Stories by Lucian Constantin

Cisco patches serious vulnerabilities in Unified Communications Manager

Cisco Systems has released new security patches for several versions of Unified Communications Manager (UCM) to address vulnerabilities that could allow remote attackers to execute arbitrary commands, modify system data or disrupt services.

Popular download management program has hidden DDoS component, researchers say

Recent versions of Orbit Downloader, a popular Windows program for downloading embedded media content and other types of files from websites, turns computers into bots and uses them to launch distributed denial-of-service (DDoS) attacks, according to security researchers.

'League of Legends' account information and transaction records compromised

A portion of the North American user base of "League of Legends" (LoL) had its account information compromised by hackers, according to Riot Games, the company developing the popular online multiplayer game. Passwords and credit card numbers stored in encrypted form were accessed, as well as other details.

Cyberattacks second most common cause of severe EU wired Internet outages in 2012

Although cyberattacks caused just 6 percent of significant outages of public electronic communications networks and services in the E.U. last year, they affected more people than hardware failure, a much more common factor in service disruptions, according to a report from the European Union Agency for Network and Information Security (ENISA).

Attackers use Ramnit malware to target Steam users

A new variant of the Ramnit financial malware is using local Web browser injections in order to steal log-in credentials for Steam accounts, according to researchers from security firm Trusteer.

Cybercriminals add new exploit for recently patched Java vulnerability to their arsenal

Cybercriminals were quick to integrate a newly released exploit for a Java vulnerability patched in June into a tool used to launch mass attacks against users, an independent malware researcher warned.

Hackers targeting servers running Apache Struts applications, researchers say

Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.

Cybercriminals use Google Cloud Messaging service to control malware on Android devices

Cybercriminals are controlling malware on Android devices through a Google service that enables developers to send messages to their applications, according to security researchers from antivirus vendor Kaspersky Lab.

Microsoft moves to block MD5 certificates and improve RDP authentication

Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol.

More Android malware distributed through mobile ad networks

Mobile ad networks can provide a loophole to serve malware to Android devices, according to researchers from security firm Palo Alto Networks who have found new Android threats being distributed in this manner.

Chinese hacker group behind New York Times attack returns with updated tools

The Chinese hacker group that broke into the computer network of The New York Times and other high-profile organizations, including defense contractors, has launched new attacks following a few months of inactivity, according to researchers from security vendor FireEye.

Researcher builds botnet-powered distributed file storage system using JavaScript

The latest Web technologies can be used to build a secure and distributed file storage system by loading a piece of JavaScript code into users' Web browsers without them knowing, a researcher demonstrated Sunday at the Defcon security conference in Las Vegas.

Android one-click Google authentication method puts users, businesses at risk

A feature that allows Android users to authenticate themselves on Google websites without having to enter their account password can be abused by rogue apps to give attackers access to Google accounts, a security researcher has revealed.

2

Researchers reveal methods behind car hack at Defcon

Two security researchers at Defcon on Friday revealed the methods they used to hack into car computers and take over the steering, acceleration, brakes and other important functions.

Will Smith makes unexpected appearance at Defcon hacker conference

American actor Will Smith captured the attention of Defcon attendees when he showed up unexpectedly at the hacker conference on Sunday apparently to do research for an upcoming movie.