A Google account is currently only protected by a username, which in most cases is an email address, and a password. Threats like phishing, brute forcing and social engineering are very common on today’s Internet. To protect its users, Google has decided to roll out an advanced sign-in security feature for Google accounts that makes [...]
- Author: Martin Brinkmann
- Comments: 3
Suspicious Account Activity Now Displayed In Google Account Dashboard
Google back in March introduced a warning system in Gmail that would notify Gmail users about suspicious account activity. From what we could tell back then the system compared IP addresses of the computers used to log into Gmail. Logins from different regions in the world, for example the U.S. and Russia in short succession [...]
- Author: Martin Brinkmann
- Comments: None
Google Implements Cross-site Request Forgery Protection
Cross-site Request Forgery are carried out from a computer system or user that is trusted by a website. Cookies that do not expire after a user closes the website or web browser are one of the most common forms of trust that can be exploited by cross-site request forgery attacks. The attacker needs to use [...]
- Author: Martin Brinkmann
- Comments: 22
Google Chrome Security Vulnerability
Now this did not take long. Only one day after releasing a first public beta version of Google Chrome researchers at Kaspersky discovered (Thanks Neil for sending the tip) a security vulnerability that combines a security flaw in Webkit, the browser engine used by Google Chrome, with a Java bug. Apple fixed the vulnerability in [...]