gmail hacking | Breaking Cybersecurity News | The Hacker News

Google being one of the top web based service provider, has huge number of Internet users availing the free and paid services for their day-to-day personal and/or professional needs. Many of them have configured their mobile phone number for their account password recovery options. Certainly, when comes the mobility, many of these users prefer Google's android based smart phones and tablets to access these services anytime, anywhere. In case of issues in accessing GMAIL services, user is been provided with the option to reset the account password by simply asking Google to send a verification code on the pre-registered mobile number. On the other hand, Android (mobile operating system from Google) based devices are bundled with security features to keep the privacy of user data/information intact. The user can opt to set the security level from none to Password (High), this ensures that, to access the mobile device and information within it, the user needs to pass through

Google says tens of thousands of Gmail accounts belonging to Iranian users have been targeted in an politically motivated hacking campaign in the weeks leading up to the country's closely watched presidential elections. For the last three weeks, the search giant said it has " detected and disrupted multiple email-based phishing campaigns aimed at compromising the accounts owned by tens of thousands of Iranian users. " " These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region, " Eric Grosse, Google's Vice President for Security Engineering. Phishing attacks are emails which appear official but instead lead users to websites where they are encouraged to reveal data including usernames, passwords, and credit card details. Google said it has a policy to alert users to " state-sponsored attacks and other suspicious activity ," but did not identify the perpetrators be

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Iranian hackers deface multiple big companies Turkmenistan domains (.tm) yesterday using DNS poisoning attack. All hacked domains are registered by NIC at Turkmenistan. Hacker managed to find and exploit a SQL Injection vulnerability in NIC website in order to get database of the site. Because the passwords was stored in plain text, that make more easy for those hacker to access the domain panels of each domain and changing the DNS entries to shift websites on a rouge server with defaced page. The defaced message as shown below: Defaced domains : www.youtube.tm www.gmail.tm www.msdn.tm www.intel.tm www.officexp.tm www.xbox.tm www.windowsvista.tm www.orkut.tm www.google.tm Mirror of hacks are available at Zone-H .

Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it will cost you somewhere in the region of $700. If you just want to hire someone else's botnet for an hour, though, it can cost as little as $2. There are at least 20 different types of services offered in Russian-speaking forums for just about anyone who wants to make a buck off of cybercrime, everything from crime-friendly VPN and security software-checking services to plain old off-the-shelf exploits. " As the Russian underground community continuously modifies targets and improves technologies, security companies and users must constantly face the challenge of effectively protecting their money and the information they store in their computers and other devices ," the