Stories by Lucian Constantin

Maliciously crafted MKV video files can be used to crash Android phones

A malicious application or Web page could be used to crash Android devices, in some cases persistently, due to a vulnerability in a multimedia processing component.

By Lucian Constantin | 30 July, 2015 00:41

Tags: Google, trend micro, security, mobile security, Exploits / vulnerabilities, malware

Darkode cybercrime forum might be making a comeback

The former administrator of Darkode, the online cybercrime forum that was recently shut down by law enforcement agencies, is preparing to bring it back, with better security and privacy for its members.

By Lucian Constantin | 29 July, 2015 03:20

Tags: online safety, security, legal, Darkode, malware, cybercrime, fraud

Xen patches new virtual-machine escape vulnerability

A new vulnerability in emulation code used by the Xen virtualization software can allow attackers to bypass the critical security barrier between virtual machines and the host operating systems they run on.

By Lucian Constantin | 29 July, 2015 01:09

Tags: patches, xen project, security, Exploits / vulnerabilities

Most Android phones can be hacked with a simple MMS message or multimedia file

The vast majority of Android phones can be hacked by sending them a specially crafted multimedia message (MMS), a security researcher has found.

By Lucian Constantin | 27 July, 2015 22:40

Tags: Silent Circle, intrusion, Google, Zimperium, security, mobile security, Exploits / vulnerabilities, mozilla

Even without breaches, don't count on websites to hide that you have an account with them

Companies often fail to hide if an email address is associated with an account on their websites, even if the nature of their business calls for this and users implicitly expect it.

By Lucian Constantin | 25 July, 2015 02:05

Tags: Adult Friend Finder, security, Exploits / vulnerabilities, data protection, Ashley Madison, privacy

Researchers disclose four unpatched vulnerabilities in Internet Explorer

Security researchers published limited details about four unpatched vulnerabilities in Internet Explorer because Microsoft has not moved quickly enough to fix them.

By Lucian Constantin | 24 July, 2015 03:12

Tags: intrusion, security, Microsoft, Risk Based Security, Exploits / vulnerabilities, Hewlett-Packard

WordPress gets patch for critical XSS flaw

Developers of the popular WordPress blogging platform have released a critical security update to fix a vulnerability that can be exploited to take over websites.

By Lucian Constantin | 24 July, 2015 01:29

Tags: patches, security, patch management, Wordpress, Exploits / vulnerabilities

Microsoft follows Google to crack down on revenge porn

Microsoft will make it easier for people to request the removal of links to intimate images or videos from the company's Bing search engine if such content was posted online without their consent.

By Lucian Constantin | 23 July, 2015 02:57

Tags: online safety, Google, Microsoft, security, privacy

Bug exposes OpenSSH servers to brute-force password guessing attacks

A bug in OpenSSH, the most popular software for secure remote access to UNIX-based systems, could allow attackers to bypass authentication retry restrictions and execute many password guesses.

By Lucian Constantin | 22 July, 2015 22:59

Tags: reddit, security, Access control and authentication, Exploits / vulnerabilities

Former Hacking Team supplier stops selling zero-day exploits on ethical grounds

Italian surveillance software maker Hacking Team recently claimed that it hasn't lost any customers after the massive leak of its internal data two weeks ago. But it has lost at least one business partner: U.S.-based penetration testing specialist and zero-day exploit broker Netragard.

By Lucian Constantin | 22 July, 2015 02:13

Tags: Netragard, intrusion, security, Exploits / vulnerabilities, spyware, malware, Hacking Team

Cyberspies love exploits from Hacking Team leak

The leaked files from surveillance software maker Hacking Team have proven to be a great resource for cyberespionage groups, which have used at least two Flash Player exploits from the company's arsenal.

By Lucian Constantin | 20 July, 2015 23:59

Tags: patches, security, FireEye, Exploits / vulnerabilities, malware, Hacking Team

Latest Flash Player version has improved exploit defenses

The Flash Player update released Tuesday not only fixed two vulnerabilities that were being targeted by attackers, but added additional protections that will make entire classes of security flaws much harder to exploit in the future.

By Lucian Constantin | 18 July, 2015 01:24

Tags: patches, Detection / prevention, intrusion, Google, security, Adobe Systems, Exploits / vulnerabilities

New point-of-sale malware distributed by Andromeda botnet

Cybercriminals are casting increasingly wider nets in their search for new point-of-sale systems to infect. This appears to be the case with a new memory scraping malware program called GamaPoS that's distributed by a large botnet known as Andromeda.

By Lucian Constantin | 17 July, 2015 02:54

Tags: trend micro, security, data breach, malware, fraud

Encrypted Web and Wi-Fi at risk as RC4 attacks become more practical

There's an old saying in the security community: Attacks always get better. The latest case where that holds true is for the aging RC4 cipher that's still widely used to encrypt communications on the Internet.

By Lucian Constantin | 17 July, 2015 00:38

Tags: online safety, security, encryption, Exploits / vulnerabilities, privacy, University of Leuven, qualys

Oracle fixes zero-day Java flaw and over 190 other vulnerabilities

Go ahead and update Java -- or disable it if you don't remember the last time you actually used it on the Web: Oracle's latest patch, released Tuesday, fixes 25 vulnerabilities in the aging platform, including one that's already being exploited in attacks.

By Lucian Constantin | 15 July, 2015 22:21

Tags: patches, intrusion, online safety, trend micro, security, patch management, Exploits / vulnerabilities, Oracle

Top Whitepapers

Featured Whitepapers