project zero Stories April 15

The Project Zero team today announced an updated vulnerability disclosure policy for 2021. It follows changes made last year to better address perennial concerns from the broader security community.

expand full story

project zero Stories July 22, 2020

Apple today launched a Security Research Device Program to help third parties find iPhone and iPad vulnerabilities. Google’s Project Zero team says its won’t be able to use the modified iOS devices because the program imposes restrictions that prevent 90-day disclosures.

expand full story

project zero Stories May 8, 2020

Samsung patches security vulnerability impacting all Galaxy phones sold since 2014

Android gets a lot of flak for security, but most of the time errors can be traced back to changes that were made to the open-source platform. This week, a security vulnerability in every Android phone Samsung has sold since 2014 was patched after being exposed by Google’s Project Zero.

project zero Stories February 14, 2020

Being the biggest Android OEM, Samsung and Google are generally close partners. Google’s Project Zero, though, is tasked with finding bugs and security exploits. This week, Google is calling out Samsung for an issue on the Galaxy A50, specifically mentioning Samsung’s “unnecessary changes” to Android’s core kernel.

expand full story

project zero Stories January 7, 2020

Project Zero is widely regarded for finding major vulnerabilities, but criticized by industry peers for their relatively fast disclosure times. For 2020, the security team is trialing a new policy where a full 90 days will be given before disclosing issues.

expand full story

project zero Stories September 6, 2019

Google stands by iOS vulnerability research following Apple rebuttal

Apple today released a rebuttal to the security vulnerabilities that Google detailed in depth last week and called it “one of the largest attacks against iPhone users ever.” The iOS maker took issue with several key points, but Google is standing by its works.

project zero Stories July 4, 2019

Google’s Project Zero reveals now-fixed iMessage flaw which could crash iPhones

Google’s Project Zero often discovers flaws in the software of other companies and gives 90 days for those flaws to be fixed before revealing them to the public. Today, Google has taken the wraps off of a flaw with Apple’s iMessage which would cause iPhones to repeatedly crash. Thankfully, Apple has already fixed it.

project zero Stories March 4, 2019

Google Project Zero team reveals ‘high severity’ flaw in macOS kernel, working w/ Apple on a patch

Google’s Project Zero team is well-known for revealing the bugs and security flaws within systems from Google itself, as well as other big companies. Most recently, the team at Google has reported and publicly disclosed a “high severity” flaw in the macOS kernel which can grant an attacker access to a users computer without their knowledge.

project zero Stories January 3, 2018

Over the past 24 hours, the tech industry has been rocked by a wide-ranging CPU vulnerability. Discovered by Google’s Project Zero security team last year, details of the exploits have now officially emerged. Meanwhile, Google has provided a full list of mitigation status for its products from Android to enterprise services.

expand full story

project zero Stories September 14, 2016

android

Google has made a big push for security over the past couple of years, and a big part of that has been beefing up Android security and pushing out fixes for vulnerabilities on a regular basis. We’ve seen that in Google’s monthly Android security updates, which have been relatively successful so far with some OEMs keeping devices somewhat up to date. Now the company is introducing another method to find Android vulnerabilities, a hacking contest by Project Zero…

expand full story

project zero Stories February 16, 2015

Google Personal Search

Google announced its Project Zero initiative in the middle part of last year, and now the Mountain View company is making some amendments to the rules for disclosure of bugs it finds in vendors’ software. There has been a 90-day deadline in place since the launch of the program, and that seems to be working well according to a post on the Project Zero blog, but the company says that it has taken into consideration “external feedback around some of the corner cases” and made some changes. expand full story

project zero Stories December 12, 2014

Today’s sketchy Samsung Galaxy S6 leak is almost surely bogus

We saw the supposed Samsung Galaxy S6 leak this morning, but we just weren’t convinced of its legitimacy enough to even show it to you as a sketchy rumor. It’s a good thing we didn’t, because a new report from Faryaab Sheikh–a very reliable source in the world of Samsung rumors–says this morning that he has received separate confirmation from many sources saying that the picture is definitely not a Galaxy S6 prototype.

project zero Stories July 15, 2014

Google Personal Search

Google today announced a new initiative it is calling “Project Zero,” a broad attempt at reducing the number of internet users that are harmed every day by a variety of different types of targeted attacks. Google believes that everyone should be able to use the internet without constant worry that attackers might use software vulnerabilities nefariously, and due to that, the Mountain View corporation has assembled a team of experienced security researchers to help improve security across the internet.

expand full story

Powered by WordPress VIP