Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

kiss

Visitors to top porn sites slammed by malicious advertising attack

A malicious advertisement posted through an ad network tried contained a Flash Player exploit

gtx 960 primary

New Linux rootkit leverages graphics cards for stealth

The Jellyfish proof-of-concept rootkit uses the processing power of graphics cards and runs in their dedicated memory

computer security stock image

WordPress fixes actively exploited security flaw

WordPress 4.2.2 addresses two critical XSS flaws and hardens defenses for a third

ads

Superfish injects ads into 5 percent of all Google page views

Google found 50,870 Chrome extensions and 34,407 programs that injected ads into its websites

PCWorld News

Companies are falling behind on securing their SAP environments

More than 95 percent of SAP systems are vulnerable, a SAP security firm said

internetofthings origdp 100309501 orig

The Internet of Things will take a beating at DefCon hacking contest

Hackers will compete on findings flaws in off-the-shelf Internet-enabled embedded devices

PCWorld News

Cybercriminals borrow from APT playbook in attack against PoS vendors

Attackers impersonated point-of-sale system owners in need of technical assistance in a spear-phishing attack targeting PoS vendors

password alert

Security researchers poke holes in Google's anti-phishing Chrome extension

Security researchers found nine different ways to defeat Google's Password Alert extension for Chrome.

PCWorld News

WordPress e-commerce plug-in puts over 5,000 websites at risk

Unpatched flaws could allow attackers to take control of websites running a WordPress plug-in called TheCartPress

smartscreen filter misleading ads

Microsoft cracks down on misleading (and frequently malicious) advertisements

Internet Explorer will start showing warnings for ads that lead users to harmful websites and software

PCWorld News

Flaw in Realtek SDK for wireless chipsets exposes routers to hacking

Unauthenticated attackers can exploit the vulnerability to execute arbitrary code on affected devices, researchers said

PCWorld News

Decryption tool available for TeslaCrypt ransomware that targets games

Security researchers found that decryption keys can be recovered from systems infected with TeslaCrypt

credit cards generic

Police breaks up cybergang that stole over $15 million from banks

Romanian authorities detained 25 suspected members of an international gang of cyberthieves who hacked into banks and cloned payment cards.

security hole in fence clouds gap opening

Second HTTPS snooping flaw breaks security for thousands of iOS apps

Hackers can exploit the vulnerability to launch man-in-the-middle attacks and decrypt traffic from the affected apps.

PCWorld News

With ransomware on the rise, cryptographers take it personally

The security industry is not doing enough and it's going to get worse, they said