Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

PCWorld News

Overreliance on the NSA led to weak crypto standard, NIST advisers find

NIST needs to improve its cryptographic expertise in order to challenge advice received from the NSA when developing standards, report says

PCWorld News

New banking malware 'Kronos' advertised on underground forums

Its creators seek to establish the new threat as a premium commercial alternative to older Trojans like Zeus

Future Java 7 security patches will work on Windows XP despite end of official support

Windows XP users will continues to receive Java 7 security updates until at least April 2015, Oracle says

PCWorld News

Microsoft revokes trust in certificate authority operated by the Indian government

A security breach at India's National Informatics Centre resulted in at least 45 rogue digital certificates for Google and Yahoo domains

PCWorld News

Malware hidden in Chinese inventory scanners targeted logistics, shipping firms

Researchers from TrapX discovered a sophisticated multistage cyberespionage attack that started in the supply chain

ssl lock internet

Beyond Google, rogue digital certificates also targeted Yahoo domains, possibly others

The full scope of the security breach is currently unknown, a Google security engineer said

PCWorld News

International law enforcement operation disrupts Shylock banking malware

Police in eight countries worked with security vendors to seize domain names and servers used by the Trojan program

PCWorld News

Botnet brute-forces remote access to point-of-sale systems

A new malware threat scans the Internet for POS systems and tries to access them using common usernames and passwords

avg secure search blowup

Vulnerability in AVG security toolbar puts IE users at risk

Bad design decisions could have enabled malware infections, researchers from CERT/CC said.

android malware

Android bug lets apps make rogue phone calls

The flaw affects the majority of Android devices in use and could easily be exploited by malware to make premium-rate calls.

malware 0 100257425 orig

Attack on Dailymotion redirected visitors to exploits

A rogue iframe injected into the site led visitors to exploits that installed a click-fraud Trojan program, researchers from Symantec said

PCWorld News

Ruby on Rails gets patches for SQL injection vulnerabilities

The two vulnerabilities affect Rails applications that use PostgreSQL as a database system

PCWorld News

Hardcoded SSH key gives backdoor access to Cisco communications manager

Cisco released new software versions to fix the issue and patch another serious vulnerability

PCWorld News

Critical vulnerability in popular WordPress newsletter plug-in endangers many blogs

Attackers could exploit a flaw in the MailPoet Newsletters plug-in to take full control of vulnerable blogs, researchers from Sucuri said

PCWorld News

Israeli security startup firm Hexadite automates cyber incident response

The company claims its product reduces cyber incident response times by up to 95 percent