Google wants to shorten delays in the vulnerability lifecycle by sharing limited details about newly discovered defects within a week of reporting to the affected vendor.
NEW YORK, NEW YORK – MARCH 18: In this photo illustration, Gemini Ai is seen on an iPad on March 18, 2024 in New York City. Apple announced that they’re exploring a partnership with Google to license the Gemini AI-powered features on iPhones with iOS updates later this year. Google already has a deal in place with Apple to be the preferred search engine provider on iPhones for the Safari browser. (Photo Illustration by Michael M. Santiago/Getty Images)
The arrest came at the request of the United States, which hailed the development as a sign that patience in pursuing cybercriminals in court is rewarded.
Russian President Vladimir Putin delivers a speech standing in front of the monument “Fatherland, Valor, Honor” outside of the Foreign Intelligence Service of the Russian Federation (SVR) in Moscow on June 30, 2022. (Photo by Mikhail Metzel / Sputnik / AFP) (Photo by MIKHAIL METZEL/Sputnik/AFP via Getty Images)
They weren’t in any hurry, according to Citizen Lab, and used an interesting attack vector. Google Threat Intelligence Group also provided details on the attacks.
The most serious flaw in the monthly security update affects the Android system and could be exploited to achieve local escalation of privilege, the company said.
Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.
A smart phone with the icons for the Google Calendar app is seen on the screen in Hong Kong, Hong Kong, on July 31, 2018. (Photo by S3studio/Getty Images)
Signage at the headquarters of SAP AG, Germany’s largest software company on January 8, 2013 in Walldorf, Germany. (Photo by Thomas Lohnes/Getty Images)