Lucian Constantin
CSO Senior Writer
Lucian Constantin writes about information security, privacy, and data protection for CSO.
Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
Cybersecurity researchers found risks in the GitHub Actions platform that could enable attackers to inject malicious code into software projects and initiate a supply chain attack.
What is Ransom Cartel? A ransomware gang focused on reputational damage
The group combines data encryption with data theft and threatens to release stolen information on their website. But Ransom Cartel ups its game by threatening to send sensitive information to victim’s partners, competitors, and news...
Here is why you should have Cobalt Strike detection in place
Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams. Cobalt Strike is among the attack frameworks used by red teams and cyber specialists should be on...
DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
The spear phishing group has revised its tactics and is employing more sophisticated techniques and tactics based on what appears to be extensive research into Facebook business and ads management accounts.
Online retailers should prepare for a holiday season spike in bot-operated attacks
On the naughty list this year are a host of bad actors employing a huge variety of different bot attacks that can have a big impact on retail websites. Fortunately, there are steps cybersecurity professionals can take to mitigate the...
Researchers show techniques for malware persistence on F5 and Citrix load balancers
Tests show that deploying malware in a persistent manner on load balancer firmware is within reach of less sophisticated attackers.
OpenSSL project patches two vulnerabilities but downgrades severity
The two vulnerabilities in OpenSSL 3.0 are now rated as high rather than critical severity after further testing.
With Conti gone, LockBit takes lead of the ransomware threat landscape
Two new reports show LockBit is now the dominate ransomware choice thanks to a void left by Conti and updated code.
Attackers switch to self-extracting password-protected archives to distribute email malware
This variation on an old technique does not require the victim to provide a password to execute the malware.
Supply chain attacks increased over 600% this year and companies are falling behind
Most companies believe they are using no open-source software libraries with known vulnerabilities, but new research finds them in 68% of selected enterprise applications.
New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants
Alchimist is easy to deploy and gives attackers a large suite of functionalities with which they can wreak havoc.