Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

20160224 stock mwc internet of things iot sign

Hackers found 47 new vulnerabilities in 23 smart devices at DEF CON

Hackers found and disclosed 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers during during the IoT Village at DEF CON.

security code big data cyberespionage byte

MySQL zero-day exploit puts some servers at risk of hacking

A publicly disclosed vulnerability in the MySQL database could allow attackers to completely compromise some servers

segate central NAS

Thousands of Seagate NAS boxes host cryptocurrency mining malware

Thousands of publicly accessible FTP servers, including many Seagate network-attached storage devices, are being used by criminals to malware that mines cryptocurrency.

xen project hypervisor panda mascot

Xen Project patches serious virtual machine escape flaws

The Xen Project has fixed four vulnerabilities in its widely used virtualization software, two of which could allow malicious virtual machine administrators to take over host servers.

HTTP Internet website

Google Chrome to start marking HTTP connections as insecure

To push more websites to implement encryption and to better protect users, Google will start flagging plain HTTP connections as insecure in its popular Chrome browser.

USB armory

A USB device is all it takes to steal credentials from locked PCs

A security researcher demonstrated that all it takes to steal an OS account's password hash from a Windows computer in a locked state, is to plug in a special USB device for a few seconds.

security code big data cyberespionage DDoS

Google Safe Browsing gives more details to compromised website owners

Google is now providing more information to website owners whose online properties are temporarily blocked as unsafe by its Safe Browsing technology in order to help them fix the identified problems faster.

150817 google marshmallow 03

Google's 3-level Android patch could cause confusion

Google released a large monthly batch of security patches for Android, fixing 55 vulnerabilities, eight of which are rated critical.

malware attack cyberespionage code hacker

Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that despite running from user mode, can be hard to detect and remove.

code big data binary programming

Sophos AV false positive detection ruins the weekend for some Windows users

A bad malware signature caused Sophos antivirus products to detect a critical Windows file as malicious, preventing some users from accessing their computers.

Linux Tux

Suspect arrested in 5-year-old kernel.org breach

Five years after a security breach forced the Linux Foundation to take kernel.org offline and to rebuild several of its servers, police have arrested a suspect in the case.

microsoft headquarters

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Microsoft has expanded its bug bounty programs to cover its open-source .NET Core and ASP.NET Core application development platforms.

20160225 stock mwc ericsson booth security locks

FairWare ransomware infects servers through exposed Redis instances

Days after reports that a new ransomware attack was deleting files from web servers, security researchers determined that some of the affected servers were hacked via insecure deployments of the Redis database.

adobe san jose

Adobe patches critical vulnerability in ColdFusion application server

Adobe Systems released critical security patches for its ColdFusion application server which has been a target for hackers in the past.

security code big data cyberespionage DDoS

Poisoned Word docs deploy rogue web proxies to hijack your encrypted traffic

A new attack analyzed by malware researchers from Microsoft uses Word documents with malicious code that configures browsers to use a web proxy controlled by attackers.