Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

20151005 cisco hq sign 100620823 orig

Cisco patches critical flaw in Prime Home device management server

Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.

wordpress

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system intentionally delayed announcing that a recent patch fixed a severe vulnerability.

chain security stock

In treason case, Russia alleges security experts aided U.S.

Two officers of the Russian Federal Security Service, the FSB, and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for allegedly helping U.S. intelligence services.

code hacker cyberespionage eye data

Mobile security firm offers cash to hackers for their old exploits

Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.

netgear r8500 AC5300 Nighthawk X8

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

It has taken Netgear over half-a-year to identify router models vulnerable to a serious authentication bypass vulnerability and to release patches for them.

Digital Key encryption

Ransomware disrupts Washington DC's CCTV system

Around 70 percent of police cameras in Washington D.C. were reportedly unable to record footage for several days before President Trump's inauguration due to a ransomware attack.

security hacker privacy

Five arrested for hacking into ATMs and stealing $3.2 million

Law enforcement authorities from Europe and Asia have dismantled a cybercriminal group that specialized in hacking into automated teller machine (ATMs).

chromelogo

Cisco starts patching critical flaw in WebEx browser extension

Cisco Systems has patched a critical vulnerability in its WebEx collaboration and conferencing extension for Google Chrome and is working on similar patches for the Internet Explorer and Firefox versions.

keyboard user security

AI-based typing biometrics might be authentication's next big thing

Thanks to advances in artificial intelligence identifying people based on how they type can now be done with a very high level of accuracy, making it a viable replacement for other forms of authentication on the Web.

Gmail Google Mail

Gmail will block JavaScript attachments, a common source of malware

Starting February 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years.

fence prison jail

Kaspersky Lab employee reportedly arrested in Russia on treason charges

One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason.

Android apps (2)

Google pushed developers to fix security flaws in 275,000 Android apps

Over the past two years, Google has convinced developers to patch security issues in over 275,000 Android apps hosted on its official app store.

20160225 stock mwc ericsson booth security locks

Encrypted email service ProtonMail is now accessible over Tor

The creators of encrypted email service ProtonMail have set up a server that's only accessible over the Tor anonymity network as a way to fight possible censorship attempts in some countries.

malware attack cyberespionage code hacker

Attackers start wiping data from CouchDB and Hadoop databases

Researchers are reporting data wiping attacks hitting openly accessible Hadoop and CouchDB deployments.

facebook stock headquarters building

Failure to patch known ImageMagick flaw for months costs Facebook $40k

Facebook paid a $40,000 reward to a researcher after he warned the company that its servers were vulnerable to an exploit that had been known for months.