Google teases a new modern look for sign-in pages, including Gmail
Google is on the brink of refreshing its sign-in pages, including Gmail, with a sleek, modern makeover. [...]
Stay updated on Google's info security advances, threats, and solutions. Protect your data with the latest insights from our dedicated Google security tag.
Search across headline titles and summaries.
Background for this topic.
Google is a technology company whose ecosystem includes internet services, cloud infrastructure, mobile software, browsers, and productivity platforms. In information security, the tag commonly covers vulnerabilities and security changes across these services, as well as Google’s role as an identity and data-processing provider for organizations.
Material risks include compromised Google accounts, overly permissive cloud identities or APIs, exposed stored data, and unpatched flaws in software such as Android or Chrome. Security teams should track relevant advisories, prioritize patches based on affected assets and exposure, enforce strong authentication and least-privilege access, and review logging for suspicious account or service activity. Google’s collection and processing of user, device, and organizational data also makes privacy controls, retention settings, contractual obligations, and regulatory compliance important. Its vulnerability-disclosure and threat-intelligence work can inform defensive monitoring, but does not replace asset inventory, configuration review, or tested recovery procedures.
Google is on the brink of refreshing its sign-in pages, including Gmail, with a sleek, modern makeover. [...]
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data
Security is a process, not a product. Nor a language Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they're not necessarily associated with the majority of vulnerabilities that actually get exploited.…
OnDemand | The Tools & Technology You Need to Meet Google/Yahoo Email Authentication RequirementsOur email authentication experts will be on hand to provide their insight and a demonstration of how exactly Proofpoint Email Fraud Defense can help identify and close requirement gaps.
Plaintiffs Alleged Google Sought to Cover Up API Flaw That Exposed Private DataSilicon Valley giant Google agreed to settle for $350 million a shareholder lawsuit alleging it mislead investors by attempting to cover up a privacy flaw in now-defunct social network Google+ that resulted in outside applications having access to private profile information.
The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools. [...]
Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions. [...]
The initiative aim to tackle mobile fraud by auto-blocking apps seeking sensitive permissions
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses
Commercial spyware vendors (CSV) were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group (TAG) discovered in 2023 and used to spy on devices worldwide. [...]
Private spyware vendors were behind nearly half of all zero-day exploits in Google products since 2014.
Chocolate Factory matches Microsoft money for memory safety Google on Monday donated $1 million to the Rust Foundation specifically to improve interoperability between the language and C++.…
What is on HHS paper will most likely become law, Google security boss says Interview If you are responsible for infosec at a US hospital or other healthcare organization, and you treat the government's new "voluntary" cybersecurity performance goals (CPGs) as, well, voluntary, you're ignoring the writing on the wall. …
The fuzzing framework uses AI to boost code coverage and to speed up vulnerability discovery.
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy