Companies are being warned to protect their data from a
newGoogle hackingutility.
Security firm Cyber-Ark has warned companies to protect their
data using all available resources, following news that the Cult of
the Dead Cow hacking group has released Goolag Scan, a hacking
utility overlay for Google.
"
Advanced Google searching has been known about in security
circles for some time, but it has been a highly specialised and
technical topic that is definitely not for non-programmers," said
Calum Macleod, Cyber-Ark's european director.
"What Goolag Scan does is to allow even a novice to scan Google
for interesting and normally hidden web-based data, using more than
1,500 customised Google search routines," he said.
Data that can be revealed by the Windows-based application
reportedly includes passwords on application servers, credit card
numbers and allied databases held on web-accessible portals,
company e-mail records and audit logs.
"A lot of companies protect their web-based and internet
gateway-accessible data using ID and password systems, but the
actual data pages are often unprotected. Even though the pages are
not indexed in the standard sense, Goolag Scan can prise the data
out into the open and allow standard keyword searching on those
pages," said Macleod.