Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

PCWorld News

Cisco fixes unauthorized access, denial-of-service flaws in several products

The vulnerabilities could allow attackers to take control of affected devices or cause them to become unresponsive

linksys wag320n image

Exploit released for vulnerability targeted by Linksys router worm

The list of affected router models is larger than previously thought

linksys e4200 router

Weird, self-replicating 'TheMoon' worm crawls into Linksys routers

A self-replicating program infects Linksys routers by exploiting an authentication bypass vulnerability

Dozens of rogue self-signed SSL certificates used to impersonate high-profile sites

The certificates could be used to launch man-in-the-middle attacks against desktop and mobile apps with poor certificate validation

PCWorld News

Denial-of-service vulnerability puts Apache Tomcat servers at risk

Attackers can cause Tomcat processes to use all available CPU resources by sending malformed HTTP requests

Adobe patches two critical vulnerabilities in Shockwave Player

The flaws could allow attackers to execute malicious code on computers remotely

Slew of spoofs used in massive, record-breaking DDoS attack

The attack peaked at over 400Gbps according to CloudFlare, the company whose infrastructure was targeted

Unveiling 'The Mask': Sophisticated malware ran rampant for 7 years

The attack campaign is highly sophisticated and appears to be a state-sponsored operation.

Snapchat vulnerability can be exploited to crash iPhones, researcher says

Snapchat request tokens can be resused to launch denial-of-service attacks against the app's users.

Cybercriminals compromise home routers to attack online banking users

Attackers changed the DNS configuration of vulnerable home routers to mount man-in-the-middle attacks against users in Poland.

facebook

Syrian Electronic Army tries (and fails) to hijack Facebook

Some registration information for facebook.com was changed, but the domain was not redirected to an unauthorized server

adobe flash logo

New Flash exploit used to distribute credential-stealing malware

The exploit is embedded into documents distributed as email attachments, researchers from Kaspersky Lab said.

PCWorld News

GCHQ reportedly infiltrated and attacked hacktivist groups

Leaked documents suggest the agency used denial-of-service tactics and assisted law enforcement in identifying Anonymous members

adobe flash logo

Adobe releases critical emergency update for Flash Player

The update patches a vulnerability for which an exploit was reported in the wild, the company said

Tumblr adds SSL encryption option, but not as the default

To benefit from the added security users need to enable the SSL option in the account settings