A new vulnerability reportedly enables bad guys to silently put a backdoor in Gmail accounts.
From The Register article: "The technique comes courtesy of Petko D. Petkov, a researcher at GNU Citizen, who writes in a blog post that the backdoor is installed simply by luring a victim to a specially crafted website while logged in to Gmail."
The original report from Petkov (aka 'pdp') is located at http://www.gnucitizen.org/blog/google-gmail-e-mail-hijack-technique/ in turn. |