users

Defending our Google Docs and Drive Customers

Protecting all Google users from viruses, malware, and other abusive content is central to user cyber-safety and sometimes we remove access to certain files in order to provide these protections.

On Tuesday, October 31, we mistakenly blocked access to some of our users’ files, including Google Docs. This was due to a short-lived bug that incorrectly flagged some files as violating our terms of service (TOS). The blocking raised questions in the community and we would like to address those questions here.

The Google Docs and Drive products have unparalleled automatic, preventive security precautions in place to protect our users from malware, phishing and spam, using both static and dynamic antivirus techniques. Virus and malware scanning is an industry best practice that performs automated comparisons against known samples and indicators; the process does not involve human intervention.

Tuesday’s bug caused the Google Docs and Drive services to misinterpret the response from these protection systems and erroneously mark some files as TOS violations, thus causing access denials for users of those files. As soon as our teams identified the problem, we removed the bug and worked to restore access to all affected files.

We apologize to our users for any inconvenience this incident caused and remain committed to offering high-quality systems that keep their content safe while fully securing their files.

Continue Reading

Preventing phishing with smarter protections

Screenshot 2017-10-11 at 2.45.09 PM.png

Editor’s note: October is Cybersecurity Awareness Month, and we’re celebrating with a series of security announcements this week. This is the third post; read the first and second ones.

Online security is top of mind for everyone these days, and we’re more focused than ever on protecting you and your data on Google, in the cloud, on your devices, and across the web.

One of our biggest focuses is phishing, attacks that trick people into revealing personal information like their usernames and passwords. You may remember phishing scams as spammy emails from “princes” asking for money via wire-transfer. But things have changed a lot since then. Today’s attacks are often very targeted—this is called “spear-phishing”—more sophisticated, and may even seem to be from someone you know.

Even for savvy users, today’s phishing attacks can be hard to spot. That’s why we’ve invested in automated security systems that can analyze an internet’s-worth of phishing attacks, detect subtle clues to uncover them, and help us protect our users in Gmail, as well as in other Google products, and across the web.

Our investments have enables us to significantly decrease the volume of phishing emails that users and customers ever see. With our automated protections, account security (like security keys) and warnings, Gmail is the most secure email service today.

Here is a look at some of the systems that have helped us secure users over time, and enabled us to add brand new protections in the last year.

More data helps protect your data

The best protections against large-scale phishing operations are even larger-scale defenses. Safe Browsing and Gmail spam filters are effective because they have such broad visibility across the web. By automatically scanning billions of emails, webpages, and apps for threats, they enable us to see the clearest, most up-to-date picture of the phishing

Continue Reading

eight swift steps G Suite admins can take to safe enterprise knowledge

Tip 1

Security doesn’t have to be complicated. With G Suite, admins can manage and help protect their users with minimal effort because we’ve designed our tools to be intuitive—like Vault, which helps with eDiscovery and audit needs, and data loss prevention, which helps ensure that your “‘aha”’ moments stay yours. Here are some key security controls that you can deploy with just a few clicks to get more fine-grained control of your organization’s security.

1. Enable Hangouts out-of-domain warnings

If your business allows employees to chat with external users on Hangouts, turn on a setting that will show warnings to your users if anyone outside of your domain tries to join a Hangout, and split existing group chats so external users can’t see previous internal conversations. This substantially reduces the risk of data leaks or falling prey to social engineering attacks (From the Admin console dashboard, go to Apps > G Suite > Google Hangouts > Chat settings > Sharing options).

2. Disable email forwarding

Exercising this option will disable the automatic email forwarding feature for users, which in turn helps reduce the risk of data exfiltration in the event a user’s credentials are compromised.

Tip 2

3. Enable early phishing detection

Enabling this option adds further checks on potentially suspicious emails prior to delivery. Early phishing detection utilizes a dedicated machine learning model that selectively delays messages to perform rigorous phishing analysis. Less than 0.05 percent of messages on average get delayed by a few minutes, so your users will still get their information fast.

Tip 3

4. Examine OAuth-based access to third-party apps

OAuth apps whitelisting helps keep company data safe by letting you specifically select which third-party apps are allowed to access users’

Continue Reading

Enhancing Net Design For Shade-Blind customers

In creating a website, it is crucial to have not only a great UI design, but a great accessibility as well. It may be a tedious task especially if we cannot relate to certain conditions that can hinder a good user experience. One of these conditions is color blindness or color vision deficiency (CVD). If you are not color blind, chances are you don’t think about it very often. People who have this condition, however, have to deal with it all the time. Though it is considered a mild disability, it can affect a lot of daily activities – cooking,

The post Improving Web Design For Color-Blind users appeared first on Naldz Graphics.

Continue Reading

As G Suite good points traction within the enterprise, G Suite’s Gmail and shopper Gmail to extra intently align

Google’s G Suite business is gaining enormous traction among enterprise users. G Suite usage has more than doubled in the past year among large business customers. Today, there are more than 3 million paying companies that use G Suite.

G Suite’s Gmail is already not used as input for ads personalization, and Google has decided to follow suit later this year in our free consumer Gmail service. Consumer Gmail content will not be used or scanned for any ads personalization after this change. This decision brings Gmail ads in line with how we personalize ads for other Google products. Ads shown are based on users’ settings. Users can change those settings at any time, including disabling ads personalization. G Suite will continue to be ad free.

The value of Gmail is tremendous, both for G Suite users and for users of our free consumer Gmail service. Gmail is the world’s preeminent email provider with more than 1.2 billion users. No other email service protects its users from spam, hacking, and phishing as successfully as Gmail. By indicating possible email responses, Gmail features like Smart Reply make emailing easier, faster and more efficient. Gmail add-ons will enable features like payments and invoicing directly within Gmail, further revolutionizing what can be accomplished in email.

G Suite customers and free consumer Gmail users can remain confident that Google will keep privacy and security paramount as we continue to innovate. As ever, users can control the information they share with Google at myaccount.google.com.

Continue Reading

As G Suite good points traction within the enterprise, G Suite’s Gmail and shopper Gmail to extra intently align

Google’s G Suite business is gaining enormous traction among enterprise users. G Suite usage has more than doubled in the past year among large business customers. Today, there are more than 3 million paying companies that use G Suite.

G Suite’s Gmail is already not used as input for ads personalization, and Google has decided to follow suit later this year in our free consumer Gmail service. Consumer Gmail content will not be used or scanned for any ads personalization after this change. This decision brings Gmail ads in line with how we personalize ads for other Google products. Ads shown are based on users’ settings. Users can change those settings at any time, including disabling ads personalization. G Suite will continue to be ad free.

The value of Gmail is tremendous, both for G Suite users and for users of our free consumer Gmail service. Gmail is the world’s preeminent email provider with more than 1.2 billion users. No other email service protects its users from spam, hacking, and phishing as successfully as Gmail. By indicating possible email responses, Gmail features like Smart Reply make emailing easier, faster and more efficient. Gmail add-ons will enable features like payments and invoicing directly within Gmail, further revolutionizing what can be accomplished in email.

G Suite customers and free consumer Gmail users can remain confident that Google will keep privacy and security paramount as we continue to innovate. As ever, users can control the information they share with Google at myaccount.google.com.

Continue Reading

Defending you towards phishing

As many email users know, phishing attacks—or emails that impersonate a trusted source to trick users into sharing information—are a pervasive problem. If you use Gmail, you can rest assured that every day, millions of phishing emails are blocked from ever reaching your inbox.

This week, we defended against an email phishing campaign that tricked some of our users into inadvertently granting access to their contact information, with the intent to spread more phishing emails. We took quick action to revoke all access granted to the attacker as well as steps to reduce and prevent harm from future variants of this type of attack.

Here’s some background to help you understand how the campaign worked, how we addressed it and how you can better protect yourself against attacks.

How the campaign worked and how we addressed it

Victims of this attack received an email that appeared to be an invite to a Google Doc from one of their contacts. When users clicked the link in the attacker’s email, it directed them to the attacker’s application, which requested access to the user’s account under the false pretense of gaining access to the Google Doc. If the user authorized access to the application (through a mechanism called OAuth), it used the user’s contact list to send the same message to more people.

Upon detecting this issue, we immediately responded with a combination of automatic and manual actions that ended this campaign within an hour. We removed fake pages and applications, and pushed user-protection updates through Safe Browsing, Gmail, Google Cloud Platform, and other counter-abuse systems. Fewer than 0.1% of our users were affected by this attack, and we have taken steps to re-secure affected accounts.

We protect our users from phishing attacks in a number of ways, including:

  • Using machine learning-based detection of spam and phishing messages, which
    Continue Reading

Google Launches Toontastic 3D on iOS, Android

Google launched Toontastic 3D on iOS and Android. The application allows children to create their own stories to share with others.

With Toontastic 3D, users can create short stories, longer “classic” stories and science reports. Each story or report is split into multiple “scenes,” and users can prepare each scene by choosing from a variety of background settings and characters. In addition to using the app’s existing content, users can also draw their own settings and characters in the app’s drawing menu.

Once a user has prepared a scene, they can tell their story by recording their voice in the app. Users can drag characters around the environment as they record. Once a clip has been recorded, users have the option to add instrumental music to the scene.

When a story or report is finished, users can export the project to their device’s camera roll to share it with others.

In addition to creating their own stories, users can browse story ideas and watch featured stories in the app’s Idea Lab.

Toontastic 3D is available to download for free on the iTunes App Store and Google Play.

Continue Reading

Netmarble Launches Star Wars: Pressure Area on iOS, Android

Netmarble launched Star Wars: Force Arena on iOS and Android. The multiplayer online battle arena game allows users to collect more than 80 characters from the Star Wars universe and take them into battles against other players.

Specifically, the game allows users to compete against other real players in one-on-one and two-on-two battles. Users can also train against the computer in single-player practice matches.

In each battle, players are challenged to destroy the shield generator protecting the enemy’s base before time runs out. Users must also prevent the enemy from destroying their own generator. Each shield generator is guarded by turrets, and if time runs out before either generator can be destroyed, the player who destroyed the most turrets will win the match.

During battles, each player can control their leader character, such as Luke Skywalker or Darth Vader, by tapping on the battlefield to move and tapping on enemies or structures to attack. Users can deploy secondary units to the battlefield by spending energy to play cards from their decks. Each card requires a different amount of energy to play, and this energy recharges automatically over time.

As users win matches, they’ll receive packs containing additional cards for their decks. As users collect duplicate cards, they can use the duplicates to upgrade the base cards, improving their stats. Overall, players can create four different decks, with two decks representing the Rebel Alliance and two decks representing the Galactic Empire.

While players begin with access to only a few leader characters, they can collect additional leaders over time. Users can change the leader associated with each deck between battles.

Finally, users can join guilds with other players.

Star Wars: Force Arena is available to download for free on the iTunes App Store and Google

Continue Reading

King Launches Bubble Witch three Saga on Cellular, Fb

Bubble Witch 3 Saga Screenshots

King announced the release of Bubble Witch 3 Saga, the third installment in the Bubble Witch Saga franchise. The bubble shooter challenges players to help Stella the Witch break a curse that has been placed on Wilbur, a cat with the power of dark magic.

In each level of Bubble Witch 3 Saga, players are challenged to complete an objective before running out of shots. For instance, one stage may ask players to rescue owls that have been trapped inside colorful bubbles by making matches with those bubbles, while another stage may ask users to clear every bubble on the screen, and so on.

Users can complete objectives by shooting bubbles at bubble formations at the top of the screen. Users must create groups of three or more like-colored bubbles to remove them from the formation.

As players progress, they will be able to face off against Wilbur in special boss stages. During these levels, players will need to pop bubbles that contain special fairies who will attack Wilbur and drain a bar at the top of the screen. Users will need to empty this bar completely before running out of shots.

Elsewhere, early on in the game, Wilbur will destroy Stella’s house, and players will need to collect Fairy Dust in order to repair it. To collect Fairy Dust, users will need to earn stars on future stages. Players will earn up to three stars on each stage, depending on their score, and these stars are automatically converted to Fairy Dust. Users will be able to choose from multiple visual options each time they purchase an upgrade for Stella’s home or yard.

Juan Perez, producer on Bubble Witch 3 Saga at King, commented:

We’re excited to be launching Bubble Witch 3 Saga today. With this third

Continue Reading