Stories by Lucian Constantin

Prominent cryptographer victim of malware attack related to Belgacom breach

Belgian cryptographer Jean-Jacques Quisquater had his personal computer infected with malware as the result of a targeted attack that's believed to be related to a security breach discovered last year at Belgian telecommunications group Belgacom. According to him, other cryptographers have also been targeted by the same attackers.

Mobile users at risk from lack of HTTPS use by mobile ad libraries, security researchers say

Over the past several months security researchers have found serious vulnerabilities in many mobile advertising libraries that could be exploited to abuse the permissions of Android apps or to execute unauthorized code on users' devices. The risks resulting from those vulnerabilities would be significantly lower if those libraries would use HTTPS, security researchers said.

Tor-enabled malware stole credit card data from PoS systems at dozens of retailers

Payment card data was stolen during the past three months from several dozen retailers that had their point-of-sale systems infected with a memory-scraping malware program called ChewBacca.

GoDaddy owns up to role in Twitter account hijacking incident

GoDaddy has acknowledged that one of its employees fell victim to a social engineering attack allowing a hacker to take over a customer's domain names and eventually extort a coveted Twitter user name from him. PayPal, which the victim claimed also played a role in the attack, denied the accusations.

Hackers deface Angry Birds website following NSA spying claims

The official Angry Birds website was defaced by hackers following reports that U.S. and U.K. intelligence agencies have been collecting user information from the game and other popular mobile apps.

VPN bypass vulnerability affects Android Jelly Bean and KitKat, researchers say

A vulnerability in Android allows malicious applications to bypass an active VPN (virtual private network) connection and force traffic from the device through an attacker-controlled system where it can be intercepted, according to security researchers from Ben-Gurion University of the Negev in Israel.

Prominent cryptography and security researchers deplore NSA's surveillance activities

Some of the most prominent cryptography and security researchers in U.S. academia have condemned the U.S. National Security Agency's surveillance practices and called for change.

Suspected email hackers for hire charged in four countries

Eleven people were charged in the U.S., India, China and Romania for their suspected involvement with websites offering email hacking services.

Romanian authorities arrest man suspected of being celebrity hacker Guccifer

A Romanian man was arrested this week under suspicion that he is the hacker known online as Guccifer who hacked into the online accounts of various public figures and politicians, including former U.S. Secretary of State Colin Powell and members of the Bush family.

Authentication bypass bug exposes Foscam webcams to unauthorized access

The software used by many wireless IP cameras manufactured by Foscam Digital Technologies have a vulnerability that allows remote users to access their video streams and take snapshots without proper authentication.

New Windows malware tries to infect Android devices connected to PCs

A new computer Trojan program attempts to install mobile banking malware on Android devices when they're connected to infected PCs, according to researchers from Symantec.

Snapchat's new image-based human verification system already defeated

Snapchat added an image-based security challenge to its account registration process to verify that new accounts are created by humans, but the system can easily be defeated by computers, experts said.

Some Tor exit nodes attempt to spy on encrypted traffic, researchers find

Computer scientists found almost 20 exit relays in the Tor anonymity network that attempted to spy on users' encrypted traffic using man-in-the-middle techniques.

Syrian Electronic Army hacks Microsoft's Office Blogs site

After hijacking several of Microsoft's Twitter accounts and compromising its official blog over the past two weeks, the Syrian Electronic Army hacked into the Microsoft Office Blogs site Monday.

Spammers buy Chrome extensions and turn them into adware

Changes in Google Chrome extension ownership can expose thousands of users to aggressive advertising and possibly other threats, two extension developers have recently discovered.