Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

20151005 Cisco headquarters sign

Cisco patches Equation group exploit in IOS, IOS XE and IOS XR devices

Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.

BSOD

Remote Safe Mode attack defeats Windows 10 pass-the-hash defenses

Attackers could remotely force Windows computers into Safe Mode in order to bypass pass-the-hash protections and steal user account credentials.

Google Shop in London

Chrome OS gets cryptographically verified enterprise device management

Companies will now be able to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.

150817 google marshmallow 03

Pokémon Go guide app with half a million downloads hacks Android devices

A rogue Pokémon Go helper application with over 500,000 downloads on Google Play had Trojan code that downloaded root exploits to take over Android devices.

adobe systems headquarters san jose

Adobe fixes critical flaws in Flash Player and Digital Editions

Adobe Systems has fixed over 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.

microsoft headquarters

Microsoft releases one of its biggest security updates this year

Microsoft released one of its biggest security updates this year, fixing 50 vulnerabilities in its products and 26 more in Flash Player which is bundled with its Edge browser.

20160224 stock mwc internet of things iot sign

Hackers found 47 new vulnerabilities in 23 smart devices at DEF CON

Hackers found and disclosed 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers during during the IoT Village at DEF CON.

security code big data cyberespionage byte

MySQL zero-day exploit puts some servers at risk of hacking

A publicly disclosed vulnerability in the MySQL database could allow attackers to completely compromise some servers

segate central NAS

Thousands of Seagate NAS boxes host cryptocurrency mining malware

Thousands of publicly accessible FTP servers, including many Seagate network-attached storage devices, are being used by criminals to malware that mines cryptocurrency.

xen project hypervisor panda mascot

Xen Project patches serious virtual machine escape flaws

The Xen Project has fixed four vulnerabilities in its widely used virtualization software, two of which could allow malicious virtual machine administrators to take over host servers.

HTTP Internet website

Google Chrome to start marking HTTP connections as insecure

To push more websites to implement encryption and to better protect users, Google will start flagging plain HTTP connections as insecure in its popular Chrome browser.

USB armory

A USB device is all it takes to steal credentials from locked PCs

A security researcher demonstrated that all it takes to steal an OS account's password hash from a Windows computer in a locked state, is to plug in a special USB device for a few seconds.

security code big data cyberespionage DDoS

Google Safe Browsing gives more details to compromised website owners

Google is now providing more information to website owners whose online properties are temporarily blocked as unsafe by its Safe Browsing technology in order to help them fix the identified problems faster.

150817 google marshmallow 03

Google's 3-level Android patch could cause confusion

Google released a large monthly batch of security patches for Android, fixing 55 vulnerabilities, eight of which are rated critical.

malware attack cyberespionage code hacker

Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that despite running from user mode, can be hard to detect and remove.