Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

Spying digital

Report: NSA broke into UN video teleconferencing system

The U.S. National Security Agency reportedly cracked the encryption used by the video teleconferencing system at the United Nations headquarters in New York City.

on techhive.com

New digitally signed Mac malware confuses users with right-to-left file name tricks

The malware is digitally signed and is probably used in targeted attacks, researchers from F-Secure said.

LinkedIn outage prompts security concerns

LinkedIn's domain name was temporarily redirected to a third-party server Thursday, which resulted in a service outage and potentially put user accounts at risk of compromise.

on techhive.com

Researchers find more versions of digitally signed Mac OS X spyware

Security researchers have identified multiple samples of the recently discovered "KitM" spyware for Mac OS X, including one dating back to December 2012 and targeting German-speaking users.

Developer-signed Mac spyware found on Angolan activist's computer

Previously unknown Mac OS X spyware, signed with a valid Apple Developer ID, has turned up on the laptop of an activist from Angola at a human rights conference in Norway.

Adobe releases critical security updates for Reader, Flash Player and ColdFusion

Adobe has released scheduled security updates for its Reader, Acrobat, Flash Player and ColdFusion products on Tuesday in order to fix many critical vulnerabilities, including one that is already actively exploited by attackers.

Adobe warns customers of unpatched critical flaw in ColdFusion

Adobe has warned users of its ColdFusion application server platform of a critical vulnerability that could give unauthorized users access to sensitive files stored on their servers.

java

Websense: Most Java-enabled browsers vulnerable to widespread Java exploits

Most browser installations use outdated versions of the Java plug-in that are vulnerable to at least one of several exploits currently used in popular Web attack toolkits, according to statistics published by security vendor Websense.

on pcworld.com

Adobe releases emergency patches for Reader and Acrobat

Adobe released emergency patches for Adobe Reader and Acrobat 11, 10, and 9 Wednesday that address two critical vulnerabilities being actively exploited by attackers.

Researchers: Surveillance malware distributed via Flash Player exploit

Political activists from the Middle East were targeted in attacks that exploited a previously unknown Flash Player vulnerability to install a so-called lawful interception program designed for law enforcement use, security researchers from antivirus vendor Kaspersky Lab said Tuesday.

on pcworld.com

FCC issues security guidance to smartphone users

The U.S. Federal Communications Commission is advising smartphone users on how to protect their mobile devices and data from mobile security threats.

on techhive.com

Adobe bolsters security in Reader, Acrobat XI with added features

Adobe provides a closer look a the improved sandbox in the recently launched Adobe Reader and Adobe Acrobat XI aimed at making the products harder to attack and exploit.

Researchers: Steam URL protocol can be abused to exploit game vulnerabilities

Attackers can trick gamers into opening malicious steam:// URLs that exploit security issues in games to execute malicious code.

Mozilla releases Firefox 16.0.1 to address four vulnerabilities

Mozilla released Firefox 16.0.1 on Thursday in order to fix a publicly disclosed vulnerability and three other security flaws identified after the release of Firefox 16.

Facebook's phone search can be abused to find people's numbers, researchers say

Attackers can abuse Facebook's phone search feature to find valid phone numbers and the name of their owners, according to security researchers.

on techhive.com