Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

wordpress

Recent WordPress vulnerability used to deface 1.5 million pages

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven't yet applied a recent patch for a critical vulnerability.

security code big data cyberespionage DDoS

Windows Trojan hacks into embedded devices to install Mirai

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable.

malware attack cyberespionage code hacker

Hard-to-detect fileless attacks target banks, other organizations

A wave of attacks that have recently affected banks and other enterprises used open-source penetration testing tools loaded directly into memory instead of traditional malware, making their detection much harder.

Fraud gang targeted large European companies

Polish banks on alert after mystery malware found on computers

Malware discovered on computers and servers of several Polish banks has put the country's financial sector in alert over potential compromises.

keyboard user security

Beware! Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users.

robot printer hack

Hacker hijacks thousands of publicly exposed printers to warn owners

A hacker forced thousands of publicly exposed printers to spew out rogue messages in order to warn their owners about the risks of printer hacking.

microsoft stock campus building

Microsoft will likely fix Windows SMB denial-of-service flaw on Patch Tuesday

Microsoft will likely wait until February 14 to fix a publicly disclosed vulnerability in the SMB network file sharing protocol that can be exploited to crash Windows computers.

windows 10 bsod

Zero-day Windows file-sharing flaw can crash systems, maybe worse

The implementation of the SMB network file sharing protocol in Windows has a serious vulnerability that could allow hackers to, at the very least, remotely crash systems.

20151005 cisco hq sign 100620823 orig

Cisco patches critical flaw in Prime Home device management server

Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.

wordpress

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system intentionally delayed announcing that a recent patch fixed a severe vulnerability.

chain security stock

In treason case, Russia alleges security experts aided U.S.

Two officers of the Russian Federal Security Service, the FSB, and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for allegedly helping U.S. intelligence services.

code hacker cyberespionage eye data

Mobile security firm offers cash to hackers for their old exploits

Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.

netgear r8500 AC5300 Nighthawk X8

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

It has taken Netgear over half-a-year to identify router models vulnerable to a serious authentication bypass vulnerability and to release patches for them.

Digital Key encryption

Ransomware disrupts Washington DC's CCTV system

Around 70 percent of police cameras in Washington D.C. were reportedly unable to record footage for several days before President Trump's inauguration due to a ransomware attack.

security hacker privacy

Five arrested for hacking into ATMs and stealing $3.2 million

Law enforcement authorities from Europe and Asia have dismantled a cybercriminal group that specialized in hacking into automated teller machine (ATMs).