Stories by Lucian Constantin

Hacker puts 'full redundancy' code-hosting firm out of business

A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company's backups.

Symbian signing key reportedly stolen from Nokia could have enabled powerful malware

An unknown person or group reportedly stole the cryptographic key used by Nokia to digitally sign applications for Symbian OS and extorted millions of euros from the company in 2007 by threatening to make the key public.

Maliciously crafted files can disable Microsoft's antimalware products

A vulnerability allows attackers to disable Microsoft's antimalware products by sending specifically crafted files to users via websites, email or instant messaging applications.

UK student develops antidote for first Android file-encrypting ransomware

Victims of Simplocker, the first file-encrypting ransomware threat for Android devices, can recover files without paying cybercriminals because the malicious program uses a hardcoded encryption key.

Hacked Synology NAS systems used in high-profit cryptocurrency mining operation

A hacker exploited publicly known vulnerabilities to install malware on network-attached storage systems manufactured by Synology and used their computing power to generate Dogecoins, a type of cryptocurrency.

Popular HTTPS sites still vulnerable to OpenSSL connection hijacking attack

Some of the Internet's most visited websites that encrypt data with the SSL protocol are still susceptible to a recently announced vulnerability that could allow attackers to intercept and decrypt connections.

CloudFlare offers free DDoS protection to public interest websites

A project launched by CloudFlare, a provider of website performance and security services, allows organizations engaged in news gathering, civil society and political or artistic speech to use the company's distributed denial-of-service (DDoS) protection technology for free.

Russian mobile banking Trojan gets ransomware features, starts targeting US users

An Android Trojan program originally designed to steal mobile banking credentials from Russian users was recently retrofitted with ransomware functionality and has started infecting users in the U.S., using photos of its victims to intimidate them into paying a fictitious FBI fine.

Zeus Trojan alternative created from scratch hits the underground market

A new Trojan program that can spy on victims, steal login credentials and interfere with browsing sessions is being sold on the underground market and might soon see wider distribution.

Amazon AWS continues to use TrueCrypt despite project's demise

TrueCrypt remains the only way to encrypt Amazon Simple Storage Service (S3) data when using the AWS Import/Export tool, two weeks after the popular encryption software was abruptly discontinued by its creators, supposedly for security reasons.

Hackers behind iPhone ransom attacks arrested in Russia

Russian authorities arrested a man and a teenaged boy from Moscow under suspicion that they compromised Apple ID accounts and used Apple's Find My iPhone service to hold iOS devices for ransom.

One-click test finds Gameover Zeus infections

Users can test by simply visiting a Web page if their computers have been infected with Gameover Zeus, a sophisticated online banking Trojan that law enforcement officers temporarily disrupted last week.

Many servers expose insecure out-of-band management interfaces to the Internet

Many servers expose insecure management interfaces to the Internet through microcontrollers embedded into the motherboard that run independently of the main OS and provide monitoring and administration functions.

New OpenSSL vulnerability puts encrypted communications at risk of spying

A newly discovered vulnerability that allows spying on encrypted SSL/TLS communications has been identified and fixed in the widely used OpenSSL library.

Trojan app encrypts files on Android devices and asks for ransom

The ransomware model is increasingly being adopted by cybercriminals who target mobile users, one of their latest creations being able to encrypt files stored on the SD memory cards of Android devices.