Stories by Lucian Constantin

Researchers demo exploits that bypass Windows 8 Secure Boot

The Windows 8 Secure Boot mechanism can be bypassed on PCs from certain manufacturers because of oversights in how those vendors implemented the Unified Extensible Firmware Interface (UEFI) specification, according to a team of security researchers.

Industrial control systems targeted by malicious attackers, research shows

Attackers are actively targeting Internet-connected industrial control systems (ICS) in an effort to compromise their operation, according to data collected from a global network of honeypot systems that simulate water pumps.

1

Researchers show ways to bypass home and office security systems

Many door and window sensors, motion detectors and keypads that are part of security systems used in millions of homes and businesses can be bypassed by using relatively simple techniques, according to researchers from security consultancy firm Bishop Fox.

Vulnerabilities in D-Link network video recorders enable remote spying, researcher says

Some D-Link devices that enable remote access to surveillance camera feeds or other potentially sensitive data contain critical vulnerabilities that enable hackers to bypass authentication and access them from the Internet.

Some home automation systems are rife with holes, security experts say

A variety of network-controlled home automation devices lack basic security controls, making it possible for attackers to access their sensitive functions, often from the Internet, according to researchers from security firm Trustwave.

Bitdefender Safepay offers secure browsing for online banking, shopping

Bitdefender has released a Windows application designed to help users secure sensitive Web-browsing sessions, especially when they shop or bank online. The application is called Safepay and a free version is available to home users.

Microsoft: Almost 90 percent of Citadel botnets in the world disrupted in June

Microsoft estimates that 88 percent of botnets running the Citadel financial malware were disrupted as a result of a takedown operation launched by the company in collaboration with the FBI and partners in technology and financial services. The operation was originally announced on June 5.

Cybercriminals increasingly use the Tor network to control their botnets, researchers say

Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control (C&C) servers, according to researchers from security firm ESET.

Cybercriminals increasingly use the Tor network to control their botnets, researchers say

Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control (C&C) servers, according to researchers from security firm ESET.

Syrian Electronic Army hacks into Viber support website

The hacker group calling itself the Syrian Electronic Army (SEA) broke into the customer support website for Viber, an instant messaging and Voice-over-Internet-Protocol (VoIP) application available for both mobile and desktop operating systems.

Android spyware infections on the rise: report

An increasing number of Android phones are infected with mobile malware programs that are able to turn the handsets into spying devices, according to a report from Kindsight Security Labs, a subsidiary of telecommunications equipment vendor Alcatel-Lucent.

Researcher claims responsibility for security breach at Apple Developer website

An independent security researcher claimed responsibility for the security breach incident that forced Apple to close down its Developer Center website last week.

UK's PM warns Internet companies to ban child abuse search terms

The British government wants Google, Yahoo and Microsoft to block Internet searches that are likely to lead to child abuse images. Internet search providers have until October to commit to banning lists of keywords deemed abusive or the government will consider legislation to force them, the U.K.'s Prime Minister David Cameron said Monday in a speech.

Apple acquires Locationary for local listings

Apple has acquired Locationary, a start-up based in Toronto that provides a platform for aggregating and managing local business listings.

New vulnerability found in Java 7 opens door to 10-year-old attack, researchers say

Security researchers from Polish vulnerability research firm Security Explorations claim to have identified a new vulnerability in Java 7 that could allow attackers to bypass the software's security sandbox and execute arbitrary code on the underlying system.

CIO
ARN
Techworld
CMO