Category: Google

Computer-MouseAll you have to do is check Google’s online security settings on or before February 17 to get another 2GB storage in your Google Drive, if they review their online security settings before Feb. 17. If you missed the deadline, do not worry because it will be automatically granted to you on the 28th.

Google Drive launched this promoin celebration of the Safer Internet Day with the theme “Let’s create a better Internet together.” This is also Google’s token of appreciation to all its avid users who have been supporting the product since its inception. Hurry! Have your online storage checked up today.

Source: GMA Network

 

10-11-2012-12-59-05-AMIn the purpose of combatting online security breach, Google launched ‘Project Zero’, an initiative based on the company’s current security protocols. The main objective of Project Zero is to fight online users who are exploiting bugs and malware to hack computers, get pertinent information, spy on conversations and penetrate communications. Chris Evans, a Google researcher, wrote that Project Zero is an innovative venture which will not be exclusive to Google products alone. Evans confirmed that the project does not hold bounds and aims to work and improve security of any software. With this step, IT security experts look forward to a spy-free cyberspace.

Source: EWeek

10-11-2012-12-59-05-AM“We’ve slashed account hijackings by 99.7%” – Google

Google appears to be making strides in the war against account hijacking. The ads, search and webmail giant recently announced that it had reduced takeovers by 99.7 per cent since introducing tighter security procedures.

Improved spam filtering meant spammers switched to more aggressive account takeover tactics over the last two or three years or so. This meant 419ers and others tried to hijack email accounts before sending fraudulent messages to potential marks, usually the friends and contacts of an account hijacking victim. Using auto-generated newbie accounts no longer works because messages from these accounts were routinely blocked.

Email account hijacks often follow either phishing campaigns or database leaks from insecure websites. Because many people make the mistake of re-using the same password across different accounts, stolen passwords from one site are often valid across many others.

Source: The Register

 

Pakistan’s web users were left high and dry over the weekend after nearly 300 high profile sites including Google.com.pk, Microsoft.pk, Apple.pk and Yahoo.pk were hacked and defaced by what appears to be a mixture of Pakistani and Turkish attackers.

Many local versions of big name sites including Apple, Microsoft and PayPal have been taken offline as a result and were still unavailable to local viewers at the time of writing.

Conflicting reports have emerged about the motivation behind theattacks, which downed over 280 sites on Saturday morning, according to the Express Tribune.

Source: The Register

Google Plus Online Security

Google has acquired VirusTotal, a free service that analyzes suspicious files and URLs, and facilitates the detection of malware, worms, viruses and trojans.

VirusTotal says, there are two key elements of the acquisition: 1) great news for (customers), 2) bad news for malware generators.

The article goes on to say VirusTotal “could significantly shore up the search giant’s ability to weed out infectious content from Gmail, social network Google+ and the pages it shows search users.”

Google is a longtime VirusTotal partner. VirusTotal will continue to operate independently, maintaining partnerships with other antivirus companies and security experts.

Source: Google News

Google security officials said they are in the process of verifying the vulnerability, which if valid, will net Pinkie Pie $60,000, the top reward for the second Pwnium competition held this year. The reward goes to someone who creates a full Chrome exploit using bugs only in Chrome itself.

Google has allotted a total of $2 million in reward money for the second round of Pwnium, the first of which was held in March at the CanSecWest security conference in Vancouver, British Columbia.

Pinkie Pie is well known for his skills. He secured $60,000 in the first Pwnium competition for stringing together six vulnerabilities in order to break out of Chrome’s sandbox, which is a software boundary designed to quarantine malicious behavior within a browser and not allow it to reach the rest of the computer’s software.

Pinkie Pie is apparently not at Hack in the Box this week. Instead, a colleague submitted his entry, which was hosted on Google’s infrastructure. Google quickly moves to patch problems found with its browser via an auto-update mechanism.

Google is offering such rich rewards for finding vulnerabilities because it has become harder to exploit the browser. It also takes more time to find those vulnerabilities, so Google has allowed security gurus to work on their exploits for two months.

Source: PCWorld

Three months after it first began warning users of state-sponsored cyber attacks, Google is saying that the assault has only intensified.

The New York Times reports that since it began warning users of state-sponsored attacks, “it has picked up thousands more instances of cyberattacks than it anticipated.” Many of the attacks appear to be originating in the Middle East.

 Starting on Tuesday, the company began inserting a message at the top of affected users’ Gmail inboxes: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.

The attacks affect tens of thousands of users, Google information security manager Mike Wiacek told the Times. Many have described seeing the Gmail warning in Twitter posts.

What should you do if you see the message? Changing your password might be a good start. And if you haven’t enabled two-factor authentication on your Google account, it’s worth considering.

Source: CNET News

BitDefender said in a blog that a new scam is targeting Facebook and Gmail.

The fresh scam asks unwary users to “link” their credit card information with either Facebook or Google and transform these accounts into digital wallets.

A new variant of the notorious Zeus malware can manipulate the way the bank reports account balances so victims are unaware that money has been moved out of the account, Bitdefender added.

Whenever the users try to bring up Facebook or Gmail from infected PCs, they are presented with the genuine service login page, but, in the background, Zeus injects its code in the login form to also request credit card information.

The attack is totally convincing as the browser shows the URL of the real login service. It also offers a good explanation as to why the user is asked to enter credit card info:

Facebook users are told they can directly buy Facebook credits after they link the credit-card to the account, while Gmail users are told they can use Gmail as a “digital wallet” and pay by simply entering their e-mail address.

Source: SoftwareCasa