BLOG

SubjectData Blog and News

Uncategorized
Scott Westover

Protecting against code reuse in the Linux kernel with Shadow Call Stack

Posted by Sami Tolvanen, Staff Software Engineer, Android Security & Privacy Team The Linux kernel is responsible for enforcing much of Android’s security model, which is why we have put a lot of effort into hardening the Android Linux kernel against exploitation. In Android 9, we introduced support for Clang’s forward-edge Control-Flow Integrity (CFI) enforcement

Read More »
Uncategorized
Josh Taylor

7-Eleven fuel app data breach exposes users' personal details

The popular petrol-buying app run by 7-Eleven has suffered a data breach that allowed customers to view the names, email addresses, mobile numbers and dates of birth of other users. The 7-Eleven fuel app, which the company said this week has been downloaded two million times, was taken offline for a matter of hours on

Read More »
Uncategorized
PA Media

Police database flagged 9,000 cybercrime reports as 'security risk'

Thousands of reports of cybercrime were quarantined on a police database instead of being investigated because software designed to protect the computer system labelled them a security risk. The backlog at one point stretched to about 9,000 reports of cybercrime and fraud, some of them dating back to October last year. The reports had been

Read More »
Uncategorized
Scott Westover

Improving Site Isolation for Stronger Browser Security

Posted by Charlie Reis, Site Isolator The Chrome Security team values having multiple lines of defense. Web browsers are complex, and malicious web pages may try to find and exploit browser bugs to steal data. Additional lines of defense, like sandboxes, make it harder for attackers to access your computer, even if bugs in the

Read More »
Uncategorized
Ben Doherty

China has built 'massive global data-collection ecosystem' to boost its interests

The Chinese government is sweeping up vast amounts of data from all around the world to bulwark the nation’s security, but most critically to secure the political future of the Communist party, a new report argues. Engineering Global Consent, a policy brief by the Australian Strategic Policy Institute’s Dr Samantha Hoffman, argues that the Chinese

Read More »
Uncategorized
Letters

Prevent database is secure but not secret | Letter

Your front-page lead (7 October) talks of a “secret” police Prevent database. It is not a very well kept “secret”; a quick online search brings up numerous references to its existence in public documents – and it is where the published annual referral statistics are sourced from. The Prevent pages on the National Police Chiefs’

Read More »
Scroll to Top