Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

microsoft headquarters

Microsoft fixes critical flaws in Windows, IE, Edge, and Office

Microsoft has fixed over 40 vulnerabilities in its products Tuesday, including critical ones in Windows, Internet Explorer, Edge, and Office.

security code big data cyberespionage DDoS

Flash Player zero-day exploit is being used in the wild by a cyberespionage group

Adobe Systems is working on a patch for a Flash Player vulnerability that's currently being exploited in targeted attacks.

padlock and chain, security

Don’t run JavaScript email attachments: ​they​ can carry potent ransomware

Attackers are infecting computers with a new ransomware program called RAA that's written entirely in JavaScript and locks users' files using strong encryption.

Digital Key, security, encryption

Machine learning could help companies react faster to ransomware

Behavior analytics vendor Exabeam applies machine learning to detect ransomware infections and help companies quickly isolate affected computers before the malware spreads.

Data analytics, big data, business, chart, laptop

Industrial control systems vendors get careless about domain squatting

Many companies protect their brands by registering domain names that are very similar to their own, but manufacturers of industrial control systems don't seem to follow suit, potentially leaving customers open to malicious attacks.

Web attack silently modifies DNS configurations in routers

When you isolate your industrial control systems don't forget about DNS

Many organizations that run industrial control systems, whether they're manufacturers or public utilities, strive to isolate them from the Internet, but sometimes forget to disallow Domain Name System (DNS) traffic, which provides a stealthy way for malware to exfiltrate data.

security code big data cyberespionage DDoS

Rent-a-botnet services making massive DDoS attacks more common than ever before

There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, four times more than in the previous quarter.

security hacker

Check your BITS, because deleting malware might not be enough

Attackers are abusing the Windows Background Intelligent Transfer Service (BITS) to re-infect computers with malware after they've already been cleaned by antivirus products.

code big data binary programming

Widespread exploits evade protections enforced by Microsoft EMET

Hackers have launched large-scale attacks that are capable of bypassing the security protections added by Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a tool whose goal is to stop software exploits.

Mark Zuckerberg (1)

Hackers breach social media accounts of Mark Zuckerberg and other celebrities

Over the weekend hackers have managed to gain access to Facebook founder Mark Zuckerberg's Twitter and Pinterest accounts, as well as the social media accounts of other celebrities.

150817 google marshmallow 06

Android gets patches for serious flaws in hardware drivers and media server

The June batch of Android security patches address nearly two dozen vulnerabilities in system drivers for various hardware components from several chipset makers.

wordpress logo

A new WordPress plug-in exploit endangers thousands of websites

Since last week attackers have exploited an unpatched vulnerability in a WordPress plug-in called WP Mobile Detector that was installed on over 10,000 websites.

security code big data cyberespionage DDoS

Mysterious malware targets industrial control systems, borrows Stuxnet techniques

Researchers have found a malware program that was designed to manipulate supervisory control and data acquisition (SCADA) systems in order to hide the real readings from industrial processes.

xx

Extortion schemes expand, threatening consumers and businesses with data leaks

Hackers use high-profile data breaches as opportunity to extort money from victims by threatening to release personal and sensitive data about them.

20160224 stock mwc lenovo booth sign

Lenovo advises users to remove a vulnerable support tool preinstalled on their systems

PC maker Lenovo is recommending users remove an application preloaded on their computers because it contains a high-severity flaw that could allow attackers to take over their systems.