Stories by Lucian Constantin

Startup builds intrusion prevention system for home networks

At a time of growing concern about the security of interconnected devices in homes, a startup aims to provide consumers with a type of network security system traditionally used by businesses.

New Gameover Zeus botnet keeps growing, especially in the US

Cybercriminals are in the process of rebuilding the Gameover Zeus (GOZ) botnet, which law enforcement authorities took over in June, and recent research suggests that they've had some success, especially in the U.S.

BlackBerry patches vulnerabilities in BlackBerry OS, enterprise server software

BlackBerry's focus on strong security as a key differentiator for its devices does not mean that they're completely free of flaws. The company released security updates Tuesday for both the OS running on its smartphones and for its enterprise server software.

Users should patch critical flaw in Adobe Reader and Acrobat, researchers say

Adobe Systems has released security patches for its Flash Player, Reader and Acrobat products, addressing a total of eight vulnerabilities, including one that is being exploited by attackers.

Fifteen new vulnerabilities reported during router hacking contest

Routers appear to be as insecure as ever, after hackers successfully compromised five popular wireless models during a contest at the DefCon 22 security conference, reporting 15 new vulnerabilities to affected vendors.

Many home routers supplied by ISPs can be compromised en masse, researchers say

Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.

Hacker coalition sets out to improve critical device security, challenges car makers

A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in vehicles.

Payment cards with chips aren't perfect, so encrypt everything, experts say

There's a push to adopt chip-equipped payment cards in the US following high-profile breaches at large retailers and restaurant chains during the past 12 months, but experts warn that switching to this payment system will not make fraud disappear.

Some mobile POS devices still affected by critical flaws months after patch

Security researchers demonstrated Thursday flaws that can allow hackers to take over mobile point-of-sale (mPOS) devices from different manufacturers by inserting rogue cards into them.

Carriers' remote control software continues to put some mobile devices at risk

Vulnerabilities found in remote management software that carriers insist be installed on smart phones and other mobile-enabled devices they sell are likely to put many devices at risk of compromise for some time to come.

Network-attached storage devices more vulnerable than routers, researcher finds

A security review of network-attached storage (NAS) devices from multiple manufacturers revealed that they typically have more vulnerabilities than home routers, a class of devices known for poor security and vulnerable code.

Stealthy malware 'Poweliks' resides only in system registry

A new malware program called Poweliks attempts to evade detection and analysis by running entirely from the system registry without creating files on disk, security researchers warn.

Cisco patches traffic snooping flaw in operating systems used by its networking gear

Cisco Systems said attackers could disrupt or intercept traffic in many of its networking products unless a new security update is applied to the software they run.

Android vulnerability still a threat to many devices nearly two years later

Security researchers have recently found a vulnerability that could be used to hijack Android apps and devices, but an older issue that can have the same effect remains a significant threat nearly two years after its discovery, according to security firm Bromium.

Attackers can easily create dangerous file-encrypting malware, new threat suggests

A new program that encrypts files to extort money from users highlights that attackers don't need advanced programming skills to create dangerous and effective ransomware threats, especially when strong encryption technology is freely available.