Stories by Lucian Constantin

DNS hijacking vulnerability affects D-Link DSL router, possibly other devices

A vulnerability found in a DSL router model from D-Link allows remote hackers to change its DNS (Domain Name System) settings and hijack users' traffic. The issue might also affect other devices because it is located in a popular firmware used by different manufacturers, according to a security researcher.

By Lucian Constantin | 28 January, 2015 05:20

Tags: Ethical Hacker, Tp-link Technologies, online safety, security, Access control and authentication, ZTE, ZyXEL Communications, D-Link, Exploits / vulnerabilities, intrusion

Link between NSA and Regin cyberespionage malware becomes clearer

Keylogging malware that may have been used by the NSA shares signficant portions of code with a component of Regin, a sophisticated platform that has been used to spy on businesses, government institutions and private individuals for years.

By Lucian Constantin | 27 January, 2015 22:44

Tags: National Security Agency, symantec, security, Communications Security Establishment Canada, Government Communications Headquarters, Belgacom, spyware, malware, kaspersky lab, intrusion

Adobe pushes critical Flash Player update to fix latest zero-day

Adobe Systems started pushing a critical Flash Player patch to users who have auto-update enabled over the weekend in order to fix a vulnerability that has been exploited by attackers since last week.

By Lucian Constantin | 27 January, 2015 00:08

Tags: patches, security, Adobe Systems, patch management, Exploits / vulnerabilities, malware

Thousands of U.S. gas stations exposed to Internet attacks

Over 5,000 devices used by gas stations in the U.S. to monitor their fuel tank levels can be manipulated from the Internet by malicious attackers.

By Lucian Constantin | 24 January, 2015 01:06

Tags: intrusion, Kachoolie, security, BostonBase, Rapid7, physical security, Access control and authentication, Exploits / vulnerabilities

Adobe fixes just one of two actively exploited zero-day vulnerabilities in Flash Player

Emergency updates for Flash Player released Thursday fix a vulnerability that is actively exploited by attackers, but leave a separate one unpatched.

By Lucian Constantin | 23 January, 2015 05:34

Tags: patches, security, Adobe Systems, patch management, Exploits / vulnerabilities, malware

Kim Dotcom ready to take on Skype with end-to-end encrypted video calling service

Mega has opened beta testing for a new encrypted video calling service that integrates with its existing file hosting and sharing offerings.

By Lucian Constantin | 23 January, 2015 04:11

Tags: Mega, online safety, security, encryption, privacy

Atlassian fixes critical vulnerability in development collaboration products

A critical vulnerability in popular software development collaboration products by Atlassian allows attackers to compromise servers.

By Lucian Constantin | 23 January, 2015 01:04

Tags: patches, atlassian, security, patch management, Exploits / vulnerabilities

Attackers are exploiting a zero-day vulnerability in Flash Player

Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player, a malware researcher has reported.

By Lucian Constantin | 22 January, 2015 06:15

Tags: Adobe Systems, security, Malwarebytes, Exploits / vulnerabilities, malware

Critical Java updates fix 19 vulnerabilities, disable SSL 3.0

Oracle released new security updates for Java to fix 19 vulnerabilities and disable default support for SSL 3.0, an outdated version of the secure communications protocol that is vulnerable to attacks.

By Lucian Constantin | 22 January, 2015 01:13

Tags: patches, Cisco Systems, online safety, security, patch management, Exploits / vulnerabilities, Oracle, Waratek

Oracle to fix 167 vulnerabilities, including serious backdoor-like flaw in E-Business Suite

Oracle's monster batch of security updates will include a fix for a serious misconfiguration issue in its E-Business Suite product that can give hackers access to databases full of sensitive business records.

By Lucian Constantin | 21 January, 2015 05:36

Tags: patches, security, Exploits / vulnerabilities, data protection, Oracle

Web-based exploits on the decline, but users still slow to patch

The number of exploit kits on the Web dramatically decreased last year, but some have become more sophisticated and shifted their focus to software that is less frequently updated.

By Lucian Constantin | 21 January, 2015 02:42

Tags: patches, Cisco Systems, security, patch management, Exploits / vulnerabilities, malware

Report: NSA not only creates, but also hijacks, malware

In addition to having its own arsenal of digital weapons, the U.S. National Security Agency reportedly hijacks and repurposes third-party malware.

By Lucian Constantin | 20 January, 2015 02:50

Tags: intrusion, National Security Agency, online safety, security, Sony Pictures Entertainment, spyware, malware

Google publishes third Windows 0-day vulnerability in a month

Google ignored Microsoft's calls for flexible vulnerability disclosure deadlines and released details of another unpatched Windows flaw, leaving users exposed for at least the next 25 days.

By Lucian Constantin | 16 January, 2015 23:01

Tags: Google, Microsoft, security, Access control and authentication, Exploits / vulnerabilities

Cleared your browser cookies? It won't stop ad company using Verizon tracking header

A company that correlates data about users across different websites to share with marketers is using unique IDs inserted by Verizon into mobile Web traffic to recreate tracking cookies that have been deleted by users.

By Lucian Constantin | 16 January, 2015 01:02

Tags: Turn, online safety, at&t, security, Digital Advertising Alliance, Network Advertising Initiative, data protection, privacy, Electronic Frontier Foundation, Verizon Wireless

CryptoWall ransomware is back with new version after two months of silence

Attackers have started distributing a new and improved version of the CryptoWall file-encrypting ransomware program over the past few days, security researchers warn.

By Lucian Constantin | 15 January, 2015 04:05

Tags: online safety, Microsoft, security, encryption, malware, fraud

Twitter Feed

Featured Whitepapers