Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

security code big data cyberespionage byte

The Sony Pictures hackers have been hitting organizations from different countries for years

The group of hackers that crippled the computer infrastructure of Sony Pictures Entertainment in late 2014 has been responsible for a large number of attacks against organizations from South Korea, the U.S. and other countries over the past seven years.

code big data binary programming

Attackers can turn Microsoft's exploit defense tool EMET against itself

Hackers can easily disable the Microsoft Enhanced Mitigation Experience Toolkit (EMET), a free tool used by companies to strengthen Windows security.

atm cash machine money

Latest attack against Russian bank employees highlights the threat to financial institutions

The employees of at least six Russian banks were recently the target of a well-crafted email attack where hackers masqueraded as the Russian Central Bank to trick them into installing malware.

Apple iPhone 5S (3)

Chinese devs abuse free Apple app-testing certs to install pirated apps

A Chinese iOS application recently found on Apple's official store contained hidden functionality that allowed users to install pirated apps on non-jailbroken devices, a technique that could also be leveraged by malware in the future.

geekbuddy comodo remote desktop support

Remote desktop tool distributed by Comodo enabled privilege escalation

Security software vendor Comodo patched a security weakness in its GeekBuddy remote PC support tool that could have enabled malware or exploits to gain admin privileges on computers.

010516blog twitter logo

Twitter password recovery bug exposes 10,000 users' personal information

Twitter has notified 10,000 users that their email address and phone number might have been exposed due to a bug in the website's password recovery feature.

simplisafe home security system

Popular home security system SimpliSafe can be easily disabled by burglars

Attackers can easily disable SimpliSafe home security systems from up to 30 meters away by using a device that costs around $250 to create, researchers from security firm IOActive found.

LH110 Lorex digital video recorder DVR

Hard-coded password exposes up to 46,000 video surveillance DVRs to hacking

Up to 46,000 Internet accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can be easily taken over by hackers.

xen project hypervisor panda mascot

Xen's latest hypervisor updates are missing some security patches

The Xen Project released new versions of its virtual machine hypervisor, but forgot to fully include two security patches that had been previously made available.

security code big data cyberespionage DDoS

Russian cyberspy group uses simple yet effective Linux Trojan

A cyberespionage group of Russian origin known as Pawn Storm is infecting Linux systems with a simple but effective Trojan program that doesn't require highly privileged access.

20151027 vmware sign

Pwn2Own contest puts $75,000 bounty on VMware Workstation bypass

The Pwn2Own hacking contest in March will award security researchers for exploiting Google Chrome, Microsoft Edge, Apple Safari, Flash Player and, for the first time, VMware Workstation.

20151005 cisco headquarters sign

Critical VPN key exchange flaw exposes Cisco security appliances to remote hacking

Cisco Systems patched a critical vulnerability that could allow remote attackers to take over Cisco Adaptive Security Appliance (ASA) firewalls configured as virtual private network servers by simply sending malformed network packets to them.

microsoft headquarters

Microsoft fixes 36 flaws in IE, Edge, Office, Windows, .NET

Microsoft released its second batch of security updates for this year, addressing a total of 36 flaws in Internet Explorer, Edge, Office, Windows and .NET Framework.

The Internal Revenue Service's IRS tax filing form 1040.

Identity thieves obtain 100,000 electronic filing PINs from IRS system

The Internal Revenue Service was the target of an attack that used stolen social security numbers and other taxpayer data to obtain PINs that can be used to file tax returns electronically.

security code big data cyberespionage DDoS

Java-based Trojan was used to attack over 400,000 systems

A Java-based Trojan known as Adwind and AlienSpy has been rebranded as JSocket and is being sold as a service to all types of attackers, from opportunistic cybercriminals to cyberespionage groups.