Skip to main content

Google’s bug-tracking system contained its own vulnerabilities, researcher discovers

posted onNovember 3, 2017
by l33tdawg
Credit:

A researcher has uncovered security holes in Google’s bug-tracking database that could have potentially resulted in malicious hackers accessing sensitive information, including details of ways to exploit unpatched vulnerabilities in Google products.

Researcher Alex Birsan has described how he managed to trick Google Issue Tracker (known internally to Google staff as Buganizer) into granting him access to much more information than would normally be allowed to external parties.

And the crux of the attack? Birsan found a way to trick Google into registering a @google.com account for him, something normally reserved for the company’s employees.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th