Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

hack security malware

Shopperz adware takes local DNS hijacking to the next level

The Shopperz adware program uses a cunning technique to make DNS (Domain Name System) hijacking harder to detect and fix.

Web attack silently modifies DNS configurations in routers

Despite reports of hacking, baby monitors remain woefully insecure

A security analysis of nine baby monitors from different manufacturers revealed serious vulnerabilities and design flaws that could allow hackers to hijack their video feeds or take full control of the devices.

Checking mobile phone

Employees put business data at risk by installing gambling apps on their phones

The average company has more than one gambling application installed on some of its employees' mobile devices, and in some cases as many as 35.

Researchers find holes in routers supplied by ISPs

Popular Belkin Wi-Fi routers plagued by unpatched security flaws

The Belkin N600 DB wireless dual band router model has unpatched vulnerabilities that could allow hackers to compromise affected devices.

Intel's new power-efficient graphics core

Intel says GPU malware is no reason to panic—yet

Malware that runs inside GPUs (graphics processing units) can be harder to detect, but is not completely invisible to security products.

Security

Linux Foundation's security checklist can help sysadmins harden workstations

The Linux Foundation published a list of security recommendations for hardening Linux workstations used by systems administrators.

A new version of the sophisticated Duqu malware is used for spying

Researchers find many more modules of Regin spying tool

Security researchers from Symantec have identified 49 more modules of the sophisticated Regin cyberespionage platform that many believe is used by the U.S. National Security Agency and its close allies.

Security in cloud computing

BitTorrent patches flaw that could amplify distributed denial-of-service attacks

BitTorrent fixed a vulnerability that would have allowed attackers to hijack BitTorrent applications used by hundreds of millions of users in order to amplify distributed denial-of-service (DDoS) attacks.

Researchers find holes in routers supplied by ISPs

Some routers vulnerable to remote hacking due to hard-coded admin credentials

Several DSL routers from different manufacturers contain a guessable hard-coded password that allows accessing the devices with a hidden administrator account.

Tor security concerns prompt largest dark market to suspend operations

Administrators of Agora, the largest online black marketplace operating on the Tor anonymity network, decided to temporarily suspend the website because of possible attacks based on recent methods of exposing Tor Hidden Services.

150817 google marshmallow 03

Certifi-gate flaw in Android remote support tool exploited by screen recording app

An application hosted in Google Play until yesterday took advantage for months of a flaw in the TeamViewer remote support tool for Android in order to enable screen recording on older devices.

Security in cloud computing

Plenty of fish, and exploits too, on dating website

Recent visitors to Plenty of Fish, an online dating website with over 3 million daily active users, had their browsers redirected to exploits that installed malware.

iphone6

Vulnerability in enterprise-managed iOS devices puts business data at risk

A vulnerability in the iOS sandbox for third party applications, like those installed by companies on their employees' devices, can expose sensitive configuration settings and credentials.

Adobe patches important flaw in LiveCycle Data Services

Adobe Systems released a security patch for LiveCycle Data Services, a development tool used by businesses to synchronize data between back-end servers and rich Internet applications built with Adobe Flex or AIR.

Internet company Web.com hit by credit card breach

Hackers breached the computer systems of Internet services provider Web.com Group and stole credit card information of 93,000 customers.