Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

PCWorld News

Romanian version of EU cybersecurity directive allows warrantless access to data

The law could impact international businesses, as Romania is a hub for IT outsourcing and development

Western Digital My Passport Pro

Thunderbolt devices can infect MacBooks with persistent rootkits

The rogue code will run in the boot ROM and will be hard to detect or remove, a researcher said

Flaw in open-source PDF viewer could put WikiLeaks users, others at risk

The flaw could be exploited to launch XSS and content spoofing attacks

PCWorld News

Two-factor authentication oversight led to JPMorgan breach, investigators reportedly found

The attackers stole an employee's access credentials and used them to access a server that lacked a stronger authentication mechanism

PCWorld News

Cybercrime group steals millions from Russian banks, targets US and European retailers

The group compromised computer networks and ATMs operated by financial institutions, as well as point-of-sale terminals

PCWorld News

Exploits for dangerous network time protocol vulnerabilities can compromise systems

Systems administrators are urged to install critical patches that address remote code execution flaws in NTP

PCWorld News

Trojan program based on ZeuS targets 150 banks, can hijack webcams

The new Chthonic Trojan borrows features from ZeuS and several of its spinoffs, researchers from Kaspersky Lab said

PCWorld News

Critical vulnerability in Git clients puts developers at risk

Malicious Git code repositories can execute rogue commands on client machines interacting with them

PCWorld News

Vulnerability in embedded Web server exposes millions of routers to hacking

Attackers can take control of millions of routers by sending a specially crafted request to RomPager, an embedded Web server running on them

PCWorld News

Point-of-sale malware creators still in business with Spark, an Alina spinoff

Spark is installed by a script written in AutoIt and scrapes card data from the memory of POS terminals

More than 30 vulnerabilities found in Google App Engine

Researchers escaped the Java sandbox on the cloud platform and executed code on the underlying system.

PCWorld News

The Turla espionage operation also infected Linux systems with malware

A newly identified Linux backdoor program is tied to the Turla cyberespionage campaign, researchers from Kaspersky Lab said

internet url

Forgotten subdomains on websites boost risk of account hijacking, other attacks

Some sites have subdomains pointed at old domains that have long expired and can be registered by attackers

poodle attack

The POODLE flaw returns, this time hitting TLS security protocol

HTTPS website owners advised to check their websites again

playstation network

Attackers knock PlayStation Network offline for hours

The Lizard Squad, a group that carried out a similar attack against the Sony service in August, took credit for the downtime