Stories by Lucian Constantin

PHP.net maintainers to reset user passwords, change SSL certificate

The PHP Group will reset the passwords for accounts on php.net, the official website of the PHP programming language, and will change the site's SSL certificate after attackers compromised two servers and injected malicious code into the website.

Written by Lucian Constantin25 Oct. 13 16:05

PHP.net compromised and used to attack visitors

Visitors to the official website for the PHP programming language over the past couple of days might have had their computers infected with malware.

Written by Lucian Constantin25 Oct. 13 00:07

Cisco fixes serious security flaws in networking, communications products

Cisco Systems released software security updates Wednesday to address denial-of-service and arbitrary command execution vulnerabilities in several products, including a known flaw in the Apache Struts development framework used by some of them.

Written by Lucian Constantin24 Oct. 13 13:06

Flash Player now sandboxed under Safari on Mac OS X

Adobe has worked with Apple to sandbox Flash Player under Safari in Mac OS X, restricting the ability of attackers to exploit any vulnerabilities they might find in the browser plug-in.

Written by Lucian Constantin23 Oct. 13 23:00

Application-layer DDoS attacks are becoming increasingly sophisticated

The number of DDoS (distributed denial-of-service) attacks that target weak spots in Web applications in addition to network services has risen during the past year and attackers are using increasingly sophisticated methods to bypass defenses, according to DDoS mitigation experts.

Written by Lucian Constantin22 Oct. 13 15:51

Hackers steal customer information from PR Newswire

Hackers managed to steal a database containing customer credentials and contact information from PR Newswire, a major press release distribution service that's used by tens of thousands of companies and public relations agencies.

Written by Lucian Constantin17 Oct. 13 13:51

Lavabit briefly allowing users to recover their data

Former users of the Lavabit encrypted email service that was shut down in August are being temporarily allowed to change their passwords and download copies of their data.

Written by Lucian Constantin15 Oct. 13 13:32

D-Link to padlock router backdoor by Halloween

D-Link will address by the end of October a security issue in some of its routers that could allow attackers to change the device settings without requiring a username and password.

Written by Lucian Constantin15 Oct. 13 07:20

NSA surveillance revelations prompt EFF resignation from Global Network Initiative

The reported participation of technology companies in the U.S. National Security Agency's surveillance programs has prompted digital rights watchdog the Electronic Frontier Foundation to resign from the Global Network Initiative, a multistakeholder group whose members include Google, Microsoft, Yahoo and Facebook and whose stated mission is to advance privacy and freedom of expression online.

Written by Lucian Constantin11 Oct. 13 15:26