Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

New Tor-powered backdoor malware targets Macs

Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network.

Security

Nasty Lenovo UEFI exploit also affects products from other vendors

A critical vulnerability that was recently found in the low-level firmware of Lenovo ThinkPad systems also reportedly exists in products from other vendors including HP and Gigabyte Technology.

Digital Key, security, encryption

Android's full disk encryption can be brute-forced on devices with Qualcomm chips

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users' data and run brute-force attacks against them.

security keys locks

New Satana ransomware encrypts user files and master boot record

Attackers are developing an aggressive new ransomware program that encrypts both user files and the computer's master boot record (MBR), leaving affected machines unable to boot into the OS.

ransomware hardware security embedded circuit board integrated controller

Firmware exploit can defeat new Windows security features on Lenovo ThinkPads

A newly released UEFI exploit for Lenovo ThinkPad laptops could disable low-level Windows security features like Secure Boot, Virtual Secure Mode and Credential Guard.

security camera attack surveillance

Over 100 DDoS botnets built using Linux malware for embedded devices

LizardStresser, the DDoS malware for Linux systems written by the infamous Lizard Squad attacker group, was used over the past year to create over 100 botnets, some built almost exclusively from compromised internet-of-things devices.

xx

Researchers dismantle decade-long Iranian cyberespionage operation

The infrastructure used by an Iranian cyberespionage group to control infected computers has been hijacked by security researchers.

symantec logo

Nasty flaws in Symantec security tools expose millions of computers to hacking

A Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers.

security code big data cyberespionage DDoS

Thousands of hacked CCTV devices used in DDoS attacks

Attackers have compromised more than 25,000 digital video recorders and CCTV cameras and are using them to launch distributed denial-of-service (DDoS) attacks against websites.

Digital Key, security, encryption

Bart ransomware shows it can be effective without sophisticated encryption

A new ransomware program called Bart is making the rounds and locks user files in password-protected zip archives.

The Internal Revenue Service's IRS tax filing form 1040.

IRS kills electronic filing PIN feature due to repeated attacks

After repeated attacks, the Internal Revenue Service has decided to retire a Web-based tool for obtaining PINs that taxpayers could use to file tax returns electronically.

20160224 stock mwc lenovo booth sign

Lenovo plugs severe security holes in PC support tool preinstalled on PCs

Lenovo has fixed two high severity vulnerabilities in its Lenovo Solution Center support tool that is preinstalled on many laptop and desktop PCs.

malware payment terminal credit card

GozNym Trojan turns its sight on business accounts at major US banks

A hybrid Trojan program created for financial fraud has started redirecting users of four large U.S. banks to rogue websites in order to hijack their accounts.

Digital Key, security, encryption

The number of corporate users hit by crypto ransomware is skyrocketing

The prevalence of ransomware programs, both those that encrypt data and those that don't, has exploded over the past two years, with companies being increasingly targeted.

code big data binary programming

Severe flaws in widely used archive library put many projects at risk

Researchers from Cisco Systems' Talos group found three severe flaws in libarchive that could impact a large number of software products and their users.