Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

osxyosemite

Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.

Security online

Adobe patches flaws in ColdFusion, LiveCycle Data Services and Premiere Clip

Adobe fixed important vulnerabilities in its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app.

Microsoft CEO Satya Nadella

Microsoft touts new, holistic approach to enterprise security

Microsoft combines the attack protection, detection and response features built into Windows 10, Office 365, Azure and the Microsoft Enterprise Mobility Suite to help enterprises improve their operational security posture.

Siegfried Rasthofer Steven Arzt Black Hat Europe 2015

Millions of sensitive records exposed by mobile apps leaking back-end credentials

Thousands of mobile applications use cloud-based, back-end services in an insecure way, allowing anyone to access millions of sensitive records created by users, according to a recent study.

security code big data cyberespionage

State-sponsored cyberspies inject victim profiling and tracking scripts in strategic websites

Security researchers from FireEye have discovered an attack campaign that has injected computer profiling and tracking scripts into over 100 websites visited by business executives, diplomats, government officials and academic researchers.

bitlockericonhero

BitLocker encryption can be defeated with trivial Windows authentication bypass

A researcher disclosed a trivial Windows authentication bypass that puts data on BitLocker-encrypted laptops at risk.

nikhil mittal black hat europe 2015

Continuous integration tools can be the Achilles heel for a company's IT security

Some of the most popular continuous integration tools used by software development teams have not been designed with security in mind and can open a door for attackers to compromise enterprise networks.

self encrypting hard drives black hat europe 2015

Self-encrypting drives are hardly any better than software-based encryption

Two researchers demonstrated attacks against self-encrypting drives used in enterprise environments at the Black Hat Europe conference in Amsterdam.

code big data binary programming

Thousands of Java applications vulnerable to nine-month-old remote code execution exploit

A serious vulnerability in a popular Java library puts thousands of Java applications and servers at risk of remote code execution attacks.

Digital Key

First Linux ransomware program cracked, for now

Malware researchers from Bitdefender created a tool to recover files encrypted with a ransomware program called Linux.Encoder.1.

security code big data cyberespionage

Iranian cyberespionage group attacked over 1,600 high-profile targets in one year

A cyberespionage group with possible ties to the Iranian government has targeted over 1,600 defense officials, diplomats, researchers, human rights activists, journalists and other high-profile individuals around the world.

encryptitall

File-encrypting ransomware starts targeting Linux web servers

After targeting consumer and then business computers, ransomware authors are now going after Web servers.

Security online

Deploying application whitelisting? NIST has some advice for you

The U.S. National Institute of Standards and Technology (NIST) has published a guide to application whitelisting that explains the technology in detail and offers practical advice for how it should be used.

hack security malware

Nasty new ransomware program threatens to leak your files online

In addition to encrypting people's private files a new ransomware program dubbed Chimera threatens to publish those files on the Internet.

150817 google marshmallow 06

Trojanized Android apps flood third-party stores, compromise phones

Researchers from mobile security firm Lookout have found over 20,000 samples of trojanized apps that root devices.