Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Digital Key, security, encryption

Toy maker Maisto’s website pushed growing CryptXXX ransomware threat

The website of toy maker Maisto was infected with malicious code that distributed CryptXXX, a new and increasingly widespread ransomware program.

Android apps (2)

Phishing apps posing as popular payment services infiltrate Google Play

Researchers from security firm PhishLabs found 11 phishing applications hosted on Google Play this year, targeting users of popular online payment services.

slack icon

Developers leak Slack access tokens on GitHub, putting sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams' internal chats and other data at risk.

Fraud gang targeted large European companies

Estonian man gets over 7 years in prison for role in global DNS hijacking botnet

An Estonian man was sentenced Tuesday to 87 months in prison in the U.S. for his role in a cybercriminal operation that infected over 4 million computers with DNS hijacking malware.

spying eye

Cyberespionage group abuses Windows hotpatching mechanism for malware stealth

A cyberespionage group active in Asia has been leveraging a Windows feature known as hotpatching in order to better hide its malware from security products.

security code big data cyberespionage DDoS

Empty DDoS threats earn extortion group over $100,000

A group of cybercriminals extorted over $100,000 from companies by threatening to launch DDoS attacks against them, without even having the capability to do so.

150817 google marshmallow 03

Malvertising attack silently infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.

security code big data cyberespionage DDoS

Bangladesh Bank attackers used custom malware that hijacked SWIFT software

The hackers who stole $81 million from Bangladesh's central bank earlier this year likely used custom malware designed to interfere with the SWIFT client software used by financial institutions.

151027 facebook headquarters 1

Facebook bug hunter stumbles on backdoor left by hackers

A researcher found a PHP-based backdoor installed by hackers on one of Facebook's corporate servers.

20151005 Cisco headquarters sign

Cisco fixes serious denial-of-service flaws in wireless LAN controllers, other products

Cisco Systems has released patches to fix serious denial-of-service flaws in its Wireless LAN Controller (WLC) software, Cisco Adaptive Security Appliance (ASA) software and the Secure Real-Time Transport Protocol (SRTP) library that's used in many products.

ransomwhere logo

This tool can block ransomware on Mac OS X, for now

A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.

malware payment terminal credit card

New point-of-sale malware Multigrain steals card data over DNS

A new memory scraping malware program steals payment card data from point-of-sale (PoS) terminals and sends it back to attackers using the Domain Name System (DNS).

20151027 openworld oracle cloud signs

Oracle releases 136 security patches for wide range of products

Oracle's latest quarterly security update contains 136 fixes for flaws in a wide range of products including Oracle Database Server, E-Business Suite, Fusion Middleware, Oracle Sun Products, Java and MySQL.

OS X El Capitan installation

Outdated Git version in OS X puts developers at risk

The OS X command line developer tools include an old version of the Git source code management system that exposes Mac users to remote code execution attacks.

spying eye

Hacker: This is how I broke into Hacking Team

The hacker who leaked 400GB of internal files and emails from Italian surveillance software maker Hacking Team published a full account of how he infiltrated the company's network.