If you own a Google Pixel or Google Pixel XL , you ’ re probably wondering where your November security patch update is . Although most Google devices — including older Nexus devices — received Vulnerability-related.PatchVulnerability the patch at the beginning of the month as detailed below , the original Pixel lineup was left high and dry . Today , finally , the patch is here . You can wait for the OTA to hit your device , or you can use the links below to manually install . We ’ re not quite sure why this took so long , but hopefully , the December patch will be a bit more uniform . Right on schedule , Google has released Vulnerability-related.PatchVulnerability Android ’ s October security patch . As it ’ s the first update to make its way to the Pixel 3 and Pixel 3 XL , it should include some bug fixes . Unfortunately , it won ’ t resolve Vulnerability-related.PatchVulnerability the memory issues just yet . The November patch itself includes fixes for 17 security vulnerabilities . The most severe bugs included an issue in the media framework and the ability for a remote attacker to execute arbitrary code through a crafted file . Fortunately , Google doesn ’ t believe that either of these were used to harm users . The November security patch includes several bug fixes and improvements specifically for Pixel devices . As Google notes , this update should help with notification stability on Pixel 2 and Pixel 3 handsets as well as improve picture-in-picture performance on the four handsets . Sadly , the November security patch will likely be the last update pushed Vulnerability-related.PatchVulnerability to the Pixel C , Nexus 6P , and Nexus 5X . As Google only guarantees firmware upgrades for two years after a device is released and security patches for three , the search giant is no longer obligated to support the two phone or tablet . Of course , this doesn ’ t mean that your devices are no longer usable . Even if you no longer get official support from Google , there are large developer communities that build ROMs that brings Vulnerability-related.PatchVulnerability the latest security patches and Android features to all of Google ’ s abandoned devices . If you don ’ t want to wait for the November security patch to make its way to your phone , you can download the latest factory image or OTA file from the links below . From there , you can either flash a fresh build to your phone or sideload the OTA update . The November security patch is also making its way to the Essential Phone . In addition to the resolved issues addressed Vulnerability-related.PatchVulnerability above , this update brings support for the company ’ s Audio Adapter HD module .

A massive phishing campaign Attack.Phishing targeting Google accounts ripped through the internet on Wednesday afternoon . Several people online across a range of industries said they received Attack.Phishing emails containing what looked like Attack.Phishing a link to a Google Doc that appeared to come from Attack.Phishing someone they know . These , however , were malicious emails designed to hijack their accounts . It 's unclear exactly how the attack works at the moment , but it does appear to be highly sophisticated . A Reddit user has a good breakdown of what happens exactly when you click on the Google Doc button . In a few words , when you click on the link , the login screen takes you to a genuine Google domain , but that domain asks you to grant access to an app called Google Docs that is not the real Google Docs . And the `` Google Docs '' app reads all your email and contacts , and then self-propagates by sending more emails . We 've also heard reports that Google Drive was down , and experienced the outage ourselves , but can not yet confirm if that is related to the attack . ( It 'd be a hell of a coincidence , although Drive appears to be working again . ) `` We have taken action to protect users against an email impersonating Google Docs , and have disabled offending accounts , '' Google said in a statement sent to Motherboard . `` We 've removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again . We encourage users to report phishing emails in Gmail . '' In a subsequent statement , Google said that the phishing campaign Attack.Phishing was halted `` within approximately an hour '' and that it `` affected fewer than 0.1 % of Gmail users . '' While that sounds low , considering that Gmail has around 1 billion users , that 's still around one million victims .

Google Docs was pulled into a sneaky email phishing attack Attack.Phishing on Tuesday that was designed to trick Attack.Phishing users into giving up access to their Gmail accounts . The phishing emails , which circulated Attack.Phishing for about three hours before Google stopped them , invited Attack.Phishing the recipient to open what appeared to be Attack.Phishing a Google Doc . The teaser was a blue box that said , “ Open in Docs. ” In reality , the link led to a dummy app that asked users for permission to access their Gmail account . An example of the phishing email that circulated Attack.Phishing on Tuesday . Users might easily have been fooled Attack.Phishing , because the dummy app was actually named “ Google Docs. ” It also asked for access to Gmail through Google ’ s actual login service . The hackers were able to pull off the attack by abusing the OAuth protocol , a way for internet accounts at Google , Twitter , Facebook and other services to connect with third-party apps . The OAuth protocol doesn ’ t transfer any password information , but instead uses special access tokens that can open account access . However , OAuth can be dangerous in the wrong hands . The hackers behind Tuesday’s attack Attack.Phishing appear to have built Attack.Phishing an actual third-party app that leveraged Google processes to gain account access . The dummy app will try to ask for account permission . Last month , Trend Micro said a Russian hacking group known as Fancy Bear was using a similar email attack method that abused the OAuth protocol to phish Attack.Phishing victims . However , security experts said Tuesday's phishing attack Attack.Phishing probably was n't from Fancy Bear , a shadowy group that many experts suspect works for the Russian government . `` I do n't believe they are behind this ... because this is way too widespread , '' Jaime Blasco , chief scientist at security provider AlienVault , said in an email . On Tuesday , many users on Twitter , including journalists , posted screen shots of the phishing emails , prompting speculation that the hackers were harvesting Attack.Databreach victims ' contact lists to target more users . The attack Attack.Phishing was also sent Attack.Phishing through an email address at `` hhhhhhhhhhhhhhhh @ mailinator.com . '' Mailinator , a provider of a free email service , denied any involvement . Fortunately , Google moved quickly to stop the phishing attacks Attack.Phishing , after a user on Reddit posted about them . “ We ’ ve removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again , ” Google said in a statement . Security experts and Google recommend affected users check what third-party apps have permission to access their account and revoke any suspicious access . Users can do so by visiting this address , or performing a Google security check-up . Tuesday's phishing scheme Attack.Phishing will probably push Google to adopt an even stricter stance on apps that use OAuth , said Robert Graham , CEO of research company Errata Security . However , the internet giant has to strike a balance between ensuring security and fostering a flourishing app ecosystem . `` The more vetting you do , the more you stop innovation , '' Graham said . `` It 's a trade-off . ''

Google users today were hit Attack.Phishing with an extremely convincing phishing spree Attack.Phishing launched by attackers who manipulated Google Docs ' legitimate third-party sharing mechanism . Targets received Attack.Phishing messages with the subject like `` [ Sender ] has shared a document on Google Docs with you '' often from senders they knew . The messages contained links , which led to a page that clearly requested access to the user 's Gmail account . If the target user provides access , the attack Attack.Phishing begins sending Attack.Phishing spam to all the user 's contacts . Theoretically , the attacker could also access Attack.Databreach the victim 's messages and steal Attack.Databreach sensitive data , but thus far there have been no reports of such activity . Because it takes advantage of Google 's legitimate third-party sharing mechanism , the phishing message is much more difficult to identify as malicious . The icons and messaging are familiar to Google users . Gmail itself did not filter the messages as phishing Attack.Phishing or flag them as spam , but rather sent them to Gmail users ' `` Primary '' inbox mail folders . The senders were familiar enough to have the target in their contact lists . One way to spot the attack : some targets report that the message includes a recipient with an address that begins `` hhhhhhhhhhhhhh '' and ends with the domain `` mailinator.com . '' Google responded with a fix and issued a statement : `` We have taken action to protect users against an email impersonating Attack.Phishing Google Docs , and have disabled offending accounts . We ’ ve removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again . We encourage users to report phishing emails in Gmail . If you think you were affected , visit http : //g.co/SecurityCheckup '' Those who have already fallen victim to this attack should also go to their Google account permissions settings and revoke access to the false `` Google Docs '' application . They 're also advised to set up two-factor authentication .

Google said it has disabled offending accounts involved in a widespread spree of phishing emails today impersonating Attack.Phishing Google Docs . The emails , at the outset , targeted journalists primarily and attempted to trick Attack.Phishing victims into granting the malicious application permission to access the user ’ s Google account . It ’ s unknown how many accounts were compromised Attack.Databreach , or whether other applications are also involved . Google advises caution in clicking on links in emails sharing Google Docs . The messages purport to be from Attack.Phishing a contact , including contacts known to the victim , wanting to share a Google Doc file . Once the “ Open in Docs ” button is clicked , the victim is redirected to Google ’ s OAUTH2 service and the user is prompted to allow the attacker ’ s malicious application , called “ Google Docs , ” below , to access their Google account and related services , including contacts , Gmail , Docs and more . “ We have taken action to protect users against an email impersonating Attack.Phishing Google Docs , and have disabled offending accounts , ” a Google spokesperson told Threatpost . “ We ’ ve removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again . We encourage users to report phishing emails in Gmail. ” OAUTH is an authentication standard that allows a user to authorize third party applications access to an account . The attempt to steal OAUTH tokens is a departure from traditional phishing attacks Attack.Phishing that target passwords primarily . Once the attacker has access Attack.Databreach to the victim ’ s account , the phishing message is sent Attack.Phishing along to the compromised contact list . While this attack is likely the work of a spammer , nation-state attackers including APT28 , aka Fancy Bear or Sofacy , have made use of this tactic . APT28 has been linked to last summer’s attacks Attack.Phishing attempting to influence the U.S. presidential elections . The group has long been targeting political entities , including NATO , and uses phishing emails , backdoors and data-stealing malware to conduct espionage campaigns against its targets . “ I don ’ t believe they are behind this though because this is way too widespread , ” said Jaime Blasco , chief scientist at AlienVault . “ Many people and organizations have received similar attempts , so this is probably something massive and less targeted . ”

A massive phishing campaign Attack.Phishing took place today , but Google 's security staff was on hand and shut down the attacker 's efforts within an hour after users first reported the problem on Reddit . According to multiple reports on Twitter , the attacks Attack.Phishing first hit Attack.Phishing journalists , businesses , and universities , but later spread to many other users as well . The attack itself was quite clever if we can say so ourselves . Victims received Attack.Phishing a legitimate ( non-spoofed ) email from one of their friends , that asked them to click on a button to receive access to a Google Docs document . If users clicked the button , they were redirected to the real Google account selection screen , where a fake app titled Attack.Phishing `` Google Docs '' ( not the real one ) asked the user 's permission to authorize it to access the shared document . In reality , the app only wanted access to the user 's Gmail inbox and contact list . After gaining access Attack.Databreach to these details , the fake app copied the user 's contact list and sent Attack.Phishing a copy of itself to the new set of targets , spreading itself to more and more targets . The email was actually sent Attack.Phishing to `` hhhhhhhhhhhhhhhh @ mailinator.com , '' with the user 's email address added as BCC . Following the incident , Mailinator intervened and blocked any new emails from arriving into that inbox . Because of this self-replicating feature , the phishing attack Attack.Phishing spread like wildfire in a few minutes , just like the old Samy worm that devasted MySpace over a decade ago . Fortunately , one Google staff member was visting the /r/Google Reddit thread , and was able to spot a trending topic detailing the phishing campaign Attack.Phishing . The Google engineer forwarded the Reddit thread to the right person , and within an hour after users first complained about the issue , Google had already disabled the fake app 's ability to access the Google OAuth screen . Later on , as engineers had more time to investigate the issue , Google issued the following statement : We have taken action to protect users against an email impersonating Attack.Phishing Google Docs & have disabled offending accounts . We ’ ve removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again . We encourage users to report phishing emails in Gmail . There are no reports that malware was deployed in the phishing attack Attack.Phishing . Cloudflare was also quick to take down all the domains associated with the phishing attack Attack.Phishing . Users that clicked on the button inside the phishing email can go to the https : //myaccount.google.com/permissions page and see if they granted the app permission to access their account . The real Google Docs is n't listed in this section , as it does not need permissions , being an official Google property .

If you get Attack.Phishing a Google Doc link in your inbox today , scrutinize it carefully before you click—even if it looks like Attack.Phishing it comes from Attack.Phishing someone you trust . A nasty phishing scam Attack.Phishing that impersonates Attack.Phishing a Google Docs request has swept the internet today , including a decent chunk of media companies . You 've heard `` think before you click '' a million times , but it really could save you from a whole lot of hassle . Google has taken steps to neutralize this particular phish Attack.Phishing . The company said in a statement that it has `` disabled offending accounts . We ’ ve removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again . '' But when it comes to phishing defense Attack.Phishing there 's always an element of cat and mouse . Large-scale phishing attacks Attack.Phishing and those impersonating Attack.Phishing popular services like Google log-in pages regularly stalk the internet . `` The importance of this phish Attack.Phishing is not how it spread , but rather how it didn ’ t use malware or fake websites tricking Attack.Phishing users to give up their passwords , '' says Aaron Higbee , chief technology officer at the phishing research and defense company PhishMe , which analyzed data from the fake Google Docs campaign. `` This phish Attack.Phishing worked because it tricked Attack.Phishing the user into granting permissions to a third-party application . This is the future of phishing Attack.Phishing , and every security technology vendor is ill-equipped to deal with it . '' Similar Google Docs scams Attack.Phishing in particular have been circulating Attack.Phishing since at least 2014 , but that does n't make them any easier to spot , in part because they seem so authentic . Phishers can use real Google accounts and develop third-party plugins that can interact with Google services , so they can lure Attack.Phishing victims in through the most perfect-looking Google web pages of all : Genuine ones .

Researchers from Positive Technologies have unearthed Vulnerability-related.DiscoverVulnerability a critical vulnerability ( CVE-2017-6968 ) in Checker ATM Security by Spanish corporate group GMV Innovating Solutions . Checker ATM Security is a specialized security solution aimed at keeping ATMs safe from logical attacks . It does so by enforcing application whitelisting , full hard disk encryption , providing ACL-based control of process execution and resource access , enforcing security policies , restricting attempts to connect peripheral devices , and so on . The found flaw can be exploited Vulnerability-related.DiscoverVulnerability to remotely run code on a targeted ATM , increase the attacker ’ s privileges in the system , and compromise the machine completely . “ To exploit the vulnerability , a criminal would need to pose as Attack.Phishing the control server , which is possible via ARP spoofing Attack.Phishing , or by simply connecting the ATM to a criminal-controlled network connection , ” researcher Georgy Zaytsev explained . “ During the process of generating the public key for traffic encryption , the rogue server can cause a buffer overflow on the ATM due to failure on the client side to limit the length of response parameters and send a command for remote code execution . This can give an attacker full control over the ATM and allow a variety of manipulations , including unauthorized money withdrawal ” . ” When informed Vulnerability-related.DiscoverVulnerability of the vulnerability and provided with test exploits , GMV confirmed Vulnerability-related.DiscoverVulnerability its existence and that it affects Vulnerability-related.DiscoverVulnerability versions 4.x and 5.x of the software , and ultimately pushed Vulnerability-related.PatchVulnerability out a patch , which users are urged to install Vulnerability-related.PatchVulnerability as soon as possible . Exploitation not detected in the wild A company spokesperson has made sure to point out that there is no indication that the vulnerability has been exploited Vulnerability-related.DiscoverVulnerability in attacks in the wild . Also , that exploitation is not that easy , as the attacker must first gain access to the ATM network and log into the target system . “ Secondly , the attack is difficult to be systematically exploited in an ATM network . In order to exploit it , the attacker needs some memory address that are strongly dependent on Windows kernel version , while in Windows XP systems could be theoretically possible to take advantage of the vulnerability , in Windows 7 is almost impossible because those memory address are different in every windows installation , ” the spokesperson told The Register . Like any software , security software is not immune to vulnerabilities and can open systems to exploitation . While antivirus and other security solutions for personal computers are often scrutinized and tested for flaws by third-party researchers , specialized security software has not , so far , received that amount of attention . So , it ’ s good to hear that some researchers have decided to focus on them , and that vendors are positively responding to vulnerability disclosures Vulnerability-related.DiscoverVulnerability .