Last month, Google began a test pilot of its Federated Learning of Cohorts—or FLoC—program, which the company has advertised as the newest, privacy-preserving alternative in Google Chrome to the infamous third-party cookie. Sounds promising, right? Well, about that. Despite Google’s rhetoric about maintaining user privacy, its FLoC trial leaves much to be desired. Google Chrome users had no … [Read more...]
April 9, 2021
April 6, 2021
Research claims Google Pixel phones share 20 times more data than iPhones
If you’re an Android phone user, now might be a good time to invest in a good pair of ear plugs. Fans of iPhones aren’t known for being shy when it comes to telling Android users that Apple products are superior, and things may be about to get worse, thanks to a new research paper (pdf). Researchers of the School of Computer Science and Statistics at Trinity College Dublin, Ireland … [Read more...]
March 6, 2021
March 4, 2021
Update now! Chrome fix patches in-the-wild zero-day
The Microsoft Browser Vulnerability Research team has found and reported a vulnerability in the audio component of Google Chrome. Google has fixed this high-severity vulnerability (CVE-2021-21166) in its Chrome browser and is warning Chrome users that an exploit exists in the wild for the vulnerability. It is not the first time that Chrome’s audio component was targeted by an exploit. No … [Read more...]
February 11, 2021
What Google learned from 1 billion evil email scams
Google and researchers at Stanford University have released an in-depth study analysing 5 months of phishing / malware mails sent globally. “Who is targeted by email-based phishing and malware? Measuring factors that differentiate risk” looked at more than a billion mails. The results were then fed into a presentation at the Internet Measurement Conference. After digging in to … [Read more...]
January 27, 2021
November 12, 2020
Hat trick for Google as it patches two more zero-days in Chrome
Slightly over a week ago we advised you to update your Chrome browser. That warning came only a week or so after we advised you to update your Chrome browser. Things are getting a bit repetitive round here. Today, we are compelled to repeat that statement as Google has issued patches for two new zero-day vulnerabilities. Someone tipped Google off about them, although the source(s) wish to … [Read more...]
October 19, 2020
A week in security (September 12 – September 18)
Last week on Malwarebytes Labs, we looked at journalism’s role in cybersecurity on our Lock and Code podcast, gave tips for safer shopping on Amazon Prime day, and discussed an APT attack springing into life as Academia returned to the real and virtual campus environment. We also dug into potential FIFA 21 scams, the return of QR code scams, Covid fatigue, and the absence of Deepfakes from … [Read more...]
July 14, 2020
Stalkerware advertising ban by Google a welcome, if incomplete, step
On Friday, July 10, Google announced it would no longer allow advertising for spyware and similar surveillance technology—often referred to as “stalkerware”—on its platform. The change is a welcome step by one of the largest, most powerful companies in online advertising, but a close read of the policy reveals a potential loophole that could allow stalkerware-type app makers to still advertise … [Read more...]
June 29, 2020
A week in security (June 22 – 28)
Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and we learned how to cough in the face of scammers, offering security tips for the 2020 tax season. We also looked at a web skimmer hiding within EXIF metadata that was exfiltrating credit cards via image files. In the most recent episode of our podcast Lock and … [Read more...]
