Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

android devil malware

New crimeware tool Dendroid makes it easier to create Android malware, researchers warn

The tool can be used to add malicious functionality to legitimate applications, researchers from Symantec said.

Withdrawal vulnerabilities enabled bitcoin theft from Flexcoin and Poloniex

The flaws allowed hackers to overdraw accounts on the two websites without being detected.

TP-Link Archer AC1900

Attack campaign compromises 300,000 home routers, alters DNS settings

Attackers have used a variety of techniques to exploit known vulnerabilities in router models from different manufacturers.

Mozilla accepting whitelist requests for Firefox's coming plug-in block

Developers will need to present compelling arguments for getting their plug-ins on the whitelist, Mozilla said

malware

Gameover malware tougher to kill with new rootkit component

The rootkit works on 32-bit and 64-bit Windows versions and protects the malware's components from being deleted.

securityshowdown primary

Security conference's own app leaks user info

The RSA Conference app exposes information about attendees in a SQLite database file, according to IOActive.

Security researchers urge tech companies to explain their cryptographic choices

Researchers signed an open letter outlining 10 transparency principles for companies to regain user trust following surveillance revelations

IE zero-day exploit that struck VFW website being used in widespread attacks

The exploit is being distributed from many compromised websites around the world, researchers from Symantec said

securityshowdown primary

Researchers blow past all protections in Microsoft's EMET anti-exploitation tool

The tool can't protect against determined attackers with customized exploits, researchers from Bromium claim

New iOS flaw allows malicious apps to record touch screen presses

The captured touch screen data could be used to reconstruct what users typed

PCWorld News

Hacker defaces website of IT security certification body EC-Council

The hacker claims he obtained photocopies of thousands of passports belonging to law enforcement and military officials

android devil malware

Source code for Android iBanking bot surfaces on underground forum

The leaked source code could lead to a larger number of attacks using the mobile malware, security researchers from RSA said

adobe flash logo

Adobe Flash exploit targets security, public policy sites

The attackers appear to be gathering broad intelligence about visitors to three websites, FireEye says

PCWorld News

Cisco fixes unauthorized access, denial-of-service flaws in several products

The vulnerabilities could allow attackers to take control of affected devices or cause them to become unresponsive

linksys wag320n image

Exploit released for vulnerability targeted by Linksys router worm

The list of affected router models is larger than previously thought