Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

BitTorrent

BitTorrent dismisses Sync security concerns

The cryptographic implementation is solid and cannot be compromsied through a remote server, the company said

encryptitall

EFF, Mozilla back new certificate authority that will offer free SSL certificates

The new CA is called Let's Encrypt and its goal is to encourage the widespread adoption of SSL/TLS on the Internet

coinvault gui

New ransomware CoinVault allows users to decrypt one file for free

Cybercriminals use a popular freebie tactic in an attempt to increase the success rate of its ransomware.

shellshock bug

Shellshock-exploiting Bash malware targets embedded devices running BusyBox

Attackers use malware dubbed Bashlite to scan for and install backdoors on routers and other systems running BusyBox

tor logo 2 100056774 large

Rogue, malware-spewing Tor exit node tied to cyber espionage group

There is strong evidence that it was used to target European government agencies, researchers from F-Secure said.

PCWorld News

Sonatype aims to help developers reduce risk from open-source components

The Sonatype Component Lifecycle Management 2.0 tracks vulnerable third-party components used in software

PCWorld News

Microsoft fixes critical crypto flaw, strenghtens encryption for older systems

A vulnerability in the Microsoft SChannel component could expose servers to remote code execution attacks

PCWorld News

First Stuxnet victims were five Iranian industrial automation companies

To reach the uranium enrichment plant at Natanz, Stuxnet's creators likely targeted Iranian companies tied to it, researchers said

Adobe fixes 18 critical vulnerabilities in Flash Player

Fifteen of them are critical and can result in remote code execution

8 securitytips primary 100024721 large

Microsoft bolsters EMET security tool with hardened exploit mitigations

EMET 5.1 fixes incompatibilities detected between certain mitigations and popular software programs

PCWorld News

Cyberespionage group targets traveling execs through hotel networks

The group infects the network access Web portals used by hotels and business centers to target specific guests

PCWorld News

DigiCert is considering SSL certificates for more Tor hidden services

The company has received requests for .onion SSL certificates after issuing one to Facebook

PCWorld News

WireLurker attacks against iOS devices also launched from Windows PCs

Researchers find Windows applications designed to infect iOS devices with an older WireLurker malware variant

PCWorld News

Informational Wi-Fi traffic can be used as covert communication channel for malware

Data packets used by wireless access points to advertise their capabilities can be used to control malware running on nearby computers

PCWorld News

Cisco patches serious vulnerabilities in small business RV Series routers

The flaws allow attackers to execute commands, overwrite files and launch CSRF attacks