InfoSecBulletin Cybersecurity for mankind
Since Google bought Android 2005, its sole responsibility has been to provide the best user experience and ensure security for its users.
Google Play Protect was installed on every Android device to ensure every application was secure.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
Google stated that they had prevented around 1.43 million policy-violating applications from publishing on the Google Play Store as they have improved their security features and policies.
Google has also stopped several malicious developers and banned more than 173K accounts, preventing $2 billion in fraudulent or abusive transactions.
Google has also partnered with SDK providers to limit sensitive data access and sharing, which can enhance the security posture for a million Google Play apps.
Google has brought in many verification methods for Android app developers like Phone, email, and other verification methods, which will prevent malicious developers from deploying their apps in Google Play Store.
Google stated, “With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500K submitted apps from unnecessarily accessing sensitive permissions over the past three years.”
Developer Support and Collaboration to Help Keep Apps Safe
Adaption to the Android operating system has expanded the Android developer community, leading to educating newbie Android developers about the tools, knowledge, and support for building a secure and trustworthy application that focuses on the user’s security and privacy.
The App Security Improvements Program was launched by Google in 2022, in which 500K security weaknesses that affected nearly 300K applications were fixed. These fixes have secured about 250B installed devices (300K applications’ install base).
Google Play SDK Index
Google introduced the Google Play SDK index to provide a better understanding to the developers for evaluating the SDK’s reliability for their business requirements.
Along with these improvements, Google has improved ad policies, data transparency, security controls, security tools, and other security and user experience-based things.
In 2022, Google Play Store gave a display badge for any application that has gone through Mobile App Security Assessment (MASA) review, making it the first commercial app store to do this.
In addition, McAfee and Trend Micro have joined with Google to reduce app-based malware and Android user protection.
Google has published a complete analysis report on their security improvements and reports. Security and safety announcements in 2023 are yet to be announced.
