Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Twitter iOS App

Twitter warns users targeted by state-sponsored hackers

Twitter has warned some of its users that they may have been targeted in an attack by state-sponsored hackers.

security code big data cyberespionage DDoS

Cyberspy group repurposes 12-year-old Bifrose backdoor

A group of hackers that primarily targets companies from key industries in Asia is using heavily modified versions of a backdoor program called Bifrose that dates back to 2004.

Digital Key, security, encryption

SHA-1 cutoff could block millions of users from encrypted websites

Millions of Web users could be left unable to access websites over the HTTPS protocol if those websites only use digital certificates signed with the SHA-2 hashing algorithm.

spying eye cyberespionage surveillance

Cyberspy group targets South American political figures, journalists

Since 2008, a group of attackers has used off-the-shelf remote access Trojans (RATs) to target political figures, journalists and public figures in several South American countries.

Google

Chrome for Android blocks access to malware and scam websites

Google has implemented Safe Browsing, the blacklisting technology used to block websites that host malware or scams, in Chrome for Android.

security code big data cyberespionage DDoS

DDoS attacks increase in number, endanger small organizations

The number of DDoS attacks increased by 180 percent during the third quarter of this year compared to the same period in 2014.

150817 google marshmallow 06

Google patches critical media processing and rooting vulnerabilities in Android

A new batch of security fixes for Android address flaws that could allow attackers to compromise devices via rogue emails, Web pages, and MMS messages.

Lenovo ThinkPad X240 (2)

Security vulnerabilities found in support software from Lenovo, Toshiba, and Dell

Exploits have been published for flaws in Lenovo Solution Center, Toshiba Service Station and Dell System Detect.

security code big data cyberespionage DDoS

Russian spy group adopts new tools to hack defense contractor networks

Pawn Storm has adopted new tools in an ongoing attack campaign against defense organizations with the goal of defeating network isolation policies.

victim identity theft computer problem

Widespread exploit kit, ransomware program, and password stealer mixed into dangerous malware cocktail

An ongoing attack campaign combines a very effective password stealer, the most widespread exploit kit, called Angler, and the latest version of the infamous CryptoWall file-encrypting ransomware program.

Digital Key, security, encryption

No more security fixes for older OpenSSL branches

The OpenSSL Software Foundation has released new security patches, but for branches 0.9.8 and 1.0.0 these will likely be the last security updates.

malware payment terminal credit card

New attack campaign against SMBs uses a botnet to deliver PoS malware

A group of sophisticated attackers are breaking into the networks of small and medium-size businesses worldwide with the goal of infecting their point-of-sale systems with malware.

150817 google marshmallow 03

Cisco patches permission hijacking issue in WebEx Meetings app for Android

Cisco's WebEx Meetings application for Android had a vulnerability that allowed potentially rogue applications to hijack its permissions.

microsoft headquarters

Microsoft enables potential unwanted software detection for enterprise customers

Microsoft has started offering protection against potentially unwanted applications in its anti-malware products for enterprise customers.

dell xps 13

Older Dell devices also affected by dangerous eDellRoot certificate

Users who have Dell Windows-based laptops, desktops, tablets and other devices that were bought before August should check if their systems have the self-signed eDellRoot certificate that can compromise their private communications.