Lucian ConstantinCSO Senior Writer, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for CSO.

microsoft stock campus building

Microsoft pushes out critical Flash Player patches with one week delay

After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.

code big data binary programming

Java and Python FTP attacks can punch holes through firewalls

The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.

code hacker cyberespionage eye data

Hackers behind bank attack campaign use Russian as decoy

The hackers behind a sophisticated attack campaign that has targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.

20160224 stock mwc freeway cars traffic barcelona

Insecure Android apps put connected cars at risk

Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could allow hackers to easily hijack their functionality.

microsoft stock campus building

Microsoft's monthlong delay of security patches may pose risks, experts say

There won't be any patches from Microsoft this month, as the company has decided to bundle them together with the patches scheduled for March.

code hacker cyberespionage eye data

Russian cyberspies blamed for U.S. election hacks are now targeting Macs

Security researchers have discovered a macOS malware program that's likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.

person smartphone office table byod roaming

Forget the network perimeter, say security vendors

Security vendors start embracing Google's BeyondCorp network security model that treats all apps and devices as being on the Internet instead of assigning higher trust to local networks.

euro bills

Recent malware attacks on Polish banks tied to wider hacking campaign

Malware attacks that recently put the Polish banking sector on alert were part of a larger campaign that targeted financial organizations from over 30 countries.

wordpress

Recent WordPress vulnerability used to deface 1.5 million pages

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven't yet applied a recent patch for a critical vulnerability.

security code big data cyberespionage DDoS

Windows Trojan hacks into embedded devices to install Mirai

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable.

euro bills

Polish banks on alert after mystery malware found on computers

Malware discovered on computers and servers of several Polish banks has put the country's financial sector in alert over potential compromises.

keyboard user security

Beware! Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users.

robot printer hack

Hacker hijacks thousands of publicly exposed printers to warn owners

A hacker forced thousands of publicly exposed printers to spew out rogue messages in order to warn their owners about the risks of printer hacking.

microsoft stock campus building

Microsoft will likely fix Windows SMB denial-of-service flaw on Patch Tuesday

Microsoft will likely wait until February 14 to fix a publicly disclosed vulnerability in the SMB network file sharing protocol that can be exploited to crash Windows computers.

windows 10 bsod

Zero-day Windows file-sharing flaw can crash systems, maybe worse

The implementation of the SMB network file sharing protocol in Windows has a serious vulnerability that could allow hackers to, at the very least, remotely crash systems.