Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

DNSSEC explained: Why you might want to implement it on your domain

Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers

Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers

The vulnerability can also affect Windows systems. A patch is available, but will require manual testing and deployment.

What is DevSecOps? Why it's hard to do well

What is DevSecOps? Why it's hard to do well

DevSecOps is about introducing security earlier in the life cycle of application development, thus minimizing vulnerabilities and bringing security closer to IT and business objectives.

11 top DEF CON and Black Hat talks of all time

11 top DEF CON and Black Hat talks of all time

Hacker summer camp is almost upon us again. Here are some of the best talks of all time. Will this year's virtual talks measure up to these legends?

Twitter VIP account hack highlights the danger of insider threats

Twitter VIP account hack highlights the danger of insider threats

The account compromise raises questions about Twitter's controls. Experts weigh in on best practices for mitigating risk from malicious or accidental insider threats.

Wormable DNS flaw endangers all Windows servers

Wormable DNS flaw endangers all Windows servers

The SIGRed vulnerability can spread malware across a network without user interaction. Microsoft has issued an urgent patch.

Google Cloud steps up security and compliance for applications, government

Google Cloud steps up security and compliance for applications, government

New Google Cloud offerings Confidential VMs and Assured Workloads for Government provide in-process data encryption and the ability to restrict storage locations, respectively.

Critical flaw allows hackers to breach SAP systems with ease

Critical flaw allows hackers to breach SAP systems with ease

SAP NetWeaver Application Server Java vulnerability can be exploited without authentication and lead to complete system takeover. Patch now.

Privilege escalation explained: Why these flaws are so valuable to hackers

Privilege escalation explained: Why these flaws are so valuable to hackers

Attackers use privilege escalation flaws to gain access to systems and applications. Patching and monitoring are the most important ways to stop them.

Vulnerable drivers can enable crippling attacks against ATMs and POS systems

Vulnerable drivers can enable crippling attacks against ATMs and POS systems

Newly discovered vulnerabilities could allow more persistent and destructive attacks on popular models of ATM and POS devices.

Critical flaws in embedded TCP/IP library impact millions of IoT devices across industries

Critical flaws in embedded TCP/IP library impact millions of IoT devices across industries

The memory corruption flaws exist in a wide range of commercial and consumer devices, and can allow full takeover of them.

Enterprise internet attack surface is growing, report shows

Enterprise internet attack surface is growing, report shows

Attackers are taking advantage of the COVID-19 crisis to exploit pre-existing and newly introduced vulnerabilities across a wide range of attack points.

Load More