Stories by Lucian Constantin

Russian SMS Trojan for Android hits US, dozens of other countries

An Android Trojan app that sends SMS messages to premium-rate numbers has expanded globally over the past year, racking up bills for users in over 60 countries including the U.S., malware researchers from Kaspersky Lab said.

By Lucian Constantin | 24 April, 2014 04:32

Tags: Google, security, mobile security, spyware, fraud, kaspersky lab, malware

Mysterious malware steals Apple credentials from jailbroken iOS devices

A malware campaign of yet-to-be-determined origin is infecting jailbroken iPhones and iPads to steal Apple account credentials from SSL encrypted traffic.

By Lucian Constantin | 22 April, 2014 22:00

Tags: telecommunication, applications, ios, Mobile OSes, mobile security, SektionEins, spyware, mobile, malware, sophos, Apple, security

Web apps and point-of-sale were leading hacker targets in 2013, says Verizon

Web application attacks, cyber-espionage and point-of-sale intrusions were among the top IT security threats in 2013, according to Verizon's latest annual report on data breach investigations.

By Lucian Constantin | 22 April, 2014 14:06

Tags: intrusion, security, Access control and authentication, data breach, data protection, Verizon Communications

Satellite communication systems rife with security flaws, vulnerable to remote hacks

Security researchers have found that many satellite communication systems have vulnerabilities and design flaws that can let remote attackers intercept, manipulate, block and in some cases take full control of critical communications.

By Lucian Constantin | 19 April, 2014 03:20

Tags: Thuraya Telecommunications, Iridium Communications, harris, Access control and authentication, encryption, Japan Radio Company, Exploits / vulnerabilities, IOActive, Hughes Network Systems, intrusion, Cobham, security

Tor anonymity network to shrink as a result of Heartbleed flaw

The Tor Project has flagged 380 Tor relays vulnerable to the critical Heartbleed flaw to be rejected from the Tor anonymity network, reducing the network's entry and exit capacity.

By Lucian Constantin | 18 April, 2014 03:15

Tags: patches, online safety, security, encryption, TOR Project, patch management, privacy

Facebook users targeted by iBanking Android trojan app

Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.

By Lucian Constantin | 17 April, 2014 21:59

Tags: security, Access control and authentication, mobile security, eset, rsa, malware

Lavaboom builds encrypted webmail service to resist snooping

A new webmail service called Lavaboom promises to provide easy-to-use email encryption without ever learning its users' private encryption keys or message contents.

By Lucian Constantin | 17 April, 2014 02:27

Tags: Lavaboom, Internet-based applications and services, security, Mail, Lavabit, encryption, data protection, internet, privacy

VMware promises Heartbleed patches for affected products by the weekend

VMware started patching its products against the critical Heartbleed flaw that puts encrypted communications at risk, and plans to have updates ready for all affected products by Saturday.

By Lucian Constantin | 16 April, 2014 00:48

Tags: patches, security, encryption, patch management, Exploits / vulnerabilities, GoPivotal, VMware

TrueCrypt source code audit finds no critical flaws or intentional backdoors

The source code of TrueCrypt, a popular disk encryption tool, is not the most polished work of programming, but it has no critical flaws or intentional backdoors, security testers concluded in a report released Monday.

By Lucian Constantin | 15 April, 2014 23:28

Tags: iSec Partners, security, Desktop security, encryption, data protection, Exploits / vulnerabilities, Open Crypto Audit Project

AT&T hacker Weev released from prison after appeals court overturns conviction

Andrew Auernheimer, known online as "weev," has won an appeal against his conviction for exploiting a vulnerability in AT&T's website to collect the email addresses of Apple iPad users. The 2010 incident earned him a 41-month prison sentence.

By Lucian Constantin | 14 April, 2014 22:08

Tags: Criminal, security, legal, data protection, Identity fraud / theft, Electronic Frontier Foundation, cybercrime

Don't overlook URL fetching agents when fixing Heartbleed flaw on servers, researchers say

Website operators should assess their whole Web infrastructure when patching the critical Heartbleed flaw in OpenSSL, otherwise they risk leaving important components open to remote attacks, despite fixing the problem on their publicly facing servers.

By Lucian Constantin | 11 April, 2014 23:34

Tags: patches, online safety, Tripwire, Voltage Security, Risk Based Security, patch management, Exploits / vulnerabilities, Lieberman Software, pki, intrusion, Meldium, security

Website operators will have a hard time dealing with the Heartbleed vulnerability

Website and server administrators will have to spend considerable time, effort and money to mitigate all the security risks associated with Heartbleed, one of the most severe vulnerabilities to endanger encrypted SSL communications in recent years.

By Lucian Constantin | 11 April, 2014 06:55

Tags: patches, online safety, Sucuri, patch management, Exploits / vulnerabilities, pki, qualys, Electronic Frontier Foundation, privacy, trustwave, symantec, security

Security update for BlackBerry 10 OS fixes remote code execution vulnerability

BlackBerry released a security update for its BlackBerry 10 OS to address a critical vulnerability that could allow remote attackers to execute arbitrary code on affected devices.

By Lucian Constantin | 11 April, 2014 00:54

Tags: patches, BlackBerry OS, security, Mobile OSes, mobile security, patch management, Exploits / vulnerabilities, mobile, Blackberry

Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest

Adobe Systems released security updates for Flash Player and AIR in order to address four critical vulnerabilities that could lead to arbitrary code execution and information disclosure.

By Lucian Constantin | 09 April, 2014 22:28

Tags: patches, Vupen, Adobe Systems, security, patch management, Exploits / vulnerabilities

Cybercriminals use sophisticated PowerShell-based malware

Cybercriminals have been developing increasingly sophisticated malware that make use of Windows PowerShell scripts in an attempt to fly under the radar.

By Lucian Constantin | 09 April, 2014 06:21

Tags: symantec, security, trend micro, Desktop security, malware

Top Whitepapers

Twitter Feed

Featured Whitepapers