UNITED STATES
×
Close
Lucian Constantin

Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

The Latest from Lucian
Void Balaur explained—a stealthy cyber mercenary group that spies on thousands
News Analysis

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands

REvil ransomware explained: A widespread extortion operation
Feature

REvil ransomware explained: A widespread extortion operation

The REvil group, a.k.a. Sodinokibi, re-victimizes its targets by threatening to release stolen data even after the initial ransom demand is paid.

Flaws in the Nucleus embedded TCP/IP stack puts critical systems at risk
News Analysis

Flaws in the Nucleus embedded TCP/IP stack puts critical systems at risk

The NUCLEUS:13 vulnerabilities can allow remote code execution or denial of service attacks. Billions of devices could be affected.

BusyBox flaws highlight need for consistent IoT updates
News Analysis

BusyBox flaws highlight need for consistent IoT updates

Some of the 14 vulnerabilities could result in remote code execution or denial of service attacks.

Update and isolate your Nagios servers now
News Analysis

Update and isolate your Nagios servers now

Recently discovered vulnerabilities in Nagios servers could give attackers broad access to systems and data if exploited.

Stealthy Trojan that roots Android devices makes its way on app stores
News Analysis

Stealthy Trojan that roots Android devices makes its way on app stores

The criminals behind the Trojan have placed fully functional utilities that carry malicious code on the Google Play store in a way that evades detection.

Conti ransomware explained: What you need to know about this aggressive criminal group
Feature

Conti ransomware explained: What you need to know about this aggressive criminal group

The Conti ransomware group is less likely to help victims restore encrypted files and more likely to leak exfiltrated data.

Russian cyberspies target cloud services providers and resellers to abuse delegated access
News Analysis

Russian cyberspies target cloud services providers and resellers to abuse delegated access

A new Microsoft advisory claims Russia's Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.

Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises
News Analysis

Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises

Researchers at Splunk outline a technique, pioneered by Salesforce, that could detect malicious activity in the software supply chain, but with some limitations.

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation
News Analysis

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

The attackers used the exploit to deploy a new remote shell Trojan called MysterySnail.

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan
News Analysis

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.

APT29 targets Active Directory Federation Services with stealthy backdoor
News Analysis

APT29 targets Active Directory Federation Services with stealthy backdoor

The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.

Load More
Popular Resources
See All