Stories by Lucian Constantin

Feds asked to sit out Defcon hacking conference this year

The organizers of the Defcon hacking convention have publicly asked U.S. federal government workers not to attend the event this year due to tension in the hacker community caused by the recent revelations about the U.S. government's electronic surveillance efforts.

1

Pirate Bay founder working on spy-proof text messaging app

Peter Sunde, the co-founder of BitTorrent search engine The Pirate Bay, is working on developing a secure mobile messaging app and service that's intended to be safe from government surveillance and be user friendly at the same time.

Proof-of-concept exploit available for Android app signature check vulnerability

Technical details and a proof-of-concept exploit have been published for a recently announced Android vulnerability that potentially affects millions of devices and allows attackers to turn legitimate apps into Trojan programs.

Brazilian government wants answers from US following reports of NSA spying in Brazil

The Brazilian government has formally asked the U.S. government for clarification regarding the alleged large-scale interception of electronic communications of Brazilian citizens by the U.S. National Security Agency.

Snowden's Icelandic citizenship request stuck until September

Several members of the Icelandic Parliament introduced a bill Thursday that seeks to grant Icelandic citizenship to U.S. National Security Agency document leaker Edward Snowden, but the bill won't be discussed until September.

Online protests against NSA surveillance planned for July 4 get off to slow start

An online protest against the surveillance programs of the U.S. National Security Agency planned for July 4 was off to a slow start Thursday morning, despite expectations it would see participation from thousands of websites.

Vulnerability allows attackers to modify Android apps without breaking their signatures

A vulnerability that has existed in Android for the past four years can allow hackers to modify any legitimate and digitally signed application in order to transform it into a Trojan program that can be used to steal data or take control of the OS.

Alleged Shadowcrew member extradited to the US nine years after forum takedown

A 30-year-old Bulgarian was extradited to the U.S. from Paraguay in order to face charges related to his alleged involvement in Shadowcrew, a large cybercrime forum that was dismantled by U.S. authorities in 2004.

Critical vulnerabilities found in single sign-on enterprise tool Atlassian Crowd

A critical vulnerability that could allow remote attackers to access sensitive enterprise log-in credentials and other data was fixed last week in Crowd, a single sign-on (SSO) and identity management tool used by large organizations to simplify access to their internal Web applications and services.

Vulnerabilities found in code library used by encrypted phone call apps

ZRTPCPP, an open-source library that's used by several applications offering end-to-end encrypted phone calls, contained three vulnerabilities that could have enabled arbitrary code execution and denial-of-service attacks, according to researchers from security firm Azimuth Security.

New disk wiper malware linked to attacks in South Korea, researchers say

A new piece of malware designed to delete files from hard disk drives and render computers unable to boot targets South Korean users, according to researchers from security firm Symantec.

Citadel malware variant uses content localization to target brands and users in different countries

A new variant of the Citadel financial malware uses in-browser injection techniques combined with extensive content localization to steal log-in credentials and credit card information from users in different countries, according to researchers from security vendor Trusteer.

Cisco fixes serious vulnerabilities in email, Web and content security appliances

Cisco Systems released security patches for its email, Web and content security appliances in order to address vulnerabilities that could allow attackers to execute commands on the underlying OS or disrupt critical processes.

Chinese malware attack affected dozens of South Korean organizations, researchers say

A recent targeted attack that used Chinese malware compromised over 1,000 computers belonging to dozens of South Korea organizations, according to researchers from Israeli security firm Seculert.

Most Android threats would be blocked if phones ran latest Android version, report says

Over three quarters of Android threats are malicious apps that send SMS messages to premium rate numbers and could be mitigated by a protection feature present in Android 4.2, according to researchers from networking vendor Juniper Networks.

CIO
ARN
Techworld
CMO