Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

ransomware hardware security embedded circuit board integrated controller

KillDisk cyber sabotage tool evolves into ransomware

A malicious program called KillDisk that has been used in the past to wipe data from computers during cyberespionage attacks is now encrypting files and asking for an unusually large ransom.

robot hacking security A.I.

Plone dismisses claim that flaw in its CMS was used to hack FBI

The security team behind the Plone content management system has dismissed claims that hackers have access to information about an unpatched critical vulnerability.

Digital Key encryption

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Security vendor Kaspersky Lab updated its antivirus products to fix an issue that could have exposed users to traffic interception attacks.

lg 50ga6400 smart tv google android

Ransomware on smart TVs is here and removing it can be a pain

Over the Christmas holiday, a user reported the first in-the-wild case of a ransomware attack that infected an Android-based smart TV.

20160224 stock mwc internet of things iot sign

New year's resolution for IoT vendors: Start treating LANs as hostile

Insecure default configurations are prevalent in the IoT world, but many of them could be easily avoided if device manufacturers would include LAN-based attacks in their threat modelling.

150605 garuda 737 bali indonesia

It’s 2017 and changing other people’s flight bookings is incredibly easy

The travel booking systems used by millions of people every day lack modern authentication methods and allow attackers to easily modify other people’s reservations.

robot hacking security A.I.

Critical flaw in PHPMailer library puts millions of websites at risk

A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking.

Apple iPhone 5S (1)

Apple gives iOS app developers more time to encrypt communications

Apple has backtracked on a plan to force iOS developers to encrypt their app communications by the end of the year.

security code big data cyberespionage byte

The group that hacked the DNC infiltrated Ukrainian artillery units

The cyberespionage group blamed for hacking into the U.S. Democratic National Committee (DNC) has also infiltrated the Ukrainian military through a trojanized Android application used by artillery units.

Digital Key encryption

Encrypted messaging app Signal uses Google to bypass censorship

Developers of the popular Signal secure messaging app have started to use Google's domain as a front to hide traffic to their service and to sidestep blocking attempts.

VMware headquarters

VMware removes hard-coded root access key from vSphere Data Protection

VMware released a hotfix for vSphere Data Protection (VDP) to change a hard-coded SSH key that could allow remote attackers to gain root access to the virtual appliance.

Badlock vulnerability logo

Google researchers help developers test cryptographic implementations

Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations.

20160225 stock mwc ericsson booth security locks

The year ransomware became one of the top threats to enterprises

Ransomware creators are increasingly targeting companies and other organizations, sometimes using techniques borrowed from cyberespionage attacks, because they're likely to pay more money for their data.

malware attack cyberespionage code hacker

Cyberattack suspected in Ukraine power outage

A new power outage that affected parts of Kiev and the surrounding region in Ukraine late Saturday might have been the result of a cyberattack.

encryption security Android

Mobile banking trojans adopt ransomware features

Cybercriminals are adding file-encrypting features to traditional mobile banking trojans, creating hybrid threats that steal sensitive information and lock user files at the same time.