Stories by Lucian Constantin

Trojan program based on ZeuS targets 150 banks, can hijack webcams

A new computer Trojan based on the infamous ZeuS banking malware is targeting users of over 150 banks and payment systems from around the world, security researchers warn.

By Lucian Constantin | 20 December, 2014 05:13

Tags: security, Desktop security, spyware, fraud, kaspersky lab, malware

Critical vulnerability in Git clients puts developers at risk

A critical vulnerability in client software used to interact with Git, a distributed revision control system for managing source code repositories, allows attackers to execute rogue commands on computers used by developers.

By Lucian Constantin | 19 December, 2014 21:40

Tags: patches, intrusion, GitHub, security, Exploits / vulnerabilities

Vulnerability in embedded Web server exposes millions of routers to hacking

A serious vulnerability in an embedded Web server used by many router models from different manufacturers allows remote attackers to take control of affected devices over the Internet.

By Lucian Constantin | 19 December, 2014 06:16

Tags: Huawei Technologies, Tp-link Technologies, Networking, ZTE, routers, Exploits / vulnerabilities, networking hardware, Check Point Software Technologies, intrusion, security, Access control and authentication, Allegro Software Development, Edimax Technology, ZyXEL Communications, D-Link

Point-of-sale malware creators still in business with Spark, an Alina spinoff

A malware program dubbed Spark that steals payment card data from compromised point-of-sale (POS) systems is likely a modification of an older Trojan called Alina, and highlights a continuing, lucrative business for cybercriminals.

By Lucian Constantin | 19 December, 2014 03:29

Tags: intrusion, trustwave, security, data breach, fraud, malware

Over 30 vulnerabilities found in Google App Engine

Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found.

By Lucian Constantin | 10 December, 2014 04:50

Tags: Google, Security Explorations, security, Exploits / vulnerabilities, Oracle

The Turla espionage operation also infected Linux systems with malware

A newly discovered malware program designed to infect Linux systems is tied to a sophisticated cyberespionage operation of Russian origin dubbed Epic Turla, security researchers found.

By Lucian Constantin | 10 December, 2014 02:38

Tags: intrusion, security, spyware, kaspersky lab, malware

Forgotten subdomains boost risk of account hijacking, other attacks

Subdomains that once served a purpose but later were forgotten by website administrators can be abused by hackers to attack users of sites under the same main domain.

By Lucian Constantin | 09 December, 2014 12:09

Tags: online safety, security, Microsoft, Access control and authentication, encryption, Exploits / vulnerabilities, Detectify

The POODLE flaw returns, this time hitting TLS security protocol

Webmasters who patched their sites against a serious SSL flaw discovered in October will have to check them again. Researchers have discovered that the vulnerability also affects implementations of the newer TLS (Transport Layer Security) protocol.

By Lucian Constantin | 09 December, 2014 09:42

Tags: patches, F5 Networks, Google, security, encryption, patch management, Exploits / vulnerabilities, qualys, A10 Networks

Attackers knock PlayStation Network offline for hours

Many gamers couldn't access Sony's PlayStation Network (PSN) for hours on Sunday evening after an apparent attack against the service. The PlayStation Store was also reportedly affected.

By Lucian Constantin | 09 December, 2014 03:14

Tags: Sony Computer Entertainment America, intrusion, security, Access control and authentication, Sony Pictures Entertainment

Vodafone blocks Chaos Computer Club site, fueling 'Net censorship concerns in UK

Vodafone UK isn't letting its customers access the website of the Chaos Computer Club (CCC), one of the oldest and largest associations of computer hackers in Europe.

By Lucian Constantin | 09 December, 2014 02:10

Tags: Chaos Computer Club, Open Rights Group, online safety, security, Access control and authentication, Vodafone Group, privacy

Destructive malware that hit Sony Pictures similar to other data wiping programs

A malware program with data wiping functionality that was recently used to attack Sony Pictures Entertainment bears technical similarities to destructive malware that affected organizations in South Korea and the Middle East in the past.

By Lucian Constantin | 06 December, 2014 01:32

Tags: intrusion, symantec, blue coat, security, Sony Pictures Entertainment, data breach, Saudi Aramco, kaspersky lab, malware

Technical evidence links destructive malware to attack against Sony Pictures

The destructive malware program that the FBI alerted some companies about this week was likely used against Sony Pictures Entertainment, according to technical evidence found by researchers in the program's code.

By Lucian Constantin | 05 December, 2014 01:05

Tags: AlienVault, security, trend micro, Sony Pictures Entertainment, Access control and authentication, Federal Bureau of Investigation, data breach, sony, malware, intrusion

IBM fixes serious flaw in Endpoint Manager for mobile device management

A vulnerability in the IBM Endpoint Manager for mobile devices could allow attackers to execute malicious code on the servers used by companies to manage devices.

By Lucian Constantin | 04 December, 2014 04:50

Tags: patches, security, IBM, Access control and authentication, mobile security, RedTeam Pentesting, Exploits / vulnerabilities

Facebook offers users more malware scanning options with ESET Online Scanner

Facebook has partnered with antivirus firm ESET to offer users the ability to scan their computers for malware directly from inside the social networking site.

By Lucian Constantin | 04 December, 2014 03:37

Tags: online safety, security, trend micro, Desktop security, f-secure, eset, Facebook, antivirus

Whitelisting project helps industrial control systems owners find suspicious files

Industrial control systems have been at the center of some scary security stories recently, but investigating malware infections in such environments is not easy because analysts often having a hard time telling suspicious and good files apart.

By Lucian Constantin | 03 December, 2014 07:06

Tags: siemens, Advantech, intrusion, security, Forensics, general electric, Rockwell Automation, malware, Schneider Electric

Top Whitepapers

Twitter Feed

Featured Whitepapers