Google hacked | Breaking Cybersecurity News | The Hacker News

Google's primary search domain for Tajikistan had seemingly been hacked yesterday, along with other high profile domains including Yahoo, Twitter, Amazon -- redirected to a defaced page. Actually neither Google, nor Twitter servers have been hacked, rather website of Tajikistan's Domain registrar ( domain.tj ) authority has been hacked, that allows the hacker to access domain control panel. Server Kernel:  Linux mx.takemail.com 2.4.21-27.ELsmp #1 SMP Wed Dec 1 21:59:02 EST 2004 i686 Iranian hacker ' Mr.XHat' successfully managed to change the DNS records of attack websites and defaced them for about a day. Hacker told ' The Hacker News ' that he used Directory Traversal vulnerability to hack the website and still has the access to the control panel. Directory traversal is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files. Following the screenshot of compromised Domain Registrar's Control Panel:

Oren Hafif , a security researcher has discovered a critical vulnerability in the Password reset process of Google account that allows an attacker to hijack any account. He managed to trick Google users into handing over their passwords via a simple spear-phishing attack by leveraging a number of flaws i.e. Cross-site request forgery (CSRF), and cross-site scripting (XSS), and a flow bypass. In a proof of concept video demonstration, the attacker sends his victim a fake " Confirm account ownership " email, claiming to come from Google. The link mention in the mail instructs the recipient to confirm the ownership of the account and urged user to change their password. The link from the email apparently points to a HTTPS  google.com URL, but it actually leads the victim to the attacker's website because of CSRF attack with a customized email address. The Google HTTPS page will will ask the victim to confirm the ownership by entering his last password and then will ask to res

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

On Tuesday, the Washington Post revealed a few more NSA slides released by Edward Snowden, which revealed that the spy agency NSA was infiltrating the private data links between Google and Yahoo data centers as part of a program called MUSCULAR . Chairman and former CEO of Google Eric Schmidt says the company's executives are shocked by allegations that the National Security Agency has been collecting data from the search engine's servers. " It's really outrageous that the NSA was looking between the Google data centers, if that's true ," he said. Overnight, Two Google's Security engineers -  Mike Hearn and   Brandon Downey expressed reasonable anger about the news on Google+, said " Fuck these guys ", where these represent NSA and GCHQ. I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces. Fuck You to the people who made these slides. I am not American, I am a Brit, but i

Google has local domains for almost every country in the world. Just now some hackers from Palestine hacked into Google's Palestine domain ( https://google.ps/ ) and defaced it The message appearing on the defaced page says, " uncle google we say hi from Palestine to remember you that the country in google map not called Israel. Its called Palestine # Question : what would happen if we changed the country title of Isreal to Palestine in google maps !!! It would be a revolution .. So Listen to rihanna and be cool :P " The most likely scenario is that Google itself hasn't been breached. Instead, it appears as the hacker forwarded/ redirected the DNS to a new page. The virtual names of the hackers behind the hack are ," Cold z3ro - Haml3t - Sas - Dr@g " from Palestine. Currently, the website is defaced while writing this update. Reported by The Hacker News reader 'Hanamichi Kurotsuchi'.

Google's Oman domain ( https://www.google.com.om/ ) was reportedly defaced today due to a hijacking of the company's local domain name by by Moroccan Hackers . The credit being taken by " SQL_Master And Z0mbi3_Ma " serial website defacers. It seems that hackers successfully beached into Oman Telecommunication Company , who is domain registrar of Google's Oman domain and possible DNS hijack techniques is used to re-directed users to a different site whenever they tried to reach Google's local domain. The text on the hacked site reads: " 0h0h0h! U get FUCKED BY! And Z0mbi3_Ma SQL_Master for more: Z0mbi3_Ma@hotmail.com . / Morocco". Same group of hackers were responsible for hacking  The National Security Agency (NSA) in past.  Zone-H mirror record also available for proof of hack and at the time of writing, site is defaced. Whether you own 1 domain or over 100, domain security today is more important than ever. We will update the news with new information

On Monday morning, Google has been the victim of a cyber-attack. Defacement attack was launched by Bangladeshi hacker TiGER-M@TE , their Kenyan domain google.co.ke  was defaced, instead the page splayed a black background€™ stamped in red across it. When a user visited the page the hacked screen spiraled in as some foreign music played in the background.  Google is the third most used site in Kenya. TiGER-M@TE has been quite active with defacements lately, and has targeted some high-profile sites in the past.

Iranian hackers deface multiple big companies Turkmenistan domains (.tm) yesterday using DNS poisoning attack. All hacked domains are registered by NIC at Turkmenistan. Hacker managed to find and exploit a SQL Injection vulnerability in NIC website in order to get database of the site. Because the passwords was stored in plain text, that make more easy for those hacker to access the domain panels of each domain and changing the DNS entries to shift websites on a rouge server with defaced page. The defaced message as shown below: Defaced domains : www.youtube.tm www.gmail.tm www.msdn.tm www.intel.tm www.officexp.tm www.xbox.tm www.windowsvista.tm www.orkut.tm www.google.tm Mirror of hacks are available at Zone-H .

Algerian Hacker today hijack DNS Yahoo, Microsoft or Google and Paypal redirect users to a deface page. Credit being taken by Hacker going by name MCA-CRB , a serial website defacer. MCA-CRB is a prolific online graffiti artist who has defaced at least 5,000 sites, according to records kept by Zone-H. After Hijacking both domains resolve to an IP address located in the Netherlands," at 95.128.3.172 (server1.joomlapartner.nl). " When we heard about this incident, we were pretty skeptical about the attack. A site such as Google's can be theoretically hacked, but it is very unlikely. Then we noticed that both domains were directed to an IP address in the Netherlands […], so it seemed more like a DNS poisoning attack ," said Stefan Tanase from Kaspersky Lab Romania. " All we know is that Google's public DNS servers (8.8.8.8 and 8.8.4.4) were resolving requests for google.ro and other major .RO websites to the IP address hosting the defacement page ," Tanase said. Google