A snapshot of some of the ways ESET makes an impact supporting the well-being of people, communities and the environment
The post Championing worthy causes: How ESET gives a helping hand appeared first on WeLiveSecurity
A snapshot of some of the ways ESET makes an impact supporting the well-being of people, communities and the environment
The post Championing worthy causes: How ESET gives a helping hand appeared first on WeLiveSecurity
Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so
The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity
Posted by Royal Hansen, Vice President, Security
Black History Month may be coming to a close, but our work to build sustainable equity for Google’s Black+ community, and externally is ongoing. Currently, Black Americans make up less than 12% of information security analysts in the U.S. In an industry that consistently requires new ideas to spark positive change and stand out against the status quo, it is necessary to have individuals who think, speak, and act in diverse ways. Diverse security teams are more innovative, produce better products and enhance an organization’s ability to defend against cyber threats.
In an effort to amplify the contributions of the Black+ community to security and privacy fields, we’ll be sharing profiles of Black+ Googlers working on innovative privacy and security solutions over the coming weeks, starting with Camille Stewart, Google’s Head of Security Policy for Google Play and Android.
Camille co-founded #ShareTheMicInCyber, an initiative that pairs Black security practitioners with prominent allies, lending their social media platforms to the practitioners for the day. The goal is to break down barriers, engage the security community, and promote sustained action. The #ShareTheMicInCyber campaign will highlight Black women in the security and privacy sector on LinkedIn and Twitter on March 19, 2021 and throughout March 2021 in celebration of Women’s History Month. Follow the #ShareTheMicInCyber on March 19th to support and amplify Black women in security and privacy.
Read more about Camille’s story below ↓
#ShareTheMicInCyber: Camille Stewart
Today, we will hear from Camille Stewart, she leads security, privacy, election integrity, and dis/misinformation policy efforts for Google’s mobile business. She also spearheads a cross-Google security initiative that sets the strategic vision and objectives for Google’s engagement on security and privacy issues.
In her (not so) spare time, Camille is co-founder of the #ShareTheMicInCyber initiative – which aims to elevate the profiles, work, and lived experiences of Black cyber practitioners. This initiative has garnered national and international attention and has been a force for educating and bringing awareness to the challenges Black security practitioners face in industry. Camille is also a cybersecurity fellow at Harvard University, New America and Truman National Security Project. She sits on the board of the International Foundation for Electoral Systems and of Girl Security, an organization that is working to close the gender gap in national security through learning, training, and mentoring support for girls.
Why do you work in security or privacy?
I work in this space to empower people in and through technology by translating and solving the complex challenges that lie at the intersection of technology, security, society, and the law.
Tell us a little bit about your career journey to Google
Before life at Google, I managed cybersecurity, election security, tech innovation, and risk issues at Deloitte. Prior to that, I was appointed by President Barack Obama to be the Senior Policy Advisor for Cyber Infrastructure & Resilience Policy at the Department of Homeland Security. I was the Senior Manager of Legal Affairs at Cyveillance, a cybersecurity company after working on Capitol Hill.
What is your security or privacy “soapbox”?
Right now, I have a few. Users being intentional about their digital security similar to their physical security especially with their mobile devices and apps. As creators of technology, we need to be more intentional about how we educate our users on safety and security. At Google, security is core to everything we do and build, it has to be. We recently launched our Safer With Google campaign which I believe is a great resource for helping users better understand their security and privacy journey.
As an industry, we need to make meaningful national and international progress on digital supply chain transparency and security.
Lastly, the fact that systemic racism is a cybersecurity threat. I recently penned a piece for the Council on Foreign Relations that explores how racism influences cybersecurity and what we must do as an industry to address it.
If you are interested in following Camille’s work here at Google and beyond, please follow her on Twitter @CamilleEsq. We will be bringing you more profiles over the coming weeks and we hope you will engage with and share these with your network.
If you are interested in participating or learning more about #ShareTheMicInCyber, click here.
People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen
The post Google’s Password Checkup tool rolling out to Android devices appeared first on WeLiveSecurity
The incident raises concerns about the privacy and security of conversations taking place on the platform
The post Clubhouse chats streamed to third‑party website appeared first on WeLiveSecurity
(Note: We’ve updated this post to reflect that the API works by collecting 3.25 bytes of the hashed username)
With the proliferation of digital services in our lives, it’s more important than ever to make sure our online information remains safe and secure. Passwords are usually the first line of defense against hackers, and with the number of data breaches that could publicly expose those passwords, users must be vigilant about safeguarding their credentials.
To make this easier, Chrome introduced the Password Checkup feature in 2019, which notifies you when one of the passwords you’ve saved in Chrome is exposed. We’re now bringing this functionality to your Android apps through Autofill with Google. Whenever you fill or save credentials into an app, we’ll check those credentials against a list of known compromised credentials and alert you if your password has been compromised. The prompt can also take you to your Password Manager page, where you can do a comprehensive review of your saved passwords. Password Checkup on Android apps is available on Android 9 and above, for users of Autofill with Google.
Follow the instructions below to enable Autofill with Google on your Android device:
- Open your phone’s Settings app
- Tap System > Languages & input > Advanced
- Tap Autofill service
- Tap Google to make sure the setting is enabled
If you can’t find these options, check out this page with details on how to get information from your device manufacturer.
How it works
User privacy is top of mind, especially when it comes to features that handle sensitive data such as passwords. Autofill with Google is built on the Android autofill framework which enforces strict privacy & security invariants that ensure that we have access to the user’s credentials only in the following two cases: 1) the user has already saved said credential to their Google account; 2) the user was offered to save a new credential by the Android OS and chose to save it to their account.
When the user interacts with a credential by either filling it into a form or saving it for the first time, we use the same privacy preserving API that powers the feature in Chrome to check if the credential is part of the list of known compromised passwords tracked by Google.
This implementation ensures that:
- Only an encrypted hash of the credential leaves the device (the first 3.25 bytes of the hashed username are sent unencrypted to partition the database)
- The server returns a list of encrypted hashes of known breached credentials that share the same prefix
- The actual determination of whether the credential has been breached happens locally on the user’s device
- The server (Google) does not have access to the unencrypted hash of the user’s password and the client (User) does not have access to the list of unencrypted hashes of potentially breached credentials
For more information on how this API is built under the hood, check out this blog from the Chrome team.
Additional security features
In addition to Password Checkup, Autofill with Google offers other features to help you keep your data secure:
- Password generation: With so many credentials to manage, it’s easy for users to recycle the same password across multiple accounts. With password generation, we’ll generate a unique, secure password for you and save it to your Google account so you don’t have to remember it at all. On Android, you can request password generation for an app by long pressing the password field and selecting “Autofill” in the pop-up menu.
- Biometric authentication: You can add an extra layer of protection on your device by requiring biometric authentication any time you autofill your credentials or payment information. Biometric authentication can be enabled inside of the Autofill with Google settings.
As always, stay tuned to the Google Security blog to keep up to date on the latest ways we’re improving security across our products.
A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users’ DNS queries
The post Brave browser’s Tor mode exposed users’ dark web activity appeared first on WeLiveSecurity
Avoid COVID-19 vaccine fraud and hoaxes – Romance scams cause record-high losses – Exaramel in the spotlight after attacks in France
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals
The post TDoS attacks could cost lives, warns FBI appeared first on WeLiveSecurity
Easy Contact
253 Main Ave, Passaic NJ 07055Call 973-777-5656
info@advantagecomputers.com
Fax 973-777-5821
© 2024 ~ All Rights Reserved
Advantage Computer Solutions