Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Adobe fixes critical flaws in Flash Player, delays Reader and Acrobat updates

The new Flash Player update patches 12 vulnerabilities, many of which could allow remote code execution

encryptitall

Encryption failures fixed in popular PGP email security tool Enigmail

Users of Enigmail 1.7 are advised to upgrade to version 1.7.2 as soon as possible

PCWorld News

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

icloud red bckgnd

Hackers launch Apple ID phishing campaign playing on iCloud security worries

Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said

photosforosx

Cyberespionage group uses port of Windows backdoor to attack OS X

The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said.

LinkedIn profile

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

PCWorld News

Hackers exploit critical vulnerability in popular WordPress theme component

WordPress admins should check if their sites use the Slider Revolution plug-in and update it immediately, researchers said

PCWorld News

Twitter launches bug bounty program

The company will pay researchers at least $140 for privately reporting serious vulnerabilities in its Web services and mobile apps

PCWorld News

Attack hijacks DNS settings on home routers in Brazil

Attackers use cross-site request forgery techniques to change router settings when users visit malicious websites

malware 0 100257425 orig 100309194 large

Hackers make drive-by download attacks stealthier with fileless infections

New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found.

PCWorld News

Reconnaissance code on industrial software site points to watering hole attack

Attackers are using a sophisticated Web-based tool to gather information on potential targets, researchers from AlienVault said

cryptowall mimicking cryptolocker

CryptoWall ransomware held over 600K computers hostage, encrypted 5 billion files

The gang behind this dangerous ransomware program has earned US$1 million so far, researchers from Dell SecureWorks said

Mozilla accidentally left email addresses, passwords of 97k Bugzilla users out in the open

It's the second database exposure incident reported by the organization in a month, but the passwords were encrypted.

securityshowdown primary

Security vulnerabilities on the decline but risk assessment is often flawed, says IBM

The number of vulnerabilities could reach a three-year low in 2014, but correctly assessing their risk can be hard, IBM researchers said

PCWorld News

New malvertising campaign hit visitors of several high-profile sites

Attackers redirected users to Web-based exploits by pushing malicious advertisements onto popular sites, researchers from Fox-IT said