By Byron V. Acohido We’ve seen this movie before. Alphabet, Google’s parent company’s, $32 billion bid for Wiz isn’t just about security and privacy. It’s the latest round in Big Tech’s long-running game of business leapfrog—where each giant keeps lunging into the next guy’s home turf, trying to reshape the battlefield in its favor. Think … Read more
As podcaster Ryan Zhao put it on Bluesky, “The design process has gone wrong when what you need to prototype is ‘what if there was a space.’” Gotta go fast When Google revealed the first version of Genie earlier this year, it also released a detailed research paper outlining the specific steps taken behind the … Read more
Google’s OSS-Fuzz tool, now enhanced with AI capabilities, has discovered 26 new vulnerabilities in open-source projects, including a long-overlooked flaw in the vital OpenSSL library. OSS-Fuzz is a Google-developed fuzzing system that the company has been using to continuously test hundreds of open-source projects since 2016. In August 2023, Google first announced it was working … Read more
Nov 15, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. “By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to … Read more
Singapore, Oct. 3, 2024, CyberNewswire — At DEF CON 32, the SquareX research team delivered a hard-hitting presentation titled Sneaky Extensions: The MV3 Escape Artists where they shared their findings on how malicious browser extensions are bypassing Google’s latest standard for building chrome extensions: Manifest V3 (MV3)’s security features, putting millions of users and businesses … Read more
