Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

20160224 stock mwc lenovo booth sign

Lenovo plugs severe security holes in PC support tool preinstalled on PCs

Lenovo has fixed two high severity vulnerabilities in its Lenovo Solution Center support tool that is preinstalled on many laptop and desktop PCs.

malware payment terminal credit card

GozNym Trojan turns its sight on business accounts at major US banks

A hybrid Trojan program created for financial fraud has started redirecting users of four large U.S. banks to rogue websites in order to hijack their accounts.

Digital Key, security, encryption

The number of corporate users hit by crypto ransomware is skyrocketing

The prevalence of ransomware programs, both those that encrypt data and those that don't, has exploded over the past two years, with companies being increasingly targeted.

code big data binary programming

Severe flaws in widely used archive library put many projects at risk

Researchers from Cisco Systems' Talos group found three severe flaws in libarchive that could impact a large number of software products and their users.

malware attack cyberespionage code hacker

Hackers sold access to 170,000 compromised servers, many in the U.S.

The market for hacked servers might be much larger than previously thought, with new evidence suggesting that hackers sold access to over 170,000 compromised servers since 2014, a third of them located in the U.S.

Apple fixes serious flaw in AirPort wireless routers

Apple has released firmware updates for its AirPort wireless base stations in order to fix a vulnerability that could put the devices at risk of hacking.

20160225 stock mwc ericsson booth security locks

5 things you need to know about password managers

New data breaches are coming to light almost weekly and they reveal a simple fact: many people still choose weak passwords and reuse them across multiple sites. Password managers offer a solution.

20151005 cisco headquarters sign

Flaws expose Cisco small-business routers, firewalls to hacking

Three models of Cisco wireless VPN firewalls and routers from the small business RV series contain a critical unpatched vulnerability that attackers can exploit remotely to take control of devices.

microsoft headquarters

Microsoft fixes critical flaws in Windows, IE, Edge, and Office

Microsoft has fixed over 40 vulnerabilities in its products Tuesday, including critical ones in Windows, Internet Explorer, Edge, and Office.

security code big data cyberespionage DDoS

Flash Player zero-day exploit is being used in the wild by a cyberespionage group

Adobe Systems is working on a patch for a Flash Player vulnerability that's currently being exploited in targeted attacks.

padlock and chain, security

Don’t run JavaScript email attachments: ​they​ can carry potent ransomware

Attackers are infecting computers with a new ransomware program called RAA that's written entirely in JavaScript and locks users' files using strong encryption.

Digital Key, security, encryption

Machine learning could help companies react faster to ransomware

Behavior analytics vendor Exabeam applies machine learning to detect ransomware infections and help companies quickly isolate affected computers before the malware spreads.

Data analytics, big data, business, chart, laptop

Industrial control systems vendors get careless about domain squatting

Many companies protect their brands by registering domain names that are very similar to their own, but manufacturers of industrial control systems don't seem to follow suit, potentially leaving customers open to malicious attacks.

malware attack cyberespionage code hacker

When you isolate your industrial control systems don't forget about DNS

Many organizations that run industrial control systems, whether they're manufacturers or public utilities, strive to isolate them from the Internet, but sometimes forget to disallow Domain Name System (DNS) traffic, which provides a stealthy way for malware to exfiltrate data.

security code big data cyberespionage DDoS

Rent-a-botnet services making massive DDoS attacks more common than ever before

There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, four times more than in the previous quarter.