Archive for the ‘Google Security’ Category

Google Announces 5 Major Security Updates for Chrome Extensions

October 2nd, 2018
Google has made several new announcements for its Chrome Web Store that aims at making Chrome extensions more secure and transparent to its users. Over a couple of years, we have seen a significant rise in malicious extensions that appear to offer useful functionalities, while running hidden malicious scripts in the background without the user's knowledge. However, the best part is that

Posted in browser hacking, browser security, chrome extension, chrome extension development, Chrome security, cybersecurity, Google Chrome, Google Chrome Extension, Google Security, two-factor authentication | Comments (0)

Google Employees Help Thousands Of Open Source Projects Patch Critical ‘Mad Gadget Bug’

March 2nd, 2017

Last year Google employees took an initiative to help thousands of Open Source Projects patch a critical remote code execution vulnerability in a widely used Apache Commons Collections (ACC) library.

Dubbed Operation Rosehub, the initiative was volunteered by some 50 Google employees, who utilized 20 percent of their work time to patch over 2600 open source projects on Github, those were

Posted in Apache, Google Security, hacking news, java Vulnerability, Mad Gadget vulnerability, Open Source, ransomware attack, Vulnerability | Comments (0)

Critical Flaw in ESET Antivirus Exposes Mac Users to Remote Hacking

February 28th, 2017

What could be more exciting for hackers than exploiting a vulnerability in a widely used software without having to struggle too much?

One such easy-to-exploit, but critical vulnerability has been discovered in ESET’s antivirus software that could allow any unauthenticated attackers to remotely execute arbitrary code with root privileges on a Mac system.

The critical security flaw, tracked

Posted in antivirus, Apple Mac OS, eset antivirus, Google Security, hacking news, Mac security, remote code execution, Vulnerability | Comments (0)

Google Pixel Phone and Microsoft Edge Hacked at PwnFest 2016

November 11th, 2016

The brand new Android smartphone launched by Google just a few months back has been hacked by Chinese hackers just in less than a minute.

Yes, the Google’s latest Pixel smartphone has been hacked by a team white-hat hackers from Qihoo 360, besides at the 2016 PwnFest hacking competition in Seoul.

The Qihoo 360 team demonstrated a proof-of-concept exploit that used a zero-day vulnerability in

Posted in Android hacking, Chinese Hackers, google phone, Google Pixel phone, Google Security, hacking Google, hacking news, how to hack android, pwnfest, Vulnerability, Zero-Day Vulnerability | Comments (0)

Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

November 9th, 2016

Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability (CVE-2016-7255) that had yet to be patched.

The company criticized Google’s move, claiming that the disclosure of the vulnerability, which was being exploited in the wild, put its customers “at potential risk.”
<!– adsense –>
The vulnerability affects

Posted in Fancy Bear, Google Security, hacking news, Microsoft Security Updates, Russian hackers, Security patch Update, Vulnerability, Windows 10 security, windows update download | Comments (0)

Critical glibc Flaw Puts Linux Machines and Apps at Risk (Patch Immediately)

February 17th, 2016
glibc-linux-flaw

A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers that can take full control over them.

Just clicking on a link or connecting to a server can result in remote code execution (RCE), allowing hackers to steal credentials, spy on users, seize control of computers, and many more.
The vulnerability is similar to the last year’s GHOST vulnerability (CVE-2015-0235) that left countless machines vulnerable to remote code execution (RCE) attacks, representing a major Internet threat.
GNU C Library (glibc) is a collection of open source code that powers thousands of standalone apps and most Linux distributions, including those distributed to routers and other types of hardware.
The recent flaw, which is indexed as CVE-2015-7547, is a stack-based buffer overflow vulnerability in glibc’s DNS client-side resolver that is used to translate human-readable domain names, like google.com, into a network IP address.
The buffer overflow flaw is triggered when the getaddrinfo() library function that performs domain-name lookups is in use, allowing hackers to remotely execute malicious code.

How Does the Flaw Work?

The flaw can be exploited when an affected device or app make queries to a malicious DNS server that returns too much information to a lookup request and floods the program’s memory with code.
This code then compromises the vulnerable application or device and tries to take over the control over the whole system.
It is possible to inject the domain name into server log files, which when resolved will trigger remote code execution. An SSH (Secure Shell) client connecting to a server could also be compromised.
However, an attacker need to bypass several operating system security mechanisms – like ASLR and non-executable stack protection – in order to achieve successful RCE attack.
Alternatively, an attacker on your network could perform man-in-the-middle (MitM) attacks and tamper with DNS replies in a view to monitoring and manipulating (injecting payloads of malicious code) data flowing between a vulnerable device and the Internet.

Affected Software and Devices

All versions of glibc after 2.9 are vulnerable. Therefore, any software or application that connects to things on a network or the Internet and uses glibc is at RISK.
The widely used SSH, sudo, and curl utilities are all known to be affected by the buffer overflow bug, and security researchers warn that the list of other affected applications or code is almost too diverse and numerous to enumerate completely.
The vulnerability could extend to a nearly all the major software, including:
  • Virtually all distributions of Linux.
  • Programming languages such as the Python, PHP, and Ruby on Rails.
  • Many others that use Linux code to lookup the numerical IP address of an Internet domain.
  • Most Bitcoin software is reportedly vulnerable, too.

Who are Not Affected

The good news is users of Google’s Android mobile operating system aren’t vulnerable to this flaw. As the company uses a glibc substitute known as Bionic that is not susceptible, according to a Google representative.
Additionally, a lot of embedded Linux devices, including home routers and various gadgets, are not affected by the bug because these devices use the uclibc library as it is more lightweight than hefty glibc.
The vulnerability was first introduced in May 2008 but was reported to the glibc maintainers July 2015.
The vulnerability was discovered independently by researchers at Google and Red Hat, who found that the vulnerability has likely not been publicly attacked.
The flaw was discovered when one of the Google’s SSH apps experienced a severe error called a segmentation fault each time it attempted to contact to a particular Internet address, Google’s security team reported in a blog post published Monday.

Where glibc went Wrong

Google researchers figured out that the error was due to a buffer overflow bug inside the glibc library that made malicious code execution attacks possible. The researchers then notified glibc maintainers.
Here’s what went wrong, according to the Google engineers:

“glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated.”

“Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow.”

Proof-of-Concept Exploit Released

Google bod Fermin J. Serna released a Proof-of-Concept (POC) exploit code on Tuesday.
With this POC code, you can verify if you are affected by this critical issue, and verify any mitigations you may wish to enact.

Patch glibc Vulnerability

Google researchers, working with security researchers at Red Hat, have released a patch to fix the programming blunder.
However, it is now up to the community behind the Linux OS and manufacturers, to roll out the patch to their affected software and devices as soon as possible.
For people running servers, fixing the issue will be a simple process of downloading and installing the patch update.
But for other users, patching the problem may not be so easy. The apps compiled with a vulnerable glibc version should be recompiled with an updated version – a process that will take time as users of affected apps have to wait for updates to become available from developers.
Meanwhile, you can help prevent exploitation of the flaw, if you aren’t able to immediately patch your instance of glibc, by limiting all TCP DNS replies to 1024 bytes, and dropping UDP DNS packets larger than 512 bytes.
For more in-depth information on the glibc flaw, you can read Red Hat blog post.

Posted in DNS hijacking, glibc, GNU C Library, Google Security, hacking news, Linux hacking, Linux OS, linux security, Programming, remote code execution, Vulnerability | Comments (0)

VirusTotal now Scans Mac OS X Apps for Malware

November 19th, 2015

Do Mac Computers Get Viruses?

Yes, Of Course, they do! 

According to stats, malware for MAC OS X has appeared five times more in 2015 alone than the previous five years combined.

As malware for Macs is becoming more common, Google has decided to add support for Mac  OS X malware detection to its VirusTotal web-based service.

VirusTotal — launched in 2004 and acquired by Google in

Posted in anti malware, antivirus software, Apple Mac OS, Apple Mac OS X, Google Security, Mac malware, Malware analysis, sandbox, VirusTotal | Comments (0)

Google Records and Store Your Voice — Here’s How to Listen and Delete It

October 14th, 2015

OK, Google is Listening… and Recording too.

Google is not just listening to your searches, but the search engine is also recording and storing every single voice search you make.

Google is incredibly accurate at understanding your voice. The company secretly stores its users’ searches from its voice-activated assistant Google’s Voice Search and search feature Google Now to turn up

Posted in Google Now, Google Search Engine, Google Security, Google voice, voice data, voice recognition system, voice rerecording | Comments (0)

Google releases Security Patch for Android Stagefright 2.0 Vulnerability

October 6th, 2015

Google reportedly fixed the latest round of Stagefright vulnerabilities in Android, pushing its latest over-the-air (OTA) update to Nexus devices.

Last week, researchers warned of Stagefright 2.0 vulnerability that affected more than one Billion Android devices dating back to the latest versions of the Android operating system.

The Stagefright bugs allowed hackers to take control of

Posted in Android Vulnerability, Google Nexus, Google Security, how to hack android, Nexus device, Security patch Update, Stagefright, Stagefright vulnerability, Vulnerability | Comments (0)