Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Adobe patches remote code execution and keylogging flaws in Flash Player

Some of the vulnerabilities allow attackers to take full control of users' systems

painter2015 01

Corel software vulnerabilities let attackers execute malicious code on your PC

Malicious DLLs will be executed if stored in the same directory as media files opened with the affected programs, researchers said.

PCWorld News

North Korean official news agency site serves malware

The site hosts malware that masquerades as a Flash Player installer, security researchers found

PCWorld News

OpenSSL patches eight new vulnerabilities

The flaws are of moderate and low severity, but server admins should still update

Asus RT-AC87U

Exploit allows Asus routers to be hacked from local network

Users should install firmware updates as soon as they become available and should block untrusted devices on their networks

apple 2014 4

Apple blocks tool that brute-forces iCloud passwords

The tool allowed attackers to try a large number of passwords for Apple ID accounts

malware primary

Watch out! Macro-based malware is making a comeback

Attackers bypass defenses aganst macros with social engineering to install malware.

PCWorld News

Moonpig jeopardizes data of millions of customers through insecure API

The company failed to fix a security flaw reported over a year ago, a developer said

hacker hand

Why Gogo in-flight Wi-Fi is secretly peeking at your secure web traffic

In-flight Internet provider Gogo replaces the HTTPS certificates on sites like YouTube with self-signed ones.

PCWorld News

Free tool automates phishing attacks for Wi-Fi passwords

The tool can disconnect Wi-Fi users and trick them into disclosing their access password to a rogue access point

PCWorld News

Think that software library is safe to use? Not so fast!

Flaws in third-party software libraries often find their way into products, a problem that will occupy developers and sysadmins next year

PCWorld News

Romanian version of EU cybersecurity directive allows warrantless access to data

The law could impact international businesses, as Romania is a hub for IT outsourcing and development

Western Digital My Passport Pro

Thunderbolt devices can infect MacBooks with persistent rootkits

The rogue code will run in the boot ROM and will be hard to detect or remove, a researcher said

Flaw in open-source PDF viewer could put WikiLeaks users, others at risk

The flaw could be exploited to launch XSS and content spoofing attacks

PCWorld News

Two-factor authentication oversight led to JPMorgan breach, investigators reportedly found

The attackers stole an employee's access credentials and used them to access a server that lacked a stronger authentication mechanism