Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

hacker hand

Russian hackers exploit Windows zero-day flaw to target Ukraine, U.S. organizations

The vulnerability allows for arbitrary code execution and affects many versions of Windows and Windows Server

lastpass

What you should consider when choosing a password manager

Password managers offer many convenient options, but some come at the expense of security

shellshock bug

Linux botnet 'Mayhem' spreads through Shellshock exploits

The botnet targets Web servers that haven't been patched for recent vulnerabilities found in the Bash Linux shell

android malware

Android SMS worm Selfmite returns, more aggressive than ever

A new version of the worm is causing infected devices to send thousands of spam text messages and has spread to 16 countries so far.

ATM machine

Leaked programming manual may help criminals develop more ATM malware

Researchers found leaked documentation for application programming interfaces to interact with ATM devices.

android devil malware

Nearly half of all Android devices are still vulnerable to two serious browser exploits

The percentage is much higher in some countries and lower in the U.S, security firm Lookout estimates

ATM machine

Criminals used a malware program to steal millions from ATMs

The malware is installed from a bootable CD by first gaining physical access to the ATM

hacker hand

Bugzilla zero-day can reveal zero-day vulnerabilities in top open-source projects

Software projects that use the Bugzilla bug tracking software should deploy the latest patches immediately, security researchers said

Security researchers release 'unpatchable' tools that make USB drives malicious

The tools can be used to modify the firmware on USB flash drives in order to infect computers with malware.

iPad Air

Is that used iPad stolen? Apple creates tool for would-be buyers to check

The tool will help prospective buyers of used iPhones and iPads to determine if the devices were lost or stolen

PCWorld News

Xen Project discloses serious vulnerability that impacts virtualized servers

Major cloud providers like Amazon and Rackspace were forced to reboot some of their servers in order to apply the patch

OpenVPN servers can be vulnerable to Shellshock Bash vulnerability

Some OpenVPN configuration options open remote attack vectors for Bash vulnerabilities, the VPN provider warns.

PCWorld News

Hurry! Wait! Go! Joomla stumbles with patch for serious vulnerability

Joomla patches were reissued after the first versions broke the update process of existing installations

PCWorld News

Cisco, Oracle find dozens of their products affected by Shellshock

Cisco has identified 71 products vulnerable to Shellshock and Oracle 51, but the number is likely to increase

PCWorld News

Malvertising campaign delivers digitally signed CryptoWall ransomware

The wave of attacks through malicious advertisements continues to hit visitors of popular websites