Stories by Lucian Constantin

Windows 10 will allow apps to actively scan their content for malware

Windows 10 will have a new mechanism that will allow software developers to integrate their applications with whatever antimalware programs exist on users' computers.

Duqu spy group also targeted telecommunications companies

The group behind the Duqu cyberespionage tool has compromised at least two telecommunications operators and one electronic equipment manufacturer, in addition to a cybersecurity firm and venues that hosted high-level nuclear negotiations between world powers and Iran.

VMware patches virtual machine escape issue on Windows

VMware has released security updates for several of its virtualization products in order to address critical vulnerabilities that could allow attackers to break out of virtual machines and execute rogue code on the host operating systems.

The Duqu cyberespionage group compromised venues hosting Iran nuclear negotiations

A state-sponsored espionage group that uses a malware platform called Duqu has compromised the computer networks of several hotels and venues that hosted negotiations over Iran's nuclear program.

European authorities bust cybercrime gang that hijacked business payments

Police in several European countries arrested 49 suspected members of a gang they say broke into corporate email accounts, using them to divert payments from business customers.

Adobe fixes Flash Player flaws that could lead to info theft, malware attacks

Adobe Systems fixed 13 security issues in Flash Player that could lead to serious attacks, including remote code execution and information disclosure.

Cybercriminals increasingly target point of sales systems

The data breach landscape could look very different in the future with the increased adoption of chip-enabled payment cards in North America -- but for now point-of-sale systems account for the majority of breaches there, compared to a tiny minority in other regions of the world.

Memory scraping malware targets Oracle Micros point-of-sale customers

A new malware program designed to steal payment card details from point-of-sale (PoS) systems is targeting businesses using Oracle Micros products.

Hacker turns toy into tool that can open garage doors in seconds

Owners of fixed-code garage door openers might want to consider upgrading them because a researcher has developed a technique that guesses the numbers in seconds.

Researcher warns popular gaming plug-in puts millions of web users at risk from data thieves

A researcher is warning that a gaming plug-in installed on over 200 million PCs contains a flaw that could let attackers steal users' data from websites they're logged into, such as their Web mail and social networking accounts.

Users with weak SSH keys had access to GitHub repositories for popular projects

A number of high-profile source-code repositories hosted on GitHub could have been modified using weak SSH authentication keys, a security researcher has warned.

Fraud campaign installs rogue app on non-jailbroken iPhones

Cybercriminals in Japan are targeting iPhone users with an online scam that tricks them into installing a malicious application when they attempt to view porn videos.

New SOHO router security audit uncovers over 60 flaws in 22 models

In yet another testament of the awful state of home router security, a group of security researchers uncovered more than 60 vulnerabilities in 22 router models from different vendors, most of which were distributed by ISPs to customers.

Tor connections to hidden services could be easy to de-anonymize

Identifying users who access Tor hidden services -- websites that are only accessible inside the Tor anonymity network -- is easier than de-anonymizing users who use Tor to access regular Internet websites.

Like routers, most USB modems also vulnerable to drive-by hacking

The majority of 3G and 4G USB modems offered by mobile operators to their customers have vulnerabilities in their Web-based management interfaces that could be exploited remotely when users visit compromised websites.