Author Archives: Lucian Constantin

For months, a bug in Cloudflare’s content optimization systems exposed sensitive information sent by users to websites that use the company’s content delivery network. The data included passwords, session cookies, authentication tokens and even priv… Continue reading Cloudflare bug exposed passwords, other sensitive data from websites→

For months, a bug in Cloudflare’s content optimization systems exposed sensitive information sent by users to websites that use the company’s content delivery network. The data included passwords, session cookies, authentication tokens and even priv… Continue reading Cloudflare bug exposed passwords, other sensitive data from websites→

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be… Continue reading Stop using SHA1: It’s now completely unsafe→

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be… Continue reading Stop using SHA1: It’s now completely unsafe→

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely int… Continue reading Eleven-year-old root flaw found and patched in the Linux kernel→

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely int… Continue reading Eleven-year-old root flaw found and patched in the Linux kernel→

A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won’t be able to recover their files, even if they pay.Crypto ransomware programs for macOS are rare. This is the sec… Continue reading New macOS ransomware spotted in the wild→

A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won’t be able to recover their files, even if they pay.Crypto ransomware programs for macOS are rare. This is the sec… Continue reading New macOS ransomware spotted in the wild→

After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.The new security bulletin, identified as MS17-… Continue reading Microsoft pushes out critical Flash Player patches with one week delay→

After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.The new security bulletin, identified as MS17-… Continue reading Microsoft pushes out critical Flash Player patches with one week delay→