Stories by Lucian Constantin

Hackers prey on Russian patriotism to grow the Kelihos botnet

By Lucian Constantin | 27 August, 2014 01:47

The cybercriminal gang behind the Kelihos botnet is tricking users into installing malware on their computers by appealing to pro-Russian sentiments stoked by recent international sanctions against the country.

Firefox OS to outdo Android on granular application permissions

By Lucian Constantin | 27 August, 2014 00:01

Future versions of the Firefox OS mobile platform will allow users to control application-specific permissions, a feature with both privacy and security benefits that's missing on Android.

Attack targets firms from the automobile industry in Europe

By Lucian Constantin | 25 August, 2014 21:35

Cybercriminals are using a new information-stealing malware program to target companies from the automobile industry in Europe, security researchers warned.

Startup builds intrusion prevention system for home networks

By Lucian Constantin | 18 August, 2014 02:42

At a time of growing concern about the security of interconnected devices in homes, a startup aims to provide consumers with a type of network security system traditionally used by businesses.

New Gameover Zeus botnet keeps growing, especially in the US

By Lucian Constantin | 15 August, 2014 02:21

Cybercriminals are in the process of rebuilding the Gameover Zeus (GOZ) botnet, which law enforcement authorities took over in June, and recent research suggests that they've had some success, especially in the U.S.

BlackBerry patches vulnerabilities in BlackBerry OS, enterprise server software

By Lucian Constantin | 14 August, 2014 03:14

BlackBerry's focus on strong security as a key differentiator for its devices does not mean that they're completely free of flaws. The company released security updates Tuesday for both the OS running on its smartphones and for its enterprise server software.

Users should patch critical flaw in Adobe Reader and Acrobat, researchers say

By Lucian Constantin | 13 August, 2014 23:20

Adobe Systems has released security patches for its Flash Player, Reader and Acrobat products, addressing a total of eight vulnerabilities, including one that is being exploited by attackers.

Fifteen new vulnerabilities reported during router hacking contest

By Lucian Constantin | 13 August, 2014 04:10

Routers appear to be as insecure as ever, after hackers successfully compromised five popular wireless models during a contest at the DefCon 22 security conference, reporting 15 new vulnerabilities to affected vendors.

Many home routers supplied by ISPs can be compromised en masse, researchers say

By Lucian Constantin | 10 August, 2014 23:33

Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.

Hacker coalition sets out to improve critical device security, challenges car makers

By Lucian Constantin | 10 August, 2014 03:11

A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in vehicles.

Payment cards with chips aren't perfect, so encrypt everything, experts say

By Lucian Constantin | 09 August, 2014 11:18

There's a push to adopt chip-equipped payment cards in the US following high-profile breaches at large retailers and restaurant chains during the past 12 months, but experts warn that switching to this payment system will not make fraud disappear.

Some mobile POS devices still affected by critical flaws months after patch

By Lucian Constantin | 08 August, 2014 13:08 | 2 Comments

Security researchers demonstrated Thursday flaws that can allow hackers to take over mobile point-of-sale (mPOS) devices from different manufacturers by inserting rogue cards into them.

Carriers' remote control software continues to put some mobile devices at risk

By Lucian Constantin | 08 August, 2014 01:38

Vulnerabilities found in remote management software that carriers insist be installed on smart phones and other mobile-enabled devices they sell are likely to put many devices at risk of compromise for some time to come.

Network-attached storage devices more vulnerable than routers, researcher finds

By Lucian Constantin | 07 August, 2014 11:05

A security review of network-attached storage (NAS) devices from multiple manufacturers revealed that they typically have more vulnerabilities than home routers, a class of devices known for poor security and vulnerable code.

Stealthy malware 'Poweliks' resides only in system registry

By Lucian Constantin | 05 August, 2014 01:47

A new malware program called Poweliks attempts to evade detection and analysis by running entirely from the system registry without creating files on disk, security researchers warn.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Business Continuity Management Solutions

Automate business-continuity and disaster-recovery planning and enable crisis management in one solution.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.