14 DAY TRIAL // It is not the first time when Google is vulnerable to the hack attacks but this time the security hole can lead to identity theft and stealing of private information. MustLive discovered a XSS vulnerability in Google Search Appliance, the searching technology which is supposed to be used in large networks or organizations. "Mustlive has contacted Google, who to my knowledge has not let their customers know that they are vulnerable," the folks from ha.ckers.org wrote on the official blog. "What does that mean? Well, it differs from site to site. Some sites may only be affected a little bit while important data (e.g. user info, password, etc?) of some other sites may end up in the wrong hands," Haochi from Googlified added on his blog.
In the past, several products powered by the Mountain View company were affected by more or less critical vulnerabilities which put the users in danger and could disclose their private information. Take for example Google Desktop, the downloadable searching solution that must be installed on users' computers in order to allow them to find the files stored on their system. A simple security flaw in this program could allow the attacker to invade the computer and access their data.
Some time ago, Google confirmed a security flaw in Gmail, the company's mail service, which was extremely dangerous for both users and the search giant. First of all, it allowed the attackers who conducted a successful exploitation attempt to access the inbox and see most of the messages stored in the account. Moreover, they could view the contacts saved into the address book which could be used in other spamming campaigns over the Internet.
There's no chance to remain 100% secure on the Internet, no matter what you're using: a Google, Yahoo or Microsoft product. Your only chance is to remain extremely focused on your computer activities and think a little bit before acting.