Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

microsoft stock campus building

Microsoft pushes out critical Flash Player patches with one week delay

After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.

code big data binary programming

Java and Python FTP attacks can punch holes through firewalls

The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.

code hacker cyberespionage eye data

Hackers behind bank attack campaign use Russian as decoy

The hackers behind a sophisticated attack campaign that has targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.

20160224 stock mwc freeway cars traffic barcelona

Insecure Android apps put connected cars at risk

Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could allow hackers to easily hijack their functionality.

malware attack cyberespionage code hacker

Israeli soldiers hit in cyberespionage campaign using Android malware

More than 100 members of the Israel Defense Forces, the majority of them stationed around the Gaza strip, fell victim to a cyberespionage attack that used malicious Android applications to steal information from their mobile devices.

microsoft stock campus building

Microsoft's monthlong delay of security patches may pose risks, experts say

There won't be any patches from Microsoft this month, as the company has decided to bundle them together with the patches scheduled for March.

code programming software bugs cybersecurity

JavaScript-based ASLR bypass attack simplifies browser exploits

Researchers have devised a new attack that can bypass address space layout randomization (ASLR) in browsers and possibly other applications.

code hacker cyberespionage eye data

Russian cyberspies blamed for U.S. election hacks are now targeting Macs

Security researchers have discovered a macOS malware program that's likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.

person smartphone office table byod roaming

Forget the network perimeter, say security vendors

Security vendors start embracing Google's BeyondCorp network security model that treats all apps and devices as being on the Internet instead of assigning higher trust to local networks.

Fraud gang targeted large European companies

Recent malware attacks on Polish banks tied to wider hacking campaign

Malware attacks that recently put the Polish banking sector on alert were part of a larger campaign that targeted financial organizations from over 30 countries.

wordpress

Recent WordPress vulnerability used to deface 1.5 million pages

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven't yet applied a recent patch for a critical vulnerability.

security code big data cyberespionage DDoS

Windows Trojan hacks into embedded devices to install Mirai

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable.

malware attack cyberespionage code hacker

Hard-to-detect fileless attacks target banks, other organizations

A wave of attacks that have recently affected banks and other enterprises used open-source penetration testing tools loaded directly into memory instead of traditional malware, making their detection much harder.

Fraud gang targeted large European companies

Polish banks on alert after mystery malware found on computers

Malware discovered on computers and servers of several Polish banks has put the country's financial sector in alert over potential compromises.

keyboard user security

Beware! Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users.