Subscribe
About

Google bugs empower phishermen

Kirsten Doyle
By Kirsten Doyle, ITWeb contributor.
Johannesburg, 13 Oct 2008

Google bugs empower phishermen

Google's Gmail service suffers from security flaws that make it trivial for attackers to create authentic-looking spoof pages that steal users' login credentials, a security expert has demonstrated. Google Calendar and other sensitive Google services are susceptible to similar tampering, reports The Register.

A proof-of-concept attack, published by Adrian Pastor of the GNUCitizen ethical hacking collective, exploits a weakness in the google.com domain that allows him to inject third-party content into Google pages.

A Google spokesman said company security pros were looking into the reports.

Defence ministry, EDS lose data

The Ministry of Defence (MOD) is investigating the loss of a computer hard drive that could contain the personal details of 100 000 members of the armed forces, says Computing.co.uk.

The information was being held by EDS, the MOD's main IT contractor, and was found to be missing as part of an audit the firm was carrying out in response to recommendations under the Data Handling Review.

The MOD insisted that, although the drive was used as part of personnel systems, its own investigation had not yet determined what was on the drive.

Bank turmoil fuels phishing boom

According to governments and security experts, hi-tech fraudsters are taking advantage of the global financial turmoil, says The BBC.

The US Federal Trade Commission issued a warning saying phishing gangs were using the turmoil to extract valuable information from consumers.

A UK parliamentary group said it expected a move away from ID theft towards attacks on account-holders.

Spam attack halts Virgin e-mail

Tens of thousands of Virgin customers have spent four days cut off from, or with little access to, their e-mail accounts after a suspected spam attack, says The BBC.

The problem affected a company which processes messages delivered through the Virgin.net platform.

All legitimate e-mails were held back when the "large" attack began on Tuesday evening so the spam could be removed, a Virgin Media spokesman said.

MP3 players threaten users' hearing

People who listen to personal music players for only five hours a week at a high volume may be doing permanent damage to their hearing, says CNet.

A team of nine experts on the Scientific Committee on Emerging and Newly Identified Health Risks is expected to release that finding in a study today, according to a report in the International Herald Tribune.

The EU entity also points out that young people may be doing damage to their hearing that may not surface until years after the exposure, according to the newspaper.

Share