A security researcher named Oren Hafif found a vulnerability in the gmail accounts that could allow an attacker to hijack any email account.
This is a type of the password reset vulnerability, in the hacking process attacker have to send an email which looks like an email from an official google account.
It’s a simple spear-phishing attack by leveraging a number of flaws i.e Cross-site request forgery (CSRF), and cross-site scripting (XSS), and a flow bypass.
In the mail, it says-”Please confirm account ownership by clicking on this link:”
Upon clicking the link, it redirect users to a page that is linked to https.google.com but in real it leads the victim to the attacker’s website because of CSRF attack with a customized email address. In that page you have to enter, the last password you remember and a new password:
The US’ National Security Agency reportedly hacked 50,000 computer systems globally and infected them with malware, according to the classified documents revealed by whistleblower Edward Snowden.
The latest claims come from a digital presentation slide, which show a world map highlighting hard computer networks and ‘world-wide implants’ under the category.
CNE (Computer Network Exploitation), NSA jargon for malware infections.
Google today said it had paid a researcher $40,000 for a partial exploit of Chrome OS at its Pwnium 3 hacking contest two weeks ago.
The researcher, known as “Pinkie Pie,” was the only participant who submitted an exploit during the challenge Google ran March 7 at CanSecWest, the Canadian security conference which also hosted the eighth-annual Pwn2Own contest.
Two others had been working on Chrome OS exploits for Pwnium, said Google, but neither wrapped up in time, even after the contest deadline was extended.
The US Federal Bureau has added 5 hackers to it’s most wanted list and seeking it’s information from the public regarding there whereabouts.
The hackers are wanted in connection with hacking and fraud crimes in US as well as internationally. Rewards ranging from $ 50,000 and $ 1,00,000 are being offered for information that leads to there arrest.