Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

credit cards generic

American Express aims to dump credit card numbers for tokens

The company's token service allows merchants and mobile payment providers to stop working with sensitive payment card numbers

PCWorld News

Google to kill off SSL 3.0 in Chrome 40

A vulnerability in SSL 3.0 enabled the POODLE attack. In the meantime, Chrome 39 will no longer support SSL 3.0 fallback for TLS connections.

PCWorld News

Vulnerabilities found in more command-line tools, wget and tnftp get patches

Flaws identified in wget and tnftp allow malicious servers to execute rogue commands on users' systems

drupal logo

Drupal users: Assume your site was hacked if you didn't apply Oct. 15 patch immediately

Drupal site owners who failed to rapidly deploy a recent critical patch were advised to restore their sites from backups

PCWorld News

Cybercriminals create platform for automating rogue credit card charges

The developers claim it can emulate human interaction to trick payment gateways

PCWorld News

Attack campaign infects industrial control systems with BlackEnergy malware

Customers of three SCADA human-machine interface products from different vendors were potentially affected, ICS-CERT said

PCWorld News

Security vendor coalition cleans 43,000 malware infections used for cyberespionage

The removed tools were used by a prolific Chinese cyberespioange group dubbed Axiom

PCWorld News

Vulnerability in widely used 'strings' utility could spell trouble for malware analysts

Extracting text strings from binary files is not as safe as most people think, a security researcher found

Sophisticated phishing attacks launched against Outlook Web App users

The group targeted military agencies, embassies, defense contractors and media organizations, researchers from Trend Micro said

yahoo sign

Facebook and Yahoo prevent use of recycled email addresses to hijack accounts

A new mechanism helps email servers determine if a message was intended for a recycled account's previous owner

PCWorld News

Abandoned subdomains pose security risk for businesses

Attackers could hijack subdomains pointed by companies at external services they no longer use, researchers say

yahoo logo

Massive malvertising campaign on Yahoo, AOL and other sites delivers ransomware

The malicious ads exploited vulnerabilities to install the CryptoWall ransomware on computers, researchers from Proofpoint said

android malware

Android ransomware 'Koler' turns into a worm, spreads via SMS

The Koler ransomware locks the device screen and displays fake messages from police agencies

Flash vulnerability being exploited in large-scale attacks, mere days after patch

The Fiesta exploit kit bundles an exploit for the CVE-2014-0569 vulnerability in Flash Player, researchers found

PCWorld News

Researcher creates proof-of-concept worm for network-attached storage devices

Infecting NAS devices with malware can be very valuable for attackers, a researcher said