Wavety.com

Google Wave, News, Reviews, Gadgets and Robots.

‘Google Security’ Category

Google Hackers Used Social Engineering Tricks To Carry Out Attacks

Date: 2010.01.29 | Category: Google Security | Response: Comments

McAfee, one of the world’s leading antivirus software and computer security companies, has claimed that the hackers which were responsible for the cyber attack on Google and several other US-based companies first ran a highly sophisticated reconnaissance on some of the employees at Google and might have impersonated their friends on some social networking sites.

McAfee’s Chief Technology Officer George Kurtz announced that the hackers used complex social engineering techniques and advanced reconnaissance techniques to specifically target those individuals which had access to sensitive company information.

Explaining the tactic used, Kurtz mentioned “Speaking generically, we’re seeing a lot more targeted attacks where people focus on [employees with] the highest set of privileges, and then work backwards, gaining access to secondary parties to get to the primary source.”

If what Kurtz is saying is true then it means that hackers had to first compromise and manipulate social networking accounts of friends of some Google employees.

The targeted employees then received links to malicious websites from the compromised accounts, which they went on to click as they believed that those links were sent by a friend.

However, the CTO of McAfee believes that this cyber attack on privately held companies by the government of another country proves that global cyber wars have attained a whole new level.

Originally published on ITProPortal.com
Google Toolbar Bug Allows Google To Track Sites Visited

Date: 2010.01.29 | Category: Google Security | Response: Comments

A bug in the Google Toolbar application apparently enables Google to track URLs of the websites visited by the user along with associated directories, filenames, URL parameters and search terms even after the user has ‘disabled’ the toolbar’s ‘enhanced features’.

Ben Edelmen, a Harvard professor and a long-time Google critic reported on his blog that Google Toolbar continued to transmit data back to Google servers even after he disabled the feature and he further went on to supply screenshots and video evidence to support his claim.

In his blog post, commenting on Google’s intrusion of a user’s privacy, Edelmen said that “Fact is, the ‘Disable Google Toolbar only for this window’ option doesn’t work at all: It does not actually disable Google Toolbar for the specified window.”

However, the search engine giant Google was prompt in issuing a statement, acknowledging a bug along with a patch that fixes the problem.

The company said in an emailed statement that the bug only affects versions 6.3.911.1819 through 6.4.1311.42 of Google Toolbars for Internet Explorer web browser.

Google also claimed that the bug does not come into affect until users activate the ‘enhanced features’ of the toolbar, which according to Edelmen, is surprisingly easy than disabling it altogether.

Originally published on ITProPortal.com
Kaspersky Security Application Flagging Google Adsense As Malware

Date: 2010.01.28 | Category: Google Security | Response: Comments

A recent Kaspersky antivirus software update accidentally listed Google’s Adsense advertising solution as a malicious script, causing confusion and inconvenience to many.

Google Adsense is widely used as an online advertisement platform by numerous legitimate but small websites on the internet.

It was reported that when a visitor, who has an activated Kaspersky antivirus software installed, accessed a web page with an Adsense advertisement on it, the security application would flashed a message on the screen that warned the visitor against a Trojan virus that was supposed to be on the page, when in fact wasn’t.

Furthermore, depending on the settings applied by the user, Kaspersky software blocked the ‘affected’ pages, making them inaccessible.

However, the Russian antivirus company, acknowledging the false alert issued by its popular software, issued a statement along with a patch that fixes the problem.

Te statement admitted the mistake and mentioned “Kaspersky Lab would like to apologize for any inconvenience this problem may have caused users. The company is continually improving its procedures for testing products and releasing updates to prevent such errors from occurring in future.”

The company reported that the problem occurred when an incorrect signature was added to the company’s database which led to Kaspersky products blocking legitimate websites that contained the Google Adsense script.

Originally published on ITProPortal.com
Security Expert Confirms Chinese Fingerprints On Google Attacks

Date: 2010.01.23 | Category: Google Security | Response: Comments

A researcher working with a leading US security firm has claimed that he has found ‘fingerprints’ of Chinese hackers in the ‘highly sophisticated’ cyber attack that had targeted search engine giant Google and several other US-based companies.

The Director of SecureWorks’ Counter Threat unit, Joe Stewart, who reverse engineered the code that was used in the cyber attack, reported that the newly discovered ‘fingerprint’ of Chinese hackers is an error-checking algorithm in the software that installed the Hydraq backdoor on the compromised PCs.

Stewart reported in his paper that the algorithm that installed the Hydraq backdoor comes from a technical paper in the Chinese language that has been published exclusively on some Chinese websites.

He also said that the CRC, or cyclic redundancy check, used a table of only 16 constants, a compact version of the more standard 256-value table.

Claiming that the CRC-16 is ‘virtually unknown’ outside China, he added that “This indicates the Aurora code base originated with someone who is comfortable reading simplified Chinese. Although source code itself is not restrained by any particular human language or nationality, most programmers reuse code documented in their native language.”

Originally published on ITProPortal.com
Could Google Cyber Attack Be An Insider Job?

Date: 2010.01.22 | Category: Google Security | Response: Comments

The Wall Street Journal has reported that Google has initiated an internal investigation in order to determine whether some if its China staff were instrumental in the ‘highly sophisticated’ cyber attack that breached the search engine giant’s corporate infrastructure.

Citing sources within the company, the newspaper also reported that some of the 700 employees working in Google China had been denied access to the company’s internal network during the course of the internal investigation.

According to the WSJ report, unnamed sources within the company said that the ongoing investigation of the employees was part of the normal course of investigation into the cyber attack that was aimed at stealing intellectual property belonging to Google.

The news of an ongoing investigation follows Google’s announcement that the company had recently come under fire from a cyber attack that had its origins in China.

The search engine giant had also reported that the attack was aimed at the Gmail accounts of some Chinese human rights activists and that 20 other US based companies were the targets of the attack.

This shocking revelation from Google was followed by the announcement that if the Chinese government failed to allow Google to operate sans censorship regulations, then the company will close down its China operations.

Originally published on ITProPortal.com
Microsoft Internet Explorer Used By Chinese Hackers To Break Into Google, Adobe

Date: 2010.01.20 | Category: Google Security | Response: Comments

In a candid admission, Microsoft Corp has said that the security vulnerabilities in its browser were indeed exploited by the cybercriminals to hack the networks of Adobe Inc., Google, and several other companies.

Earlier, the internet security vendor McAfee had exposed the fact that the hackers used the security flaws in Microsoft’s Internet Explorer (IE) to infiltrate Google networks.

Responding to the situation, the software giant has released a security advisory on Thursday, warning users of a critical and unpatched security hole in IE that could allow hackers to steal their login credentials for crucial online accounts.

The security vulnerability involves IE’s capability of handling JavaScript and the malware involved in the attacks gave the hackers access to “back door” to intrude into the system’s security and seize control over its resources.

Incidentally, IE is vulnerable to this kind of attack on almost all latest Microsoft operating systems, including the recently released Windows 7.

Mike Reavey, director of Microsoft’s Security Response Centre (MSRC), wrote in a blog post: “We have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks.”

In addition, Google has released details about the attacks on Tuesday, in which it claimed that the attacks weren’t only targeted at the US companies. Some of the notable companies that were attacked include Adobe Systems, Juniper Networks, Yahoo, Dow Chemical, Symantec, and Northrop Grumman.

Originally published on ITProPortal.com