Google Glitch Disables 150,000 Gmail Accounts
February 28, 2011 by admin
Filed under Security News
Google, we have a problem. About 150,000 Gmail account holders woke up to a nightmare this morning, with all their e-mail, attachments and Google Chat logs gone. What happened?
Google explains that “less than 0.08%” of all Gmail users were affected by the bug, which completely reset accounts, even down to the detail offering a welcome message to those users when they first logged on today. They, and especially visitors to the Gmail Help Forum, were not amused.
But there’s good news here. The way Google is explaining it on its Apps Status Dashboard: “Google engineers are working to restore full access. Affected users may be temporarily unable to sign in while we repair their accounts.”
Google ‘malware’ sponsored advert delivers fake anti-virus
July 15, 2010 by admin
Filed under Security News
“Be careful what you ask for – you might get it.”
That’s the thought running through my head today after I searched for the word “malware” on Google.
As you’ll see in the following short YouTube video I made, a sponsored link right at the top of the Google search results points to a fake anti-virus website posing as a legitimate security company:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
If you download the fake anti-virus program promoted on the website you risk infection by malware identified by Sophos as Troj/FakeAV-AOV.
Justin Bieber fans under fire in YouTube XSS attack
July 5, 2010 by admin
Filed under Security News
If there are any breathless fans of Justin Bieber reading this – let me calm you straight away: Justin Bieber has not died in a car crash.
But you may have imagined that he did if you checked out some of his YouTube videos this long US Independence Day holiday weekend, or read one of the many internet rumours that spread over the last day or so.
A vulnerability in YouTube’s comment system was exploited widely this weekend, allowing mischief-makers to embed code through a cross-site scripting (XSS) flaw. And one of the things they did was post messages claiming that the teen pop sensation had died in a car crash.
Normally YouTube is smart enough to weed out offending code left in the comments left for videos, but it appears that the hackers found a way to waltz past the site’s defences.
Those watching YouTube videos of Justin Bieber and others could find their eyeballs assaulted by other prankish pop-ups and offensive messages or redirected to tasteless websites.
It took about two hours before Google, YouTube’s parent company, got things under control.
XSS attacks are a serious problem, of course. Potentially they can fool unsuspecting users into handing over their login details (although this doesn’t appear to have happened on this occasion) or direct them to a malicious webpage.
90 Second Security Roundup (Video)
June 22, 2010 by admin
Filed under Security Channel
Twitter Using Google Blacklist To Filter Malicious Links
August 5, 2009 by admin
Filed under Security News
Twitter has quietly started using a Google blacklist of suspected phishing and malware pages to filter malicious URLs leading to known malware sites.
Twitter hasn’t announced it, but F-Secure’s chief research officer Mikko Hypponen revealed how it was starting to filter tweets that linked to known malware sites.
According to this blog post, users are given a warning message when they attempt to click on a link that leads to a blacklisted site.
He later confirmed – on Twitter – that the microblogging site was using Google Safe Browsing API, an experimental API that allows client applications to check URLs against an updated Google blacklist.
Twitter has become a bigger target for hackers taking advantage of its explosion in popularity.
This Easter, Twitter suffered four separate worm attacks that encouraged users to click on a link which infected them and made them automatically send out messages to friends with the same link.
Twitter has not replied to request for comment by time of writing.
By Asavin Wattanajantra from www.itpro.co.uk
Don’t download Google Chrome for Mac or Linux
June 5, 2009 by admin
Filed under Security News
When Google released its very own web-browser, called Chrome, last year it generated enormous attention and many Windows users rushed to try it out.
There were some grumblings, however. In particular from members of the Mac and Linux communities who were disappointed that a version of Chrome had not been released for their operating systems. Google was quick to reassure them that ported versions of their new browser were in progress, but might be some time off.
