Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Microsoft CEO Satya Nadella

Microsoft touts new, holistic approach to enterprise security

Microsoft combines the attack protection, detection and response features built into Windows 10, Office 365, Azure and the Microsoft Enterprise Mobility Suite to help enterprises improve their operational security posture.

Siegfried Rasthofer Steven Arzt Black Hat Europe 2015

Millions of sensitive records exposed by mobile apps leaking back-end credentials

Thousands of mobile applications use cloud-based, back-end services in an insecure way, allowing anyone to access millions of sensitive records created by users, according to a recent study.

security code big data cyberespionage DDoS

State-sponsored cyberspies inject victim profiling and tracking scripts in strategic websites

Security researchers from FireEye have discovered an attack campaign that has injected computer profiling and tracking scripts into over 100 websites visited by business executives, diplomats, government officials and academic researchers.


BitLocker encryption can be defeated with trivial Windows authentication bypass

A researcher disclosed a trivial Windows authentication bypass that puts data on BitLocker-encrypted laptops at risk.

nikhil mittal black hat europe 2015

Continuous integration tools can be the Achilles heel for a company's IT security

Some of the most popular continuous integration tools used by software development teams have not been designed with security in mind and can open a door for attackers to compromise enterprise networks.

self encrypting hard drives black hat europe 2015

Self-encrypting drives are hardly any better than software-based encryption

Two researchers demonstrated attacks against self-encrypting drives used in enterprise environments at the Black Hat Europe conference in Amsterdam.

code big data binary programming

Thousands of Java applications vulnerable to nine-month-old remote code execution exploit

A serious vulnerability in a popular Java library puts thousands of Java applications and servers at risk of remote code execution attacks.

Digital Key, security, encryption

First Linux ransomware program cracked, for now

Malware researchers from Bitdefender created a tool to recover files encrypted with a ransomware program called Linux.Encoder.1.

security code big data cyberespionage DDoS

Iranian cyberespionage group attacked over 1,600 high-profile targets in one year

A cyberespionage group with possible ties to the Iranian government has targeted over 1,600 defense officials, diplomats, researchers, human rights activists, journalists and other high-profile individuals around the world.


File-encrypting ransomware starts targeting Linux web servers

After targeting consumer and then business computers, ransomware authors are now going after Web servers.

Security online

Deploying application whitelisting? NIST has some advice for you

The U.S. National Institute of Standards and Technology (NIST) has published a guide to application whitelisting that explains the technology in detail and offers practical advice for how it should be used.

hack security malware

Nasty new ransomware program threatens to leak your files online

In addition to encrypting people's private files a new ransomware program dubbed Chimera threatens to publish those files on the Internet.

150817 google marshmallow 06

Trojanized Android apps flood third-party stores, compromise phones

Researchers from mobile security firm Lookout have found over 20,000 samples of trojanized apps that root devices.

victim identity theft computer problem

VBulletin resets passwords, issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 340,000 accounts on its website following a security breach and released emergency security patches for its popular Internet forum software that's used on tens of thousands of websites.

edgeplus 2448

Google researchers poke holes in Galaxy S6 Edge, show phone makers add risky code

Google's security researchers found 11 serious vulnerabilities in Samsung's Galaxy S6 Edge phone in code that was added by the manufacturer.