UNITED STATES
×
Close
Lucian Constantin

Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

The Latest from Lucian
7 PSD2 questions every CISO should be prepared to answer
Feature

7 PSD2 questions every CISO should be prepared to answer

Weakness in Zoom for macOS allows local attackers to hijack camera and microphone
News Analysis

Weakness in Zoom for macOS allows local attackers to hijack camera and microphone

Zoom's use of insecure system APIs allow attackers to elevate privileges as well.

What is WireGuard? Secure, simple VPN now part of Linux
Feature

What is WireGuard? Secure, simple VPN now part of Linux

The WireGuard VPN offers better performance and a simpler, effective approach to cryptography, and now it's built into Linux 5.6. Is it ready for the enterprise?

Attack campaign hits thousands of MS-SQL servers for two years
News

Attack campaign hits thousands of MS-SQL servers for two years

Newly discovered Vollgar attack uses brute force to infect vulnerable Microsoft SQL servers at a high rate.

Cybercriminal group mails malicious USB dongles to targeted companies
News Analysis

Cybercriminal group mails malicious USB dongles to targeted companies

Shown as a proof-of-concept in 2014, this is the first known use of the BadUSB exploit in the wild.

Chinese hacker group APT41 uses recent exploits to target companies worldwide
News Analysis

Chinese hacker group APT41 uses recent exploits to target companies worldwide

APT41 has compromised devices and applications from Cisco, Citrix and Zoho across many industries worldwide at a time when many companies are less able to respond.

COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale
Feature

COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale

A zero-trust model addresses many of the security concerns around supporting large numbers of remote workers, and new vendor free trials make fast deployment possible.

Credit card skimmers explained: How they work and how to protect yourself
Feature

Credit card skimmers explained: How they work and how to protect yourself

A card skimmer is a device designed to steal information stored on payment cards when consumers perform transactions at ATMs, gas pumps and other payment terminals. More recently, the use of the term has been extended to include...

New CPU attack technique can leak secrets from Intel SGX enclaves
News Analysis

New CPU attack technique can leak secrets from Intel SGX enclaves

The Load Value Injection attack can bypass security boundaries and mitigations put in place for other CPU vulnerabilities such as Spectre and Meltdown.

How Visa built its own container security solution
Feature

How Visa built its own container security solution

The homegrown solution takes advantage of the native capabilities that already exist on container orchestration platforms and is primarily built on top of open-source tools and libraries.

Intel CSME flaw is unpatchable, researchers warn
News Analysis

Intel CSME flaw is unpatchable, researchers warn

Researchers reveal that a previously known Intel flaw is unpatchable and could allow attackers to compromise the cryptographic chain of trust in Intel systems.

APIs are becoming a major target for credential stuffing attacks
News Analysis

APIs are becoming a major target for credential stuffing attacks

New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable.

Load More
Popular Resources
See All