InfoSecBulletin Cybersecurity for mankind
Since Google bought Android 2005, its sole responsibility has been to provide the best user experience and ensure security for its users.
Google Play Protect was installed on every Android device to ensure every application was secure.
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
GitLab Releases Security Update For Multiple Vulns
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
Google stated that they had prevented around 1.43 million policy-violating applications from publishing on the Google Play Store as they have improved their security features and policies.
Google has also stopped several malicious developers and banned more than 173K accounts, preventing $2 billion in fraudulent or abusive transactions.
Google has also partnered with SDK providers to limit sensitive data access and sharing, which can enhance the security posture for a million Google Play apps.
Google has brought in many verification methods for Android app developers like Phone, email, and other verification methods, which will prevent malicious developers from deploying their apps in Google Play Store.
Google stated, “With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500K submitted apps from unnecessarily accessing sensitive permissions over the past three years.”
Developer Support and Collaboration to Help Keep Apps Safe
Adaption to the Android operating system has expanded the Android developer community, leading to educating newbie Android developers about the tools, knowledge, and support for building a secure and trustworthy application that focuses on the user’s security and privacy.
The App Security Improvements Program was launched by Google in 2022, in which 500K security weaknesses that affected nearly 300K applications were fixed. These fixes have secured about 250B installed devices (300K applications’ install base).
Google Play SDK Index
Google introduced the Google Play SDK index to provide a better understanding to the developers for evaluating the SDK’s reliability for their business requirements.
Along with these improvements, Google has improved ad policies, data transparency, security controls, security tools, and other security and user experience-based things.
In 2022, Google Play Store gave a display badge for any application that has gone through Mobile App Security Assessment (MASA) review, making it the first commercial app store to do this.
In addition, McAfee and Trend Micro have joined with Google to reduce app-based malware and Android user protection.
Google has published a complete analysis report on their security improvements and reports. Security and safety announcements in 2023 are yet to be announced.
