×
Close
Lucian Constantin

Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

The Latest from Lucian
What is adware? How it works and how to protect against it
Feature

What is adware? How it works and how to protect against it

OpenSSH to protect keys in memory against side-channel attacks
News

OpenSSH to protect keys in memory against side-channel attacks

The new OpenSSH patch makes it harder to execute attacks such as Spectre, Meltdown, Rowhammer and Rambleed.

New MongoDB field-level encryption can help prevent data breaches
News

New MongoDB field-level encryption can help prevent data breaches

MongoDB aims to prevent exposed data stores by encrypting data in a way that makes it useless if compromised.

Rowhammer variant RAMBleed allows attackers to steal secrets from RAM
News

Rowhammer variant RAMBleed allows attackers to steal secrets from RAM

Unlike Rowhammer, which only allows for data corruption, the newly discovered RAMBleed vulnerability provides a way to grab data such as encryption keys from memory.

From phish to network compromise in two hours: How Carbanak operates
News Analysis

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here's a detailed analysis by Bitdefender of an attack on one bank.

Phishing attacks that bypass 2-factor authentication are now easier to execute
News Analysis

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

Public SAP exploits could enable attacks against thousands of companies
News Analysis

Public SAP exploits could enable attacks against thousands of companies

A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances. Here's what companies using SAP should do.

Over 90% of data transactions on IoT devices are unencrypted
News

Over 90% of data transactions on IoT devices are unencrypted

A report from Zscaler reveals some troubling facts about the risks posed by network-connected IoT devices.

Microsoft urges Windows customers to patch wormable RDP flaw
News

Microsoft urges Windows customers to patch wormable RDP flaw

A newly found vulnerability allows remote exploits using the Remote Desktop Protocol to gain full access to systems with no authentication.

The second Meltdown: New Intel CPU attacks leak secrets
News

The second Meltdown: New Intel CPU attacks leak secrets

Intel has done some mitigations for these vulnerabilities that can leak secrets from virtual machines, secure enclaves and kernel memory. Here's how the attacks work.

New Intel firmware boot verification bypass enables low-level backdoors
News

New Intel firmware boot verification bypass enables low-level backdoors

By replacing a PC's SPI flash chip with one that contains rogue code, an attacker can can gain full, persistent access.

Researchers warn of unpatched vulnerability in Oracle WebLogic Server
News

Researchers warn of unpatched vulnerability in Oracle WebLogic Server

Detected scans suggest attacker are seeking vulnerable servers to target for attacks.

Load More
Popular Resources
See All