Lucian Constantin

Romania Correspondent

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Google pushed developers to fix security flaws in 275,000 Android apps

Encrypted email service ProtonMail is now accessible over Tor

Encrypted email service ProtonMail is now accessible over Tor

The creators of encrypted email service ProtonMail have set up a server that's only accessible over the Tor anonymity network as a way to fight possible censorship attempts in some countries.

Attackers start wiping data from CouchDB and Hadoop databases

Attackers start wiping data from CouchDB and Hadoop databases

Researchers are reporting data wiping attacks hitting openly accessible Hadoop and CouchDB deployments.

Failure to patch known ImageMagick flaw for months costs Facebook $40k

Failure to patch known ImageMagick flaw for months costs Facebook $40k

Facebook paid a $40,000 reward to a researcher after he warned the company that its servers were vulnerable to an exploit that had been known for months.

Oracle patches raft of vulnerabilities in business applications

Oracle patches raft of vulnerabilities in business applications

Oracle released its first batch of security patches this year fixing 270 vulnerabilities, mostly in business-critical applications.

Sensitive access tokens and keys found in hundreds of Android apps

Sensitive access tokens and keys found in hundreds of Android apps

A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that around 2,500 had API keys and access tokens for third-party services hard-coded into them.

Critical flaw lets hackers take control of Samsung SmartCam cameras

Critical flaw lets hackers take control of Samsung SmartCam cameras

The popular Samsung SmartCam security cameras contain a critical remote code execution vulnerability that could allow hackers to gain root access and take full control of them.

After MongoDB, ransomware groups hit exposed Elasticsearch clusters

After MongoDB, ransomware groups hit exposed Elasticsearch clusters

After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the Internet and are not properly secured.

GoDaddy revokes nearly 9,000 SSL certificates issued without proper validation

GoDaddy revokes nearly 9,000 SSL certificates issued without proper validation

GoDaddy, one of the world's largest domain registrars and certificate authorities, revoked almost 9,000 SSL certificates this week after it learned that its domain validation system has had a serious bug for the past five months.

Professionally designed ransomware Spora might be the next big thing

Professionally designed ransomware Spora might be the next big thing

Security researchers have found a new very well designed ransomware program dubbed Spora that can perform strong offline file encryption and brings several innovations to the ransom payments model.

Adobe patches critical flaws in Flash Player, Reader and Acrobat

Adobe patches critical flaws in Flash Player, Reader and Acrobat

Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.

Microsoft releases one of its smallest monthly security patch bundles

Microsoft releases one of its smallest monthly security patch bundles

Microsoft has released one of its smallest monthly patch bundles ever, with only three vulnerabilities fixed across its entire product portfolio.

Load More