Companies warned to protect data from Google hacking utility in the wild


Companies warned to protect data from Google hacking utility in the wild

Antony Savvas

Companies are being warned to protect their data from a new Google hacking utility.

Security firm Cyber-Ark has warned companies to protect their data using all available resources, following news that the Cult of the Dead Cow hacking group has released Goolag Scan, a hacking utility overlay for Google.

"Advanced Google searching has been known about in security circles for some time, but it has been a highly specialised and technical topic that is definitely not for non-programmers," said Calum Macleod, Cyber-Ark's european director.

"What Goolag Scan does is to allow even a novice to scan Google for interesting and normally hidden web-based data, using more than 1,500 customised Google search routines," he said.

Data that can be revealed by the Windows-based application reportedly includes passwords on application servers, credit card numbers and allied databases held on web-accessible portals, company e-mail records and audit logs.

"A lot of companies protect their web-based and internet gateway-accessible data using ID and password systems, but the actual data pages are often unprotected. Even though the pages are not indexed in the standard sense, Goolag Scan can prise the data out into the open and allow standard keyword searching on those pages," said Macleod.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy