close

Google

Google

Google Finally Removes 8 Android Apps Spreading the Joker Spyware

download – 2022-07-21T131334.656

Android Security Flickr Reuse

While Android can lack security, Google works hard to ensure the platform is safe for users. Google often points out that compromised security on Android is because of OEMs changing the OS for their own devices. Maybe, but Android also faces security risks from apps because of the open nature of the platform.

Google often cleans house to ensure nefarious apps stay off the Google Play Store. Even so, some apps slip through the net and cause damage. For example, eight apps that Google has now removed, but not before were already downloaded a total of 3 million times.

According to security researcher Maxime Ingrao of cybersecurity firm Evina, a new variant of the Joker spyware was spread through the eight offending apps. Known as Autolycus, the malware will automatically subscribe users to a spyware service as well as gain access to their SMS messages.

By automatically signing users up for a premium service, people can be paying for something without knowing about it. Known as fleece, this type of attack is dangerous for customers who integrate their payments on Android.

Offending Apps

According to Ingrao, the 8 apps use the Joker variant Autolycus and have already been downloaded millions of times since arriving on the Google Play Store in June 2021. Yes, the apps have been up for over a year.

The eight apps in which Ingrao found Autolycus are:

  • Vlog Star Video Editor (com.vlog.star.video.editor) – 1 million downloads
  • Creative 3D Launcher (app.launcher.creative3d) – 1 million downloads
  • Wow Beauty Camera (com.wow beauty.camera) – 100,000 downloads
  • Gif Emoji Keyboard (com.gif.emoji.keyboard) – 100,000 downloads
  • Freeflow Camera 1.0.0 (com.glow.camera.open) – 5,000 downloads
  • Coco Camera v1.1 (com.too more.cool.camera) –  1,000 downloads
  • Funny Camera by KellyTech –  500,000 downloads
  • Razer Keyboard & Theme by rxcheldiolola – 50,000 downloads.

It is worth noting that Ingrao found these apps back in July 2021 and promptly told Google. However, the company took six months to remove six of them, with the last two getting taken down on July 13, 2022.

Tip of the day: Tired of Windows´s default notification and other system sounds? In our tutorial, we show you how to change windows sounds or turn off system sounds entirely.

Source  Winbuzzer

read more
Google

Google Readies AR Headset Testing Program

download – 2022-07-21T125527.293

Google-AR-Headset-Prototype

Google is ready to publicly test its augmented reality (AR) headset, which has been in development for some time. Prototypes of the headset will be available for small-scale tests starting next month.

In terms of hardware, Google is ultra-cautious around product releases. The company is aware that it is not seen as a hardware company. Moreover, previous forays into cutting-edge technology – specifically with Google Glass – have been hit by trouble.

With the Google Glass smart glasses, the product was seen as a glimpse into the future. However, there were growing concerns it could also glimpse into much more. People became worried that the glasses could be used to take photos and videos of people without consent. Google ultimately pulled the product and never gave it a wide release.

While the AR headset may not carry those same concerns, it will also have cameras, microphones, and an in-lens display. The core difference is users will not be able to take photos of videos.

Different Approach

Addressing concerns about image data, Google says the following:

“After the experience is completed, the image data is deleted, except if the image data will be used for analysis and debugging. In that case, the image data is first scrubbed for sensitive content, including faces and license plates.”

It is unclear what Google’s AR headset will look like. However, considering the history with Glass and the press images (albeit not the actual product) the company is using, it seems Google is making its headset as close to real glasses.

In a world of bulky AR and VR headsets like Microsoft’s HoloLens 2 or the Oculus Rift, a sleek design will help Google’s product stand out from the crowd.

Tip of the day: File History is a Windows backup feature that saves each version of files in the Documents, Pictures, Videos, Desktop, and Offline OneDrive folders. Though its name implies a primary focus on version control, you can actually use it as a fully-fledged backup tool for your important documents.

Source  Winbuzzer

read more
Google

Google Meet and Google Duo Become One Product

maxresdefault

Google’s lineup of communication apps is confusing and not as clear as options from Facebook, Microsoft, or Zoom. There is Google Hangouts, Google Meet, and Google Duo… all three provide video communication. While Google is rumored to be killing off Hangouts soon, the company is now merging Google Meet and Google Duo into a single product.

It makes loads of sense to combine these two services into a single app. Even so, the actual integration needs some explaining. Google says Meet features will become available in Duo, but then nearer the end of the year, the Duo app will be rebranded as Google Meet.

Why not the other way around if it is going to be called Google Meet? That’s unclear, but it is probably because it is easier to migrate Meet features to Duo and rebrand the app than migrate Duo features into Meet.

Either way, the result will be a single video communication application known as Google Meet.

Features

According to Google, the new app will be free and the migration will be complete by the end of this month. The following features will be available in Google Duo until it becomes Google Meet later in the year:

  • “Schedule meetings so everyone can join at a time that’s convenient for them
  • In-meeting chat for deeper engagement
  • Live share content to enable interaction with all participants on the call
  • Get real-time closed captions to better support accessibility and boost participation Increase the size of video calls from a current limit of 32 to 100 participants
  • Integrate with other tools, including Gmail, Google Calendar, Assistant, Messages, and more”

The new Meet application will be available across platforms, while also running on the web. As well as being a free app, it will also be baked into the Google Workspace subscription service.

Tip of the day: Tired of Windows´s default notification and other system sounds? In our tutorial, we show you how to change windows sounds or turn off system sounds entirely.

Source  Winbuzzer

read more
Google

Google Maps Gets an AI-Driven “Immersive Mode”

download – 2022-05-05T110315.957

Google-Maps-Immersive-Mode-London-Skyline

Google Maps is the most widely used commercial mapping technology in the world. Whether you want to find a restaurant, directions to the restaurant, or see a street view of the area around the restaurant, Google Maps is likely your go-to option. Google now wants Apps to do even more and is debuting a new “Immersive Mode”.

As you might expect, Google is constantly looking for ways to boost the abilities of Maps and frequently expands the feature set. At its Google I/O developer conference (which is currently happening), the company explains how it uses AI to boost the capabilities of Maps.

Immersive Mode is the latest AI-powered development, an attempt to give users even more navigation options in Street View and traditional maps.

Google says the new feature provides a more in-depth view of the world, an immersive view that puts users at the heart of a landmark, street, or other areas of interest.

Details

For tourists and travelers, discovering attractions will become more dynamic and they will look more realistic on Google Maps. The company suggests it will be like actually being at the location:

“Say you’re planning a trip to London and want to figure out the best sights to see and places to eat. With a quick search, you can virtually soar over Westminster to see the neighborhood and stunning architecture of places, like Big Ben, up close. With Google Maps’ helpful information layered on top, you can use the time slider to check out what the area looks like at different times of day and in various weather conditions, and see where the busy spots are.”

The new Immersive Mode works on Google Maps across platforms. However, it will debut soon in select markets like London, New York, Tokyo, Los Angeles, and San Francisco. Google says it will expand to other cities in the future.

Tip of the day: With many reachable wireless access points popping up and disappearing again, the available networks list can become quite annoying. If needed you can use the allowed and blocked filter list of Windows to block certain WiFi networks or all unknown WiFi networks.

Source  Winbuzzer

read more
Google

Google Will Now Remove User Contact Details on Request

download – 2022-05-05T110315.957

Google is no stranger to controversy over the data it takes from its users. The unwritten contract for using the company’s various excellent services is Google can use your info to provide to advertisers. As for Google Search, user information appears in searches from social media, ecommerce, and other sites.

Not many users know they can ask Google to remove some data about themselves. This week, Google is expanding the data you can request to be removed. Specifically, the company says users can now ask for their contact info (email address, physical address, and phone number) to be removed.

This follows the ability to remove images from a search for under 18s. Google has been allowing users to request the removal of bank accounts, credit card, and other sensitive information for years. By expanding to more personal data, the company is giving users more control.

In a blog post, Google’s Michelle Chang says the new policy protects users against identity theft.

“When we receive removal requests, we will evaluate all content on the web page to ensure that we’re not limiting the availability of other information that is broadly useful, for instance in news articles,” Chang wrote. “We’ll also evaluate if the content appears as part of the public record on the sites of government or official sources. In such cases, we won’t make removals.”

Details

There are two things to note about this system. Firstly, Google has no obligation to remove content upon request. Instead, the company assesses the individual situation before deciding. Secondly, the removal only works on Search. Sites that host the data will still be active and information visible to visitors.

Tip of the day: Is your system drive constantly full and you need to free up space regularly? Try Windows Disk Cleanup in extended mode which goes far beyond the standard procedure. Our tutorial also shows you how to create a desktop shortcut to run this advanced method right from the desktop.

Source  Winbuzzer
read more
Google

Google Backs OpenSSF Package Analysis Project with Malicious Open Source Package Detection

download – 2022-04-29T153243.970

Security Icon Microsoft

Google has a rich history with open source software… such as the company’s Android mobile platform. However, there are inherent security risks in open source. In fact, Android is a good example of software that is available to everyone that can be manipulated by threat actors. To help fight this issue with open source software, Google is supporting the Open Source Security Foundation’s (OpenSSF) Package Analysis Project.

The company says it will help OpenSSF to scale the Package Analysis Project, which brings the ability to scan open source packages. Google will allow results from analysis to be stored in its BigQuery fully managed serverless data warehouse.

With this support, users will get an alert if malicious open source software is uploaded to a repository. Google points out that the method will also provide more information on security through the software supply chain.

Google has analysed 200 malicious packages that were uploaded on PyPI and NPM. You can see the results here, but Google expands on the details in a blog post:

“PyPI: discordcmd

This Python package will attack the desktop client for Discord on Windows. It was found by spotting the unusual requests to raw.githubusercontent.com, Discord API, and ipinfo.io.

NPM: @roku-web-core/ajax

During install, this NPM package exfiltrates details of the machine it is running on and then opens a reverse shell, allowing the remote execution of commands.”

Ongoing Risk

Google suggests most malicious packages are from security researchers because of the lack of sophistication. In other words, researchers are investigating malicious packages instead of perpetuating them.

Still, the company points out there must be improvements in methods for vetting packages that land on repositories. Google calls for an open standard for reporting and centralizing test results. Of course, that is exactly what the OpenSSF Package Analysis Project aims to deliver.

Tip of the day: Do you sometimes face issues with Windows search where it doesn’t find files or return results? Check our tutorial to see how to fix Windows search via various methods.

Source  Winbuzzer

read more
Google

Google Cloud Security Survey Takes Aim at Microsoft Azure

f5d6833d8d15ec46e69d46626bda9006

Google Cloud has published the results of a new survey and one of the big takeaways is the company pointing directly at Microsoft Azure over the security of its government cloud services. In other words, Google is making a direct play for Microsoft’s cloud customers by suggesting Azure does not keep them secure.

My theory on the cloud market is that it is a unique tech realm. Amazon Web Services (AWS) is the runaway market number one. Microsoft Azure is the runaway market number two. Google Cloud is the runaway market number three. Then there are other companies like IBM and even smaller who are below but also thriving.

There is enough cloud business to go around, but that does not stop tech giants from seeking growth. One way to achieve ongoing customer expansion is to appeal to those using a rival platform. Microsoft has done it to Amazon, and now Google Cloud is doing it to Microsoft.

Google’s survey essentially boils down to one core argument: Microsoft is a vital component in the ongoing cybersecurity issue. More specifically, Google argues that Microsoft contributes to the issue rather than being the solution.

Microsoft to Blame?

This line is hardly new. Despite Microsoft’s extensive efforts in security, many argue the company is part of the problem in the first place. However, Google is going one step further with outspoken criticism of security across Microsoft Azure and other platforms.

In a blog post accompanying the survey, Jeanette Manfra, senior director for global risk and compliance, leads with the headline “Government workers say Microsoft tech makes them less secure: new survey.”

Getting the hits in early but from there it just escalates, with Google not being at all subtle in the slightest. According to the survey, 60% of participating government employs think that “the federal government’s reliance on products and services from Microsoft makes it more vulnerable to hacking or a cyberattack.”

Public Opinion Strategies did the survey for Google, covering 338 workers in federal, state, or local government positions in the U.S. Manfra says the findings show “it’s clear that there’s an overreliance on legacy solutions [in government], despite a track record of cybersecurity vulnerabilities and poor user perception.”

Microsoft Responds

As you might expect, Microsoft is not taking this broadside attack lying down. Frank Shaw, corporate vice president for communications says the survey is “disappointing but not surprising.”

“It is also unhelpful to create divisions in the security community at a time when we should all be working together on heightened alert,” Shaw says in a statement. “We will continue to collaborate across the industry to jointly defend our customers and government agencies, and we will continue to support the U.S. government with our best software and security services.”

Tip of the day: Did you know that you can assign keyboard shortcuts for starting applications quickly in Windows 11 and Windows 10? This is a great way to have your most used programs always at your fingertips. In our tutorials we show you how to set those hotkeys for your favorite apps.

Source Winbuzzer

read more
Google

Google Pauses All App Billing in Russia, Stopping App Transactions

Google-Play-Store-WinBuzzer-Own

Google-Play-Store-WinBuzzer-Own

Russia’s invasion of Ukraine has made Vladimir Putin’s regime and Russia in general a global outcast. Cast out of sporting events and almost entirely politically and economically cancelled, tech companies are also rallying to condemn the Ukraine invasion. In the latest move, Google says it is halting all Google Play billing in Russia.

Over the last two weeks we have seen companies like Microsoft, Apple, and Google stop sales in the country. Other brands like Mastercard, Visa, and PayPal, have also left. Facebook has been banned in Russia, while mega-brands like McDonald’s and Coca-Cola have also cut ties.

Google is now going a step further and officially “pausing” all billing on Google Play, its official app and media store. The company sent an email to developers today saying all billing methods on the store will close in Russia.

This means Russians will no longer be able to install paid apps, make in-app purchases, or use any subscription apps. Essentially, people in Russia are now shut off from many major apps. Those that are free can still be downloaded.

Details

In fact, Google says any paid app that is critical or has important information should be made free in Russia. Whether developers take the company’s advice or not remains to be seen. While digital transactions are closing, Google says current subscriptions will be honored up to the end of the current billion period.

It is worth pointing out developers are still able to offer their apps in Russia. Updating and publishing remains possible, but with no billing mechanism many apps may be useless. “Pausing” is an important word here and Google says the situation is evolving and that billing could return in the future.

To keep up-to-date, head to the Google article here.

Tip of the day: Having problems with pop-ups and unwanted programs in Windows? Try the hidden adware blocker of Windows Defender. We show you how to turn it on in just a few steps.

Source Winbuzzer

read more
Google

US PIRG: Microsoft, Google, and Apple Devices All Score Poorly for Repairability

Surface-Range-Microsoft-696×385

Devices from companies like Apple, Microsoft, and Google have an infamy for being hard to repair. There is a long line of evidence that supports this, so it is hardly a surprise to see hardware form those companies score low on repairability again. A new report from the US Public Research Interest Group (US PIRG) Education Fund points to brands like Dell and Asus for better repairability.

The report uses data from the brands, which was given to the French government’s “repairability index” law. This is a first of its kind law that forces tech companies to highlight the repairability of their hardware.

Manufacturers of smartphones and laptops to rate each other’s products on how easy they are to repair. In other words, the companies are scoring devices from their rivals. US PIRG teamed with iFixit to take the French repair scores and building on the system across 10 US brands and 187 smartphones and laptops.

US PIRG took the French scores and expanded the system by penalizing companies that are combatting legislation to encourage independent repair. If you’re unfamiliar with US PIRG, it runs a campaign to encourage companies to use right-to-repair services on their devices. By taking the French score and adding its own penalties, the org has created a new list highlighting the fixability of devices and how companies are preventing consumers from fixing them.

“If a company actively lobbies, or is part of a coalition lobbying effort, to prevent access to parts, service information and repair tools, that indicates a hostile attitude toward repair choice,” report author Nathan Proctor, who leads US PIRG’s right-to-repair campaign, told The Verge. “If you want to ensure your product is fixable now and into the future, you should consider the manufacturer’s approach to the repair ecosystem.”

Hybrid Score

The French repairability index gives companies a score out of 10 based on availability of repair manuals, ease of disassembly, available spare parts, price of spare parts, and a category specific to the device. US PIRG creates its score by averaging the French indexes for all products by a company looking at ease of disassembly. Then a point is taken off if the company has actively lobbied against the right to repair.

Apple was bottom of the pile, which is no surprise to anyone who has even attempted to show an iPhone a screwdriver. Looking at 20 iPhones and MacBook devices, the company scores an average of 3.16/10 (MacBooks) and 2.75/10 (iPhones). Microsoft Surface is not much better, averaging 4.6/10 over nine recent Surface devices. Finally, Google’s Pixel hardware high 4.64/10.

As for rivals, Dell and Asus were the pick of the bunch. Looking at 36 Dell and 22 Asus laptops, US PIRG gave a score of 7.18/10 and 7.61/10, respectively.

Tip of the day: If your PC keeps connecting to the wrong WiFi network, you can set WiFi priority to avoid the need to manually select access points over and over again.

Source Winbuzzer

read more
Google

Google Snaps up Mandiant in $5.4 Billion Deal to Boost Cloud Security Output

Mandiant-HomePAGE-Image

Mandiant-HomePAGE-Image

Just yesterday morning, rumors were swirling that Google was competing with Microsoft to acquire security firm Mandiant. It was thought both companies were in talks to close a deal. Well, it seems Google’s talks were more advanced than though. The company last night confirmed its is purchasing Mandiant in a $5.4 billion acquisition.

It is unclear whether yesterday was meant to be the announcement date, or whether the speculation meant Google decided to simply confirm the purchase. Either way, Google will now take control of Mandiant. One question is if the Google beat Microsoft to the deal or whether Microsoft pulled out earlier for other reasons.

Reports were pointing to the companies having different goals in negotiations. Google was actively pursuing integrating Mandiant into its cloud products. While Microsoft would do the same, there was speculation Redmond’s interest was more about taking Mandiant out of SentinelOne. The security firm integrates with SentinelOne, which is a direct rival to Microsoft Defender.

Final Deal

Could Google’s more noble reasons for acquiring the firm has played a part in closing the deal? Microsoft was thought to be an advanced talks to buy Mandiant in early February. It is unclear if the company walked away completely before Google came into view, or whether the two directly competed.

Either way, it is Google that will have the benefits of Mandiant, and will pay $5.4 billion for the right.

Mandiant became famous for discovering the SolarWinds exploits that targeted the Orion app with the Solarigate attack. SolarWinds related attacks have infected 18,000 organizations, including government agencies. It was one of the largest security issues in history.

Tip of the day: If your PC keeps connecting to the wrong WiFi network, you can set WiFi priority to avoid the need to manually select access points over and over again.

Source Winbuzzzer

read more
1 2 3
Page 1 of 3