Tag: Google Online Security Blog

Posted by Chrome Root Program, Chrome Security Team The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users…

Read more →

Posted by Christiaan Brand, Group Product Manager We’re excited to announce that starting today, Titan Security Keys are available for purchase in more than 10 new countries: Ireland Portugal The Netherlands Denmark Norway Sweden

Read more →

Posted by Rex Pan and Xueqin Cui, Google Open Source Security Team < div> In December 2022, we released the open source OSV-Scanner tool, and earlier this year, we open sourced OSV-SCALIBR. OSV-Scanner and OSV-SCALIBR, together with OSV.dev are components…

Read more →

Posted by Dirk Göhmann In 2024, our Vulnerability Reward Program confirmed the ongoing value of engaging with the security research community to make Google and its products safer. This was evident as we awarded just shy of $12 million to…

Read more →

Posted by Dirk Göhmann In 2024, our Vulnerability Reward Program confirmed the ongoing value of engaging with the security research community to make Google and its products safer. This was evident as we awarded just shy of $12 million to…

Read more →

Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse Google has been at the forefront of protecting users from the ever-growing threat of scams and fraud with…

Read more →

Posted by Alex Rebert, Security Foundations, Ben Laurie, Research, Murali Vijayaraghavan, Research and Alex Richardson, Silicon For decades, memory safety vulnerabilities have been at the center of various security incidents across the industry, eroding trust in technology and costing billions.…

Read more →

Posted by Bethel Otuteye and Khawaja Shams (Android Security and Privacy Team), and Ron Aquino (Play Trust and Safety) Android and Google Play comprise a vibrant ecosystem with billions of users around the globe and millions of helpful apps. Keeping…

Read more →

Posted by the Agentic AI Security Team < div> Modern AI systems, like Gemini, are more capable than ever, helping retrieve data and perform actions on behalf of users. However, data from external sources present new security challenges if untrusted…

Read more →

Posted by Jianing Sandra Guo, Product Manager, Android, Nataliya Stanetsky, Staff Program Manager, Android Today, people around the world rely on their mobile devices to help them stay connected with friends and family, manage finances, keep track of healthcare information…

Read more →

Posted by Erik Varga, Vulnerability Management, and Rex Pan, Open Source Security Team < div> In December 2022, we announced OSV-Scanner, a tool to enable developers to easily scan for vulnerabilities in their open source dependencies. Together with the open…

Read more →

Posted by Greg Mucci, Product Manager, Artifact Analysis, Oliver Chang, Senior Staff Engineering, OSV, and Charl de Nysschen, Product Manager OSV DevOps teams dedicated to securing their supply chain and predicting potential risks consistently face novel threats. Fortunately, they can…

Read more →

Posted by Hyunkwook Baek, Duy Truong, Justin Dunlap and Lauren Stan from Android Security and Privacy, and Oliver Chang with the Google Open Source Security Team < div> Today, we are announcing the availability of Vanir, a new open-source security…

Read more →

Posted by Hyunwook Baek, Duy Truong, Justin Dunlap and Lauren Stan from Android Security and Privacy, and Oliver Chang from the Google Open Source Security Team Today, we are announcing the availability of Vanir, a new open-source security patch validation…

Read more →

Posted by Lyubov Farafonova, Product Manager and Steve Kafka, Group Product Manager, Android User safety is at the heart of everything we do at Google. Our mission to make technology helpful for everyone means building features that protect you while…

Read more →

Posted by Jan Jedrzejowicz, Director of Product, Android and Business Communications; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Stephan Somogyi, Product Lead, User Protection; Branden Archer, Software Engineer Every day, over a billion people…

Read more →

Posted by Jianing Sandra Guo, Product Manager and Nataliya Stanetsky, Staff Program Manager, Android Janine Roberta Ferreira was driving home from work in São Paulo when she stopped at a traffic light. A man suddenly appeared and broke the window…

Read more →

Posted by Alex Rebert, Security Foundations, and Chandler Carruth, Jen Engel, Andy Qin, Core Developers Error-prone interactions between software and memory1 are widely understood to create safety issues in software. It is estimated that about 70% of severe vulnerabilities2 in…

Read more →

Posted by Adrian Taylor, Security Engineer, Chrome Chrome’s user interface (UI) code is complex, and sometimes has bugs. Are those bugs security bugs? Specifically, if a user’s clicks and actions result in memory corruption, is that something that an attacker…

Read more →

Posted by Alex Gough, Chrome Security Team The Chrome Security Team is constantly striving to make it safer to browse the web. We invest in mechanisms to make classes of security bugs impossible, mitigations that make it more difficult to…

Read more →