Posted by Vlad Tsyrklevich, Dynamic Tools TeamMemory safety errors, like use-after-frees and out-of-bounds reads/writes, are a leading source of vulnerabilities in C/C++ applications. Despite investments in preventing and detecting these errors in Chrome, over 60% of high severity vulnerabilities in Chrome are memory safety errors. Some memory safety errors don’t lead to security vulnerabilities but […]
Posted by Dave Kleidermacher, VP, Android Security & Privacy Fighting against bad actors in the ecosystem is a top priority for Google, but we know there are others doing great work to find and protect against attacks. Our research partners in the mobile security world have built successful teams and technology, helping us in the […]
Posted by Royal Hansen, Vice President, Google and Dominic Rizzo, OpenTitan Lead, Google Cloud Security begins with secure infrastructure. To have higher confidence in the security and integrity of the infrastructure, we need to anchor our trust at the foundation – in a special-purpose chip.Today, along with our partners, we are excited to announce OpenTitan – […]
Posted by Guilherme Gonçalves, Site Reliability Engineer and Kyle O’Malley, Security Engineer IntroThis is the final post in a series of four, in which we set out to revisit various BeyondCorp topics and share lessons that were learnt along the internal implementation path at Google.The first post in this series focused on providing necessary context for […]
Posted by Sami Tolvanen, Staff Software Engineer, Android Security & Privacy Team The Linux kernel is responsible for enforcing much of Android’s security model, which is why we have put a lot of effort into hardening the Android Linux kernel against exploitation. In Android 9, we introduced support for Clang’s forward-edge Control-Flow Integrity (CFI) enforcement […]
Apple may care about your privacy but that doesn’t mean it gets it right all the time, especially when it comes to training its Siri AI assistant. ——– Free High Security Email from Sigma
The update fixes 11 mainly high-severity security flaws in Windows and GeForce graphics card drivers, including three in the program used to update them. ——– Free High Security Email from Sigma
The SIM-swap victim knew he was in trouble when he got a 3:30 a.m. message about his phone service being cut off. ——– Free High Security Email from Sigma
With more than 440,000 customers, SmarterASP.NET is said to be one of the most popular ASP.NET hosting providers. ——– Free High Security Email from Sigma
The Wall Street Journal has a story about how two people were identified as the perpetrators of a ransomware scheme. They were found because — as generally happens — they made mistakes covering their tracks. They were investigated because they had the bad luck of locking up Washington, DC’s video surveillance cameras a week before […]