Lucian Constantin

Romania Correspondent

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Google discloses unpatched IE vulnerability after Patch Tuesday delay

Cloudflare bug exposed passwords, other sensitive data from websites

Cloudflare bug exposed passwords, other sensitive data from websites

For months a bug in Cloudflare's content optimization systems exposed sensitive information sent by users to websites including passwords, session cookies, authentication tokens and even private messages.

Stop using SHA1: It’s now completely unsafe

Stop using SHA1: It’s now completely unsafe

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature.

Eleven-year-old root flaw found and patched in the Linux kernel

Eleven-year-old root flaw found and patched in the Linux kernel

Linux system administrators should watch for kernel updates for their distributions and apply them as soon as possible because they fix a local privilege escalation flaw that could lead to a full system compromise.

New macOS ransomware spotted in the wild

New macOS ransomware spotted in the wild

A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won't be able to recover their files, even if they pay.

Microsoft pushes out critical Flash Player patches with one week delay

Microsoft pushes out critical Flash Player patches with one week delay

After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.

Java and Python FTP attacks can punch holes through firewalls

Java and Python FTP attacks can punch holes through firewalls

The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.

Hackers behind bank attack campaign use Russian as decoy

Hackers behind bank attack campaign use Russian as decoy

The hackers behind a sophisticated attack campaign that has targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.

Insecure Android apps put connected cars at risk

Insecure Android apps put connected cars at risk

Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could allow hackers to easily hijack their functionality.

Israeli soldiers hit in cyberespionage campaign using Android malware

Israeli soldiers hit in cyberespionage campaign using Android malware

More than 100 members of the Israel Defense Forces, the majority of them stationed around the Gaza strip, fell victim to a cyberespionage attack that used malicious Android applications to steal information from their mobile devices.

Microsoft's monthlong delay of patches may pose risks

Microsoft's monthlong delay of patches may pose risks

There won't be any patches from Microsoft this month, as the company has decided to bundle them together with the patches scheduled for March.

JavaScript-based ASLR bypass attack simplifies browser exploits

JavaScript-based ASLR bypass attack simplifies browser exploits

Researchers have devised a new attack that can bypass address space layout randomization (ASLR) in browsers and possibly other applications.

Load More