Google - NEWS POLITE

Google Workspace Now Lets Companies Update Apps on Employee Devices

Google Workspace now allows companies to easily manage their employee’s devices with better control. Google Workspace admins now have the ability to control Android app updates on their employee devices that are part of the managed Google Play system. Workspace Admins can now specify whether apps need to be updated right away or scheduled for later. These policies can be set up on a group level by the admins within the organisation.

“Previously, the default behaviour for app updates in managed Google Play was contingent on the device being connected to a Wi-Fi network, to be charging, and not being actively used. This behaviour is not always suited to the needs of our customers and admins need more granular control over how apps are updated,” explained Google in a blog post.

According to the company, admins can now set specific criteria for when managed play apps can update.

Admins can set “App auto-update timing” to “High priority” so updates are installed immediately “after publishing the new version and it will be reviewed by Google Play.” This download can happen when the device is on cellular power. It will also get updated when the app is being actively used by the user and if the device is offline, then the app will be immediately updated the next time the device is connected to the internet, as per the company.

The update has been already rolled out (up to 15 days for feature visibility) on April 21, 2022.

Check out our Latest News and Follow us at Facebook

Original Source

Google’s Project Zero Says 2021 Was Year With the Most Zero-Day Exploits

Google’s Project Zero is its in-house team of cybersecurity experts and analysts, who look at advanced threats, has detected a record number of exploits in 2021. In a blog post, the team, known as Project Zero, announced that these zero-day vulnerabilities and exploits had reached a record-breaking number of 58. Project Zero was formed in 2014. In 2015, the team detected 28 exploits, which were reduced to 25 in the year 2020. A growing number of cyber-attacks and the popularity of cryptocurrency can be the reasons behind this spike. But according to Google, the spike detected, this time, is due to improvements in detecting and reporting zero-day occurrences.

In a blog post, the Project Zero team stated that most of the zero-day exploit uses were “similar to previous publicly known vulnerabilities.” Only two events stood out for their “technological sophistication.” So, the increased number doesn’t suggest a more dangerous situation than the previous year when it comes to zero-day vulnerabilities.

If you are wondering what exactly is a zero-day vulnerability, here’s the answer. A zero-day vulnerability stands for security flaws that developers have just got to know about. As a result, they don’t have any day to fix the flaw. Undetected zero-day vulnerabilities may result in data breaches and ransomware attacks.

While Google’s Project Zero focuses on better detection methods, it does not overlook the need to minimise the risk of zero-day vulnerabilities. Online security still remains a major concern for individual users as well as businesses.

To keep yourself protected against malware and ransomware, it’s always a good idea to keep the software updated. Software updates regularly fix the flaws that can cause some data breaches. Using a good antivirus and VPN is the next step to keeping your online activity safe and secure.

Project Zero is striving to “make 0-day hard.” However, the team faces a challenge. The blog post added, “Unfortunately, attackers who actively use 0-day exploits do not share the 0-days they’re using or what percentage of 0-days we’re missing in our tracking, so we’ll never know exactly what proportion of 0-days are currently being found and disclosed publicly.”

Project Zero has also shared the spreadsheet where it has been tracking zero-day exploits since 2014.

Check out our Latest News and Follow us at Facebook

Original Source

Secretly Harvesting Personal Data Apps Removed From Google Play Store

Google has reportedly eliminated a number of apps from its Play store after the company found that these apps have been gathering users’ personal data including location, phone numbers, and e-mail. Google mentioned that it regularly “takes appropriate action” against apps that do not comply with its policies. Recently, Google eliminated six apps infected with the Sharkbot bank stealer malware from Google Play. The apps, posing as antivirus solutions, were downloaded 15,000 times before they have been ejected from the store.

As per a report by BBC, the latest batch of over a dozen apps ousted from the Google Play store included a QR code scanner, a weather app, and a prayer app. These apps allegedly contained malicious code which harvested people’s data, the report mentioned, adding that some of the apps had been downloaded more than 10 million times. “All apps on Google Play must comply with our policies, regardless of developer. When we determine an app violates these policies, we take appropriate action,” BBC cited a Google spokesperson as saying.

As per Google’s Developer Content Policy, apps that are deceptive, malicious, or intended to abuse or misuse any network, device, or personal data are strictly prohibited from the Google Play store. App developers have also been warned that they needed to be clear with users about the information they share.

The news follows a development where Google removed six apps from the Play store. These apps were designed to be posed as antivirus solutions for Android smartphones. The apps were infected with the Sharkbot bank stealer malware, and were downloaded 15,000 times. The apps targeted the phones used a geofencing feature to steal the login credentials of users in Italy and the United Kingdom.

Earlier this year, a security firm discovered an app which was stealing financial information of users on Android smartphones. The app was posing as an open-source application that offers the same functionality. It was infected with a nefarious banking trojan, and was downloaded over 10,000 times before it was removed from the Google Play store.

Google Self-Repair Programme Launched for Pixel Smartphones

Google has launched a self-repair programme that will allow Pixel owners to repair their phones themselves. Google said that it has collaborated with iFixit, an online repair community, for its Genuine Pixel Parts Program. It will provide step-by-step phone repair guides as well as genuine Pixel smartphone spare parts. The parts will be available for purchase at ifixit.com for Pixel 2 through Pixel 6 Pro, as well as future Pixel models, in the US, UK, Canada, Australia, and EU countries starting later this year.

As per a blog post by Google, the full range of spare parts for common Pixel phone repairs including batteries, replacement displays, cameras, among others will be available either individually or in iFixit Fix Kits. These kits will include tools like screwdriver bits and spudgers. Google already offers repairs by authorised technical experts in countries where Pixel phones are available.

Meanwhile, iFixit says that the full set of tools in our Pixel repair kits will include iOpener, replacement pre-cut adhesive, iFixit opening picks (set of six), iFixit opening tool, suction handle, angled tweezers, precision bit driver with integrated SIM eject tool, and 4mm precision bits appropriate for the specific Pixel phone. It also says that the step-by-step Google Pixel phone repair guides are live for every Pixel through the Pixel 5, and they are currently writing guides for the Pixel 5a, Pixel 6, and Pixel 6 Pro.

Google has already partnered with companies like Acer and Lenovo for the Chromebook repair programme, “helping schools find information about repairable Chromebooks and develop in-house repair programmes.” The technology giant has also introduced Chrome OS Flex allowing education and enterprise users repurpose old Mac or Windows machines to run a version of Chrome OS alongside their Chromebooks.

Original Source

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.