Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

PCWorld News

Cisco small business phones open to remote eavesdropping, calling

An authentication flaw allows attackers to listed to audio streams and make calls from Cisco SPA 300 and 500 IP phones

PCWorld News

New attacks suggest leeway for patching Flash Player is shrinking

It took one week from Adobe's fix to mass exploitation for a recent Flash Player flaw

hacker hand

Chrome, Firefox, Explorer, Safari were all hacked at Pwn2Own contest

Most of the successful attacks daisychained multiple vulnerabilities to gain access. Adobe Reader and Flash Player fell as well.

thinkstockphoto 510357361

At least 700,000 routers that ISPs gave to their customers are vulnerable to hacking

The devices have serious flaws that enable unauthorized remote access and DNS hijacking, a researcher found

PCWorld News

OpenSSL fixes serious denial-of-service bug, 11 other flaws

The scare of a second Heartbleed was unjustified

PCWorld News

IT manager gets certificate for Microsoft domain, tries to report it but gets in trouble

He tried to alert the company in January, but the company never got his emails, and later suspended his Microsoft account

PCWorld News

EMET security tool updated to prevent VBScript God Mode attacks

Microsoft was forced to release EMET 5.2 again because customers experienced issues with the first variant

encryptitall

Microsoft blacklists fraudulently issued Windows Live SSL certificate

An unauthorized party managed to obtain a SSL certificate for Microsoft's live.fi domain name.

password

Why Yahoo's new on-demand password system is no two-factor authentication killer

The new authentication option offers better security than static passwords, but it's not as strong as two-step verification

usb high voltage death machine

'USB Killer' is a flash drive designed to fry your laptop

A hardware enthusiast created a USB thumb drive that can discharge a high voltage into a computer's USB interface

World of Warcraft: Cataclysm

New ransomware program targets gamers

Ugh - the program encrypts game saves, mods, maps and other user-generated content for a large number of popular games.

hackingback

Over a million WordPress websites at risk because of flaw in popular SEO plug-in

The vulnerability in a plug-in from Yoast exposes sites to SQL injection attacks

PCWorld News

Code name found in Equation group malware suggests link to NSA

The name matches an NSA project listed in a secret document leaked by Edward Snowden

hacker hand

Windows PCs remained vulnerable to Stuxnet-like attacks despite 2010 patch

A Microsoft patch for an exploit used by the Stuxnet worm was incomplete, researchers found

PCWorld News

Snowden docs show CIA's attempts to defeat Apple device security

A secret CIA-sponsored conference reportedly hosted talks on stealing encryption keys from Apple devices and infecting them with malware