Stories by Lucian Constantin

Trojan program based on ZeuS targets 150 banks, can hijack webcams

A new computer Trojan based on the infamous ZeuS banking malware is targeting users of over 150 banks and payment systems from around the world, security researchers warn.

Critical vulnerability in Git clients puts developers at risk

A critical vulnerability in client software used to interact with Git, a distributed revision control system for managing source code repositories, allows attackers to execute rogue commands on computers used by developers.

Vulnerability in embedded Web server exposes millions of routers to hacking

A serious vulnerability in an embedded Web server used by many router models from different manufacturers allows remote attackers to take control of affected devices over the Internet.

Point-of-sale malware creators still in business with Spark, an Alina spinoff

A malware program dubbed Spark that steals payment card data from compromised point-of-sale (POS) systems is likely a modification of an older Trojan called Alina, and highlights a continuing, lucrative business for cybercriminals.

Over 30 vulnerabilities found in Google App Engine

Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found.

The Turla espionage operation also infected Linux systems with malware

A newly discovered malware program designed to infect Linux systems is tied to a sophisticated cyberespionage operation of Russian origin dubbed Epic Turla, security researchers found.

Forgotten subdomains boost risk of account hijacking, other attacks

Subdomains that once served a purpose but later were forgotten by website administrators can be abused by hackers to attack users of sites under the same main domain.

The POODLE flaw returns, this time hitting TLS security protocol

Webmasters who patched their sites against a serious SSL flaw discovered in October will have to check them again. Researchers have discovered that the vulnerability also affects implementations of the newer TLS (Transport Layer Security) protocol.

Attackers knock PlayStation Network offline for hours

Many gamers couldn't access Sony's PlayStation Network (PSN) for hours on Sunday evening after an apparent attack against the service. The PlayStation Store was also reportedly affected.

Vodafone blocks Chaos Computer Club site, fueling 'Net censorship concerns in UK

Vodafone UK isn't letting its customers access the website of the Chaos Computer Club (CCC), one of the oldest and largest associations of computer hackers in Europe.

Destructive malware that hit Sony Pictures similar to other data wiping programs

A malware program with data wiping functionality that was recently used to attack Sony Pictures Entertainment bears technical similarities to destructive malware that affected organizations in South Korea and the Middle East in the past.

Technical evidence links destructive malware to attack against Sony Pictures

The destructive malware program that the FBI alerted some companies about this week was likely used against Sony Pictures Entertainment, according to technical evidence found by researchers in the program's code.

IBM fixes serious flaw in Endpoint Manager for mobile device management

A vulnerability in the IBM Endpoint Manager for mobile devices could allow attackers to execute malicious code on the servers used by companies to manage devices.

Facebook offers users more malware scanning options with ESET Online Scanner

Facebook has partnered with antivirus firm ESET to offer users the ability to scan their computers for malware directly from inside the social networking site.

Whitelisting project helps industrial control systems owners find suspicious files

Industrial control systems have been at the center of some scary security stories recently, but investigating malware infections in such environments is not easy because analysts often having a hard time telling suspicious and good files apart.

CIO
ARN
Techworld
CMO