Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Digital Key, security, encryption

Google, Microsoft, Yahoo and others publish new email security standard

Engineers from Google, Microsoft, Yahoo, Comcast, LinkedIn and 1&1 have devised a new mechanism that improves the encryption of email traffic.

Security online

Pwn2Own contest highlights renewed hacker focus on kernel issues

Hackers have used 21 new vulnerabilities in their attacks against browsers and operatings systems during this year's Pwn2Own hacking contest.

security code big data cyberespionage byte

Safari, Chrome and Flash Player hacked during first day at Pwn2Own, some of them twice

Security researchers exploited previously unknown vulnerabilities in Apple Safari, Google Chrome and Flash Player to compromise the latest versions of OS X and Windows during the first day of the annual Pwn2Own hacking contest.

xx

Attack campaign uses keylogger to hijack key business email accounts

A new email-based attack campaign is targeting key employees from companies in the US, Middle East and Asia with the goal of compromising their computers and email accounts.

security hacker

Cyberespionage groups are stealing digital certificates to sign malware

An increasing number of cyberespionage groups are using stolen code-signing certificates to make their hacking tools and malware look like legitimate applications.

symantec encryption everywhere logo

Symantec partners with hosting providers to offer free TLS certificates to websites

Symantec will offer free basic SSL/TLS certificates to domain owners through Web hosting companies that join its new Encryption Everywhere program.

malware infection cyberattack

Documents with malicious macros deliver fileless malware to financial-transaction systems

A new spam campaign combines documents with malicious macros, encoded PowerShell scripts and fileless malware to compromise computers used for financial transactions, researchers from Palo Alto Networks found.

Java logo browser

Two-year-old Java flaw re-emerges due to broken patch

A two-year-old vulnerability in Java can still be exploited in the latest versions because the patch for it is ineffective, security researchers have found.

adobe flash player v10 icon

Emergency Flash Player patch fixes actively exploited vulnerability

Adobe Systems released new versions of Flash Player in order to fix 18 critical vulnerabilities that can be exploited to take over computers, including one flaw that's already targeted by attackers.

20151005 Cisco headquarters sign

Cisco patches serious flaws in cable modems and home gateways

Cisco Systems has patched high-impact vulnerabilities in several of its cable modem and residential gateway devices that are distributed by some ISPs to their customers.

Digital Key, security, encryption

Mac ransomware KeRanger has flaws that could let users recover files

The KeRanger file-encrypting ransomware program for Mac OS X is based on Linux.Encoder and contains crypto flaws that could allow users to recover their files without paying cybercriminals.

microsoft headquarters

Microsoft patches flaws in Windows, Office, IE, and Edge that let attackers control your PC over the Web

Microsoft has fixed 39 vulnerabilities in multiple Windows components, Internet Explorer, Edge, Office and .NET Framework, many of which allow for remote code execution.

Big Data, chart, chief data officer, data science

Google offers app to help companies assess their vendors' security

Google has published an interactive questionnaire that companies could use to assess the security posture of vendors they choose to work with or to review and improve their own security programs.

Data analytics, big data, business, chart, laptop

These are the worst domains for harboring malware

Generic top-level domains (TLDs) that have sprung up in recent years have become a magnet for cybercriminals, to the point where some of them host more malicious domains than legitimate ones.

Legislation of privacy security keyboard law legal gavel

Suspected Bush family hacker Guccifer to be extradited to US

Romania's highest court approved the temporary extradition to the U.S. of a convicted hacker who is accused of breaking into the email and social media accounts of a Bush family member and U.S. government officials.