Summary: Google Admin Console has a Security Flaw which can be used by attackers to claim domains and send out spoof emails.
As reported by Security Week, Patrik Fehrenbach and Behrouz Sadeghipour found a security flaw in Google Admin Console to gain temporary ownership of any domain. Google Admin Console is actually a web platform from where administrators manage their organization’s Google Apps account.
Researchers conducted some tests by claiming ytimg.com, which is used to host Youtube images and scripts, and gstatic.com, which is used by Google for loading content from its content delivery network (CDN). These two domain are owned by Google itself.
The researchers then used these domains to create users – email@example.com & firstname.lastname@example.org to send out mails.
Last month, we were able to report a vulnerability to Google where we were able to email from any domain that has not been claimed by its owner previously. For example, using google itself as a victim, we were able to claim domains such as ytimg.com and gstatic.com.
So not only we are claiming other domains, we were successfully able to trick the Google Mail Server into accepting a wrong FROM parameter. Google patched this vulnerability by simply with applying a FROM email@example.com
Google has addressed this vulnerability and the researchers have been awarded $500 for their efforts. Earlier too, other researchers identified even more serious vulnerabilities in the Google Apps Admin console. A researcher was reportedly awarded $5000 from Google after discovering Critical Cross-Site Scripting (XSS) vulnerability in the Admin Console in January.
Lenovo has been installing an adware named Superfish onto new computers. The adware gets installed automatically when the computer is started for the first time. The adware injects third-party ads on Google searches and websites without the user’s permission. (more…)
Online Security is now one of the most important thing to look for, especially after the reports of theft of celebrities’ private photos. Our email accounts have many important documents including our financial data and more.
Two-Step Verification is just another layer of authentication which is needed to login to your account. A strong password is always a must but having a 2-step verification enabled on your account restricts other person from accessing your account without the 2nd level of authentication. There are currently three modes of verification – which can take the form of a text message, an email, or even a paired app on your smartphone.
PayPal freezes ProtonMail Account. ProtonMail is an end-to-end encrypted email service, developed by researchers at European Organization for Nuclear Research, CERN and MIT for a more secured and private Internet.
ProtonMail is still in its Beta State and had already received $ 275,000 from crowd funding campaigns to their PayPal Account and more than $10,000 to their BitCoin Account.
Microsoft seized 22 domain names of the noip.com on monday. No-ip.com domains were being used by cybercriminals for infecting millions of computers worldwide with malwares – Bladabindi (NJrat) and Jenxcus (NJwOrm).
Microsoft’s Richard Domingues Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit, said that out of all Dynamic DNS Providers, No-IP Domains are used 93 percent of the time for Bladabindi-Jenxcus infections.
Trend Micro finds new banking malware, named EMOTET. Its steals sensitive data using network sniffers. The malware intercepts and logs outgoing traffic to check for sensitive data from the infected machine.
Most effected users are from Europe, Middle East and Africa region but there are victims from Asia-Pacific region and North America region as well.
The malware uses network sniffing technique to collect data from the infected machine and this makes the detection of the malware more difficult. Cybercriminals are spreading the malware through spam emails apparently related to money transfers or shipping invoices. In both cases, users are enticed to click on a link, which will download the malware to the infected machine.
Volkskrant, a Dutch website, has reported that Dutch Hackers have created a malware that can be used to hack into Google Glass. This Malware code can be injected into the Google Glass through a mini USB.
As per Volksrant, borrowing the Google Glass from the victim is very easy and once borrowed, the code can be injected through the mini usb, which can be inserted into the Google Glass USB Port.
Once hacked, hackers can then monitor everything the user does through a remote computer from a distance. Snaps can be taken and Videos can also be shoot without the knowledge of the victim. Victim’s confidential information like email ids and passwords can easily be hacked too after few minor modifications to the code.