News

Monday, March 16, 2015

Google error leaks website owners’ personal information

A Google software problem inadvertently exposed the names, addresses, email addresses and phone numbers used to register websites after people had chosen to keep the information private.

The privacy breach involves whois, a database that contains contact information for people who’ve bought domain names. For privacy reasons, people can elect to make information private, often by paying an extra fee.

Craig Williams, senior technical leader for Cisco’s Talos research group who discovered the issue, said the data will make it easier for cybercriminals to draft phishing emails that try to trick victims into divulging information or clicking on malicious links.

he cybercriminals are “going to have the right website name, the right name, the right address, the right phone number, the right email,” he said.

Cisco said in a blog post that some 282,867 domains were affected. Williams stumbled across the problem last month while doing research on domains associated with malware.

The privacy settings for domain names registered through the company eNom were being turned off right at the time when the domains were up for renewal, starting around mid-2013.

Read moreClick here


News Sources:

http://www.csoonline.com/article/2895891/privacy/google-error-leaks-website-owners-personal-information.html

Resources
INFOGRAPHIC
Infographic State of App Sec in India

Step on how to get started

E-BOOK
OWASP E Book lp

Understanding OWASP Top 10 Vulnerabilities & their Business impact

WEBINAR
WEBINAR RECORDING POST th

Learn how 'Shoppers Stop' secures its Online Stores

VIDEO PRESENTATION
State of Application Security in India Presentation by Ashish Tandon CEO Indusface

Application Security Outlook in India

Start Securing Your Applications