Stories by Lucian Constantin

File-encrypting Android ransomware 'Simplocker' targets English-speaking users

By Lucian Constantin | 23 July, 2014 23:46

A ransomware threat that encrypts files stored on the SD memory cards of Android devices has been updated to target English-speaking users with FBI-themed alerts.

Tor Project working to fix weakness that can unmask users

By Lucian Constantin | 23 July, 2014 01:06

Developers of Tor software believe they've identified a weakness that was scheduled to be revealed at the Black Hat security conference next month that could be used to de-anonymize Tor users.

Open Wireless Router firmware aims for better router security, network performance

By Lucian Constantin | 22 July, 2014 03:58

Advocacy group the Electronic Frontier Foundation wants to address the poor security track record of home routers with a new firmware project that will encourage users to share their Internet connection publicly by setting up guest Wi-Fi networks.

Stealthy ransomware 'Critroni' uses Tor, could replace Cryptolocker

By Lucian Constantin | 22 July, 2014 01:14

Cybercriminals are spreading a new file-encrypting ransomware program that's more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice.

Home router security to be tested in upcoming hacking contest

By Lucian Constantin | 19 July, 2014 02:07

Researchers are gearing up to hack an array of different home routers during a contest next month at the Defcon 22 security conference.

Romanian gang used malware to defraud international money transfer firms

By Lucian Constantin | 18 July, 2014 23:55

Romanian and French authorities have dismantled a cybercriminal network that infected computers at money transfer outlets across Europe and used them to perform illegal transactions.

Emergency vBulletin patch fixes dangerous SQL injection vulnerability

By Lucian Constantin | 18 July, 2014 00:07

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate information stored in the databases of vBulletin-based sites.

Vulnerability exposes some Cisco home wireless devices to hacking

By Lucian Constantin | 17 July, 2014 22:13

Nine of Cisco's home and small office cable modems with router and wireless access point functionality need software updates to fix a critical vulnerability that could allow remote attackers to completely compromise them.

SSL Blacklist project exposes certificates used by malware

By Lucian Constantin | 17 July, 2014 01:16

Botnet tracking outfit Abuse.ch has launched a project to list SSL (Secure Sockets Layer) certificates used by some malware programs to hide their communications.

Overreliance on the NSA led to weak crypto standard, NIST advisers find

By Lucian Constantin | 16 July, 2014 03:05

The National Institute of Standards and Technology needs to hire more cryptographers and improve its collaboration with the industry and academia, reducing its reliance on the U.S. National Security Agency for decisions around cryptographic standards.

New banking malware 'Kronos' advertised on underground forums

By Lucian Constantin | 15 July, 2014 04:33 | 1 Comment

A new Trojan program designed to steal log-in credentials and other financial information from online banking websites is being advertised to cybercriminal groups on the underground market.

Future Java 7 security patches will work on Windows XP despite end of official support

By Lucian Constantin | 14 July, 2014 23:09

Oracle has dispelled rumors that the upcoming security update for Java 7 and those it will release in the future might not work on Windows XP.

Microsoft revokes trust in certificate authority operated by the Indian government

By Lucian Constantin | 12 July, 2014 03:04

Microsoft updated the Certificate Trust List in Windows to revoke trust for a certificate authority operated by the Indian government after it improperly issued at least 45 SSL certificates for domains owned by Google and Yahoo.

The Gameover Trojan program is back, with some modifications

By Lucian Constantin | 12 July, 2014 00:56

Cybercriminals are trying to create a new botnet based on what is likely a modification of Gameover Zeus, a sophisticated Trojan program whose command-and-control infrastructure was taken over by law enforcement agencies at the beginning of June.

Malware hidden in Chinese inventory scanners targeted logistics, shipping firms

By Lucian Constantin | 11 July, 2014 06:53

Financial and business information was stolen from several shipping and logistics firms by sophisticated malware hiding in inventory scanners manufactured by a Chinese company.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get powerful mobile security capabilities, and protect the data the various mobile devices inside your organization.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.