Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

OS X El Capitan installation

New Mac backdoor program steals keychain contents

Researchers have identified a new Mac backdoor program that's designed to steal credentials stored in the OS encrypted keychain and give attackers control over the system.

New Tor-powered backdoor malware targets Macs

Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network.

Apple fixes serious flaw in AirPort wireless routers

Apple has released firmware updates for its AirPort wireless base stations in order to fix a vulnerability that could put the devices at risk of hacking.

Legislation of privacy security keyboard law legal gavel

Celebrity hacker Guccifer's confession gives us all a lesson in security

A Romanian hacker known online as Guccifer pleaded guilty to hacking into 100 email and social media accounts belonging to American citizens, including former high-ranking government officials.

1 linkedin

A hacker is selling 167 million LinkedIn user records

A hacker is trying to sell a database dump containing account records for 167 million LinkedIn users.

OS X El Capitan installation

Apple patches vulnerable OS X Git version that put developers at risk

Apple has released a new version of its Xcode development tool in order to patch two critical vulnerabilities in the Git source code management client.

ransomwhere logo

This tool can block ransomware on Mac OS X, for now

A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.

OS X El Capitan installation

Outdated Git version in OS X puts developers at risk

The OS X command line developer tools include an old version of the Git source code management system that exposes Mac users to remote code execution attacks.

iPhone 5c

FBI reportedly bought exploit from hackers to access San Bernardino iPhone

The FBI reportedly paid professional hackers a one-time fee for a previously unknown vulnerability that allowed the agency to unlock the iPhone of San Bernardino shooter Syed Farook.

IPhone 6S launch in Palo Alto

Apple fixes iOS lock screen bypass that gives access to photos, contacts

Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.

Apple iPhone 5S (1)

Hackers can abuse the iOS mobile device management protocol to deliver malware

Researchers from Check Point Software Technologies found that the communication between MDM products and iOS devices is susceptible to man-in-the-middle attacks and can be hijacked to install malware on non-jailbroken devices.

Apple iPhone 5S (1)

Attackers exploit Apple DRM weakness to infect non-jailbroken iOS devices

Attackers are exploiting a weakness in Apple's digital rights management technology to install malicious apps on non-jailbroken iOS devices.

Digital Key, security, encryption

Mac ransomware KeRanger has flaws that could let users recover files

The KeRanger file-encrypting ransomware program for Mac OS X is based on Linux.Encoder and contains crypto flaws that could allow users to recover their files without paying cybercriminals.

Apple iPhone 5S (1)

Apple goofed in several ways in fight with FBI over data encryption, renowned cryptographer says

Adi Shamir, co-creator of the widely used RSA cryptographic algorithm, believes that Apple should have assisted the FBI in decrypting the iPhone of one of the San Bernardino shooters and choose to resist in a future situation.

Apple iPhone 5S (3)

Chinese devs abuse free Apple app-testing certs to install pirated apps

A Chinese iOS application recently found on Apple's official store contained hidden functionality that allowed users to install pirated apps on non-jailbroken devices, a technique that could also be leveraged by malware in the future.