Yes, Google’s Anti-Phishing Blacklist Exposed Confidential User Data !Best Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
Internet security & monitoring for networks - Dld trial!   Get A Free iPod   Bookmark and Share 
Best Tips
VoIP Servers and Phones ...
ID Theft -- Top 10 Safet...
Panda Internet Security ...
Protect Against Web Atta...
How To Detect Identity T...
How to Secure Wireless N...
Use CAN-SPAM Aginst Spam...
How To Truly Delete File...
Understanding Digital Si...
Get Protection Against T...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Vuln: DotNetNuke User Account Security Bypass Vulnerability
2009/12/24 0:00:00
Zero-Day Internet Explorer Exploit Published
2009/11/21 7:05:59
Mal/EncPk-MA
2009/11/21 5:42:17
Mal/Rustock-D
2009/11/21 5:42:17
Troj/Agent-LUT
2009/11/21 5:42:17
Our Partners
Downloads
 0.Google Sitemap Maker (Master Resale Rig...
 1.SEO Godfather
 2.AimOne Video Converter
 3.RSS Channel Writer
 4.JavaScript Drop Down Menu Creator
 5.PROcessu SeaBattle PPC
 6.Notes Organizer Deluxe
 7.NoClone Upgrade to Enterprise v4
 8.Aplus DVD to Pocket PC Ripper
 9.Intertech DVD Ripper
Identity Theft - Phishing : Yes, Google’s Anti-Phishing Blacklist Exposed Confidential User Data !
Posted by Max on 2007/1/24 14:00:00 (1549 reads)
Identity Theft - Phishing

Finjan Inc., declared that it backs up recent reports that Google have accidentally exposed private user names and passwords on the Google anti-phishing blacklist, without using any access protection. Such sensitive data could potentially have been used to compromise user privacy, and could even have been used for identity theft or financial profit .

On January 3, 2007, Finjan’s Malicious Code Research Center (MCRC) researchers exposed that a list of URLs was available and not encrypted on Google’s servers and straight away informed Google, which acknowledged receipt of Finjan’s alert about the vulnerability.

Finjan considers the information on the servers had been gathered using Google’s anti-phishing browser extension. Google has long fixed the problem, and it is assumed that Google has notified all affected users. Recent tests conducted by Finjan confirm that there is no data leakage on the current Google anti-phishing blacklist.

For a snapshot of the data leakage page follow this link: Google JPG


“Finjan became aware of the problem after examining a public list of URLs provided from Google’s servers” said Yuval Ben-Itzhak, Finjan’s Chief Technology Officer. “After examining the data provided in these files, Finjan found that sensitive user information was available on the web with no access protection, including emails, usernames, passwords and session tokens that could be used by hackers to compromise users’ privacy.”

Finjan presents the following advices to minimize the risk of exposing confidential data from similar web applications:

Pointers for home users:

1. Avoid sharing your browsing history with third parties by disabling URL sharing or forwarding - as this is usually enabled in your browser’s toolbars.
2. Use proper password policy for your web accounts. Do not use the same password for all web accounts. Having the same password for several accounts will compromise ALL of them if just one is compromised.

3. Make sure that your PC is effectively protected from malicious software such as spyware and adware that can send out private information. Even when an application’s privacy policy looks sensible, remember that it’s enough for it to send a full URL (including parameters) to disclose your email and other private information.



Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.

Poster Thread
julissa8
Posted: 2009/1/10 8:11  Updated: 2009/1/10 8:11
Just popping in
Joined: 2009/1/10
From:
Posts: 1
 Re: Yes, GoogleÂ’s Anti-Phishing Blacklist Exposed Confide...
nami and luffy having sex, diapered asian, dawson millers nudes, fake nude sport stars pics, teardrop mini thong, mallu suparna nude rediff, pageant video nudist, gyno speculum video, non nude underage girls, nymphet russia, youporn culos calientes, teen nudists movie, xena nude lucy lawless, caning video, angeles pampanga girls, yuo porn to, hijab girl pic, naturist teen contest, sexy teens having sex with aunties, eplan electric p8 download full version warez, bolly uncensored hottest picture, www irritablebowelsyndrome com, totally nude male celebrities, fun aunty sexy photots, jap gravure torrent, forced fem, atk hairy rapidshare bbs, sexy pokemon girl flannery, animal beastiality free porn, youporn tranny cumshots

Poster Thread
edward83
Posted: 2009/2/9 4:06  Updated: 2009/2/9 4:06
Just popping in
Joined: 2009/2/8
From:
Posts: 10
 Re: Yes, GoogleÂ’s Anti-Phishing Blacklist Exposed Confide...
ccna final exam v 4 0, inurl htm html php intitle index of last modified parent directory description size mpg avi wmv di brenda song, cerita sex pepek ngentot, close ups of vagina, gemma garrett nude, nude photos of desi aunties with animal, rebecca chambers nude, le migliori inculate con video clip da vedere gratis, foto gratis cazzi enormi con studentesse 18enni, tinny girl tgp, calze nere sexi, www pakistani sexy kissing girls photos com, vicky vette megaupload com, malayalam blue filim image, ditalini immagini, wallpapers of goku doing sex, foto ragazzi nudi pisello, siti hard con uomini anziani, incest family japanese megaupload com, hot aunties videos, japanese escorts torino relatos pornor, video 3gp pemerkosaan anak smp di lampung, sesso video con anteprima gratis, scopa vergine porno, preeteens fucking, the very hottest fucking shannon tweed, sexy mallu blouses, livedoor lolita board, www nude celeb on candid com, myfirstime sedap

Poster Thread
anissa73
Posted: 2009/2/14 19:03  Updated: 2009/2/14 19:03
Just popping in
Joined: 2009/2/14
From:
Posts: 5
 Re: Yes, GoogleÂ’s Anti-Phishing Blacklist Exposed Confide...
foto porno madre e figlia, donne cinesi foto porno fighe in orgasmo, l2phx eng, kiddy pedo porn for free, www culi enormi com, jessie wallace nuda, orge di madri e figli, camp pictures naturiste, free family guy porn video lois griffin, immaginibastarde detro, ballet crossdresser, free genital massage vids, hot pictures of sexy afghan women, cioco, behan bhai sexy urdu kahani, kylie james nude gallery, sexy mallu aunty navel in xboard us, annunci ragazze a verona che fanno sesso, mallu pics xboard, fotoracconti fotoromanzi tette, incontri in campania con negrette, startrek, scopiamo sex old lady inculo, nudisti pagine personali, foto sex, nudist preten cp, 12 yo stupri gratis, free pthc pics, motore per donne anziane nude, ff porno



 

NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Sep '08 | Oct '08 | Nov '08 | Dec '08  Jan '09 | Feb '09 | Mar '09 | Apr '09 | May '09 | Jun '09 | Jul '09 
4000+ Security Software Downloads