Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

Spammers buy Chrome extensions and turn them into adware

Two developers who sold their popular Chrome extensions saw them misused for aggressive advertising

PCWorld News

Cisco fixes remote access vulnerabilities in Cisco Secure Access Control System

Flaws in the network access control product can give attackers access to administrative functions, Cisco said

PCWorld News

New Blackphone promises secure communications and privacy

The phone is the creation of smartphone manufacturer Geeksphone and encrypted communications provider Silent Circle

BYOD security

Researchers: Tech support scammers are targeting mobile users

Researchers from security firm Malwarebytes spotted a tech support scam targeting smartphone and tablet users, while the Federal Trade Commission is warning consumers about scams offering tech support refunds.

target

Target point-of-sale terminals were infected with malware

The company's CEO confirmed that attackers used malware to steal credit and debit card data from PoS systems

linksys wag200g

Cisco promises to fix vulnerability in some routers

The company plans to release firmware updates to remove an undocumented feature by the end of the month.

PCWorld News

Security analysis of mobile banking apps reveals significant weaknesses

Many apps failed to validate SSL certificates and exposed sensitive information, a researcher from IOActive said

PCWorld News

OpenSUSE forums hack raises vBulletin zero-day exploit possibility

The openSUSE site maintainers recommend using strict directory permissions and alternative authentication systems

Yahoo starts encrypting all email, but implementation is inconsistent

The company's HTTPS implementation still needs some improvements, an SSL expert said

Trojan program hijacks World of Warcraft accounts despite two-factor authentication

The malware is bundled with a fake Curse Client, the game developer said

Malware virus

Cybercrooks developing dangerous new file-encrypting ransomware, researchers warn

The new threat might be even more difficult to remove than CryptoLocker, which plagued users in recent months

password

No hypervisor vulnerability exploited in OpenSSL site breach

The compromise was the result of the hosting provider using insecure passwords for the virtualization software, the OpenSSL Project said.

cyber threats online security

The security industry found its dream enemy in 2013. And new technical challenges, too

Revelations about mass surveillance will fuel encryption adoption in the next year, but implementing it will take care, security experts say.

snapchat

Attackers could match phone numbers to Snapchat accounts, researchers say

A legitimate feature for finding friends on Snapchat lacks rate limiting and can be abused, a security research group claims