Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

chromelogo

Cisco starts patching critical flaw in WebEx browser extension

Cisco Systems has patched a critical vulnerability in its WebEx collaboration and conferencing extension for Google Chrome and is working on similar patches for the Internet Explorer and Firefox versions.

keyboard user security

AI-based typing biometrics might be authentication's next big thing

Thanks to advances in artificial intelligence identifying people based on how they type can now be done with a very high level of accuracy, making it a viable replacement for other forms of authentication on the Web.

Gmail Google Mail

Gmail will block JavaScript attachments, a common source of malware

Starting February 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years.

fence prison jail

Kaspersky Lab employee reportedly arrested in Russia on treason charges

One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason.

Android apps (2)

Google pushed developers to fix security flaws in 275,000 Android apps

Over the past two years, Google has convinced developers to patch security issues in over 275,000 Android apps hosted on its official app store.

20160225 stock mwc ericsson booth security locks

Encrypted email service ProtonMail is now accessible over Tor

The creators of encrypted email service ProtonMail have set up a server that's only accessible over the Tor anonymity network as a way to fight possible censorship attempts in some countries.

malware attack cyberespionage code hacker

Attackers start wiping data from CouchDB and Hadoop databases

Researchers are reporting data wiping attacks hitting openly accessible Hadoop and CouchDB deployments.

facebook stock headquarters building

Failure to patch known ImageMagick flaw for months costs Facebook $40k

Facebook paid a $40,000 reward to a researcher after he warned the company that its servers were vulnerable to an exploit that had been known for months.

20151027 oracle cloud on building 100625234 orig

Oracle patches raft of vulnerabilities in business applications

Oracle released its first batch of security patches this year fixing 270 vulnerabilities, mostly in business-critical applications.

Digital Key encryption

Sensitive access tokens and keys found in hundreds of Android apps

A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that around 2,500 had API keys and access tokens for third-party services hard-coded into them.

Samsung SmartCam snh 1011

Critical flaw lets hackers take control of Samsung SmartCam cameras

The popular Samsung SmartCam security cameras contain a critical remote code execution vulnerability that could allow hackers to gain root access and take full control of them.

security code big data cyberespionage byte

After MongoDB, ransomware groups hit exposed Elasticsearch clusters

After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the Internet and are not properly secured.

godaddy office

GoDaddy revokes nearly 9,000 SSL certificates issued without proper validation

GoDaddy, one of the world's largest domain registrars and certificate authorities, revoked almost 9,000 SSL certificates this week after it learned that its domain validation system has had a serious bug for the past five months.

Digital Key encryption

Professionally designed ransomware Spora might be the next big thing

Security researchers have found a new very well designed ransomware program dubbed Spora that can perform strong offline file encryption and brings several innovations to the ransom payments model.

microsoft headquarters

Microsoft releases one of its smallest monthly security patch bundles ever

Microsoft has released one of its smallest monthly patch bundles ever, with only three vulnerabilities fixed across its entire product portfolio.