Email Spoofing Flaw Found in Google Admin Console
Security Researchers have identified a security issue in the Google Apps Admin console that could have been exploited to claim any domain and use it to send out spoofed emails.
Patrik Fehrenbach and Behrouz Sadeghipour said they noticed last month that they could use the Google Admin console, which allows administrators to manage their organization’s Google Apps account, to gain temporary ownership of any domain that wasn’t previously claimed.
The experts conducted some tests by claiming two domains owned by Google itself.
Continue reading: http://www.securityweek.com/email-spoofing-flaw-found-google-admin-console