InfoSecBulletin Cybersecurity for mankind
Since Google bought Android 2005, its sole responsibility has been to provide the best user experience and ensure security for its users.
Google Play Protect was installed on every Android device to ensure every application was secure.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
Google stated that they had prevented around 1.43 million policy-violating applications from publishing on the Google Play Store as they have improved their security features and policies.
Google has also stopped several malicious developers and banned more than 173K accounts, preventing $2 billion in fraudulent or abusive transactions.
Google has also partnered with SDK providers to limit sensitive data access and sharing, which can enhance the security posture for a million Google Play apps.
Google has brought in many verification methods for Android app developers like Phone, email, and other verification methods, which will prevent malicious developers from deploying their apps in Google Play Store.
Google stated, “With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500K submitted apps from unnecessarily accessing sensitive permissions over the past three years.”
Developer Support and Collaboration to Help Keep Apps Safe
Adaption to the Android operating system has expanded the Android developer community, leading to educating newbie Android developers about the tools, knowledge, and support for building a secure and trustworthy application that focuses on the user’s security and privacy.
The App Security Improvements Program was launched by Google in 2022, in which 500K security weaknesses that affected nearly 300K applications were fixed. These fixes have secured about 250B installed devices (300K applications’ install base).
Google Play SDK Index
Google introduced the Google Play SDK index to provide a better understanding to the developers for evaluating the SDK’s reliability for their business requirements.
Along with these improvements, Google has improved ad policies, data transparency, security controls, security tools, and other security and user experience-based things.
In 2022, Google Play Store gave a display badge for any application that has gone through Mobile App Security Assessment (MASA) review, making it the first commercial app store to do this.
In addition, McAfee and Trend Micro have joined with Google to reduce app-based malware and Android user protection.
Google has published a complete analysis report on their security improvements and reports. Security and safety announcements in 2023 are yet to be announced.
