Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Data center servers

Hackers infect MySQL servers with malware for DDoS attacks

Hackers infect MySQL database servers with a malware program that's used to launch distributed denial-of-service (DDoS) attacks.

Digital Key

Google threatens action against Symantec-issued SSL certificates following botched investigation

Google wants Symantec to publicly disclose all the certificates it issues and to undergo a third-party security audit after an incident involving the CA issuing unauthorized certificates as part of internal testing.

Cars on a busy street

U.S. copyright law exemption allows good-faith car, medical device hacking

The U.S. Copyright Office added security research on cars and medical devices to the list of exemptions from the rules prohibiting the circumvention of access controls that are used to protect works.

spying eye

South Korean manufacturing industry targeted with new backdoor program

South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.

victim identity theft computer problem

Webmasters have only hours to deploy patches, Joomla incident shows

Less than four hours after a critical vulnerability was patched in Joomla, security firms already detected attacks exploiting the flaw.


Germany probes Regin-powered cyberespionage

The head of a German Federal Chancellery unit reportedly had his laptop infected with Regin, a cyberespionage program believed to be used by the U.S. National Security Agency and its closest intelligence allies.

Malaysia Airlines

Russian cyberspies targeted the MH17 crash investigation

A Russian cyberespioange group tried to infiltrate the international investigation into the crash of Malaysia Airlines Flight 17 (MH17) that was shot down by a missile over Ukraine in July 2014.

ip camera

Attackers hijack CCTV cameras and network-attached storage devices to launch DDoS attacks

A recently detected distributed denial-of-service (DDoS) attack was launched from 900 compromised CCTV cameras that were hijacked by hackers.

Digital Key

Mozilla mulls early cutoff for SHA-1 digital certificates

Mozilla is considering banning digital certificates signed with the SHA-1 algorithm in July 2016.

Security online

Oracle slams door on Russian cyberspies who hacked Nato PCs through Java

Oracle fixed a vulnerability in Java that a Russian cyberespionage group used to launch stealthy exploits against NATO member countries earlier this year.

my passport

Western Digital encrypted external hard drives have flaws that can expose data

The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.

150817 google marshmallow 03

Google makes secure boot, full-disk encryption mandatory for some Android 6.0 devices

Google will require Android devices capable of decent cryptographic performance to enable full-disk encryption by default in order to be declared compatible with Android 6.0.

Emergency Flash Player patch fixes critical flaw being exploited in the wild

Adobe released a patch for a critical vulnerability in Flash Player in response to high-profile cyberespionage attacks against governmental targets.

Security online

Cisco fixes privilege escalation flaws in AnyConnect Secure Mobility Client

The Cisco AnyConnect Secure Mobility Client was updated to fix vulnerabilities that could allow attackers to gain system or root privileges on Windows, Linux and Mac OS X computers.

Android character at MWC

New Android vulnerabilities put over 1 billion devices at risk of remote hacking

Newly discovered vulnerabilities in the way Android processes MP3 and MP4 files can allow attackers to compromise devices by tricking users to visit specifically-crafted Web pages. Meet Stagefright 2.0.