Lucian Constantin

Romania Correspondent

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

Open-source developers targeted in sophisticated malware attack

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

Java and Python FTP attacks can punch holes through firewalls

Java and Python FTP attacks can punch holes through firewalls

The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks

Attackers start wiping data from CouchDB and Hadoop databases

Attackers start wiping data from CouchDB and Hadoop databases

Researchers are reporting data wiping attacks hitting openly accessible Hadoop and CouchDB deployments.

Physical RAM attack can root Android and possibly other devices

Physical RAM attack can root Android and possibly other devices

Researchers have devised a way to fully compromise Android devices without exploiting any software vulnerability

Security software that uses 'code hooking' opens the door to hackers

Security software that uses 'code hooking' opens the door to hackers

Code-hooking techniques used by security, performance, virtualization and other types of programs to monitor third-party processes have introduced vulnerabilities that hackers can exploit.

Google fixes over 100 flaws in Android, many in chipset drivers

Google fixes over 100 flaws in Android, many in chipset drivers

Manufacturers can choose between two patch levels, one dedicated to device-specific fixes

Severe flaws in widely used archive library put many projects at risk

Severe flaws in widely used archive library put many projects at risk

Researchers from Cisco Systems' Talos group found three severe flaws in libarchive that could impact a large number of software products and their users.

JS email attachments may carry potent ransomware

JS email attachments may carry potent ransomware

Attackers are infecting computers with a new ransomware program called RAA that's written entirely in JavaScript and locks users' files using strong encryption.

Outdated Git version in OS X puts developers at risk

Outdated Git version in OS X puts developers at risk

Git 2.6.4, shipped with Apple's command line developer tools, has two serious vulnerabilities

Three-year-old IBM patch for critical Java flaw is broken

Three-year-old IBM patch for critical Java flaw is broken

Security researchers have found that a patch released by IBM three years ago for a critical vulnerability in its own Java implementation is ineffective and can be easily bypassed to exploit the flaw again.

Two-year-old Java flaw re-emerges due to broken patch

Two-year-old Java flaw re-emerges due to broken patch

A two-year-old vulnerability in Java can still be exploited in the latest versions, according to security researchers

Load More