Lucian Constantin

Romania Correspondent

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

A free decryption tool is now available for all Bart ransomware versions

A free decryption tool is now available for all Bart ransomware versions

Antivirus vendor Bitdefender has released a free decryption tool that works for any files affected by the Bart ransomware.

UEFI flaws can be exploited to install highly persistent ransomware

UEFI flaws can be exploited to install highly persistent ransomware

A team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard's Unified Extensible Firmware Interface (UEFI).

Google's Android hacking contest fails to attract exploits

Google's Android hacking contest fails to attract exploits

Google offered to pay $200,000 to any researcher who could remotely hack into an Android device by knowing only the victim's phone number and email address. No one stepped up to the challenge for six months.

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.

Open-source developers targeted in sophisticated malware attack

Open-source developers targeted in sophisticated malware attack

Developers who publish their code on GitHub have been targeted in an attack campaign that uses a little known but potent cyberespionage malware.

VMware patches critical virtual machine escape flaws

VMware patches critical virtual machine escape flaws

VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines.

Trojan source code leak poised to spur new online banking attacks

Trojan source code leak poised to spur new online banking attacks

The source code for a new banking Trojan has been published online, offering an easy way for unskilled cybercriminals to launch potent malware attacks against users.

LastPass is scrambling to fix another serious vulnerability

LastPass is scrambling to fix another serious vulnerability

Developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or to infect computers with malware.

Apple: Macs and iPhones are safe from newly revealed CIA exploits

Apple: Macs and iPhones are safe from newly revealed CIA exploits

The Mac and iPhone exploits described in new documents attributed to the CIA were patched years ago, according to Apple.

To punish Symantec, Google may distrust a third of the web's SSL certificates

To punish Symantec, Google may distrust a third of the web's SSL certificates

Google plans to remove the extended validation (EV) status of any such certificates issued by Symantec and force the company to replace all of its customers' certificates.

Leaked iCloud credentials came from third parties, Apple says

Leaked iCloud credentials came from third parties, Apple says

The iCloud credentials that the Turkish Crime Family hacker group claims to have weren't obtained through a breach of the Apple's services.

Newly leaked documents show low-level CIA Mac and iPhone hacks

Newly leaked documents show low-level CIA Mac and iPhone hacks

The CIA has had tools to infect Apple Mac computers by connecting malicious Thunderbolt Ethernet adapters to them since 2012, according to new documents purported to be from the agency and published by WikiLeaks.

LastPass fixes serious password leak flaws

LastPass fixes serious password leak flaws

Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.

Hackers demand $150K ransom, threaten to wipe millions of Apple devices

Hackers demand $150K ransom, threaten to wipe millions of Apple devices

A group of hackers is threatening to wipe millions of iOS devices in two weeks if Apple doesn't pay them $150,000.

Flaws in Moodle CMS put thousands of e-learning websites at risk

Flaws in Moodle CMS put thousands of e-learning websites at risk

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.

 Pwn2Own ends with two virtual machine escapes

Pwn2Own ends with two virtual machine escapes

Two teams of researchers managed to win the biggest bounties at this year's Pwn2Own hacking contest by escaping from the VMware Workstation virtual machine and executing code on the host operating system.

US-CERT: Some HTTPS inspection tools could weaken security

US-CERT: Some HTTPS inspection tools could weaken security

Companies that use security products to inspect HTTPS traffic might inadvertently make their users' encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.

String of fileless malware attacks possibly tied to single hacker group

String of fileless malware attacks possibly tied to single hacker group

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools and fileless malware techniques, might be the work of a single group of hackers.

Unpatched vulnerability puts Ubiquiti networking products at risk

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.

Adobe Reader, Edge, Safari and Ubuntu fall in first day at Pwn2Own

Adobe Reader, Edge, Safari and Ubuntu fall in first day at Pwn2Own

During the first day of the Pwn2Own hacking contest, security researchers successfully demonstrated exploits against Microsoft Edge, Apple's Safari, Adobe Reader and Ubuntu Desktop.

Load More