Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

PCWorld News

Cisco patches autonomic networking flaws in IOS routers and switches

The flaws could allow attackers to gain limited access over affected devices or to disrupt their normal operation

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions for issuer

Microsoft revoked trust in an intermediate CA certificate that was used to issue unauthorized certificates for Google websites

Dell Logo

Dell support tool put PCs at risk of malware infection

Weak authentication in Dell's System Detect utility could have enabled drive-by malware attacks

Flash-based vulnerability lingers on many websites three years later

A large number of developers have failed to patch their Flash applications against a vulnerability that can be exploited to target Web users

PCWorld News

New malware program PoSeidon targets point-of-sale systems

The malware combines key logging and memory scraping functionality

PCWorld News

Cisco small business phones open to remote eavesdropping, calling

An authentication flaw allows attackers to listed to audio streams and make calls from Cisco SPA 300 and 500 IP phones

PCWorld News

New attacks suggest leeway for patching Flash Player is shrinking

It took one week from Adobe's fix to mass exploitation for a recent Flash Player flaw

hacker hand

Chrome, Firefox, Explorer, Safari were all hacked at Pwn2Own contest

Most of the successful attacks daisychained multiple vulnerabilities to gain access. Adobe Reader and Flash Player fell as well.

thinkstockphoto 510357361

At least 700,000 routers that ISPs gave to their customers are vulnerable to hacking

The devices have serious flaws that enable unauthorized remote access and DNS hijacking, a researcher found

PCWorld News

OpenSSL fixes serious denial-of-service bug, 11 other flaws

The scare of a second Heartbleed was unjustified

PCWorld News

IT manager gets certificate for Microsoft domain, tries to report it but gets in trouble

He tried to alert the company in January, but the company never got his emails, and later suspended his Microsoft account

PCWorld News

EMET security tool updated to prevent VBScript God Mode attacks

Microsoft was forced to release EMET 5.2 again because customers experienced issues with the first variant

encryptitall

Microsoft blacklists fraudulently issued Windows Live SSL certificate

An unauthorized party managed to obtain a SSL certificate for Microsoft's live.fi domain name.

password

Why Yahoo's new on-demand password system is no two-factor authentication killer

The new authentication option offers better security than static passwords, but it's not as strong as two-step verification

usb high voltage death machine

'USB Killer' is a flash drive designed to fry your laptop

A hardware enthusiast created a USB thumb drive that can discharge a high voltage into a computer's USB interface