Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

PCWorld News

'Francophoned' cybertheft operation reportedly back in action

Attackers steal funds from French organizations using spear phishing, information-snatching malware and rogue phone calls

android malware

Russian SMS Trojan for Android hits U.S.

Android malware that sends text messages to premium-rate numbers expanded globally over the past year, researchers warn.

Mysterious 'Unflod' malware steals Apple credentials from jailbroken iOS devices

Some iOS users found a malicious library of unknown origin on their jailbroken devices

Web apps and point-of-sale systems were leading hacker targets in 2013, says Verizon

The telco's annual data breach report incorporates data from more sources than ever before

PCWorld News

Satellite communication systems rife with security flaws, vulnerable to remote hacks

Researchers found critical vulnerabilities in satellite communications devices used in the defense, maritime, aerospace and other sectors

tor

Tor anonymity network to shrink as a result of Heartbleed flaw

The Tor Project banned 380 vulnerable entry and exit relays and is eyeing 1,000 more.

facebook

Facebook users targeted by iBanking Android trojan app

A computer Trojan injects messages into Facebook to trick users into installing Android malware, researchers from ESET said

Lavaboom builds encrypted webmail service to resist snooping

The service, inspired by the now-defunct Lavabit, has started accepting registrations for its upcoming beta testing period.

PCWorld News

VMware promises Heartbleed patches for affected products by the weekend

The company has identified over two dozen affected product versions so far and is releasing updates

TrueCrypt source code audit finds no critical flaws or intentional backdoors

pcworld.com

Some vulnerabilities were identified but are likely accidental, security auditors from iSEC Partners said

AT&T hacker Weev released from prison after appeals court overturns conviction

A federal appeals court has ruled that the venue for Auernheimer's prosecution wasn't appropriate

heartbleed bug

Don't overlook URL fetching agents when fixing Heartbleed flaw on servers, researchers say

TLS clients are also vulnerable to Heartbleed memory leaking attacks, including server-side applications that fetch user-supplied URLs

heartbleed bug

Website operators will have a hard time dealing with the Heartbleed vulnerability

Patching the vulnerable OpenSSL software is just the first step, security experts say

Security update for BlackBerry 10 OS fixes remote code execution vulnerability

The vulnerability can be exploited via Wi-Fi when developer mode is active or via a computer USB connection, the manufacturer said

Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest

Adobe Systems addressed two remote code execution flaws, including one demonstrated at the Pwn2Own hacking competition last month.