Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

USB armory

A USB device is all it takes to steal credentials from locked PCs

A security researcher demonstrated that all it takes to steal an OS account's password hash from a Windows computer in a locked state, is to plug in a special USB device for a few seconds.

security code big data cyberespionage DDoS

Google Safe Browsing gives more details to compromised website owners

Google is now providing more information to website owners whose online properties are temporarily blocked as unsafe by its Safe Browsing technology in order to help them fix the identified problems faster.

150817 google marshmallow 03

Google's 3-level Android patch could cause confusion

Google released a large monthly batch of security patches for Android, fixing 55 vulnerabilities, eight of which are rated critical.

malware attack cyberespionage code hacker

Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that despite running from user mode, can be hard to detect and remove.

code big data binary programming

Sophos AV false positive detection ruins the weekend for some Windows users

A bad malware signature caused Sophos antivirus products to detect a critical Windows file as malicious, preventing some users from accessing their computers.

Linux Tux

Suspect arrested in 5-year-old kernel.org breach

Five years after a security breach forced the Linux Foundation to take kernel.org offline and to rebuild several of its servers, police have arrested a suspect in the case.

microsoft headquarters

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Microsoft has expanded its bug bounty programs to cover its open-source .NET Core and ASP.NET Core application development platforms.

20160225 stock mwc ericsson booth security locks

FairWare ransomware infects servers through exposed Redis instances

Days after reports that a new ransomware attack was deleting files from web servers, security researchers determined that some of the affected servers were hacked via insecure deployments of the Redis database.

adobe systems headquarters san jose

Adobe patches critical vulnerability in ColdFusion application server

Adobe Systems released critical security patches for its ColdFusion application server which has been a target for hackers in the past.

security code big data cyberespionage DDoS

Poisoned Word docs deploy rogue web proxies to hijack your encrypted traffic

A new attack analyzed by malware researchers from Microsoft uses Word documents with malicious code that configures browsers to use a web proxy controlled by attackers.

Digital Key, security, encryption

New ransomware threat deletes files from Linux web servers

A destructive ransomware program deletes files from web servers and asks administrators for money to return them, though it's not clear if attackers can actually deliver on this promise.

malware payment terminal credit card

Sophisticated malware possibly tied to recent ATM heists in Thailand

Security researchers have found a sophisticated malware program that may have been used recently by a gang of hackers to steal more than $350,000 from ATMs in Thailand.

Firefox

Mozilla launches free website security scanning service

Mozilla has built an online scanner that can check if websites have the best security settings in place.

20151005 Cisco headquarters sign

Cisco starts patching firewall devices against NSA-linked exploit

Cisco Systems has started releasing security patches for a critical flaw in Adaptive Security Appliance (ASA) firewalls targeted by an exploit linked to the U.S. National Security Agency.

Paul Stone Alex Chapman DEFCON WPAD

Disable WPAD now or have your accounts and private data compromised

Security researchers have recently highlighted serious risks introduced by the Web Proxy Auto-Discovery Protocol (WPAD), which is enabled by default on Windows and is supported by other operating systems as well.