Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

computer network cables internet switch ethernet

5 key things you need to know about VPNs

A VPN is a secure tunnel between two or more computers on the internet. Here's everything you need to know.

Samsung's S7 smartphone

Mobile subscriber identity numbers can be exposed over Wi-Fi

Researchers have now found that protocols used by operators to offload data connections and voice calls to Wi-Fi can be abused to track mobile subscribers by their unique identification numbers.

io attack plc rootkit pin configuration

Researchers build undetectable rootkit for programmable logic controllers

Researchers have devised a new malware attack against industrial programmable logic controllers (PLCs) that takes advantage of architectural shortcomings in microprocessors and bypasses current detection mechanisms.

Digital Key, security, encryption

Google to untrust WoSign and StartCom certificates

Following similar decisions by Mozilla and Apple, Google plans to reject new certificates issued by two certificate authorities because they violated industry rules and best practices.

security hacker privacy

Joomla websites attacked en masse using recently patched exploits

Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.

security code big data cyberespionage byte

New Windows code injection method could let malware bypass detection

Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.

icarus drone hijacking

No need to shoot down drones! Many of them can now be hijacked

A security researcher has devised a method of hijacking a wide variety of radio controlled airplanes, helicopters, cars, boats and other devices that use a popular wireless transmission technology.

adobe flash player v10 icon

Emergency Flash Player patch fixes zero-day critical flaw

Adobe Systems released an emergency patch for Flash Player in order to fix a critical vulnerability that attackers are already taking advantage of.

security code big data cyberespionage DDoS

Attackers are now abusing exposed LDAP servers to amplify DDoS attacks

Attackers are abusing yet another widely used protocol in order to amplify distributed denial-of-service attacks: the Lightweight Directory Access Protocol (LDAP), which is used for directory services on corporate networks.

schneider electric modicon m340 plc

Workstation software flaw exposes industrial control systems to hacking

The software used to program and deploy code to various Schneider Electric industrial controllers has a weakness that could allow hackers to remotely take over engineering workstations.

Security online

Critical account creation flaws patched in popular Joomla CMS

The Joomla developers are warning website administrators to apply an update for the popular content management system that fixes two critical vulnerabilities.

ransomware hardware security embedded circuit board integrated controller

Physical RAM attack can root Android and possibly other devices

Researchers have devised a new way to fully compromise Android devices without exploiting any software vulnerability and instead taking advantage of a physical design weakness in RAM chips.

linux tux mascot logo

Easy-to-exploit rooting flaw puts Linux PCs at risk

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that's already being exploited in the wild and poses a serious risk to Linux based servers, desktops and other devices.

Security (3)

This free tool protects PCs from master boot record attacks

A new open-source tool called MBRFilter can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.

Security online

Intel CPU flaw could help attackers defeat security features

A feature in Intel's Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.