Stories by Lucian Constantin

Dropbox dismisses claims of hack affecting 7 million accounts

Hackers claim to have stolen a database of almost 7 million Dropbox log-in credentials, but the company says its service was not hacked and that unrelated websites are the data source.

Russian hackers exploit Windows zero-day flaw to target Ukraine, US organizations

A cyberespionage group operating out of Russia has launched malware attacks against the Ukrainian government and at least one U.S.-based organization through a previously unknown vulnerability that affects most versions of Windows.

What you should consider when choosing a password manager

Many security experts feel that passwords are no longer sufficient to keep online accounts safe from hackers, but we're still a long way from widespread adoption of biometrics and alternative methods of authentication.

Linux botnet Mayhem spreads through Shellshock exploits

Shellshock continues to reverberate: Attackers are exploiting recently discovered vulnerabilities in the Bash command-line interpreter in order to infect Linux servers with a sophisticated malware program known as Mayhem.

Android SMS worm Selfmite returns, more aggressive than ever

A new version of an Android worm called Selfmite has the potential to ramp up huge SMS charges for victims in its attempt to spread to as many devices as possible.

Leaked programming manual may help criminals develop more ATM malware

A leaked programming manual for interacting with the physical components of automated teller machines might have helped attackers create malware programs that were used to steal cash from ATMs in various parts of the world this year.

Almost half of Android devices still have a vulnerable browser installed

Around 45 percent of Android devices have a browser that is vulnerable to two serious security issues, but some countries have a considerably larger percentage of affected users than others, according to data from mobile security firm Lookout.

Criminals use malware program to steal millions from ATMs around the world

Criminals have stolen millions of dollars from ATMs worldwide using a specialized malware program that forces the machines to dispense cash on command.

Critical Bugzilla vulnerability could give hackers access to undisclosed software flaws

Hackers could have had an inside track on unpatched flaws in major software projects because of a critical vulnerability in Bugzilla, a system that many developers use to track and discuss bugs in their code.

Tools for creating malicious USB thumb drives released by security researchers

In a gambit aimed at driving manufacturers to beef up protections for USB flash drive firmware, two security researchers have released a collection of tools that can be used to turn those drives into silent malware installers.

Is that used iPad actually stolen? Apple creates tool for would-be buyers to check

If you're looking to buy a used iPhone, iPad or iPod touch device, Apple is now offering an online tool to let you first check if it's been locked down by the previous owner, which could indicate that it was actually stolen or lost.

Xen Project discloses serious vulnerability that impacts virtualized servers

The Xen Project has revealed the details of a serious vulnerability in the Xen hypervisor that could put the security of many virtualized servers at risk.

Hurry! Wait! Go! Joomla stumbles with patch for serious vulnerability

The Joomla project pushed out new updates for its popular content management system Wednesday after a glitch was found in the high-priority security patches it released a day before.

OpenVPN servers can be vulnerable to Shellshock Bash vulnerability

Virtual private network servers based on OpenVPN might be vulnerable to remote code execution attacks through Shellshock and other recent flaws that affect the Bash Unix shell.

Cisco, Oracle find dozens of their products affected by Shellshock

Cisco Systems and Oracle are hard at work identifying networking and other products in their portfolios that are affected by the critical Shellshock vulnerability.