Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

security hole in fence clouds gap opening

Second HTTPS snooping flaw breaks security for thousands of iOS apps

Hackers can exploit the vulnerability to launch man-in-the-middle attacks and decrypt traffic from the affected apps.

PCWorld News

With ransomware on the rise, cryptographers take it personally

The security industry is not doing enough and it's going to get worse, they said

PCWorld News

Wi-Fi client vulnerability could expose Android, Linux, BSD, other systems to attacks

A flaw in the widely used wpa_supplicant wireless client can lead remote code execution

PCWorld News

Malware used in White House and State Department hacks possibly linked to Russia

The malware is related to the MiniDuke, CosmicDuke and OnionDuke cyberespionage tools, researchers from Kaspersky Lab found

PCWorld News

Crypto gurus: The government's key escrow plan won't work

World renowned cryptographers highlighted various reasons why creating a master decryption key for the government to use is not practical

PCWorld News

Microsoft moves to address customers' concerns about cloud control and transparency

The company will launch new features for Office 365 designed to give organizations more control and visibility into their data

PCWorld News

Poor WordPress documentation trips developers, yields plug-ins with XSS flaw

Website administrators should check if they have any affected plug-ins and update them in order to avoid attacks

cybersecurity

HTTPS snooping flaw in third-party library affected 1,000 iOS apps with millions of users

The flaw in the AFNetworking library broke HTTPS certificate validation, enabling man-in-the-middle attacks

google encryption conceptual

Google's push to encrypt ads will improve security, but won't kill malicious advertising

Google's push to encrypt ads might encourage more websites to deploy HTTPS, however.

PCWorld News

Pawn Storm cyberespionage group increases activity, targets NATO

New attacks were observed this year from the group, including against people with links to the White House

PCWorld News

IBM opens up its threat data as part of new security intelligence sharing platform

The IBM X-Force Exchange platform will allow companies to share and compare data from security incidents

PCWorld News

New malware program Punkey targets point-of-sale systems

All signs point to an increase in the number of memory scraping malware programs infecting PoS terminals to steal payment card data

PCWorld News

With latest patches, Oracle signals no more free updates for Java 7

The company released patches from 98 security issues in its products, 14 in Java

Critcal Adobe Flash Player patches include fix for exploited zero day flaw

The company warned of a public exploit for one of the 22 vulnerabilities fixed in Flash Player.

encryptionsecurity

Web app attacks, PoS intrusions and cyberespionage leading causes of data breaches

Phishing attacks continue to be effective, but mobile threats are not a big concern, according to a Verizon report.