Stories by Lucian Constantin

Carriers' remote control software continues to put some mobile devices at risk

Vulnerabilities found in remote management software that carriers insist be installed on smart phones and other mobile-enabled devices they sell are likely to put many devices at risk of compromise for some time to come.

Network-attached storage devices more vulnerable than routers, researcher finds

A security review of network-attached storage (NAS) devices from multiple manufacturers revealed that they typically have more vulnerabilities than home routers, a class of devices known for poor security and vulnerable code.

Stealthy malware 'Poweliks' resides only in system registry

A new malware program called Poweliks attempts to evade detection and analysis by running entirely from the system registry without creating files on disk, security researchers warn.

Cisco patches traffic snooping flaw in operating systems used by its networking gear

Cisco Systems said attackers could disrupt or intercept traffic in many of its networking products unless a new security update is applied to the software they run.

Android vulnerability still a threat to many devices nearly two years later

Security researchers have recently found a vulnerability that could be used to hijack Android apps and devices, but an older issue that can have the same effect remains a significant threat nearly two years after its discovery, according to security firm Bromium.

Attackers can easily create dangerous file-encrypting malware, new threat suggests

A new program that encrypts files to extort money from users highlights that attackers don't need advanced programming skills to create dangerous and effective ransomware threats, especially when strong encryption technology is freely available.

Most USB thumb drives can be reprogrammed to silently infect computers

Most USB devices have a fundamental security weakness that can be exploited to infect computers with malware in a way that cannot easily be prevented or detected, security researchers found.

Hacker group targets video game companies to steal source code

A group of attackers with links to the Chinese hacking underground has been targeting companies from the entertainment and video game industries for years with the goal of stealing source code.

Internet of Things devices contain high number of vulnerabilities, study finds

A security audit of 10 popular Internet-connected devices - components of the so-called Internet of Things - identified an alarmingly high number of vulnerabilities.

Antivirus products riddled with security flaws, researcher says

It's generally accepted that antivirus programs provide a necessary protection layer, but organizations should audit such products before deploying them on their systems because many of them contain serious vulnerabilities, a researcher warned.

Canada blames China for cyber intrusion at National Research Council

The IT infrastructure of the National Research Council of Canada was recently compromised by highly sophisticated Chinese state-sponsored hackers, the Canadian government said Tuesday.

Android vulnerability allows malware to compromise most devices and apps

The majority of Android devices currently in use contain a vulnerability that allows malware to completely hijack installed apps and their data or even the entire device.

Attackers install DDoS bots on Amazon cloud, exploiting Elasticsearch weakness

Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers.

Russian government offers money for identifying Tor users

The Russian Ministry of Interior is willing to pay 3.9 million roubles, or around US$111,000, for a method to identify users on the Tor network.

Thousands of sites compromised through WordPress plug-in vulnerability

A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far.