Stories by Lucian Constantin

Cybercriminals use Google Cloud Messaging service to control malware on Android devices

Cybercriminals are controlling malware on Android devices through a Google service that enables developers to send messages to their applications, according to security researchers from antivirus vendor Kaspersky Lab.

Microsoft moves to block MD5 certificates and improve RDP authentication

Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol.

More Android malware distributed through mobile ad networks

Mobile ad networks can provide a loophole to serve malware to Android devices, according to researchers from security firm Palo Alto Networks who have found new Android threats being distributed in this manner.

Chinese hacker group behind New York Times attack returns with updated tools

The Chinese hacker group that broke into the computer network of The New York Times and other high-profile organizations, including defense contractors, has launched new attacks following a few months of inactivity, according to researchers from security vendor FireEye.

Researcher builds botnet-powered distributed file storage system using JavaScript

The latest Web technologies can be used to build a secure and distributed file storage system by loading a piece of JavaScript code into users' Web browsers without them knowing, a researcher demonstrated Sunday at the Defcon security conference in Las Vegas.

Android one-click Google authentication method puts users, businesses at risk

A feature that allows Android users to authenticate themselves on Google websites without having to enter their account password can be abused by rogue apps to give attackers access to Google accounts, a security researcher has revealed.

2

Researchers reveal methods behind car hack at Defcon

Two security researchers at Defcon on Friday revealed the methods they used to hack into car computers and take over the steering, acceleration, brakes and other important functions.

Will Smith makes unexpected appearance at Defcon hacker conference

American actor Will Smith captured the attention of Defcon attendees when he showed up unexpectedly at the hacker conference on Sunday apparently to do research for an upcoming movie.

Researchers demo exploits that bypass Windows 8 Secure Boot

The Windows 8 Secure Boot mechanism can be bypassed on PCs from certain manufacturers because of oversights in how those vendors implemented the Unified Extensible Firmware Interface (UEFI) specification, according to a team of security researchers.

Industrial control systems targeted by malicious attackers, research shows

Attackers are actively targeting Internet-connected industrial control systems (ICS) in an effort to compromise their operation, according to data collected from a global network of honeypot systems that simulate water pumps.

1

Researchers show ways to bypass home and office security systems

Many door and window sensors, motion detectors and keypads that are part of security systems used in millions of homes and businesses can be bypassed by using relatively simple techniques, according to researchers from security consultancy firm Bishop Fox.

Vulnerabilities in D-Link network video recorders enable remote spying, researcher says

Some D-Link devices that enable remote access to surveillance camera feeds or other potentially sensitive data contain critical vulnerabilities that enable hackers to bypass authentication and access them from the Internet.

Some home automation systems are rife with holes, security experts say

A variety of network-controlled home automation devices lack basic security controls, making it possible for attackers to access their sensitive functions, often from the Internet, according to researchers from security firm Trustwave.

Bitdefender Safepay offers secure browsing for online banking, shopping

Bitdefender has released a Windows application designed to help users secure sensitive Web-browsing sessions, especially when they shop or bank online. The application is called Safepay and a free version is available to home users.

Microsoft: Almost 90 percent of Citadel botnets in the world disrupted in June

Microsoft estimates that 88 percent of botnets running the Citadel financial malware were disrupted as a result of a takedown operation launched by the company in collaboration with the FBI and partners in technology and financial services. The operation was originally announced on June 5.