Stories by Lucian Constantin

Attackers use email spam to infect point-of-sale terminals with new malware

Cybercriminals are targeting employees who browse the Web or check their email from point-of-sale (PoS) computers, a risky but unfortunately common practice.

Large scale attack hijacks routers through users' browsers

Cybercriminals have developed a Web-based attack tool to hijack routers on a large scale when users visit compromised websites or view malicious advertisements in their browsers.

Factory reset in Android phones leaves sensitive user data behind

It's common sense to reset an Android phone to its factory state before selling or disposing of it. But beware, researchers recently found that this often fails to properly wipe all sensitive user data from the device.

Netgear and ZyXEL confirm NetUSB flaw, are working on fixes

Networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected by a recently disclosed vulnerability in a USB device-sharing service called NetUSB.

Android stock browser vulnerable to URL spoofing

A vulnerability in Android's default Web browser lets attackers spoof the URL shown in the address bar, allowing for more credible phishing attacks.

First software update for Apple Watch includes security fixes

You might not be used to the idea of a watch endangering your digital life, but you should: Apple's first update for Watch OS includes 14 security patches, and they're not trivial.

Critical vulnerability in NetUSB driver exposes millions of routers to hacking

Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them.

URL-spoofing bug in Safari could enable phishing attacks

The latest versions of Safari for Mac OS X and iOS are vulnerable to a URL-spoofing exploit that could allow hackers to launch credible phishing attacks.

In desperation, many ransomware victims plead with attackers

The shamelessness of ransomware pushers knows no bounds. After encrypting people's files and then holding them to ransom, they portray themselves as service providers offering technical support and discounts to their "customers."

Sally Beauty confirms second payment card breach

Sally Beauty Holdings has confirmed that hackers broke into its payment systems and stole customer card data. About a year ago the retail chain suffered a similar intrusion.

Asian nations increasingly hit by espionage groups

Multiple cyberespionage groups are specifically targeting government and military organizations from countries in Asia and the Pacific region with the goal of gathering geo-political intelligence, according to new security research.

Critical VM escape vulnerability impacts business systems, data centers

A critical vulnerability in code used by several virtualization platforms can put business information stored in data centers at risk of compromise.

Microsoft fixes 46 flaws in Windows, IE, Office, other products

Fourteen critical vulnerabilities in Internet Explorer were among the targets of Microsoft's monthly batch of security patches released Tuesday. In all, it fixed 46 vulnerabilities across products including Windows, Internet Explorer and Office.

Russian cyber group seen preparing to attack banks

A security firm is warning that a group of Russian hackers known for targeting military, government and media organizations is now preparing to attack banks in the US and elsewhere.

Anonymous-tied DDoS botnet shows insecure routers are legion

Tens of thousands of home routers have been infected with malware, and are being used by hackers to launch distributed denial-of-service (DDoS) attacks, including by the hacktivist group Anonymous.

CIO
ARN
Techworld
CMO