Posted by Ian Fette, Google Security TeamLast year, we released version 2 of the Safe Browsing API, along with a reference implementation in Python. This version provides more efficient updates compared to version 1, giving clients the most useful (fre…
Posted by Panayiotis Mavrommatis and Niels Provos, Security TeamWe are constantly working on detecting sites that are compromised or are deliberately set up to infect your machine while browsing the web. We provide warnings on our search results and to…
Posted by Panayiotis Mavrommatis and Niels Provos, Security TeamWe are constantly working on detecting sites that are compromised or are deliberately set up to infect your machine while browsing the web. We provide warnings on our search results and to…
Posted by: Lucas Ballard, Anti-Malware TeamA month ago we announced the release of a new Webmaster Tools feature that helps webmasters identify malicious content that has been surreptitiously added to their sites. We’ve been working on improving the qu…
Posted by Niels Provos, Security TeamEvery now and then people ask us for an update on the malware statistics we published in the All Your iFrames Point To Us blog post. We’re glad to share this sort of data because we believe that collaboration and in…
Posted by Chris Evans, Security TeamMalware is the source of a large number of reported security incidents on the Internet. Since Internet users can become infected in many different ways, the proliferation of malware is a very hard problem to solve. O…
Posted by Niels Provos, Security TeamA recent surge in compromised web servers has generated many interesting discussions in online forums and blogs. We thought we would join the conversation by sharing what we found to be the most popular malware sit…
Posted by Michael Zalewski, Security Team.Many people view the task of writing secure web applications as a very complex challenge – in part because of the inherent shortcomings of technologies such as HTTP, HTML, or Javascript, and in part because of …
Posted by Chris EvansWe’ve seen some speculation recently about a purported security vulnerability in Gmail and the theft of several website owners’ domains by unauthorized third parties. At Google we’re committed to providing secure products, and we m…
Posted by Michal ZalewskiWe’re happy to announce that we’ve just open-sourced ratproxy, a passive web application security assessment tool that we’ve been using internally at Google. This utility, developed by our information security engineering team,…
Posted by Niels ProvosWe’ve been protecting Google users from malicious web pages since 2006 by showing warning labels in Google’s search results and by publishing the data via the Safe Browsing API to client programs such as Firefox and Google Desktop…
Written by Will DrewryFrom operating systems to web browsers, open source software plays a critical role in the operation of the Internet. The security of open source software is therefore quite important, as it often interacts with personal informatio…
Posted by Ian FetteWe’ve been targeting malware for over a year and a half, and these efforts are paying off. We are now able to display warnings in search results when a site is known to be malicious, which can help you avoid drive-by downloads and ot…
Posted by Will Drewry, Security TeamSecurity testing of applications is regularly performed using fuzz testing. As previously discussed on this blog, Srinath’s Lemon uses a form of smart fuzzing. Lemon is aware of classes of web application threats a…
Posted by Niels Provos, Anti-Malware TeamSome of you might have seen this message while searching on Google, and wondered what the reason behind it might be. Instead of search results, Google displays the “We’re sorry” message when we detect anomalous …