A recently found flaw in Web-based Google applications spotlights a growing concern: how to protect IT systems and data as workers access Web-based e-mail and collaborative applications. Google’s problem made it possible, in theory, for an attacker to access the contact information in a user’s Gmail account through “cross-site request forgery,” overwriting JavaScript used to send information from Google servers to the user’s PC. Google fixed the flaw within 24 hours. Full Story