Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

150817 google marshmallow 03

Google makes secure boot, full-disk encryption mandatory for some Android 6.0 devices

Google will require Android devices capable of decent cryptographic performance to enable full-disk encryption by default in order to be declared compatible with Android 6.0.

Emergency Flash Player patch fixes critical flaw being exploited in the wild

Adobe released a patch for a critical vulnerability in Flash Player in response to high-profile cyberespionage attacks against governmental targets.

Security online

Cisco fixes privilege escalation flaws in AnyConnect Secure Mobility Client

The Cisco AnyConnect Secure Mobility Client was updated to fix vulnerabilities that could allow attackers to gain system or root privileges on Windows, Linux and Mac OS X computers.

Android character at MWC 2014 Barcelona

New Android vulnerabilities put over 1 billion devices at risk of remote hacking

Newly discovered vulnerabilities in the way Android processes MP3 and MP4 files can allow attackers to compromise devices by tricking users to visit specifically-crafted Web pages. Meet Stagefright 2.0.

login prompt security screen

Dyreza malware steals IT supply chain credentials

New versions of the Dyreza computer Trojan are configured to steal credentials for order fulfillment, warehousing, inventory management, ecommerce and other IT and supply chain services.

angry linux

A Linux botnet is launching crippling DDoS attacks in excess of 150Gbps

The security response team from Akamai Technologies have observed multiple attacks originating from a Linux botnet recently that have ranged from a few gigabits per second to over 150.

thinkstockphotos 161719626

Newly found TrueCrypt flaw allows full system compromise

James Forshaw, a member of Google's Project Zero team, has recently discovered two serious vulnerabilities in the driver that the TrueCrypt full disk encryption program installs on Windows systems.

security code big data cyberespionage byte

After pushing malware, ad networks also used for DDoS

Experts believe a recent large-scale distributed denial-of-service attack was launched through malicious ads displayed on mobile devices.

The Blackphone 2 front and back

Silent Circle's privacy-centric Blackphone 2 launches with full Play Store support

The Blackphone 2 is designed to meet the management and security needs of enterprises, while not alienating workers who will end up using it for their personal affairs as well.

Digital Key, security, encryption

Cookie handling in browsers can break HTTPS security

Man-in-the-middle attackers can inject cookies over HTTP connections in order to extract information from encrypted HTTPS traffic.

atm cash machine money

New malware program infects ATMs, dispenses cash on command

A new malware program called GreenDispenser infects automated teller machines (ATMs) and allows attackers to extract cash on command.

freefromransomware primary

Ransomware pushers up their game against small businesses

File encrypting ransomware creators are increasingly focusing their attention on small and medium-sized businesses because they're more likely to pay up the ransom fees.

Victim of identity theft

OPM underestimated the number of stolen fingerprints by 4.5 million

The fingerprints of 5.6 million people have been stolen as a result of hackers penetrating the computer systems of the U.S. Office of Personnel Management earlier this year.

Apple iPhone 5S (1)

Thousands of iOS apps infected by XcodeGhost

Security researchers have identified over 4,000 iOS apps that have malicious code added by a rogue version of the Xcode development tool.

Security

HP adds protection against firmware attacks to enterprise printers

Hewlett-Packard has started building defenses against hackers directly into its printers' firmware.