Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

PCWorld News

Web server malware for Nginx, Apache advertised on underground market

Effusion malware infects Web servers and injects rogue content into websites

BitTorrent develops secure, decentralized chat program using public-key crypto

pcworld.com

The program will use the BitTorrent DHT peer finding protocol to locate contacts without a central server

isight camera

Researchers: Older Mac webcams can spy without activating warning light

Researchers from Johns Hopkins University created an application that can disable the LED on first-generation iSight cameras while in use.

PCWorld News

New DDoS malware targets Linux and Windows systems

Attackers use brute-force methods to guess SSH passwords and install the malware on Linux servers

PCWorld News

Mass surveillance prompts work on SSL deployment guidelines by a Internet-friendly group

A new working group of the Internet Engineering Task Force will develop best practices for deploying and using SSL/TLS with several Internet communication protocols.

PCWorld News

Attackers exploited ColdFusion vulnerability to install Microsoft IIS malware

The malware works as an IIS module and can capture data entered by users in Web forms

EFF criticizes Google for removing 'vital privacy feature' with Android 4.4.2

The new Android update disables a feature that allowed users to revoke permissions for installed apps.

PCWorld News

Mozilla advises webmasters to implement X-Frame-Options security header

The header can easily solve many security problems, a Mozilla security engineer said

PCWorld News

Nvidia exploit could turn render farms into password crackers, bitcoin miners, researchers claim

A flaw in Nvidia Mental Ray software can be exploited to compromise server clusters used for 3D rendering, researchers from ReVuln said.

adobe flash logo

Adobe patches critical vulnerabilities in Flash Player, Shockwave

An exploit targets one of the vulnerabilities by using Flash content embedded in Microsoft Word documents, Adobe warns

PCWorld News

Update vulnerability in third-party SDK exposes some Android apps to attacks

Attackers could force apps using the HomeBase SDK to download and execute rogue code, researchers from Bitdefender said,

Hackers said to infiltrate European foreign affairs ministries ahead of G20

Syria-themed rogue emails were used to infect computers of foreign affairs ministers in five European countries, FireEye researchers said

PCWorld News

French government sub-CA issues unauthorized certificates for Google domains

The certificates were used to inspect encrypted traffic on a private network, Google said.

Russia arrests creator of the devastating Blackhole exploit kit, 12 others

The suspects are charged with creating and participating in a criminal organization.

New website lets users check if their online credentials were exposed in hack attacks

The site combines email addresses corresponding to accounts exposed in data breaches at Adobe, Yahoo, Stratfor, Gawker and Sony