UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

The Latest from Lucian

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

News Analysis

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

The attackers used the exploit to deploy a new remote shell Trojan called MysterySnail.

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

News Analysis

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.

APT29 targets Active Directory Federation Services with stealthy backdoor

News Analysis

APT29 targets Active Directory Federation Services with stealthy backdoor

The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.

Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots

News Analysis

Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots

The automated bots are highly successful because they effectively emulate legitimate service providers.

Exchange Autodiscover feature can cause Outlook to leak credentials

News

Exchange Autodiscover feature can cause Outlook to leak credentials

A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. Here’s what companies can do now to...

APT actors exploit flaw in ManageEngine single sign-on solution

News Analysis

APT actors exploit flaw in ManageEngine single sign-on solution

US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.

How APTs become long-term lurkers: Tools and techniques of a targeted attack

News Analysis

How APTs become long-term lurkers: Tools and techniques of a targeted attack

A new McAfee report details the tools and techniques an APT group used to go undetected on a client network for over a year.

Critical flaw in Atlassian Confluence actively exploited

News

Critical flaw in Atlassian Confluence actively exploited

The remote code execution vulnerability was recently patched for affected versions of Atlassian Confluence Server and Data Center; users are advised to apply the patch or upgrade.

Cosmos DB users advised to regenerate their keys following serious vulnerability

News Analysis

Cosmos DB users advised to regenerate their keys following serious vulnerability

The Azure vulnerability, which affects only those using the Jupyter Notebook feature, gives attackers access to data in databases.

How ransomware runs the underground economy

Feature

How ransomware runs the underground economy

Ransomware gangs are adopting all the core elements of legitimate businesses—including defined staff roles, marketing plans, partner ecosystems, and even venture capital investments—and some hallmarks of more traditional criminal...

LockFile ransomware uses intermittent encryption to evade detection

News Analysis

LockFile ransomware uses intermittent encryption to evade detection

This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.

Load More

Popular Resources

White Paper

Cisco CX Cloud At-a-Glance
Video/Webcast
Sponsored

Cloud Economics with Google Cloud VMware Engine
eBook
Sponsored

Cloud Innovation: The Race Is On
eBook
Sponsored

Conversational Geek: AWS Data Protection
White Paper

U.S. IoT Connections, Particularly for 5G, Are Forecast for Strong Growth Through 2025

See All