Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

AT&T hacker Weev released from prison after appeals court overturns conviction

A federal appeals court has ruled that the venue for Auernheimer's prosecution wasn't appropriate

heartbleed bug

Don't overlook URL fetching agents when fixing Heartbleed flaw on servers, researchers say

TLS clients are also vulnerable to Heartbleed memory leaking attacks, including server-side applications that fetch user-supplied URLs

heartbleed bug

Website operators will have a hard time dealing with the Heartbleed vulnerability

Patching the vulnerable OpenSSL software is just the first step, security experts say

Security update for BlackBerry 10 OS fixes remote code execution vulnerability

The vulnerability can be exploited via Wi-Fi when developer mode is active or via a computer USB connection, the manufacturer said

Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest

Adobe Systems addressed two remote code execution flaws, including one demonstrated at the Pwn2Own hacking competition last month.

Cybercriminals use sophisticated PowerShell-based malware

Two separate threats that use malicious Windows PowerShell scripts were identified in the past few weeks by malware researchers.

Yahoo email anti-spoofing policy breaks mailing lists

Yahoo moved to a more aggressive DMARC policy that creates email delivery issues on mailing lists for yahoo.com users, email experts said

PCWorld News

Low adoption rate of HSTS website security mechanism is worrying, EFF says

The advocacy group cites insufficient awareness among developers and lack of support across all browsers as the likely reasons

Drive-by hack discovered in top video-sharing site

Attackers exploited the vulnerability to hijack 22,000 browsers and launch a large-scale DDoS attack, researchers from Incapsula said. But which site?

Malware virus

Microsoft to start blocking annoying adware by default

The company revised the policies for classifying, detecting and handling adware programs in its security software

Users face serious threat as hackers take aim at routers, embedded devices

Attacks are likely to continue and manufacturers are largely unprepared to respond, security researchers say

PCWorld News

Researchers publicly disclose vulnerabilities in Oracle Java Cloud Service

The flaws could allow attackers to break into Java applications hosted on the service, researchers from Security Explorations said

Hacked passwords can enable remote unlocking, tracking of Tesla cars

Tesla Motors accounts that enable remote car control are only protected by six-character passwords, researcher says.

Philips smart TVs open to wireless attacks, researchers say

The latest firmware for some Philips smart TVs opens an insecure Miracast wireless network by default, security researchers from ReVuln said.

PCWorld News

Cisco fixes denial-of-service flaws in IOS software for networking devices

Seven vulnerabilities that could lead to device reboots and other performance issues were patched in various IOS components