Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

Chinese hacker group behind January 2013 New York Times attack returns with updated tools

The Chinese hacker group that broke into the computer network of The New York Times and other high-profile organizations, including defense contractors, has launched new attacks following a few months of inactivity, according to researchers from security vendor FireEye.

Researcher builds botnet-powered distributed file storage system using JavaScript

The latest Web technologies can be used to build a secure and distributed file storage system by loading a piece of JavaScript code into users' Web browsers without them knowing, a researcher demonstrated Sunday at the Defcon security conference in Las Vegas.

Will Smith, Defcon

Will Smith makes unexpected appearance at Defcon hacker conference

Actor Will Smith captured the attention of Defcon attendees when he showed up unexpectedly at the hacker conference on Sunday apparently to do research for an upcoming movie.

Android one-click Google authentication method puts users, businesses at risk

A feature that allows Android users to authenticate themselves on Google websites without having to enter their account password can be abused by rogue apps to give attackers access to Google accounts, a security researcher showed Saturday at the Defcon security conference in Las Vegas.

defcon car hack

Defcon researchers reveal tricks behind their car hack

Two security researchers at Defcon revealed the methods they used to hack into car computers and take over the steering, acceleration, brakes, and other important functions.

Researchers demo exploits that bypass Windows 8 Secure Boot

The Windows 8 Secure Boot mechanism can be bypassed on PCs from certain manufacturers because of oversights in how those vendors implemented the Unified Extensible Firmware Interface (UEFI) specification, according to a team of security researchers.

Industrial control systems targeted by malicious attackers, research shows

Attackers are actively targeting Internet-connected industrial control systems (ICS) in an effort to compromise their operation, according to data collected from a global network of honeypot systems that simulate water pumps.

Hacker symposium showcases unsettling simple ways to bypass home security systems

Many door and window sensors, motion detectors and keypads that are part of security systems used in millions of homes and businesses can be bypassed by using relatively simple techniques, according to researchers from security consultancy firm Bishop Fox.

on techhive.com

D-Link DNR-322L

Vulnerabilities in D-Link network video recorders enable remote spying, researcher says

Some D-Link devices that enable remote access to surveillance camera feeds or other potentially sensitive data contain critical vulnerabilities that enable hackers to bypass authentication and access them from the Internet.

Some home automation systems are rife with holes, security experts say

A variety of network-controlled home automation devices lack basic security controls, making it possible for attackers to access their sensitive functions, often from the Internet, according to researchers from security firm Trustwave.

on techhive.com

Bitdefender Safepay browser

Bitdefender Safepay offers secure browsing for online banking, shopping

Bitdefender has released a Windows application designed to help users secure sensitive Web-browsing sessions, especially when they shop or bank online. The application is called Safepay and a free version is available to home users.

Malware virus

Microsoft: Almost 90 percent of Citadel botnets in the world disrupted in June

Microsoft estimates that 88 percent of botnets running the Citadel financial malware were disrupted as a result of a takedown operation launched by the company in collaboration with the FBI and partners in technology and financial services. The operation was originally announced on June 5.

Cybercriminals are using the Tor network to control their botnets

Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control (C&C) servers, according to researchers from security firm ESET.

hackers

Syrian Electronic Army hacks into Viber support website

The hacker group calling itself the Syrian Electronic Army (SEA) broke into the customer support website for Viber, an instant messaging and Voice-over-Internet-Protocol (VoIP) application available for both mobile and desktop operating systems.

Report: Android spyware infections on the rise

About 1 percent of Android devices are infected with malware, according to Alcatel-Lucent's Kindsight Security Labs.