InfoSecBulletin Cybersecurity for mankind
Since Google bought Android 2005, its sole responsibility has been to provide the best user experience and ensure security for its users.
Google Play Protect was installed on every Android device to ensure every application was secure.
Critical PHP Zero-Day Vulnerability found in Craft CMS To Gain RCE
For US$2.6bn, Mastercard acquires threat intelligence firm Recorded Future
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
Google stated that they had prevented around 1.43 million policy-violating applications from publishing on the Google Play Store as they have improved their security features and policies.
Google has also stopped several malicious developers and banned more than 173K accounts, preventing $2 billion in fraudulent or abusive transactions.
Google has also partnered with SDK providers to limit sensitive data access and sharing, which can enhance the security posture for a million Google Play apps.
Google has brought in many verification methods for Android app developers like Phone, email, and other verification methods, which will prevent malicious developers from deploying their apps in Google Play Store.
Google stated, “With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500K submitted apps from unnecessarily accessing sensitive permissions over the past three years.”
Developer Support and Collaboration to Help Keep Apps Safe
Adaption to the Android operating system has expanded the Android developer community, leading to educating newbie Android developers about the tools, knowledge, and support for building a secure and trustworthy application that focuses on the user’s security and privacy.
The App Security Improvements Program was launched by Google in 2022, in which 500K security weaknesses that affected nearly 300K applications were fixed. These fixes have secured about 250B installed devices (300K applications’ install base).
Google Play SDK Index
Google introduced the Google Play SDK index to provide a better understanding to the developers for evaluating the SDK’s reliability for their business requirements.
Along with these improvements, Google has improved ad policies, data transparency, security controls, security tools, and other security and user experience-based things.
In 2022, Google Play Store gave a display badge for any application that has gone through Mobile App Security Assessment (MASA) review, making it the first commercial app store to do this.
In addition, McAfee and Trend Micro have joined with Google to reduce app-based malware and Android user protection.
Google has published a complete analysis report on their security improvements and reports. Security and safety announcements in 2023 are yet to be announced.
