Jeremy KirkAustralia Correspondent, IDG News Service

Jeremy reports on security and regional news for the IDG News Service.


Lenovo fixes hard-coded password in file-sharing utility

Lenovo has patched several software flaws in a file-sharing utility, which could allow attackers to browse and make copies of files.

publicityclerks xss

Online advertising company fixes severe XSS flaw

An online advertising company has fixed a vulnerability in its platform that could have allowed hackers to steal information from a large number of users.


Single group of hackers targets Uyghur, Tibetan activists

A years-long campaign of seemingly disparate cyberattacks against Tibetan and Uyghur activists likely comes from a single group of hackers, according to a seven-month study by Palo Alto Networks.


Backdoor account replaced by another backdoor in security stumble

A vendor of audio visual networking equipment replaced one serious security vulnerability with another in a long line of products, despite being warned of the dangers.

airplane cabin Airbus plane

Aircraft part manufacturer says cybercrime incident cost it $54 million

An Austrian airplane component maker for Boeing and Airbus said earlier this week a cybercrime-related fraud has caused it €50 million (US$54 million) in damages.

security hacker privacy

Ukrainian power companies are getting hit with more cyberattacks

A number of Ukrainian power companies are seeing fresh cyberattacks following ones in December that briefly knocked out power for tens of thousands of customers.

fireeye soc

FireEye to grow intelligence capabilities with iSight Partners deal

FireEye has acquired Texas-based iSight Partners for $200 million, a deal that executives say will give FireEye stronger intelligence on cybercriminal and hacking groups before they strike.

150902 encrypt android

British voice encryption protocol has massive weakness, researcher says

A protocol designed and promoted by the British government for encrypting voice calls has a by-design weakness built into it that could allow for mass surveillance, according to a University College London researcher.

20151027 openworld oracle cloud signs

Oracle issues record number of patches to combat flaws

Oracle admins will be busy: The company issued 248 patches on Tuesday, its largest-ever release, according to one security vendor.

Fraud gang targeted large European companies

Dridex banking malware adds a new trick

IBM's X-Force researchers have found that the latest version of Dridex uses a DNS (Domain Name System) trick to direct victims to fake banking websites.

Security online

LastPass phishing attack could have scooped up passwords

A relatively simple phishing attack could be used to compromise the widely used password manager LastPass, according to new research.

Apple logo from inside Apple Store in Boston

Researcher finds fault in Apple's Gatekeeper patch

Apple hasn't completely fixed a weakness in Gatekeeper, its security technology that blocks harmful applications from being installed.

150817 google marshmallow 04

Android malware steals one-time passcodes to hijack accounts protected by two-factor authentication

One-time passcodes, a crucial defense for online banking applications, are being intercepted by a malware program for Android, according to new research from Symantec.


Trend Micro flaw could have allowed attacker to steal all your passwords

A discovery by a well-known Google security researcher provides further proof how antivirus programs designed to shield computers from attacks can sometimes provide a doorway for hackers.


Microsemi builds better security into network time appliance

To make timekeeping more reliable, Microsemi is releasing two appliances it says are hardened against attacks and have better redundancy if other services such as GPS aren't working.