Stories by Lucian Constantin

Reconnaissance code on industrial software site points to watering hole attack

Attackers deploy Web-based reconnaissance tool to gather information about potential targets in different industries

CryptoWall held over half-a-million computers hostage, encrypted 5 billion files

A file-encrypting ransomware program called CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, earning its creators more than US$1 million, researchers found.

Mozilla reports user data leak from Bugzilla project

Email addresses and encrypted passwords of around 97,000 users who tested early builds of the Bugzilla bug tracking software were left exposed for three months following a server migration.

Vulnerabilities on the decline, but risk assessment is often flawed, study says says

Based on data gathered over the first six months of 2014, security researchers from IBM X-Force predict that the number of publicly reported vulnerabilities will drop to under 8,000 this year, a first since 2011.

New malvertising campaign hit visitors of several high-profile sites

Some visitors to several high-profile websites last week were redirected to browser exploits that installed malware on their computers because of malicious advertisements on those sites.

Hackers prey on Russian patriotism to grow the Kelihos botnet

The cybercriminal gang behind the Kelihos botnet is tricking users into installing malware on their computers by appealing to pro-Russian sentiments stoked by recent international sanctions against the country.

Firefox OS to outdo Android on granular application permissions

Future versions of the Firefox OS mobile platform will allow users to control application-specific permissions, a feature with both privacy and security benefits that's missing on Android.

Attack targets firms from the automobile industry in Europe

Cybercriminals are using a new information-stealing malware program to target companies from the automobile industry in Europe, security researchers warned.

Startup builds intrusion prevention system for home networks

At a time of growing concern about the security of interconnected devices in homes, a startup aims to provide consumers with a type of network security system traditionally used by businesses.

New Gameover Zeus botnet keeps growing, especially in the US

Cybercriminals are in the process of rebuilding the Gameover Zeus (GOZ) botnet, which law enforcement authorities took over in June, and recent research suggests that they've had some success, especially in the U.S.

BlackBerry patches vulnerabilities in BlackBerry OS, enterprise server software

BlackBerry's focus on strong security as a key differentiator for its devices does not mean that they're completely free of flaws. The company released security updates Tuesday for both the OS running on its smartphones and for its enterprise server software.

Users should patch critical flaw in Adobe Reader and Acrobat, researchers say

Adobe Systems has released security patches for its Flash Player, Reader and Acrobat products, addressing a total of eight vulnerabilities, including one that is being exploited by attackers.

Fifteen new vulnerabilities reported during router hacking contest

Routers appear to be as insecure as ever, after hackers successfully compromised five popular wireless models during a contest at the DefCon 22 security conference, reporting 15 new vulnerabilities to affected vendors.

Many home routers supplied by ISPs can be compromised en masse, researchers say

Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.

Hacker coalition sets out to improve critical device security, challenges car makers

A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in vehicles.