Google announced on Thursday the launch of a new reward program for data abuse, and the expansion of the Google Play bounty program to include Android applications with over 100 million installs.
Google is expanding the Google Play Security Reward Program (GPSRP) to include all apps in Google Play with 100 million or more installs, and is launching a new Developer Data Protection Reward Program (DDPRP) and asking for information about data abuse issues in Android apps, OAuth projects, and Chrome extensions. “The [DDPRP] program aims to reward anyone who can provide verifiably and unambiguous evidence of data abuse, in a similar model as Google’s other vulnerability … More →
The post Google will pay for data abuse reports related to popular Android apps, Chrome extensions appeared first on Help Net Security.
Unidentified attackers have been compromising websites for nearly three years, equipping them with exploits that would hack visiting iPhones without any user interaction and deliver a stealthy implant capable of collecting much of the sensitive information found on users’ iOS-powered devices. Indiscriminate compromise “Earlier this year Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day,” … More →
The post Google discovers websites exploiting iPhones, pushing spying implants en masse appeared first on Help Net Security.