecurity Symposium, New York County District Attorney for Manhattan Cyrus Vance Jr has appealed to the tech community specifically citing Google and Apple to do the right thing and end zero-knowledge encryption in mobile operating systems Vance Jr praised FBI director James Comey for his 'outspoken' and 'fearless' advocacy against zero knowledge encryption, and uses the recent attacks on Paris as further justification for returning encryption keys to the cloud, so that communications providers can once again comply with court orders IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/590583.shtmlhttp://www.secuobs.com/revue/news/590583.shtml 2015-11-19 14:28:29 - Security Bloggers Network : As OS X malware gains traction, VirusTotal has added support for Mac app analysis in sandbox environments http://www.secuobs.com/revue/news/590573.shtmlhttp://www.secuobs.com/revue/news/590573.shtml 2015-11-18 19:37:32 - Security Bloggers Network : Every once in a while we get a glimpse into rare and strange behavior that doesn t involve the website being hacked, but causes major problems for website owners We have spoken recently about malicious referral spam in Google Analytics and Google Search Console being used by attackers after they gain access to a website Today, Read More The post Spam Campaign Causes DDoS by Googlebot appeared first on Sucuri Blog http://www.secuobs.com/revue/news/590480.shtmlhttp://www.secuobs.com/revue/news/590480.shtml 2015-11-18 13:15:30 - Security Bloggers Network : Google just announced that its virus classification and auto-analysis service, VirusTotal, is now officially interested in OS X malware http://www.secuobs.com/revue/news/590390.shtmlhttp://www.secuobs.com/revue/news/590390.shtml 2015-11-17 15:03:04 - liquid thoughts : Architecting a Verb OUPblog blogoupcom 2008 07 architect Cached Similar 31 Jul 2008 The OED provides citations from as far back as 1813, quoting a letter from Keats, in which he writes This was architected thus By the great n m Architecting Define http://www.secuobs.com/revue/news/590287.shtmlhttp://www.secuobs.com/revue/news/590287.shtml 2015-11-16 11:41:02 - Help Net Security : Google Chrome users will from now on be faced with a new, customized warning every time they visit a website page that contains social engineering content The threat landscape is constantly cha http://www.secuobs.com/revue/news/590156.shtmlhttp://www.secuobs.com/revue/news/590156.shtml 2015-11-15 14:56:20 - Security Bloggers Network : Password stealing, ransomware and outright hacking - the latest computer security news in 1 entertaining minute Enjoy http://www.secuobs.com/revue/news/590103.shtmlhttp://www.secuobs.com/revue/news/590103.shtml 2015-11-15 12:04:10 - TorrentFreak : If Google is to blame for piracy sites appearing in its search results, it must also be held to account over the bizarre piracy 'news' articles dominating its news section Today we're demanding that Google demotes 'rogue' news outlets from dominating the search results, or we're off to the US government to cry like babies Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/590099.shtmlhttp://www.secuobs.com/revue/news/590099.shtml 2015-11-13 15:18:07 - Security Bloggers Network : Why would a mobile app steal your password And why would both Apple and Google be OK with that http://www.secuobs.com/revue/news/589993.shtmlhttp://www.secuobs.com/revue/news/589993.shtml 2015-11-13 10:04:58 - Hackaday : Google s Project Jacquard is tackling the age old gap between controlling your electronic device and touching yourself They are doing this by weaving conductive thread into clothing in the form of a touch pad In partnership with Levi Strauss Co, Google has been designing and producing touch interfaces that are meant to be used by developers however they see fit The approach that Project Jacquard has taken from a hardware standpoint is on point Rather than having an end user product in mind and design completely towards that goal, the project is focused on the interface as its product read more http://www.secuobs.com/revue/news/589970.shtmlhttp://www.secuobs.com/revue/news/589970.shtml 2015-11-13 09:26:10 - Help Net Security : After having been ruled invalid by the ECJ, the Safe Habor Agreement is now back in the spotlight as the Commission has finally issued a communication on the Trans-Atlantic data transfers destined to http://www.secuobs.com/revue/news/589966.shtmlhttp://www.secuobs.com/revue/news/589966.shtml 2015-11-12 20:26:43 - Slashdot Your Rights Online : An anonymous reader writes Google has launched a new tool called About me that lets you see, edit, and remove the personal information that the company's services show to other users Google confirmed to VentureBeat that the feature started rolling out to users this week Google's various products and services Gmail, Hangouts, Google Maps, Inbox, Google Play, YouTube, Google , and so on sometimes ask you to share certain personal information These details are then shown to other users who interact with you or search for you Until now, all of this was stored in Google , assuming you created an account But Google is no longer a requirement for Google's services, and so the company needs a new solution, and ideally one that isn't public by default IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/589936.shtmlhttp://www.secuobs.com/revue/news/589936.shtml 2015-11-11 21:35:13 - Security Bloggers Network : Google has announced it will no longer support Windows XP, as well as Windows Vista and older versions of Mac OS X including 106 Snow Leopard , 107 Lion and 108 Mountain Lion come April 2016 Marc Pawliger, director of engineering at Google, said in a company blog post If you re still using one of these unsupported platforms, Read More The post Google to End Chrome Support for Windows XP, Mac OS X Mountain Lion appeared first on The State of Security IMAGE http://www.secuobs.com/revue/news/589814.shtmlhttp://www.secuobs.com/revue/news/589814.shtml 2015-11-11 18:33:40 - Office of Inadequate Security : Lord Marin writes Apple NASDAQ AAPL and Google NASDAQ GOOGL have removed InstaAgent, an app for Instagram, because of http://www.secuobs.com/revue/news/589803.shtmlhttp://www.secuobs.com/revue/news/589803.shtml 2015-11-11 14:13:07 - Security Bloggers Network : Because of unsafe NTP practices, internal clocks on remote machines can be manipulated under the right conditions Once time is altered, expired SSL certificates become valid again and causes HSTS policies to expire But what about authentication Cer http://www.secuobs.com/revue/news/589763.shtmlhttp://www.secuobs.com/revue/news/589763.shtml 2015-11-08 17:51:43 - Slashdot Your Rights Online : An anonymous reader writes The FCC announced that it will not prevent Facebook, Google, and other websites from not honoring users' Do Not Track requests that make it difficult for them to track online activities The Washington Post reports The announcement is a blow to privacy advocates who had petitioned the agency for stronger Internet privacy rules But it's a win for many Silicon Valley companies whose business models rely on monetizing Internet users' personal data It's also the latest move in an ongoing battle to defend the agency's new net neutrality rules, which opponents warned would result in the regulation of popular Web sites and online services By rejecting the petition, the FCC likely hopes to defuse that argument The rules, which took effect this summer, allow the FCC to regulate only providers of Internet access, not individual Web sites, said a senior agency official IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/589425.shtmlhttp://www.secuobs.com/revue/news/589425.shtml 2015-11-05 15:31:45 - TorrentFreak : A new report released by streaming search engine JustWatch has revealed that Google's Pirate Update drastically decreased the visibility of torrent sites in search results However, the algorithm changes failed to punish illegal streaming portals, which still draw billions of visitors from search engines Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/589159.shtmlhttp://www.secuobs.com/revue/news/589159.shtml 2015-11-03 15:30:15 - Security Bloggers Network : In October, Google announced that they would let customers who had a current enterprise agreement EA with Microsoft to use Google Apps for Work for free until the EA expires At that point, the customer is expected to begin paying Google the regular subscription fees 5 per month per user for the productivity apps or 10 per user for unlimited storage Tony Redmond's Exchange Unwashed read more http://www.secuobs.com/revue/news/588902.shtmlhttp://www.secuobs.com/revue/news/588902.shtml 2015-11-02 15:41:30 - MSI State of Security : Did some old school Google hacking last night Filetype xls terms still finds too much bad stuff Check for it lately for your organization Try other file types too doc ppt pdf rtf, etc Information leakage happens today, as it always has Keeping Continue reading The post Old School Google Hacking Still Works appeared first on MSI State of Security http://www.secuobs.com/revue/news/588762.shtmlhttp://www.secuobs.com/revue/news/588762.shtml 2015-11-01 09:16:53 - Vigilance vulnérabilités publiques : Un attaquant peut provoquer un Cross Site Scripting de Joomla GoogleSearch, afin d'exécuter du code JavaScript dans le contexte du site web http://www.secuobs.com/revue/news/588640.shtmlhttp://www.secuobs.com/revue/news/588640.shtml 2015-10-30 15:12:01 - Security Bloggers Network : Notable security news items for the week ending October 30, 2015 Covers enterprise, application and mobile security, reports and more http://www.secuobs.com/revue/news/588538.shtmlhttp://www.secuobs.com/revue/news/588538.shtml 2015-10-29 19:48:04 - TorrentFreak : Copyright holders have asked Google to remove more than 1,000,000,000 allegedly infringing links from its search engine in recent years The remarkable milestone, reached this week, is at the center of an ongoing debate over how search engines are expected to deal with pirate sites Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/588453.shtmlhttp://www.secuobs.com/revue/news/588453.shtml 2015-10-29 16:33:10 - Security Bloggers Network : Although Bring Your Own Device BYOD is not hitting the front page on a weekly basis anymore, it is still relevant The hype may be over, but enterprises are now working to find practical remote access solutions for managing the variety of mobile devices utilized by employees at home and at work BYOD policies often http://www.secuobs.com/revue/news/588429.shtmlhttp://www.secuobs.com/revue/news/588429.shtml 2015-10-29 14:31:54 - Security Bloggers Network : Google has issued an ultimatum to Symantec in the wake of chaos caused by security certificates issued without permission http://www.secuobs.com/revue/news/588405.shtmlhttp://www.secuobs.com/revue/news/588405.shtml 2015-10-29 14:14:30 - LinuxSecurity.com Latest News : LinuxSecuritycom Google has given Symantec an offer it can't refuse give a thorough accounting of its ailing certificate authority process or risk having the world's most popular browser-Chrome-issue scary warnings when end users visit HTTPS-protected websites that use Symantec credentials http://www.secuobs.com/revue/news/588400.shtmlhttp://www.secuobs.com/revue/news/588400.shtml 2015-10-29 06:32:35 - Ars Technica Risk Assessment : Google Fix ailing certificate business or risk having Chrome flag your credentials http://www.secuobs.com/revue/news/588338.shtmlhttp://www.secuobs.com/revue/news/588338.shtml 2015-10-28 10:34:43 - Minded Security Blog : IMAGE The following post is a wrap up of a presentation I made for Google thanks to a very interesting initiative to meet web security researchers and Google security engineers - Thanks for the opportunity, BTW Instead of talking about my usual things like advanced DOM Based XSS topics, I decided to propose some research about alternative approaches in JavaScript deobfuscation stuff we've been working on early this year In fact, here at Minded Security we deal with JavaScript since several years by now and Client side security research, AMT agentless anti malware products, DOMinatorPro are only a few of the reasons our work on JavaScript is always part of our daily job Everyone admits JavaScript code can be sometimes really hard to read, especially when dealing with minimized code or obfuscated malware and even if there are quite a bunch of JS deobfuscators, most of them are runtime sandboxes or too simple static analyzers Here's why we developed JStillery An internal product that helps us for Analysis of JS malware samples extracted from AMT logs JS Normalization for Malware classification Automatic support for exploiting DOM Based XSS on custom, minimized libraries using DOMinatorPro WAF Analysis of XSS Payloads Slides Advanced JS Deobfuscation and a short video that shows what JStillery can do Comments are always welcome http://www.secuobs.com/revue/news/588217.shtmlhttp://www.secuobs.com/revue/news/588217.shtml 2015-10-27 10:25:46 - Help Net Security : Authors Michael Harrington and Michael Cross Pages 122 Publisher Syngress ISBN 0128002166 Introduction Learn how to use Google Earth geo-location in your digital forensic investigatio http://www.secuobs.com/revue/news/588060.shtmlhttp://www.secuobs.com/revue/news/588060.shtml 2015-10-24 15:20:45 - Vigilance vulnérabilités publiques : Un attaquant peut provoquer un Cross Site Scripting de WordPress Google Analyticator, afin d'exécuter du code JavaScript dans le contexte du site web http://www.secuobs.com/revue/news/587845.shtmlhttp://www.secuobs.com/revue/news/587845.shtml 2015-10-24 08:14:59 - SecurityTube.Net : Security has been trying to catch up with technology all this time, butthe gap may well be increasing, particularly with the growth of consumerdevices and the Internet of Things The reason has to do withdelegation and proxy activities online Current IAM models are no matchfor the real world of legal, fiduciary and minor representation In this session, we,ll talk about what needs to change so that both security and privacy are truly available to all members of society Wendy Nather is Research Director at the Retail Cyber Intelligence Sharing Center R-CISC , where she is responsible for advancing the state of resources and knowledge to help organizations defend their infrastructure from attackers She was previously Research Director of the Information Security Practice at independent analyst firm 451 Research, covering the security industry in areas such as application security, threat intelligence, security services, and other emerging technologiesWendy has served as a CISO in both the private and public sectors She led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation now UBS , as well as for the Texas Education Agency She speaks regularly in locations around the world on topics ranging from threat intelligence to identity and access management, risk analysis, incident response, data security, and societal and privacy issues Wendy is co-author of The Cloud Security Rules, and was listed as one of SC Magazine,s Women in IT Security Power Players in 2014 She is an advisory board member for the RSA Conference, and serves on the board of directors for Securing Change, an organization that helps provide free security services to nonprofit groups She is based in Austin, Texas, and you can follow her on Twitter as RCISCwendy For More Information Please Visit - http wwwhoustonsecconcom v6 http wwwirongeekcom iphp page videos houseccon2015 mainlist http://www.secuobs.com/revue/news/587834.shtmlhttp://www.secuobs.com/revue/news/587834.shtml 2015-10-23 21:07:12 - Slashdot Your Rights Online : theodp writes Politico reports that just one day after Facebook launched TechPrep, a highly-publicized initiative to attract more minorities and women to coding, Google, Facebook, Microsoft, and Codeorg quietly sent a letter to top education lawmakers in the House and Senate insisting that computer science must be added to the list of core academic subjects and states be given resources to improve STEM education programs Computer science is marginalized throughout K-12 education, reads the letter We need to improve access for all students, particularly groups who have traditionally been underrepresented Echoing the last point at this month's Grace Hopper Women in Computer Celebration, YouTube CEO Susan Wojcicki called for mandatory computer science in schools, suggesting that boys like her own son are monopolizing the family computer across America, leaving girls like her own daughter out of the conversation when it comes to technology video 38 33 The new round of hand-wringing comes as tech companies face the deadline for filing their 2015 EEO-1 surveys and seek more tech-friendly US visa and OPT STEM policies, so it's probably worth remembering that Microsoft proposed tech could turn workforce diversity lemons into H-1B visa lemonade by connecting tech immigration to K-12 CS education IMAGE IMAGE Share on Google Read more of this story at Slashdot http://www.secuobs.com/revue/news/587798.shtmlhttp://www.secuobs.com/revue/news/587798.shtml 2015-10-22 22:49:09 - Reverse Engineering : submitted by srw link comment http://www.secuobs.com/revue/news/587686.shtmlhttp://www.secuobs.com/revue/news/587686.shtml 2015-10-21 22:49:20 - TorrentFreak : Google is rejecting calls from copyright holders to remove entire domain names from Google search based on copyright infringements In a letter to the US Government the company points out that this would prove counterproductive and lead to overbroad censorship Source TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services http://www.secuobs.com/revue/news/587557.shtmlhttp://www.secuobs.com/revue/news/587557.shtml 2015-10-21 15:59:00 - Security Bloggers Network : Google has released compatibility requirements for new devices running Android 60 Marshmallow, and there's one requirement that is justifiably getting a lot of attention - full-disk encryption must be enabled by default with a few exceptions http://www.secuobs.com/revue/news/587509.shtmlhttp://www.secuobs.com/revue/news/587509.shtml 2015-10-21 15:19:50 - Help Net Security : A Google Chrome lookalike browser dubbed eFast is being actively pushed onto users The software is at best annoying and unwanted, and at worst can lead users to malware Posing as a legitimate app http://www.secuobs.com/revue/news/587502.shtmlhttp://www.secuobs.com/revue/news/587502.shtml