Google shares “fix” for deleted Google Drive files
Google says it identified and fixed a bug causing customer files added to Google Drive after April-May 2023 to disappear. However, the fix isn't working for all affected users. [...]
Stay updated on Google's info security advances, threats, and solutions. Protect your data with the latest insights from our dedicated Google security tag.
Search across headline titles and summaries.
Background for this topic.
Google is a technology company whose ecosystem includes internet services, cloud infrastructure, mobile software, browsers, and productivity platforms. In information security, the tag commonly covers vulnerabilities and security changes across these services, as well as Google’s role as an identity and data-processing provider for organizations.
Material risks include compromised Google accounts, overly permissive cloud identities or APIs, exposed stored data, and unpatched flaws in software such as Android or Chrome. Security teams should track relevant advisories, prioritize patches based on affected assets and exposure, enforce strong authentication and least-privilege access, and review logging for suspicious account or service activity. Google’s collection and processing of user, device, and organizational data also makes privacy controls, retention settings, contractual obligations, and regulatory compliance important. Its vulnerability-disclosure and threat-intelligence work can inform defensive monitoring, but does not replace asset inventory, configuration review, or tested recovery procedures.
Google says it identified and fixed a bug causing customer files added to Google Drive after April-May 2023 to disappear. However, the fix isn't working for all affected users. [...]
A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners (Android) and Apple, routers, and USB modems. [...]
The Metomic research also suggested 34.2% of the files were shared with external contacts
Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden
Secret government requests for Android and iOS push notification data should be made public, argues Ron Wyden
Researchers Automate Tricking LLMs Into Providing Harmful InformationA small group of researchers says it has identified an automated method for jailbreaking OpenAI, Meta and Google large language models with no obvious fix. Just like the algorithms that researchers can force into giving dangerous or undesirable responses, the technique depends on machine learning.
A U.S. senator revealed today that government agencies worldwide demand mobile push notification records from Apple and Google users to spy on their customers. [...]
The fake financial app tricks users into signing up for high-interest payments, only to steal their information and blackmail them.
More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this year from Google Play but the count is much larger since they are also available on third-party stores and suspicious websites. [...]
Researchers at Lasso found 1,500+ tokens in total that gave them varying levels of access to LLM repositories at Google, Microsoft, VMware, and some 720 other organizations.
Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution (RCE) bug. [...]
With more than 1,500 tokens exposed, research highlights importance of securing supply chains in AI and ML The API tokens of tech giants Meta, Microsoft, Google, VMware, and more have been found exposed on Hugging Face, opening them up to potential supply chain attacks. …
Google has announced significant changes to its Search Ads publisher products, including AdSense for Search (AFS), AdSense for Shopping (AFSh), and Programmable Search Engine (ProSE). [...]