Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.


Hacking Team's arsenal included at least three unpatched exploits for Flash Player

The vulnerabilities leveraged by two of the exploits have yet to be patched

Second Flash Player zero-day exploit found in Hacking Team's data

Adobe plans to patch the vulnerability next week, but attackers might move quicker.

PCWorld News

VMware patches vulnerabilities in Workstation, Player, Fusion and Horizon View Client

The flaws could lead to code execution, privilege escalation and denial-of-service

computer security stock image

OpenSSL fixes severe flaw that could enable man-in-the-middle attacks

The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation

Emergency Flash Player updates fix vulnerability used in widespread attacks

A total of 36 flaws were patched, many of them critical

Hacker group that hit Twitter, Facebook, Apple and Microsoft intensifies attacks

The group has been stealing confidential information from large companies worldwide for the past three years.

Cybercriminals start using Flash zero-day exploit leaked from Hacking Team breach

They profit from the one-day window until Adobe expects to release a patch


Researchers find previously unknown exploits among Hacking Team's leaked files

At least one new exploit for Flash Player has been confirmed.


Prepare for a high severity flaw, OpenSSL warns users

Patches will be released on July 9 for OpenSSL 1.0.1 and 1.0.2

computer security stock image

ZeusVM malware building tool leak may cause botnet surge

Any wannabe botnet operator can now create their own army of ZeusVM-infected computers, researchers warn

PCWorld News

Ad fraud Trojan updates Flash Player so that other malware can't get in

Despite being distributed through exploit kits, the Kovter Trojan appears to be ruining their business by patching valuable flaws

PCWorld News

Cisco leaves key to all its Unified CDM systems under doormat

Cisco's Unified Communications Domain Manager software contains a privileged account with a static password that can't be deleted or changed


Attackers abuse legacy routing protocol to amplify DDoS attacks

DDoS attacks can be amplified through SOHO routers that still use the Routing Information Protocol version 1, researchers warn.

computer security stock image

Hacktivist group possibly compromised hundreds of websites

A group called Team GhostShell has published data from hundreds of website databases it claims to have hacked.

PCWorld News

One third of enterprise iOS devices vulnerable to app, data hijacking attacks

Researchers from FireEye found five flaws that can be exploited by rogue apps installed through the iOS enterprise provisioning system