Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

OS X El Capitan installation

Apple patches vulnerable OS X Git version that put developers at risk

Apple has released a new version of its Xcode development tool in order to patch two critical vulnerabilities in the Git source code management client.

SSL padlock icon

Google turns on HTTPS for all Blogspot blogs

All blogs hosted on Google's domain can now be accessed over an encrypted HTTPS connection.

imagetragick logo

Critical flaws in ImageMagick library expose millions of websites to hacking

A tool used by millions of websites to process images has several critical vulnerabilities that could allow attackers to compromise Web servers.

Digital Key, security, encryption

Toy maker Maisto’s website pushed growing CryptXXX ransomware threat

The website of toy maker Maisto was infected with malicious code that distributed CryptXXX, a new and increasingly widespread ransomware program.

Android apps (2)

Phishing apps posing as popular payment services infiltrate Google Play

Researchers from security firm PhishLabs found 11 phishing applications hosted on Google Play this year, targeting users of popular online payment services.

slack icon

Developers leak Slack access tokens on GitHub, putting sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams' internal chats and other data at risk.

Fraud gang targeted large European companies

Estonian man gets over 7 years in prison for role in global DNS hijacking botnet

An Estonian man was sentenced Tuesday to 87 months in prison in the U.S. for his role in a cybercriminal operation that infected over 4 million computers with DNS hijacking malware.


Cyberespionage group abuses Windows hotpatching mechanism for malware stealth

A cyberespionage group active in Asia has been leveraging a Windows feature known as hotpatching in order to better hide its malware from security products.

security code big data cyberespionage DDoS

Empty DDoS threats earn extortion group over $100,000

A group of cybercriminals extorted over $100,000 from companies by threatening to launch DDoS attacks against them, without even having the capability to do so.

150817 google marshmallow 03

Malvertising attack silently infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.

security code big data cyberespionage DDoS

Bangladesh Bank attackers used custom malware that hijacked SWIFT software

The hackers who stole $81 million from Bangladesh's central bank earlier this year likely used custom malware designed to interfere with the SWIFT client software used by financial institutions.

151027 facebook headquarters 1

Facebook bug hunter stumbles on backdoor left by hackers

A researcher found a PHP-based backdoor installed by hackers on one of Facebook's corporate servers.

20151005 Cisco headquarters sign

Cisco fixes serious denial-of-service flaws in wireless LAN controllers, other products

Cisco Systems has released patches to fix serious denial-of-service flaws in its Wireless LAN Controller (WLC) software, Cisco Adaptive Security Appliance (ASA) software and the Secure Real-Time Transport Protocol (SRTP) library that's used in many products.

ransomwhere logo

This tool can block ransomware on Mac OS X, for now

A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.

malware payment terminal credit card

New point-of-sale malware Multigrain steals card data over DNS

A new memory scraping malware program steals payment card data from point-of-sale (PoS) terminals and sends it back to attackers using the Domain Name System (DNS).