Stories by Lucian Constantin

Belgacom investigates router compromise at its carrier services arm

Belgian telecommunications group Belgacom found unauthorized changes made to a router at its BICS subsidiary, which provides wholesale communication services to hundreds of operators worldwide.

Hackers steal customer information from PR Newswire

Hackers managed to steal a database containing customer credentials and contact information from PR Newswire, a major press release distribution service that's used by tens of thousands of companies and public relations agencies.

Oracle plugs severe security holes that put systems at hijack risk

Oracle fixed on Tuesday 127 security issues in Java, its database and other products, patching some flaws that could let attackers take over systems.

Yahoo to encrypt webmail sessions by default starting January

Yahoo will start encrypting the webmail sessions of its users in early 2014 by making HTTPS (Hypertext Transfer Protocol Secure) standard for all Yahoo Mail connections.

Lavabit briefly allowing users to recover their data

Former users of the Lavabit encrypted email service that was shut down in August are being temporarily allowed to change their passwords and download copies of their data.

D-Link to padlock router backdoor by Halloween

D-Link will address by the end of October a security issue in some of its routers that could allow attackers to change the device settings without requiring a username and password.

Brazil to fortify government email system following NSA snooping revelations

The Brazilian Federal Data Processing Service, known as Serpro, will build a secure email system for Brazil's federal government following media reports that foreign intelligence agencies intercepted electronic communications in the country.

NSA surveillance revelations prompt EFF resignation from Global Network Initiative

The reported participation of technology companies in the U.S. National Security Agency's surveillance programs has prompted digital rights watchdog the Electronic Frontier Foundation to resign from the Global Network Initiative, a multistakeholder group whose members include Google, Microsoft, Yahoo and Facebook and whose stated mission is to advance privacy and freedom of expression online.

Hackers exploit vBulletin vulnerability to inject rogue administrator accounts

Hackers are exploiting a vulnerability in the popular vBulletin Internet forum software in order to inject rogue administrator accounts into websites using it.

Cisco patches vulnerabilities in some security appliances, switches and routers

Cisco Systems has released security patches for authentication bypass, command execution and denial-of-service vulnerabilities affecting products that use its Adaptive Security Appliance (ASA) software, as well as the Cisco Catalyst 6500 series switches and Cisco 7600 series routers.

D'oh! Basic flaw in WhatsApp could allow attackers to decrypt messages

The popular mobile messaging application WhatsApp Messenger has a major design flaw in its cryptographic implementation that could allow attackers to decrypt intercepted messages, according to a Dutch developer.

Four suspected users of Silk Road Internet drug marketplace arrested in the UK

Four men have been arrested by the U.K.'s National Crime Agency (NCA) for drug offenses in connection with their involvement in Silk Road, an Internet underground marketplace for drugs and other illegal items.

Blackhole exploit kit author arrested in Russia

Russian authorities have arrested the main developer of the notorious Blackhole exploit kit, one of the most popular attack tools used to infect Web users with malware.

Hosting provider LeaseWeb falls victim to DNS hijacking

Hosting provider LeaseWeb became the latest high-profile company to have its domain name taken over by attackers, highlighting that DNS (Domain Name System) hijacking is a significant threat, even to technically adept businesses.

Web hosting firms at risk from critical vulnerability in WHMCS billing and support system

The developers of WHMCS, a popular client management, billing and support application for Web hosting providers, released emergency security updates Thursday to patch a critical vulnerability that was publicly disclosed.