Hackers responsible for a large-scale phishing campaign unintentionally left over a thousand sets of stolen log-in credentials accessible to the public via a simple Google search. The error was uncovered by researchers at Check Point. and Otorio. The stolen credentials were stored in designated web pages on compromised servers. Google also indexed these pages as part of its regular web crawling which means the credentials were available to anyone who searched Google for a stolen email address. "We tend to believe that when someone steals our passwords, the worst case scenario is that the information will be used by hackers… [Continue Reading]
Continue reading...
Continue reading...