Google Project Zero
Google Project Zero News
Google researcher discovers a new security system called BlastDoor that Apple uses to protect iMessages
BlastDoor has been designed to specifically work with iMessage, unlike other sandbox systems in iOS to protect different functions.
Github fixes high security flaw reported by Google Project Zero three months ago
While Google described it as a 'high severity' bug, GitHub argued it was a 'moderate security vulnerability'.
Apple confirms Uighurs were targeted in iPhone attack; disputes Google's findings
Google said it stood by its findings and would continue to work with Apple and other companies
Apple hits back at Google, accusing it of creating a 'false impression' of 'mass exploitation' around iPhone exploits
Apple also claims that the attack had been identified several days before Google had reported it.
Google Project Zero team discloses a "high severity" flaw discovered in macOS kernel
The macOS kernel flaw grants the attacker to modify a mounted filesystem without user's knowledge
Intel failed to inform US cyber officials about Meltdown and Spectre vulnerabilities until it got leaked to the public
Officials claimed the government was not informed of the flaws before they became public because the flaws potentially held national security implications.
Critical bugs in uTorrent allow malicious websites to steal downloaded files and control your computer
Users will have to wait till an updated version is available. We would advise all you pirates out there to stop using the app till patches are in place.
Cloudflare memory leak dumps unknown quantity of sensitive, unencrypted data online
Web hosting provider Cloudflare has reported that a memory leak from their servers leaked a great deal of sensitive information, including passwords and cookies, in plain text.
Project Zero by Google finds a host of severe vulnerabilities in Symantec's security suites
Tavis Ormandy, a security analyst on the Project Zero team recently had a go at Symantec’s cyber-security offerings (this includes Norton by Symantec) and discovered that almost all the offerings had such severe vulnerabilities that they could “compromise the entire enterprise fleet” and worse.
After rift with Microsoft, Google to give vendors 14 day grace period to fix security flaws
Google has said it would give vendors a 14-day grace period if they promised to release a patch and fix the issue within two weeks.
Microsoft slams Google for disclosing Windows 8.1 security bug two days before it planned the fix
Microsoft has criticized Google for disclosing the Windows 8.1 security bug out in the public just before it was going to fix it.
Google posts unpatched vulnerability before Microsoft fixes it
Google has openly published a Windows 8.1 vulnerability that gives low-level users administrator rights.