Project Zero

Latest

  • An Israeli woman uses her iPhone in front of the building housing the Israeli NSO group, on August 28, 2016, in Herzliya, near Tel Aviv. - Apple iPhone owners, earlier in the week, were urged to install a quickly released security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by cyber arms dealers. Lookout and Citizen Lab worked with Apple on an iOS patch to defend against what was called "Trident" because of its triad of attack methods, the researchers said in a joint blog post. Trident is used in spyware referred to as Pegasus, which a Citizen Lab investigation showed was made by an Israel-based organization called NSO Group. (Photo by JACK GUEZ / AFP) (Photo by JACK GUEZ/AFP via Getty Images)

    Researchers call NSO zero-click iPhone exploit 'incredible and terrifying'

    by 
    Steve Dent
    Steve Dent
    12.16.2021

    Google researchers have described NSO Group's zero-click exploit used to hack Apple devices as 'incredible and terrifying.'

  • A computer programmer or hacker prints a code on a laptop keyboard to break into a secret organization system. Internet crime concept.

    Google's Project Zero will wait longer before disclosing security flaws

    by 
    Steve Dent
    Steve Dent
    04.16.2021

    Google's Project Zero security team will wait an extra 30 days before disclosing vulnerability details so end-users have enough time to patch software.

  • Apple iPhone SE and iPhone 11

    iPhone exploit gave hackers control over WiFi without your input

    by 
    Jon Fingas
    Jon Fingas
    12.02.2020

    Apple recently fixed an iOS exploit that let intruders control your phone over WiFi without any interaction on your part.

  • dusanpetkovic via Getty Images

    Google's new policy gives developers more time to address security flaws

    by 
    Jon Fingas
    Jon Fingas
    01.07.2020

    Google's Project Zero disclosure program is supposed to encourage releases of security fixes in a timely fashion, but things haven't gone according to plan. Premature disclosures, half-hearted fixes and other issues have been a little too common. The company might address some of those problems in 2020, though. It recently revised its policies in a bid to encourage both more "thorough" security patches and wider adoption of those patches. Most notably, Google will wait 90 days to disclose a flaw even if it's fixed well ahead of that deadline. If developers act quickly, they'll have more time to both distribute patches and make sure that fixes address the root cause of a flaw.

  • Towfiqu Photography via Getty Images

    LastPass patched a bug that could have exposed your passwords

    by 
    Christine Fisher
    Christine Fisher
    09.16.2019

    If you use LastPass to manage your passwords, now would be a good time to make sure you're running the latest version, 4.33.0. As Gizmodo reports, LastPass recently patched a bug that could have been used to compromise users' security credentials. The patch should have arrived automatically, but as a precaution, it's worth making sure you're running the September 12th update.

  • Devindra Hardawar/Engadget

    Google discloses 'high severity' Mac security flaw ahead of patch

    by 
    Jon Fingas
    Jon Fingas
    03.04.2019

    Google's Project Zero security disclosure program is once again proving to be a double-edged sword. The company has detailed a "high severity" macOS kernel flaw that lets people modify a user-mounted file system image without the virtual management subsystem being any the wiser, theoretically letting an attacker go unnoticed by users. Apple is working on a patch, but the disclosure ahead of the fix could leave Mac users vulnerable until it's ready.

  • Daily Roundup: The future of HoloLens, VR at Sundance and more!

    by 
    Dave Schumaker
    Dave Schumaker
    01.23.2015

    Can Microsoft deliver on its ambitious HoloLens project? Meanwhile, filmmaker Shari Frilot brings virtual reality to Sundance and Google starts disclosing unpatched security issues in OS X. Get caught up on today's technology news in the Daily Roundup.