Stories by Lucian Constantin

Upcoming Firefox click-to-play feature will stop automated plug-in exploits

Mozilla developers are working on a new Firefox feature that will block the automated display of plug-in-based content like Flash videos, Java applets or PDF files, and will protect users from attacks that exploit vulnerabilities in browser plug-ins to install malware on their computers.

Ransomware prevents Windows from starting by replacing the master boot record

A new ransomware variant prevents infected computers from loading Windows by replacing their master boot record (MBR) and displays a message asking users for money, according to security researchers from Trend Micro.

Samba security patch fixes critical remote code execution hole

The developers of Samba, the open source software that enables file and print sharing between Linux, Windows and Mac OS X computers, released security patches on Tuesday to address a critical vulnerability that can be exploited by remote attackers to execute arbitrary code on systems where the Samba service is running.

Adobe Reader update patches vulnerabilities, removes bundled Flash Player

Adobe Systems released new versions of Adobe Reader 10.x and 9.x on Tuesday, addressing four arbitrary code execution vulnerabilities and making several security-related changes to the product, including the removal of the bundled Flash Player component from the 9.x branch.

Kaspersky launches free Flashback removal tool and website to check for infections

Antivirus vendor Kaspersky Lab has launched a free removal tool for the Flashback Mac OS X malware and a website where users can check whether their computers are infected with it.

Cybercriminals use Zeus malware to target cloud payroll services

Cybercriminals are using the Zeus online banking malware to target companies that use cloud-based payroll services, researchers from security firm Trusteer said Monday.

Web attacks use smart redirection to evade URL security scanners

Security researchers from antivirus vendor ESET have come across new Web-based malware attacks that try to evade URL security scanners by checking for the presence of mouse cursor movement.

Sophos takes down partner portal after signs of hacking

Security firm Sophos has taken its partner portal offline and will reset every user's password after it found signs of a potential security breach on the server hosting it.

Fast-growing Flashback botnet includes over 600,000 Macs, malware experts say

More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday.

Rogue US Airways-themed emails distribute ZeuS-based malware

Cybercriminals are distributing a new piece of malware that's based on the ZeuS computer Trojan through rogue emails that masquerade as US Airways online check-in notifications.

Sophos buys mobile device management vendor Dialogs

Sophos has entered a definitive agreement to acquire Dialogs Software, a mobile device management vendor based in Dortmund, Germany, the security firm announced on Monday.

Mozilla adds vulnerable Java plug-in versions to Firefox blocklist

Mozilla has blacklisted unpatched versions of the Java plug-in from Firefox on Windows in order to protect its users from attacks that exploit known vulnerabilities in those versions.

Ice IX malware tricks Facebook users into exposing credit card details, says Trusteer

A new configuration of the Ice IX malware attempts to trick its victims into exposing their credit card details when they try to access their Facebook accounts, according to security firm Trusteer.

Adobe releases open source malware classification tool

Adobe Systems has released a malware classification tool in order to help security incident first responders, malware analysts and security researchers more easily identify malicious binary files.

Unpatched Java vulnerability exploited to infect Macs with Flashback malware

A Java vulnerability that hasn't yet been patched by Apple is being exploited by cybercriminals to infect Mac computers with a new variant of the Flashback malware, according to security researchers from antivirus firm F-Secure.