Google Updates

How safe is your private, or for that matter, your organization's critical information on the Web? Not very safe -- an American group of hackers which goes by the name "Cult of the Dead Cow" or "cDc" has released their latest Web tool named "Goolag Scan" that exposes how crippled online security actually is. According to its creators, "Goolag Scan" works as a Web auditing tool, and enables anyone and everyone to audit their own Web site through Google. The scanner technology is based on "Google hacking", a form of vulnerability research developed by a hacker named Johnny.
"Goolag Scan" is actually a small .NET program that can be used to search and list out vulnerabilities and private information from across the Web. It can discover Web applications, back doors, or documents that are involuntarily put on the Internet that contain sensitive information like tell-tale error messages, or Java applets for remote control of surveillance cameras. The tool provides pre-configured Google search queries in categories such as "vulnerable servers", "sensitive online shopping information", "files containing juicy information", "files containing passwords", and many more. Once you select such sets or even individual keywords, Google looks for them and lists matching results. Reportedly, excessive use of the tool will probably alert Google and make them block your IP address. According to the tool developers, it can help Web administrators of government, large corporations, and so on, to wake up to the discrepancies their Web base has and fix them immediately before a hacker takes over. And for those who don't know, "cDc" was formed in 1984. One of its famous accolades has been publishing the back-door program "Back Orifice", which threw light upon how easy it is to take complete remote control of a Windows PC.