Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

malware

Point-of-sale malware infections on the rise, researchers warn

Researchers from Arbor Networks and IntelCrawler identify new attacks using malware designed for point-of-sale systems.

Ruby on Rails security updates patch XSS, DoS vulnerabilities

The updates also strengthen the protection for a vulnerability patched in January

Akamai to buy DDoS protection specialist Prolexic

Content delivery services provider Akamai Technologies plans to buy Prolexic Technologies, a distributed denial-of-service (DDoS) mitigation specialist, for US$370 million in cash.

Google Nexus phones vulnerable to denial-of-service attack via SMS

Attackers could force phones from Google's Nexus line to reboot or fail to connect to the mobile Internet service by sending a large number of special SMS messages to them.

New Windows privilege escalation flaw exploited in active attacks

A vulnerability in Windows XP and Windows Server 2003 is exploited with a flaw in Adobe Reader in a new attack, researchers at FireEye said.

Worm targets Linux PCs and embedded devices

A new worm is targeting x86 computers running Linux and PHP, and variants may also pose a threat to devices such as home routers and set-top boxes based on other chip architectures.

Researchers: Trojan program 'Neverquest' a new threat to online banking users

Kaspersky Lab researchers warn that attackers could start to aggressively distribute this malware in the near future.

NSA infected 50,000 networks with specialized malware

The U.S. National Security Agency reportedly hacked into over 50,000 computer networks around the world as part of its global intelligence gathering efforts, and also taps into large fiber optic cables that transport Internet traffic between continents at 20 different major points.

LG_TV

LG smart TVs send data about users' files and viewing habits to the company

You don't just watch an LG TV, LG TVs are watching you.

malware

Financial malware program appears to communicate with attackers over the darknet

The malware is called i2Ninja and uses the I2P network (also called the darknet) as a command-and-control (C&C) channel, according to security researchers.

Trojan program steals log-in credentials, other sensitive data from SAP client applications

A recently discovered malicious program steals log-in passwords and other sensitive information from SAP client applications and allows cybercriminals to access SAP servers from infected workstations.

fire

GitHub bans weak passwords after brute-force attack results in compromised accounts

Popular source code repository service GitHub has recently been hit by a brute-force password-guessing attack that successfully compromised some accounts.

Hackers reportedly stole 42 million customer records from online dating network Cupid Media

Hackers reportedly stole 42 million customer records including email addresses and clear-text passwords from Cupid Media, a network of dating websites.

Google strengthens its SSL configuration against possible attacks

The company completed its planned switch to SSL certificates with 2048-bit keys ahead of schedule.

Malware virus

Hackers actively exploiting JBoss vulnerability to compromise servers

Attackers are actively exploiting a known vulnerability to compromise JBoss Java EE application servers that expose the HTTP Invoker service to the Internet in an insecure manner.