Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

spying eye

Cyberspy group targets South American political figures, journalists

Since 2008, a group of attackers has used off-the-shelf remote access Trojans (RATs) to target political figures, journalists and public figures in several South American countries.

Google

Chrome for Android blocks access to malware and scam websites

Google has implemented Safe Browsing, the blacklisting technology used to block websites that host malware or scams, in Chrome for Android.

security code big data cyberespionage

DDoS attacks increase in number, endanger small organizations

The number of DDoS attacks increased by 180 percent during the third quarter of this year compared to the same period in 2014.

150817 google marshmallow 06

Google patches critical media processing and rooting vulnerabilities in Android

A new batch of security fixes for Android address flaws that could allow attackers to compromise devices via rogue emails, Web pages, and MMS messages.

Lenovo ThinkPad X240 (2)

Security vulnerabilities found in support software from Lenovo, Toshiba, and Dell

Exploits have been published for flaws in Lenovo Solution Center, Toshiba Service Station and Dell System Detect.

security code big data cyberespionage

Russian spy group adopts new tools to hack defense contractor networks

Pawn Storm has adopted new tools in an ongoing attack campaign against defense organizations with the goal of defeating network isolation policies.

victim identity theft computer problem

Widespread exploit kit, ransomware program, and password stealer mixed into dangerous malware cocktail

An ongoing attack campaign combines a very effective password stealer, the most widespread exploit kit, called Angler, and the latest version of the infamous CryptoWall file-encrypting ransomware program.

Digital Key

No more security fixes for older OpenSSL branches

The OpenSSL Software Foundation has released new security patches, but for branches 0.9.8 and 1.0.0 these will likely be the last security updates.

malware payment terminal credit card

New attack campaign against SMBs uses a botnet to deliver PoS malware

A group of sophisticated attackers are breaking into the networks of small and medium-size businesses worldwide with the goal of infecting their point-of-sale systems with malware.

150817 google marshmallow 03

Cisco patches permission hijacking issue in WebEx Meetings app for Android

Cisco's WebEx Meetings application for Android had a vulnerability that allowed potentially rogue applications to hijack its permissions.

microsoft headquarters

Microsoft enables potential unwanted software detection for enterprise customers

Microsoft has started offering protection against potentially unwanted applications in its anti-malware products for enterprise customers.

dell xps 13

Older Dell devices also affected by dangerous eDellRoot certificate

Users who have Dell Windows-based laptops, desktops, tablets and other devices that were bought before August should check if their systems have the self-signed eDellRoot certificate that can compromise their private communications.

generic image of a wi-fi router

Millions of embedded devices use the same hard-coded SSH and TLS private keys

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH host keys or HTTPS server certificates.

03 lenovo 1

Lenovo patches serious vulnerabilities in PC system update tool

For the third time in less than six months PC manufacturer Lenovo has had to update the System Update tool pre-loaded on some of its products for security reasons.

dell xps 13 15

And then there were two: Another dangerous Dell root certificate discovered

After Dell confirmed that one of its support tools installed a dangerous self-signed root certificate and private key on computers, users discovered a similar certificate deployed by a different Dell tool.