Do you have an interest to know the Google fix hole serious security hole on its Gmail password? Here I have given the short details about the topic Google’s serious security hole in Gmail. This is one of the new techniques to protect our email service through the Gmail’s security hole.
The information of Google find one new type of security hole in Gmail password is following below.
Facts of Google find security hole in Gmail password
Recently Google has fixed a potentially serious security hole in its Gmail email service, after a security researcher discovered the fault.
The Internet massive fixed the fault within 10 days, which is informed by white-hat hacker Oren Hafif, who said the bug involved Gmail's password recovery mechanism.
If some unknown person obtained access to your Gmail account, that person can easily 'password recover' his way to any other web and or mobile application out there," Oren Hafif said in a blog post.
Hafif’s statement is, an attacker can send a phishing email customized with the target Gmail user's email address in the URL, with the link referring to a site controlled by the attacker.
But that he said Google's team acted swiftly, fixing the matter in 10 days. "Google security team acted really fast. This issue was fixed in 10 days," he said.
Security researcher Graham Cluley renowned the process of stealing the Google password starts with a "fairly normal looking phishing email, claiming to come from Google." But the link really takes the intended victim to a website under the hacker’s control.
Security researcher Graham Cluley said the hacker's site quickly executes a Cross-site request forgery (CSRF), "launching a cross-site scripting (XSS) attack which fools Google into believing that the user has requested a password reset, as if they were having trouble logging in."
"Fortunately, Oren Hafif is one of the good guys rather than a malicious attacker, and so he informed Google of the serious security hole," he said.
0 comments:
Post a Comment