Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Big Data, chart, chief data officer, data science

Google offers app to help companies assess their vendors' security

Google has published an interactive questionnaire that companies could use to assess the security posture of vendors they choose to work with or to review and improve their own security programs.

Data analytics, big data, business, chart, laptop

These are the worst domains for harboring malware

Generic top-level domains (TLDs) that have sprung up in recent years have become a magnet for cybercriminals, to the point where some of them host more malicious domains than legitimate ones.

Legislation of privacy security keyboard law legal gavel

Suspected Bush family hacker Guccifer to be extradited to US

Romania's highest court approved the temporary extradition to the U.S. of a convicted hacker who is accused of breaking into the email and social media accounts of a Bush family member and U.S. government officials.

20160225 stock mwc ericsson booth security locks

5 things you need to know about ransomware, the scary malware that locks away data

Ransomware has become a real scourge for consumers, businesses and even government institutions. Unfortunately, there's no end in sight, so here's what you should know.

Digital Key, security, encryption

Cerber ransomware sold as a service, speaks to victims

The Cerber ransomware is sold as a service to cybercriminals and contains an audio message for victims, researchers find.

20151005 cisco headquarters sign

Cisco issues critical patch for Nexus switches to remove hardcoded credentials

Cisco Systems has released software updates for its Nexus 3000 and 3500 switches in order to remove a default administrative account with static credentials that could allow remote attackers to compromise devices.

Digital Key, security, encryption

Latest attack against TLS shows the pitfalls of intentionally weakening encryption

For the third time in under a year, security researchers have found a method to attack encrypted Web communications, a direct result of weaknesses that were mandated two decades ago by the U.S. government.

Apple iPhone 5S (1)

Apple goofed in several ways in fight with FBI over data encryption, renowned cryptographer says

Adi Shamir, co-creator of the widely used RSA cryptographic algorithm, believes that Apple should have assisted the FBI in decrypting the iPhone of one of the San Bernardino shooters and choose to resist in a future situation.

drown attack logo SSLv2

New TLS decryption attack affects one in three servers due to legacy SSLv2 support

Security researchers have discovered a new weakness that could allow attackers to spy on encrypted communications between users and a third of all HTTPS servers.

Digital Key, security, encryption

CTB-Locker ransomware hits over 100 websites

A new malicious program that encrypts files on Web servers has affected at least 100 websites over the past few weeks, signaling a new trend in ransomware development.

generic image of a wi-fi router

Serious flaws discovered in Netgear and D-Link devices during mass firmware analysis

A team of security researchers found serious vulnerabilities in over a dozen wireless routers and access points from Netgear and D-Link with the help of an open-source framework that can be used to perform dynamic security analysis on embedded firmware.

Big Data, chart, chief data officer, data science

Fixing the Internet's routing security is urgent and requires collaboration

The Mutually Agreed Norms for Routing Security (MANRS), an initiative backed by the Internet Society to fix routing security on the Internet, is gaining some traction, but the number of attacks that take advantage of weaknesses in the global routing system are also growing.

microsoft headquarters

Microsoft adds new security enhancements to its cloud offerings

Microsoft is adding a range of new security features to its Office 365 and Azure cloud services as part of the company's holistic approach to enterprise security that it announced last year.

Digital Key, security, encryption

Outdated payment terminals exempted by Mozilla from SHA-1 certificate ban

Mozilla will allow Symantec to issue nine new SHA-1-signed certificates to Worldpay in order to accommodate over 10,000 payment terminals that haven't been upgraded before the issuing of such certificates was banned.

security code big data cyberespionage byte

The Sony Pictures hackers have been hitting organizations from different countries for years

The group of hackers that crippled the computer infrastructure of Sony Pictures Entertainment in late 2014 has been responsible for a large number of attacks against organizations from South Korea, the U.S. and other countries over the past seven years.