Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware.

Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature.

A NewsGuard audit found that chatbots spewed misinformation from American fugitive John Mark Dougan.
#AI #Axios #ChatGPT #Google #Illustrations #License #Microsoft #Misinformation #OpenAI #Visuals #genAI #generative #or

An internal Google database obtained by 404 Media shows Google recording childrens' voices, saving license plates from Street View, and many other self-reported incidents, large and small.

On Sunday, May 5th, I received an email from a person claiming to have access to a massive leak of API documentation from inside Google’s Search division.

Discover how SMS scammers are exploiting cloud storage to host scam websites with the intention of stealing sensitive information

For World Password Day, we’re sharing updates to passkeys across our products and sharing more ways we’re keeping people safe online.

APT44 is a threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations.

Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.

Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.

Last year, we again witnessed the power of community-driven security efforts as researchers from around the world contributed to help us identify and address thousands of vulnerabilities in our products and services. Working with our dedicated bug hunter community, we awarded $10 million to our 600+ researchers based in 68 countries.

Google on Tuesday announced that it paid out a total of $10 million through its bug bounty programs in 2023, bringing the total amount awarded by the tech giant for vulnerabilities found in its products since 2010 to $59 million.

The total paid out in 2023 is less than the $12 million handed out in 2022, but it’s still a significant amount. The money was earned last year by 632 researchers from 68 countries. The highest single reward was $113,337.

Google will roll out a Safe Browsing update later this month that will provide real-time malware and phishing protection to all Chrome users, without compromising their browsing privacy.

The company launched Safe Browsing in 2005 to defend users against web phishing attacks and has since upgraded it to block malicious domains that push malware, unwanted software, and various social engineering schemes.

Security researchers created an AI worm in a test environment that can automatically spread between generative AI agents—potentially stealing data and sending spam emails along the way.

In a memo to employees sent Tuesday evening, Sundar Pichai vowed to make structural changes to address the issues found in Gemini’s racially inaccurate images.

Today, many seasoned security professionals will tell you they’ve been fighting a constant battle against cybercriminals and state-sponsored attackers. They will also tell you that any clear-eyed assessment shows that most of the patches, preventative measures and public awareness campaigns can only succeed at mitigating yesterday’s threats — not the threats waiting in the wings.

That could be changing. As the world focuses on the potential of AI — and governments and industry work on a regulatory approach to ensure AI is safe and secure — we believe that AI represents an inflection point for digital security. We’re not alone. More than 40% of people view better security as a top application for AI — and it’s a topic that will be front and center at the Munich Security Conference this weekend.

Google has confirmed a new security scheme which, it says, will help “secure, empower and advance our collective digital future” using AI. Part of this AI Cyber Defence Initiative includes open-sourcing the new, AI-powered, Magika tool that is already being used to help protect Gmail users from potentially problematic content.

The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools.

One of the hacking campaigns used exploits developed by Variston, a Barcelona-based startup. Sources say the spyware maker is losing staff.

A week into phase one of Google’s cookie killing project in Chrome, early tests show how it could hit the web’s bottom line.