Stories by Lucian Constantin

Update vulnerability in third-party SDK exposes some Android apps to attacks

A third-party advertising framework integrated in hundreds of Android apps contains a vulnerability that could allow hackers to steal sensitive information from users' phones, according to security researchers from antivirus firm Bitdefender.

Hackers said to infiltrate European foreign affairs ministries ahead of G20

Hackers of likely Chinese origin infiltrated computers belonging to the foreign affairs ministries of five unnamed European countries ahead of the G20 Summit in September, according to security researchers at FireEye.

French government sub-CA issues unauthorized certificates for Google domains

An intermediate certificate authority (CA) registered to the French Ministry of Finance issued rogue certificates for several Google domains without authorization.

12 suspected cybercriminals arrested in Russia along with Blackhole creator

Thirteen people, including the creator of Blackhole, a popular exploit tool used to infect computers with malware, were arrested and charged in Russia with creating and participating in a criminal organization.

New website lets users check if their online credentials were exposed in large data leaks

A new website allows Internet users to check if their usernames and passwords were exposed in some of the largest data breaches in recent years.

Point-of-sale malware infections on the rise, researchers warn

New attack campaigns have infected point-of-sale (PoS) systems around the world with sophisticated malware designed to steal payment card and transaction data.

Ruby on Rails security updates patch XSS, DoS vulnerabilities

Ruby on Rails users are advised to upgrade to newly released versions of the Web development framework that contain important security fixes, according to the Rails development team.

Hacker-built drone can hunt, hijack other drones

A security researcher has released software and technical instructions for modifying a drone so that it can identify and hijack other drones.

Experimental malware uses inaudible sound to defeat network air gaps

In a development likely to concern those who believe that a system that's not connected to a network is safe from surveillance, researchers have demonstrated that microphones and speakers built into laptops can be used to covertly transmit and receive data through inaudible audio signals

Akamai to buy DDoS protection specialist Prolexic

Content delivery services provider Akamai Technologies plans to buy Prolexic Technologies, a distributed denial-of-service (DDoS) mitigation specialist, for US$370 million in cash.

Google Nexus phones vulnerable to denial-of-service attack via Flash SMS messages

Attackers could force phones from Google's Nexus line to reboot or fail to connect to the mobile Internet service by sending a large number of special SMS messages to them.

New Windows privilege escalation flaw exploited in active attacks

Attackers are exploiting a new and unpatched vulnerability in Windows XP and Windows Server 2003 that allows them to execute code with higher privileges than they have access to.

Worm targets Linux PCs and embedded devices

A new worm is targeting x86 computers running Linux and PHP, and variants may also pose a threat to devices such as home routers and set-top boxes based on other chip architectures.

Trojan program 'Neverquest' a new threat to online banking users, researchers say

A new Trojan program that targets users of online financial services has the potential to spread very quickly over the next few months, security researchers warn.

NSA reportedly compromised more than 50,000 networks worldwide

The U.S. National Security Agency reportedly hacked into over 50,000 computer networks around the world as part of its global intelligence gathering efforts, and also taps into large fiber optic cables that transport Internet traffic between continents at 20 different major points.

CIO
ARN
Techworld
CMO