Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Privacy lapses riddle majority of mobile apps, data protection authorities find

One in three applications request excessive permissions, and privacy information is inadequate in 85 percent of them, a study found

PCWorld News

Vulnerability in popular Joomla e-commerce extension puts online shops at risk

The security issue might affect other extensions as well, researchers from Sucuri said

PCWorld News

VMware patches third-party components in vSphere platform

VCenter Server and ESXi patches update the bundled versions of Apache Struts, Apache Tomcat, glibc and JRE

gmail logo

Five million Gmail addresses and passwords dumped online

The data was not likely stolen from Google, but from other websites, researchers said

Adobe fixes critical flaws in Flash Player, delays Reader and Acrobat updates

The new Flash Player update patches 12 vulnerabilities, many of which could allow remote code execution

encryptitall

Encryption failures fixed in popular PGP email security tool Enigmail

Users of Enigmail 1.7 are advised to upgrade to version 1.7.2 as soon as possible

PCWorld News

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

icloud red bckgnd

Hackers launch Apple ID phishing campaign playing on iCloud security worries

Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said

photosforosx

Cyberespionage group uses port of Windows backdoor to attack OS X

The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said.

LinkedIn profile

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

PCWorld News

Hackers exploit critical vulnerability in popular WordPress theme component

WordPress admins should check if their sites use the Slider Revolution plug-in and update it immediately, researchers said

PCWorld News

Twitter launches bug bounty program

The company will pay researchers at least $140 for privately reporting serious vulnerabilities in its Web services and mobile apps

PCWorld News

Attack hijacks DNS settings on home routers in Brazil

Attackers use cross-site request forgery techniques to change router settings when users visit malicious websites

malware 0 100257425 orig 100309194 large

Hackers make drive-by download attacks stealthier with fileless infections

New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found.

PCWorld News

Reconnaissance code on industrial software site points to watering hole attack

Attackers are using a sophisticated Web-based tool to gather information on potential targets, researchers from AlienVault said