Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Android N statue

Latest Android security update fixes Dirty COW, GPS vulnerabilities

The monthly Android security update released this week fixes the serious Dirty COW privilege escalation attack that could allow malicious apps to take full control of devices.

sony sncxm631

Backdoor accounts found in 80 Sony IP security camera models

Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version.

Apple iPhone 5S (1)

App developers aren't ready for iOS transport security requirements

A month before Apple is expected to enforce stricter security requirements for app communications in iOS, enterprise developers don't seem ready to embrace them, a new study shows.

SSL padlock icon security

Chrome bug triggered errors on websites using Symantec SSL certificates

A bug in the Chrome browser caused security errors to be shown to users when trying to access HTTPS-enabled websites using Symantec SSL certificates.

tokyo apple japan

Researchers find a way bypass the iOS activation lock

Two researchers claim to have found a way to bypass the activation lock feature in iOS that's supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.

security code big data cyberespionage byte

DoS technique lets a single laptop take down an enterprise firewall

Researchers have found a new attack technique in the wild that allows a single laptop to take down high-bandwidth enterprise firewalls.

151025 free wifi hotspot

Hacker shows how easy it is to take over a city’s public Wi-Fi network

An Israeli hacker found a vulnerability in routers that could have allowed him to take over the public Wi-Fi network of an entire city.

microsoft logo redwest a

Microsoft patches 68 vulnerabilities in Windows, Office, Edge, and more

Microsoft has patched 68 vulnerabilities in Windows, Office, Edge, Internet Explorer and SQL Server, two of which have already been exploited by attackers in the wild and three that have been publicly disclosed.

adobe systems headquarters san jose

Adobe fixes flaws in Flash Player and Adobe Connect

Adobe Systems released security patches for its widely used Flash Player software as well as its Adobe Connect web conferencing platform that's popular in enterprise environments.

Android N statue

Android patches fix Drammer RAM attack, but leave the Dirty Cow exploit to roam

Google released a new monthly batch of security patches for Android Monday, fixing a dozen critical vulnerabilities that could allow attackers to compromise devices.

20160224 stock mwc smartphone user in suit

Hackers can abuse LTE protocols to knock phones off networks

The new Diameter protocol that LTE mobile networks use to communicate with each other can still be abused to launch attacks against users if operators don't take additional security measures, researchers showed.

computer network cables internet switch ethernet

5 key things you need to know about VPNs

A VPN is a secure tunnel between two or more computers on the internet. Here's everything you need to know.

Samsung's S7 smartphone

Mobile subscriber identity numbers can be exposed over Wi-Fi

Researchers have now found that protocols used by operators to offload data connections and voice calls to Wi-Fi can be abused to track mobile subscribers by their unique identification numbers.

io attack plc rootkit pin configuration

Researchers build undetectable rootkit for programmable logic controllers

Researchers have devised a new malware attack against industrial programmable logic controllers (PLCs) that takes advantage of architectural shortcomings in microprocessors and bypasses current detection mechanisms.

Digital Key, security, encryption

Google to untrust WoSign and StartCom certificates

Following similar decisions by Mozilla and Apple, Google plans to reject new certificates issued by two certificate authorities because they violated industry rules and best practices.