Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

malware

Spike in traffic with TCP source port zero has some researchers worried

A significant increase this weekend in TCP traffic with source port zero detected could be part of reconnaissance efforts in preparation for more serious attacks, according to security researchers from Cisco Systems.

hackers

CryptoLocker creators try to extort even more money from victims with new service

Users who removed the original malware infection, intentionally or not, are asked to pay five times more to recover their files.

New malware variant suggests cybercriminals targeting SAP users

A new variant of a Trojan program that targets online banking accounts also contains code to search if infected computers have SAP client applications installed, suggesting that attackers might target SAP systems in the future.

Euro cops: We should be allowed to hack into computers

Don't call it hacking, a senior cybercrime adviser for the Dutch National High Tech Crime Unit said at a security conference -- it's "lawful intrusion."

Fake social media ID duped security-aware IT guys

Penetration testers used a faked woman's identity on social networks to break into a government agency with strong cybersecurity defenses.

Open-source software projects need to improve vulnerability-handling practices, researchers say

Security firm Rapid7 recently found and reported vulnerabilities in seven popular open-source software applications that together have been downloaded millions of times.

PHP.net maintainers to reset user passwords, change SSL certificate

Attackers compromised two php.net servers, injecting malicious code into the website, so The PHP Group is resetting passwords for the official website of the PHP programming language. It's also changing php.net's SSL certificate.

PHP.net compromised and used to attack visitors

Attackers injected malicious JavaScript code into the official website for the PHP programming language, redirecting some visitors' browsers to Flash exploits.

cisco_logo

Cisco fixes serious security flaws in networking, communications products

Software security updates from Cisco address denial-of-service and arbitrary command execution vulnerabilities in several products.

Flash Player now sandboxed under Safari on Mac OS X

The Flash Player plug-in has more restrictions, which should mean improved security under Safari on Mac OS X Mavericks.

WNDR3700v4

Vulnerabilities in some Netgear routers open door to remote attacks

Vulnerabilities in the management interfaces of some wireless router and network-attached storage products from Netgear expose the devices to remote attacks that could result in their complete compromise, researchers warn.

Application-layer DDoS attacks are becoming increasingly sophisticated

Attackers are using real browsers on infected computers to attack Web applications and bypass DDoS protection.

Felipe Calderon

Mexico condemns NSA's alleged hacking of president's email

The Mexican government has condemned newly reported spying activities of the U.S. National Security Agency against the country's former president while he was in office.

security

Belgacom investigates router compromise at its carrier services arm

Belgian telecommunications group Belgacom found unauthorized changes made to a router at its BICS subsidiary, which provides wholesale communication services to hundreds of operators worldwide.

Hackers steal customer information from PR Newswire

Hackers managed to steal a database containing customer credentials and contact information from PR Newswire, a major press release distribution service that's used by tens of thousands of companies and public relations agencies.