Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

PCWorld News

New point-of-sale malware distributed by Andromeda botnet

Attackers use spam to infect systems with the Andromeda backdoor and then deploy GamaPoS on select point-of-sale machines

hackingback

Encrypted Web and Wi-Fi in danger as RC4 attacks become more practical

Researchers show they can recover sensitive cookies from RC4-encrypted TLS connections in 75 hours

java

Oracle patches already-exploited Java zero-day flaw, over 190 other vulnerabilities

Users should update Java as soon as possible because attackers are already taking advantage of at least one vulnerability.

hackingback

Hacking Team's malware uses a UEFI rootkit to survive operating system reinstalls

The feature allows the company's software to persist even if the hard disk drive if replaced.

PCWorld News

Cyberespionage group Pawn Storm uses exploit for unpatched Java flaw

The exploit was used in attacks against the armed forces of a NATO country and a U.S. defense organization

hackingback

Hacking Team's arsenal included at least three unpatched exploits for Flash Player

The vulnerabilities leveraged by two of the exploits have yet to be patched

Second Flash Player zero-day exploit found in Hacking Team's data

Adobe plans to patch the vulnerability next week, but attackers might move quicker.

PCWorld News

VMware patches vulnerabilities in Workstation, Player, Fusion and Horizon View Client

The flaws could lead to code execution, privilege escalation and denial-of-service

computer security stock image

OpenSSL fixes severe flaw that could enable man-in-the-middle attacks

The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation

Emergency Flash Player updates fix vulnerability used in widespread attacks

A total of 36 flaws were patched, many of them critical

Hacker group that hit Twitter, Facebook, Apple and Microsoft intensifies attacks

The group has been stealing confidential information from large companies worldwide for the past three years.

Cybercriminals start using Flash zero-day exploit leaked from Hacking Team breach

They profit from the one-day window until Adobe expects to release a patch

hackingback

Researchers find previously unknown exploits among Hacking Team's leaked files

At least one new exploit for Flash Player has been confirmed.

encryptitall

Prepare for a high severity flaw, OpenSSL warns users

Patches will be released on July 9 for OpenSSL 1.0.1 and 1.0.2

computer security stock image

ZeusVM malware building tool leak may cause botnet surge

Any wannabe botnet operator can now create their own army of ZeusVM-infected computers, researchers warn