Lucian Constantin - Author

Stories by Lucian Constantin

Java 7 Update 25 fixes 40 security issues, turns on certificate revocation checking

Oracle addressed 40 security issues in Java and enabled online certificate revocation checking by default in its scheduled critical patch update for Java on Tuesday.

By Lucian Constantin | 19 June, 2013 12:35

Tags: patches, online safety, security, patch management, Oracle, qualys

Source code for Carberp financial malware is up for sale at a very low price, researchers say

The source code for the Carberp banking Trojan program is being offered for sale on the underground market at a very affordable price, which could result in additional Carberp-based financial malware being developed in the future, according to researchers from Russian cybercrime investigations firm Group-IB.

By Lucian Constantin | 18 June, 2013 16:39

Tags: Group-IB, security, spyware, malware, fraud

UK spy agency reportedly intercepted email of delegates at G20 meetings in 2009

British intelligence agency Government Communications Headquarters (GCHQ) reportedly intercepted the electronic communications of foreign politicians during G20 meetings that took place in London in 2009.

By Lucian Constantin | 17 June, 2013 18:17

Tags: Government use of IT, online safety, security, data breach, Access control and authentication, encryption, spyware, government, bitdefender

More malware is travelling on P2P networks these days

Hackers have found a devious new way to disseminate malware: They're using peer-to-peer networks.

By Lucian Constantin | 17 June, 2013 10:18

Tags: Cybercrime and Hacking, security, Damballa, Malware and Vulnerabilities

Some foreign-backed US phone companies reportedly excluded from NSA surveillance program

At least two U.S. mobile operators, T-Mobile US and Verizon Wireless, reportedly do not participate directly in the U.S. National Security Agency's call metadata collection program because of their partial ownership by foreign telecommunication companies.

By Lucian Constantin | 14 June, 2013 13:59

Tags: Government use of IT, telecommunication, security, Vodafone Group, government, deutsche telekom, T-Mobile US, Verizon Communications, privacy, Verizon Wireless, Verizon Business Network Services

Spy-proof enterprise encryption is possible, but daunting

Data encryption could help enterprises protect their sensitive information against mass surveillance by governments, as well as guard against unauthorized access by ill-intended third parties, but the correct implementation and use of data encryption technologies is not an easy task, according to security experts.

By Lucian Constantin | 13 June, 2013 21:18

Tags: risk management, internet, Appnor MSP, Facebook, AOL, PalTalk, Apple, Yahoo, Google, Microsoft, security, encryption, government, iSEC, data protection, Compliance monitoring, Government use of IT, online safety, PrivateCore, Tripwire, Voltage Security, business management, cloud computing

Microsoft patches critical IE vulnerabilities and actively exploited Office flaw

A new batch of security updates released by Microsoft on Tuesday address a total of 23 vulnerabilities in Internet Explorer, Windows and Microsoft Office, including one that is actively exploited by attackers. The handling of digital certificates in Windows was also improved.

By Lucian Constantin | 11 June, 2013 22:23

Tags: patches, Microsoft, security, Tripwire, patch management, Exploits / vulnerabilities, qualys

New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say

Users from Vietnam, India, China, Taiwan and possibly other countries, were targeted as part of an attack campaign that uses Microsoft Word documents rigged with exploits in order to install a backdoor program that allows attackers to steal information, according to researchers from security firm Rapid7.

By Lucian Constantin | 10 June, 2013 18:07

Tags: intrusion, online safety, security, Rapid7, Exploits / vulnerabilities, spyware, malware

New Android Trojan app exploits previously unknown flaws, researchers say

A newly discovered Trojan program exploits previously unknown flaws in Android and borrows techniques from Windows malware in order to evade detection and achieve persistence on infected devices.

By Lucian Constantin | 07 June, 2013 15:26

Tags: Android OS, Google, security, mobile security, spyware, Exploits / vulnerabilities, malware, kaspersky lab

Hacker publishes alleged zero-day remote code execution exploit for older Plesk versions

A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject arbitrary PHP code and execute rogue commands on Web servers.

By Lucian Constantin | 06 June, 2013 18:31

Tags: Parallels, secunia, security, Exploits / vulnerabilities

ISC patches publicly disclosed denial-of-service vulnerability affecting BIND 9

The Internet Systems Consortium (ISC), the organization that develops and maintains the widely used BIND DNS (Domain Name System) software, has patched a publicly disclosed vulnerability that can be used to remotely crash DNS servers running recent releases of BIND 9.

By Lucian Constantin | 06 June, 2013 11:50

Tags: patches, Networking, security, Internet Systems Consortium

Malware increasingly uses peer-to-peer communications, researchers say

The number of malware samples that use P-to-P (peer-to-peer) communications has increased fivefold during the past 12 months, according to researchers from security firm Damballa.

By Lucian Constantin | 05 June, 2013 16:17

Tags: CrowdStrike, Dell SecureWorks, security, Damballa, malware

Cyberespionage campaign 'NetTraveler' siphoned data from hundreds of high-profile targets, researchers say

An ongoing cyberespionage campaign compromised over 350 high-profile victims from more than 40 countries over the past eight years, including political activists, research centers, governmental institutions, embassies, military contractors and private companies from various industries.

By Lucian Constantin | 04 June, 2013 22:51

Tags: intrusion, security, data breach, Exploits / vulnerabilities, spyware, malware, kaspersky lab

Possibly related DDoS attacks cause DNS hosting outages

Distributed denial-of-service (DDoS) attacks that could be related have in the past few days slammed the DNS servers of at least three providers of domain name management and DNS hosting services.

By Lucian Constantin | 04 June, 2013 20:00

Tags: arbor networks, online safety, Networking, Hosted, internet, Internet service providers, Netregistry, EasyDNS, services, security, Aetrion, TPP Wholesale

McAfee sees surge in spam, Koobface samples, MBR attacks

The first three months of 2013 have seen a surge in spam volume, as well as large numbers of samples of the Koobface social networking worm and master boot record (MBR) infecting malware, according to antivirus vendor McAfee.

By Lucian Constantin | 03 June, 2013 13:19

Tags: antispam, mcafee, online safety, security, mobile security, Desktop security, Damballa, malware, antivirus