April 6, Softpedia – (International) Google certificate expires, email clients return security warnings. An expired intermediate certificate signed by Google Internet Authority G2 for simple mail transport protocol (SMTP) in Google’s Gmail resulted in users receiving error messages on outgoing email activity for over 2 hours April 4. The company renewed the certificate through December 2015. Source
April 6, Securityweek – (International) Flaw in Schneider Electric vamp software allows arbitrary code execution. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) released an advisory stating that Schneider Electric’s VAMPSET software is vulnerable to stack-based and heap-based buffer overflow attacks that can be exploited to execute arbitrary code via malformed VAMPSET disturbance recording files on the affected systems. The company released an update fixing the issue and advised organizations that use the software to leverage User Access Control (UAC) features and employ best security practices. Source
April 4, Softpedia – (International) WordPress, Joomla sites infected with malicious Flash file. Security researchers at Sucuri discovered that several hundred Web sites running WordPress or Joomla content management systems (CMS) have been attacked since November 2014 with malicious one-pixel-large small web format (SWF) files containing hidden iframe code that directs users to Web sites hosting malware such as exploit kits. Source
April 3, Softpedia – (International) New MS Word exploit kit adds statistics tool to track success of the campaign. Security researchers at FireEye discovered a Web-based tool called MWISTAT released in December 2014 that allows cybercriminals using the Microsoft Word Intruder (MWI) exploit kit to track details about rigged Microsoft Word documents including Internet Protocol (IP) addresses and user-agents of victims, payloads requested and served, and the version of Microsoft Word used to open the file. The malware has reportedly affected over 1400 users worldwide in 2 separate spam campaigns. Source