Security researchers have discovered a hack that allows hackers to access users' Google accounts without needing their passwords.
Analysis by security firm CloudSEK found that a dangerous form of malware uses third-party cookies to gain unauthorized access to people's private data, and is already being actively tested by hacking groups.
This security flaw was first revealed in October 2023, in a channel on the Telegram messaging platform.
The post pointed out how accounts were hacked through a security vulnerability in cookies, which websites and browsers use to track users.
Cookies allow access to accounts without having to constantly enter login details.
The Google Chrome web browser is currently cracking down on third-party cookies.
Google said in a statement: “We routinely work to update our defenses against such technologies and to secure users who fall victim to malware. In this case, Google has taken measures to secure any compromised accounts that were discovered. Users should continually take steps to remove any malware from their devices.” "On their computer, we recommend turning on Enhanced Safe Browsing in Chrome to protect against phishing scams and malware downloads."
Researchers who first discovered the threat said it "highlights the complexity and stealth" of modern cyberattacks.
“This exploit allows continued access to Google services, even after a user's password is reset,” wrote Pavan Karthik M., threat intelligence researcher at CloudSEK. “It highlights the necessity of constantly monitoring both technical vulnerabilities and human intelligence sources to stay ahead of cyber threats.” Emerging.
Apple has begun paying a $500 million settlement to iPhone users in the United States who accused the tech giant of intentionally slowing down the devices.
The "Batterygate" scandal in 2017 was classified as "one of the largest consumer frauds in history," forcing users to invest in new iPhone models.
Now, the three million users of some iPhone models who filed the complaint are scheduled to receive about $92 for each affected model.
In 2020, Apple agreed to settle a class-action lawsuit filed in 2017, which accused the company of intentionally slowing down phones over time, but Apple did not admit to any wrongdoing.
The payments apply to iPhone 6, 6 Plus, 6s, 6s Plus, and SE users if they were using iOS 10.2.1 or later before December 21, 2017, as well as iPhone 7 or 7 Plus on iOS 11.2.
Those eligible are scheduled to get their payments this month, and some have already reported they have received their payments.
People hoping to receive compensation had to file a complaint by October 6, 2020.
The 2018 class action lawsuit in California said reports of unjustified iPhone shutdowns first appeared in 2015 before increasing in the fall of the following year.
Users' concerns centered around the fact that their phones were not turning on, even though their batteries were more than 30% charged.
At the time, Apple said in a statement: “We have never done — and will never do — anything to intentionally shorten the life of any Apple product.”
Apple blamed the problem on the batteries, claiming that the performance of the units decreases with age.
While Apple's statements may be realistic, the company failed to announce the feedback before users experienced slower performance.
The "Batterygate" scandal was not only in the United States, as Apple agreed to pay settlements in Canada and the United Kingdom for the same claims.
Tags:
apple phones
hack without password
hackers hack Google accounts
major scandal
malicious method
technology
It's horrible.
ReplyDelete