Stories by Lucian Constantin

Cisco, Oracle find dozens of their products affected by Shellshock

Cisco Systems and Oracle are hard at work identifying networking and other products in their portfolios that are affected by the critical Shellshock vulnerability.

By Lucian Constantin | 01 October, 2014 01:19

Tags: patches, Cisco Systems, security, patch management, Exploits / vulnerabilities, Oracle

Malvertising campaign delivers digitally signed CryptoWall ransomware

The cybercriminals behind the CryptoWall ransomware threat have stepped up their game and are digitally signing new samples before using them in attacks in an attempt to bypass antivirus detection.

By Lucian Constantin | 30 September, 2014 01:38

Tags: security, Barracuda Networks, encryption, Zedo, Exploits / vulnerabilities, fraud, malware

Improved patch tackles new Shellshock attack vectors

System administrators who spent last week making sure their computers are patched against Shellshock, a critical vulnerability in the Bash Unix command-line interpreter, will have to install a new patch that addresses additional attack vectors.

By Lucian Constantin | 29 September, 2014 23:31

Tags: Akamai Technologies, patches, Google, security, patch management, Exploits / vulnerabilities, Red Hat

New organization sets out to make secure communication tools more user-friendly

Google, Dropbox and the Open Technology Fund are supporting a new organization focused on making open-source security and privacy tools more user-friendly.

By Lucian Constantin | 20 September, 2014 03:32

Tags: Google, dropbox, online safety, security, encryption, privacy

Apple's iOS 8 fixes enterprise Wi-Fi authentication hijacking issue

Apple's iOS 8 addresses a serious weakness that could allow attackers to hijack the wireless network authentication of Apple devices and gain access to enterprise networks.

By Lucian Constantin | 20 September, 2014 00:35

Tags: patches, Apple, security, Access control and authentication, encryption, Exploits / vulnerabilities, University of Hasselt

BitTorrent opens Bleep peer-to-peer encrypted chat program to public testing

Nine months after revealing plans to develop a decentralized and encrypted chat application, BitTorrent has opened public testing for Windows, Mac and Android versions of the program Wednesday.

By Lucian Constantin | 19 September, 2014 00:17

Tags: bittorrent, online safety, security, encryption, data protection, privacy

Twitter patches vulnerability that could have impacted advertising accounts

Twitter's recently announced bug bounty program has helped the company identify and patch a serious vulnerability that could have potentially disrupted advertising on its platform.

By Lucian Constantin | 18 September, 2014 01:07

Tags: patches, online safety, security, High-Tech Bridge, twitter, Exploits / vulnerabilities

Adobe releases previously delayed security updates for Reader and Acrobat

After a one-week delay, Adobe Systems has released security updates for its Reader and Acrobat products to patch critical vulnerabilities that could lead to computers being compromised.

By Lucian Constantin | 17 September, 2014 21:33

Tags: patches, Adobe Systems, security, Desktop security, patch management, Exploits / vulnerabilities

Many Android devices vulnerable to session hijacking through the default browser

The default browser in Android versions older than 4.4 has a vulnerability that allows malicious websites to bypass a critical security mechanism and take control of a user's authenticated sessions on other sites.

By Lucian Constantin | 16 September, 2014 22:43

Tags: Google, online safety, security, mobile security, Exploits / vulnerabilities

Open-source project promises easy-to-use encryption for email, instant messaging and more

A software development project launched Monday aims to create free tools that simplify the encryption of online forms of communication like email, instant messaging, SMS and more by solving the complexity associated with the exchange and management of encryption keys.

By Lucian Constantin | 16 September, 2014 03:40

Tags: PEP Security, online safety, security, indiegogo, encryption, privacy

VMware and Cisco patch vulnerabilities in datacentre gear and software

VMware and Cisco Systems have released security fixes for serious vulnerabilities in networking virtualisation and server software typically used in datacentres.

By Lucian Constantin | 13 September, 2014 04:05

Tags: patches, Cisco Systems, security, patch management, Exploits / vulnerabilities, VMware

Data protection authorities find privacy lapses in majority of mobile apps

Many mobile apps request too many permissions and don't explain how they collect users' personal information, a study of 1,211 popular apps by the Global Privacy Enforcement Network has found.

By Lucian Constantin | 12 September, 2014 21:23

Tags: Office of the Privacy Commissioner of Canada, security, mobile security, data protection, Information Commissioner's Office, Global Privacy Enforcement Network, privacy

Vulnerability in popular Joomla e-commerce extension puts online shops at risk

A critical vulnerability in a popular e-commerce extension for the Joomla content management system allows malicious users to gain super-admin privileges to sites that run the software.

By Lucian Constantin | 12 September, 2014 00:32

Tags: patches, online safety, security, Sucuri, patch management, Exploits / vulnerabilities

VMware patches third-party components in vSphere platform

VMware has updated third-party libraries and components used by its vSphere server virtualization platform to integrate security patches released in recent months.

By Lucian Constantin | 11 September, 2014 03:40

Tags: patches, security, patch management, VMware

Five million Gmail addresses and passwords dumped online

An archive containing nearly 5 million Gmail addresses and plain text passwords was posted Tuesday on an online forum, but the data is old and likely sourced from multiple data breaches according to one security firm.

By Lucian Constantin | 11 September, 2014 00:57

Tags: Google, online safety, security, data breach, CSIS Security Group, privacy

Twitter Feed

Featured Whitepapers