Stories by Lucian Constantin

Malware-infected computers being rented as proxy servers on the black market

Cybercriminals are using computers infected with a particular piece of malware to power a commercial proxy service that funnels potentially malicious traffic through them, according to security researchers from Symantec.

Facebook's phone search can be abused to find people's numbers, researchers say

Attackers can abuse Facebook's phone search feature to find valid phone numbers and the name of their owners, according to security researchers.

NASA and Pentagon hacker TinKode receives two-year suspended jail sentence

Romanian national Manole Răzvan Cernăianu, known online as TinKode, received a two-year suspended prison sentence for hacking into computer systems owned by Oracle, NASA, the U.S. Army and the U.S. Department of Defense and was ordered to pay damages totalling more than US$120,000.

Microsoft buys multi-factor authentication vendor PhoneFactor

Microsoft has bought multi-factor authentication specialist PhoneFactor with the goal of integrating the company's technology into its cloud services and on-premises applications.

Pan-European cybersecurity exercise simulates DDoS attacks on banks

Over 300 IT security professionals from banks, ISPs, telecommunication companies and government agencies participated in a pan-European cyberattack exercise on Thursday.

Yandex launches Chromium-based Web browser with security extras

Russian Internet services and Web search company Yandex released its own browser on Monday, following a similar move by competitor Mail.ru last week.

Facebook Gifts could encourage users to expose more private information

Facebook Gifts, the new social gifting service launched by Facebook on Thursday, might encourage users to expose information like their home addresses, birth date, clothing or shoe size that could pose security and privacy risks, according to security experts.

Hackers compromise Adobe server, use it to digitally sign malicious files

Adobe plans to revoke a code-signing certificate after hackers compromised one of the company's internal servers and used it to digitally sign two malicious utilities.

Mozilla launches first beta version of 'Persona' website authentication system

Mozilla launched the first beta version of its browser-independent website authentication system, Persona, on Thursday and hopes to convince the Web developer community to give it a try.

USSD attack not limited to Samsung Android devices, can also kill SIM cards

A variation of the recently disclosed attack that can wipe data from Samsung Android devices when visiting a malicious Web page can also be used to disable the SIM cards from many Android phones, researchers say.

Compromised SourceForge mirror distributes backdoored phpMyAdmin package

Unknown attackers compromised a download mirror server for the SourceForge software repository, rigging the installer package for phpMyAdmin, a popular Web-based MySQL database administration tool, with a backdoor.

Symantec: Leaked Norton Utilities 2006 source code already published months ago

Hackers associated with the Anonymous hacktivist collective published the source code files for Symantec's Norton Utilities 2006 product on The Pirate Bay BitTorrent website on Monday, but according to the security vendor the same files had been released in January.

New cryptographic hash function not needed, Schneier says

As the U.S. Department of Commerce's National Institute of Standards and Technology (NIST) prepares to announce the winner of its competition to find the next-generation cryptographic hash algorithm, renowned cryptographer Bruce Schneier doesn't think that a new hash function is needed at this time.

Eastern European cybercriminals said to trump Asian counterparts in sophistication

Despite an increasing number of successful cyberattacks launched by East Asian hackers against companies and government institutions around the world in recent years, Eastern European cybercriminals remain a more sophisticated threat to the global Internet, security researchers say.

New IE exploit variant used to distribute PlugX malware, researchers say

Researchers from security vendor AlienVault have identified a variant of a recently discovered Internet Explorer exploit that is used to infect targeted computers with the PlugX remote access Trojan (RAT) program.

Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia