Interesting post from Nitesh dhanjani here pointing out a problem with Gmail contact lists being available to malicious website owners.
Now this only works if you're logged into gmail, but if you've used it recently and not explicitly logged out... then it'll keep you logged in...
Now google should obviously fix this problem, but I think that there is a wider point here. Don't leave yourself logged in to websites and be very wary about what you let your browser manage for you security-wise as it's not very security wise (oh I crack myself up ;o)


raesene

Security Geek, Penetration Testing, Docker, Ruby, Hillwalking